last executing test programs:

26.533530826s ago: executing program 2 (id=663):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80a, &(0x7f0000000940)={[{@barrier_val}, {@resuid}, {@block_validity}, {@errors_remount}]}, 0x1, 0x79b, &(0x7f0000000180)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, 0x0)

26.449543593s ago: executing program 2 (id=665):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2, 0x100)
mkdirat(r4, &(0x7f0000000400)='./file0\x00', 0x0)
ioctl$TCFLSH(r3, 0x80045430, 0x7ffffffffffffffe)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x25}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r5}, 0x8)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000080), 0x200}, 0x38)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000440)="d800000018007b7be00212ba0d0505040ad43f00000f040b067c55a1bc000900b80006990300000015000500fe800000000000000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b3162700e06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5005ccca262f3d40fad95667e04adcdf63cc1f215ce3bb9ad8ffd5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd601edef3d93452a92307f00000e97031e9f05e9f16e07000000", 0xd4}, {&(0x7f0000000100)="d8bcf4de", 0x4}], 0x2, 0x0, 0x0, 0x2663}, 0x0)
bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0), 0x0, 0x3}, 0x38)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r8}, 0x18)
process_vm_writev(0x0, &(0x7f0000000500)=[{0x0}, {0xffffffffffffffff}, {0xfffffffffffffffc}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, 0x0, 0x0, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x4, &(0x7f0000000c40)=ANY=[@ANYRES64=r0, @ANYBLOB="0f15d95142eb952d79db069b338c1feb9c7f5886f4d05d02c0f34933fde2b2174d269be79f21cef0cd488bdc2daa458d85f94f9077bcd4a7bfdae89e656443f871204e552b77584ddfe50f7ef35c7defd8def91daf9c7e14c4869e582f1304d74932d11c95a33f699399f845c1cf392fc304cb06dc9b21df553c15a862c9564264ab992077cf68f463785a5c63f0d1f3e954b2208cdfc3066fef672144cce49f58a486279842d8ce5017b18b27a538270b0182d6cccc2fcdd5c4e2058604a8f7519e90c2044ac1c2e6c8188cff9629a5072ba3b9f084d7e0d361cb0831777c55ddd9", @ANYRESDEC, @ANYRES8=r1, @ANYRES64=0x0], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r10 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r10, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
sendmsg$IPVS_CMD_GET_CONFIG(r0, &(0x7f0000000700)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000600)={&(0x7f0000000680)=ANY=[@ANYBLOB="00010000", @ANYRES16=0x0, @ANYBLOB="080026bd7000fedbdf250d000000080004000d000000340002800800050005000000060002004e2400000800070001000000060002004e21000006000e004e23000005000d0002000000"], 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x40)

26.367202739s ago: executing program 2 (id=667):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0xffffdffffffffffe}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000508000a40000000000900020073797a31000000000900010073797a300000000008000540000000213c0000001e0a05010000000000000000070000070900020073797a31000000000900010073797a3000000000100003800c0000800800034000000002"], 0xc0}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, r1, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2}, 0x50)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r5=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000f000000050030000000000005002f000000000008000300", @ANYRES32=r5], 0x2c}}, 0x0)

26.366793269s ago: executing program 2 (id=668):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000170000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000feffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000200)='kmem_cache_free\x00', r1, 0x0, 0x4ee}, 0x18)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0xa0835c, &(0x7f0000000180)={[{@nojournal_checksum}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@dioread_nolock}, {@usrjquota}, {@oldalloc}, {@block_validity}]}, 0x2, 0x44a, &(0x7f0000000880)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c")
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x1c0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0) (fail_nth: 1)

25.976693141s ago: executing program 2 (id=672):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0xffffdffffffffffe}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000508000a40000000000900020073797a31000000000900010073797a300000000008000540000000213c0000001e0a05010000000000000000070000070900020073797a31000000000900010073797a3000000000100003800c0000800800034000000002"], 0xc0}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, r0, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2}, 0x50)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r4=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000f000000050030000000000005002f000000000008000300", @ANYRES32=r4], 0x2c}}, 0x0)

25.751912109s ago: executing program 2 (id=674):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000000101010200000000000000000a00000024"], 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x0)
open_tree(0xffffffffffffffff, &(0x7f0000000100)='.\x00', 0x80800)

25.717729151s ago: executing program 32 (id=674):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000000101010200000000000000000a00000024"], 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x0)
open_tree(0xffffffffffffffff, &(0x7f0000000100)='.\x00', 0x80800)

4.73909857s ago: executing program 1 (id=1157):
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
syz_read_part_table(0x5eb, &(0x7f0000000f00)="$eJzs2zFo1FccB/DfxRwHSnFxclIHKcVFcfQoKnenohBOsxQpBhQRbzpBOOlBig56FMUbxG4uVrhF7ZTLDZkSEsjUIYQMKYEMWVqSJZClV+7yCm1KSq8kBeHz4eDHe//f/33fO976Dz5pQ/Frt9vNRET3p4gDA7492ioULx8bOV++EZGJmxHx9fef/9B7kkkd3dx2PZHGy2n89s3BzrONS9nW0vXNk7emG0N/LDne/8Whd+3RPTge++x9fubw4yfV0vNa/t5iqb76dGH+2of1Qrl9tdH8eCV78Xbqm011ONUHUYtHcT/GYji+jTtR3WX97wbMf91aOZ09WmpN3D23Vey8mDrT7xr0Xv97vfz+hY2IXv7D4y+/atYvnPrxyKuztcm58lqKruR2vjm2b3sCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOC/y8bM4cdPqqXntfy9xVJ99enC/LUP64Vy+2qj+fFK9uLt1Deb6nCqD6IWj+J+jEUlKnEnqrsmfPbnQW7n0/f5v+a/bq2c/u1oqTVx99xWsfNi6kzqG9mj8/5DfreX//D4yy+b9Qunckdena1NzpXXDmz3Vf628+j/ewAAAAAAAAAAAAAAAAAAALAXCsXLx0bOl29EZOJmRHzxyzdDvflu+t49k/pOpLqc5t++Odh5tnEp21q6vnny1nTj5zQ/HpkYj4hD79qj//thGNjvAQAA//8Pi5HU")
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000080)={0x0, 0x1}, 0xc)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000300), 0x4)
r2 = io_uring_setup(0x454b, &(0x7f00000002c0)={0x0, 0x48c7, 0x8, 0x0, 0x1000168})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r3, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r5, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
close_range(r2, 0xffffffffffffffff, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a00100000000280", 0x2a}, {&(0x7f0000000400)="6a6f8e5e", 0x4}], 0x2}, 0x0)

4.408380916s ago: executing program 1 (id=1164):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_GET(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010000000000fcdbcf2554"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x40010)

4.380955068s ago: executing program 1 (id=1165):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f00000003c0)=""/67, 0x4}, 0x20)
r1 = socket(0x2d, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="fb0c0000051636000000000000", @ANYRESHEX=r1, @ANYRES64=r1, @ANYRESDEC], 0x48)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x2d, 0x0, 0x1f, 0x2}, 0xc, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0xc0}, 0x8090)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_xfrm(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@updpolicy={0x13c, 0x19, 0x1, 0x0, 0x0, {{@in6=@private2, @in6=@empty, 0x0, 0x3, 0x2, 0x0, 0x2, 0x0, 0x0, 0x89}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x3}}, [@tmpl={0x84, 0x5, [{{@in6=@private2, 0x0, 0x32}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @remote}}, {{@in6=@empty, 0x0, 0x2b}, 0x2, @in=@dev, 0xffffffff}]}]}, 0x13c}}, 0x0)
syz_emit_ethernet(0x66, &(0x7f0000000b80)={@broadcast, @random="6487a2bed3d6", @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x14, 0x300, 0x0, 0x0, 0x6c, 0x0, @private}, {{}, {}, {}, {}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4}}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setresuid(0x0, 0x0, 0xee00)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000001c0), 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00'}, 0x10)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r3 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000280)={'\x00', 0x7e, 0x1000, 0x5c8, 0x80000003, 0x6})
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
syz_io_uring_setup(0x2d64, &(0x7f0000000100)={0x0, 0x100577, 0x2, 0x0, 0x42}, &(0x7f0000000400), &(0x7f0000011000))

4.286591566s ago: executing program 1 (id=1167):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$unix(0x1, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b0000"], 0x48)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000a80)='kfree\x00', r3}, 0x18)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', <r4=>0x0})
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f00000000c0), 0x2, 0xbd1, &(0x7f0000001340)="$eJzs3M1rHOcZAPBnRquVbKtduZRS91KVUmwoXUsuMrUp1C4uvfRQaK8Fq/LKCK0/kFRcyTqskn8gX+dALoEkJiGH+OxLQnLNJbGvCTkETFCsBEJIFGY/pI2lleR4V6PIvx+8mvedd7TP8+ywO/PC7gbwxBrJ/qQRxyLiYhJRau5PI6JY7w1G1BrHra4sTX65sjSZxNravz5LIomIBytLk63HSprbI83BYES8/9ckfvb05rhzC4szE9VqZbY5Pjl/5frJuYXFP0xfmbhcuVy5Onb6T+Onxk+PnhnvWq1ffXTu9he/+fsnta9f/ebW58+/nMS5GGrOtdfRLSMxsv6ctCtExES3g+Wkr1lPe51JYYd/SnucFAAAHaVt93C/iFL0xcbNWyne/iDX5AAAAICuWOuLWAMAAAAOuMT6HwAAAA641ucAHqwsTbZavp9I2Fv3z0fEcKP+1WZrzBSiVt8ORn9EHH6QRPvXWpPGvz22kYj4+N6ZN7IWPfoe8nZqyxHxy63Of1Kvf7j+Le7N9acRMdqF+CMPjX9M9Z/rQvy86wfgyXTnfONCtvn6l67f/8QW17/CFteuHyLv61/r/m910/3fRv19He7//rnLGDdfefFGp7ms/j/f/tvrrZbFz7aPVdQjuL8c8avCVvUn6/UnHeq/uMsYpW9vVDrN5V3/2ksRx2Pr+luS7X+f6OTUdLUy2vi7ZYzl98Zf6xQ/7/qz83+4Q/2t33/qdP6v7zLGfy5ceHPTznsb3e3rTz8tJv+u94rNPf+fmJ+fHYsoJv/YvP/U9rm0jmk9Rlb/id9u//rfqv7sPaHWfB6ytcByc5uNn3oo5l9u3XyrUz6t9V+e5/9Sh/PfXv+7hc3n/5ldxvjdO8+d6DTXvv7NWha/tRYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJY0IoYiScvr/TQtlyOORMTP43BavTY3//upa/+7eimbixiO/nRquloZjYhSY5xk47F6f2N86qHxHyPiaES8UDpUH5cnr1Uv5V08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA645ExFAkaTki0ohYLaVpuZx3VgAAAEDXDeedAAAAANBz1v8AAABw8Fn/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GNHf33nbhIRtbOH6i1TbM7155oZ0Gtp3gkAuenLOwEgN4W8EwBy84hrfLcLcAAlO8wPdpwZ6HouAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxfx4/duZtERO3soXrLFJtz/blmBvRa2tZPcswD2Ht9200W9i4PYO95icOTyxof2GntP7hxTO37MwM9ywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/Weo3pK0HBHF5r5yOeInETEc/cnUdLUyGhE/jYgPS/0D2Xgs55wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovrmFxZmJarUym3XSaHbW9/Sg09eM3MMQvekkjbxr+yWfg90ZeHanY/4bjxmiGPui0n3ayfNdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvMwtLM5MVKuV2bm8MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyNrewODNRrVZme9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzXQAAAP//jAsGRw==")
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000040)={'veth0_to_hsr\x00', &(0x7f0000000000)=@ethtool_rxfh={0x46, 0x6, 0xa, 0x10, 0x2, "226ae3", 0x382}})
r6 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
ptrace(0x8, r6)
mount$bind(0x0, 0x0, 0x0, 0x21, 0x0)
quotactl$Q_SETINFO(0xffffffff80000601, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x2, 0x8000000000000001, 0x0, 0x2})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff})
getsockopt$sock_int(r7, 0x1, 0x1e, 0x0, &(0x7f0000000540))
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r8 = socket(0x400000000010, 0x3, 0x0)
r9 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r10, {0x5, 0xfff3}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}, @TCA_RATE={0x6, 0x5, {0xab, 0x8e}}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x0)

3.683808024s ago: executing program 1 (id=1171):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
ioctl$int_in(r2, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r2, 0xa, 0x12)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write(r1, &(0x7f00000009c0)="3bf58d7d", 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'ip_vti0\x00'})
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7fffeffd)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
bpf$MAP_CREATE(0x1800, &(0x7f00000009c0)=ANY=[], 0x48)

2.712263013s ago: executing program 3 (id=1186):
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r1, &(0x7f0000000900)=[{{&(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000ac0)="6cb76def2c36dab0f366cf47ad785ed2fb5e1fa5fb56d566acdc377060c4ba50a58104620df72c3004bfbc77173110e163f7d8ad60c34cdb064852353438fea809e390e392afbf35311690cd8286a6c49668aee29b7537078dba77963d15c085d7343c1012135d361ac15c082b7ac8db87cc10fe3ffc374c8be18fc53437100a11dddb9981072ec036d513870a5bbf62ce9e39f790f61ef997af390b9f5fc8a699e001c59077c459eb40ee80a3ffeb35737da668ef974592faf129325cd9ad0dc5663950a329804c9f5d261f71165b05dac212cc2afc40f980ddef8773f1045e75de4ec606aef87052e9ac784bb0f5a43f9cac5e44ae1a6dd575ce17a4749dc7cd4d7f76a40676e792e5b31a25703b1f35b48a89ed84582ef8f4ac046695f402c25da1fa6bc732a7016edf093b4c31193130b3bc143702e2b1d23743ca797b24495dc4979b81413701c0597dcd5e3bcc9c2050c18cfe03814d358e0f795e990dc44d2c1b9890514bd5ea94a3f3a1e25a8cdc67133e9176d76dc54c31274cff0101d8a42c103bad1b8b57362446f2c2ed8a69daf3d7306ef3fa2015e4ee1ef3392120b82671d73b07f3082ea69ffa0ebc7b53c78862a3e1ece518c1f0abbe4053b4dfafe815c1fe4b0d079446e80d13af972e00644a0188605d7309812e24cd1158677f94a16a5eb0c5d48b60329fc522026efa596ac913540f2a9b0345f279329bfba29a7dfc8894e6a08eeee3dd974c3de9e0602cfd1e3e584b10dd26cd13f7fb432e72ea85fd1d3a872061bc967d7a67a3a7f09f34cc825db5d9ef3ce0ff9873f8eff342eb30fa970007e2f591f07dc9bc5141a9679a2f7c69aa50894353a7830a0f7cf766aff6e81d7c3b88d730946ce3f327716ef6fd270d5bf467aef288db903f740b6ac27b962a3c6462372e63f8da8505f05d17b364dd8c6b5d449accd01b4c6da297669f098bee986b95e389a2d003539ca9dec8c26b9f6bbb5f7fe6f0b764d99bc0dafcad4121ed6a749ac71fc5deeee54d0e8a2d9dccc87df818258d73c8816b78c1be3670fb14dded879caf925e0f8abf63f55ffee02bbffb465f0303338bd12e22fe94fdaa3f033127ecaf41649232c38e83850fd3ebc890ea5db2763a8389ac49bd9b7f6b81f381d3eeb90d0f596e2b7f7dfa2a0e9453c1f5f359b56aae9e97a51f6c092d25a031843e351f5733a25c5905706618ab569359bdca4932f6471f4f2d152f84cfc0c563885b0d93fd015095a8eb9422e3d17ddaf3f20dde5eeea415f76c0617964198c824b98f4d53ab0d4d734dcd6d07dddd5b77c1bd71208632941973bd5b5aca981137ec21dcd86ba518b3d4979b68f704a2a7d7cfeb9be3edf4b4b3560e930d9dba0bc358cba36a129748c1fa73483a69759ba0c4f2ee2a936899e163c213bb3fe5a28e68669fb2da6bbcdf4c55e933d127a8bc68b8d0e6c6c757fe8ea47f26ceb7c1b3ca8b962eb31a081756ed56fe4385dccc5e2a7a53300e9c8a1a55bcf8db3f828cb3db8485110da631a50199a5c1932b5538a2b1c3cddb4451868a413418e3f761530fd477b2ebb449070c73171964203ad7bad4302af13fa6fe55fb88ede096a7aba95ef3665da778250daa9dd4bd5ecb8a807d83fe6dcf2f0cf5de7a4ef742979afd7d93bb2672ad45f6537640313b1ca8838f3fdc08e57455af6398ce5b253312fe1a88206210831e0de59d1e3f9442fb9dd43f1b9c00d151d3234028990f8bcaf65c0ad9ea1bc20e4b7641ff26969b02ccd60d2d8d2d72fe5fd58068cd6d7525c9e24c4246cd776ecf1f57550bb6bddad5093618797547cde5c07e165bc979bfbb5479c58e89c29efa5fdfa5b4a87917a4275609afc849384458ca980ba5a2aa4d10c761bb3b3a57e3d3b41001cdf6", 0x541}], 0x1}}], 0x1, 0x40)

2.688767574s ago: executing program 1 (id=1187):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f00000003c0)=""/67, 0x4}, 0x20)
r1 = socket(0x2d, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="fb0c0000051636000000000000", @ANYRESHEX=r1, @ANYRES64=r1, @ANYRESDEC], 0x48)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x2d, 0x0, 0x1f, 0x2}, 0xc, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0xc0}, 0x8090)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$nl_xfrm(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@updpolicy={0x13c, 0x19, 0x1, 0x0, 0x0, {{@in6=@private2, @in6=@empty, 0x0, 0x3, 0x2, 0x0, 0x2, 0x0, 0x0, 0x89}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x3}}, [@tmpl={0x84, 0x5, [{{@in6=@private2, 0x0, 0x32}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @remote}}, {{@in6=@empty, 0x0, 0x2b}, 0x2, @in=@dev, 0xffffffff}]}]}, 0x13c}}, 0x0)
syz_emit_ethernet(0x66, &(0x7f0000000b80)={@broadcast, @random="6487a2bed3d6", @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x14, 0x300, 0x0, 0x0, 0x6c, 0x0, @private}, {{}, {}, {}, {}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4}}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setresuid(0x0, 0x0, 0xee00)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000001c0), 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00'}, 0x10)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r4 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000280)={'\x00', 0x7e, 0x1000, 0x5c8, 0x80000003, 0x6})
ioctl$BLKTRACETEARDOWN(r4, 0x1276, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
syz_io_uring_setup(0x2d64, &(0x7f0000000100)={0x0, 0x100577, 0x2, 0x0, 0x42}, &(0x7f0000000400), &(0x7f0000011000))

2.682914625s ago: executing program 3 (id=1188):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0, 0x0, 0xff}, 0x18)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000900)=@newqdisc={0x38, 0x24, 0x3fe3aa0262d8c583, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x10, 0xe}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x6, 0xffffffff}]}}]}, 0x38}}, 0x4048000)

2.666551916s ago: executing program 33 (id=1187):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f00000003c0)=""/67, 0x4}, 0x20)
r1 = socket(0x2d, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="fb0c0000051636000000000000", @ANYRESHEX=r1, @ANYRES64=r1, @ANYRESDEC], 0x48)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x2d, 0x0, 0x1f, 0x2}, 0xc, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0xc0}, 0x8090)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$nl_xfrm(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@updpolicy={0x13c, 0x19, 0x1, 0x0, 0x0, {{@in6=@private2, @in6=@empty, 0x0, 0x3, 0x2, 0x0, 0x2, 0x0, 0x0, 0x89}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x3}}, [@tmpl={0x84, 0x5, [{{@in6=@private2, 0x0, 0x32}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @remote}}, {{@in6=@empty, 0x0, 0x2b}, 0x2, @in=@dev, 0xffffffff}]}]}, 0x13c}}, 0x0)
syz_emit_ethernet(0x66, &(0x7f0000000b80)={@broadcast, @random="6487a2bed3d6", @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x14, 0x300, 0x0, 0x0, 0x6c, 0x0, @private}, {{}, {}, {}, {}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4}}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setresuid(0x0, 0x0, 0xee00)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000001c0), 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00'}, 0x10)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r4 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000280)={'\x00', 0x7e, 0x1000, 0x5c8, 0x80000003, 0x6})
ioctl$BLKTRACETEARDOWN(r4, 0x1276, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
syz_io_uring_setup(0x2d64, &(0x7f0000000100)={0x0, 0x100577, 0x2, 0x0, 0x42}, &(0x7f0000000400), &(0x7f0000011000))

