last executing test programs:

38.836853304s ago: executing program 2 (id=414):
r0 = fsopen(&(0x7f0000000080)='mqueue\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000001d40)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xaei\xb6\xb7\xc1Y\xd5YG\xf9\xc2\xf1\xa4\xdb$\xf6]\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\x03\x00\x00\x00\x00\x00\x00\x00\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^W\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B\xc5\x05\x9d\xd6\x02|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3q\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^\x00\x00\x00\x00\x00\x00\x00\x00\x00\xef\xcd\xd3\t\x01A\xd5\x81\xc1;9\xeez\xba\x00\x00\x00\xdc\x94\xff)\xa4\xe6\xfb]\x90bG\x11\b\x98#\xaa99ez|\x8b5\x92\xa5\xba\x96\xb3\xb26I\xbb\xdeb\x95?\xc0\x81', &(0x7f0000000200)='sockfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000007c0)='\xd5@=\b\a:\x993\x00', &(0x7f0000000600)='dU|\xcbM\xe6\x91q\b', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='kfree\x00'}, 0x18)
close(r0)

38.70509956s ago: executing program 2 (id=418):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00')
pread64(r0, &(0x7f0000002180)=""/4105, 0x1009, 0x0)

38.586972635s ago: executing program 2 (id=423):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000280)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8f7ffffb702000008000000b703000000000000a5000000eeffffff95"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
setitimer(0x2, 0x0, 0x0)

38.453000081s ago: executing program 2 (id=425):
r0 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f00000000c0)=""/99, &(0x7f0000000140)=0x63)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x4098884, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000440)={'syz_tun\x00', 0x101})
sendto$inet6(r2, &(0x7f0000000040), 0x3000, 0x0, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000300)={0x0, 0xffffff29, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000001}, 0x0)
r6 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x0)
r8 = openat$cgroup_subtree(r7, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
write$cgroup_subtree(r8, &(0x7f00000001c0)={[{0x2b, 'cpu'}]}, 0x5)
lseek(r8, 0x79b, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x4}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @objref={{0xb}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_OBJREF_IMM_NAME={0x9, 0x2, 'syz1\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)
openat$cgroup_ro(r4, &(0x7f0000000180)='blkio.bfq.io_merged\x00', 0x0, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r9}, 0x18)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
add_key$keyring(&(0x7f0000000200), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0x0)
open_by_handle_at(r4, &(0x7f0000000080)=ANY=[@ANYRESHEX=r4], 0x100)

38.326244976s ago: executing program 2 (id=429):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x54, 0x1, [@m_ife={0x50, 0x1, 0x0, 0x0, {{0x8}, {0x28, 0x2, 0x0, 0x1, [@TCA_IFE_TYPE={0x6, 0x5, 0x4}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x401, 0x5, 0x6, 0x4e, 0x7}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000220000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYRESOCT=r0], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0xfffffffffffffffc}, 0x18)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000005c0)={0x0, 0xffffffffffffffff, 0x0, 0x31, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r3, 0x400448cb, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x35, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4, 0x0, 0x4}, 0x18)
bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)

38.266343609s ago: executing program 2 (id=431):
r0 = fsopen(&(0x7f00000000c0)='mqueue\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x3, 0x20000000000002a5, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r2, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r0, 0x0, 0x0)
fchdir(r3)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x82400, 0x185)
lseek(r4, 0xfffffffff7ffffff, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r7, 0xa02000000000000, 0x60, &(0x7f0000000540)={'filter\x00', 0xb001, 0x4, 0x3c8, 0x110, 0x1f8, 0x2e0, 0x2e0, 0x2e0, 0x2e0, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4, 0xffffffff}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x3, 0x7, 0x3}}}, {{@arp={@broadcast, @multicast2, 0x0, 0x0, 0xe, 0x10, {@mac=@broadcast, {[0x0, 0x0, 0xff, 0xff, 0xff]}}, {@empty, {[0xff, 0xff, 0xff, 0xff, 0xff]}}, 0x2, 0x3, 0x4, 0x8, 0x81, 0xf9, 'veth0_to_batadv\x00', 'caif0\x00', {0xff}, {0xff}, 0x0, 0x10c}, 0xc0, 0xe8}, @unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00', 0x0, {0x1000}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001812", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x200, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x4, 0x4, 0x538, 0xffffffff, 0x398, 0xe8, 0x398, 0xfeffffff, 0xffffffff, 0x468, 0x468, 0x468, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffffff, 0xff000000, 0xff, 0xffffff00], [0xffffff00, 0xffffffff, 0xff000000, 0xffffffff], 'hsr0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [0xff], [0x0, 0x0, 0xff000000], 'sit0\x00', 'batadv_slave_1\x00', {}, {}, 0x0, 0x0, 0x6}, 0x0, 0x270, 0x2b0, 0x0, {}, [@common=@srh1={{0x90}, {0x2, 0xe, 0x6, 0x5, 0x9, @remote, @local, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, [0x0, 0xff, 0xffffff00, 0xffffff00], [0xff, 0xffffff00, 0xff, 0xffffff00], [0x0, 0xffffffff, 0x0, 0xff], 0x4000, 0x11}}, @common=@rt={{0x138}, {0x401, [0xfffffffe], 0x1, 0x2, 0x3, [@remote, @empty, @remote, @remote, @remote, @mcast1, @mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @empty, @mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, @remote, @rand_addr=' \x01\x00', @mcast1, @private1={0xfc, 0x1, '\x00', 0x1}], 0x9}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x1, {0x2000010}}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x598)

23.243048475s ago: executing program 32 (id=431):
r0 = fsopen(&(0x7f00000000c0)='mqueue\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x3, 0x20000000000002a5, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r2, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r0, 0x0, 0x0)
fchdir(r3)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x82400, 0x185)
lseek(r4, 0xfffffffff7ffffff, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r7, 0xa02000000000000, 0x60, &(0x7f0000000540)={'filter\x00', 0xb001, 0x4, 0x3c8, 0x110, 0x1f8, 0x2e0, 0x2e0, 0x2e0, 0x2e0, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4, 0xffffffff}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x3, 0x7, 0x3}}}, {{@arp={@broadcast, @multicast2, 0x0, 0x0, 0xe, 0x10, {@mac=@broadcast, {[0x0, 0x0, 0xff, 0xff, 0xff]}}, {@empty, {[0xff, 0xff, 0xff, 0xff, 0xff]}}, 0x2, 0x3, 0x4, 0x8, 0x81, 0xf9, 'veth0_to_batadv\x00', 'caif0\x00', {0xff}, {0xff}, 0x0, 0x10c}, 0xc0, 0xe8}, @unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00', 0x0, {0x1000}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001812", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x200, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x4, 0x4, 0x538, 0xffffffff, 0x398, 0xe8, 0x398, 0xfeffffff, 0xffffffff, 0x468, 0x468, 0x468, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffffff, 0xff000000, 0xff, 0xffffff00], [0xffffff00, 0xffffffff, 0xff000000, 0xffffffff], 'hsr0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [0xff], [0x0, 0x0, 0xff000000], 'sit0\x00', 'batadv_slave_1\x00', {}, {}, 0x0, 0x0, 0x6}, 0x0, 0x270, 0x2b0, 0x0, {}, [@common=@srh1={{0x90}, {0x2, 0xe, 0x6, 0x5, 0x9, @remote, @local, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, [0x0, 0xff, 0xffffff00, 0xffffff00], [0xff, 0xffffff00, 0xff, 0xffffff00], [0x0, 0xffffffff, 0x0, 0xff], 0x4000, 0x11}}, @common=@rt={{0x138}, {0x401, [0xfffffffe], 0x1, 0x2, 0x3, [@remote, @empty, @remote, @remote, @remote, @mcast1, @mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @empty, @mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, @remote, @rand_addr=' \x01\x00', @mcast1, @private1={0xfc, 0x1, '\x00', 0x1}], 0x9}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x1, {0x2000010}}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x598)

1.995861923s ago: executing program 3 (id=1128):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
setitimer(0x0, 0x0, 0x0)

1.973867223s ago: executing program 3 (id=1129):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x25, 0x0, 0x3, 0xfffffffe}, {0x1d}]})

1.904290847s ago: executing program 3 (id=1131):
r0 = fsopen(&(0x7f00000000c0)='mqueue\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x3, 0x20000000000002a5, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r2, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r0, 0x0, 0x0)
fchdir(r3)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x82400, 0x185)
lseek(r4, 0xfffffffff7ffffff, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r7, 0xa02000000000000, 0x60, &(0x7f0000000540)={'filter\x00', 0xb001, 0x4, 0x3c8, 0x110, 0x1f8, 0x2e0, 0x2e0, 0x2e0, 0x2e0, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4, 0xffffffff}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x3, 0x7, 0x3}}}, {{@arp={@broadcast, @multicast2, 0x0, 0x0, 0xe, 0x10, {@mac=@broadcast, {[0x0, 0x0, 0xff, 0xff, 0xff]}}, {@empty, {[0xff, 0xff, 0xff, 0xff, 0xff]}}, 0x2, 0x3, 0x4, 0x8, 0x81, 0xf9, 'veth0_to_batadv\x00', 'caif0\x00', {0xff}, {0xff}, 0x0, 0x10c}, 0xc0, 0xe8}, @unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00', 0x0, {0x1000}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x200, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x10)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r10, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x4, 0x4, 0x400, 0xffffffff, 0x398, 0xe8, 0x398, 0xfeffffff, 0xffffffff, 0x468, 0x468, 0x468, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffffff, 0xff000000, 0xff, 0xffffff00], [0xffffff00, 0xffffffff, 0xff000000, 0xffffffff], 'hsr0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [0xff], [0x0, 0x0, 0xff000000], 'sit0\x00', 'batadv_slave_1\x00', {}, {}, 0x0, 0x0, 0x6}, 0x0, 0x138, 0x178, 0x0, {}, [@common=@srh1={{0x90}, {0x2, 0xe, 0x6, 0x5, 0x9, @remote, @local, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, [0x0, 0xff, 0xffffff00, 0xffffff00], [0xff, 0xffffff00, 0xff, 0xffffff00], [0x0, 0xffffffff, 0x0, 0xff], 0x4000, 0x11}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x1, {0x2000010}}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x460)

1.204846977s ago: executing program 5 (id=1144):
r0 = socket$kcm(0xa, 0x922000000003, 0x11)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000640)=@l2tp6={0xa, 0x0, 0x8, @mcast1, 0x3, 0xffffffff}, 0x80, &(0x7f0000001880)=[{&(0x7f0000000600)="f4000900062b2c25fe80000000000000dc8b850f238466cc00007a000000ad6f911b51430437121d", 0x28}], 0x1}, 0x0)

1.182340068s ago: executing program 5 (id=1145):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x5f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r0)
sendmsg$NFC_CMD_DEP_LINK_UP(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd7000fbdbdf250400000005000a0000000000080001"], 0x3c}, 0x1, 0x0, 0x0, 0x26040041}, 0x40)

1.15146762s ago: executing program 5 (id=1146):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @remote, 'geneve0\x00'}}, 0x1e)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
connect$pppoe(r1, &(0x7f0000000040)={0x18, 0x0, {0x0, @empty, 'netpci0\x00'}}, 0x1e)

1.13262625s ago: executing program 4 (id=1147):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @remote, 'geneve0\x00'}}, 0x1e)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
connect$pppoe(r1, &(0x7f0000000040)={0x18, 0x0, {0x0, @empty, 'netpci0\x00'}}, 0x1e)

1.13237805s ago: executing program 5 (id=1148):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x5f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r0)
sendmsg$NFC_CMD_DEP_LINK_UP(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd7000fbdbdf250400000005000a0000000000080001"], 0x3c}, 0x1, 0x0, 0x0, 0x26040041}, 0x40) (fail_nth: 1)

1.13217671s ago: executing program 0 (id=1149):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0xc0ed4040, &(0x7f00000002c0)={[{@commit={'commit', 0x3d, 0x4}}, {@nobarrier}, {@barrier}, {@nobh}, {@grpjquota_path={'grpjquota', 0x3d, './file3'}}, {@mb_optimize_scan}, {@data_writeback}, {@nodioread_nolock}]}, 0x0, 0x47b, &(0x7f0000001000)="$eJzs3M9vFFUcAPDvTLel5YdFxB8gaBWMxB8tLT/kYGI0mnjQaKIHjKe6LQQpYKAmQoiiB4zxYEi8G48m/gWe9GLUk4lXvBsSYriAntbMzgxtl93S0m13cT+fZNj3Zqa89503b/vmvd0G0LNGsn+SiI0RcTkihiOi0njCSP5y49r56j/XzleTqNXe+juJNCKuXztfLf6L+pbZkO+o1Yr8uiblXnw3YnJmZvp0kR+bPfHB2Jmz5549dmLy6PTR6ZMThw7t37dz4ODEgbbEmcV1ffvHp3Zse/WdS69XD19679fvs/puLI6XcbTTSH51m3qi3YV12KZ56aTSwYqwLFm79Rfb5RiOvhi6eWw4Xvmso5UDVlul2e/nwoUa8D+WDdSBXlT+os+ef8ttjcYdXeHqi/mERxb3jWLLj1Tq8xtRPBttWqXyByPi8IV/v8m2WKV5CACA+X7Mxj/PNBv/pfHAvPPuKdZQNkfEvRGxJSLui4itEXF/RP3cByPioWWW37hCcuv4J72yIFvrW2YJi8vGf88Xa1sLx3/l6C829xW5TfX4+5Mjx2am9xbXZE/0r8vy4wt+ZKGfXv7jq8Z9XxbT7CPzxn/ZlpW/MML0SuME3dTk7OTKI89d/TRie6VZ/MnNdcAkIrZFxPY7LOPYU9/taHWsWfzlWPi22rDOVPs24sm8/S9EQ/ylpOX65PhzBycOjA3GzPTesfKuuNVvv198s1X5K4q/DbL2X9/0/s/jz54Rk8GIM2fPHa+v1565g0L+/LyatDi09bbx33r/V3dHDCRv19MD5VnF60DyWvYyVO7/aHJ29vTE3M+W+frreB7/nl1z8U/GXP/fkj+e1a/EwxGR3cQ7I+KRiHi0aLvHIuLxiNi1SPi/vLT7/VbHWrf/IrPybZTFP7VI+2dveVlqrv2Xn+g7/vMPrcqvLan999dTe4o9S3n/W2oFV3LtAAAA4G6R1j8Dn6SjN9NpOjqaf4Z/a6xPKxHx9JFTH56cyj8rvzn603Kma3jefOh4MTdc5ica8vuKeeOv+4bq+dHqqZmpTgcPPW5Di/6f+au9Sy1AN/J9Lehd+j/0Lv0fepf+D73rhU5XAOiMgea7P1nregAdsfzx/+Cq1ANYe57/oXfp/9C79H/oSS2/G5+u6Cv/d2ui0h3VaJoY6o5qlIlIu6Ia7Uu88UXeJbqlPmWisuQ/ZnGHiXVND3X6nQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA9/gsAAP//ySHaEw==")
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='debugfs\x00', 0x0, 0x0)
r0 = inotify_init1(0x80800)
inotify_add_watch(r0, &(0x7f00000000c0)='./file0\x00', 0x6400000c)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x481, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000180)='./file2\x00', 0xa00010, &(0x7f00000001c0), 0x21, 0x4bf, &(0x7f00000009c0)="$eJzs3U9vVF0ZAPDn3nbon7fv26Is1KggomgIM+0AlbDCjcYQEiNx5QJqOzRNZzpNZ4q0sijfwUQSV7rwA7gwcWHCyr073bnBhQkq0VATF2PmzhQKnSlF2s6b3t8vObn33DOd5zyd3HPaM+2cAHLrXERsRcSpiLgXEZPd60m3xM1OaT/u5YtH89svHs0n0Wrd+UeStbevxa6vafuo+5yjEfGD70b8ONkbt7GxuTxXrVbWuvVSs7ZaamxsXl6qzS1WFisr5fLszOz09SvXyoeW69nab55/Z+nWD3//uy89++PWN3/a7tZEt213Hoepk3rhVZy24Yi4dRTBBmCom8+pQXeE/0saEZ+JiPPZ/T8ZQ9mrCQCcZK3WZLQmd9cBgJMuzdbAkrQYUeicp2mx2FnDOxPjabXeaF66X19fWeislU1FIb2/VK1Md9cKp6KQtOsz2fnrevmt+pWIOB0RPxsZy+rF+Xp1YZA/+ABAjn30ev7P3gv490hn/gcATrjRQXcAADh25n8AyB/zPwDkj/kfAPLH/A8A+WP+B4D8Mf8DQK58//btdmltdz//euHBxvpy/cHlhUpjuVhbny/O19dWi4v1+mL2mT21dz1ftV5fnbka6w9LzUqjWWpsbN6t1ddXmnezz/W+WykcS1YAwH5On3365yQitm6MZSV27eVgroaTLR10B4CBGRp0B4CBsdsX5Jff8YEeW/S+ofMnQmN7G54cTX+Ao3fx89b/Ia+s/0N+Wf+H/LL+D/nVaiX2/AeAnLHGDxzs/f8evP8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAjk1kJUmL3b3AJyJNi8WIjyNiKgrJ/aVqZToiPomIP40URtr1mUF3GgD4QOnfku7+XxcnL0y83Xoq+c9IdoyIn/zizs8fzjWbazPt6//sXP/WWMST7vXyIPoPAHk09F6P3pmnd+bxHS9fPJrfKYffx/6ef7uzuWg77na3dFqGYzg7jkYhIsb/lXTrHcl7Z97b1uOI+Fyv/JNsbWSqu/Pp2/HbsT8+1vjpG/HTrK1zbH8vPnsIfYG8edoef272uv/SOJcde9//o9kI9eF2xr/tPeNf+mr8G+oz/p07SICxX0dc/cP3+sZ/HPGF4V7xk1fxkz7xLxwwx7988cvn+7W1fhlxMXrH3x2r1Kytlhobm5eXanOLlcXKSrk8OzM7ff3KtXIpW6Mu7axU7/X3G5c+2S//8T7xR9+R/9cOmP+v/nvvR1/ZJ/43vtr79T+zT/z2nPj1A8afG/9t3+272/EX+uT/rtf/0gHjP/vr5sIBHwoAHIPGxubyXLVaWRv0yU6HPi39ceIk1yeDHZeAo/f6ph90TwAAAAAAAAAAAAAAgH6O49+JBp0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ9f/AgAA//9gOtV4")
chown(&(0x7f0000000100)='./file1\x00', 0xee01, 0x0)

