last executing test programs:

2.961394623s ago: executing program 1 (id=4314):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r1}, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f000000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4005}, 0x8080)
sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0)

2.840247926s ago: executing program 1 (id=4315):
open_tree(0xffffffffffffffff, 0x0, 0x8000)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r0}, 0x8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x2000000000000370, &(0x7f0000000280)=ANY=[@ANYBLOB="f4e9da6c170a8f2547b79135b4425d878193275803983770645802b9e0aa56f888996722f2784792d4feacbd9399a708cd24627eeff33c970b22dc882f76355bfdcaccc0b6806b62352d5e6b52"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x100, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100180000000000000028a475cf784114799d25d7933317820c0000000c00000003000000"], &(0x7f0000000740)=""/243, 0x27, 0xf3, 0x8, 0x80000000}, 0x28)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'ipvlan0\x00'})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xdc, &(0x7f0000000200), 0x1, 0x46f, &(0x7f00000008c0)="$eJzs3M9vFFUcAPDvbFsQEFsM/uCHUkUj0djSgsrBAxhNPGhiogc81rYQpFBDayKESDUGj4ZEozfj0cS/wJNejHoy8ap3Q0IMF5DTmNmdYbfL/ujShW3ZzyeZ9L2ZN33v25nXfW9epwH0rdGI+Cwi7o+IvyJiOCKS+gKjlS/Xr56f/u/q+ekk0vTtf5NyuWtXz08XRYvzthSZpUp+V4N6F86eOzk1Nzd7Js+PL576YHzh7LnnT5yaOj57fPb05KFDBw9MvPTi5AsriGKgbYmsTdd2fjy/e8fr7156c/ropfd++yHJw4u6OLpktNXBp7tcWa9trUkngz1sCB3Jek52uYbK/X84BqJ68YbjtU972jjgjkrTNN3Y/PBSCtzDklhxyTvbEOAuKz7os/lvsd2loceacOVIZQKUxX093ypHBqOUlxmqm992UzbbOrp049tsizvzHAIAYJmfjlS+3jr+K8XDNeUO52tDIxGxrWZxY3tEPBRRLvtIRDzaYf31iyS3jn9Klzv8lh3Jxn8v52tby8d/xegvRgby3NZy/EPJsRNzs/sj4oGI2BdDG7P8RIs6fn71zy+aHRutGf9lW1Z/MRbM23F5sO4B3czU4tRqYq515ZOInYON4k9urgQkEbEjInbuqTlxw8rrOPHs97ubHWsffwtdWGdKv4t4pnL9l6Iu/kLSen1y/L6Ym90/XtwVt/r9j4tvNau/0/i3fVOds3VDdv03N7z/b8Y/kg7UrNcudF7Hxb8/bzqnud37f0PyTjld3IYfTS0unpmI2JC8ke8/XN0/WT23yBfls/j37W3c/x+M6k9iV0RkN/FjEfF4ROzJ2/5ERDwZEXtbxP/rK0+9v2zHjerke1X3fxdk8c+0uf5J7Xr9bSQGTv7y47JKR6rJlV3/g+XUvnxP+fff163jWmkDV/8TBAAAgLWvVP7b/6Q0djNdKo2NVf5efntsLs3NLyw+d2z+w9MzlXcERmKoVDzpGq55HjqRT+uL/GRd/kD+3PjLgU3l/Nj0/NxMr4OHPrelSf/P/NP+tRpgvfO+FvQv/R/6l/4P/Uv/h77V6P3/Te3KpB4Owj2h0ef/hR60A7j7jP+hf3Xa/yuTgxb/NgxYN3z+Q//S/6Evrea9/lUmin8/2LBMsf7Qi4a1TaRpuzKDrU6/0DjkdZaI0ppoRpcSX62NZqyhRG9/LwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTL/wEAAP//lrDxFg==")
ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_genetlink_get_family_id$nl80211(&(0x7f0000002000), 0xffffffffffffffff)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000001c0), 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
read(r4, &(0x7f00000003c0)=""/4096, 0x1000)