2.574144584s ago: executing program 3 (id=1190):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x2, 0x80805, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
sendmmsg$inet(r1, &(0x7f0000000900)=[{{&(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000ac0)="6cb76def2c36dab0f366cf47ad785ed2fb5e1fa5fb56d566acdc377060c4ba50a58104620df72c3004bfbc77173110e163f7d8ad60c34cdb064852353438fea809e390e392afbf35311690cd8286a6c49668aee29b7537078dba77963d15c085d7343c1012135d361ac15c082b7ac8db87cc10fe3ffc374c8be18fc53437100a11dddb9981072ec036d513870a5bbf62ce9e39f790f61ef997af390b9f5fc8a699e001c59077c459eb40ee80a3ffeb35737da668ef974592faf129325cd9ad0dc5663950a329804c9f5d261f71165b05dac212cc2afc40f980ddef8773f1045e75de4ec606aef87052e9ac784bb0f5a43f9cac5e44ae1a6dd575ce17a4749dc7cd4d7f76a40676e792e5b31a25703b1f35b48a89ed84582ef8f4ac046695f402c25da1fa6bc732a7016edf093b4c31193130b3bc143702e2b1d23743ca797b24495dc4979b81413701c0597dcd5e3bcc9c2050c18cfe03814d358e0f795e990dc44d2c1b9890514bd5ea94a3f3a1e25a8cdc67133e9176d76dc54c31274cff0101d8a42c103bad1b8b57362446f2c2ed8a69daf3d7306ef3fa2015e4ee1ef3392120b82671d73b07f3082ea69ffa0ebc7b53c78862a3e1ece518c1f0abbe4053b4dfafe815c1fe4b0d079446e80d13af972e00644a0188605d7309812e24cd1158677f94a16a5eb0c5d48b60329fc522026efa596ac913540f2a9b0345f279329bfba29a7dfc8894e6a08eeee3dd974c3de9e0602cfd1e3e584b10dd26cd13f7fb432e72ea85fd1d3a872061bc967d7a67a3a7f09f34cc825db5d9ef3ce0ff9873f8eff342eb30fa970007e2f591f07dc9bc5141a9679a2f7c69aa50894353a7830a0f7cf766aff6e81d7c3b88d730946ce3f327716ef6fd270d5bf467aef288db903f740b6ac27b962a3c6462372e63f8da8505f05d17b364dd8c6b5d449accd01b4c6da297669f098bee986b95e389a2d003539ca9dec8c26b9f6bbb5f7fe6f0b764d99bc0dafcad4121ed6a749ac71fc5deeee54d0e8a2d9dccc87df818258d73c8816b78c1be3670fb14dded879caf925e0f8abf63f55ffee02bbffb465f0303338bd12e22fe94fdaa3f033127ecaf41649232c38e83850fd3ebc890ea5db2763a8389ac49bd9b7f6b81f381d3eeb90d0f596e2b7f7dfa2a0e9453c1f5f359b56aae9e97a51f6c092d25a031843e351f5733a25c5905706618ab569359bdca4932f6471f4f2d152f84cfc0c563885b0d93fd015095a8eb9422e3d17ddaf3f20dde5eeea415f76c0617964198c824b98f4d53ab0d4d734dcd6d07dddd5b77c1bd71208632941973bd5b5aca981137ec21dcd86ba518b3d4979b68f704a2a7d7cfeb9be3edf4b4b3560e930d9dba0bc358cba36a129748c1fa73483a69759ba0c4f2ee2a936899e163c213bb3fe5a28e68669fb2da6bbcdf4c55e933d127a8bc68b8d0e6c6c757fe8ea47f26ceb7c1b3ca8b962eb31a081756ed56fe4385dccc5e2a7a53300e9c8a1a55bcf8db3f828cb3db8485110da631a50199a5c1932b5538a2b1c3cddb4451868a413418e3f761530fd477b2ebb449070c73171964203ad7bad4302af13fa6fe55fb88ede096a7aba95ef3665da778250daa9dd4bd5ecb8a807d83fe6dcf2f0cf5de7a4ef742979afd7d93bb2672ad45f6537640313b1ca8838f3fdc08e57455af6398ce5b253312fe1a88206210831e0de59d1e3f9442fb9dd43f1b9c00d151d3234028990f8bcaf65c0ad9ea1bc20e4b7641ff26969b02ccd60d2d8d2d72fe5fd58068cd6d7525c9e24c4246cd776ecf1f57550bb6bddad5093618797547cde5c07e165bc979bfbb5479c58e89c29efa5fdfa5b4a87917a4275609afc849384458ca980ba5a2aa4d10c761bb3b3a57e3d3b41001cdf6", 0x541}], 0x1}}], 0x1, 0x40)

2.557601635s ago: executing program 3 (id=1191):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_GET(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010000000000fcdbcf2554"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x40010)

2.541269996s ago: executing program 3 (id=1192):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50)
r0 = epoll_create1(0x80000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000040)={0xa0000004})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000000)={0xa0000001})
poll(&(0x7f00000000c0)=[{r3, 0x1009}], 0x1, 0x8000007)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000200)={0x1, 0x0, 0xac, 0x3}, 0x10)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)=ANY=[@ANYBLOB="2c0000001200970225bd7000000000000780"], 0x2c}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000001c0)={'ip6_vti0\x00', &(0x7f00000000c0)={'syztnl2\x00', <r5=>0x0, 0x4, 0x1, 0x80, 0x4, 0x50, @empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1, 0x7800, 0x4}})
newfstatat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, <r6=>0x0}, 0x200)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@mcast1, @in=@rand_addr=0x64010100, 0x4e21, 0x0, 0x4e24, 0x2, 0xa, 0x60, 0x0, 0x0, r5, r6}, {0x2, 0x1, 0x8, 0x8, 0xfffffffffffffff8, 0x8, 0x8, 0x800}, {0xf, 0xbb, 0x9, 0x1}, 0x401, 0x6e6bbd, 0x2, 0x0, 0x3, 0x1}, {{@in=@empty, 0x4d3, 0x6c}, 0xa, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x3506, 0x2, 0x0, 0x9, 0x7, 0x2, 0x3}}, 0xe8)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000200)=0x6, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000140)=@framed={{}, [@btf_id={0x18, 0x0, 0x3, 0x0, 0x4}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

911.098397ms ago: executing program 5 (id=1204):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x7, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='sys_enter\x00', r1, 0x0, 0x1}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x80)
r2 = inotify_init1(0x800)
inotify_add_watch(r2, &(0x7f0000000540)='./file0\x00', 0xc4000ce7)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x1f, 0xc, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0100000003000000e27f00000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000001000000000158f203a00ebffffff00"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r5, <r6=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000feffff18110000eb68afb587add323b63423150af7e6b800009917db", @ANYRES32=r6, @ANYRESHEX=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYRESHEX=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000c80)={'lo\x00', <r9=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newqdisc={0x78, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x80, 0xffffffff, 0x8, 0xff, 0x1}, 0x6328, 0x1, 0x0, 0x5, 0x6, 0x12, 0x6, 0xb, 0x0, 0x3b, {0xb202, 0xb, 0x80000001, 0x100, 0x2, 0x80000000}}}}]}, 0xfffffe9a}}, 0x1)
r10 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fgetxattr(r10, &(0x7f0000000300)=@known='security.selinux\x00', 0x0, 0x0)
open(&(0x7f0000000740)='./bus\x00', 0x143c62, 0x0)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r11}, 0x38)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000240)='kfree\x00', r12}, 0x18)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r13, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], &(0x7f0000000500)=[0x2], 0x0, 0x2000000000000088}}, 0x40)

882.43942ms ago: executing program 5 (id=1205):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa4000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0xa0, 0x30, 0x9, 0xfffffffc, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{}, {}, {0x6}, {}, {0x0, 0x0, 0xfe}, {0xf792}, {0x3}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa0}}, 0x0)

836.667333ms ago: executing program 5 (id=1206):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80a, &(0x7f0000000940)={[{@barrier_val}, {@resuid}, {@block_validity}, {@errors_remount}]}, 0x1, 0x79b, &(0x7f0000000180)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d0000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='nr_inodes=2'])

687.653665ms ago: executing program 5 (id=1208):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec85"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0, 0x0, 0xff}, 0x18)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000900)=@newqdisc={0x38, 0x24, 0x3fe3aa0262d8c583, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x10, 0xe}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x6, 0xffffffff}]}}]}, 0x38}}, 0x4048000)

628.7757ms ago: executing program 5 (id=1209):
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a500850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r0}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

537.879098ms ago: executing program 5 (id=1212):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
ioctl$int_in(r2, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r2, 0xa, 0x12)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write(r1, &(0x7f00000009c0)="3bf58d7d", 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'ip_vti0\x00'})
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7fffeffd)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
bpf$MAP_CREATE(0x1800, &(0x7f00000009c0)=ANY=[], 0x48)

451.651244ms ago: executing program 4 (id=1214):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x7, 0x0, &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000005c0)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffc}, 0x4c)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000140)=@o_path={0x0, r0, 0x4000, r1}, 0x18)

371.955651ms ago: executing program 4 (id=1215):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, 0x2}, 0x94)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x3}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000400)='kfree\x00', r0}, 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1008}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000080000000000000000000080850000000f00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000725e850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000680)={r6}, 0xc)
r7 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000080), 0x101400, 0x0)
write$binfmt_elf32(r7, &(0x7f0000000500)={{0x7f, 0x45, 0x4c, 0x46, 0x7, 0x7, 0x1, 0x2, 0x1, 0x2, 0x3e, 0x8001, 0x331, 0x38, 0x19f, 0x7fff, 0x401, 0x20, 0x2, 0x3a, 0x8, 0x5}, [{0x5, 0x2, 0xfff, 0x7c, 0x4, 0x27600, 0x5, 0x5a}, {0x6474e551, 0x3ff, 0x5, 0x4, 0xef4, 0x0, 0x6, 0xfffffffe}], "d17869d64a96573ba6e5ca1bc1fcf73ed536b312e8f256fa9097460d081714d17917a1168e9f1c90e5d704d11df1d10cb24d965c67dfa4f08afd2872596824ef1847dd84464f3d4bc273e1a4ed213d0c2279fe11508ecf825fbe9c1529a664b37ac91f7075fcf711a54f55b5ae7c75", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xae7)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, r4, 0x100, 0x70bd28, 0x0, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x50}, 0x240400c1)

371.469121ms ago: executing program 0 (id=1216):
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r1, &(0x7f0000000900)=[{{&(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000ac0)="6cb76def2c36dab0f366cf47ad785ed2fb5e1fa5fb56d566acdc377060c4ba50a58104620df72c3004bfbc77173110e163f7d8ad60c34cdb064852353438fea809e390e392afbf35311690cd8286a6c49668aee29b7537078dba77963d15c085d7343c1012135d361ac15c082b7ac8db87cc10fe3ffc374c8be18fc53437100a11dddb9981072ec036d513870a5bbf62ce9e39f790f61ef997af390b9f5fc8a699e001c59077c459eb40ee80a3ffeb35737da668ef974592faf129325cd9ad0dc5663950a329804c9f5d261f71165b05dac212cc2afc40f980ddef8773f1045e75de4ec606aef87052e9ac784bb0f5a43f9cac5e44ae1a6dd575ce17a4749dc7cd4d7f76a40676e792e5b31a25703b1f35b48a89ed84582ef8f4ac046695f402c25da1fa6bc732a7016edf093b4c31193130b3bc143702e2b1d23743ca797b24495dc4979b81413701c0597dcd5e3bcc9c2050c18cfe03814d358e0f795e990dc44d2c1b9890514bd5ea94a3f3a1e25a8cdc67133e9176d76dc54c31274cff0101d8a42c103bad1b8b57362446f2c2ed8a69daf3d7306ef3fa2015e4ee1ef3392120b82671d73b07f3082ea69ffa0ebc7b53c78862a3e1ece518c1f0abbe4053b4dfafe815c1fe4b0d079446e80d13af972e00644a0188605d7309812e24cd1158677f94a16a5eb0c5d48b60329fc522026efa596ac913540f2a9b0345f279329bfba29a7dfc8894e6a08eeee3dd974c3de9e0602cfd1e3e584b10dd26cd13f7fb432e72ea85fd1d3a872061bc967d7a67a3a7f09f34cc825db5d9ef3ce0ff9873f8eff342eb30fa970007e2f591f07dc9bc5141a9679a2f7c69aa50894353a7830a0f7cf766aff6e81d7c3b88d730946ce3f327716ef6fd270d5bf467aef288db903f740b6ac27b962a3c6462372e63f8da8505f05d17b364dd8c6b5d449accd01b4c6da297669f098bee986b95e389a2d003539ca9dec8c26b9f6bbb5f7fe6f0b764d99bc0dafcad4121ed6a749ac71fc5deeee54d0e8a2d9dccc87df818258d73c8816b78c1be3670fb14dded879caf925e0f8abf63f55ffee02bbffb465f0303338bd12e22fe94fdaa3f033127ecaf41649232c38e83850fd3ebc890ea5db2763a8389ac49bd9b7f6b81f381d3eeb90d0f596e2b7f7dfa2a0e9453c1f5f359b56aae9e97a51f6c092d25a031843e351f5733a25c5905706618ab569359bdca4932f6471f4f2d152f84cfc0c563885b0d93fd015095a8eb9422e3d17ddaf3f20dde5eeea415f76c0617964198c824b98f4d53ab0d4d734dcd6d07dddd5b77c1bd71208632941973bd5b5aca981137ec21dcd86ba518b3d4979b68f704a2a7d7cfeb9be3edf4b4b3560e930d9dba0bc358cba36a129748c1fa73483a69759ba0c4f2ee2a936899e163c213bb3fe5a28e68669fb2da6bbcdf4c55e933d127a8bc68b8d0e6c6c757fe8ea47f26ceb7c1b3ca8b962eb31a081756ed56fe4385dccc5e2a7a53300e9c8a1a55bcf8db3f828cb3db8485110da631a50199a5c1932b5538a2b1c3cddb4451868a413418e3f761530fd477b2ebb449070c73171964203ad7bad4302af13fa6fe55fb88ede096a7aba95ef3665da778250daa9dd4bd5ecb8a807d83fe6dcf2f0cf5de7a4ef742979afd7d93bb2672ad45f6537640313b1ca8838f3fdc08e57455af6398ce5b253312fe1a88206210831e0de59d1e3f9442fb9dd43f1b9c00d151d3234028990f8bcaf65c0ad9ea1bc20e4b7641ff26969b02ccd60d2d8d2d72fe5fd58068cd6d7525c9e24c4246cd776ecf1f57550bb6bddad5093618797547cde5c07e165bc979bfbb5479c58e89c29efa5fdfa5b4a87917a4275609afc849384458ca980ba5a2aa4d10c761bb3b3a57e3d3b41001cdf6", 0x541}], 0x1}}], 0x1, 0x40)

323.174625ms ago: executing program 3 (id=1217):
futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0xab87fb79e2ee7309, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x400, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20200006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000940), 0x81000, 0x0)
ioctl$PTP_SYS_OFFSET(r0, 0x40043d0d, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x3}, 0x18)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000300)="d8000000180081064e81f782db4cb904021d0800067c7c09e8fe0ba1bc0008000600000003600e120800110002000401a8000600200e02400400027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db79800951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920323f9a94100"/216, 0xd8}], 0x1}, 0x0)
fchdir(0xffffffffffffffff)
r3 = socket$inet(0x2, 0x2, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c00"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x44010)
sendmsg$inet(r3, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @remote}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f00000004c0)="1ed8b7f9d457", 0x14}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000a80)='qgroup_update_counters\x00', 0xffffffffffffffff, 0x0, 0x10000}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYBLOB="800000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="35e2000000000000600012800b000100697036746e6c00005000028008000100", @ANYRES32, @ANYBLOB="0800140000000000080008000a0000000500090089000000060010000d000000080008000c000000050009"], 0x80}}, 0x0)
openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="ffffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={0xffffffffffffffff, 0xe0, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000050, &(0x7f00000001c0), ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x0, 0x39, &(0x7f00000002c0), 0x4aae65405fe7c4dc, 0x10, &(0x7f00000002c0), &(0x7f00000005c0), 0x8, 0x80ce, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="11b7c78e3f1db2acc4"], 0x54}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="50000000090601020000000000000000000000000900020073797a31000000000500010007000000280007801800018014000240fc0100000000000000000c000280080001407f000001000000000000"], 0x50}, 0x1, 0x0, 0x0, 0x10040047}, 0x24040844)
socket$nl_netfilter(0x10, 0x3, 0xc)

301.419026ms ago: executing program 4 (id=1218):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x2, 0x80805, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
sendmmsg$inet(r1, &(0x7f0000000900)=[{{&(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000ac0)="6cb76def2c36dab0f366cf47ad785ed2fb5e1fa5fb56d566acdc377060c4ba50a58104620df72c3004bfbc77173110e163f7d8ad60c34cdb064852353438fea809e390e392afbf35311690cd8286a6c49668aee29b7537078dba77963d15c085d7343c1012135d361ac15c082b7ac8db87cc10fe3ffc374c8be18fc53437100a11dddb9981072ec036d513870a5bbf62ce9e39f790f61ef997af390b9f5fc8a699e001c59077c459eb40ee80a3ffeb35737da668ef974592faf129325cd9ad0dc5663950a329804c9f5d261f71165b05dac212cc2afc40f980ddef8773f1045e75de4ec606aef87052e9ac784bb0f5a43f9cac5e44ae1a6dd575ce17a4749dc7cd4d7f76a40676e792e5b31a25703b1f35b48a89ed84582ef8f4ac046695f402c25da1fa6bc732a7016edf093b4c31193130b3bc143702e2b1d23743ca797b24495dc4979b81413701c0597dcd5e3bcc9c2050c18cfe03814d358e0f795e990dc44d2c1b9890514bd5ea94a3f3a1e25a8cdc67133e9176d76dc54c31274cff0101d8a42c103bad1b8b57362446f2c2ed8a69daf3d7306ef3fa2015e4ee1ef3392120b82671d73b07f3082ea69ffa0ebc7b53c78862a3e1ece518c1f0abbe4053b4dfafe815c1fe4b0d079446e80d13af972e00644a0188605d7309812e24cd1158677f94a16a5eb0c5d48b60329fc522026efa596ac913540f2a9b0345f279329bfba29a7dfc8894e6a08eeee3dd974c3de9e0602cfd1e3e584b10dd26cd13f7fb432e72ea85fd1d3a872061bc967d7a67a3a7f09f34cc825db5d9ef3ce0ff9873f8eff342eb30fa970007e2f591f07dc9bc5141a9679a2f7c69aa50894353a7830a0f7cf766aff6e81d7c3b88d730946ce3f327716ef6fd270d5bf467aef288db903f740b6ac27b962a3c6462372e63f8da8505f05d17b364dd8c6b5d449accd01b4c6da297669f098bee986b95e389a2d003539ca9dec8c26b9f6bbb5f7fe6f0b764d99bc0dafcad4121ed6a749ac71fc5deeee54d0e8a2d9dccc87df818258d73c8816b78c1be3670fb14dded879caf925e0f8abf63f55ffee02bbffb465f0303338bd12e22fe94fdaa3f033127ecaf41649232c38e83850fd3ebc890ea5db2763a8389ac49bd9b7f6b81f381d3eeb90d0f596e2b7f7dfa2a0e9453c1f5f359b56aae9e97a51f6c092d25a031843e351f5733a25c5905706618ab569359bdca4932f6471f4f2d152f84cfc0c563885b0d93fd015095a8eb9422e3d17ddaf3f20dde5eeea415f76c0617964198c824b98f4d53ab0d4d734dcd6d07dddd5b77c1bd71208632941973bd5b5aca981137ec21dcd86ba518b3d4979b68f704a2a7d7cfeb9be3edf4b4b3560e930d9dba0bc358cba36a129748c1fa73483a69759ba0c4f2ee2a936899e163c213bb3fe5a28e68669fb2da6bbcdf4c55e933d127a8bc68b8d0e6c6c757fe8ea47f26ceb7c1b3ca8b962eb31a081756ed56fe4385dccc5e2a7a53300e9c8a1a55bcf8db3f828cb3db8485110da631a50199a5c1932b5538a2b1c3cddb4451868a413418e3f761530fd477b2ebb449070c73171964203ad7bad4302af13fa6fe55fb88ede096a7aba95ef3665da778250daa9dd4bd5ecb8a807d83fe6dcf2f0cf5de7a4ef742979afd7d93bb2672ad45f6537640313b1ca8838f3fdc08e57455af6398ce5b253312fe1a88206210831e0de59d1e3f9442fb9dd43f1b9c00d151d3234028990f8bcaf65c0ad9ea1bc20e4b7641ff26969b02ccd60d2d8d2d72fe5fd58068cd6d7525c9e24c4246cd776ecf1f57550bb6bddad5093618797547cde5c07e165bc979bfbb5479c58e89c29efa5fdfa5b4a87917a4275609afc849384458ca980ba5a2aa4d10c761bb3b3a57e3d3b41001cdf6", 0x541}], 0x1}}], 0x1, 0x40)

300.632136ms ago: executing program 4 (id=1219):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x5, 0x6, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x4f, &(0x7f0000000a80)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd6c2d01000019840100000000000000000000ffd19a010102fe8000000000000000000000000000aaa5ba94e385673ccfd3fe184ab0643975bcc85fbf438632261b"], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r2}, &(0x7f0000000240), &(0x7f00000006c0)}, 0x20)
rt_sigaction(0x40, &(0x7f00000000c0)={&(0x7f0000002200)="f30f1efc66450f2832c482adbcaf07000000c4e1fd5aa13c9c43713ef2400f1ed3c4c2e93be7f2262e669f8f88a4a2e100430f12957b280000653ed9fa", 0x8000000, 0x0, {[0x9]}}, 0x0, 0x8, &(0x7f0000000200))
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stat\x00')
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000000)=[@in={0x2, 0x4e20, @broadcast}, @in6={0xa, 0x4e21, 0x8dd, @mcast2, 0x3}, @in6={0xa, 0x4e21, 0x9, @dev={0xfe, 0x80, '\x00', 0x1e}, 0x3}], 0x48)
read$eventfd(r3, &(0x7f0000000280), 0x8)
pivot_root(0x0, 0x0)