912.00294ms ago: executing program 1 (id=1150):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={<r2=>0xffffffffffffffff}, 0x111, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000340)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x100, @empty, 0x5}, {0xa, 0x4e24, 0x8, @empty, 0x81}, r2, 0xb}}, 0x48)
write$RDMA_USER_CM_CMD_DESTROY_ID(r1, &(0x7f0000000f80)={0x1, 0x10, 0xfa00, {&(0x7f00000001c0), r2}}, 0x18)

894.714271ms ago: executing program 5 (id=1151):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
setitimer(0x0, 0x0, 0x0)

894.3761ms ago: executing program 1 (id=1152):
r0 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f00000000c0)=""/99, &(0x7f0000000140)=0x63)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r1}, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000040), 0x3000, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
r4 = openat$cgroup_subtree(r3, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
write$cgroup_subtree(r4, &(0x7f00000001c0)={[{0x2b, 'cpu'}]}, 0x5)

882.653231ms ago: executing program 3 (id=1153):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r0, &(0x7f0000000100)={0x14})
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
write$cgroup_subtree(r0, 0x0, 0x280)
r1 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f0000001640)=ANY=[@ANYBLOB="00020201"], 0x18)
r2 = creat(&(0x7f0000000000)='./file1\x00', 0x0)
fallocate(r2, 0x0, 0x9, 0x2000403)
ioctl$SIOCGETMIFCNT_IN6(r2, 0x89e0, &(0x7f0000000080)={0x1})
ioctl$FS_IOC_GETFSUUID(r0, 0x80111500, &(0x7f00000000c0))
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000840), 0x81, r3}, 0x38)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f00000003c0)=ANY=[@ANYRESDEC=0x0, @ANYRESDEC=0x0, @ANYRES32=r2, @ANYRES16=r0, @ANYRES16=r0, @ANYRESHEX=r3, @ANYRESHEX, @ANYRESHEX=r2, @ANYRESOCT=r3], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
r5 = fsopen(&(0x7f0000000080)='mqueue\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000040)='\x00', &(0x7f00000001c0)='dE\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000280)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf1<e\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xad\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\x8cU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^', &(0x7f00000000c0)='dE\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f00000007c0)='\xd5@=\b\a:\x993\x00', &(0x7f0000000600)='dU|\xcbM\xe6\x91q\b', 0x0)
close(r5)

850.302993ms ago: executing program 5 (id=1154):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)
r1 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r1, &(0x7f0000000540)="900000001c001f4d154a817393278bff0a80a57802000000e503740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e00a2c5fed0759cb068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cef7cff81d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x10, 0xc, &(0x7f0000000240)=ANY=[@ANYRESHEX, @ANYRES16=r0, @ANYRESDEC=r0, @ANYBLOB="5e044bb79f70f1"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/26], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1, 0x7, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000008f0b000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000001c0000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000900)=r3, 0x4)
socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r4, &(0x7f00000000c0)={&(0x7f0000001340)=@pptp={0x18, 0x2, {0x3, @dev={0xac, 0x14, 0x14, 0x43}}}, 0x80, &(0x7f0000002540)=[{&(0x7f00000006c0)='v', 0x1}], 0x1}, 0x0)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f00000004c0)={0x0, 0x7ce}, &(0x7f0000000500)=0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000540)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x42, 0x61)
syz_emit_ethernet(0x3b6, &(0x7f00000013c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaabb86dd60122d9203803afffe8000000000000000000000000000bb20010000000000000000000000000000860090780003f5000000000000000000000aa78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af180222010000000500000000260004001818fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af0d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978001d06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000180b17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f0032107000000ffffff00000000000200000000000000000001000000008879e66485201a0015ca8374000000000000000000000000000000000000145e14f0e7e72d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fa632dbf04542188b196e213408c0305d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02a326a6bce65f81ed00000017b6e0f839e03949625aba79bf974ab6ee3d109bfe24944398d8cc49f4cbedf0dae243b664acbea8d01cb4c7a70b2111909dd847ded7b50565b87599329ae146d5de1c57e130e57eb62e0bacb799eb7cfae3a462584aa5ffa9d37ed39b9f7ad50fc006ebff98077dd9d8e5fce6b28517007b5d36ce47e1b5e1ed8484143aeecffc3e7cf5da39aa38fa9d261cfc589384f6d4bd40ac686de9d9681fa76b92336903f6af5f9965829653befc97ea9f480e1e57d02627f3cecc23adc2a76823a13d66aff61dca1e4099750118"], 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r6, &(0x7f0000004200)='t', 0x1)
sendfile(r6, r5, 0x0, 0x3ffff)
sendfile(r6, r5, 0x0, 0x7ffff000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r7 = socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x1, 0x2, 0xc}, {0x2, 0x5}], 0x10, 0x8}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
close(r9)
recvmsg$unix(r8, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)}, 0x0)
setsockopt$sock_attach_bpf(r7, 0x84, 0x10, &(0x7f0000000000), 0x8)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000080)={'batadv0\x00'})

809.407315ms ago: executing program 1 (id=1155):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)

806.052185ms ago: executing program 4 (id=1156):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='kfree\x00', r1, 0x0, 0x8}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x810}, 0x40404)
sendmsg$NFT_BATCH(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}}, 0x0)

738.189137ms ago: executing program 1 (id=1157):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x1bc, 0x19, 0x1, 0x0, 0x1, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x800}, 0x200, 0x0, 0x0, 0x0, 0x1}, [@tmpl={0x104, 0x5, [{{@in=@local, 0x0, 0x33}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, {{@in6=@remote, 0x0, 0x3c}, 0x0, @in6=@dev}, {{@in=@loopback, 0x0, 0x6c}, 0x0, @in=@broadcast}, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x3c}, 0xa, @in6=@private0, 0x0, 0x5}]}]}, 0x1bc}, 0x1, 0x0, 0x0, 0x1}, 0x4000) (fail_nth: 2)

652.081361ms ago: executing program 4 (id=1158):
r0 = open(&(0x7f0000000000)='./bus\x00', 0x40, 0x170)
fgetxattr(r0, &(0x7f00000003c0)=@known='security.selinux\x00', 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x1bc, 0x19, 0x1, 0x0, 0x1, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x800}, 0x200, 0x0, 0x0, 0x0, 0x1}, [@tmpl={0x104, 0x5, [{{@in=@local, 0x0, 0x33}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, {{@in6=@remote, 0x0, 0x3c}, 0x0, @in6=@dev}, {{@in=@loopback, 0x0, 0x6c}, 0x0, @in=@broadcast}, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x3c}, 0xa, @in6=@private0, 0x0, 0x5}]}]}, 0x1bc}, 0x1, 0x0, 0x0, 0x1}, 0x4000)

542.973807ms ago: executing program 4 (id=1159):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @remote, 'geneve0\x00'}}, 0x1e)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
connect$pppoe(r1, &(0x7f0000000040)={0x18, 0x0, {0x0, @empty, 'netpci0\x00'}}, 0x1e)

513.090757ms ago: executing program 1 (id=1160):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x13c, 0x19, 0x1, 0x0, 0x1, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x800}, 0x200, 0x0, 0x0, 0x0, 0x1}, [@tmpl={0x84, 0x5, [{{@in=@local, 0x0, 0x33}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, {{@in=@loopback, 0x0, 0x6c}, 0x0, @in=@broadcast}]}]}, 0x13c}, 0x1, 0x0, 0x0, 0x1}, 0x4000)

415.025632ms ago: executing program 4 (id=1161):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x1bc, 0x19, 0x1, 0x0, 0x1, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x800}, 0x200, 0x0, 0x0, 0x0, 0x1}, [@tmpl={0x104, 0x5, [{{@in=@local, 0x0, 0x33}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, {{@in6=@remote, 0x0, 0x3c}, 0x0, @in6=@dev}, {{@in=@loopback, 0x0, 0x6c}, 0x0, @in=@broadcast}, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x3c}, 0xa, @in6=@private0, 0x0, 0x5}]}]}, 0x1bc}, 0x1, 0x0, 0x0, 0x1}, 0x4000)

382.004103ms ago: executing program 1 (id=1162):
syz_mount_image$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x208a022, 0x0, 0x2, 0x0, &(0x7f0000000080))
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
r1 = dup(r0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x4, 0x0, 0x0, 0x1b, "0062ba7d820700000000000000000000096304"})
r2 = syz_open_pts(r0, 0x80)
ioctl$TCSETS(r0, 0x5402, &(0x7f00000000c0)={0x8000, 0x8, 0x6, 0xffffffed, 0x1, "135825f1a6c51de48aaf7b2ce6252f0b5add77"})
dup3(r2, r0, 0x80000)
read(r0, &(0x7f00000005c0)=""/228, 0xe4)
write$binfmt_script(r1, &(0x7f0000000100)={'#! ', './file0'}, 0xb) (async)
write$binfmt_script(r1, &(0x7f0000000100)={'#! ', './file0'}, 0xb)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r4}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r4}, 0x10)
pidfd_send_signal(0xffffffffffffffff, 0x28, 0x0, 0x0) (async)
pidfd_send_signal(0xffffffffffffffff, 0x28, 0x0, 0x0)

333.787056ms ago: executing program 4 (id=1163):
r0 = fsopen(&(0x7f00000000c0)='mqueue\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x3, 0x20000000000002a5, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r2, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r0, 0x0, 0x0)
fchdir(r3)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x82400, 0x185)
lseek(r4, 0xfffffffff7ffffff, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r7, 0xa02000000000000, 0x60, &(0x7f0000000540)={'filter\x00', 0xb001, 0x4, 0x3c8, 0x110, 0x1f8, 0x2e0, 0x2e0, 0x2e0, 0x2e0, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4, 0xffffffff}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x3, 0x7, 0x3}}}, {{@arp={@broadcast, @multicast2, 0x0, 0x0, 0xe, 0x10, {@mac=@broadcast, {[0x0, 0x0, 0xff, 0xff, 0xff]}}, {@empty, {[0xff, 0xff, 0xff, 0xff, 0xff]}}, 0x2, 0x3, 0x4, 0x8, 0x81, 0xf9, 'veth0_to_batadv\x00', 'caif0\x00', {0xff}, {0xff}, 0x0, 0x10c}, 0xc0, 0xe8}, @unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00', 0x0, {0x1000}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x200, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x10)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r10, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x4, 0x4, 0x400, 0xffffffff, 0x398, 0xe8, 0x398, 0xfeffffff, 0xffffffff, 0x468, 0x468, 0x468, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffffff, 0xff000000, 0xff, 0xffffff00], [0xffffff00, 0xffffffff, 0xff000000, 0xffffffff], 'hsr0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [0xff], [0x0, 0x0, 0xff000000], 'sit0\x00', 'batadv_slave_1\x00', {}, {}, 0x0, 0x0, 0x6}, 0x0, 0x138, 0x178, 0x0, {}, [@common=@srh1={{0x90}, {0x2, 0xe, 0x6, 0x5, 0x9, @remote, @local, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, [0x0, 0xff, 0xffffff00, 0xffffff00], [0xff, 0xffffff00, 0xff, 0xffffff00], [0x0, 0xffffffff, 0x0, 0xff], 0x4000, 0x11}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x1, {0x2000010}}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x460)

302.782157ms ago: executing program 3 (id=1164):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
setitimer(0x0, 0x0, 0x0)

301.831037ms ago: executing program 0 (id=1165):
r0 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f00000000c0)=""/99, &(0x7f0000000140)=0x63)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r1}, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000040), 0x3000, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
r4 = openat$cgroup_subtree(r3, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
write$cgroup_subtree(r4, &(0x7f00000001c0)={[{0x2b, 'cpu'}]}, 0x5)

217.431041ms ago: executing program 0 (id=1166):
r0 = socket$kcm(0xa, 0x922000000003, 0x11)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000640)=@l2tp6={0xa, 0x0, 0x8, @mcast1, 0x3, 0xffffffff}, 0x80, &(0x7f0000001880)=[{&(0x7f0000000600)="f4000900062b2c25fe80000000000000dc8b850f238466cc00007a000000ad6f911b51430437121d", 0x28}], 0x1}, 0x0)

180.683282ms ago: executing program 0 (id=1167):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/key-users\x00', 0x0, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
sendfile(r1, r0, &(0x7f0000000000)=0x9, 0x100)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, r1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000160008000000000000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0xfffffffffffffe9b)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="e30000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$cgroup_pressure(r1, &(0x7f0000000500)={'some', 0x20, 0xb2, 0x20, 0x3}, 0x2f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r6 = syz_io_uring_setup(0x4b6, &(0x7f0000000100)={0x0, 0x0, 0x400, 0x0, 0x20e}, &(0x7f0000ff0000), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f0000000040)=[{0x0}, {0x0}], 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r6, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000400)=[{0x6, 0x1, 0x2, 0x7fff7ffc}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x3}, 0x18)
select(0x40, &(0x7f0000000080)={0x9, 0xc962, 0x3, 0x4, 0x1000, 0xe8, 0x2, 0x1}, 0x0, 0x0, 0x0)
r7 = open(&(0x7f0000000400)='./file0\x00', 0x64842, 0x2)
pwritev2(r7, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)

120.242104ms ago: executing program 0 (id=1168):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='kfree\x00', r1, 0x0, 0x8}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x810}, 0x40404)
sendmsg$NFT_BATCH(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}}, 0x0)

84.884926ms ago: executing program 0 (id=1169):
r0 = accept4$vsock_stream(0xffffffffffffffff, &(0x7f00000000c0)={0x28, 0x0, 0xffffffff, @local}, 0x10, 0x80800)
setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f0000000140)='wg1\x00', 0x4)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r1)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x10, &(0x7f0000000280)=[@in={0x2, 0x4e24, @private=0xa010100}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r3=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)='F', 0x1}], 0x1, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0xc, 0x0, 0x28, 0x200000b, r3}}], 0x20, 0x2400e044}, 0x0)
r4 = gettid()
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffff]}, 0x0, 0x0, 0x8)
timer_create(0x2, &(0x7f0000000180)={0x0, 0x4, 0x4, @tid=r4}, &(0x7f0000000140)=<r5=>0x0)
timer_settime(r5, 0xe54aef35e9c2845d, &(0x7f000006b000)={{0x77359400}, {0x0, 0x9}}, 0x0)
timer_delete(r5)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000280)={r3, 0x5, 0x4}, 0x8)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r7, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x1, 0x803, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
unshare(0x2c020400)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1900000004000000040000000100000000000000", @ANYBLOB], 0x48)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r9, 0x0}, 0x20)
r10 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r10, &(0x7f0000000000)=@in6={0x21, 0x0, 0x2, 0x18, {0xa, 0x4e20, 0x9, @dev={0xfe, 0x80, '\x00', 0x2f}, 0x401}}, 0x2e)
socket$netlink(0x10, 0x3, 0x0)
r11 = socket(0x10, 0x803, 0x8)
sendmsg$IPVS_CMD_SET_INFO(r11, &(0x7f0000000180)={0x0, 0x57, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x91d055389c0f2502}, 0x0)

0s ago: executing program 3 (id=1170):
r0 = socket$kcm(0xa, 0x922000000003, 0x11)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000640)=@l2tp6={0xa, 0x0, 0x8, @mcast1, 0x3, 0xffffffff}, 0x80, &(0x7f0000001880)=[{&(0x7f0000000600)="f4000900062b2c25fe80000000000000dc8b850f238466cc00007a000000ad6f911b51430437121d", 0x28}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