1.969300032s ago: executing program 1 (id=4330):
syz_mount_image$ext4(&(0x7f00000004c0)='ext2\x00', &(0x7f0000000200)='./file1\x00', 0x3804402, &(0x7f0000000340), 0xfd, 0x564, &(0x7f0000000b00)="$eJzs3d9rW+UbAPDnpE33+7sOxvgqIoVdOJlL19YfE7yYl6LDgd7P0mZlNFlGk461Dtwu3I03MgQRB8Nr9d7L4T/gXzHQwZBRFPEmctKTmK3JmnXZmprPB872vjkne8+T9zzv3jcnIQEMrYn0j1zECxHxZRJxsG3faGQ7J9aPW3twdS7dkqjXP/o9iSR7rHl8kv29L6v8PyJ+/jzieG5ju9WV1cXZUqm4lNUna+VLk9WV1RMXyrMLxYXixemZmVNvzEy//dabfYv11bN/fvPhnfdOfXF07esf7x26mcTp2J/ta4/jKVxrr0zERPaa5OP0IwdO9aGxQZJs9wmwJSNZnucjHQMOxkiW9cB/32cRUQeGVCL/YUg15wHNtX2f1sE7xv131xdAG+MfXX9vJHY31kZ715KHVkbpene8D+2nbfz0262b6Rb9ex8CYFPXrkfEydHRjeNfko1/W3eyh2MebcP4B8/PnXT+81qn+U+uNf+JDvOffR1ydys2z//cvT4001U6/3un4/y3ddNqfCSrHWjM+fLJ+QulYjq2/S8ijkV+V1p/3P2cU2t36932tc//0i1tvzkXzM7j3uiuh58zP1ubfZqY292/HvFix/lv0ur/pEP/p6/H2R7bOFK89XK3fZvH/2zVv4t4pWP/51vHJI+/PznZuB4mm1fFRn/cOPJLt/a3O/60//eux/9XtiRs9X9mPGm/X1t98jZu7/672G3fVq//seTjRnkse+zKbK22NBUxlnyw8fHpf5/brDePT+M/dvTx41+n639PRHzSY/w3Dv/w0tbjf7bS+Oc7Xv/d+v/JC3ff//Tbzq3f7rH/X4+k7QZzL+Nfryf4VC8eAAAAAAAADJhcROyPJFdolXO5QmH98x2HY2+uVKnWjp+vLF+cj8Z3Zccjn2ve6T7Y9nmIqezzsM369CP1mYg4FBFfjexp1AtzldL8dgcPAAAAAAAAAAAAAAAAAAAAA2Jfl+//p34d2e6zA545P/kNw2vT/O/HLz0BA8n//zC85D8ML/kPw0v+w/CS/zC85D8ML/kPw0v+AwAAAAAAAAAAAAAAAAAAAAAAAAAAQF+dPXMm3eprD67OpfX5yyvLi5XLJ+aL1cVCeXmuMFdZulRYqFQWSsXCXKW82b9XqlQuTU3H8pXJWrFam6yurJ4rV5Yv1s5dKH9/IKKYfy5RAQAAAAAAAAAAAAAAAAAAwM5SXVldnC2ViksKjcKuGIjT2EGF0cE4DYU+FzoMFmPbMEABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQET8EwAA//+ndDnV")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8008001}, 0x24008854)
pipe(0x0)
r1 = add_key$keyring(&(0x7f0000000080), &(0x7f0000001100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000e4ffffff00"/20], 0x14}}, 0x0)
write$tun(r2, &(0x7f0000000140)={@val={0x3, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x8016, 0x1400, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @dest_unreach={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @local, @loopback}}}}, 0xfdef)
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)="300e3080", 0x4, r1)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x7b53a000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000380)=@abs={0x0, 0x0, 0x4f24}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r6], 0x48)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x1018e58, &(0x7f0000000000), 0x1, 0x644, &(0x7f00000012c0)="$eJzs3c9rG9kdAPDvSLZjJ26dlFIa01JDDwmUOHYamraXJumhOQQaaA6l9BAT26mJ8oPYgSYNJIFCW2ihlF7Dksv+A7kvue9tWdjd254XssuSZRd2g7XMaGRLthTLsiXZmc8HpMy8Gc17X41e3nsaPU8AhTWVPpUijkasXkkiJhq2jUdt41S+38vPH1xNH0lUq3/4LIkkT6vt/Y9YzV93KH1KIkYj4r3zEd8rb853+d7963OVaubZw4iTKzdun1y+d//E0o25awvXFm7Onvrl6TMzv5o9PbsrcR7K/71w8fc/+s/f//KLxfcrJ5I4G5eH/zYfTXF0pZq0SJyKqVithVhtTB+KiDPpQov3Zb/pKIQDvS8H3Snnn8fhiPhBTEQ5W6uZiKV/D7RwQE9VyxFVoKAS9R8Kqt4PqI/tOxsHX+5xr6R/XpyrDYA2xz9U+24kRrOx0cGXScPIqPbdxuFdyD/N49WDySfpI5q+h/hq7ewM7UI+7Tx6HBE/bBV/kpXtcBZpGn+paayfRMRMRIzk5fttF1k3Hqtuh9/DbL8Q24i/8TyUIuJs/m+afr7L/Kc2rPc7fgCK6fm5vCHPWuP19q+61jbV27/m/s94i7arG9tu/1pdaNmB9v2/ens/mvV7Shv6YWkxLrU+5PDGhI//deF/7fJv7P+9epBk5aj3BfvhxeOIyQ3x/zMNNu//pPEnLc5/usuVs53l8bsPPr3Qbltz/JNPOo1/05vcperTiGMtxz/rH7R06TXXJ08uLlUWZmrPLfN4590/v90u/27j3y3p+T/YJv6G81/a+Lr0PbndYR7PLj29MdJm2/iW8Zc+GUlq4836Mf46t7JyZzZiJLmY79KQfur1ZanvUz9GGv/xn7au/02f/8fNxxlrHMBs4fYfr79st62b899wMXm12mEZ2knjn9/6/G+q/2nafzvM48s/3f1xu20t4o/I4x/bSWAAAAAAAABQQKXsGmxSml5bLpWmp2vzZb8fB0uVW8srP1u8dffmfMTx7PeQw6X6le6J2nqSrs/mv4etr5/asP7ziDgSEf8vj2Xr01dvVeYHHTwAAAAAAAAAAAAAAAAAAADsEYfy+f/1+1R/Ua7N/wcKopc3mAP2NvUfiiur/5tu8bS1Az0oC9Bf2n8oLvUfikv9h+JS/6G41H8oLvUfikv9h+Laov67zA8AAAAA+9ORnzz/KImIR78eyx6pkXxbeXigRQN6rFUVrz4cQEGAvisPugDAwKxd+u9i+j+wv3U0xP86/+OAvS8OMABJq8Ssc1B9feV/3vKVTXQtAAAAAAAAAAAAAGB3HDvafv6/6f/wZvPbfCiuHcz/96cDYJ9z6w8orvUxvrt8QFFtNYt/tN2GDub/AwAAAAAAAAAAAAC7Yzx7JKXpfC7weJRK09MR34mIwzGcLC5VFmYi4rsR8WF5+EC6PjvoQgMAAAAAAAAAAAAAAAAAAMAbZvne/etzlcrCncaFbzalvNkL9bug9iGv38Q2XxVJ/9+WsYgY+Enp2cJQQ0oS8Sg983uiYHeWY28UI1sY8H9MAAAAAAAAAAAAAAAAAABQQA1zj1ubfKvPJQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/lu//3/vFgYdIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwP30bAAD//8UxQX0=")