279.707448ms ago: executing program 4 (id=1220):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000540)={0x1, &(0x7f0000000000)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000014000e0a49bf925471e7fc50983f097013799b641ea79c734b6ef4a909f6c2743f53f288e526b45fe0769b612cae30d347d692db24c0a7fc637fa1cb855773a97058bb1e89ea2629a03a000f0f527000fbdb2d1b65fa9d7a12f86e4727da8c12d73cadf3961abdb1e575e65427efb303c637f2785cdb1d128d656102d655936b6ead69539ab7933768022578e97e1df45e204b804dce7f1b89c9e85251bbe2f57c3b4be994e3dfaefab23911bf72bf62214f8d1154befd11e305e47343dc4bc0e603181bc0bcd0a3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000202070"], 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r1}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@deltfilter={0x5c, 0x2d, 0x400, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {0x4, 0xe}, {0x5, 0xf}}, [@TCA_CHAIN={0x8, 0xb, 0x7}, @TCA_RATE={0x6, 0x5, {0xf, 0x1}}, @TCA_RATE={0x6, 0x5, {0x9, 0xe}}, @TCA_RATE={0x6, 0x5, {0x7, 0x7}}, @TCA_CHAIN={0x8, 0xb, 0x1}, @TCA_CHAIN={0x8, 0xb, 0x7}, @TCA_CHAIN={0x8, 0xb, 0x9}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4800}, 0x14000000)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0xb4}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000000)={[{@usrquota}, {@jqfmt_vfsv1}]}, 0xc1, 0x7da, &(0x7f0000000fc0)="$eJzs3c1rG80dAODfyh+ynbR2odAmJ0OhNYTIdeomLfSQ0kMpNBBoz02MrJjUshUsOcTGEOdQ6KXQlh4K7SXnfqSHQq/9uLb/ROmhJITWMW/e04tediX5U5LtxJId/Dyw2pnd2Z0Z7ezsSLtIAVxYk+lLLuJKRPw8iRhvLk8iYigLDUbcbqR7u7VRTKck6vUf/C/J0vz50u6+kub8UjPyxYj4+08iruUO5jranJdLK83QdG3p0XR1bf36w6W5hdJCafnmzOzsjVtfv3Xz8Fbv6qN/rV9+9YvvfuWPtwfjCy9+9o8kbsfl5rrtrY3ie+7+kMmYbL4nQ+lbuM93TjuzM5acdQF4J+mpOdA4y+NKjMdAFurgfU9AAOBceBoRdQDggklc/wHggml9D7C9tVFsTWf7jUR/vf52RIw06t+6v9lYM9i8ZzeS3Qcd20723RlJImLiFPKfjIjf/uVHv0+n6NF9SIB2Np9FxP2Jye2t/IH+P0n7v+Gj95DvuOar3TarN7abPLBY/wf989d0/PONw+O/qzsP9IxkrwfGPyP5Nufuuzj6/M+97LDpMfqmo6Xjv2/tebZtd/y389DaxEAz9plszDeUPHhYLqV922cjYiqG8ml8Jkva/imoqTefvOmU/97x3/9/+ePfpfmn890UuZeD+aiP79lmfq42dwpVz7x+FnF1sF39k53xb9Jh/Hu34173H5rvffOnv+mUMq1/Wt/WdLj+vVV/HvHltsd/91gmXZ9PnM6aw3SrUbTxp//8eqxT/rvHP5/N0/xbnwX6IT3+Y93rP5GGqmvri3PlcmmlevI8/vl8/G+d1u1t/+3rn7X/fdL2P5z8MAu3WtqTuVptZSZiOPn+4eU3drdtxVvp0/pPfan9+d+p/eeaz8be34l1N/hq+A/NXbWtf2azU/17K63//ImOf5dAvbnNgVUv3i4OdMr/eMd/NgtNNZccp/87oqTv0ZoBAAAAAAAAAAAAAAAAAAAAAAAA4ORyEXE5klxhJ5zLFQqN//D+fIzlypVq7dqDyuryfGT/lT0RQ7nWT12O7/k91Jnm7+G34jcOxL8WEZ+LiF/lR7N4oVgpz5915QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg6dL+//9/ms4Khca6/+bPunQAQM+MnHUBAIC+c/0HgIvnZNf/0Z6VAwDonxN//q8nvSkIANA3x77+3+9tOQCA/nH/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB67e+dOOtU/3toopvH5x2uri5XH1+dL1cXC0mqxUKysPCosVCoL5VKhWFnquKPNxqxcqTyajeXVJ9O1UrU2XV1bv7dUWV2u3Xu4NLdQulca6lvNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD4qmvri3PlcmlFoEtgtDR6HopxjgKDcS6KcSiw+e+hrF13TRwTH0zjH+6SJjnNvEYPLtnbS4yeSd8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CH4NAAA//9RvRhH")
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)=<r6=>0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000d40)={0x13, 0x1a, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000070000000000000066000000851000000500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000000000008500000086000000950000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000010000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000820000001800000005000000000000000400000018100000", @ANYRES32, @ANYBLOB="00000000000000008520000002000000183800000300000000000000000000009500000000000000950000000000000077edf6371d04d6fc333495c455d397c9fbd0a59f954343f91b4435ca90156c25bacb9d2fb0619abc0cb29d7cdc658779b004fcb74242c48fb22bfb5c1b1f89ed234de70029f06cdf838feaefe86282b042744852ac6ccfe2e1f77e7ace69fbb064f2b5c2f8c9f7bff98688cb768efbaabea18d4a9d2f4af44a51e79fde06b76603785c394790a04dcf1233133e4760cee215af86eb7254eb459dc7b71af5caffe3c3cd147c8a7bf5e2eb8211a43b5dd1da6f0e4c"], &(0x7f0000000500)='syzkaller\x00', 0x533, 0x47, &(0x7f00000007c0)=""/71, 0x0, 0x4, '\x00', r3, @fallback=0x2c, r0, 0x8, &(0x7f0000000840)={0x9, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x7, &(0x7f0000000c80)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000cc0)=[{0x5, 0x1, 0x8, 0x51390033210c3dd4}, {0x4, 0x5, 0x1, 0xa}, {0x5, 0x4, 0x6, 0x5}, {0x0, 0x2, 0xd, 0x1}, {0x3, 0x3, 0x9, 0xa}, {0x5, 0x1, 0x7, 0xa}, {0x5, 0x1, 0x4, 0x2}], 0x10, 0x2}, 0x94)
timer_settime(r6, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$TIOCSSOFTCAR(r7, 0x541a, &(0x7f0000000080)=0x1ff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r7, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(0xffffffffffffffff, 0x0, 0x0)
r8 = socket$isdn_base(0x22, 0x3, 0x0)
bind$rds(r8, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000032c0)='/sys/power/pm_print_times', 0x200802, 0x20)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2)

272.912059ms ago: executing program 0 (id=1221):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_GET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010000000000fcdbcf2554"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x40010)

217.036383ms ago: executing program 0 (id=1222):
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a500850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r0}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

208.640454ms ago: executing program 0 (id=1223):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000142020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x80)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000980)={0x1be, 0x7f4, 0x80000001})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0a00000001010000fc7f0000cc00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000400000000"], 0x50)

64.770805ms ago: executing program 0 (id=1224):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0xffffdffffffffffe}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000508000a40000000000900020073797a31000000000900010073797a300000000008000540000000213c0000001e0a05010000000000000000070000070900020073797a31000000000900010073797a3000000000100003800c0000800800034000000002"], 0xc0}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, r0, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2}, 0x50)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r4=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000f000000050030000000000005002f000000000008000300", @ANYRES32=r4], 0x2c}}, 0x0)

6.80575ms ago: executing program 4 (id=1225):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'})
rmdir(0x0)
unshare(0x62040200)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fsconfig$FSCONFIG_SET_PATH(0xffffffffffffffff, 0x3, 0x0, 0x0, 0xffffffffffffff9c)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="080086dd0001110004600000a60c6eec00be00442cfffe8000000000000000000000000000aaff020000000000000000000000000001", @ANYRES64=r2], 0xfdef)

0s ago: executing program 0 (id=1226):
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x1)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8041, 0x0)
write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0xff2e)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x16, &(0x7f00000001c0)=0x7f, 0x4)
close(0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
unshare(0x22020600)
r3 = memfd_create(&(0x7f0000000000)='+\x00', 0x6)
cachestat(r3, &(0x7f00000005c0), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000100000000000000", @ANYRES32=0x1], 0x50)
r4 = socket$kcm(0xa, 0x5, 0x0)
r5 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000080)='_', 0x1}], 0x1}, 0x64)
setsockopt$sock_attach_bpf(r5, 0x84, 0x1e, &(0x7f0000000240), 0x4)
r6 = socket$kcm(0xa, 0x5, 0x0)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
stat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
sendmsg$netlink(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000100140001"], 0x114}, {&(0x7f00000009c0)=ANY=[@ANYBLOB="cc0200003100000425bd7000fddbdf25d2004b8090e985c10e41bc16c3afdfa48f5504b1be674defb8e523ca931fc47fca0761f089f12dee7390f97c1afc9919b1fe48e849ff8dfba904c78d93262ae3d33f0064ebf13671c70daa79cc0fe13e298fd364e11960d535c26097d135265e7942c4c5db720b1846c07b77ed5d954b166fd8b48c9e0f6ca471ddfcbb5f163f777786f7a3fbfa7733802ee8c4a951358fe78e1ef7f4dbe179e9502c3354b1cebef86cef6a5c32967a223845ba9396fced3f604240981e8f247067e1349e286bc6c8269ebede928867184559936b04001380000072f367e932248bbb5f84927c213d001b02bcf2d2bd5b90abb49e35b671d5cc9e8646e4ecaf6db0c14b26d2c061e2895d84e85ee2272e330857cf5816d5761dcdb9cbd0815823a9e2e08d59f3a8cac38f824e82d6a380359c14f0b327fd5004cfcb9ba79164d762baff997f2fd16507defa04591b820f92c60d5c85e8eab1cc5c87f6a6027e19ea6adec8a708b47f58365690e1f34b33cc001933f43099cbdb9dc2e741283e1400b300fc0000000000000000000000000000008b004180040037800c001496532832", @ANYRES32=r8, @ANYBLOB="040094807a026c57d2654d115e528c1459241cdf02597f14d35c3655073c5f407b4160b64e80e167c709d80d9da587820eeb0f3c363a773f519c2717597d2217f73d756a1e5262327a0d6705cffb6119d2df818584899aaf8d7b874dbb99330a6d2593829a3125c105c65840af5555000d003f0026e4b56b1866ada1d6000000ae69a5084963450371edc84dc99933e5f3798214db2bbd9046f0ccf707e29850c523bbf617b1d7ef1a551fb4d16bc02c3b80b31afd787c9d7b26e5ddbb196f76b5ae845fa547821e75e7ce9e57909e40c4879551d2f2238d4b261e66380a5ae73b551539b77a6588ca710abc8bcf5659e97a7c436980198477bba636c008a123467d4ebde947f09e3e18471413aacf4976b500"], 0x2cc}], 0x2, 0x0, 0x0, 0x20000001}, 0x0)
setsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000300)={{{@in=@remote, @in6=@dev={0xfe, 0x80, '\x00', 0x1a}, 0x4e23, 0x0, 0x4e24, 0x0, 0x2, 0x80, 0x0, 0x11, 0x0, r8}, {0xe61, 0x0, 0x0, 0x8, 0xb, 0x800, 0xffd, 0xffffffffffffffff}, {0x7, 0x4, 0x7fffffffffffffff, 0x7}, 0x8000, 0x6e6bb3, 0x0, 0x0, 0x2, 0x3}, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x4d3, 0x3c}, 0x2, @in6=@remote, 0x3500, 0x0, 0x0, 0x4, 0xc, 0xd0, 0x1}}, 0xe8)
quotactl_fd$Q_GETNEXTQUOTA(0xffffffffffffffff, 0xffffffff80000900, r8, &(0x7f0000000100))
getgid()
lchown(&(0x7f0000000040)='./file0\x00', r8, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x8916, &(0x7f0000000000)={r6})
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x8936, &(0x7f0000000000)={r6})

kernel console output (not intermixed with test programs):