0x7ffc0000
[   61.700822][   T29] audit: type=1326 audit(1764806294.710:3743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4402 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   61.728331][   T29] audit: type=1326 audit(1764806294.710:3744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4402 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   61.757580][   T29] audit: type=1326 audit(1764806294.710:3745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4402 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   61.797121][ T4404] loop0: detected capacity change from 0 to 512
[   61.823443][ T4392] loop3: detected capacity change from 0 to 2048
[   61.854257][ T4404] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   61.897165][ T4392] EXT4-fs: Ignoring removed bh option
[   61.949035][ T4404] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[   62.003117][ T4392] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   62.047921][ T4404] EXT4-fs (loop0): 1 truncate cleaned up
[   62.064829][ T4404] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.261598][ T4389] loop4: detected capacity change from 0 to 1024
[   62.269143][ T4389] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   62.325357][ T4435] loop2: detected capacity change from 0 to 2048
[   62.386282][ T4441] FAULT_INJECTION: forcing a failure.
[   62.386282][ T4441] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   62.402142][ T4441] CPU: 1 UID: 0 PID: 4441 Comm: syz.1.344 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   62.402173][ T4441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   62.402237][ T4441] Call Trace:
[   62.402245][ T4441]  <TASK>
[   62.402253][ T4441]  __dump_stack+0x1d/0x30
[   62.402342][ T4441]  dump_stack_lvl+0xe8/0x140
[   62.402369][ T4441]  dump_stack+0x15/0x1b
[   62.402387][ T4441]  should_fail_ex+0x265/0x280
[   62.402411][ T4441]  should_fail+0xb/0x20
[   62.402430][ T4441]  should_fail_usercopy+0x1a/0x20
[   62.402456][ T4441]  _copy_from_user+0x1c/0xb0
[   62.402518][ T4441]  ___sys_sendmsg+0xc1/0x1d0
[   62.402563][ T4441]  __x64_sys_sendmsg+0xd4/0x160
[   62.402598][ T4441]  x64_sys_call+0x17ba/0x3000
[   62.402638][ T4441]  do_syscall_64+0xd8/0x2a0
[   62.402688][ T4441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.402716][ T4441] RIP: 0033:0x7f93ecbdf749
[   62.402794][ T4441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.402873][ T4441] RSP: 002b:00007f93eb63f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   62.402897][ T4441] RAX: ffffffffffffffda RBX: 00007f93ece35fa0 RCX: 00007f93ecbdf749
[   62.402913][ T4441] RDX: 000000000000ff4c RSI: 0000200000000000 RDI: 0000000000000005
[   62.402935][ T4441] RBP: 00007f93eb63f090 R08: 0000000000000000 R09: 0000000000000000
[   62.402949][ T4441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   62.403016][ T4441] R13: 00007f93ece36038 R14: 00007f93ece35fa0 R15: 00007ffcf12e60e8
[   62.403106][ T4441]  </TASK>
[   62.600678][ T4435] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   62.721929][  T839] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   62.755799][  T839] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[   62.770379][  T839] EXT4-fs (loop3): This should not happen!! Data will be lost
[   62.770379][  T839] 
[   62.781315][  T839] EXT4-fs (loop3): Total free blocks count 0
[   62.788569][  T839] EXT4-fs (loop3): Free/Dirty block details
[   62.795385][  T839] EXT4-fs (loop3): free_blocks=2415919104
[   62.802272][  T839] EXT4-fs (loop3): dirty_blocks=32
[   62.807978][  T839] EXT4-fs (loop3): Block reservation details
[   62.815483][  T839] EXT4-fs (loop3): i_reserved_data_blocks=2
[   62.826853][ T3328] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.838892][ T2892] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 18 with max blocks 8 with error 28
[   62.948154][ T4461] __nla_validate_parse: 1 callbacks suppressed
[   62.948173][ T4461] netlink: 4 bytes leftover after parsing attributes in process `syz.4.352'.
[   62.975250][ T4461] netlink: 4 bytes leftover after parsing attributes in process `syz.4.352'.
[   62.988526][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.160761][ T4478] loop3: detected capacity change from 0 to 128
[   63.197989][ T4471] loop1: detected capacity change from 0 to 8192
[   63.218242][ T4471] msdos: Unknown parameter 'A'
[   63.290845][ T4490] netlink: 96 bytes leftover after parsing attributes in process `syz.4.364'.
[   63.303633][ T4464] netlink: 12 bytes leftover after parsing attributes in process `syz.1.355'.
[   63.312834][ T4464] netlink: 12 bytes leftover after parsing attributes in process `syz.1.355'.
[   63.359893][ T4496] loop0: detected capacity change from 0 to 128
[   63.377884][ T4496] 9pnet_fd: Insufficient options for proto=fd
[   63.390963][ T4494] netlink: 96 bytes leftover after parsing attributes in process `syz.1.366'.
[   63.437548][ T4487] loop2: detected capacity change from 0 to 2048
[   63.458671][ T4487] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   63.529234][ T4506] loop1: detected capacity change from 0 to 128
[   63.540430][ T4506] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   63.559677][ T4506] ext4 filesystem being mounted at /82/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   63.607333][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.620109][ T4506] IPv6: NLM_F_CREATE should be specified when creating new route
[   63.629611][ T4506] EXT4-fs error (device loop1): htree_dirblock_to_tree:1080: inode #2: block 4: comm syz.1.369: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1
[   63.675143][ T4506] EXT4-fs error (device loop1): htree_dirblock_to_tree:1080: inode #2: block 4: comm syz.1.369: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1
[   63.723554][ T3320] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   63.825539][ T4527] netlink: 4 bytes leftover after parsing attributes in process `syz.2.379'.
[   63.995368][ T4547] loop1: detected capacity change from 0 to 512
[   64.011501][ T4538] loop4: detected capacity change from 0 to 2048
[   64.021633][ T4547] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   64.043675][ T4547] ext4 filesystem being mounted at /88/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   64.077447][ T4538] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   64.092222][ T4547] EXT4-fs error (device loop1): ext4_do_update_inode:5628: inode #2: comm syz.1.387: corrupted inode contents
[   64.113587][ T4547] EXT4-fs error (device loop1): ext4_dirty_inode:6513: inode #2: comm syz.1.387: mark_inode_dirty error
[   64.125685][ T4547] EXT4-fs error (device loop1): ext4_do_update_inode:5628: inode #2: comm syz.1.387: corrupted inode contents
[   64.141800][ T4547] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.387: mark_inode_dirty error
[   64.211848][ T3329] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.267313][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.294645][ T4566] FAULT_INJECTION: forcing a failure.
[   64.294645][ T4566] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   64.308100][ T4566] CPU: 0 UID: 0 PID: 4566 Comm: syz.3.395 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   64.308127][ T4566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   64.308140][ T4566] Call Trace:
[   64.308147][ T4566]  <TASK>
[   64.308156][ T4566]  __dump_stack+0x1d/0x30
[   64.308243][ T4566]  dump_stack_lvl+0xe8/0x140
[   64.308271][ T4566]  dump_stack+0x15/0x1b
[   64.308294][ T4566]  should_fail_ex+0x265/0x280
[   64.308323][ T4566]  should_fail+0xb/0x20
[   64.308429][ T4566]  should_fail_usercopy+0x1a/0x20
[   64.308460][ T4566]  _copy_from_user+0x1c/0xb0
[   64.308495][ T4566]  ___sys_sendmsg+0xc1/0x1d0
[   64.308545][ T4566]  __x64_sys_sendmsg+0xd4/0x160
[   64.308646][ T4566]  x64_sys_call+0x17ba/0x3000
[   64.308678][ T4566]  do_syscall_64+0xd8/0x2a0
[   64.308752][ T4566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.308794][ T4566] RIP: 0033:0x7fc63df2f749
[   64.308814][ T4566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.308840][ T4566] RSP: 002b:00007fc63c997038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   64.308865][ T4566] RAX: ffffffffffffffda RBX: 00007fc63e185fa0 RCX: 00007fc63df2f749
[   64.308995][ T4566] RDX: 0000000000000000 RSI: 0000200000000500 RDI: 0000000000000008
[   64.309008][ T4566] RBP: 00007fc63c997090 R08: 0000000000000000 R09: 0000000000000000
[   64.309021][ T4566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   64.309034][ T4566] R13: 00007fc63e186038 R14: 00007fc63e185fa0 R15: 00007fff97f336c8
[   64.309124][ T4566]  </TASK>
[   64.374813][ T4570] netlink: 72 bytes leftover after parsing attributes in process `syz.1.396'.
[   64.531495][ T4570] loop1: detected capacity change from 0 to 512
[   64.546563][ T4570] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -13
[   64.623098][ T4570] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #13: comm syz.1.396: iget: bad i_size value: 12154757448730
[   64.712843][ T4570] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.396: couldn't read orphan inode 13 (err -117)
[   64.761431][ T4570] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   64.838839][ T4587] loop0: detected capacity change from 0 to 2048
[   64.888029][ T4587] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   64.973384][ T4601] loop3: detected capacity change from 0 to 512
[   65.006124][ T4603] FAULT_INJECTION: forcing a failure.
[   65.006124][ T4603] name failslab, interval 1, probability 0, space 0, times 0
[   65.020582][ T4603] CPU: 0 UID: 0 PID: 4603 Comm: syz.4.409 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   65.020616][ T4603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   65.020633][ T4603] Call Trace:
[   65.020641][ T4603]  <TASK>
[   65.020650][ T4603]  __dump_stack+0x1d/0x30
[   65.020674][ T4603]  dump_stack_lvl+0xe8/0x140
[   65.020719][ T4603]  dump_stack+0x15/0x1b
[   65.020740][ T4603]  should_fail_ex+0x265/0x280
[   65.020770][ T4603]  should_failslab+0x8c/0xb0
[   65.020798][ T4603]  kmem_cache_alloc_noprof+0x50/0x480
[   65.020825][ T4603]  ? prepare_creds+0x39/0x550
[   65.020959][ T4603]  prepare_creds+0x39/0x550
[   65.020980][ T4603]  selinux_lsm_setattr+0x1a4/0x660
[   65.021025][ T4603]  selinux_setselfattr+0x33/0x50
[   65.021052][ T4603]  security_setselfattr+0x22a/0x260
[   65.021106][ T4603]  __x64_sys_lsm_set_self_attr+0x51/0x60
[   65.021149][ T4603]  x64_sys_call+0x106c/0x3000
[   65.021173][ T4603]  do_syscall_64+0xd8/0x2a0
[   65.021250][ T4603]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.021278][ T4603] RIP: 0033:0x7fc85ee8f749
[   65.021296][ T4603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.021388][ T4603] RSP: 002b:00007fc85d8ef038 EFLAGS: 00000246 ORIG_RAX: 00000000000001cc
[   65.021408][ T4603] RAX: ffffffffffffffda RBX: 00007fc85f0e5fa0 RCX: 00007fc85ee8f749
[   65.021592][ T4603] RDX: 0000000000000020 RSI: 0000200000000180 RDI: 0000000000000065
[   65.021608][ T4603] RBP: 00007fc85d8ef090 R08: 0000000000000000 R09: 0000000000000000
[   65.021622][ T4603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   65.021635][ T4603] R13: 00007fc85f0e6038 R14: 00007fc85f0e5fa0 R15: 00007ffffff3c138
[   65.021660][ T4603]  </TASK>
[   65.023771][ T3328] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.079075][ T4601] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   65.296251][ T4601] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[   65.320096][ T4610] loop4: detected capacity change from 0 to 2048
[   65.357514][ T4472]  loop4: p1 < > p4
[   65.372104][ T4472] loop4: p4 size 8388608 extends beyond EOD, truncated
[   65.395429][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.427142][ T4610]  loop4: p1 < > p4
[   65.450350][ T4610] loop4: p4 size 8388608 extends beyond EOD, truncated
[   65.477823][ T4627] loop0: detected capacity change from 0 to 128
[   65.523945][ T3010]  loop4: p1 < > p4
[   65.533538][ T4601] EXT4-fs (loop3): 1 truncate cleaned up
[   65.540435][ T3010] loop4: p4 size 8388608 extends beyond EOD, truncated
[   65.561722][ T4601] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   65.570462][ T4472] udevd[4472]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   65.601879][ T3646] udevd[3646]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   65.630097][ T4472] udevd[4472]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   65.642878][ T3646] udevd[3646]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   65.691549][ T3646] udevd[3646]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   65.695328][ T4640] netlink: 96 bytes leftover after parsing attributes in process `syz.2.425'.
[   65.704380][ T4472] udevd[4472]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   65.802243][ T4645] netlink: 'syz.1.427': attribute type 21 has an invalid length.
[   65.814348][ T4645] netlink: 152 bytes leftover after parsing attributes in process `syz.1.427'.
[   65.842167][ T4645] netlink: 'syz.1.427': attribute type 21 has an invalid length.
[   65.862886][ T4650] loop4: detected capacity change from 0 to 1024
[   65.884327][ T4650] EXT4-fs: Ignoring removed orlov option
[   65.903243][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.903713][ T4650] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.124466][ T3329] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.308001][ T4675] loop3: detected capacity change from 0 to 2048
[   66.336972][ T4675] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   66.390223][ T4677] loop4: detected capacity change from 0 to 2048
[   66.438929][ T4677] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   66.482494][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.519299][ T4693] loop1: detected capacity change from 0 to 2048
[   66.601441][ T3329] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.611609][ T3646]  loop1: p1 < > p4
[   66.625682][ T3646] loop1: p4 size 8388608 extends beyond EOD, truncated
[   66.655856][ T4693]  loop1: p1 < > p4
[   66.663677][ T4693] loop1: p4 size 8388608 extends beyond EOD, truncated
[   66.696916][ T3010]  loop1: p1 < > p4
[   66.713184][ T3010] loop1: p4 size 8388608 extends beyond EOD, truncated
[   66.759088][ T4712] loop4: detected capacity change from 0 to 128
[   66.794623][   T29] kauditd_printk_skb: 411 callbacks suppressed
[   66.794639][   T29] audit: type=1326 audit(1764806300.070:4155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4711 comm="syz.4.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85ee8f749 code=0x7ffc0000
[   66.836745][   T29] audit: type=1326 audit(1764806300.110:4156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4711 comm="syz.4.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fc85ee8f749 code=0x7ffc0000
[   66.861642][   T29] audit: type=1326 audit(1764806300.110:4157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4711 comm="syz.4.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc85ee8f783 code=0x7ffc0000
[   66.886115][   T29] audit: type=1326 audit(1764806300.110:4158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4711 comm="syz.4.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc85ee8f783 code=0x7ffc0000
[   66.911114][   T29] audit: type=1326 audit(1764806300.110:4159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4711 comm="syz.4.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85ee8f749 code=0x7ffc0000
[   66.937058][   T29] audit: type=1326 audit(1764806300.110:4160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4711 comm="syz.4.457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85ee8f749 code=0x7ffc0000
[   66.968420][ T4472] udevd[4472]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   66.979048][ T3646] udevd[3646]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   66.979721][   T29] audit: type=1326 audit(1764806300.220:4161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4713 comm="syz.0.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0498bef749 code=0x7ffc0000
[   67.017060][   T29] audit: type=1326 audit(1764806300.220:4162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4713 comm="syz.0.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0498bef749 code=0x7ffc0000
[   67.043189][   T29] audit: type=1326 audit(1764806300.220:4163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4713 comm="syz.0.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0498bef749 code=0x7ffc0000
[   67.068133][   T29] audit: type=1326 audit(1764806300.220:4164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4713 comm="syz.0.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f0498bef749 code=0x7ffc0000
[   67.101014][ T4472] udevd[4472]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   67.112634][ T3646] udevd[3646]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   67.168858][ T4725] loop1: detected capacity change from 0 to 128
[   67.377476][ T4741] loop3: detected capacity change from 0 to 2048
[   67.417198][ T4741]  loop3: p1 < > p4
[   67.429786][ T4741] loop3: p4 size 8388608 extends beyond EOD, truncated
[   67.716839][ T4751] loop3: detected capacity change from 0 to 2048
[   67.740847][ T4751] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.908547][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.028302][ T4768] loop4: detected capacity change from 0 to 2048
[   68.057025][ T3646]  loop4: p1 < > p4
[   68.062227][ T3646] loop4: p4 size 8388608 extends beyond EOD, truncated
[   68.073726][ T4772] loop1: detected capacity change from 0 to 128
[   68.082832][ T4768]  loop4: p1 < > p4
[   68.088354][ T4768] loop4: p4 size 8388608 extends beyond EOD, truncated
[   68.284905][ T4743] loop0: detected capacity change from 0 to 1024
[   68.292708][ T4743] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   68.319321][ T4783] loop3: detected capacity change from 0 to 2048
[   68.359678][ T4783] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.374057][ T4785] __nla_validate_parse: 8 callbacks suppressed
[   68.374076][ T4785] netlink: 4 bytes leftover after parsing attributes in process `syz.4.488'.
[   68.409292][ T4785] netlink: 4 bytes leftover after parsing attributes in process `syz.4.488'.
[   68.439340][ T4789] netlink: 96 bytes leftover after parsing attributes in process `syz.0.489'.
[   68.500865][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.625379][ T4801] loop4: detected capacity change from 0 to 2048
[   68.716464][ T4472]  loop4: p1 < > p4
[   68.721511][ T4472] loop4: p4 size 8388608 extends beyond EOD, truncated
[   68.733549][ T4801]  loop4: p1 < > p4
[   68.738312][ T4801] loop4: p4 size 8388608 extends beyond EOD, truncated
[   69.020988][ T4822] loop4: detected capacity change from 0 to 2048