1.651703979s ago: executing program 4 (id=4335):
open_tree(0xffffffffffffffff, 0x0, 0x8000)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r0}, 0x8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x2000000000000370, &(0x7f0000000280)=ANY=[@ANYBLOB="f4e9da6c170a8f2547b79135b4425d878193275803983770645802b9e0aa56f888996722f2784792d4feacbd9399a708cd24627eeff33c970b22dc882f76355bfdcaccc0b6806b62352d5e6b52"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x100, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100180000000000000028a475cf784114799d25d7933317820c0000000c00000003000000"], &(0x7f0000000740)=""/243, 0x27, 0xf3, 0x8, 0x80000000}, 0x28)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'ipvlan0\x00'})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', '#\x00'}, 0x28)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xdc, &(0x7f0000000200), 0x1, 0x46f, &(0x7f00000008c0)="$eJzs3M9vFFUcAPDvbFsQEFsM/uCHUkUj0djSgsrBAxhNPGhiogc81rYQpFBDayKESDUGj4ZEozfj0cS/wJNejHoy8ap3Q0IMF5DTmNmdYbfL/ujShW3ZzyeZ9L2ZN33v25nXfW9epwH0rdGI+Cwi7o+IvyJiOCKS+gKjlS/Xr56f/u/q+ekk0vTtf5NyuWtXz08XRYvzthSZpUp+V4N6F86eOzk1Nzd7Js+PL576YHzh7LnnT5yaOj57fPb05KFDBw9MvPTi5AsriGKgbYmsTdd2fjy/e8fr7156c/ropfd++yHJw4u6OLpktNXBp7tcWa9trUkngz1sCB3Jek52uYbK/X84BqJ68YbjtU972jjgjkrTNN3Y/PBSCtzDklhxyTvbEOAuKz7os/lvsd2loceacOVIZQKUxX093ypHBqOUlxmqm992UzbbOrp049tsizvzHAIAYJmfjlS+3jr+K8XDNeUO52tDIxGxrWZxY3tEPBRRLvtIRDzaYf31iyS3jn9Klzv8lh3Jxn8v52tby8d/xegvRgby3NZy/EPJsRNzs/sj4oGI2BdDG7P8RIs6fn71zy+aHRutGf9lW1Z/MRbM23F5sO4B3czU4tRqYq515ZOInYON4k9urgQkEbEjInbuqTlxw8rrOPHs97ubHWsffwtdWGdKv4t4pnL9l6Iu/kLSen1y/L6Ym90/XtwVt/r9j4tvNau/0/i3fVOds3VDdv03N7z/b8Y/kg7UrNcudF7Hxb8/bzqnud37f0PyTjld3IYfTS0unpmI2JC8ke8/XN0/WT23yBfls/j37W3c/x+M6k9iV0RkN/FjEfF4ROzJ2/5ERDwZEXtbxP/rK0+9v2zHjerke1X3fxdk8c+0uf5J7Xr9bSQGTv7y47JKR6rJlV3/g+XUvnxP+fff163jWmkDV/8TBAAAgLWvVP7b/6Q0djNdKo2NVf5efntsLs3NLyw+d2z+w9MzlXcERmKoVDzpGq55HjqRT+uL/GRd/kD+3PjLgU3l/Nj0/NxMr4OHPrelSf/P/NP+tRpgvfO+FvQv/R/6l/4P/Uv/h77V6P3/Te3KpB4Owj2h0ef/hR60A7j7jP+hf3Xa/yuTgxb/NgxYN3z+Q//S/6Evrea9/lUmin8/2LBMsf7Qi4a1TaRpuzKDrU6/0DjkdZaI0ppoRpcSX62NZqyhRG9/LwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTL/wEAAP//lrDxFg==")
ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_genetlink_get_family_id$nl80211(&(0x7f0000002000), 0xffffffffffffffff)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000001c0), 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
read(r4, &(0x7f00000003c0)=""/4096, 0x1000)