x320
[   64.469242][ T5721]  netlink_sendmsg+0x471/0x6b0
[   64.469319][ T5721]  ? __pfx_netlink_sendmsg+0x10/0x10
[   64.469345][ T5721]  __sock_sendmsg+0x145/0x180
[   64.469375][ T5721]  ____sys_sendmsg+0x31e/0x4e0
[   64.469398][ T5721]  ___sys_sendmsg+0x17b/0x1d0
[   64.469461][ T5721]  __x64_sys_sendmsg+0xd4/0x160
[   64.469488][ T5721]  x64_sys_call+0x191e/0x2ff0
[   64.469519][ T5721]  do_syscall_64+0xd2/0x200
[   64.469544][ T5721]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   64.469571][ T5721]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   64.469675][ T5721]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.469698][ T5721] RIP: 0033:0x7fdfae4cebe9
[   64.469712][ T5721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.469728][ T5721] RSP: 002b:00007fdfacf2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   64.469789][ T5721] RAX: ffffffffffffffda RBX: 00007fdfae705fa0 RCX: 00007fdfae4cebe9
[   64.469802][ T5721] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 000000000000000a
[   64.469815][ T5721] RBP: 00007fdfacf2f090 R08: 0000000000000000 R09: 0000000000000000
[   64.469826][ T5721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   64.469836][ T5721] R13: 00007fdfae706038 R14: 00007fdfae705fa0 R15: 00007ffe52e50588
[   64.469852][ T5721]  </TASK>
[   64.690902][ T5726] loop4: detected capacity change from 0 to 1024
[   64.714014][ T5733] loop3: detected capacity change from 0 to 2048
[   64.724688][ T5730] syz.1.718 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   64.726198][ T5585] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.742099][ T5730] FAULT_INJECTION: forcing a failure.
[   64.742099][ T5730] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   64.755239][ T5730] CPU: 0 UID: 0 PID: 5730 Comm: syz.1.718 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   64.755290][ T5730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   64.755304][ T5730] Call Trace:
[   64.755310][ T5730]  <TASK>
[   64.755317][ T5730]  __dump_stack+0x1d/0x30
[   64.755405][ T5730]  dump_stack_lvl+0xe8/0x140
[   64.755421][ T5730]  dump_stack+0x15/0x1b
[   64.755436][ T5730]  should_fail_ex+0x265/0x280
[   64.755455][ T5730]  should_fail+0xb/0x20
[   64.755504][ T5730]  should_fail_usercopy+0x1a/0x20
[   64.755526][ T5730]  _copy_from_user+0x1c/0xb0
[   64.755602][ T5730]  ___sys_sendmsg+0xc1/0x1d0
[   64.755637][ T5730]  __x64_sys_sendmsg+0xd4/0x160
[   64.755744][ T5730]  x64_sys_call+0x191e/0x2ff0
[   64.755795][ T5730]  do_syscall_64+0xd2/0x200
[   64.755820][ T5730]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   64.755843][ T5730]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   64.755868][ T5730]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.755891][ T5730] RIP: 0033:0x7f548ea2ebe9
[   64.755965][ T5730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.755983][ T5730] RSP: 002b:00007f548d497038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   64.756003][ T5730] RAX: ffffffffffffffda RBX: 00007f548ec65fa0 RCX: 00007f548ea2ebe9
[   64.756017][ T5730] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000007
[   64.756030][ T5730] RBP: 00007f548d497090 R08: 0000000000000000 R09: 0000000000000000
[   64.756043][ T5730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   64.756118][ T5730] R13: 00007f548ec66038 R14: 00007f548ec65fa0 R15: 00007ffda3f690a8
[   64.756203][ T5730]  </TASK>
[   64.829507][ T5733]  loop3: unable to read partition table
[   64.937050][ T5733] loop3: partition table beyond EOD, truncated
[   64.943246][ T5733] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
[   64.981246][ T5747] vlan2: entered allmulticast mode
[   65.008561][ T5726] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.717: Allocating blocks 465-513 which overlap fs metadata
[   65.009513][ T5733] netlink: 'syz.3.719': attribute type 10 has an invalid length.
[   65.032824][ T5726] EXT4-fs (loop4): pa ffff88810056fd20: logic 256, phys. 369, len 9
[   65.041112][ T5726] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   65.051855][ T5726] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   65.066429][ T5749] netlink: 12 bytes leftover after parsing attributes in process `syz.4.717'.
[   65.087744][ T5585] veth0_vlan: entered promiscuous mode
[   65.096653][ T5753] loop1: detected capacity change from 0 to 2048
[   65.097379][ T5585] veth1_vlan: entered promiscuous mode
[   65.114556][ T5749] 8021q: adding VLAN 0 to HW filter on device bond1
[   65.125846][ T5758] loop3: detected capacity change from 0 to 2048
[   65.134691][ T5585] veth0_macvtap: entered promiscuous mode
[   65.141839][ T5585] veth1_macvtap: entered promiscuous mode
[   65.151402][ T5585] batman_adv: batadv0: Interface activated: batadv_slave_0
[   65.160405][ T5585] batman_adv: batadv0: Interface activated: batadv_slave_1
[   65.169442][   T41] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.204955][   T41] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.220066][ T5758]  loop3: unable to read partition table
[   65.226583][   T41] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.236785][ T5758] loop3: partition table beyond EOD, truncated
[   65.243057][ T5758] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
[   65.243365][ T5763] loop5: detected capacity change from 0 to 512
[   65.259445][   T41] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.281155][ T5763] EXT4-fs warning (device loop5): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   65.296182][ T5763] EXT4-fs (loop5): mount failed
[   65.300847][ T5758] netlink: 'syz.3.722': attribute type 10 has an invalid length.
[   65.323522][ T5769] loop4: detected capacity change from 0 to 2048
[   65.341161][ T5771] loop3: detected capacity change from 0 to 2048
[   65.356789][ T5763] loop5: detected capacity change from 0 to 512
[   65.357339][ T5773] netlink: 12 bytes leftover after parsing attributes in process `syz.1.726'.
[   65.374469][ T5763] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[   65.378478][ T5771] Alternate GPT is invalid, using primary GPT.
[   65.389772][ T5771]  loop3: p1 p2 p3
[   65.396975][ T5769] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm +}[@: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   65.398377][ T5773] netlink: 5 bytes leftover after parsing attributes in process `syz.1.726'.
[   65.414034][ T5769] EXT4-fs (loop4): Remounting filesystem read-only
[   65.422252][ T5773] 0ªî{X¹¦: renamed from gretap0 (while UP)
[   65.435913][ T5773] 0ªî{X¹¦: entered allmulticast mode
[   65.441666][ T5763] EXT4-fs warning (device loop5): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   65.450237][ T5773] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[   65.478071][ T5763] EXT4-fs (loop5): mount failed
[   65.483796][ T3308] EXT4-fs unmount: 177 callbacks suppressed
[   65.483810][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.505153][ T5781] sch_fq: defrate 4294967295 ignored.
[   65.563467][ T5791] loop5: detected capacity change from 0 to 2048
[   65.585064][ T5793] loop0: detected capacity change from 0 to 1024
[   65.592020][ T5793] EXT4-fs (loop0): inodes count not valid: 7 vs 32
[   65.592829][ T5791] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   65.616430][ T5791] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.731: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   65.667200][ T5800] loop0: detected capacity change from 0 to 2048
[   65.674212][ T5791] EXT4-fs (loop5): Remounting filesystem read-only
[   65.683531][ T5804] vlan2: entered allmulticast mode
[   65.689842][ T5803] loop3: detected capacity change from 0 to 2048
[   65.697781][ T5585] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.739349][ T5803] Alternate GPT is invalid, using primary GPT.
[   65.745643][ T5803]  loop3: p1 p2 p3
[   65.745803][ T5807] loop4: detected capacity change from 0 to 2048
[   65.769209][ T5808] netlink: 'syz.5.738': attribute type 1 has an invalid length.
[   65.776860][ T5808] netlink: 224 bytes leftover after parsing attributes in process `syz.5.738'.
[   65.787583][ T5807] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[   65.803796][ T5812] FAULT_INJECTION: forcing a failure.
[   65.803796][ T5812] name failslab, interval 1, probability 0, space 0, times 0
[   65.816464][ T5812] CPU: 0 UID: 0 PID: 5812 Comm: syz.3.739 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   65.816488][ T5812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   65.816500][ T5812] Call Trace:
[   65.816507][ T5812]  <TASK>
[   65.816514][ T5812]  __dump_stack+0x1d/0x30
[   65.816596][ T5812]  dump_stack_lvl+0xe8/0x140
[   65.816613][ T5812]  dump_stack+0x15/0x1b
[   65.816631][ T5812]  should_fail_ex+0x265/0x280
[   65.816650][ T5812]  should_failslab+0x8c/0xb0
[   65.816711][ T5812]  __kmalloc_noprof+0xa5/0x3e0
[   65.816735][ T5812]  ? iovec_from_user+0x84/0x210
[   65.816760][ T5812]  ? mntput+0x4b/0x80
[   65.816790][ T5812]  iovec_from_user+0x84/0x210
[   65.816872][ T5812]  __import_iovec+0xf3/0x540
[   65.816902][ T5812]  import_iovec+0x61/0x80
[   65.816928][ T5812]  __se_sys_process_madvise+0xd9/0x6a0
[   65.816971][ T5812]  ? kstrtouint+0x76/0xc0
[   65.816993][ T5812]  ? 0xffffffff81000000
[   65.817007][ T5812]  ? __rcu_read_unlock+0x4f/0x70
[   65.817026][ T5812]  ? get_pid_task+0x96/0xd0
[   65.817110][ T5812]  ? __fget_files+0x184/0x1c0
[   65.817132][ T5812]  ? fput+0x8f/0xc0
[   65.817191][ T5812]  __x64_sys_process_madvise+0x67/0x80
[   65.817394][ T5812]  x64_sys_call+0x2d26/0x2ff0
[   65.817416][ T5812]  do_syscall_64+0xd2/0x200
[   65.817445][ T5812]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   65.817469][ T5812]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   65.817537][ T5812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.817560][ T5812] RIP: 0033:0x7fd6ad17ebe9
[   65.817655][ T5812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.817671][ T5812] RSP: 002b:00007fd6abbdf038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b8
[   65.817688][ T5812] RAX: ffffffffffffffda RBX: 00007fd6ad3b5fa0 RCX: 00007fd6ad17ebe9
[   65.817701][ T5812] RDX: 0000000000000052 RSI: 0000200000000000 RDI: ffffffffffffffff
[   65.817761][ T5812] RBP: 00007fd6abbdf090 R08: 0000000000000000 R09: 0000000000000000
[   65.817775][ T5812] R10: 0000000000000067 R11: 0000000000000246 R12: 0000000000000001
[   65.817787][ T5812] R13: 00007fd6ad3b6038 R14: 00007fd6ad3b5fa0 R15: 00007ffced499da8
[   65.817806][ T5812]  </TASK>
[   65.823408][ T5800]  loop0: unable to read partition table
[   66.045352][ T5816] netlink: 'syz.0.735': attribute type 10 has an invalid length.
[   66.046873][ T5800] loop0: partition table beyond EOD, truncated
[   66.059272][ T5800] loop_reread_partitions: partition scan of loop0 () failed (rc=-5)
[   66.077498][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   66.096608][ T5819] sch_fq: defrate 4294967295 ignored.
[   66.185176][ T5830] loop4: detected capacity change from 0 to 512
[   66.194277][ T5830] ext2: Unknown parameter 'nouser_xattr'
[   66.312454][ T5845] loop0: detected capacity change from 0 to 2048
[   66.329213][ T5845] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   66.343634][ T5845] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm syz.0.750: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   66.360121][ T5845] EXT4-fs (loop0): Remounting filesystem read-only
[   66.393357][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.418023][ T5850] lo speed is unknown, defaulting to 1000
[   66.423891][ T5850] lo speed is unknown, defaulting to 1000
[   66.430061][ T5850] lo speed is unknown, defaulting to 1000
[   66.437007][ T5850] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   66.489003][ T5850] lo speed is unknown, defaulting to 1000
[   66.495759][ T5850] lo speed is unknown, defaulting to 1000
[   66.501999][ T5850] lo speed is unknown, defaulting to 1000
[   66.508469][ T5850] lo speed is unknown, defaulting to 1000
[   66.514895][ T5850] lo speed is unknown, defaulting to 1000
[   66.653695][ T5855] loop5: detected capacity change from 0 to 2048
[   66.755982][ T5855]  loop5: unable to read partition table
[   66.770225][ T5855] loop5: partition table beyond EOD, truncated
[   66.776454][ T5855] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[   66.837473][ T5855] netlink: 'syz.5.753': attribute type 10 has an invalid length.
[   66.852016][ T5855] team0: Failed to send port change of device netdevsim1 via netlink (err -105)
[   66.861350][ T5855] team0: Failed to send options change via netlink (err -105)
[   66.868852][ T5855] team0: Port device netdevsim1 added
[   66.876159][ T5861] sch_fq: defrate 4294967295 ignored.
[   66.949458][ T5876] loop0: detected capacity change from 0 to 2048
[   66.956743][ T5878] vlan2: entered allmulticast mode
[   66.970047][ T5876] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   66.984542][ T5876] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm +}[@: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   67.002681][ T5876] EXT4-fs (loop0): Remounting filesystem read-only
[   67.015008][ T5884] netlink: 'syz.5.765': attribute type 21 has an invalid length.
[   67.023165][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.036337][ T5885] loop3: detected capacity change from 0 to 2048
[   67.043537][ T5884] netlink: 132 bytes leftover after parsing attributes in process `syz.5.765'.
[   67.076746][ T5884] loop5: detected capacity change from 0 to 1024
[   67.084918][ T5884] EXT4-fs: Ignoring removed orlov option
[   67.090597][ T5884] EXT4-fs: Ignoring removed nomblk_io_submit option
[   67.099493][ T5885] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[   67.113471][ T5884] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.137137][ T5895] 9pnet_fd: Insufficient options for proto=fd
[   67.143937][ T5895] netlink: 51 bytes leftover after parsing attributes in process `syz.1.768'.
[   67.175135][ T5901] sch_fq: defrate 4294967295 ignored.
[   67.217053][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   67.230096][ T5585] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.249418][ T5911] loop4: detected capacity change from 0 to 2048
[   67.276199][ T5911] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.290156][ T5911] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm +}[@: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   67.312603][ T5911] EXT4-fs (loop4): Remounting filesystem read-only
[   67.332328][ T5918] FAULT_INJECTION: forcing a failure.
[   67.332328][ T5918] name failslab, interval 1, probability 0, space 0, times 0
[   67.344971][ T5918] CPU: 0 UID: 0 PID: 5918 Comm: syz.3.776 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   67.345024][ T5918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   67.345038][ T5918] Call Trace:
[   67.345045][ T5918]  <TASK>
[   67.345052][ T5918]  __dump_stack+0x1d/0x30
[   67.345074][ T5918]  dump_stack_lvl+0xe8/0x140
[   67.345095][ T5918]  dump_stack+0x15/0x1b
[   67.345113][ T5918]  should_fail_ex+0x265/0x280
[   67.345143][ T5918]  should_failslab+0x8c/0xb0
[   67.345170][ T5918]  kmem_cache_alloc_node_noprof+0x57/0x320
[   67.345202][ T5918]  ? __alloc_skb+0x101/0x320
[   67.345224][ T5918]  __alloc_skb+0x101/0x320
[   67.345245][ T5918]  netlink_alloc_large_skb+0xba/0xf0
[   67.345354][ T5918]  netlink_sendmsg+0x3cf/0x6b0
[   67.345394][ T5918]  ? __pfx_netlink_sendmsg+0x10/0x10
[   67.345439][ T5918]  __sock_sendmsg+0x145/0x180
[   67.345472][ T5918]  ____sys_sendmsg+0x31e/0x4e0
[   67.345499][ T5918]  ___sys_sendmsg+0x17b/0x1d0
[   67.345535][ T5918]  __x64_sys_sendmsg+0xd4/0x160
[   67.345622][ T5918]  x64_sys_call+0x191e/0x2ff0
[   67.345645][ T5918]  do_syscall_64+0xd2/0x200
[   67.345676][ T5918]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   67.345783][ T5918]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   67.345812][ T5918]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.345835][ T5918] RIP: 0033:0x7fd6ad17ebe9
[   67.345851][ T5918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.345923][ T5918] RSP: 002b:00007fd6abbdf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   67.345944][ T5918] RAX: ffffffffffffffda RBX: 00007fd6ad3b5fa0 RCX: 00007fd6ad17ebe9
[   67.345984][ T5918] RDX: 0000000000000000 RSI: 0000200000001200 RDI: 0000000000000007
[   67.346029][ T5918] RBP: 00007fd6abbdf090 R08: 0000000000000000 R09: 0000000000000000
[   67.346040][ T5918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.346053][ T5918] R13: 00007fd6ad3b6038 R14: 00007fd6ad3b5fa0 R15: 00007ffced499da8
[   67.346071][ T5918]  </TASK>
[   67.547967][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.548953][ T5925] loop1: detected capacity change from 0 to 1024
[   67.567577][ T5926] netlink: 12 bytes leftover after parsing attributes in process `syz.0.778'.
[   67.579186][ T5925] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.662413][ T5938] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   67.686642][ T5925] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.780: Allocating blocks 465-513 which overlap fs metadata
[   67.703987][ T5942] loop3: detected capacity change from 0 to 512
[   67.712050][ T5925] EXT4-fs (loop1): pa ffff88810056fd20: logic 256, phys. 369, len 9
[   67.720093][ T5925] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   67.739176][ T5939] netlink: 12 bytes leftover after parsing attributes in process `syz.1.780'.
[   67.748031][ T5942] EXT4-fs (loop3): orphan cleanup on readonly fs
[   67.756706][ T5945] loop5: detected capacity change from 0 to 2048
[   67.763957][ T5925] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   67.783996][ T5939] 8021q: adding VLAN 0 to HW filter on device bond2
[   67.793286][ T5942] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.786: bg 0: block 248: padding at end of block bitmap is not set
[   67.808003][ T5925] FAULT_INJECTION: forcing a failure.
[   67.808003][ T5925] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   67.808905][ T5942] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.786: Failed to acquire dquot type 1
[   67.821064][ T5925] CPU: 1 UID: 0 PID: 5925 Comm: syz.1.780 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   67.821089][ T5925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   67.821182][ T5925] Call Trace:
[   67.821188][ T5925]  <TASK>
[   67.821196][ T5925]  __dump_stack+0x1d/0x30
[   67.821217][ T5925]  dump_stack_lvl+0xe8/0x140
[   67.821365][ T5925]  dump_stack+0x15/0x1b
[   67.821382][ T5925]  should_fail_ex+0x265/0x280
[   67.821403][ T5925]  should_fail+0xb/0x20
[   67.821420][ T5925]  should_fail_usercopy+0x1a/0x20
[   67.821443][ T5925]  _copy_from_iter+0xd2/0xe80
[   67.821486][ T5925]  ? __build_skb_around+0x1a0/0x200
[   67.821521][ T5925]  ? __alloc_skb+0x223/0x320
[   67.821541][ T5925]  netlink_sendmsg+0x471/0x6b0
[   67.821566][ T5925]  ? __pfx_netlink_sendmsg+0x10/0x10
[   67.821690][ T5925]  __sock_sendmsg+0x145/0x180
[   67.821720][ T5925]  ____sys_sendmsg+0x31e/0x4e0
[   67.821747][ T5925]  ___sys_sendmsg+0x17b/0x1d0
[   67.821787][ T5925]  __x64_sys_sendmsg+0xd4/0x160
[   67.821813][ T5925]  x64_sys_call+0x191e/0x2ff0
[   67.821835][ T5925]  do_syscall_64+0xd2/0x200
[   67.821864][ T5925]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   67.821936][ T5925]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   67.821963][ T5925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.821984][ T5925] RIP: 0033:0x7f548ea2ebe9
[   67.821999][ T5925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.822054][ T5925] RSP: 002b:00007f548d497038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   67.822148][ T5925] RAX: ffffffffffffffda RBX: 00007f548ec65fa0 RCX: 00007f548ea2ebe9
[   67.822178][ T5925] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 000000000000000b
[   67.822246][ T5925] RBP: 00007f548d497090 R08: 0000000000000000 R09: 0000000000000000
[   67.822257][ T5925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.822269][ T5925] R13: 00007f548ec66038 R14: 00007f548ec65fa0 R15: 00007ffda3f690a8
[   67.822287][ T5925]  </TASK>
[   67.885905][ T5945] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.902022][ T5942] EXT4-fs (loop3): 1 truncate cleaned up
[   67.930912][ T5585] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[   67.934299][ T5942] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   67.938176][ T5585] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   67.952449][ T5942] EXT4-fs error (device loop3): ext4_lookup:1791: inode #2: comm syz.3.786: deleted inode referenced: 12
[   68.095905][ T5954] EXT4-fs error (device loop3): ext4_lookup:1791: inode #2: comm syz.3.786: deleted inode referenced: 12
[   68.109711][ T5585] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.133064][ T5955] EXT4-fs error (device loop3): ext4_lookup:1791: inode #2: comm syz.3.786: deleted inode referenced: 12
[   68.147345][ T5959] loop5: detected capacity change from 0 to 512
[   68.153983][ T5959] EXT4-fs: Ignoring removed nomblk_io_submit option
[   68.163201][ T5959] EXT4-fs: Ignoring removed i_version option
[   68.170661][ T5959] EXT4-fs (loop5): 1 orphan inode deleted
[   68.176833][ T5959] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.196783][ T5959] EXT4-fs error (device loop5): ext4_add_entry:2417: inode #2: comm syz.5.790: Directory hole found for htree leaf block 0
[   68.215341][ T5959] EXT4-fs error (device loop5): ext4_add_entry:2417: inode #2: comm syz.5.790: Directory hole found for htree leaf block 0
[   68.222485][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.237626][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.262476][ T5585] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.294701][ T5970] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   68.312092][ T5970] loop5: detected capacity change from 0 to 1024
[   68.319206][ T5970] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   68.330130][ T5970] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[   68.339912][ T5970] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   68.350923][ T5970] EXT4-fs error (device loop5): ext4_get_journal_inode:5800: inode #32: comm ,&#^%: iget: special inode unallocated
[   68.363707][ T5970] EXT4-fs (loop5): no journal found
[   68.368975][ T5970] EXT4-fs (loop5): can't get journal size
[   68.375675][ T5970] EXT4-fs (loop5): revision level too high, forcing read-only mode
[   68.389385][ T5970] EXT4-fs error (device loop5): ext4_protect_reserved_inode:160: inode #32: comm ,&#^%: iget: special inode unallocated
[   68.415347][ T5970] EXT4-fs (loop5): failed to initialize system zone (-117)
[   68.422637][ T5970] EXT4-fs (loop5): mount failed
[   68.433926][ T5970] loop5: detected capacity change from 0 to 512
[   68.441169][ T5970] EXT4-fs: Ignoring removed oldalloc option
[   68.458813][ T5970] EXT4-fs error (device loop5): ext4_xattr_inode_iget:433: comm ,&#^%: Parent and EA inode have the same ino 15
[   68.471396][ T5970] EXT4-fs error (device loop5): ext4_xattr_inode_iget:433: comm ,&#^%: Parent and EA inode have the same ino 15
[   68.490314][ T5970] EXT4-fs (loop5): 1 orphan inode deleted
[   68.496891][ T5970] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.521262][ T5585] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.531114][   T29] kauditd_printk_skb: 423 callbacks suppressed
[   68.531128][   T29] audit: type=1326 audit(1756685017.104:5851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5987 comm="syz.1.803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f548ea2ebe9 code=0x7ffc0000
[   68.560625][   T29] audit: type=1326 audit(1756685017.104:5852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5987 comm="syz.1.803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f548ea2ebe9 code=0x7ffc0000