[   69.070916][ T4822] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.214455][ T3329] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.242170][ T4835] loop1: detected capacity change from 0 to 512
[   69.250658][ T4835] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1)
[   69.272679][ T4837] loop0: detected capacity change from 0 to 2048
[   69.289941][ T4835] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   69.316244][ T3646]  loop0: p1 < > p4
[   69.336247][ T3646] loop0: p4 size 8388608 extends beyond EOD, truncated
[   69.357664][ T4837]  loop0: p1 < > p4
[   69.362503][ T4837] loop0: p4 size 8388608 extends beyond EOD, truncated
[   69.376757][ T4835] FAT-fs (loop1): FAT read failed (blocknr 128)
[   69.467358][ T4843] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   69.493195][ T4843] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   69.507900][ T4843] netlink: 'syz.0.512': attribute type 20 has an invalid length.
[   69.515831][ T4843] netlink: 4 bytes leftover after parsing attributes in process `syz.0.512'.
[   69.549940][ T4811] loop3: detected capacity change from 0 to 1024
[   69.558709][ T2892] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   69.567488][ T4843] netlink: 'syz.0.512': attribute type 20 has an invalid length.
[   69.575539][ T4843] netlink: 4 bytes leftover after parsing attributes in process `syz.0.512'.
[   69.576887][ T4811] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   69.593086][ T2892] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   69.615048][ T2892] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   69.617657][ T4848] netlink: 4 bytes leftover after parsing attributes in process `syz.4.515'.
[   69.639603][ T2892] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   69.655447][ T4848] netlink: 4 bytes leftover after parsing attributes in process `syz.4.515'.
[   69.806990][ T4858] loop4: detected capacity change from 0 to 128
[   69.833259][ T4858] 9pnet_fd: Insufficient options for proto=fd
[   69.920758][ T4865] loop3: detected capacity change from 0 to 2048
[   69.956203][ T4472]  loop3: p1 < > p4
[   69.961110][ T4472] loop3: p4 size 8388608 extends beyond EOD, truncated
[   69.973031][ T4865]  loop3: p1 < > p4
[   69.979063][ T4865] loop3: p4 size 8388608 extends beyond EOD, truncated
[   70.213282][ T4843] syz.0.512 (4843) used greatest stack depth: 9888 bytes left
[   70.299740][ T4887] loop1: detected capacity change from 0 to 2048
[   70.371080][ T4472]  loop1: p1 < > p4
[   70.379814][ T4472] loop1: p4 size 8388608 extends beyond EOD, truncated
[   70.405898][ T4887]  loop1: p1 < > p4
[   70.413893][ T4887] loop1: p4 size 8388608 extends beyond EOD, truncated
[   70.427957][ T4892] loop3: detected capacity change from 0 to 8192
[   70.463709][ T4892] msdos: Unknown parameter 'A'
[   70.793409][ T4909] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   70.845999][ T4909] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   70.861497][ T4909] netlink: 'syz.3.544': attribute type 20 has an invalid length.
[   70.869690][ T4909] netlink: 4 bytes leftover after parsing attributes in process `syz.3.544'.
[   70.920910][   T12] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   70.935139][ T4914] pimreg: entered allmulticast mode
[   70.945330][ T4914] pimreg: left allmulticast mode
[   71.024363][ T4909] netlink: 'syz.3.544': attribute type 20 has an invalid length.
[   71.033803][ T4909] netlink: 4 bytes leftover after parsing attributes in process `syz.3.544'.
[   71.043702][   T12] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   71.132147][   T12] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   71.150851][ T4917] netlink: 96 bytes leftover after parsing attributes in process `syz.1.545'.
[   71.209721][   T12] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   71.427493][ T4919] netlink: 'syz.1.546': attribute type 21 has an invalid length.
[   71.480805][ T4897] loop0: detected capacity change from 0 to 1024
[   71.487759][ T4897] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   71.643178][ T4931] loop1: detected capacity change from 0 to 128
[   71.712910][ T4931] 9pnet_fd: Insufficient options for proto=fd
[   71.798639][   T29] kauditd_printk_skb: 608 callbacks suppressed
[   71.798658][   T29] audit: type=1326 audit(1764806305.080:4773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4930 comm="syz.1.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   71.853674][   T29] audit: type=1326 audit(1764806305.120:4774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4930 comm="syz.1.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   71.879939][   T29] audit: type=1326 audit(1764806305.130:4775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4930 comm="syz.1.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   71.880370][ T4936] loop0: detected capacity change from 0 to 8192
[   71.908637][   T29] audit: type=1326 audit(1764806305.140:4776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4930 comm="syz.1.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   71.938543][   T29] audit: type=1326 audit(1764806305.160:4777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4930 comm="syz.1.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   71.950698][ T4936] msdos: Unknown parameter 'A'
[   72.050437][   T29] audit: type=1326 audit(1764806305.190:4778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4930 comm="syz.1.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   72.074394][   T29] audit: type=1326 audit(1764806305.230:4779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4930 comm="syz.1.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   72.099015][   T29] audit: type=1326 audit(1764806305.250:4780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4930 comm="syz.1.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   72.122964][   T29] audit: type=1326 audit(1764806305.260:4781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4930 comm="syz.1.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   72.146796][   T29] audit: type=1326 audit(1764806305.280:4782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4930 comm="syz.1.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   72.284938][ T4955] loop4: detected capacity change from 0 to 128
[   72.720790][ T4950] loop0: detected capacity change from 0 to 1024
[   72.732891][ T4950] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   72.959692][ T4973] loop3: detected capacity change from 0 to 128
[   73.027159][ T4979] loop1: detected capacity change from 0 to 512
[   73.048272][ T4979] EXT4-fs (loop1): 1 truncate cleaned up
[   73.068447][ T4979] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.189301][ T4985] loop4: detected capacity change from 0 to 512
[   73.197724][ T4986] af_packet: tpacket_rcv: packet too big, clamped from 252 to 4294967272. macoff=96
[   73.210108][ T4985] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1)
[   73.234616][ T4985] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   73.338647][ T4985] FAT-fs (loop4): FAT read failed (blocknr 128)
[   73.476767][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.685884][ T4994] loop1: detected capacity change from 0 to 1024
[   73.706519][ T4994] EXT4-fs: Ignoring removed orlov option
[   73.727580][ T4994] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.750957][ T4994] __nla_validate_parse: 3 callbacks suppressed
[   73.750983][ T4994] netlink: 8 bytes leftover after parsing attributes in process `syz.1.572'.
[   73.969017][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.060243][ T5003] loop1: detected capacity change from 0 to 2048
[   74.136714][ T4472]  loop1: p1 < > p4
[   74.146423][ T5012] ip6t_srh: unknown srh match flags  4000
[   74.153356][ T4472] loop1: p4 size 8388608 extends beyond EOD, truncated
[   74.168198][ T5003]  loop1: p1 < > p4
[   74.172678][ T5003] loop1: p4 size 8388608 extends beyond EOD, truncated
[   74.271499][ T3646] udevd[3646]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   74.287337][ T4472] udevd[4472]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   74.337267][ T3646] udevd[3646]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   74.349518][ T4472] udevd[4472]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   74.456281][ T4999] loop3: detected capacity change from 0 to 1024
[   74.471381][ T4999] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   74.554966][ T5030] loop1: detected capacity change from 0 to 512
[   74.587762][ T5030] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1)
[   74.619525][ T5030] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   74.645649][ T5037] loop3: detected capacity change from 0 to 2048
[   74.715226][ T5030] FAT-fs (loop1): FAT read failed (blocknr 128)
[   74.746995][ T4472]  loop3: p1 < > p4
[   74.751910][ T4472] loop3: p4 size 8388608 extends beyond EOD, truncated
[   74.778163][ T5037]  loop3: p1 < > p4
[   74.787128][ T5037] loop3: p4 size 8388608 extends beyond EOD, truncated
[   74.903283][ T5047] loop0: detected capacity change from 0 to 2048
[   74.920537][ T4472] udevd[4472]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   74.935981][ T3646] udevd[3646]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   74.956922][ T3641]  loop0: p1 < > p4
[   74.965680][ T3641] loop0: p4 size 8388608 extends beyond EOD, truncated
[   74.979745][ T5050] netlink: 4 bytes leftover after parsing attributes in process `syz.4.594'.
[   74.990493][ T5047]  loop0: p1 < > p4
[   74.995398][ T5047] loop0: p4 size 8388608 extends beyond EOD, truncated
[   75.009333][ T5050] netlink: 4 bytes leftover after parsing attributes in process `syz.4.594'.
[   75.103180][ T4472] udevd[4472]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[   75.117949][ T3646] udevd[3646]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   75.252853][ T5065] binfmt_misc: register: failed to install interpreter file ./file0
[   75.602026][ T5080] netlink: 4 bytes leftover after parsing attributes in process `syz.0.607'.
[   75.631689][ T5080] netlink: 4 bytes leftover after parsing attributes in process `syz.0.607'.
[   75.893526][ T5093] loop1: detected capacity change from 0 to 8192
[   75.957313][ T5103] loop3: detected capacity change from 0 to 1024
[   75.965499][ T5103] EXT4-fs: Ignoring removed orlov option
[   75.973648][ T5093] msdos: Unknown parameter 'A'
[   75.982013][ T5103] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.028424][ T5103] netlink: 8 bytes leftover after parsing attributes in process `syz.3.617'.
[   76.240554][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.384490][ T5114] binfmt_misc: register: failed to install interpreter file ./file0
[   76.412261][ T5119] loop4: detected capacity change from 0 to 512
[   76.421178][ T5119] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1)
[   76.475076][ T5119] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   76.551692][ T5127] loop1: detected capacity change from 0 to 1024
[   76.560023][ T5119] FAT-fs (loop4): FAT read failed (blocknr 128)
[   76.569970][ T5127] EXT4-fs: Ignoring removed orlov option
[   76.584409][ T5127] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.648860][ T5134] binfmt_misc: register: failed to install interpreter file ./file0
[   76.661998][ T5127] netlink: 8 bytes leftover after parsing attributes in process `syz.1.629'.
[   76.735410][ T5136] netlink: 96 bytes leftover after parsing attributes in process `syz.3.631'.
[   76.784288][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.904699][   T29] kauditd_printk_skb: 812 callbacks suppressed
[   76.904718][   T29] audit: type=1326 audit(1764806310.180:5595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5145 comm="syz.3.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   76.936005][   T29] audit: type=1326 audit(1764806310.180:5596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5145 comm="syz.3.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   76.959613][   T29] audit: type=1326 audit(1764806310.220:5597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5145 comm="syz.3.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   76.984769][   T29] audit: type=1326 audit(1764806310.220:5598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5145 comm="syz.3.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   77.008738][   T29] audit: type=1326 audit(1764806310.220:5599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5145 comm="syz.3.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   77.044577][   T29] audit: type=1326 audit(1764806310.290:5600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5145 comm="syz.3.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   77.125883][   T29] audit: type=1326 audit(1764806310.390:5601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5145 comm="syz.3.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   77.150687][   T29] audit: type=1326 audit(1764806310.390:5602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5145 comm="syz.3.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   77.175376][   T29] audit: type=1326 audit(1764806310.390:5603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5145 comm="syz.3.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   77.176974][ T5157] ip6t_srh: unknown srh match flags  4000
[   77.200924][   T29] audit: type=1326 audit(1764806310.390:5604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5145 comm="syz.3.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   77.207963][ T5159] xt_recent: hitcount (16777216) is larger than allowed maximum (65535)
[   77.242049][ T5161] loop3: detected capacity change from 0 to 128
[   77.347613][ T5166] loop1: detected capacity change from 0 to 128
[   77.401589][ T5172] netlink: 96 bytes leftover after parsing attributes in process `syz.3.648'.
[   77.459745][ T5177] loop4: detected capacity change from 0 to 1024
[   77.467634][ T5177] EXT4-fs: Ignoring removed orlov option
[   77.478942][ T5177] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.592792][ T3329] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.655111][ T5189] netlink: 4 bytes leftover after parsing attributes in process `wg1'.
[   77.701022][ T5189] syzkaller0: entered allmulticast mode
[   77.714958][ T5189] syzkaller0: entered promiscuous mode
[   77.725393][ T5186] syzkaller0: left promiscuous mode
[   77.731299][ T5186] syzkaller0: left allmulticast mode
[   77.733927][ T5193] loop1: detected capacity change from 0 to 128
[   78.075435][ T5210] loop4: detected capacity change from 0 to 8192
[   78.087981][ T5210] msdos: Unknown parameter 'A'
[   78.153053][ T5218] loop0: detected capacity change from 0 to 512
[   78.184754][ T5218] EXT4-fs: Invalid want_extra_isize 1
[   78.280018][ T5225] loop3: detected capacity change from 0 to 512
[   78.296891][ T5225] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.669: bg 0: block 35: padding at end of block bitmap is not set
[   78.320089][ T5225] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6667: Corrupt filesystem
[   78.329555][ T5225] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.669: invalid indirect mapped block 4294967295 (level 1)
[   78.356249][ T5225] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.669: invalid indirect mapped block 4294967295 (level 2)
[   78.427253][ T5225] EXT4-fs (loop3): 1 truncate cleaned up
[   78.435184][ T5225] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.470005][ T5222] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   78.479659][ T5222] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   78.544293][ T5207] loop1: detected capacity change from 0 to 1024
[   78.552898][ T5207] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   78.685180][ T5240] loop1: detected capacity change from 0 to 1024
[   78.703012][ T5240] EXT4-fs: Ignoring removed orlov option
[   78.732495][ T5240] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.792399][ T5240] __nla_validate_parse: 4 callbacks suppressed
[   78.792419][ T5240] netlink: 8 bytes leftover after parsing attributes in process `syz.1.676'.
[   78.942959][ T5255] loop4: detected capacity change from 0 to 512
[   78.986982][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.997709][ T5255] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.024135][ T5255] ext4 filesystem being mounted at /161/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   79.041437][ T5261] netlink: 4 bytes leftover after parsing attributes in process `syz.0.685'.
[   79.051634][ T5261] netlink: 4 bytes leftover after parsing attributes in process `syz.0.685'.
[   79.083913][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.122737][ T5255] EXT4-fs error (device loop4): ext4_do_update_inode:5628: inode #2: comm syz.4.682: corrupted inode contents
[   79.167399][ T5255] EXT4-fs error (device loop4): ext4_dirty_inode:6513: inode #2: comm syz.4.682: mark_inode_dirty error
[   79.202550][ T5255] EXT4-fs error (device loop4): ext4_do_update_inode:5628: inode #2: comm syz.4.682: corrupted inode contents
[   79.220256][ T5255] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.682: mark_inode_dirty error
[   79.265875][ T5271] loop1: detected capacity change from 0 to 128
[   79.320376][ T3329] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.333686][ T5271] 9pnet_fd: Insufficient options for proto=fd
[   79.396493][ T5278] loop4: detected capacity change from 0 to 512
[   79.405471][ T5278] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1)
[   79.425952][ T5278] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   79.545483][ T5278] FAT-fs (loop4): FAT read failed (blocknr 128)
[   79.554641][ T5286] loop3: detected capacity change from 0 to 1024
[   79.576088][ T5286] EXT4-fs: Ignoring removed orlov option
[   79.598117][ T5286] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.619305][ T5286] netlink: 8 bytes leftover after parsing attributes in process `syz.3.695'.
[   79.691459][ T5267] loop0: detected capacity change from 0 to 1024
[   79.700827][ T5267] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   79.729224][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.911756][ T5297] netlink: 4 bytes leftover after parsing attributes in process `syz.0.699'.
[   79.922418][ T5297] netlink: 4 bytes leftover after parsing attributes in process `syz.0.699'.
[   80.144571][ T5309] netlink: 96 bytes leftover after parsing attributes in process `syz.1.703'.
[   80.449978][ T5320] netlink: 'syz.4.707': attribute type 21 has an invalid length.
[   80.458439][ T5320] netlink: 'syz.4.707': attribute type 1 has an invalid length.
[   80.466205][ T5320] netlink: 132 bytes leftover after parsing attributes in process `syz.4.707'.
[   80.562733][ T5328] binfmt_misc: register: failed to install interpreter file ./file0