1.615537389s ago: executing program 3 (id=4338):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000008c3766cbd72b692bfb4ea1d26ea3d14000095000000000000008cc3b54f0d"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c000000100003052cbd7000fedbdf2500000020", @ANYRES32=0x0, @ANYBLOB="0000000000080400240012800b0001006d6163736563000014000280050006000000000005000f000000000008000500", @ANYRES32=r2], 0x4c}}, 0x0)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000580)=ANY=[@ANYBLOB="e4000000", @ANYRES16=0x0, @ANYBLOB="010425bd7000fedbdf2507000000380006800800060010000000060001000200000008000700", @ANYRES32=r2, @ANYBLOB="1400040000000000000000000000000000000001060001000a000000080002000200000034000680080006000800000008000700", @ANYRES32=0x0, @ANYBLOB="080006001000000005000200070000000800060007000000080006000600000008000200020000002800f08014000400fc01000000000000000000000000000005000200fe000000060005004e2100000800020005000000080004000100000008000200000000000c000180060005004e2400000800040005000000"], 0xe4}, 0x1, 0x0, 0x0, 0x4044800}, 0x4040011)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r4 = add_key(&(0x7f00000001c0)='rxrpc\x00', &(0x7f0000000300)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$clear(0x7, r4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010000104010000003198d47900000000", @ANYRES32=0x0, @ANYBLOB="ffef000040100000140012800b0001006970366772650000040002801400030069703667726530"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x18)
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
writev(r8, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r9, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r9, &(0x7f0000000040)={0xa, 0x3, 0xffffffff, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r9, 0x6, 0xd, &(0x7f00000000c0)='highspeed\x00', 0xa)
shutdown(r9, 0x2)
open_tree(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x80000)

1.391162313s ago: executing program 3 (id=4342):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000002c0)=0x1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x2)

1.187801397s ago: executing program 3 (id=4346):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket(0x10, 0x3, 0x0)
connect$netlink(r3, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r3, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000180)=ANY=[@ANYRES64=0x0, @ANYRESDEC=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095", @ANYRES8=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x70, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$vcsa(&(0x7f0000000000), 0x9, 0x2)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r6, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
r7 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x3c00, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r8=>0x0, &(0x7f00000000c0)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x8, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000100140001"], 0x114}], 0x1, 0x0, 0x0, 0x20000001}, 0x0)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r7, 0x47f6, 0x0, 0x0, 0x0, 0x0)
r11 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r11, 0x1, r6, &(0x7f0000000040)={0x90000008})
shutdown(r6, 0x1)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0xfffffffffffffe0a, r12, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @val={0xc, 0x99, {0xffffffe3, 0x17}}}}}, 0x20}}, 0x40)

1.182493577s ago: executing program 0 (id=4347):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800080000fcffff0800090000000000080011000000000008000e00800000000800", @ANYRES64=r0], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0) (fail_nth: 6)

832.514274ms ago: executing program 0 (id=4348):
utimensat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x100)

831.804414ms ago: executing program 4 (id=4349):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x10)
semop(0x0, 0x0, 0x0)

818.012805ms ago: executing program 0 (id=4350):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x34}}, 0x0)
sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r2, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4084)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x34, r2, 0x4, 0x70bd2c, 0x25dfdbfd, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'veth1_macvtap\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x40084}, 0x8840)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000140)='kfree\x00', r1, 0x0, 0xfffffffffffffff8}, 0x18)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r4, 0x65, 0x1, &(0x7f0000000140)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{}, {0x0, 0x0, 0x1, 0x1}}], 0x10)
setsockopt$CAN_RAW_FILTER(r4, 0x65, 0x1, &(0x7f0000000100)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x8)
socket$kcm(0x10, 0x2, 0x0)
madvise(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x64)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f00000007c0)=ANY=[@ANYBLOB="2800000002010102000000000000000005000006060012400000000004000180040019"], 0x28}, 0x1, 0x0, 0x0, 0x40050}, 0x4000)