[   68.564896][ T5993] veth0: entered promiscuous mode
[   68.591308][   T29] audit: type=1326 audit(1756685017.124:5853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5987 comm="syz.1.803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f548ea2ebe9 code=0x7ffc0000
[   68.599586][ T5993] veth0: left promiscuous mode
[   68.614557][   T29] audit: type=1326 audit(1756685017.124:5854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5987 comm="syz.1.803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f548ea2ebe9 code=0x7ffc0000
[   68.642647][   T29] audit: type=1326 audit(1756685017.124:5855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5987 comm="syz.1.803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f548ea2ebe9 code=0x7ffc0000
[   68.665976][   T29] audit: type=1326 audit(1756685017.124:5856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5987 comm="syz.1.803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f548ea2ebe9 code=0x7ffc0000
[   68.691724][ T5995] lo speed is unknown, defaulting to 1000
[   68.827798][ T6010] loop5: detected capacity change from 0 to 256
[   68.842527][ T6010] vfat: Unknown parameter 'fs'
[   68.980339][ T6017] vlan2: entered allmulticast mode
[   68.990351][   T29] audit: type=1326 audit(1756685017.544:5857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6016 comm="syz.4.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78c271ebe9 code=0x7ffc0000
[   69.013687][   T29] audit: type=1326 audit(1756685017.544:5858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6016 comm="syz.4.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78c271ebe9 code=0x7ffc0000
[   69.037068][   T29] audit: type=1326 audit(1756685017.544:5859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6016 comm="syz.4.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f78c271ebe9 code=0x7ffc0000
[   69.060381][   T29] audit: type=1326 audit(1756685017.554:5860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6016 comm="syz.4.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78c271ebe9 code=0x7ffc0000
[   69.114018][ T6018] loop4: detected capacity change from 0 to 2048
[   69.153987][ T6014] lo speed is unknown, defaulting to 1000
[   69.219045][ T6022] loop0: detected capacity change from 0 to 512
[   69.242542][ T6018] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[   69.280323][ T6022] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.813: Failed to acquire dquot type 1
[   69.293070][ T6022] EXT4-fs (loop0): 1 truncate cleaned up
[   69.300443][ T6022] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.316382][ T6022] ext4 filesystem being mounted at /193/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.336133][ T6022] 9pnet: Unknown protocol version 9p
[   69.356072][ T6027] netlink: 'syz.5.814': attribute type 13 has an invalid length.
[   69.356572][ T6029] loop3: detected capacity change from 0 to 2048
[   69.363854][ T6027] netlink: 48 bytes leftover after parsing attributes in process `syz.5.814'.
[   69.394394][ T6031] bridge0: port 3(gretap0) entered blocking state
[   69.400890][ T6031] bridge0: port 3(gretap0) entered disabled state
[   69.409140][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.428231][ T6031] gretap0: entered allmulticast mode
[   69.430284][ T6029] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[   69.455106][ T6034] loop5: detected capacity change from 0 to 2048
[   69.480272][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   69.508528][ T6031] gretap0: entered promiscuous mode
[   69.534246][ T6031] bridge0: port 3(gretap0) entered blocking state
[   69.540747][ T6031] bridge0: port 3(gretap0) entered forwarding state
[   69.601310][ T6034] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[   69.672720][ T6056] tipc: Enabling of bearer <‰(p:s> rejected, media not registered
[   69.696043][ T6061] loop0: detected capacity change from 0 to 1024
[   69.721050][ T6061] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   69.732043][ T6061] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[   69.743875][ T6034] EXT4-fs error (device loop5): ext4_lookup:1787: inode #16: comm syz.5.817: iget: bad i_size value: 8796093031208
[   69.759293][ T6061] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   69.769635][ T6029] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   69.784638][ T6061] EXT4-fs error (device loop0): ext4_get_journal_inode:5800: inode #32: comm syz.0.825: iget: special inode unallocated
[   69.797607][ T6029] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   69.810067][ T6029] EXT4-fs (loop3): This should not happen!! Data will be lost
[   69.810067][ T6029] 
[   69.819860][ T6029] EXT4-fs (loop3): Total free blocks count 0
[   69.825951][ T6029] EXT4-fs (loop3): Free/Dirty block details
[   69.828129][ T6061] EXT4-fs (loop0): no journal found
[   69.831873][ T6029] EXT4-fs (loop3): free_blocks=2415919104
[   69.837092][ T6061] EXT4-fs (loop0): can't get journal size
[   69.842748][ T6029] EXT4-fs (loop3): dirty_blocks=8208
[   69.853749][ T6029] EXT4-fs (loop3): Block reservation details
[   69.857464][ T6061] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   69.859743][ T6029] EXT4-fs (loop3): i_reserved_data_blocks=513
[   69.884021][ T6061] EXT4-fs error (device loop0): ext4_protect_reserved_inode:160: inode #32: comm syz.0.825: iget: special inode unallocated
[   69.901196][ T6061] EXT4-fs (loop0): failed to initialize system zone (-117)
[   69.918168][ T6040] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 8192 with max blocks 3 with error 28
[   69.938076][ T6061] EXT4-fs (loop0): mount failed
[   69.962823][ T6067] loop4: detected capacity change from 0 to 1024
[   69.980479][ T6067] EXT4-fs: Ignoring removed orlov option
[   69.999421][ T6067] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.097801][ T6031] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   70.123575][ T6031] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   70.136108][ T6031] EXT4-fs (loop5): This should not happen!! Data will be lost
[   70.136108][ T6031] 
[   70.145767][ T6031] EXT4-fs (loop5): Total free blocks count 0
[   70.151761][ T6031] EXT4-fs (loop5): Free/Dirty block details
[   70.157714][ T6031] EXT4-fs (loop5): free_blocks=2415919104
[   70.163442][ T6031] EXT4-fs (loop5): dirty_blocks=8208
[   70.168720][ T6031] EXT4-fs (loop5): Block reservation details
[   70.174684][ T6031] EXT4-fs (loop5): i_reserved_data_blocks=513
[   70.183550][ T6072] FAULT_INJECTION: forcing a failure.
[   70.183550][ T6072] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   70.196660][ T6072] CPU: 0 UID: 0 PID: 6072 Comm: syz.0.828 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   70.196684][ T6072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   70.196695][ T6072] Call Trace:
[   70.196702][ T6072]  <TASK>
[   70.196710][ T6072]  __dump_stack+0x1d/0x30
[   70.196794][ T6072]  dump_stack_lvl+0xe8/0x140
[   70.196814][ T6072]  dump_stack+0x15/0x1b
[   70.196830][ T6072]  should_fail_ex+0x265/0x280
[   70.196922][ T6072]  should_fail+0xb/0x20
[   70.196963][ T6072]  should_fail_usercopy+0x1a/0x20
[   70.196983][ T6072]  _copy_from_user+0x1c/0xb0
[   70.197009][ T6072]  __sys_bpf+0x178/0x7b0
[   70.197039][ T6072]  __x64_sys_bpf+0x41/0x50
[   70.197129][ T6072]  x64_sys_call+0x2aea/0x2ff0
[   70.197151][ T6072]  do_syscall_64+0xd2/0x200
[   70.197180][ T6072]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   70.197205][ T6072]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   70.197233][ T6072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.197316][ T6072] RIP: 0033:0x7fdfae4cebe9
[   70.197332][ T6072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.197349][ T6072] RSP: 002b:00007fdfacf0e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   70.197368][ T6072] RAX: ffffffffffffffda RBX: 00007fdfae706090 RCX: 00007fdfae4cebe9
[   70.197381][ T6072] RDX: 0000000000000040 RSI: 00002000000005c0 RDI: 000000000000001c
[   70.197394][ T6072] RBP: 00007fdfacf0e090 R08: 0000000000000000 R09: 0000000000000000
[   70.197407][ T6072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   70.197420][ T6072] R13: 00007fdfae706128 R14: 00007fdfae706090 R15: 00007ffe52e50588
[   70.197445][ T6072]  </TASK>
[   70.383799][ T6073] loop0: detected capacity change from 0 to 1024
[   70.390652][ T6073] EXT4-fs: Ignoring removed orlov option
[   70.444443][ T6073] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.465550][ T6082] loop3: detected capacity change from 0 to 512
[   70.478571][ T6082] EXT4-fs: Ignoring removed oldalloc option
[   70.509996][   T51] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[   70.525616][ T6082] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   70.535416][ T6082] EXT4-fs (loop3): group descriptors corrupted!
[   70.624147][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.682576][ T6095] loop4: detected capacity change from 0 to 2048
[   70.689194][ T6090] loop1: detected capacity change from 0 to 8192
[   70.710099][ T6095] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.743214][ T6102] loop3: detected capacity change from 0 to 512
[   70.775351][ T6095] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm +}[@: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   70.801555][ T6102] EXT4-fs: Ignoring removed nomblk_io_submit option
[   70.829206][ T6102] EXT4-fs: Ignoring removed nomblk_io_submit option
[   70.867184][ T6095] EXT4-fs (loop4): Remounting filesystem read-only
[   70.878309][ T6102] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   70.918372][ T6102] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[   70.930397][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.947522][ T6102] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[   70.962936][ T6102] EXT4-fs (loop3): 1 truncate cleaned up
[   70.973527][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.976058][ T6102] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.035079][ T6102] FAULT_INJECTION: forcing a failure.
[   71.035079][ T6102] name failslab, interval 1, probability 0, space 0, times 0
[   71.047789][ T6102] CPU: 0 UID: 0 PID: 6102 Comm: syz.3.839 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   71.047819][ T6102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   71.047832][ T6102] Call Trace:
[   71.047838][ T6102]  <TASK>
[   71.047845][ T6102]  __dump_stack+0x1d/0x30
[   71.047867][ T6102]  dump_stack_lvl+0xe8/0x140
[   71.047888][ T6102]  dump_stack+0x15/0x1b
[   71.047917][ T6102]  should_fail_ex+0x265/0x280
[   71.047937][ T6102]  should_failslab+0x8c/0xb0
[   71.048013][ T6102]  kmem_cache_alloc_noprof+0x50/0x310
[   71.048042][ T6102]  ? getname_flags+0x80/0x3b0
[   71.048143][ T6102]  ? fput+0x8f/0xc0
[   71.048237][ T6102]  getname_flags+0x80/0x3b0
[   71.048265][ T6102]  __x64_sys_mkdirat+0x40/0x60
[   71.048340][ T6102]  x64_sys_call+0x2b7/0x2ff0
[   71.048364][ T6102]  do_syscall_64+0xd2/0x200
[   71.048420][ T6102]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   71.048445][ T6102]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   71.048473][ T6102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.048545][ T6102] RIP: 0033:0x7fd6ad17d457
[   71.048568][ T6102] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.048586][ T6102] RSP: 002b:00007fd6abbdee68 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[   71.048607][ T6102] RAX: ffffffffffffffda RBX: 00007fd6abbdeef0 RCX: 00007fd6ad17d457
[   71.048620][ T6102] RDX: 00000000000001ff RSI: 0000200000000f00 RDI: 00000000ffffff9c
[   71.048633][ T6102] RBP: 0000200000000f40 R08: 0000200000000000 R09: 0000000000000000
[   71.048646][ T6102] R10: 0000200000000f40 R11: 0000000000000246 R12: 0000200000000f00
[   71.048659][ T6102] R13: 00007fd6abbdeeb0 R14: 0000000000000000 R15: 00002000000008c0
[   71.048677][ T6102]  </TASK>
[   71.223659][ T6100] netlink: 4 bytes leftover after parsing attributes in process `syz.5.831'.
[   71.232907][ T6100] netlink: 12 bytes leftover after parsing attributes in process `syz.5.831'.
[   71.242804][ T6100] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=6100 comm=syz.5.831
[   71.256483][ T6102] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   71.291586][ T6117] pim6reg: entered allmulticast mode
[   71.297639][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.318630][ T6117] netlink: 'syz.5.844': attribute type 10 has an invalid length.
[   71.351268][ T6119] vlan2: entered allmulticast mode
[   71.381700][ T6115] loop0: detected capacity change from 0 to 512
[   71.404316][ T6119] loop3: detected capacity change from 0 to 2048
[   71.411134][ T6115] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   71.423386][ T6115] EXT4-fs (loop0): 1 truncate cleaned up
[   71.429650][ T6115] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.455990][ T6119] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[   71.476694][ T6129] netlink: 4 bytes leftover after parsing attributes in process `syz.5.849'.
[   71.495863][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.505740][ T6133] netlink: 'syz.1.850': attribute type 13 has an invalid length.
[   71.513489][ T6133] netlink: 48 bytes leftover after parsing attributes in process `syz.1.850'.
[   71.535229][ T6137] loop0: detected capacity change from 0 to 2048
[   71.552794][ T6137] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.566992][ T6137] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm syz.0.851: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   71.584377][ T6137] EXT4-fs (loop0): Remounting filesystem read-only
[   71.592021][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   71.601677][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.635398][ T6148] loop3: detected capacity change from 0 to 128
[   71.645785][ T6154] netlink: 28 bytes leftover after parsing attributes in process `syz.1.858'.
[   71.654795][ T6154] netlink: 28 bytes leftover after parsing attributes in process `syz.1.858'.
[   71.779741][ T6165] 9pnet: Could not find request transport: fd@
[   71.802176][ T6168] netlink: 'syz.3.864': attribute type 13 has an invalid length.
[   71.809982][ T6168] netlink: 48 bytes leftover after parsing attributes in process `syz.3.864'.
[   71.857574][ T6175] loop3: detected capacity change from 0 to 2048
[   71.871606][ T6177] loop4: detected capacity change from 0 to 2048
[   71.888869][ T6175] Alternate GPT is invalid, using primary GPT.
[   71.889664][ T6177] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.895246][ T6175]  loop3: p1 p2 p3
[   71.911388][ T6177] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm syz.4.867: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   71.928713][ T6177] EXT4-fs (loop4): Remounting filesystem read-only
[   71.944951][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.956467][ T6181] FAULT_INJECTION: forcing a failure.
[   71.956467][ T6181] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   71.969568][ T6181] CPU: 1 UID: 0 PID: 6181 Comm: syz.3.868 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   71.969667][ T6181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   71.969682][ T6181] Call Trace:
[   71.969689][ T6181]  <TASK>
[   71.969696][ T6181]  __dump_stack+0x1d/0x30
[   71.969716][ T6181]  dump_stack_lvl+0xe8/0x140
[   71.969734][ T6181]  dump_stack+0x15/0x1b
[   71.969819][ T6181]  should_fail_ex+0x265/0x280
[   71.969875][ T6181]  should_fail+0xb/0x20
[   71.969894][ T6181]  should_fail_usercopy+0x1a/0x20
[   71.969933][ T6181]  _copy_from_user+0x1c/0xb0
[   71.969969][ T6181]  memdup_user+0x5e/0xd0
[   71.969995][ T6181]  proc_pid_attr_write+0x15e/0x220
[   71.970019][ T6181]  ? __pfx_proc_pid_attr_write+0x10/0x10
[   71.970120][ T6181]  vfs_write+0x269/0x960
[   71.970143][ T6181]  ? __rcu_read_unlock+0x4f/0x70
[   71.970166][ T6181]  ? __fget_files+0x184/0x1c0
[   71.970219][ T6181]  ksys_write+0xda/0x1a0
[   71.970239][ T6181]  __x64_sys_write+0x40/0x50
[   71.970263][ T6181]  x64_sys_call+0x27fe/0x2ff0
[   71.970361][ T6181]  do_syscall_64+0xd2/0x200
[   71.970389][ T6181]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   71.970454][ T6181]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   71.970483][ T6181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.970528][ T6181] RIP: 0033:0x7fd6ad17ebe9
[   71.970543][ T6181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.970562][ T6181] RSP: 002b:00007fd6abbdf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   71.970582][ T6181] RAX: ffffffffffffffda RBX: 00007fd6ad3b5fa0 RCX: 00007fd6ad17ebe9
[   71.970596][ T6181] RDX: 000000000000001e RSI: 0000200000000080 RDI: 0000000000000003
[   71.970645][ T6181] RBP: 00007fd6abbdf090 R08: 0000000000000000 R09: 0000000000000000
[   71.970658][ T6181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.970670][ T6181] R13: 00007fd6ad3b6038 R14: 00007fd6ad3b5fa0 R15: 00007ffced499da8
[   71.970686][ T6181]  </TASK>
[   71.973932][ T6183] sch_fq: defrate 4294967295 ignored.
[   72.222175][ T6193] hub 9-0:1.0: USB hub found
[   72.226914][ T6193] hub 9-0:1.0: 8 ports detected
[   72.227004][ T6195] FAULT_INJECTION: forcing a failure.
[   72.227004][ T6195] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   72.244903][ T6195] CPU: 1 UID: 0 PID: 6195 Comm: syz.3.875 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   72.244932][ T6195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   72.244944][ T6195] Call Trace:
[   72.244951][ T6195]  <TASK>
[   72.244958][ T6195]  __dump_stack+0x1d/0x30
[   72.245037][ T6195]  dump_stack_lvl+0xe8/0x140
[   72.245056][ T6195]  dump_stack+0x15/0x1b
[   72.245074][ T6195]  should_fail_ex+0x265/0x280
[   72.245096][ T6195]  should_fail+0xb/0x20
[   72.245113][ T6195]  should_fail_usercopy+0x1a/0x20
[   72.245152][ T6195]  _copy_from_user+0x1c/0xb0
[   72.245177][ T6195]  do_ipv6_setsockopt+0x124/0x2160
[   72.245197][ T6195]  ? kstrtoull+0x111/0x140
[   72.245215][ T6195]  ? avc_has_perm_noaudit+0x1b1/0x200
[   72.245293][ T6195]  ? selinux_netlbl_socket_setsockopt+0x1f9/0x2d0
[   72.245325][ T6195]  ipv6_setsockopt+0x59/0x130
[   72.245405][ T6195]  udpv6_setsockopt+0x99/0xb0
[   72.245435][ T6195]  sock_common_setsockopt+0x66/0x80
[   72.245461][ T6195]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   72.245488][ T6195]  __sys_setsockopt+0x184/0x200
[   72.245665][ T6195]  __x64_sys_setsockopt+0x64/0x80
[   72.245684][ T6195]  x64_sys_call+0x20ec/0x2ff0
[   72.245713][ T6195]  do_syscall_64+0xd2/0x200
[   72.245739][ T6195]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   72.245760][ T6195]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   72.245789][ T6195]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.245836][ T6195] RIP: 0033:0x7fd6ad17ebe9
[   72.245849][ T6195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.245864][ T6195] RSP: 002b:00007fd6abbdf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   72.245932][ T6195] RAX: ffffffffffffffda RBX: 00007fd6ad3b5fa0 RCX: 00007fd6ad17ebe9
[   72.245943][ T6195] RDX: 0000000000000039 RSI: 0000000000000029 RDI: 0000000000000003
[   72.245994][ T6195] RBP: 00007fd6abbdf090 R08: 0000000000000008 R09: 0000000000000000
[   72.246006][ T6195] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[   72.246017][ T6195] R13: 00007fd6ad3b6038 R14: 00007fd6ad3b5fa0 R15: 00007ffced499da8
[   72.246032][ T6195]  </TASK>
[   72.500768][ T6201] loop1: detected capacity change from 0 to 2048
[   72.539624][ T6201] Alternate GPT is invalid, using primary GPT.
[   72.545939][ T6201]  loop1: p1 p2 p3
[   72.580483][ T6212] sch_fq: defrate 4294967295 ignored.
[   72.591837][ T6216] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   72.605695][ T6216] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   72.680172][ T6233] netlink: 8 bytes leftover after parsing attributes in process `syz.1.886'.
[   72.716849][ T6238] loop3: detected capacity change from 0 to 2048
[   72.730063][ T6241] vlan2: entered allmulticast mode
[   72.745554][ T6232] loop4: detected capacity change from 0 to 512
[   72.758559][ T6238] Alternate GPT is invalid, using primary GPT.
[   72.764818][ T6238]  loop3: p1 p2 p3
[   72.779841][ T6241] loop0: detected capacity change from 0 to 2048
[   72.794720][ T6232] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.807784][ T6232] ext4 filesystem being mounted at /155/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   72.820851][ T6252] FAULT_INJECTION: forcing a failure.
[   72.820851][ T6252] name failslab, interval 1, probability 0, space 0, times 0
[   72.821480][ T6241] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[   72.833563][ T6252] CPU: 1 UID: 0 PID: 6252 Comm: syz.1.898 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   72.833589][ T6252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   72.833675][ T6252] Call Trace:
[   72.833681][ T6252]  <TASK>
[   72.833687][ T6252]  __dump_stack+0x1d/0x30
[   72.833708][ T6252]  dump_stack_lvl+0xe8/0x140
[   72.833728][ T6252]  dump_stack+0x15/0x1b
[   72.833745][ T6252]  should_fail_ex+0x265/0x280
[   72.833767][ T6252]  should_failslab+0x8c/0xb0
[   72.833855][ T6252]  kmem_cache_alloc_noprof+0x50/0x310
[   72.833890][ T6252]  ? getname_flags+0x80/0x3b0
[   72.833919][ T6252]  getname_flags+0x80/0x3b0
[   72.833945][ T6252]  __x64_sys_unlink+0x21/0x40
[   72.834036][ T6252]  x64_sys_call+0x2dc0/0x2ff0
[   72.834116][ T6252]  do_syscall_64+0xd2/0x200
[   72.834141][ T6252]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   72.834164][ T6252]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   72.834190][ T6252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.834246][ T6252] RIP: 0033:0x7f548ea2ebe9
[   72.834260][ T6252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.834278][ T6252] RSP: 002b:00007f548d497038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[   72.834298][ T6252] RAX: ffffffffffffffda RBX: 00007f548ec65fa0 RCX: 00007f548ea2ebe9
[   72.834311][ T6252] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000400
[   72.834323][ T6252] RBP: 00007f548d497090 R08: 0000000000000000 R09: 0000000000000000
[   72.834335][ T6252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   72.834348][ T6252] R13: 00007f548ec66038 R14: 00007f548ec65fa0 R15: 00007ffda3f690a8
[   72.834436][ T6252]  </TASK>
[   72.870894][ T6254] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.899' sets config #3
[   73.090813][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   73.101050][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.126020][ T6269] loop3: detected capacity change from 0 to 512
[   73.142589][ T6269] EXT4-fs: Ignoring removed oldalloc option
[   73.153351][ T6276] FAULT_INJECTION: forcing a failure.
[   73.153351][ T6276] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   73.164040][ T6278] loop0: detected capacity change from 0 to 2048
[   73.166434][ T6276] CPU: 0 UID: 0 PID: 6276 Comm: syz.4.906 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   73.166472][ T6276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   73.166533][ T6276] Call Trace:
[   73.166539][ T6276]  <TASK>
[   73.166546][ T6276]  __dump_stack+0x1d/0x30
[   73.166573][ T6276]  dump_stack_lvl+0xe8/0x140
[   73.166658][ T6276]  dump_stack+0x15/0x1b
[   73.166675][ T6276]  should_fail_ex+0x265/0x280
[   73.166697][ T6276]  should_fail+0xb/0x20
[   73.166779][ T6276]  should_fail_usercopy+0x1a/0x20
[   73.166801][ T6276]  _copy_to_user+0x20/0xa0
[   73.166829][ T6276]  simple_read_from_buffer+0xb5/0x130
[   73.166853][ T6276]  proc_fail_nth_read+0x10e/0x150