[   80.599967][ T5331] netlink: 4 bytes leftover after parsing attributes in process `syz.1.710'.
[   80.633956][ T5331] netlink: 4 bytes leftover after parsing attributes in process `syz.1.710'.
[   80.697796][ T5337] loop4: detected capacity change from 0 to 128
[   80.733958][ T5337] 9pnet_fd: Insufficient options for proto=fd
[   80.871289][ T5319] loop0: detected capacity change from 0 to 1024
[   80.882599][ T5319] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   81.602473][ T5361] loop0: detected capacity change from 0 to 8192
[   81.609588][ T5361] msdos: Unknown parameter 'A'
[   81.634384][ T5371] sock: sock_timestamping_bind_phc: sock not bind to device
[   81.721355][ T5350] chnl_net:caif_netlink_parms(): no params data found
[   81.749805][ T5379] FAULT_INJECTION: forcing a failure.
[   81.749805][ T5379] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   81.763304][ T5379] CPU: 0 UID: 0 PID: 5379 Comm: syz.1.727 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   81.763339][ T5379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   81.763356][ T5379] Call Trace:
[   81.763366][ T5379]  <TASK>
[   81.763376][ T5379]  __dump_stack+0x1d/0x30
[   81.763478][ T5379]  dump_stack_lvl+0xe8/0x140
[   81.763501][ T5379]  dump_stack+0x15/0x1b
[   81.763532][ T5379]  should_fail_ex+0x265/0x280
[   81.763560][ T5379]  should_fail+0xb/0x20
[   81.763586][ T5379]  should_fail_usercopy+0x1a/0x20
[   81.763650][ T5379]  _copy_from_user+0x1c/0xb0
[   81.763723][ T5379]  ___sys_sendmsg+0xc1/0x1d0
[   81.763769][ T5379]  __x64_sys_sendmsg+0xd4/0x160
[   81.763818][ T5379]  x64_sys_call+0x17ba/0x3000
[   81.763849][ T5379]  do_syscall_64+0xd8/0x2a0
[   81.763879][ T5379]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.763901][ T5379] RIP: 0033:0x7f93ecbdf749
[   81.763951][ T5379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.763975][ T5379] RSP: 002b:00007f93eb63f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   81.763995][ T5379] RAX: ffffffffffffffda RBX: 00007f93ece35fa0 RCX: 00007f93ecbdf749
[   81.764007][ T5379] RDX: 0000000024000000 RSI: 0000200000000100 RDI: 0000000000000005
[   81.764020][ T5379] RBP: 00007f93eb63f090 R08: 0000000000000000 R09: 0000000000000000
[   81.764032][ T5379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.764086][ T5379] R13: 00007f93ece36038 R14: 00007f93ece35fa0 R15: 00007ffcf12e60e8
[   81.764110][ T5379]  </TASK>
[   82.121051][ T5393] ip6t_srh: unknown srh match flags  4000
[   82.162174][   T29] kauditd_printk_skb: 366 callbacks suppressed
[   82.162193][   T29] audit: type=1326 audit(1764806315.430:5971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5395 comm="syz.1.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   82.192675][   T29] audit: type=1326 audit(1764806315.430:5972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5395 comm="syz.1.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   82.216559][   T29] audit: type=1326 audit(1764806315.430:5974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5395 comm="syz.1.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   82.240873][   T29] audit: type=1326 audit(1764806315.430:5975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5395 comm="syz.1.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   82.264489][   T29] audit: type=1326 audit(1764806315.430:5976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5395 comm="syz.1.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   82.288205][   T29] audit: type=1326 audit(1764806315.430:5973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5395 comm="syz.1.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   82.311748][   T29] audit: type=1326 audit(1764806315.430:5977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5395 comm="syz.1.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   82.313915][ T5397] FAULT_INJECTION: forcing a failure.
[   82.313915][ T5397] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   82.335375][   T29] audit: type=1326 audit(1764806315.430:5978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5395 comm="syz.1.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   82.348864][ T5397] CPU: 1 UID: 0 PID: 5397 Comm: syz.4.731 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   82.348981][ T5397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   82.348997][ T5397] Call Trace:
[   82.349017][ T5397]  <TASK>
[   82.349167][ T5397]  __dump_stack+0x1d/0x30
[   82.349199][ T5397]  dump_stack_lvl+0xe8/0x140
[   82.349228][ T5397]  dump_stack+0x15/0x1b
[   82.349254][ T5397]  should_fail_ex+0x265/0x280
[   82.349297][ T5397]  should_fail+0xb/0x20
[   82.349324][ T5397]  should_fail_usercopy+0x1a/0x20
[   82.349356][ T5397]  _copy_from_user+0x1c/0xb0
[   82.349397][ T5397]  do_arpt_set_ctl+0x3aa/0x9a0
[   82.349447][ T5397]  ? _raw_spin_unlock_bh+0x36/0x40
[   82.349486][ T5397]  ? _raw_spin_lock_bh+0x56/0xb0
[   82.349521][ T5397]  ? _raw_spin_unlock_bh+0x36/0x40
[   82.349562][ T5397]  nf_setsockopt+0x199/0x1b0
[   82.349732][ T5397]  ip_setsockopt+0x102/0x110
[   82.349764][ T5397]  udp_setsockopt+0x99/0xb0
[   82.349798][ T5397]  sock_common_setsockopt+0x69/0x80
[   82.349844][ T5397]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   82.349956][ T5397]  __sys_setsockopt+0x184/0x200
[   82.349991][ T5397]  __x64_sys_setsockopt+0x64/0x80
[   82.350094][ T5397]  x64_sys_call+0x21d5/0x3000
[   82.350127][ T5397]  do_syscall_64+0xd8/0x2a0
[   82.350158][ T5397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.350250][ T5397] RIP: 0033:0x7fc85ee8f749
[   82.350272][ T5397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.350355][ T5397] RSP: 002b:00007fc85d8ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   82.350382][ T5397] RAX: ffffffffffffffda RBX: 00007fc85f0e5fa0 RCX: 00007fc85ee8f749
[   82.350401][ T5397] RDX: 0000000000000060 RSI: 0a02000000000000 RDI: 0000000000000005
[   82.350418][ T5397] RBP: 00007fc85d8ef090 R08: 0000000000000438 R09: 0000000000000000
[   82.350436][ T5397] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[   82.350453][ T5397] R13: 00007fc85f0e6038 R14: 00007fc85f0e5fa0 R15: 00007ffffff3c138
[   82.350536][ T5397]  </TASK>
[   82.473873][ T5401] loop0: detected capacity change from 0 to 128
[   82.477374][   T29] audit: type=1326 audit(1764806315.430:5979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5395 comm="syz.1.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   82.502979][ T5401] 9pnet_fd: Insufficient options for proto=fd
[   82.503471][   T29] audit: type=1326 audit(1764806315.440:5980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5395 comm="syz.1.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[   82.654703][ T5350] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.662452][ T5350] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.670081][ T5350] bridge_slave_0: entered allmulticast mode
[   82.677493][ T5350] bridge_slave_0: entered promiscuous mode
[   82.685270][ T5350] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.692964][ T5350] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.701845][ T5350] bridge_slave_1: entered allmulticast mode
[   82.709100][ T5350] bridge_slave_1: entered promiscuous mode
[   82.745799][ T5350] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   82.771041][ T5350] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   82.810283][ T5350] team0: Port device team_slave_0 added
[   82.821596][ T5350] team0: Port device team_slave_1 added
[   82.857727][ T5411] loop4: detected capacity change from 0 to 8192
[   82.865019][ T5350] batman_adv: batadv0: Adding interface: batadv_slave_0
[   82.868786][ T5411] msdos: Unknown parameter 'A'
[   82.874960][ T5350] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   82.910489][ T5350] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.923504][ T5350] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.930741][ T5350] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   82.957695][ T5350] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   83.016299][ T5350] hsr_slave_0: entered promiscuous mode
[   83.023829][ T5417] netlink: 'syz.4.741': attribute type 3 has an invalid length.
[   83.034731][ T5350] hsr_slave_1: entered promiscuous mode
[   83.044297][ T5420] loop1: detected capacity change from 0 to 512
[   83.044616][ T5417] SELinux:  Context system_u:object_r:modules_dep_t:s0 is not valid (left unmapped).
[   83.051941][ T5350] debugfs: 'hsr0' already exists in 'hsr'
[   83.066201][ T5350] Cannot create hsr debugfs directory
[   83.067761][ T5420] EXT4-fs (loop1): filesystem is read-only
[   83.074974][ T5420] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   83.075000][ T5420] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 not in group (block 1)!
[   83.075020][ T5420] EXT4-fs (loop1): group descriptors corrupted!
[   83.129686][ T5421] 9pnet_virtio: no channels available for device syz
[   83.250354][ T5350] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   83.270614][ T5350] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   83.296043][ T5350] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   83.306675][ T5350] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   83.525823][ T5350] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.549953][ T5350] 8021q: adding VLAN 0 to HW filter on device team0
[   83.559443][ T5439] loop0: detected capacity change from 0 to 2048
[   83.592722][ T2937] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.601105][ T2937] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.653670][ T5446] binfmt_misc: register: failed to install interpreter file ./file0
[   83.669830][ T2937] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.677428][ T2937] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.740109][ T5350] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   83.751140][ T5350] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   83.839356][ T5451] ip6t_srh: unknown srh match flags  4000
[   83.906024][ T5439]  loop0: p1 < > p4
[   83.911113][ T5439] loop0: p4 size 8388608 extends beyond EOD, truncated
[   83.949041][ T5350] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.979325][ T4472] udevd[4472]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[   84.019030][ T3646] udevd[3646]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   84.032409][ T4472] udevd[4472]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[   84.090631][ T5457] loop4: detected capacity change from 0 to 8192
[   84.111732][ T5457] msdos: Unknown parameter 'A'
[   84.262990][ T5471] loop0: detected capacity change from 0 to 2048
[   84.280909][ T5479] loop4: detected capacity change from 0 to 128
[   84.291877][ T5479] 9pnet_fd: Insufficient options for proto=fd
[   84.306902][ T4472]  loop0: p1 < > p4
[   84.324005][ T4472] loop0: p4 size 8388608 extends beyond EOD, truncated
[   84.341989][ T5350] veth0_vlan: entered promiscuous mode
[   84.352943][ T5471]  loop0: p1 < > p4
[   84.363786][ T5471] loop0: p4 size 8388608 extends beyond EOD, truncated
[   84.373740][ T5350] veth1_vlan: entered promiscuous mode
[   84.397321][ T5350] veth0_macvtap: entered promiscuous mode
[   84.414231][ T5350] veth1_macvtap: entered promiscuous mode
[   84.445188][ T4472] udevd[4472]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[   84.448303][ T3646] udevd[3646]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   84.468879][ T5350] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.485629][ T5350] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.514640][  T813] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.541542][  T813] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.568544][  T813] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.578455][  T813] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.658212][ T5497] __nla_validate_parse: 6 callbacks suppressed
[   84.658227][ T5497] netlink: 96 bytes leftover after parsing attributes in process `syz.0.759'.
[   84.808321][ T5508] loop3: detected capacity change from 0 to 2048
[   84.851497][ T5514] syz_tun: entered allmulticast mode
[   84.868056][ T3646]  loop3: p1 < > p4
[   84.877585][ T3646] loop3: p4 size 8388608 extends beyond EOD, truncated
[   84.888356][ T5516] netlink: 4 bytes leftover after parsing attributes in process `syz.0.768'.
[   84.899402][ T5508]  loop3: p1 < > p4
[   84.899447][ T5516] netlink: 4 bytes leftover after parsing attributes in process `syz.0.768'.
[   84.913084][ T5508] loop3: p4 size 8388608 extends beyond EOD, truncated
[   84.940535][ T5513] syz_tun: left allmulticast mode
[   84.992776][ T5523] FAULT_INJECTION: forcing a failure.
[   84.992776][ T5523] name failslab, interval 1, probability 0, space 0, times 0
[   85.003922][ T3646] udevd[3646]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   85.006651][ T5523] CPU: 0 UID: 0 PID: 5523 Comm: syz.0.769 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   85.006688][ T5523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   85.006707][ T5523] Call Trace:
[   85.006715][ T5523]  <TASK>
[   85.006853][ T5523]  __dump_stack+0x1d/0x30
[   85.006968][ T5523]  dump_stack_lvl+0xe8/0x140
[   85.007065][ T5523]  dump_stack+0x15/0x1b
[   85.007090][ T5523]  should_fail_ex+0x265/0x280
[   85.007124][ T5523]  ? audit_log_d_path+0x8d/0x150
[   85.007170][ T5523]  should_failslab+0x8c/0xb0
[   85.007291][ T5523]  __kmalloc_cache_noprof+0x4c/0x4a0
[   85.007337][ T5523]  audit_log_d_path+0x8d/0x150
[   85.007382][ T5523]  audit_log_d_path_exe+0x42/0x70
[   85.007510][ T5523]  audit_log_task+0x1e9/0x250
[   85.007612][ T5523]  ? filename_lookup+0x48/0x340
[   85.007658][ T5523]  audit_seccomp+0x61/0x100
[   85.007696][ T5523]  ? __seccomp_filter+0x82d/0x1250
[   85.007731][ T5523]  __seccomp_filter+0x83e/0x1250
[   85.007907][ T5523]  ? getname_flags+0x2be/0x3b0
[   85.007964][ T5523]  __secure_computing+0x82/0x150
[   85.008083][ T5523]  syscall_trace_enter+0xcf/0x1e0
[   85.008197][ T5523]  do_syscall_64+0xb2/0x2a0
[   85.008231][ T5523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.008286][ T5523] RIP: 0033:0x7f0498bee15c
[   85.008310][ T5523] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   85.008336][ T5523] RSP: 002b:00007f0497657030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   85.008364][ T5523] RAX: ffffffffffffffda RBX: 00007f0498e45fa0 RCX: 00007f0498bee15c
[   85.008427][ T5523] RDX: 000000000000000f RSI: 00007f04976570a0 RDI: 0000000000000006
[   85.008445][ T5523] RBP: 00007f0497657090 R08: 0000000000000000 R09: 0000000000000000
[   85.008462][ T5523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   85.008480][ T5523] R13: 00007f0498e46038 R14: 00007f0498e45fa0 R15: 00007ffcda0bfa98
[   85.008516][ T5523]  </TASK>
[   85.038123][ T5524] ip6t_srh: unknown srh match flags  4000
[   85.057592][ T4472] udevd[4472]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   85.256441][ T5533] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   85.270384][ T4472] udevd[4472]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   85.284493][ T3641] udevd[3641]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   85.441017][ T5544] binfmt_misc: register: failed to install interpreter file ./file0
[   85.601562][ T5550] loop1: detected capacity change from 0 to 2048
[   85.646670][ T5550]  loop1: p1 < > p4
[   85.652508][ T5550] loop1: p4 size 8388608 extends beyond EOD, truncated
[   85.850536][ T5557] netlink: 96 bytes leftover after parsing attributes in process `syz.3.782'.
[   85.906680][ T5540] loop4: detected capacity change from 0 to 1024
[   85.919359][ T5540] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   86.240713][ T5573] loop4: detected capacity change from 0 to 128
[   86.260687][ T5575] netlink: 204 bytes leftover after parsing attributes in process `syz.5.789'.
[   86.270831][ T5575] netlink: 28 bytes leftover after parsing attributes in process `syz.5.789'.
[   86.284021][ T5575] netlink: 8 bytes leftover after parsing attributes in process `syz.5.789'.
[   86.293871][ T5575] netlink: 32 bytes leftover after parsing attributes in process `syz.5.789'.
[   86.327124][ T5575] loop5: detected capacity change from 0 to 512
[   86.341503][ T5575] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1)
[   86.360660][ T5575] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   86.385485][ T5581] netlink: 16 bytes leftover after parsing attributes in process `syz.0.791'.
[   86.412676][ T5575] FAT-fs (loop5): FAT read failed (blocknr 128)
[   86.526608][ T5586] sg_write: data in/out 156/65394 bytes for SCSI command 0x0-- guessing data in;
[   86.526608][ T5586]    program syz.5.792 not setting count and/or reply_len properly
[   86.573834][ T5588] netlink: 96 bytes leftover after parsing attributes in process `syz.5.793'.
[   86.723188][ T5602] loop0: detected capacity change from 0 to 512
[   86.732011][ T5602] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   86.744994][ T5602] EXT4-fs (loop0): 1 truncate cleaned up
[   86.754346][ T5602] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.817198][ T3328] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.833118][ T5608] loop5: detected capacity change from 0 to 512
[   86.865026][ T5608] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.798: bg 0: block 35: padding at end of block bitmap is not set
[   86.897034][ T5612] loop0: detected capacity change from 0 to 512
[   86.903877][ T5608] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6667: Corrupt filesystem
[   86.913368][ T5608] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.798: invalid indirect mapped block 4294967295 (level 1)
[   86.918963][ T5612] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1)
[   86.938719][ T5608] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.798: invalid indirect mapped block 4294967295 (level 2)
[   86.949934][ T5612] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   86.966081][ T5610] loop1: detected capacity change from 0 to 8192
[   86.973290][ T5608] EXT4-fs (loop5): 1 truncate cleaned up
[   86.980300][ T5608] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.041348][ T5612] FAT-fs (loop0): FAT read failed (blocknr 128)
[   87.116902][ T5598] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   87.139342][ T5598] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   87.152642][ T5620] loop1: detected capacity change from 0 to 512
[   87.171886][   T29] kauditd_printk_skb: 351 callbacks suppressed
[   87.171900][   T29] audit: type=1326 audit(1764806320.440:6332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5618 comm="syz.4.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc85ee8f749 code=0x7ffc0000