750.372316ms ago: executing program 0 (id=4351):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000010c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_ADD(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x24008881}, 0x0)

679.578777ms ago: executing program 4 (id=4353):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_emit_ethernet(0x86, &(0x7f0000000dc0)=ANY=[], 0x0)

679.172957ms ago: executing program 4 (id=4354):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x25, &(0x7f0000000000)=0x40, 0x4)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x200801f, &(0x7f00000000c0), 0x2, 0x4ee, &(0x7f0000000880)="$eJzs3cFuG1sZAOB/Jja3SXNxLrC4XInbihYlFdRJGtpGLApICFaVgLIvIXGjKE5cJU7bRBWk4gGQEAIkNrBig8QDIKE+AkKqBHsECFRBCwsWhUG2xyFN7SSljg3x90mnc8547P/8tXw8Z2biCWBonY+IqYjIsiy7FBGlfH2al9htlcZ2z589XGyUJLLs1l+SSPJ17dd6K1+ezZ92JiK++qWIbySvxt3c3lldqFYrG3l7ur6WvMiyncsrawvLleXK+tzc7LX56/NX52d6kudERNz4wh+//52ffvHGLz91/3e3/zz1zVaCLfvz6KVW6sXm/0VbISI2TiLYgBSaGbZcHXBfAAA4XGN//0MR8fGIuBSlGGnuzQEAAACnSfbZ8XiRtM7/AQAAAKdTGhHjkaTl/Hrf8UjTcrl1De9HYiyt1jbrn8xKe8cLJqKY3lmpVmbyawcmopg02rP5Nbbt9pUD7bmIeCcivlcabbbLi7Xq0kCPfAAAAMDwOHtg/v/3Umv+DwAAAJwyE4PuAAAAAHDizP8BAADg9DP/BwAAgFPtyzdvNkrWvv/10r3trdXavctLlc3V8trWYnmxtnG3vFyrLTd/s2/tqNer1mp3Px3rWw+m65XN+vTm9s7ttdrWev32yku3wAYAAAD66J1zj3+bRMTuZ0bTiMiSfY8VI7KR/RsX+t8/4OSkr7PxH06uH0D/jQy6A8DA2KWH4VUcdAeAgTtqHOh68c6vet8XAADgZEx+dO/8f7MAw+Px0+YiSQbdEaDvnP+H4eX8Hwyv4mF7ACYFcOqlh3zU238Q9Obn/7Ps9XsGAAD00nizJGk5nweMR5qWyxFvN28LUEzurFQrMxHxwYj4Tan4VqM923xm4vAAAAAAAAAAAAAAAAAAAAAAAAAAABxTliWRdTG6tw0AAADw/ywi/VOS3/9rsnRx/ODxgQ8k/yg1lxFx/0e3fvBgoV7fmG2s/+ve+voP8/VX+n30AgAAAOikPU9vz+MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJeeP3u42C79jPv08xEx0Sl+Ic40l2eiGBFjf0uisO95SUSM9CD+7lhEvNspftLoVkzkvTgYP42I0V7Ef/Tfxz/bg/gwzB43xp/Pdfr8pXG+uez8+Svk5U11H//SvfFvpMv493anF0xfXfXek59Pd43/KOK9Qufxpx0/6RL/wjFz/PrXdna6PZb9JGKy4/dP8lKs6aRwd3pze+fyytrCcmW5sj43N3tt/vr81fmZ6Tsr1Ur+b8cY3/3YL/51WP5jXeJPHJH/xWPm/88nD559uFUtHnioGD/OsqkLnd//d7vEb3/3fSJ/uxvtyXZ9t1Xf7/2f/fr9c4fkv9Ql/6Pe/6lj5n/pK9/+/TE3BQD6YHN7Z3WhWq1sqKicWGU0+hh0IQ7bpr0T24f+fCsP9T/xFrx2ZYCDEgAAcCL+s9M/6J4AAAAAAAAAAAAAAAAAAADA8DrqZ8CiBz8ndjDm7mBSBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA41L8DAAD//y7szXE=")
r1 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r2=>0x0})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000400180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000440)=@filename='./file0\x00', 0x0, &(0x7f0000000480)='./file0\x00')
bind$can_j1939(r1, &(0x7f0000000380)={0x1d, r2, 0x1, {0x0, 0x1, 0x4}, 0xfe}, 0x18)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket(0x2, 0x80805, 0x0)
getsockopt$bt_hci(r5, 0x84, 0x18, 0x0, &(0x7f0000001040))
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r6}, 0x10)
r7 = io_uring_setup(0x7882, &(0x7f0000000a40)={0x0, 0x17fe, 0x2, 0xfffffffe, 0x3bd})
close_range(r7, 0xffffffffffffffff, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x19, 0x4, 0x4, 0x1ffff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48)
sendmmsg$sock(r1, &(0x7f0000000280)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="1f", 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000000180)=[@in6={0xa, 0x4e21, 0x91, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x5}, @in6={0xa, 0x4e24, 0xf6c, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xb}, @in={0x2, 0x4e20, @multicast1}, @in={0x2, 0x4e20, @multicast1}], 0x58)