[   73.166949][ T6276]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   73.166974][ T6276]  vfs_read+0x1a8/0x770
[   73.167040][ T6276]  ? __rcu_read_unlock+0x4f/0x70
[   73.167061][ T6276]  ? __fget_files+0x184/0x1c0
[   73.167227][ T6276]  ksys_read+0xda/0x1a0
[   73.167249][ T6276]  __x64_sys_read+0x40/0x50
[   73.167272][ T6276]  x64_sys_call+0x27bc/0x2ff0
[   73.167293][ T6276]  do_syscall_64+0xd2/0x200
[   73.167386][ T6276]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   73.167411][ T6276]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   73.167438][ T6276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.167460][ T6276] RIP: 0033:0x7f78c271d5fc
[   73.167513][ T6276] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   73.167532][ T6276] RSP: 002b:00007f78c1187030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   73.167612][ T6276] RAX: ffffffffffffffda RBX: 00007f78c2955fa0 RCX: 00007f78c271d5fc
[   73.167625][ T6276] RDX: 000000000000000f RSI: 00007f78c11870a0 RDI: 0000000000000006
[   73.167650][ T6276] RBP: 00007f78c1187090 R08: 0000000000000000 R09: 0000000000000000
[   73.167661][ T6276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.167674][ T6276] R13: 00007f78c2956038 R14: 00007f78c2955fa0 R15: 00007ffe032e6228
[   73.167692][ T6276]  </TASK>
[   73.180293][ T6280] loop1: detected capacity change from 0 to 2048
[   73.192429][ T6269] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.905: Parent and EA inode have the same ino 15
[   73.220829][ T6283] loop5: detected capacity change from 0 to 2048
[   73.228756][ T6269] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.905: Parent and EA inode have the same ino 15
[   73.261728][ T6283] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.264161][ T6269] EXT4-fs (loop3): 1 orphan inode deleted
[   73.269431][ T6280] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.273307][ T6269] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.282664][ T6283] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm +}[@: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   73.284892][ T6278] Alternate GPT is invalid, using primary GPT.
[   73.307546][ T6280] EXT4-fs error (device loop1): ext4_find_extent:939: inode #2: comm syz.1.908: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   73.319459][ T6278]  loop0: p1 p2 p3
[   73.327806][ T6283] EXT4-fs (loop5): Remounting filesystem read-only
[   73.336707][ T6280] EXT4-fs (loop1): Remounting filesystem read-only
[   73.460435][ T6293] vlan2: entered allmulticast mode
[   73.501536][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.516139][ T6294] loop0: detected capacity change from 0 to 2048
[   73.519333][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.534500][ T5585] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.550737][ T6296] FAULT_INJECTION: forcing a failure.
[   73.550737][ T6296] name failslab, interval 1, probability 0, space 0, times 0
[   73.563446][ T6296] CPU: 0 UID: 0 PID: 6296 Comm: syz.3.911 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   73.563473][ T6296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   73.563486][ T6296] Call Trace:
[   73.563492][ T6296]  <TASK>
[   73.563500][ T6296]  __dump_stack+0x1d/0x30
[   73.563520][ T6296]  dump_stack_lvl+0xe8/0x140
[   73.563538][ T6296]  dump_stack+0x15/0x1b
[   73.563554][ T6296]  should_fail_ex+0x265/0x280
[   73.563651][ T6296]  should_failslab+0x8c/0xb0
[   73.563676][ T6296]  kmem_cache_alloc_noprof+0x50/0x310
[   73.563754][ T6296]  ? getname_flags+0x80/0x3b0
[   73.563854][ T6296]  getname_flags+0x80/0x3b0
[   73.563884][ T6296]  __x64_sys_unlink+0x21/0x40
[   73.563909][ T6296]  x64_sys_call+0x2dc0/0x2ff0
[   73.563932][ T6296]  do_syscall_64+0xd2/0x200
[   73.564023][ T6296]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   73.564049][ T6296]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   73.564078][ T6296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.564102][ T6296] RIP: 0033:0x7fd6ad17ebe9
[   73.564135][ T6296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.564154][ T6296] RSP: 002b:00007fd6abbdf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[   73.564215][ T6296] RAX: ffffffffffffffda RBX: 00007fd6ad3b5fa0 RCX: 00007fd6ad17ebe9
[   73.564229][ T6296] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   73.564243][ T6296] RBP: 00007fd6abbdf090 R08: 0000000000000000 R09: 0000000000000000
[   73.564256][ T6296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.564331][ T6296] R13: 00007fd6ad3b6038 R14: 00007fd6ad3b5fa0 R15: 00007ffced499da8
[   73.564350][ T6296]  </TASK>
[   73.603884][   T29] kauditd_printk_skb: 375 callbacks suppressed
[   73.603899][   T29] audit: type=1400 audit(1756685022.154:6234): avc:  denied  { create } for  pid=6297 comm="syz.5.913" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   73.624070][ T6294] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[   73.695685][   T29] audit: type=1400 audit(1756685022.194:6235): avc:  denied  { getopt } for  pid=6297 comm="syz.5.913" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   73.796007][   T29] audit: type=1326 audit(1756685022.344:6236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6292 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfae4cebe9 code=0x7ffc0000
[   73.819416][   T29] audit: type=1326 audit(1756685022.344:6237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6292 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfae4cebe9 code=0x7ffc0000
[   73.842865][   T29] audit: type=1326 audit(1756685022.354:6238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6292 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fdfae4cebe9 code=0x7ffc0000
[   73.866427][   T29] audit: type=1326 audit(1756685022.354:6239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6292 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfae4cebe9 code=0x7ffc0000
[   73.889744][   T29] audit: type=1326 audit(1756685022.354:6240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6292 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfae4cebe9 code=0x7ffc0000
[   73.891795][ T6312] loop3: detected capacity change from 0 to 2048
[   73.913183][   T29] audit: type=1326 audit(1756685022.354:6241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6292 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fdfae4cebe9 code=0x7ffc0000
[   73.913213][   T29] audit: type=1326 audit(1756685022.354:6242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6292 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfae4cebe9 code=0x7ffc0000
[   73.966264][   T29] audit: type=1326 audit(1756685022.354:6243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6292 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdfae4cebe9 code=0x7ffc0000
[   73.972528][ T6312] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.014009][ T6312] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.920: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   74.030986][ T6312] EXT4-fs (loop3): Remounting filesystem read-only
[   74.049709][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   74.077737][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.161253][ T6348] loop5: detected capacity change from 0 to 512
[   74.186189][ T6348] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   74.203890][ T6352] vlan2: entered allmulticast mode
[   74.222204][ T6358] FAULT_INJECTION: forcing a failure.
[   74.222204][ T6358] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   74.235324][ T6358] CPU: 0 UID: 0 PID: 6358 Comm: syz.4.936 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   74.235350][ T6358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   74.235362][ T6358] Call Trace:
[   74.235369][ T6358]  <TASK>
[   74.235375][ T6358]  __dump_stack+0x1d/0x30
[   74.235396][ T6358]  dump_stack_lvl+0xe8/0x140
[   74.235492][ T6358]  dump_stack+0x15/0x1b
[   74.235508][ T6358]  should_fail_ex+0x265/0x280
[   74.235528][ T6358]  should_fail+0xb/0x20
[   74.235544][ T6358]  should_fail_usercopy+0x1a/0x20
[   74.235564][ T6358]  strncpy_from_user+0x25/0x230
[   74.235616][ T6358]  ? kmem_cache_alloc_noprof+0x186/0x310
[   74.235643][ T6358]  ? getname_flags+0x80/0x3b0
[   74.235671][ T6358]  getname_flags+0xae/0x3b0
[   74.235734][ T6358]  user_path_at+0x28/0x130
[   74.235768][ T6358]  do_utimes+0xd9/0x210
[   74.235794][ T6358]  __x64_sys_utime+0xbc/0x140
[   74.235855][ T6358]  x64_sys_call+0x2b0b/0x2ff0
[   74.235877][ T6358]  do_syscall_64+0xd2/0x200
[   74.235986][ T6358]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   74.236073][ T6358]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   74.236127][ T6358]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.236151][ T6358] RIP: 0033:0x7f78c271ebe9
[   74.236165][ T6358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.236183][ T6358] RSP: 002b:00007f78c1187038 EFLAGS: 00000246 ORIG_RAX: 0000000000000084
[   74.236200][ T6358] RAX: ffffffffffffffda RBX: 00007f78c2955fa0 RCX: 00007f78c271ebe9
[   74.236253][ T6358] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[   74.236318][ T6358] RBP: 00007f78c1187090 R08: 0000000000000000 R09: 0000000000000000
[   74.236332][ T6358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.236345][ T6358] R13: 00007f78c2956038 R14: 00007f78c2955fa0 R15: 00007ffe032e6228
[   74.236417][ T6358]  </TASK>
[   74.434385][ T6356] loop3: detected capacity change from 0 to 2048
[   74.443102][ T6359] loop1: detected capacity change from 0 to 2048
[   74.467530][ T6359] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[   74.506165][ T6356] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.937: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   74.530116][ T6356] EXT4-fs (loop3): Remounting filesystem read-only
[   74.628775][ T6390] FAULT_INJECTION: forcing a failure.
[   74.628775][ T6390] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   74.641867][ T6390] CPU: 1 UID: 0 PID: 6390 Comm: syz.3.948 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   74.641896][ T6390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   74.641910][ T6390] Call Trace:
[   74.641917][ T6390]  <TASK>
[   74.641924][ T6390]  __dump_stack+0x1d/0x30
[   74.641947][ T6390]  dump_stack_lvl+0xe8/0x140
[   74.641966][ T6390]  dump_stack+0x15/0x1b
[   74.642002][ T6390]  should_fail_ex+0x265/0x280
[   74.642024][ T6390]  should_fail+0xb/0x20
[   74.642042][ T6390]  should_fail_usercopy+0x1a/0x20
[   74.642062][ T6390]  _copy_from_user+0x1c/0xb0
[   74.642092][ T6390]  btf_new_fd+0x20a/0x790
[   74.642138][ T6390]  bpf_btf_load+0x112/0x130
[   74.642170][ T6390]  __sys_bpf+0x352/0x7b0
[   74.642203][ T6390]  __x64_sys_bpf+0x41/0x50
[   74.642302][ T6390]  x64_sys_call+0x2aea/0x2ff0
[   74.642326][ T6390]  do_syscall_64+0xd2/0x200
[   74.642355][ T6390]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   74.642412][ T6390]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   74.642438][ T6390]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.642461][ T6390] RIP: 0033:0x7fd6ad17ebe9
[   74.642476][ T6390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.642495][ T6390] RSP: 002b:00007fd6abbdf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   74.642515][ T6390] RAX: ffffffffffffffda RBX: 00007fd6ad3b5fa0 RCX: 00007fd6ad17ebe9
[   74.642536][ T6390] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000012
[   74.642549][ T6390] RBP: 00007fd6abbdf090 R08: 0000000000000000 R09: 0000000000000000
[   74.642562][ T6390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.642654][ T6390] R13: 00007fd6ad3b6038 R14: 00007fd6ad3b5fa0 R15: 00007ffced499da8
[   74.642672][ T6390]  </TASK>
[   74.860282][ T6395] sctp: [Deprecated]: syz.4.946 (pid 6395) Use of struct sctp_assoc_value in delayed_ack socket option.
[   74.860282][ T6395] Use struct sctp_sack_info instead
[   74.880280][ T6399] FAULT_INJECTION: forcing a failure.
[   74.880280][ T6399] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   74.893411][ T6399] CPU: 1 UID: 0 PID: 6399 Comm: syz.0.950 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   74.893512][ T6399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   74.893525][ T6399] Call Trace:
[   74.893531][ T6399]  <TASK>
[   74.893537][ T6399]  __dump_stack+0x1d/0x30
[   74.893558][ T6399]  dump_stack_lvl+0xe8/0x140
[   74.893574][ T6399]  dump_stack+0x15/0x1b
[   74.893590][ T6399]  should_fail_ex+0x265/0x280
[   74.893712][ T6399]  should_fail+0xb/0x20
[   74.893731][ T6399]  should_fail_usercopy+0x1a/0x20
[   74.893751][ T6399]  _copy_to_user+0x20/0xa0
[   74.893852][ T6399]  simple_read_from_buffer+0xb5/0x130
[   74.893872][ T6399]  proc_fail_nth_read+0x10e/0x150
[   74.893896][ T6399]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   74.893920][ T6399]  vfs_read+0x1a8/0x770
[   74.893988][ T6399]  ? __rcu_read_unlock+0x4f/0x70
[   74.894010][ T6399]  ? __fget_files+0x184/0x1c0
[   74.894036][ T6399]  ksys_read+0xda/0x1a0
[   74.894056][ T6399]  __x64_sys_read+0x40/0x50
[   74.894115][ T6399]  x64_sys_call+0x27bc/0x2ff0
[   74.894138][ T6399]  do_syscall_64+0xd2/0x200
[   74.894168][ T6399]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   74.894193][ T6399]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   74.894249][ T6399]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.894268][ T6399] RIP: 0033:0x7fdfae4cd5fc
[   74.894283][ T6399] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   74.894302][ T6399] RSP: 002b:00007fdfacf2f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   74.894323][ T6399] RAX: ffffffffffffffda RBX: 00007fdfae705fa0 RCX: 00007fdfae4cd5fc
[   74.894339][ T6399] RDX: 000000000000000f RSI: 00007fdfacf2f0a0 RDI: 0000000000000003
[   74.894350][ T6399] RBP: 00007fdfacf2f090 R08: 0000000000000000 R09: 0000000000000000
[   74.894361][ T6399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.894371][ T6399] R13: 00007fdfae706038 R14: 00007fdfae705fa0 R15: 00007ffe52e50588
[   74.894446][ T6399]  </TASK>
[   74.910993][ T6397] xt_time: unknown flags 0xf4
[   75.117608][ T6397] loop3: detected capacity change from 0 to 128
[   75.136339][ T6397] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002]
[   75.146913][ T6397] System zones: 1-3, 19-19, 35-36
[   75.154953][ T6397] ext4 filesystem being mounted at /223/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   75.451057][ T6434] FAULT_INJECTION: forcing a failure.
[   75.451057][ T6434] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   75.464322][ T6434] CPU: 0 UID: 0 PID: 6434 Comm: syz.4.963 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   75.464345][ T6434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   75.464353][ T6434] Call Trace:
[   75.464358][ T6434]  <TASK>
[   75.464363][ T6434]  __dump_stack+0x1d/0x30
[   75.464376][ T6434]  dump_stack_lvl+0xe8/0x140
[   75.464451][ T6434]  dump_stack+0x15/0x1b
[   75.464460][ T6434]  should_fail_ex+0x265/0x280
[   75.464472][ T6434]  should_fail_alloc_page+0xf2/0x100
[   75.464525][ T6434]  __alloc_frozen_pages_noprof+0xff/0x360
[   75.464546][ T6434]  alloc_pages_mpol+0xb3/0x250
[   75.464576][ T6434]  vma_alloc_folio_noprof+0x1aa/0x300
[   75.464626][ T6434]  handle_mm_fault+0xec2/0x2c20
[   75.464652][ T6434]  do_user_addr_fault+0x636/0x1090
[   75.464743][ T6434]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   75.464758][ T6434]  exc_page_fault+0x62/0xa0
[   75.464772][ T6434]  asm_exc_page_fault+0x26/0x30
[   75.464784][ T6434] RIP: 0033:0x7f78c26cc1eb
[   75.464794][ T6434] Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01
[   75.464804][ T6434] RSP: 002b:00007f78c1184e10 EFLAGS: 00010246
[   75.464843][ T6434] RAX: 00007f78c1186f30 RBX: 00007f78c2927640 RCX: 0000000000000000
[   75.464851][ T6434] RDX: 00007f78c1186f78 RSI: 00007f78c277eca8 RDI: 00007f78c1184e30
[   75.464858][ T6434] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[   75.464865][ T6434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.464872][ T6434] R13: 00007f78c2956038 R14: 00007f78c2955fa0 R15: 00007ffe032e6228
[   75.464882][ T6434]  </TASK>
[   75.464889][ T6434] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   75.688747][ T6443] netlink: 8 bytes leftover after parsing attributes in process `syz.4.967'.
[   75.701759][ T6443] netlink: 'syz.4.967': attribute type 1 has an invalid length.
[   75.714330][ T6443] 8021q: adding VLAN 0 to HW filter on device bond2
[   75.726336][ T6443] netlink: 4 bytes leftover after parsing attributes in process `syz.4.967'.
[   75.737300][ T6443] bond2 (unregistering): Released all slaves
[   75.754463][ T6446] loop5: detected capacity change from 0 to 2048
[   75.770734][ T6446] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm +}[@: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   75.786948][ T6446] EXT4-fs (loop5): Remounting filesystem read-only
[   75.808970][ T6451] sch_fq: defrate 4294967295 ignored.
[   75.857461][ T6461] loop5: detected capacity change from 0 to 2048
[   75.940846][ T6461]  loop5: unable to read partition table
[   75.946606][ T6461] loop5: partition table beyond EOD, truncated
[   75.952912][ T6461] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[   75.976216][ T6461] netlink: 'syz.5.974': attribute type 10 has an invalid length.
[   75.981574][ T6474] FAULT_INJECTION: forcing a failure.
[   75.981574][ T6474] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   75.997000][ T6474] CPU: 1 UID: 0 PID: 6474 Comm: syz.4.980 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   75.997061][ T6474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   75.997082][ T6474] Call Trace:
[   75.997087][ T6474]  <TASK>
[   75.997093][ T6474]  __dump_stack+0x1d/0x30
[   75.997112][ T6474]  dump_stack_lvl+0xe8/0x140
[   75.997133][ T6474]  dump_stack+0x15/0x1b
[   75.997194][ T6474]  should_fail_ex+0x265/0x280
[   75.997216][ T6474]  should_fail+0xb/0x20
[   75.997236][ T6474]  should_fail_usercopy+0x1a/0x20
[   75.997279][ T6474]  _copy_from_user+0x1c/0xb0
[   75.997411][ T6474]  ___sys_sendmsg+0xc1/0x1d0
[   75.997445][ T6474]  __x64_sys_sendmsg+0xd4/0x160
[   75.997473][ T6474]  x64_sys_call+0x191e/0x2ff0
[   75.997498][ T6474]  do_syscall_64+0xd2/0x200
[   75.997540][ T6474]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   75.997600][ T6474]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   75.997623][ T6474]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.997643][ T6474] RIP: 0033:0x7f78c271ebe9
[   75.997657][ T6474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.997675][ T6474] RSP: 002b:00007f78c1187038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   75.997753][ T6474] RAX: ffffffffffffffda RBX: 00007f78c2955fa0 RCX: 00007f78c271ebe9
[   75.997764][ T6474] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000005
[   75.997777][ T6474] RBP: 00007f78c1187090 R08: 0000000000000000 R09: 0000000000000000
[   75.997790][ T6474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.997804][ T6474] R13: 00007f78c2956038 R14: 00007f78c2955fa0 R15: 00007ffe032e6228
[   75.997825][ T6474]  </TASK>
[   76.181360][ T6476] sch_fq: defrate 4294967295 ignored.
[   76.190925][ T6480] netlink: 'syz.3.982': attribute type 1 has an invalid length.
[   76.198636][ T6480] netlink: 'syz.3.982': attribute type 2 has an invalid length.
[   76.231474][ T6480] __nla_validate_parse: 3 callbacks suppressed
[   76.231489][ T6480] netlink: 4 bytes leftover after parsing attributes in process `syz.3.982'.
[   76.259888][ T6490] loop5: detected capacity change from 0 to 512
[   76.275231][ T6490] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   76.281878][ T6497] loop1: detected capacity change from 0 to 128
[   76.288946][ T6490] EXT4-fs (loop5): 1 truncate cleaned up
[   76.333835][ T6500] loop0: detected capacity change from 0 to 1024
[   76.341311][ T6497] ext4 filesystem being mounted at /196/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   76.344812][ T6500] EXT4-fs: Ignoring removed orlov option
[   76.375250][ T6513] sch_fq: defrate 4294967295 ignored.
[   76.404075][ T6516] loop4: detected capacity change from 0 to 2048
[   76.424816][ T6518] FAULT_INJECTION: forcing a failure.
[   76.424816][ T6518] name failslab, interval 1, probability 0, space 0, times 0
[   76.437559][ T6518] CPU: 1 UID: 0 PID: 6518 Comm: syz.5.995 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   76.437661][ T6518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   76.437672][ T6518] Call Trace:
[   76.437677][ T6518]  <TASK>
[   76.437684][ T6518]  __dump_stack+0x1d/0x30
[   76.437706][ T6518]  dump_stack_lvl+0xe8/0x140
[   76.437749][ T6518]  dump_stack+0x15/0x1b
[   76.437764][ T6518]  should_fail_ex+0x265/0x280
[   76.437783][ T6518]  should_failslab+0x8c/0xb0
[   76.437809][ T6518]  kmem_cache_alloc_node_noprof+0x57/0x320
[   76.437841][ T6518]  ? __alloc_skb+0x101/0x320
[   76.437897][ T6518]  __alloc_skb+0x101/0x320
[   76.437916][ T6518]  netlink_alloc_large_skb+0xba/0xf0
[   76.437949][ T6518]  netlink_sendmsg+0x3cf/0x6b0
[   76.438041][ T6518]  ? __pfx_netlink_sendmsg+0x10/0x10
[   76.438061][ T6518]  __sock_sendmsg+0x145/0x180
[   76.438087][ T6518]  ____sys_sendmsg+0x31e/0x4e0
[   76.438176][ T6518]  ___sys_sendmsg+0x17b/0x1d0
[   76.438208][ T6518]  __x64_sys_sendmsg+0xd4/0x160
[   76.438237][ T6518]  x64_sys_call+0x191e/0x2ff0
[   76.438276][ T6518]  do_syscall_64+0xd2/0x200
[   76.438387][ T6518]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   76.438577][ T6518]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   76.438614][ T6518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.438633][ T6518] RIP: 0033:0x7ffb70abebe9
[   76.438646][ T6518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.438661][ T6518] RSP: 002b:00007ffb6f51f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   76.438678][ T6518] RAX: ffffffffffffffda RBX: 00007ffb70cf5fa0 RCX: 00007ffb70abebe9
[   76.438689][ T6518] RDX: 0000000000008080 RSI: 00002000000007c0 RDI: 0000000000000005
[   76.438701][ T6518] RBP: 00007ffb6f51f090 R08: 0000000000000000 R09: 0000000000000000
[   76.438767][ T6518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.438778][ T6518] R13: 00007ffb70cf6038 R14: 00007ffb70cf5fa0 R15: 00007fff9fb0d288
[   76.438797][ T6518]  </TASK>
[   76.664861][ T6523] netlink: 'syz.4.997': attribute type 10 has an invalid length.
[   76.716773][ T6516]  loop4: unable to read partition table
[   76.722525][ T6516] loop4: partition table beyond EOD, truncated
[   76.728806][ T6516] loop_reread_partitions: partition scan of loop4 () failed (rc=-5)
[   76.754618][ T6532] loop5: detected capacity change from 0 to 2048
[   76.769268][ T6540] FAULT_INJECTION: forcing a failure.
[   76.769268][ T6540] name failslab, interval 1, probability 0, space 0, times 0
[   76.781905][ T6540] CPU: 0 UID: 0 PID: 6540 Comm: syz.1.1006 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   76.781929][ T6540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   76.781940][ T6540] Call Trace:
[   76.782020][ T6540]  <TASK>
[   76.782026][ T6540]  __dump_stack+0x1d/0x30
[   76.782101][ T6540]  dump_stack_lvl+0xe8/0x140
[   76.782119][ T6540]  dump_stack+0x15/0x1b
[   76.782209][ T6540]  should_fail_ex+0x265/0x280
[   76.782238][ T6540]  should_failslab+0x8c/0xb0
[   76.782265][ T6540]  kmem_cache_alloc_node_noprof+0x57/0x320
[   76.782293][ T6540]  ? __alloc_skb+0x101/0x320
[   76.782344][ T6540]  __alloc_skb+0x101/0x320
[   76.782363][ T6540]  netlink_alloc_large_skb+0xba/0xf0
[   76.782394][ T6540]  netlink_sendmsg+0x3cf/0x6b0
[   76.782417][ T6540]  ? __pfx_netlink_sendmsg+0x10/0x10
[   76.782441][ T6540]  __sock_sendmsg+0x145/0x180
[   76.782536][ T6540]  ____sys_sendmsg+0x31e/0x4e0
[   76.782563][ T6540]  ___sys_sendmsg+0x17b/0x1d0