[   87.199664][ T5620] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.201884][   T29] audit: type=1400 audit(1764806320.450:6333): avc:  denied  { create } for  pid=5618 comm="syz.4.806" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   87.227204][ T5620] ext4 filesystem being mounted at /187/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.238434][   T29] audit: type=1326 audit(1764806320.500:6334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5618 comm="syz.4.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85ee8f749 code=0x7ffc0000
[   87.272637][   T29] audit: type=1326 audit(1764806320.500:6335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5618 comm="syz.4.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85ee8f749 code=0x7ffc0000
[   87.298025][   T29] audit: type=1400 audit(1764806320.510:6336): avc:  denied  { mount } for  pid=5617 comm="syz.1.805" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   87.322561][ T5620] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5620 comm=syz.1.805
[   87.336163][   T29] audit: type=1326 audit(1764806320.530:6337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5618 comm="syz.4.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fc85ee8f749 code=0x7ffc0000
[   87.362309][   T29] audit: type=1400 audit(1764806320.530:6338): avc:  denied  { setopt } for  pid=5618 comm="syz.4.806" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   87.382773][   T29] audit: type=1326 audit(1764806320.530:6339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5618 comm="syz.4.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85ee8f749 code=0x7ffc0000
[   87.407886][   T29] audit: type=1326 audit(1764806320.540:6340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5618 comm="syz.4.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc85ee8f749 code=0x7ffc0000
[   87.433923][   T29] audit: type=1326 audit(1764806320.560:6341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5618 comm="syz.4.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7fc85ee8f749 code=0x7ffc0000
[   87.509049][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.673311][ T5640] loop1: detected capacity change from 0 to 8192
[   87.681408][ T5640] msdos: Unknown parameter 'A'
[   87.907619][ T5646] binfmt_misc: register: failed to install interpreter file ./file0
[   88.244308][ T5350] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.283709][ T5656] loop0: detected capacity change from 0 to 128
[   88.409906][ T5664] loop1: detected capacity change from 0 to 8192
[   88.442715][ T5664] msdos: Unknown parameter 'A'
[   88.469457][ T5672] loop5: detected capacity change from 0 to 512
[   88.483034][ T5666] loop4: detected capacity change from 0 to 8192
[   88.491609][ T5672] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1)
[   88.496282][ T5666] msdos: Unknown parameter 'A'
[   88.512348][ T5672] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   88.670791][ T5672] FAT-fs (loop5): FAT read failed (blocknr 128)
[   88.703956][ T5685] binfmt_misc: register: failed to install interpreter file ./file0
[   88.741438][ T5678] loop3: detected capacity change from 0 to 8192
[   88.759974][ T5678] msdos: Unknown parameter 'A'
[   88.762886][ T5687] loop1: detected capacity change from 0 to 2048
[   88.836591][ T5687]  loop1: p1 < > p4
[   88.854008][ T5687] loop1: p4 size 8388608 extends beyond EOD, truncated
[   88.887175][ T5696] loop3: detected capacity change from 0 to 512
[   88.899350][ T5693] loop4: detected capacity change from 0 to 1024
[   88.911446][ T5696] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   88.924724][ T5696] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[   88.935840][ T5696] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.835: Corrupt directory, running e2fsck is recommended
[   88.949723][ T5696] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[   88.962580][ T5696] EXT4-fs error (device loop3): ext4_iget_extra_inode:5071: inode #15: comm syz.3.835: corrupted in-inode xattr: invalid ea_ino
[   88.978461][ T5693] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   89.000474][ T5693] ext4 filesystem being mounted at /194/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.015307][ T5696] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.835: couldn't read orphan inode 15 (err -117)
[   89.029141][ T5696] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.035368][ T5693] FAULT_INJECTION: forcing a failure.
[   89.035368][ T5693] name failslab, interval 1, probability 0, space 0, times 0
[   89.056642][ T5693] CPU: 0 UID: 0 PID: 5693 Comm: syz.4.834 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   89.056671][ T5693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   89.056682][ T5693] Call Trace:
[   89.056689][ T5693]  <TASK>
[   89.056698][ T5693]  __dump_stack+0x1d/0x30
[   89.056766][ T5693]  dump_stack_lvl+0xe8/0x140
[   89.056784][ T5693]  dump_stack+0x15/0x1b
[   89.056799][ T5693]  should_fail_ex+0x265/0x280
[   89.056820][ T5693]  should_failslab+0x8c/0xb0
[   89.056844][ T5693]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   89.056999][ T5693]  ? __alloc_skb+0x101/0x320
[   89.057018][ T5693]  __alloc_skb+0x101/0x320
[   89.057034][ T5693]  ? audit_log_start+0x342/0x720
[   89.057063][ T5693]  audit_log_start+0x3a0/0x720
[   89.057124][ T5693]  ? kstrtouint+0x76/0xc0
[   89.057140][ T5693]  audit_seccomp+0x48/0x100
[   89.057163][ T5693]  ? __seccomp_filter+0x82d/0x1250
[   89.057184][ T5693]  __seccomp_filter+0x83e/0x1250
[   89.057260][ T5693]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   89.057288][ T5693]  ? vfs_write+0x7e8/0x960
[   89.057323][ T5693]  ? __rcu_read_unlock+0x4f/0x70
[   89.057352][ T5693]  ? __fget_files+0x184/0x1c0
[   89.057453][ T5693]  __secure_computing+0x82/0x150
[   89.057474][ T5693]  syscall_trace_enter+0xcf/0x1e0
[   89.057496][ T5693]  do_syscall_64+0xb2/0x2a0
[   89.057517][ T5693]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.057537][ T5693] RIP: 0033:0x7fc85ee8f749
[   89.057551][ T5693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.057631][ T5693] RSP: 002b:00007fc85d8ef038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f3
[   89.057652][ T5693] RAX: ffffffffffffffda RBX: 00007fc85f0e5fa0 RCX: 00007fc85ee8f749
[   89.057670][ T5693] RDX: 0000000000018ff5 RSI: 000020000001d600 RDI: 000000000000000b
[   89.057687][ T5693] RBP: 00007fc85d8ef090 R08: 0000000000000000 R09: 0000000000000000
[   89.057701][ T5693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   89.057712][ T5693] R13: 00007fc85f0e6038 R14: 00007fc85f0e5fa0 R15: 00007ffffff3c138
[   89.057730][ T5693]  </TASK>
[   89.060882][ T5702] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   89.276132][ T5707] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   89.279959][ T5702] batman_adv: batadv0: Removing interface: batadv_slave_0
[   89.283115][ T5707] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[   89.320643][ T5707] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.835: Corrupt directory, running e2fsck is recommended
[   89.338210][ T5702] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   89.346414][ T5702] batman_adv: batadv0: Removing interface: batadv_slave_1
[   89.369571][ T3329] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   89.376307][ T5707] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 3: comm syz.3.835: path /171/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   89.410098][ T5707] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 64: comm syz.3.835: path /171/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   89.449480][ T5715] ip6t_srh: unknown srh match flags  4000
[   89.477537][ T5713] loop5: detected capacity change from 0 to 8192
[   89.488592][ T5713] msdos: Unknown parameter 'A'
[   89.501825][ T5703] bond1: entered promiscuous mode
[   89.610330][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.680909][ T5729] __nla_validate_parse: 15 callbacks suppressed
[   89.680926][ T5729] netlink: 96 bytes leftover after parsing attributes in process `syz.1.845'.
[   89.730561][ T5733] loop5: detected capacity change from 0 to 2048
[   89.767868][ T5733]  loop5: p1 < > p4
[   89.778816][ T5733] loop5: p4 size 8388608 extends beyond EOD, truncated
[   89.783020][ T5735] netlink: 204 bytes leftover after parsing attributes in process `syz.3.848'.
[   89.795730][ T5735] netlink: 28 bytes leftover after parsing attributes in process `syz.3.848'.
[   89.856280][ T5735] netlink: 8 bytes leftover after parsing attributes in process `syz.3.848'.
[   89.866872][ T5735] netlink: 32 bytes leftover after parsing attributes in process `syz.3.848'.
[   89.891880][ T4472] udevd[4472]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[   89.903762][ T5739] loop3: detected capacity change from 0 to 512
[   89.926878][ T5742] loop5: detected capacity change from 0 to 256
[   89.929222][ T4472] udevd[4472]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[   89.939482][ T5739] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1)
[   89.981867][ T5739] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   90.036176][ T5735] FAT-fs (loop3): FAT read failed (blocknr 128)
[   90.135628][ T5746] netlink: 96 bytes leftover after parsing attributes in process `syz.3.851'.
[   90.219402][ T5748] FAULT_INJECTION: forcing a failure.
[   90.219402][ T5748] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   90.236290][ T5748] CPU: 1 UID: 0 PID: 5748 Comm: syz.3.853 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   90.236429][ T5748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   90.236447][ T5748] Call Trace:
[   90.236537][ T5748]  <TASK>
[   90.236559][ T5748]  __dump_stack+0x1d/0x30
[   90.236591][ T5748]  dump_stack_lvl+0xe8/0x140
[   90.236647][ T5748]  dump_stack+0x15/0x1b
[   90.236670][ T5748]  should_fail_ex+0x265/0x280
[   90.236700][ T5748]  should_fail+0xb/0x20
[   90.236725][ T5748]  should_fail_usercopy+0x1a/0x20
[   90.236831][ T5748]  _copy_from_iter+0xcf/0xe70
[   90.236871][ T5748]  ? __build_skb_around+0x164/0x1c0
[   90.236899][ T5748]  ? __alloc_skb+0x223/0x320
[   90.236978][ T5748]  netlink_sendmsg+0x471/0x6b0
[   90.237014][ T5748]  ? __pfx_netlink_sendmsg+0x10/0x10
[   90.237102][ T5748]  __sock_sendmsg+0x145/0x180
[   90.237141][ T5748]  ____sys_sendmsg+0x31e/0x4a0
[   90.237171][ T5748]  ___sys_sendmsg+0x17b/0x1d0
[   90.237270][ T5748]  __x64_sys_sendmsg+0xd4/0x160
[   90.237311][ T5748]  x64_sys_call+0x17ba/0x3000
[   90.237342][ T5748]  do_syscall_64+0xd8/0x2a0
[   90.237552][ T5748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.237581][ T5748] RIP: 0033:0x7fc63df2f749
[   90.237615][ T5748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.237638][ T5748] RSP: 002b:00007fc63c997038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   90.237723][ T5748] RAX: ffffffffffffffda RBX: 00007fc63e185fa0 RCX: 00007fc63df2f749
[   90.237784][ T5748] RDX: 0000000024000000 RSI: 0000200000009b40 RDI: 0000000000000003
[   90.237800][ T5748] RBP: 00007fc63c997090 R08: 0000000000000000 R09: 0000000000000000
[   90.237816][ T5748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.237832][ T5748] R13: 00007fc63e186038 R14: 00007fc63e185fa0 R15: 00007fff97f336c8
[   90.237882][ T5748]  </TASK>
[   90.473226][ T5764] netlink: 96 bytes leftover after parsing attributes in process `syz.0.859'.
[   90.535881][ T5770] netlink: 4 bytes leftover after parsing attributes in process `syz.3.862'.
[   90.546730][ T5770] netlink: 4 bytes leftover after parsing attributes in process `syz.3.862'.
[   90.593504][ T5774] loop4: detected capacity change from 0 to 512
[   90.631259][ T5774] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   90.688908][ T5774] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.711983][ T5774] ext4 filesystem being mounted at /198/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   90.717344][ T5786] loop0: detected capacity change from 0 to 1024
[   90.744421][ T5786] EXT4-fs: Ignoring removed orlov option
[   90.751139][ T3329] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.763809][ T5785] loop1: detected capacity change from 0 to 512
[   90.791549][ T5786] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.816147][ T5785] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.844753][ T5800] FAULT_INJECTION: forcing a failure.
[   90.844753][ T5800] name failslab, interval 1, probability 0, space 0, times 0
[   90.845584][ T5786] netlink: 8 bytes leftover after parsing attributes in process `syz.0.868'.
[   90.857869][ T5800] CPU: 0 UID: 0 PID: 5800 Comm: syz.4.871 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   90.857923][ T5800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   90.857944][ T5800] Call Trace:
[   90.857955][ T5800]  <TASK>
[   90.857966][ T5800]  __dump_stack+0x1d/0x30
[   90.857999][ T5800]  dump_stack_lvl+0xe8/0x140
[   90.858030][ T5800]  dump_stack+0x15/0x1b
[   90.858062][ T5800]  should_fail_ex+0x265/0x280
[   90.858109][ T5800]  ? __hw_addr_add_ex+0x15a/0x3e0
[   90.858138][ T5800]  should_failslab+0x8c/0xb0
[   90.858204][ T5800]  __kmalloc_cache_noprof+0x4c/0x4a0
[   90.858247][ T5800]  __hw_addr_add_ex+0x15a/0x3e0
[   90.858352][ T5800]  ? __pfx_wg_setup+0x10/0x10
[   90.858392][ T5800]  dev_addr_init+0xb1/0x120
[   90.858428][ T5800]  alloc_netdev_mqs+0x1ca/0xa40
[   90.858468][ T5800]  rtnl_create_link+0x239/0x6e0
[   90.858559][ T5800]  rtnl_newlink_create+0x14c/0x620
[   90.858645][ T5800]  ? security_capable+0x83/0x90
[   90.858677][ T5800]  rtnl_newlink+0xf5b/0x1360
[   90.858778][ T5800]  ? search_extable+0x53/0x80
[   90.858810][ T5800]  ? strncpy_from_user+0x183/0x260
[   90.858855][ T5800]  ? strncpy_from_user+0x183/0x260
[   90.858977][ T5800]  ? __memcg_slab_free_hook+0x135/0x230
[   90.859007][ T5800]  ? __rcu_read_unlock+0x4f/0x70
[   90.859057][ T5800]  ? avc_has_perm_noaudit+0x1b1/0x200
[   90.859100][ T5800]  ? cred_has_capability+0x210/0x280
[   90.859149][ T5800]  ? selinux_capable+0x31/0x40
[   90.859225][ T5800]  ? security_capable+0x83/0x90
[   90.859324][ T5800]  ? ns_capable+0x7d/0xb0
[   90.859418][ T5800]  ? __pfx_rtnl_newlink+0x10/0x10
[   90.859460][ T5800]  rtnetlink_rcv_msg+0x5fe/0x6d0
[   90.859512][ T5800]  netlink_rcv_skb+0x123/0x220
[   90.859548][ T5800]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   90.859717][ T5800]  rtnetlink_rcv+0x1c/0x30
[   90.859758][ T5800]  netlink_unicast+0x5c0/0x690
[   90.859791][ T5800]  netlink_sendmsg+0x58b/0x6b0
[   90.859863][ T5800]  ? __pfx_netlink_sendmsg+0x10/0x10
[   90.859900][ T5800]  __sock_sendmsg+0x145/0x180
[   90.859931][ T5800]  ____sys_sendmsg+0x31e/0x4a0
[   90.860033][ T5800]  ___sys_sendmsg+0x17b/0x1d0
[   90.860132][ T5800]  __x64_sys_sendmsg+0xd4/0x160
[   90.860176][ T5800]  x64_sys_call+0x17ba/0x3000
[   90.860209][ T5800]  do_syscall_64+0xd8/0x2a0
[   90.860241][ T5800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.860473][ T5800] RIP: 0033:0x7fc85ee8f749
[   90.860503][ T5800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.860529][ T5800] RSP: 002b:00007fc85d8ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   90.860559][ T5800] RAX: ffffffffffffffda RBX: 00007fc85f0e5fa0 RCX: 00007fc85ee8f749
[   90.860577][ T5800] RDX: 000000000000c0b0 RSI: 0000200000000280 RDI: 0000000000000004
[   90.860595][ T5800] RBP: 00007fc85d8ef090 R08: 0000000000000000 R09: 0000000000000000
[   90.860667][ T5800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   90.860684][ T5800] R13: 00007fc85f0e6038 R14: 00007fc85f0e5fa0 R15: 00007ffffff3c138
[   90.860711][ T5800]  </TASK>
[   90.886255][ T5785] ext4 filesystem being mounted at /202/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.086354][ T5809] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[   91.132886][ T5806] loop5: detected capacity change from 0 to 8192
[   91.232359][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.257715][ T5806] msdos: Unknown parameter 'A'
[   91.357776][ T3328] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.405090][ T5827] FAULT_INJECTION: forcing a failure.
[   91.405090][ T5827] name failslab, interval 1, probability 0, space 0, times 0
[   91.418292][ T5827] CPU: 0 UID: 0 PID: 5827 Comm: syz.5.884 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   91.418326][ T5827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   91.418416][ T5827] Call Trace:
[   91.418426][ T5827]  <TASK>
[   91.418490][ T5827]  __dump_stack+0x1d/0x30
[   91.418515][ T5827]  dump_stack_lvl+0xe8/0x140
[   91.418538][ T5827]  dump_stack+0x15/0x1b
[   91.418560][ T5827]  should_fail_ex+0x265/0x280
[   91.418583][ T5827]  should_failslab+0x8c/0xb0
[   91.418612][ T5827]  __kmalloc_noprof+0xa5/0x570
[   91.418716][ T5827]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[   91.418759][ T5827]  ? __kfree_skb+0x109/0x150
[   91.418783][ T5827]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[   91.418888][ T5827]  ? nlmon_xmit+0x4f/0x60
[   91.418931][ T5827]  genl_family_rcv_msg_doit+0x48/0x1b0
[   91.418986][ T5827]  ? genl_get_cmd+0x639/0x660
[   91.419039][ T5827]  genl_rcv_msg+0x422/0x460
[   91.419082][ T5827]  ? __pfx_tipc_nl_bearer_enable+0x10/0x10
[   91.419146][ T5827]  netlink_rcv_skb+0x123/0x220
[   91.419175][ T5827]  ? __pfx_genl_rcv_msg+0x10/0x10
[   91.419225][ T5827]  genl_rcv+0x28/0x40
[   91.419314][ T5827]  netlink_unicast+0x5c0/0x690
[   91.419338][ T5827]  netlink_sendmsg+0x58b/0x6b0
[   91.419375][ T5827]  ? __pfx_netlink_sendmsg+0x10/0x10
[   91.419432][ T5827]  __sock_sendmsg+0x145/0x180
[   91.419475][ T5827]  ____sys_sendmsg+0x31e/0x4a0
[   91.419512][ T5827]  ___sys_sendmsg+0x17b/0x1d0
[   91.419590][ T5827]  __x64_sys_sendmsg+0xd4/0x160
[   91.419647][ T5827]  x64_sys_call+0x17ba/0x3000
[   91.419679][ T5827]  do_syscall_64+0xd8/0x2a0
[   91.419708][ T5827]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.419830][ T5827] RIP: 0033:0x7fd65ebaf749
[   91.419850][ T5827] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.419874][ T5827] RSP: 002b:00007fd65d617038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   91.419899][ T5827] RAX: ffffffffffffffda RBX: 00007fd65ee05fa0 RCX: 00007fd65ebaf749
[   91.419993][ T5827] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[   91.420010][ T5827] RBP: 00007fd65d617090 R08: 0000000000000000 R09: 0000000000000000
[   91.420026][ T5827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.420117][ T5827] R13: 00007fd65ee06038 R14: 00007fd65ee05fa0 R15: 00007ffc5c21e468
[   91.420142][ T5827]  </TASK>
[   91.819898][ T5841] loop3: detected capacity change from 0 to 1024
[   91.896595][ T5841] EXT4-fs: Ignoring removed orlov option
[   91.943648][ T5841] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.960589][ T5851] ip6t_srh: unknown srh match flags  4000