668.088107ms ago: executing program 0 (id=4355):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r2}, 0x9)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000000008001240"], 0x64}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0x2, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40841}, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newnexthop={0x24, 0x68, 0x309, 0x0, 0x25dfdbfd, {}, [@NHA_BLACKHOLE={0x4}, @NHA_ID={0x8, 0x1, 0x1}]}, 0x24}}, 0x0)
set_mempolicy(0x1, &(0x7f0000000000)=0x80, 0x9)

667.893597ms ago: executing program 3 (id=4356):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x3000)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000002c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mlock(&(0x7f0000656000/0x3000)=nil, 0x3000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)

651.940267ms ago: executing program 1 (id=4357):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000002c0)=0x1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x2)

636.676938ms ago: executing program 0 (id=4358):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0200010000008000000000000000000000010000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r0}, 0x10)
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)
clock_settime(0x5, &(0x7f0000000040)={0x0, 0x3938700})
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree\x00', r2}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c0000003e000701fcfffffff6dbdf25017c0000080003"], 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

477.385931ms ago: executing program 1 (id=4360):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0xa0}, 0x1, 0x0, 0x0, 0x840}, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
close_range(r3, 0xffffffffffffffff, 0x0)

469.893771ms ago: executing program 2 (id=4361):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x2c, r2, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x2c}}, 0x0)
sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r2, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4084)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x34, r2, 0x4, 0x70bd2c, 0x25dfdbfd, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'veth1_macvtap\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x40084}, 0x8840)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000140)='kfree\x00', r1, 0x0, 0xfffffffffffffff8}, 0x18)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r4, 0x65, 0x1, &(0x7f0000000140)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{}, {0x0, 0x0, 0x1, 0x1}}], 0x10)
setsockopt$CAN_RAW_FILTER(r4, 0x65, 0x1, &(0x7f0000000100)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x8)
socket$kcm(0x10, 0x2, 0x0)
madvise(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x64)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f00000007c0)=ANY=[@ANYBLOB="2800000002010102000000000000000005000006060012400000000004000180040019"], 0x28}, 0x1, 0x0, 0x0, 0x40050}, 0x4000)

435.910082ms ago: executing program 1 (id=4362):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0200010000008000000000000000000000010000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r0}, 0x10)
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)
clock_settime(0x5, &(0x7f0000000040)={0x0, 0x3938700})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree\x00', r3}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}}, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c0000003e000701fcfffffff6dbdf25017c0000080003"], 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

419.626312ms ago: executing program 2 (id=4363):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x10)
semop(0x0, 0x0, 0x0)

418.853672ms ago: executing program 4 (id=4364):
r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
syz_clone(0xe50c1700, 0x0, 0x0, 0x0, 0x0, 0x0)

368.628843ms ago: executing program 2 (id=4365):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000010c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_ADD(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x24008881}, 0x0)

368.238013ms ago: executing program 2 (id=4366):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r1}, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f000000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4005}, 0x8080)
sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0)

322.256704ms ago: executing program 2 (id=4367):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x0, 0x0}, 0x10)
syz_emit_ethernet(0x52, &(0x7f0000000440)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x1c, 0x6, 0xff, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x7, 0xc2, 0x0, 0x0, 0x0, {[@mss={0x1e, 0x4, 0xa101}, @generic={0x4, 0x2}]}}}}}}}}, 0x0)