[   76.782597][ T6540]  __x64_sys_sendmsg+0xd4/0x160
[   76.782682][ T6540]  x64_sys_call+0x191e/0x2ff0
[   76.782705][ T6540]  do_syscall_64+0xd2/0x200
[   76.782735][ T6540]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   76.782824][ T6540]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   76.782848][ T6540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.782866][ T6540] RIP: 0033:0x7f548ea2ebe9
[   76.782879][ T6540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.782895][ T6540] RSP: 002b:00007f548d497038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   76.782984][ T6540] RAX: ffffffffffffffda RBX: 00007f548ec65fa0 RCX: 00007f548ea2ebe9
[   76.783073][ T6540] RDX: 0000000000040006 RSI: 0000200000000700 RDI: 0000000000000005
[   76.783086][ T6540] RBP: 00007f548d497090 R08: 0000000000000000 R09: 0000000000000000
[   76.783098][ T6540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.783109][ T6540] R13: 00007f548ec66038 R14: 00007f548ec65fa0 R15: 00007ffda3f690a8
[   76.783128][ T6540]  </TASK>
[   76.997697][ T6532] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.1002: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   77.015485][ T6532] EXT4-fs (loop5): Remounting filesystem read-only
[   77.035491][ T6542] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1007'.
[   77.072626][ T6549] loop1: detected capacity change from 0 to 2048
[   77.104751][ T6559] loop5: detected capacity change from 0 to 2048
[   77.135359][ T6549]  loop1: unable to read partition table
[   77.141164][ T6549] loop1: partition table beyond EOD, truncated
[   77.147343][ T6549] loop_reread_partitions: partition scan of loop1 () failed (rc=-5)
[   77.159458][ T6559] Alternate GPT is invalid, using primary GPT.
[   77.165787][ T6559]  loop5: p1 p2 p3
[   77.201099][ T6549] netlink: 'syz.1.1008': attribute type 10 has an invalid length.
[   77.264226][ T6581] FAULT_INJECTION: forcing a failure.
[   77.264226][ T6581] name failslab, interval 1, probability 0, space 0, times 0
[   77.276967][ T6581] CPU: 0 UID: 0 PID: 6581 Comm: syz.4.1020 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   77.277034][ T6581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   77.277044][ T6581] Call Trace:
[   77.277049][ T6581]  <TASK>
[   77.277054][ T6581]  __dump_stack+0x1d/0x30
[   77.277072][ T6581]  dump_stack_lvl+0xe8/0x140
[   77.277088][ T6581]  dump_stack+0x15/0x1b
[   77.277102][ T6581]  should_fail_ex+0x265/0x280
[   77.277120][ T6581]  should_failslab+0x8c/0xb0
[   77.277174][ T6581]  __kmalloc_noprof+0xa5/0x3e0
[   77.277199][ T6581]  ? usb_alloc_urb+0x42/0xc0
[   77.277231][ T6581]  usb_alloc_urb+0x42/0xc0
[   77.277254][ T6581]  alloc_async+0x41/0x90
[   77.277293][ T6581]  proc_do_submiturb+0x76d/0x1d20
[   77.277324][ T6581]  proc_submiturb+0x7b/0xa0
[   77.277349][ T6581]  usbdev_ioctl+0xcc2/0x1710
[   77.277390][ T6581]  ? __pfx_usbdev_ioctl+0x10/0x10
[   77.277411][ T6581]  __se_sys_ioctl+0xcb/0x140
[   77.277427][ T6581]  __x64_sys_ioctl+0x43/0x50
[   77.277441][ T6581]  x64_sys_call+0x1816/0x2ff0
[   77.277465][ T6581]  do_syscall_64+0xd2/0x200
[   77.277546][ T6581]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   77.277566][ T6581]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   77.277589][ T6581]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.277670][ T6581] RIP: 0033:0x7f78c271ebe9
[   77.277683][ T6581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.277697][ T6581] RSP: 002b:00007f78c1187038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   77.277714][ T6581] RAX: ffffffffffffffda RBX: 00007f78c2955fa0 RCX: 00007f78c271ebe9
[   77.277724][ T6581] RDX: 0000200000000000 RSI: 000000008038550a RDI: 0000000000000003
[   77.277735][ T6581] RBP: 00007f78c1187090 R08: 0000000000000000 R09: 0000000000000000
[   77.277751][ T6581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   77.277761][ T6581] R13: 00007f78c2956038 R14: 00007f78c2955fa0 R15: 00007ffe032e6228
[   77.277776][ T6581]  </TASK>
[   77.491123][ T6582] loop3: detected capacity change from 0 to 2048
[   77.510165][ T6582] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.1021: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   77.526958][ T6582] EXT4-fs (loop3): Remounting filesystem read-only
[   77.599137][ T6601] sd 0:0:1:0: device reset
[   77.623910][ T6605] FAULT_INJECTION: forcing a failure.
[   77.623910][ T6605] name failslab, interval 1, probability 0, space 0, times 0
[   77.636549][ T6605] CPU: 1 UID: 0 PID: 6605 Comm: syz.1.1030 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   77.636597][ T6605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   77.636609][ T6605] Call Trace:
[   77.636615][ T6605]  <TASK>
[   77.636666][ T6605]  __dump_stack+0x1d/0x30
[   77.636687][ T6605]  dump_stack_lvl+0xe8/0x140
[   77.636705][ T6605]  dump_stack+0x15/0x1b
[   77.636719][ T6605]  should_fail_ex+0x265/0x280
[   77.636738][ T6605]  should_failslab+0x8c/0xb0
[   77.636776][ T6605]  kmem_cache_alloc_noprof+0x50/0x310
[   77.636799][ T6603] loop3: detected capacity change from 0 to 512
[   77.636806][ T6605]  ? skb_clone+0x151/0x1f0
[   77.636904][ T6605]  skb_clone+0x151/0x1f0
[   77.636927][ T6605]  __netlink_deliver_tap+0x2c9/0x500
[   77.636952][ T6605]  netlink_unicast+0x66b/0x690
[   77.636989][ T6605]  netlink_sendmsg+0x58b/0x6b0
[   77.637013][ T6605]  ? __pfx_netlink_sendmsg+0x10/0x10
[   77.637110][ T6605]  __sock_sendmsg+0x145/0x180
[   77.637139][ T6605]  ____sys_sendmsg+0x31e/0x4e0
[   77.637171][ T6605]  ___sys_sendmsg+0x17b/0x1d0
[   77.637236][ T6605]  __x64_sys_sendmsg+0xd4/0x160
[   77.637262][ T6605]  x64_sys_call+0x191e/0x2ff0
[   77.637283][ T6605]  do_syscall_64+0xd2/0x200
[   77.637311][ T6605]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   77.637356][ T6605]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   77.637382][ T6605]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.637404][ T6605] RIP: 0033:0x7f548ea2ebe9
[   77.637418][ T6605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.637447][ T6605] RSP: 002b:00007f548d497038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   77.637466][ T6605] RAX: ffffffffffffffda RBX: 00007f548ec65fa0 RCX: 00007f548ea2ebe9
[   77.637480][ T6605] RDX: 0000000000008000 RSI: 0000200000000280 RDI: 0000000000000007
[   77.637492][ T6605] RBP: 00007f548d497090 R08: 0000000000000000 R09: 0000000000000000
[   77.637504][ T6605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   77.637517][ T6605] R13: 00007f548ec66038 R14: 00007f548ec65fa0 R15: 00007ffda3f690a8
[   77.637534][ T6605]  </TASK>
[   77.905204][ T6612] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1029'.
[   77.930882][ T6609] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1031'.
[   77.939919][ T6609] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1031'.
[   77.948942][ T6609] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1031'.
[   77.959010][ T6614] loop5: detected capacity change from 0 to 2048
[   77.982811][ T6614] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.1033: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   78.017618][ T6614] EXT4-fs (loop5): Remounting filesystem read-only
[   78.056101][ T6621] loop0: detected capacity change from 0 to 512
[   78.070657][ T6621] ext4 filesystem being mounted at /228/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.083183][ T6621] hub 6-0:1.0: USB hub found
[   78.091883][ T6621] hub 6-0:1.0: 8 ports detected
[   78.161138][ T6637] loop0: detected capacity change from 0 to 1024
[   78.168302][ T6637] EXT4-fs: Ignoring removed nobh option
[   78.177594][ T6639] loop1: detected capacity change from 0 to 2048
[   78.192987][ T6637] EXT4-fs warning (device loop0): ext4_rename_delete:3731: inode #12: comm syz.0.1040: Deleting old file: nlink 2, error=-2
[   78.227794][ T6645] netlink: 176 bytes leftover after parsing attributes in process `syz.0.1043'.
[   78.252913][ T6645] FAULT_INJECTION: forcing a failure.
[   78.252913][ T6645] name failslab, interval 1, probability 0, space 0, times 0
[   78.265664][ T6645] CPU: 1 UID: 0 PID: 6645 Comm: syz.0.1043 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   78.265754][ T6645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   78.265765][ T6645] Call Trace:
[   78.265769][ T6645]  <TASK>
[   78.265775][ T6645]  __dump_stack+0x1d/0x30
[   78.265799][ T6645]  dump_stack_lvl+0xe8/0x140
[   78.265816][ T6645]  dump_stack+0x15/0x1b
[   78.265835][ T6645]  should_fail_ex+0x265/0x280
[   78.265858][ T6645]  should_failslab+0x8c/0xb0
[   78.265881][ T6645]  kmem_cache_alloc_noprof+0x50/0x310
[   78.266016][ T6645]  ? skb_clone+0x151/0x1f0
[   78.266037][ T6645]  skb_clone+0x151/0x1f0
[   78.266131][ T6645]  __netlink_deliver_tap+0x2c9/0x500
[   78.266155][ T6645]  netlink_unicast+0x66b/0x690
[   78.266173][ T6645]  netlink_sendmsg+0x58b/0x6b0
[   78.266195][ T6645]  ? __pfx_netlink_sendmsg+0x10/0x10
[   78.266295][ T6645]  __sock_sendmsg+0x145/0x180
[   78.266345][ T6645]  ____sys_sendmsg+0x31e/0x4e0
[   78.266375][ T6645]  ___sys_sendmsg+0x17b/0x1d0
[   78.266414][ T6645]  __x64_sys_sendmsg+0xd4/0x160
[   78.266442][ T6645]  x64_sys_call+0x191e/0x2ff0
[   78.266465][ T6645]  do_syscall_64+0xd2/0x200
[   78.266555][ T6645]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   78.266582][ T6645]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   78.266611][ T6645]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.266641][ T6645] RIP: 0033:0x7fdfae4cebe9
[   78.266656][ T6645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.266673][ T6645] RSP: 002b:00007fdfacf2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   78.266689][ T6645] RAX: ffffffffffffffda RBX: 00007fdfae705fa0 RCX: 00007fdfae4cebe9
[   78.266700][ T6645] RDX: 0000000000008000 RSI: 0000200000000840 RDI: 000000000000000b
[   78.266712][ T6645] RBP: 00007fdfacf2f090 R08: 0000000000000000 R09: 0000000000000000
[   78.266722][ T6645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   78.266800][ T6645] R13: 00007fdfae706038 R14: 00007fdfae705fa0 R15: 00007ffe52e50588
[   78.266818][ T6645]  </TASK>
[   78.492730][ T6649] netlink: 'syz.1.1041': attribute type 10 has an invalid length.
[   78.503236][ T6653] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1046'.
[   78.505726][ T6639]  loop1: unable to read partition table
[   78.518539][ T6639] loop1: partition table beyond EOD, truncated
[   78.524693][ T6639] loop_reread_partitions: partition scan of loop1 () failed (rc=-5)
[   78.554331][ T6655] netlink: 16186 bytes leftover after parsing attributes in process `+}[@'.
[   78.581393][   T29] kauditd_printk_skb: 772 callbacks suppressed
[   78.581407][   T29] audit: type=1326 audit(1756685027.164:7014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6654 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfae4cebe9 code=0x7ffc0000
[   78.582174][ T6655] audit: audit_lost=3 audit_rate_limit=0 audit_backlog_limit=64
[   78.587625][   T29] audit: type=1326 audit(1756685027.164:7015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6654 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7fdfae4cebe9 code=0x7ffc0000
[   78.610467][ T6655] audit: out of memory in audit_log_start
[   78.618087][   T29] audit: type=1326 audit(1756685027.164:7016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6654 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfae4cebe9 code=0x7ffc0000
[   78.669552][   T29] audit: type=1326 audit(1756685027.164:7017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6654 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7fdfae4cebe9 code=0x7ffc0000
[   78.692410][   T29] audit: type=1326 audit(1756685027.164:7018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6654 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfae4cebe9 code=0x7ffc0000
[   78.715327][   T29] audit: type=1326 audit(1756685027.164:7019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6654 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7fdfae4cebe9 code=0x7ffc0000
[   78.738101][   T29] audit: type=1326 audit(1756685027.164:7020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6654 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfae4cebe9 code=0x7ffc0000
[   78.761079][   T29] audit: type=1326 audit(1756685027.164:7021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6654 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdfae4cd550 code=0x7ffc0000
[   78.921431][ T6674] loop1: detected capacity change from 0 to 2048
[   78.961100][ T6678] vlan2: entered allmulticast mode
[   78.985461][ T6674] Alternate GPT is invalid, using primary GPT.
[   78.992048][ T6674]  loop1: p1 p2 p3
[   79.021432][ T6679] loop0: detected capacity change from 0 to 2048
[   79.033944][ T6683] capability: warning: `syz.5.1059' uses deprecated v2 capabilities in a way that may be insecure
[   79.085099][ T6693] loop1: detected capacity change from 0 to 512
[   79.114686][ T6699] loop5: detected capacity change from 0 to 2048
[   79.188730][ T6705] FAULT_INJECTION: forcing a failure.
[   79.188730][ T6705] name failslab, interval 1, probability 0, space 0, times 0
[   79.201366][ T6705] CPU: 0 UID: 0 PID: 6705 Comm: syz.3.1062 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   79.201391][ T6705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   79.201404][ T6705] Call Trace:
[   79.201409][ T6705]  <TASK>
[   79.201426][ T6705]  __dump_stack+0x1d/0x30
[   79.201446][ T6705]  dump_stack_lvl+0xe8/0x140
[   79.201463][ T6705]  dump_stack+0x15/0x1b
[   79.201477][ T6705]  should_fail_ex+0x265/0x280
[   79.201537][ T6705]  ? __se_sys_memfd_create+0x1cc/0x590
[   79.201630][ T6705]  should_failslab+0x8c/0xb0
[   79.201657][ T6705]  __kmalloc_cache_noprof+0x4c/0x320
[   79.201687][ T6705]  ? fput+0x8f/0xc0
[   79.201719][ T6705]  __se_sys_memfd_create+0x1cc/0x590
[   79.201792][ T6705]  __x64_sys_memfd_create+0x31/0x40
[   79.201810][ T6705]  x64_sys_call+0x2abe/0x2ff0
[   79.201829][ T6705]  do_syscall_64+0xd2/0x200
[   79.201890][ T6705]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   79.201992][ T6705]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   79.202013][ T6705]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.202030][ T6705] RIP: 0033:0x7fd6ad17ebe9
[   79.202089][ T6705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.202104][ T6705] RSP: 002b:00007fd6abb9ce18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   79.202120][ T6705] RAX: ffffffffffffffda RBX: 000000000000043a RCX: 00007fd6ad17ebe9
[   79.202175][ T6705] RDX: 00007fd6abb9cef0 RSI: 0000000000000000 RDI: 00007fd6ad2027e8
[   79.202187][ T6705] RBP: 0000200000000340 R08: 00007fd6abb9cbb7 R09: 00007fd6abb9ce40
[   79.202223][ T6705] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000200
[   79.202234][ T6705] R13: 00007fd6abb9cef0 R14: 00007fd6abb9ceb0 R15: 00002000000000c0
[   79.202338][ T6705]  </TASK>
[   79.205505][ T6708] loop4: detected capacity change from 0 to 512
[   79.368170][ T6699] Alternate GPT is invalid, using primary GPT.
[   79.393728][ T6699]  loop5: p1 p2 p3
[   79.399782][ T6708] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 4)
[   79.413248][ T6712] pimreg: entered allmulticast mode
[   79.419282][ T6712] pimreg: left allmulticast mode
[   79.427287][ T6708] FAT-fs (loop4): FAT read failed (blocknr 52768)
[   79.461542][ T6712] loop1: detected capacity change from 0 to 512
[   79.462844][ T6718] loop4: detected capacity change from 0 to 512
[   79.475751][ T6712] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 4)
[   79.484973][ T6712] FAT-fs (loop1): FAT read failed (blocknr 52768)
[   79.485377][ T6718] EXT4-fs: Ignoring removed nomblk_io_submit option
[   79.498844][ T6718] EXT4-fs: Ignoring removed nomblk_io_submit option
[   79.505601][ T6718] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   79.507054][ T6720] loop5: detected capacity change from 0 to 2048
[   79.514699][ T6718] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[   79.529897][ T6718] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[   79.538523][ T6718] EXT4-fs (loop4): 1 truncate cleaned up
[   79.555831][ T6718] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   79.564700][ T6725] FAULT_INJECTION: forcing a failure.
[   79.564700][ T6725] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   79.577756][ T6725] CPU: 0 UID: 0 PID: 6725 Comm: syz.0.1072 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   79.577780][ T6725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   79.577790][ T6725] Call Trace:
[   79.577796][ T6725]  <TASK>
[   79.577866][ T6725]  __dump_stack+0x1d/0x30
[   79.577964][ T6725]  dump_stack_lvl+0xe8/0x140
[   79.577983][ T6725]  dump_stack+0x15/0x1b
[   79.578001][ T6725]  should_fail_ex+0x265/0x280
[   79.578082][ T6725]  should_fail+0xb/0x20
[   79.578233][ T6725]  should_fail_usercopy+0x1a/0x20
[   79.578275][ T6725]  _copy_from_user+0x1c/0xb0
[   79.578307][ T6725]  memdup_user+0x5e/0xd0
[   79.578360][ T6725]  strndup_user+0x68/0xb0
[   79.578387][ T6725]  __se_sys_mount+0x8e/0x2e0
[   79.578457][ T6725]  ? fput+0x8f/0xc0
[   79.578482][ T6725]  ? ksys_write+0x192/0x1a0
[   79.578502][ T6725]  __x64_sys_mount+0x67/0x80
[   79.578526][ T6725]  x64_sys_call+0x2b4d/0x2ff0
[   79.578587][ T6725]  do_syscall_64+0xd2/0x200
[   79.578614][ T6725]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   79.578712][ T6725]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   79.578803][ T6725]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.578834][ T6725] RIP: 0033:0x7fdfae4cebe9
[   79.578850][ T6725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.578931][ T6725] RSP: 002b:00007fdfacf2f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   79.578948][ T6725] RAX: ffffffffffffffda RBX: 00007fdfae705fa0 RCX: 00007fdfae4cebe9
[   79.578959][ T6725] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000200000000480
[   79.578971][ T6725] RBP: 00007fdfacf2f090 R08: 0000000000000000 R09: 0000000000000000
[   79.578983][ T6725] R10: 0000000000002000 R11: 0000000000000246 R12: 0000000000000001
[   79.579036][ T6725] R13: 00007fdfae706038 R14: 00007fdfae705fa0 R15: 00007ffe52e50588
[   79.579052][ T6725]  </TASK>
[   79.641331][ T6720] Alternate GPT is invalid, using primary GPT.
[   79.771509][ T6720]  loop5: p1 p2 p3
[   79.820141][ T6731] loop4: detected capacity change from 0 to 2048
[   79.886217][ T6731]  loop4: unable to read partition table
[   79.892702][ T6731] loop4: partition table beyond EOD, truncated
[   79.898954][ T6731] loop_reread_partitions: partition scan of loop4 () failed (rc=-5)
[   79.919913][ T6731] netlink: 'syz.4.1075': attribute type 10 has an invalid length.
[   79.961998][ T6745] loop5: detected capacity change from 0 to 512
[   79.968768][ T6745] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   80.067820][ T6757] loop5: detected capacity change from 0 to 4096
[   80.075647][ T6757] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   80.098724][ T6759] loop4: detected capacity change from 0 to 2048
[   80.144614][ T6763] loop5: detected capacity change from 0 to 4096
[   80.152024][ T6759] Alternate GPT is invalid, using primary GPT.
[   80.158346][ T6759]  loop4: p1 p2 p3
[   80.164594][ T6763] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   80.231002][ T6770] Driver unsupported XDP return value 0 on prog  (id 798) dev N/A, expect packet loss!
[   80.293915][ T6778] loop5: detected capacity change from 0 to 2048
[   80.319321][ T6781] FAULT_INJECTION: forcing a failure.
[   80.319321][ T6781] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   80.332455][ T6781] CPU: 1 UID: 0 PID: 6781 Comm: syz.4.1095 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   80.332484][ T6781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   80.332497][ T6781] Call Trace:
[   80.332520][ T6781]  <TASK>
[   80.332525][ T6781]  __dump_stack+0x1d/0x30
[   80.332624][ T6781]  dump_stack_lvl+0xe8/0x140
[   80.332641][ T6781]  dump_stack+0x15/0x1b
[   80.332656][ T6781]  should_fail_ex+0x265/0x280
[   80.332674][ T6781]  should_fail+0xb/0x20
[   80.332690][ T6781]  should_fail_usercopy+0x1a/0x20
[   80.332757][ T6781]  _copy_from_user+0x1c/0xb0
[   80.332781][ T6781]  __sys_bpf+0x178/0x7b0
[   80.332812][ T6781]  __x64_sys_bpf+0x41/0x50
[   80.332836][ T6781]  x64_sys_call+0x2aea/0x2ff0
[   80.332916][ T6781]  do_syscall_64+0xd2/0x200
[   80.332950][ T6781]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   80.332982][ T6781]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   80.333046][ T6781]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.333069][ T6781] RIP: 0033:0x7f78c271ebe9
[   80.333083][ T6781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.333130][ T6781] RSP: 002b:00007f78c1187038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   80.333148][ T6781] RAX: ffffffffffffffda RBX: 00007f78c2955fa0 RCX: 00007f78c271ebe9
[   80.333161][ T6781] RDX: 0000000000000050 RSI: 0000200000000500 RDI: 000000000000000a
[   80.333175][ T6781] RBP: 00007f78c1187090 R08: 0000000000000000 R09: 0000000000000000
[   80.333217][ T6781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.333227][ T6781] R13: 00007f78c2956038 R14: 00007f78c2955fa0 R15: 00007ffe032e6228
[   80.333243][ T6781]  </TASK>
[   80.548447][ T6785] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1097'.
[   80.559616][ T6787] loop5: detected capacity change from 0 to 2048
[   80.569515][ T6785] openvswitch: netlink: Message has 6 unknown bytes.
[   80.595513][ T6789] FAULT_INJECTION: forcing a failure.
[   80.595513][ T6789] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   80.608655][ T6789] CPU: 0 UID: 0 PID: 6789 Comm: syz.4.1099 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   80.608685][ T6789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   80.608728][ T6789] Call Trace:
[   80.608733][ T6789]  <TASK>
[   80.608739][ T6789]  __dump_stack+0x1d/0x30
[   80.608763][ T6789]  dump_stack_lvl+0xe8/0x140
[   80.608814][ T6789]  dump_stack+0x15/0x1b
[   80.608833][ T6789]  should_fail_ex+0x265/0x280
[   80.608854][ T6789]  should_fail+0xb/0x20
[   80.608872][ T6789]  should_fail_usercopy+0x1a/0x20
[   80.608897][ T6789]  _copy_from_user+0x1c/0xb0
[   80.609006][ T6789]  ___sys_recvmsg+0xaa/0x370
[   80.609032][ T6789]  ? 0xffffffff81000000
[   80.609043][ T6789]  ? __rcu_read_unlock+0x4f/0x70
[   80.609070][ T6789]  __x64_sys_recvmsg+0xd1/0x160
[   80.609123][ T6789]  x64_sys_call+0x2b42/0x2ff0
[   80.609204][ T6789]  do_syscall_64+0xd2/0x200
[   80.609234][ T6789]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   80.609259][ T6789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.609278][ T6789] RIP: 0033:0x7f78c271ebe9
[   80.609363][ T6789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.609381][ T6789] RSP: 002b:00007f78c1187038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[   80.609397][ T6789] RAX: ffffffffffffffda RBX: 00007f78c2955fa0 RCX: 00007f78c271ebe9
[   80.609409][ T6789] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[   80.609421][ T6789] RBP: 00007f78c1187090 R08: 0000000000000000 R09: 0000000000000000
[   80.609433][ T6789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.609514][ T6789] R13: 00007f78c2956038 R14: 00007f78c2955fa0 R15: 00007ffe032e6228
[   80.609534][ T6789]  </TASK>
[   80.831371][ T6787] Alternate GPT is invalid, using primary GPT.
[   80.837649][ T6787]  loop5: p1 p2 p3
[   80.918951][ T6815] 9pnet_fd: Insufficient options for proto=fd
[   80.972868][ T6817] loop4: detected capacity change from 0 to 512
[   80.979627][ T6817] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   81.030123][ T6812] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[   81.070373][ T6822] batadv1: entered promiscuous mode