[   91.983572][ T5845] loop4: detected capacity change from 0 to 8192
[   92.011413][ T5845] msdos: Unknown parameter 'A'
[   92.120398][ T5857] tipc: Started in network mode
[   92.127201][ T5857] tipc: Node identity ac14140f, cluster identity 4711
[   92.138065][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.148666][ T5857] tipc: New replicast peer: 255.255.255.83
[   92.154916][ T5857] tipc: Enabled bearer <udp:£>, priority 10
[   92.182657][   T29] kauditd_printk_skb: 557 callbacks suppressed
[   92.182672][   T29] audit: type=1326 audit(1764806325.460:6897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5861 comm="syz.3.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   92.213040][   T29] audit: type=1326 audit(1764806325.460:6898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5861 comm="syz.3.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   92.237266][   T29] audit: type=1326 audit(1764806325.460:6899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5861 comm="syz.3.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   92.261712][   T29] audit: type=1326 audit(1764806325.460:6900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5861 comm="syz.3.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   92.287942][   T29] audit: type=1326 audit(1764806325.460:6901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5861 comm="syz.3.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   92.312377][   T29] audit: type=1326 audit(1764806325.460:6902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5861 comm="syz.3.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   92.336699][   T29] audit: type=1326 audit(1764806325.460:6903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5861 comm="syz.3.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   92.361079][   T29] audit: type=1326 audit(1764806325.460:6904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5861 comm="syz.3.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   92.394063][   T29] audit: type=1326 audit(1764806325.590:6905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5861 comm="syz.3.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc63df62005 code=0x7ffc0000
[   92.420407][   T29] audit: type=1326 audit(1764806325.590:6906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5861 comm="syz.3.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   92.595236][ T5888] binfmt_misc: register: failed to install interpreter file ./file0
[   92.643433][ T5884] loop3: detected capacity change from 0 to 8192
[   92.686143][ T5884] msdos: Unknown parameter 'A'
[   92.708718][ T5891] loop4: detected capacity change from 0 to 512
[   92.732027][ T5891] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.909: bg 0: block 35: padding at end of block bitmap is not set
[   92.755034][ T5898] loop1: detected capacity change from 0 to 1024
[   92.766237][ T5898] EXT4-fs: Ignoring removed orlov option
[   92.799190][ T5898] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.815975][ T5891] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem
[   92.825186][ T5891] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.909: invalid indirect mapped block 4294967295 (level 1)
[   92.845015][ T5891] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.909: invalid indirect mapped block 4294967295 (level 2)
[   92.863405][ T5891] EXT4-fs (loop4): 1 truncate cleaned up
[   92.870267][ T5891] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.886462][ T5891] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   92.895146][ T5891] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   92.992962][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.060142][ T5911] loop1: detected capacity change from 0 to 1024
[   93.074511][ T5913] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5913 comm=syz.5.920
[   93.075115][ T5911] EXT4-fs: Ignoring removed orlov option
[   93.106104][ T5911] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.136150][ T5920] binfmt_misc: register: failed to install interpreter file ./file0
[   93.186009][    T9] tipc: Node number set to 2886997007
[   93.296776][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.320298][ T5931] loop3: detected capacity change from 0 to 8192
[   93.337426][ T5931] msdos: Unknown parameter 'A'
[   93.415933][ T5944] FAULT_INJECTION: forcing a failure.
[   93.415933][ T5944] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   93.430012][ T5944] CPU: 0 UID: 0 PID: 5944 Comm: syz.3.934 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   93.430049][ T5944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   93.430067][ T5944] Call Trace:
[   93.430083][ T5944]  <TASK>
[   93.430092][ T5944]  __dump_stack+0x1d/0x30
[   93.430202][ T5944]  dump_stack_lvl+0xe8/0x140
[   93.430232][ T5944]  dump_stack+0x15/0x1b
[   93.430287][ T5944]  should_fail_ex+0x265/0x280
[   93.430318][ T5944]  should_fail+0xb/0x20
[   93.430344][ T5944]  should_fail_usercopy+0x1a/0x20
[   93.430370][ T5944]  _copy_from_user+0x1c/0xb0
[   93.430482][ T5944]  ___sys_sendmsg+0xc1/0x1d0
[   93.430527][ T5944]  __x64_sys_sendmsg+0xd4/0x160
[   93.430565][ T5944]  x64_sys_call+0x17ba/0x3000
[   93.430616][ T5944]  do_syscall_64+0xd8/0x2a0
[   93.430640][ T5944]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.430667][ T5944] RIP: 0033:0x7fc63df2f749
[   93.430686][ T5944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.430720][ T5944] RSP: 002b:00007fc63c997038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   93.430746][ T5944] RAX: ffffffffffffffda RBX: 00007fc63e185fa0 RCX: 00007fc63df2f749
[   93.430764][ T5944] RDX: 0000000000000040 RSI: 0000200000000600 RDI: 0000000000000004
[   93.430780][ T5944] RBP: 00007fc63c997090 R08: 0000000000000000 R09: 0000000000000000
[   93.430793][ T5944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.430864][ T5944] R13: 00007fc63e186038 R14: 00007fc63e185fa0 R15: 00007fff97f336c8
[   93.430890][ T5944]  </TASK>
[   93.452400][ T5949] binfmt_misc: register: failed to install interpreter file ./file0
[   93.590759][ T5956] tmpfs: Bad value for 'mpol'
[   93.778297][ T5976] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=5976 comm=syz.3.942
[   93.792019][ T5976] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=5976 comm=syz.3.942
[   93.805497][ T5976] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=44 sclass=netlink_tcpdiag_socket pid=5976 comm=syz.3.942
[   93.841226][ T5976] loop3: detected capacity change from 0 to 1024
[   93.849306][ T5976] EXT4-fs: Ignoring removed orlov option
[   93.874834][ T5976] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.162289][ T5974] loop0: detected capacity change from 0 to 1024
[   94.169218][ T5974] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   94.187199][ T5991] binfmt_misc: register: failed to install interpreter file ./file0
[   94.313905][ T5997] veth0: entered promiscuous mode
[   94.331630][ T6001] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12)
[   94.339307][ T6001] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   94.347824][ T6001] vhci_hcd vhci_hcd.0: Device attached
[   94.356639][ T6007] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   94.375775][ T6001] vhci_hcd vhci_hcd.0: pdev(0) rhport(2) sockfd(14)
[   94.384396][ T6001] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   94.392766][ T6001] vhci_hcd vhci_hcd.0: Device attached
[   94.410302][ T6001] vhci_hcd vhci_hcd.0: pdev(0) rhport(3) sockfd(18)
[   94.419045][ T6001] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   94.429166][ T6001] vhci_hcd vhci_hcd.0: Device attached
[   94.439899][ T6001] vhci_hcd vhci_hcd.0: pdev(0) rhport(4) sockfd(20)
[   94.447876][ T6001] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   94.459122][ T6001] vhci_hcd vhci_hcd.0: Device attached
[   94.476391][ T6001] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   94.489657][ T6001] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   94.500088][ T6001] vhci_hcd vhci_hcd.0: pdev(0) rhport(7) sockfd(26)
[   94.507605][ T6001] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   94.518125][ T6001] vhci_hcd vhci_hcd.0: Device attached
[   94.535766][    T9] vhci_hcd: vhci_device speed not set
[   94.547696][ T6020] vhci_hcd: connection closed
[   94.547847][ T6016] vhci_hcd: connection closed
[   94.553561][ T6012] vhci_hcd: connection closed
[   94.558808][ T6008] vhci_hcd: connection closed
[   94.564057][ T6003] vhci_hcd: connection closed
[   94.570418][  T826] vhci_hcd: stop threads
[   94.571694][ T6025] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   94.575531][  T826] vhci_hcd: release socket
[   94.575552][  T826] vhci_hcd: disconnect device
[   94.603676][ T6027] binfmt_misc: register: failed to install interpreter file ./file0
[   94.618143][  T826] vhci_hcd: stop threads
[   94.622631][  T826] vhci_hcd: release socket
[   94.627236][  T826] vhci_hcd: disconnect device
[   94.632873][  T826] vhci_hcd: stop threads
[   94.632933][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.637731][  T826] vhci_hcd: release socket
[   94.653159][  T826] vhci_hcd: disconnect device
[   94.669928][  T826] vhci_hcd: stop threads
[   94.672303][ T6029] netlink: 'syz.5.961': attribute type 3 has an invalid length.
[   94.674461][  T826] vhci_hcd: release socket
[   94.687844][  T826] vhci_hcd: disconnect device
[   94.693525][    T9] usb 1-1: new full-speed USB device number 2 using vhci_hcd
[   94.701168][ T6006] vhci_hcd: sendmsg failed!, ret=-32 for 48
[   94.707733][  T826] vhci_hcd: stop threads
[   94.712439][  T826] vhci_hcd: release socket
[   94.717178][  T826] vhci_hcd: disconnect device
[   94.769908][ T6037] FAULT_INJECTION: forcing a failure.
[   94.769908][ T6037] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   94.783139][ T6037] CPU: 0 UID: 0 PID: 6037 Comm: syz.5.964 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   94.783205][ T6037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   94.783222][ T6037] Call Trace:
[   94.783231][ T6037]  <TASK>
[   94.783241][ T6037]  __dump_stack+0x1d/0x30
[   94.783288][ T6037]  dump_stack_lvl+0xe8/0x140
[   94.783312][ T6037]  dump_stack+0x15/0x1b
[   94.783335][ T6037]  should_fail_ex+0x265/0x280
[   94.783393][ T6037]  should_fail+0xb/0x20
[   94.783457][ T6037]  should_fail_usercopy+0x1a/0x20
[   94.783482][ T6037]  strncpy_from_user+0x27/0x260
[   94.783578][ T6037]  ? __kmalloc_cache_noprof+0x249/0x4a0
[   94.783644][ T6037]  __se_sys_memfd_create+0x1f6/0x5f0
[   94.783674][ T6037]  __x64_sys_memfd_create+0x31/0x40
[   94.783695][ T6037]  x64_sys_call+0x28cb/0x3000
[   94.783764][ T6037]  do_syscall_64+0xd8/0x2a0
[   94.783813][ T6037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.783838][ T6037] RIP: 0033:0x7fd65ebaf749
[   94.783857][ T6037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.783914][ T6037] RSP: 002b:00007fd65d616e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   94.783939][ T6037] RAX: ffffffffffffffda RBX: 000000000000046f RCX: 00007fd65ebaf749
[   94.783956][ T6037] RDX: 00007fd65d616ef0 RSI: 0000000000000000 RDI: 00007fd65ec34960
[   94.783981][ T6037] RBP: 0000200000000bc0 R08: 00007fd65d616bb7 R09: 00007fd65d616e40
[   94.783997][ T6037] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0
[   94.784014][ T6037] R13: 00007fd65d616ef0 R14: 00007fd65d616eb0 R15: 0000200000000340
[   94.784039][ T6037]  </TASK>
[   94.999508][ T6041] __nla_validate_parse: 22 callbacks suppressed
[   94.999528][ T6041] netlink: 4 bytes leftover after parsing attributes in process `syz.5.966'.
[   95.016065][ T6041] netlink: 4 bytes leftover after parsing attributes in process `syz.5.966'.
[   95.045295][ T6043] netlink: 96 bytes leftover after parsing attributes in process `syz.5.967'.
[   95.070875][ T6044] netlink: 'syz.3.965': attribute type 7 has an invalid length.
[   95.087243][ T6044] loop3: detected capacity change from 0 to 1024
[   95.105257][ T6044] EXT4-fs: Ignoring removed orlov option
[   95.116122][ T6044] EXT4-fs (loop3): Invalid log block size: 27052
[   95.220744][ T6054] binfmt_misc: register: failed to install interpreter file ./file0
[   95.393679][ T6068] netlink: 96 bytes leftover after parsing attributes in process `syz.0.978'.
[   95.409928][ T6033] loop1: detected capacity change from 0 to 1024
[   95.422044][ T6033] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   95.497784][ T6075] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 2, id = 0
[   95.522376][ T6072] IPVS: stopping master sync thread 6075 ...
[   95.564438][ T6079] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=6079 comm=syz.0.982
[   95.577969][ T6079] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=6079 comm=syz.0.982
[   95.592063][ T6079] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=44 sclass=netlink_tcpdiag_socket pid=6079 comm=syz.0.982
[   95.608078][ T3329] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.611096][ T6083] binfmt_misc: register: failed to install interpreter file ./file0
[   95.626665][ T6081] loop1: detected capacity change from 0 to 1024
[   95.656266][ T6085] netlink: 96 bytes leftover after parsing attributes in process `syz.0.986'.
[   95.668916][ T6081] EXT4-fs: Ignoring removed orlov option
[   95.708449][ T6081] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.744052][ T6092] loop5: detected capacity change from 0 to 164
[   95.754736][ T6081] netlink: 8 bytes leftover after parsing attributes in process `syz.1.983'.
[   95.788865][ T6095] netlink: 96 bytes leftover after parsing attributes in process `syz.0.990'.
[   95.901321][ T6102] netlink: 'syz.5.993': attribute type 1 has an invalid length.
[   95.919099][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.958509][ T6102] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[   95.987933][ T6111] binfmt_misc: register: failed to install interpreter file ./file0
[   96.009649][ T6102] bond1: (slave vxcan3): Error -95 calling set_mac_address
[   96.032144][ T6114] gretap1: entered promiscuous mode
[   96.041508][ T6114] bond1: (slave gretap1): making interface the new active one
[   96.050064][ T6114] bond1: (slave gretap1): Enslaving as an active interface with an up link
[   96.067726][ T6114] macvlan2: entered promiscuous mode
[   96.073114][ T6114] macvlan2: entered allmulticast mode
[   96.080102][ T6114] bond1: entered promiscuous mode
[   96.086238][ T6114] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   96.099089][ T6114] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1
[   96.111743][ T6114] bond1: left promiscuous mode
[   96.127066][ T6113] veth0: entered promiscuous mode
[   96.132989][ T6113] veth0: entered allmulticast mode
[   96.143298][ T6116] netlink: 96 bytes leftover after parsing attributes in process `syz.4.999'.
[   96.191533][ T6126] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6126 comm=syz.3.1003
[   96.232899][ T6126] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1003'.
[   96.244312][ T6130] loop5: detected capacity change from 0 to 1024
[   96.259937][ T6130] EXT4-fs: Ignoring removed orlov option
[   96.268061][ T6126] vlan2: entered allmulticast mode
[   96.274421][ T6126] dummy0: entered allmulticast mode
[   96.282778][ T6132] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1006'.
[   96.296854][ T6130] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.362177][ T6140] loop1: detected capacity change from 0 to 2048
[   96.430172][ T4472]  loop1: p1 < > p4
[   96.430941][ T4472] loop1: p4 size 8388608 extends beyond EOD, truncated
[   96.447338][ T5350] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.459045][ T6140]  loop1: p1 < > p4
[   96.459774][ T6140] loop1: p4 size 8388608 extends beyond EOD, truncated
[   96.645649][ T6167] loop3: detected capacity change from 0 to 512
[   96.676180][ T6167] EXT4-fs: journaled quota format not specified
[   96.738114][ T6170] loop4: detected capacity change from 0 to 1024
[   96.769662][ T6170] EXT4-fs: Ignoring removed orlov option
[   96.801587][ T6170] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.963424][ T6189] netlink: 'syz.1.1031': attribute type 3 has an invalid length.
[   96.968877][ T3329] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.093335][ T6197] Illegal XDP return value 3552082574 on prog  (id 560) dev N/A, expect packet loss!
[   97.283998][ T6216] loop4: detected capacity change from 0 to 1024
[   97.303544][ T6216] EXT4-fs: Ignoring removed orlov option
[   97.319021][ T6220] bridge_slave_1: left allmulticast mode
[   97.325342][ T6220] bridge_slave_1: left promiscuous mode
[   97.335387][ T6220] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.376190][ T6220] bridge_slave_0: left allmulticast mode
[   97.383920][ T6220] bridge_slave_0: left promiscuous mode
[   97.391582][ T6220] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.431292][ T6216] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.458483][ T6226] loop3: detected capacity change from 0 to 128
[   97.475134][   T29] kauditd_printk_skb: 486 callbacks suppressed
[   97.475152][   T29] audit: type=1326 audit(1764806330.750:7393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6222 comm="syz.3.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   97.520290][   T29] audit: type=1326 audit(1764806330.800:7394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6222 comm="syz.3.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   97.559492][ T6168] loop0: detected capacity change from 0 to 1024
[   97.566636][ T6168] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   97.577177][   T29] audit: type=1326 audit(1764806330.800:7395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6222 comm="syz.3.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc63df2f783 code=0x7ffc0000
[   97.603099][   T29] audit: type=1326 audit(1764806330.800:7396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6222 comm="syz.3.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc63df2f783 code=0x7ffc0000
[   97.628272][   T29] audit: type=1326 audit(1764806330.800:7397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6222 comm="syz.3.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   97.655094][   T29] audit: type=1326 audit(1764806330.810:7398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6222 comm="syz.3.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc63df2e1ff code=0x7ffc0000
[   97.682142][   T29] audit: type=1326 audit(1764806330.810:7399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6222 comm="syz.3.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   97.710171][   T29] audit: type=1326 audit(1764806330.810:7400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6222 comm="syz.3.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   97.740231][   T29] audit: type=1326 audit(1764806330.810:7401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6222 comm="syz.3.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   97.767541][   T29] audit: type=1326 audit(1764806330.810:7402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6222 comm="syz.3.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63df2f749 code=0x7ffc0000