275.153245ms ago: executing program 2 (id=4368):
syz_mount_image$ext4(&(0x7f00000004c0)='ext2\x00', &(0x7f0000000200)='./file1\x00', 0x3804402, &(0x7f0000000340), 0xfd, 0x564, &(0x7f0000000b00)="$eJzs3d9rW+UbAPDnpE33+7sOxvgqIoVdOJlL19YfE7yYl6LDgd7P0mZlNFlGk461Dtwu3I03MgQRB8Nr9d7L4T/gXzHQwZBRFPEmctKTmK3JmnXZmprPB872vjkne8+T9zzv3jcnIQEMrYn0j1zECxHxZRJxsG3faGQ7J9aPW3twdS7dkqjXP/o9iSR7rHl8kv29L6v8PyJ+/jzieG5ju9WV1cXZUqm4lNUna+VLk9WV1RMXyrMLxYXixemZmVNvzEy//dabfYv11bN/fvPhnfdOfXF07esf7x26mcTp2J/ta4/jKVxrr0zERPaa5OP0IwdO9aGxQZJs9wmwJSNZnucjHQMOxkiW9cB/32cRUQeGVCL/YUg15wHNtX2f1sE7xv131xdAG+MfXX9vJHY31kZ715KHVkbpene8D+2nbfz0262b6Rb9ex8CYFPXrkfEydHRjeNfko1/W3eyh2MebcP4B8/PnXT+81qn+U+uNf+JDvOffR1ydys2z//cvT4001U6/3un4/y3ddNqfCSrHWjM+fLJ+QulYjq2/S8ijkV+V1p/3P2cU2t36932tc//0i1tvzkXzM7j3uiuh58zP1ubfZqY292/HvFix/lv0ur/pEP/p6/H2R7bOFK89XK3fZvH/2zVv4t4pWP/51vHJI+/PznZuB4mm1fFRn/cOPJLt/a3O/60//eux/9XtiRs9X9mPGm/X1t98jZu7/672G3fVq//seTjRnkse+zKbK22NBUxlnyw8fHpf5/brDePT+M/dvTx41+n639PRHzSY/w3Dv/w0tbjf7bS+Oc7Xv/d+v/JC3ff//Tbzq3f7rH/X4+k7QZzL+Nfryf4VC8eAAAAAAAADJhcROyPJFdolXO5QmH98x2HY2+uVKnWjp+vLF+cj8Z3Zccjn2ve6T7Y9nmIqezzsM369CP1mYg4FBFfjexp1AtzldL8dgcPAAAAAAAAAAAAAAAAAAAAA2Jfl+//p34d2e6zA545P/kNw2vT/O/HLz0BA8n//zC85D8ML/kPw0v+w/CS/zC85D8ML/kPw0v+AwAAAAAAAAAAAAAAAAAAAAAAAAAAQF+dPXMm3eprD67OpfX5yyvLi5XLJ+aL1cVCeXmuMFdZulRYqFQWSsXCXKW82b9XqlQuTU3H8pXJWrFam6yurJ4rV5Yv1s5dKH9/IKKYfy5RAQAAAAAAAAAAAAAAAAAAwM5SXVldnC2ViksKjcKuGIjT2EGF0cE4DYU+FzoMFmPbMEABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQET8EwAA//+ndDnV")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8008001}, 0x24008854)
pipe(0x0)
r1 = add_key$keyring(&(0x7f0000000080), &(0x7f0000001100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000e4ffffff00"/20], 0x14}}, 0x0)
write$tun(r2, &(0x7f0000000140)={@val={0x3, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x8016, 0x1400, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @dest_unreach={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @local, @loopback}}}}, 0xfdef)
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)="300e3080", 0x4, r1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xffff, 0x20000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setscheduler(r4, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x7b53a000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000380)=@abs={0x0, 0x0, 0x4f24}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r6], 0x48)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x1018e58, &(0x7f0000000000), 0x1, 0x644, &(0x7f00000012c0)="$eJzs3c9rG9kdAPDvSLZjJ26dlFIa01JDDwmUOHYamraXJumhOQQaaA6l9BAT26mJ8oPYgSYNJIFCW2ihlF7Dksv+A7kvue9tWdjd254XssuSZRd2g7XMaGRLthTLsiXZmc8HpMy8Gc17X41e3nsaPU8AhTWVPpUijkasXkkiJhq2jUdt41S+38vPH1xNH0lUq3/4LIkkT6vt/Y9YzV93KH1KIkYj4r3zEd8rb853+d7963OVaubZw4iTKzdun1y+d//E0o25awvXFm7Onvrl6TMzv5o9PbsrcR7K/71w8fc/+s/f//KLxfcrJ5I4G5eH/zYfTXF0pZq0SJyKqVithVhtTB+KiDPpQov3Zb/pKIQDvS8H3Snnn8fhiPhBTEQ5W6uZiKV/D7RwQE9VyxFVoKAS9R8Kqt4PqI/tOxsHX+5xr6R/XpyrDYA2xz9U+24kRrOx0cGXScPIqPbdxuFdyD/N49WDySfpI5q+h/hq7ewM7UI+7Tx6HBE/bBV/kpXtcBZpGn+paayfRMRMRIzk5fttF1k3Hqtuh9/DbL8Q24i/8TyUIuJs/m+afr7L/Kc2rPc7fgCK6fm5vCHPWuP19q+61jbV27/m/s94i7arG9tu/1pdaNmB9v2/ens/mvV7Shv6YWkxLrU+5PDGhI//deF/7fJv7P+9epBk5aj3BfvhxeOIyQ3x/zMNNu//pPEnLc5/usuVs53l8bsPPr3Qbltz/JNPOo1/05vcperTiGMtxz/rH7R06TXXJ08uLlUWZmrPLfN4590/v90u/27j3y3p+T/YJv6G81/a+Lr0PbndYR7PLj29MdJm2/iW8Zc+GUlq4836Mf46t7JyZzZiJLmY79KQfur1ZanvUz9GGv/xn7au/02f/8fNxxlrHMBs4fYfr79st62b899wMXm12mEZ2knjn9/6/G+q/2nafzvM48s/3f1xu20t4o/I4x/bSWAAAAAAAABQQKXsGmxSml5bLpWmp2vzZb8fB0uVW8srP1u8dffmfMTx7PeQw6X6le6J2nqSrs/mv4etr5/asP7ziDgSEf8vj2Xr01dvVeYHHTwAAAAAAAAAAAAAAAAAAADsEYfy+f/1+1R/Ua7N/wcKopc3mAP2NvUfiiur/5tu8bS1Az0oC9Bf2n8oLvUfikv9h+JS/6G41H8oLvUfikv9h+Laov67zA8AAAAA+9ORnzz/KImIR78eyx6pkXxbeXigRQN6rFUVrz4cQEGAvisPugDAwKxd+u9i+j+wv3U0xP86/+OAvS8OMABJq8Ssc1B9feV/3vKVTXQtAAAAAAAAAAAAAGB3HDvafv6/6f/wZvPbfCiuHcz/96cDYJ9z6w8orvUxvrt8QFFtNYt/tN2GDub/AwAAAAAAAAAAAAC7Yzx7JKXpfC7weJRK09MR34mIwzGcLC5VFmYi4rsR8WF5+EC6PjvoQgMAAAAAAAAAAAAAAAAAAMAbZvne/etzlcrCncaFbzalvNkL9bug9iGv38Q2XxVJ/9+WsYgY+Enp2cJQQ0oS8Sg983uiYHeWY28UI1sY8H9MAAAAAAAAAAAAAAAAAABQQA1zj1ubfKvPJQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/lu//3/vFgYdIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwP30bAAD//8UxQX0=")