[   81.075596][ T6822] batadv1: entered allmulticast mode
[   81.150456][ T6834] batadv1: entered promiscuous mode
[   81.155681][ T6834] batadv1: entered allmulticast mode
[   81.158255][ T6836] loop0: detected capacity change from 0 to 2048
[   81.198775][ T6836] Alternate GPT is invalid, using primary GPT.
[   81.205148][ T6836]  loop0: p1 p2 p3
[   81.248706][ T6837] loop4: detected capacity change from 0 to 512
[   81.268365][ T6837] ext4: Unknown parameter 'fsname'
[   81.274085][ T6839] loop0: detected capacity change from 0 to 2048
[   81.302972][ T6839] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm syz.0.1117: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   81.323572][ T6839] EXT4-fs (loop0): Remounting filesystem read-only
[   81.339518][ T6844] loop3: detected capacity change from 0 to 2048
[   81.369860][ T6844] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.1118: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   81.398967][ T6844] EXT4-fs (loop3): Remounting filesystem read-only
[   81.463088][ T6858] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[   81.469615][ T6858] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   81.477368][ T6858] vhci_hcd vhci_hcd.0: Device attached
[   81.487558][ T6858] loop3: detected capacity change from 0 to 512
[   81.597047][ T6871] loop4: detected capacity change from 0 to 2048
[   81.604767][ T6858] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843e018, mo2=0002]
[   81.612852][ T6858] System zones: 1-12
[   81.617307][ T6858] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1125: invalid indirect mapped block 8 (level 2)
[   81.631809][ T6858] EXT4-fs (loop3): 1 truncate cleaned up
[   81.638942][ T6858] __nla_validate_parse: 2 callbacks suppressed
[   81.638954][ T6858] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1125'.
[   81.658872][ T6871] Alternate GPT is invalid, using primary GPT.
[   81.665216][ T6871]  loop4: p1 p2 p3
[   81.716929][ T6876] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   81.811224][ T6888] lo speed is unknown, defaulting to 1000
[   81.852963][ T6859] vhci_hcd: connection closed
[   81.853222][   T31] vhci_hcd: stop threads
[   81.862281][   T31] vhci_hcd: release socket
[   81.866690][   T31] vhci_hcd: disconnect device
[   81.902882][ T6891] FAULT_INJECTION: forcing a failure.
[   81.902882][ T6891] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   81.915970][ T6891] CPU: 1 UID: 0 PID: 6891 Comm: syz.5.1134 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   81.916050][ T6891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   81.916063][ T6891] Call Trace:
[   81.916070][ T6891]  <TASK>
[   81.916077][ T6891]  __dump_stack+0x1d/0x30
[   81.916096][ T6891]  dump_stack_lvl+0xe8/0x140
[   81.916112][ T6891]  dump_stack+0x15/0x1b
[   81.916163][ T6891]  should_fail_ex+0x265/0x280
[   81.916220][ T6891]  should_fail+0xb/0x20
[   81.916237][ T6891]  should_fail_usercopy+0x1a/0x20
[   81.916257][ T6891]  _copy_from_user+0x1c/0xb0
[   81.916283][ T6891]  ___sys_sendmsg+0xc1/0x1d0
[   81.916333][ T6891]  __x64_sys_sendmsg+0xd4/0x160
[   81.916437][ T6891]  x64_sys_call+0x191e/0x2ff0
[   81.916456][ T6891]  do_syscall_64+0xd2/0x200
[   81.916527][ T6891]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   81.916551][ T6891]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   81.916580][ T6891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.916676][ T6891] RIP: 0033:0x7ffb70abebe9
[   81.916760][ T6891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.916776][ T6891] RSP: 002b:00007ffb6f51f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   81.916792][ T6891] RAX: ffffffffffffffda RBX: 00007ffb70cf5fa0 RCX: 00007ffb70abebe9
[   81.916804][ T6891] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 0000000000000006
[   81.916815][ T6891] RBP: 00007ffb6f51f090 R08: 0000000000000000 R09: 0000000000000000
[   81.916829][ T6891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.916848][ T6891] R13: 00007ffb70cf6038 R14: 00007ffb70cf5fa0 R15: 00007fff9fb0d288
[   81.916933][ T6891]  </TASK>
[   81.917629][ T6888] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1133'.
[   82.403721][ T6897] vlan2: entered allmulticast mode
[   82.409470][ T6897] dummy0: entered allmulticast mode
[   82.459833][ T6899] loop5: detected capacity change from 0 to 2048
[   82.537511][ T6906] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   82.600034][ T6906] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   82.618081][ T6914] loop5: detected capacity change from 0 to 2048
[   82.679959][ T6923] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1141'.
[   82.709901][ T6914]  loop5: unable to read partition table
[   82.715784][ T6914] loop5: partition table beyond EOD, truncated
[   82.717391][ T6921] loop3: detected capacity change from 0 to 8192
[   82.722070][ T6914] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[   82.755721][ T6914] netlink: 'syz.5.1143': attribute type 10 has an invalid length.
[   82.794252][ T6929] loop5: detected capacity change from 0 to 2048
[   82.813714][ T6929] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.1147: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   82.830830][ T6929] EXT4-fs (loop5): Remounting filesystem read-only
[   82.930584][ T6934] loop5: detected capacity change from 0 to 2048
[   82.949708][ T6934] Alternate GPT is invalid, using primary GPT.
[   82.956001][ T6934]  loop5: p1 p2 p3
[   83.004991][ T6937] lo speed is unknown, defaulting to 1000
[   83.054484][ T6937] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   83.269002][ T6948] vlan2: entered allmulticast mode
[   83.341336][ T6948] loop5: detected capacity change from 0 to 2048
[   83.435779][ T6958] loop1: detected capacity change from 0 to 2048
[   83.473975][ T6961] loop4: detected capacity change from 0 to 512
[   83.488478][ T6961] EXT4-fs: Ignoring removed mblk_io_submit option
[   83.498838][ T6961] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   83.548882][ T6964] loop0: detected capacity change from 0 to 2048
[   83.558087][ T6961] EXT4-fs (loop4): 1 truncate cleaned up
[   83.585114][ T6964] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm syz.0.1160: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   83.607586][ T6958]  loop1: unable to read partition table
[   83.611737][ T6964] EXT4-fs (loop0): Remounting filesystem read-only
[   83.613378][ T6958] loop1: partition table beyond EOD, truncated
[   83.625872][ T6958] loop_reread_partitions: partition scan of loop1 () failed (rc=-5)
[   83.682982][ T6958] netlink: 'syz.1.1157': attribute type 10 has an invalid length.
[   84.105111][ T6985] loop1: detected capacity change from 0 to 4096
[   84.119845][   T29] kauditd_printk_skb: 482 callbacks suppressed
[   84.119857][   T29] audit: type=1326 audit(1756685032.704:7504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6988 comm="syz.3.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6ad17ebe9 code=0x7ffc0000
[   84.152705][   T29] audit: type=1326 audit(1756685032.744:7505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6988 comm="syz.3.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd6ad17ebe9 code=0x7ffc0000
[   84.158314][ T6989] vlan2: entered allmulticast mode
[   84.176275][   T29] audit: type=1326 audit(1756685032.744:7506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6988 comm="syz.3.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6ad17ebe9 code=0x7ffc0000
[   84.204997][   T29] audit: type=1326 audit(1756685032.744:7507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6988 comm="syz.3.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6ad17ebe9 code=0x7ffc0000
[   84.229011][   T29] audit: type=1326 audit(1756685032.744:7508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6988 comm="syz.3.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd6ad17ebe9 code=0x7ffc0000
[   84.252507][   T29] audit: type=1326 audit(1756685032.744:7509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6988 comm="syz.3.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6ad17ebe9 code=0x7ffc0000
[   84.275911][   T29] audit: type=1326 audit(1756685032.744:7510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6988 comm="syz.3.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd6ad17ebe9 code=0x7ffc0000
[   84.299369][   T29] audit: type=1326 audit(1756685032.744:7511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6988 comm="syz.3.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6ad17ebe9 code=0x7ffc0000
[   84.322829][   T29] audit: type=1326 audit(1756685032.744:7512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6988 comm="syz.3.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd6ad17ebe9 code=0x7ffc0000
[   84.346249][   T29] audit: type=1326 audit(1756685032.744:7513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6988 comm="syz.3.1169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6ad17ebe9 code=0x7ffc0000
[   84.370117][ T6990] loop3: detected capacity change from 0 to 2048
[   84.454244][ T3302] EXT4-fs error (device loop1): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /234/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   84.478451][ T3302] EXT4-fs error (device loop1): ext4_empty_dir:3096: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   84.499585][ T3302] EXT4-fs warning (device loop1): ext4_empty_dir:3099: inode #12: comm syz-executor: directory missing '..'
[   84.508949][ T6998] loop5: detected capacity change from 0 to 2048
[   84.517633][ T3302] EXT4-fs error (device loop1): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /234/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   84.540079][ T3302] EXT4-fs error (device loop1): ext4_empty_dir:3096: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   84.559960][ T3302] EXT4-fs warning (device loop1): ext4_empty_dir:3099: inode #12: comm syz-executor: directory missing '..'
[   84.571590][ T3302] EXT4-fs error (device loop1): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /234/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   84.595415][ T3302] EXT4-fs error (device loop1): ext4_empty_dir:3096: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   84.604118][ T6998] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.1172: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   84.658292][ T7005] vlan2: entered allmulticast mode
[   84.674567][ T7002] loop4: detected capacity change from 0 to 8192
[   84.681349][ T3302] EXT4-fs warning (device loop1): ext4_empty_dir:3099: inode #12: comm syz-executor: directory missing '..'
[   84.693046][ T3302] EXT4-fs error (device loop1): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /234/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   84.714348][ T6998] EXT4-fs (loop5): Remounting filesystem read-only
[   84.721275][ T7008] loop3: detected capacity change from 0 to 2048
[   84.727817][ T3302] EXT4-fs error (device loop1): ext4_empty_dir:3096: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   84.750529][ T3302] EXT4-fs warning (device loop1): ext4_empty_dir:3099: inode #12: comm syz-executor: directory missing '..'
[   84.762364][ T3302] EXT4-fs error (device loop1): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /234/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   84.801792][ T7012] loop0: detected capacity change from 0 to 2048
[   84.808279][ T3302] EXT4-fs error (device loop1): ext4_empty_dir:3096: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   84.829900][ T3302] EXT4-fs warning (device loop1): ext4_empty_dir:3099: inode #12: comm syz-executor: directory missing '..'
[   84.853716][ T7016] netlink: 'syz.5.1176': attribute type 1 has an invalid length.
[   84.861610][ T7016] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1176'.
[   84.884286][ T3302] EXT4-fs warning (device loop1): ext4_empty_dir:3099: inode #12: comm syz-executor: directory missing '..'
[   84.923713][ T7012]  loop0: unable to read partition table
[   84.929540][ T7012] loop0: partition table beyond EOD, truncated
[   84.935747][ T7012] loop_reread_partitions: partition scan of loop0 () failed (rc=-5)
[   84.939090][ T3302] EXT4-fs warning (device loop1): ext4_empty_dir:3099: inode #12: comm syz-executor: directory missing '..'
[   84.974752][ T7019] loop3: detected capacity change from 0 to 2048
[   84.981294][ T3302] EXT4-fs warning (device loop1): ext4_empty_dir:3099: inode #12: comm syz-executor: directory missing '..'
[   85.002947][ T7012] netlink: 'syz.0.1175': attribute type 10 has an invalid length.
[   85.010684][ T3302] EXT4-fs warning (device loop1): ext4_empty_dir:3099: inode #12: comm syz-executor: directory missing '..'
[   85.038916][ T3302] EXT4-fs warning (device loop1): ext4_empty_dir:3099: inode #12: comm syz-executor: directory missing '..'
[   85.057143][ T7021] loop0: detected capacity change from 0 to 512
[   85.071448][ T7021] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   85.088942][ T7019] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.1177: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   85.119465][ T7021] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[   85.130350][ T7019] EXT4-fs (loop3): Remounting filesystem read-only
[   85.157955][ T7026] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1180'.
[   85.182335][ T7028] sch_fq: defrate 4294967295 ignored.
[   85.217292][ T7030] loop0: detected capacity change from 0 to 512
[   85.224270][ T7030] EXT4-fs: Ignoring removed mblk_io_submit option
[   85.231248][ T7030] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   85.249223][ T7030] EXT4-fs (loop0): 1 truncate cleaned up
[   85.435181][   T58] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.468022][ T7045] sch_fq: defrate 4294967295 ignored.
[   85.510309][   T58] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.580686][   T58] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.647225][   T58] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.767698][ T7053] lo speed is unknown, defaulting to 1000
[   85.775958][   T58] bridge_slave_1: left allmulticast mode
[   85.781639][   T58] bridge_slave_1: left promiscuous mode
[   85.787288][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.814929][   T58] bridge_slave_0: left allmulticast mode
[   85.820697][   T58] bridge_slave_0: left promiscuous mode
[   85.826415][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.942333][ T7075] loop4: detected capacity change from 0 to 2048
[   85.977801][ T7075] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm syz.4.1196: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   86.081233][ T7075] EXT4-fs (loop4): Remounting filesystem read-only
[   86.359035][   T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   86.418266][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   86.427970][   T58] bond0 (unregistering): Released all slaves
[   86.440565][   T58] bond1 (unregistering): Released all slaves
[   86.563212][   T58] bond2 (unregistering): Released all slaves
[   86.743550][ T7088] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1199'.
[   86.777694][   T58] hsr_slave_0: left promiscuous mode
[   86.786824][   T58] hsr_slave_1: left promiscuous mode
[   86.792847][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   86.800412][   T58] batman_adv: batadv0: Removing interface: batadv_slave_0
[   86.827600][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   86.835079][   T58] batman_adv: batadv0: Removing interface: batadv_slave_1
[   86.863503][   T58] veth1_macvtap: left promiscuous mode
[   86.883445][   T58] veth0_macvtap: left promiscuous mode
[   86.901025][   T58] veth1_vlan: left promiscuous mode
[   86.914296][   T58] veth0_vlan: left promiscuous mode
[   86.979864][ T7099] netlink: 'syz.0.1202': attribute type 1 has an invalid length.
[   86.987642][ T7099] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1202'.
[   87.023913][   T58] pim6reg (unregistering): left allmulticast mode
[   87.071370][   T58] team0 (unregistering): Port device team_slave_1 removed
[   87.089359][   T58] team0 (unregistering): Port device team_slave_0 removed
[   87.155950][ T7053] chnl_net:caif_netlink_parms(): no params data found
[   87.279696][ T7053] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.286799][ T7053] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.300592][ T7053] bridge_slave_0: entered allmulticast mode
[   87.311274][ T7053] bridge_slave_0: entered promiscuous mode
[   87.323032][ T7112] loop5: detected capacity change from 0 to 2048
[   87.332566][ T7053] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.339826][ T7053] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.347923][ T7053] bridge_slave_1: entered allmulticast mode
[   87.355811][ T7053] bridge_slave_1: entered promiscuous mode
[   87.368887][ T7112] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.1206: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   87.385552][ T7112] EXT4-fs (loop5): Remounting filesystem read-only
[   87.406309][ T7053] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.419641][   T58] IPVS: stop unused estimator thread 0...
[   87.429540][ T7053] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   87.470094][ T7118] sch_fq: defrate 4294967295 ignored.
[   87.480601][ T7053] team0: Port device team_slave_0 added
[   87.487643][ T7053] team0: Port device team_slave_1 added
[   87.526272][ T7053] batman_adv: batadv0: Adding interface: batadv_slave_0
[   87.533256][ T7053] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.559243][ T7053] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.606201][ T7127] loop5: detected capacity change from 0 to 512
[   87.620586][ T7127] EXT4-fs: Ignoring removed mblk_io_submit option
[   87.628729][ T7053] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.635660][ T7053] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.638237][ T7127] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   87.661625][ T7053] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.689400][ T7127] EXT4-fs (loop5): 1 truncate cleaned up
[   87.710975][ T7053] hsr_slave_0: entered promiscuous mode
[   87.726743][ T7053] hsr_slave_1: entered promiscuous mode
[   87.888161][ T7146] vlan2: entered allmulticast mode
[   87.955919][ T7053] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   87.965205][ T7053] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   87.975444][ T7154] loop4: detected capacity change from 0 to 2048
[   87.986847][ T7053] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   88.000847][ T7053] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   88.031849][ T7053] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.038932][ T7053] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.046202][ T7053] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.053247][ T7053] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.088801][ T7053] 8021q: adding VLAN 0 to HW filter on device bond0
[   88.109862][ T7053] 8021q: adding VLAN 0 to HW filter on device team0
[   88.147946][    C1] ==================================================================
[   88.156034][    C1] BUG: KCSAN: data-race in wq_worker_tick / wq_worker_tick
[   88.163236][    C1] 
[   88.165549][    C1] read-write to 0xffff8881000734b8 of 8 bytes by interrupt on cpu 0:
[   88.173593][    C1]  wq_worker_tick+0x60/0x230
[   88.178172][    C1]  sched_tick+0x11a/0x270
[   88.182490][    C1]  update_process_times+0x15f/0x190
[   88.187693][    C1]  tick_nohz_handler+0x249/0x2d0
[   88.192629][    C1]  __hrtimer_run_queues+0x20f/0x5a0
[   88.197827][    C1]  hrtimer_interrupt+0x21a/0x460
[   88.202759][    C1]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[   88.208661][    C1]  sysvec_apic_timer_interrupt+0x6f/0x80
[   88.214299][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   88.220281][    C1]  _raw_spin_unlock_irqrestore+0x3c/0x60
[   88.225913][    C1]  tty_insert_flip_string_and_push_buffer+0x1aa/0x1f0
[   88.232686][    C1]  pty_write+0x70/0x90
[   88.236767][    C1]  tty_put_char+0x8c/0xc0
[   88.241098][    C1]  __process_echoes+0x2f9/0x6b0
[   88.245962][    C1]  n_tty_receive_char+0x588/0x6a0
[   88.250988][    C1]  n_tty_receive_buf_standard+0x473/0x2f10
[   88.256789][    C1]  n_tty_receive_buf_common+0x805/0xbe0
[   88.262342][    C1]  n_tty_receive_buf2+0x33/0x40
[   88.267199][    C1]  tty_ldisc_receive_buf+0x66/0xf0
[   88.272320][    C1]  tty_port_default_receive_buf+0x59/0x90
[   88.278045][    C1]  flush_to_ldisc+0x145/0x340
[   88.282744][    C1]  process_scheduled_works+0x4ce/0x9d0
[   88.288217][    C1]  worker_thread+0x582/0x770
[   88.292819][    C1]  kthread+0x486/0x510
[   88.296890][    C1]  ret_from_fork+0xda/0x150
[   88.301392][    C1]  ret_from_fork_asm+0x1a/0x30
[   88.306163][    C1] 
[   88.308472][    C1] read-write to 0xffff8881000734b8 of 8 bytes by interrupt on cpu 1:
[   88.316521][    C1]  wq_worker_tick+0x60/0x230
[   88.321100][    C1]  sched_tick+0x11a/0x270
[   88.325432][    C1]  update_process_times+0x15f/0x190
[   88.330627][    C1]  tick_nohz_handler+0x249/0x2d0
[   88.335563][    C1]  __hrtimer_run_queues+0x20f/0x5a0
[   88.340768][    C1]  hrtimer_interrupt+0x21a/0x460
[   88.345713][    C1]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[   88.351621][    C1]  sysvec_apic_timer_interrupt+0x6f/0x80
[   88.357247][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   88.363222][    C1]  __tsan_read8+0xfc/0x190
[   88.367642][    C1]  vlan_device_event+0x3fc/0x11b0
[   88.372675][    C1]  raw_notifier_call_chain+0x6c/0x1b0
[   88.378049][    C1]  call_netdevice_notifiers_info+0xae/0x100
[   88.383961][    C1]  netif_state_change+0x16d/0x1f0
[   88.388981][    C1]  linkwatch_do_dev+0xb9/0xf0
[   88.393649][    C1]  __linkwatch_run_queue+0x582/0x850
[   88.398937][    C1]  linkwatch_event+0x40/0x50
[   88.403515][    C1]  process_scheduled_works+0x4ce/0x9d0
[   88.408975][    C1]  worker_thread+0x582/0x770
[   88.413585][    C1]  kthread+0x486/0x510
[   88.417651][    C1]  ret_from_fork+0xda/0x150
[   88.422149][    C1]  ret_from_fork_asm+0x1a/0x30
[   88.426910][    C1] 
[   88.429225][    C1] value changed: 0x00000000000dbba0 -> 0x00000000000de2b0
[   88.436311][    C1] 
[   88.438613][    C1] Reported by Kernel Concurrency Sanitizer on:
[   88.444741][    C1] CPU: 1 UID: 0 PID: 31 Comm: kworker/u8:1 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   88.454443][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   88.464481][    C1] Workqueue: events_unbound linkwatch_event
[   88.470383][    C1] ==================================================================
[   88.489158][ T7173] netlink: 'syz.0.1226': attribute type 1 has an invalid length.
[   88.496908][ T7173] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1226'.
[   88.565102][ T7172] lo speed is unknown, defaulting to 1000
[   88.641787][ T7053] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.747892][ T7053] veth0_vlan: entered promiscuous mode
[   88.757720][ T7053] veth1_vlan: entered promiscuous mode
[   88.773727][ T7053] veth0_macvtap: entered promiscuous mode
[   88.780928][ T7053] veth1_macvtap: entered promiscuous mode
[   88.791274][ T7053] batman_adv: batadv0: Interface activated: batadv_slave_0
[   88.802399][ T7053] batman_adv: batadv0: Interface activated: batadv_slave_1
[   88.814653][ T3321] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.824224][ T3321] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.834261][ T3321] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.843418][ T3321] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0