[   97.877409][ T3329] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.932931][ T6234] binfmt_misc: register: failed to install interpreter file ./file0
[   97.998113][ T6239] lo speed is unknown, defaulting to 1000
[   98.006159][ T6239] lo speed is unknown, defaulting to 1000
[   98.012640][ T6239] lo speed is unknown, defaulting to 1000
[   98.020577][ T6239] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   98.054843][ T6239] lo speed is unknown, defaulting to 1000
[   98.062599][ T6239] lo speed is unknown, defaulting to 1000
[   98.070403][ T6239] lo speed is unknown, defaulting to 1000
[   98.080977][ T6239] lo speed is unknown, defaulting to 1000
[   98.089394][ T6239] lo speed is unknown, defaulting to 1000
[   98.097600][ T6239] lo speed is unknown, defaulting to 1000
[   98.125972][ T6251] netlink: 'syz.0.1053': attribute type 10 has an invalid length.
[   98.142198][ T6251] ipvlan0: entered allmulticast mode
[   98.148383][ T6251] veth0_vlan: entered allmulticast mode
[   98.159318][ T6251] team0: Device ipvlan0 failed to register rx_handler
[   98.237528][ T6265] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=6265 comm=syz.1.1057
[   98.251227][ T6265] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=6265 comm=syz.1.1057
[   98.269185][ T6265] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=44 sclass=netlink_tcpdiag_socket pid=6265 comm=syz.1.1057
[   98.290837][ T6265] loop1: detected capacity change from 0 to 1024
[   98.299181][ T6265] EXT4-fs: Ignoring removed orlov option
[   98.326462][ T6269] loop4: detected capacity change from 0 to 1024
[   98.328238][ T6265] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.361077][ T6269] EXT4-fs: Ignoring removed orlov option
[   98.378981][ T6269] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.461501][ T3329] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.592905][ T6294] netlink: 'syz.5.1069': attribute type 10 has an invalid length.
[   98.602153][ T6294] batman_adv: batadv0: Adding interface: veth1_vlan
[   98.609245][ T6294] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   98.644828][ T6294] batman_adv: batadv0: Interface activated: veth1_vlan
[   98.677089][ T6300] loop4: detected capacity change from 0 to 128
[   98.916332][ T6304] loop5: detected capacity change from 0 to 164
[   99.076791][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.120759][ T6309] loop1: detected capacity change from 0 to 512
[   99.129465][ T6309] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   99.141467][ T6309] EXT4-fs (loop1): 1 truncate cleaned up
[   99.150212][ T6309] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.189583][ T6309] netlink: 'syz.1.1074': attribute type 10 has an invalid length.
[   99.199312][ T6309] ipvlan0: entered allmulticast mode
[   99.204714][ T6309] veth0_vlan: entered allmulticast mode
[   99.212426][ T6309] team0: Device ipvlan0 failed to register rx_handler
[   99.234850][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.503081][ T6329] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=6329 comm=syz.0.1084
[   99.516685][ T6329] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=6329 comm=syz.0.1084
[   99.534711][ T6329] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=44 sclass=netlink_tcpdiag_socket pid=6329 comm=syz.0.1084
[   99.557898][ T6329] loop0: detected capacity change from 0 to 1024
[   99.566856][ T6329] EXT4-fs: Ignoring removed orlov option
[   99.606885][ T6329] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.648912][ T6335] binfmt_misc: register: failed to install interpreter file ./file0
[   99.706409][    T9] usb 1-1: enqueue for inactive port 0
[   99.732235][    T9] usb 1-1: enqueue for inactive port 0
[   99.783684][ T6347] loop4: detected capacity change from 0 to 512
[   99.792292][ T6347] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   99.806109][ T6350] ip6t_srh: unknown srh match flags  4000
[   99.816111][ T6347] EXT4-fs (loop4): 1 truncate cleaned up
[   99.824513][ T6347] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.848546][    T9] vhci_hcd: vhci_device speed not set
[   99.871472][ T3329] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.051324][ T6359] loop4: detected capacity change from 0 to 512
[  100.065887][ T6359] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1093: bg 0: block 35: padding at end of block bitmap is not set
[  100.084070][ T6359] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  100.093907][ T6359] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.1093: invalid indirect mapped block 4294967295 (level 1)
[  100.111893][ T6359] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.1093: invalid indirect mapped block 4294967295 (level 2)
[  100.128597][ T6359] EXT4-fs (loop4): 1 truncate cleaned up
[  100.135192][ T6359] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.150156][ T6359] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  100.158992][ T6359] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  100.329185][ T3328] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.472882][ T6368] __nla_validate_parse: 24 callbacks suppressed
[  100.472901][ T6368] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1097'.
[  100.562747][ T6370] binfmt_misc: register: failed to install interpreter file ./file0
[  100.652513][ T6378] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1102'.
[  100.664007][ T6376] binfmt_misc: register: failed to install interpreter file ./file0
[  100.726606][ T6382] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=6382 comm=syz.5.1104
[  100.740122][ T6382] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=6382 comm=syz.5.1104
[  100.755873][ T6382] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=44 sclass=netlink_tcpdiag_socket pid=6382 comm=syz.5.1104
[  100.781140][ T6382] loop5: detected capacity change from 0 to 1024
[  100.790602][ T6382] EXT4-fs: Ignoring removed orlov option
[  100.833416][ T6384] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1105'.
[  100.849378][ T6382] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.866688][ T6384] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1105'.
[  100.964199][ T6394] netlink: 'syz.0.1109': attribute type 1 has an invalid length.
[  101.002810][ T6394] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  101.017733][ T6394] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  101.048800][ T6402] gretap1: entered promiscuous mode
[  101.058514][ T6402] bond1: (slave gretap1): making interface the new active one
[  101.067451][ T6402] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  101.158612][ T6409] loop0: detected capacity change from 0 to 2048
[  101.216292][ T4472]  loop0: p1 < > p4
[  101.223753][ T4472] loop0: p4 size 8388608 extends beyond EOD, truncated
[  101.238830][ T6409]  loop0: p1 < > p4
[  101.245574][ T6409] loop0: p4 size 8388608 extends beyond EOD, truncated
[  101.305336][ T6414] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1116'.
[  101.331200][ T4472] udevd[4472]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  101.332997][ T3646] udevd[3646]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  101.401332][ T6416] lo speed is unknown, defaulting to 1000
[  101.434336][ T6416] netlink: 'syz.0.1117': attribute type 4 has an invalid length.
[  101.445945][ T6416] netlink: 'syz.0.1117': attribute type 4 has an invalid length.
[  101.933021][ T6428] SELinux: failed to load policy
[  101.941161][ T6430] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1123'.
[  101.961801][ T6432] loop3: detected capacity change from 0 to 256
[  102.024503][ T6434] netlink: 'syz.3.1125': attribute type 7 has an invalid length.
[  102.042221][ T6436] veth0_to_team: entered promiscuous mode
[  102.062937][ T6438] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1127'.
[  102.183229][ T6444] netlink: 'syz.1.1130': attribute type 1 has an invalid length.
[  102.206776][ T6444] bond1: (slave vxcan5): The slave device specified does not support setting the MAC address
[  102.220696][ T6444] bond1: (slave vxcan5): Error -95 calling set_mac_address
[  102.255674][ T6448] gretap1: entered promiscuous mode
[  102.263430][ T6448] bond1: (slave gretap1): making interface the new active one
[  102.275495][ T6448] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  102.431183][ T6462] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1136'.
[  102.515458][   T29] kauditd_printk_skb: 884 callbacks suppressed
[  102.515478][   T29] audit: type=1326 audit(1764806335.790:8287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6452 comm="syz.1.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[  102.552791][   T29] audit: type=1326 audit(1764806335.790:8288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6452 comm="syz.1.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93ecbdf749 code=0x7ffc0000
[  102.593536][   T29] audit: type=1326 audit(1764806335.800:8289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6471 comm="syz.5.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd65ebaf749 code=0x7ffc0000
[  102.598802][ T6476] process 'syz.0.1142' launched '/dev/fd/4' with NULL argv: empty string added
[  102.618767][   T29] audit: type=1326 audit(1764806335.800:8290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6471 comm="syz.5.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd65ebaf749 code=0x7ffc0000
[  102.630258][ T6474] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1141'.
[  102.657266][   T29] audit: type=1326 audit(1764806335.800:8291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6471 comm="syz.5.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd65ebaf749 code=0x7ffc0000
[  102.657316][   T29] audit: type=1326 audit(1764806335.800:8292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6471 comm="syz.5.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd65ebaf749 code=0x7ffc0000
[  102.657353][   T29] audit: type=1326 audit(1764806335.800:8293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6471 comm="syz.5.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd65ebaf749 code=0x7ffc0000
[  102.700961][ T6474] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1141'.
[  102.724788][   T29] audit: type=1326 audit(1764806335.800:8294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6471 comm="syz.5.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd65ebaf749 code=0x7ffc0000
[  102.801321][   T29] audit: type=1326 audit(1764806335.800:8295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6471 comm="syz.5.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd65ebaf749 code=0x7ffc0000
[  102.814083][ T6478] netlink: 'syz.0.1143': attribute type 1 has an invalid length.
[  102.834671][   T29] audit: type=1326 audit(1764806335.800:8296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6471 comm="syz.5.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7fd65ebaf749 code=0x7ffc0000
[  102.867742][ T6478] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  102.905387][ T6478] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  103.005794][ T6488] FAULT_INJECTION: forcing a failure.
[  103.005794][ T6488] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  103.019537][ T6488] CPU: 1 UID: 0 PID: 6488 Comm: syz.5.1148 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  103.019571][ T6488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  103.019587][ T6488] Call Trace:
[  103.019596][ T6488]  <TASK>
[  103.019607][ T6488]  __dump_stack+0x1d/0x30
[  103.019732][ T6488]  dump_stack_lvl+0xe8/0x140
[  103.019756][ T6488]  dump_stack+0x15/0x1b
[  103.019787][ T6488]  should_fail_ex+0x265/0x280
[  103.019841][ T6488]  should_fail+0xb/0x20
[  103.019868][ T6488]  should_fail_usercopy+0x1a/0x20
[  103.019898][ T6488]  _copy_from_user+0x1c/0xb0
[  103.019937][ T6488]  ___sys_sendmsg+0xc1/0x1d0
[  103.019992][ T6488]  __x64_sys_sendmsg+0xd4/0x160
[  103.020095][ T6488]  x64_sys_call+0x17ba/0x3000
[  103.020127][ T6488]  do_syscall_64+0xd8/0x2a0
[  103.020171][ T6488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.020194][ T6488] RIP: 0033:0x7fd65ebaf749
[  103.020210][ T6488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.020232][ T6488] RSP: 002b:00007fd65d617038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  103.020258][ T6488] RAX: ffffffffffffffda RBX: 00007fd65ee05fa0 RCX: 00007fd65ebaf749
[  103.020275][ T6488] RDX: 0000000000000040 RSI: 0000200000000600 RDI: 0000000000000004
[  103.020355][ T6488] RBP: 00007fd65d617090 R08: 0000000000000000 R09: 0000000000000000
[  103.020377][ T6488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.020394][ T6488] R13: 00007fd65ee06038 R14: 00007fd65ee05fa0 R15: 00007ffc5c21e468
[  103.020414][ T6488]  </TASK>
[  103.209802][ T6491] loop0: detected capacity change from 0 to 512
[  103.257601][ T6491] EXT4-fs: Ignoring removed nobh option
[  103.275345][ T6491] EXT4-fs: quotafile must be on filesystem root
[  103.323921][ T6491] loop0: detected capacity change from 0 to 512
[  103.336484][ T6502] loop5: detected capacity change from 0 to 1024
[  103.364333][ T6502] EXT4-fs: Ignoring removed orlov option
[  103.384741][ T6491] EXT4-fs mount: 2 callbacks suppressed
[  103.384795][ T6491] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.413932][ T6502] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.429469][ T6513] FAULT_INJECTION: forcing a failure.
[  103.429469][ T6513] name failslab, interval 1, probability 0, space 0, times 0
[  103.437950][ T6491] ext4 filesystem being mounted at /250/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.444471][ T6513] CPU: 1 UID: 0 PID: 6513 Comm: syz.1.1157 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  103.444513][ T6513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  103.444583][ T6513] Call Trace:
[  103.444594][ T6513]  <TASK>
[  103.444606][ T6513]  __dump_stack+0x1d/0x30
[  103.444639][ T6513]  dump_stack_lvl+0xe8/0x140
[  103.444710][ T6513]  dump_stack+0x15/0x1b
[  103.444737][ T6513]  should_fail_ex+0x265/0x280
[  103.444787][ T6513]  should_failslab+0x8c/0xb0
[  103.444827][ T6513]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  103.444867][ T6513]  ? __alloc_skb+0x101/0x320
[  103.444953][ T6513]  __alloc_skb+0x101/0x320
[  103.444983][ T6513]  netlink_alloc_large_skb+0xbf/0xf0
[  103.445123][ T6513]  netlink_sendmsg+0x3cf/0x6b0
[  103.445219][ T6513]  ? __pfx_netlink_sendmsg+0x10/0x10
[  103.445257][ T6513]  __sock_sendmsg+0x145/0x180
[  103.445397][ T6513]  ____sys_sendmsg+0x31e/0x4a0
[  103.445438][ T6513]  ___sys_sendmsg+0x17b/0x1d0
[  103.445518][ T6513]  __x64_sys_sendmsg+0xd4/0x160
[  103.445559][ T6513]  x64_sys_call+0x17ba/0x3000
[  103.445598][ T6513]  do_syscall_64+0xd8/0x2a0
[  103.445699][ T6513]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.445753][ T6513] RIP: 0033:0x7f93ecbdf749
[  103.445777][ T6513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.445803][ T6513] RSP: 002b:00007f93eb63f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  103.445831][ T6513] RAX: ffffffffffffffda RBX: 00007f93ece35fa0 RCX: 00007f93ecbdf749
[  103.445889][ T6513] RDX: 0000000000004000 RSI: 0000200000000480 RDI: 0000000000000003
[  103.445907][ T6513] RBP: 00007f93eb63f090 R08: 0000000000000000 R09: 0000000000000000
[  103.445928][ T6513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.445946][ T6513] R13: 00007f93ece36038 R14: 00007f93ece35fa0 R15: 00007ffcf12e60e8
[  103.445975][ T6513]  </TASK>
[  103.661957][ T6491] EXT4-fs error (device loop0): ext4_xattr_block_get:597: inode #15: comm syz.0.1149: corrupted xattr block 33: overlapping e_value 
[  103.676488][ T6491] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=15
[  103.685615][ T6491] EXT4-fs error (device loop0): ext4_xattr_block_get:597: inode #15: comm syz.0.1149: corrupted xattr block 33: overlapping e_value 
[  103.699859][ T6491] EXT4-fs error (device loop0): ext4_xattr_block_get:597: inode #15: comm syz.0.1149: corrupted xattr block 33: overlapping e_value 
[  103.714116][ T6491] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=15
[  103.725942][ T6491] EXT4-fs error (device loop0): ext4_get_inode_usage:888: inode #15: comm syz.0.1149: corrupted xattr block 33: overlapping e_value 
[  103.761995][ T6517] sctp: [Deprecated]: syz.5.1154 (pid 6517) Use of struct sctp_assoc_value in delayed_ack socket option.
[  103.761995][ T6517] Use struct sctp_sack_info instead
[  103.823653][ T3328] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.087207][ T6502] ==================================================================
[  104.095822][ T6502] BUG: KCSAN: data-race in filemap_splice_read / filemap_splice_read
[  104.105183][ T6502] 
[  104.107544][ T6502] write to 0xffff88811ba99168 of 8 bytes by task 6516 on cpu 1:
[  104.116112][ T6502]  filemap_splice_read+0x4f4/0x740
[  104.121654][ T6502]  ext4_file_splice_read+0x8f/0xb0
[  104.126987][ T6502]  splice_direct_to_actor+0x26f/0x680
[  104.132859][ T6502]  do_splice_direct+0xda/0x150
[  104.138042][ T6502]  do_sendfile+0x380/0x650
[  104.142905][ T6502]  __x64_sys_sendfile64+0x105/0x150
[  104.149048][ T6502]  x64_sys_call+0x2db1/0x3000
[  104.153753][ T6502]  do_syscall_64+0xd8/0x2a0
[  104.158396][ T6502]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.164665][ T6502] 
[  104.167034][ T6502] write to 0xffff88811ba99168 of 8 bytes by task 6502 on cpu 0:
[  104.175048][ T6502]  filemap_splice_read+0x4f4/0x740
[  104.180734][ T6502]  ext4_file_splice_read+0x8f/0xb0
[  104.186047][ T6502]  splice_direct_to_actor+0x26f/0x680
[  104.191486][ T6502]  do_splice_direct+0xda/0x150
[  104.196652][ T6502]  do_sendfile+0x380/0x650
[  104.201341][ T6502]  __x64_sys_sendfile64+0x105/0x150
[  104.206863][ T6502]  x64_sys_call+0x2db1/0x3000
[  104.211908][ T6502]  do_syscall_64+0xd8/0x2a0
[  104.217134][ T6502]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.224051][ T6502] 
[  104.226569][ T6502] value changed: 0x0000000000000502 -> 0x0000000000000503
[  104.234170][ T6502] 
[  104.237050][ T6502] Reported by Kernel Concurrency Sanitizer on:
[  104.243354][ T6502] CPU: 0 UID: 0 PID: 6502 Comm: syz.5.1154 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  104.253103][ T6502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  104.263632][ T6502] ==================================================================
[  104.374159][ T5350] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.