256.127195ms ago: executing program 3 (id=4369):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f0000000a00)={0x0, 0xfffffffffffffe7f, &(0x7f00000009c0)={&(0x7f0000000640)={0x2c, r2, 0x1, 0x0, 0x25dfdbfe, {}, [@ETHTOOL_A_STRSET_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x141}, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ec}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6}]}, 0x10)
bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x4d, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000280)=@newlink={0x48, 0x10, 0x503, 0x402, 0x0, {0x0, 0x0, 0x0, 0x0, 0x200}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_MACSEC_CIPHER_SUITE={0xc, 0x4, 0x80c20001000004}, @IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x10}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
bind$bt_hci(r3, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8f0, &(0x7f0000002400)=<r8=>0x0)
io_submit(r8, 0x0, &(0x7f0000000340))

244.611315ms ago: executing program 4 (id=4370):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x10, &(0x7f0000000040)={[{@usrjquota}]}, 0x1, 0x3e7, &(0x7f0000000480)="$eJzs3E1vG0UfAPD/bl7apn1qV3oOvFwsQCISImnSFqgEEhEXDu2JHjhixWmJ6jSoMRKtIl4E4gYSiA8AB+AjcIQD3wHOwAEqRSgHUm5Ga+86Jn5pQx0skt9PGnlmZ+OZ9WTWu+PZCeDIqkTEixExERFnI6KUb0/zEO+2Q7bfzvbm8p/bm8tJNJuv/J5Ekm8r3ivJX0/mbzCbRqQfJPFon3I3bt2+Xq3XV27m6fnG2hvzG7duP726Vr22cm3lxuIz585fuPDcxcVnR3asW2vJR098demXTz6sffrDb9+Ws/qeyvO6j2NUKlHpfCZ7XRx1YWN2vCueTI6xIgAADJXm1/6Trev/UkzE7sVbKT7+fqyVAwAAAEai2SxeAQAAgMMrce8PAAAAh1wxD2Bne3O5CGOcjsC/bGspIsrt9r+bh3bOZOeZ3qk9z/eOUiUiXj5+eTELcUDPYQMAAAAcZd8ttRf+6x3/S+Ohrv1ORMRMsbbfCFX2pHvHf9I7Iy6SLltLEc9HxN2e8b+02KU8kaf+1xoqnEqurtZXzkbE6YiYjaljWXphSBlvP3b960F53eN/n//86kJWfva6u0d6Z/LY3/+mVm1UH+SY2bX1XsQjk/3aP+mM+Xavk/lPvLa688KgvKz9s/YuQm/7c5CaX0Q82bf/765cmgxfn3W+dT6YL84KvX469eX7g8rv7v9ZyMovfgvg4GX9f2Z4+7fWye2s17ux/zK++ePyj4Py7t3+/c//08mVVgWn821vVRuNmwsR08ml3u3+mzqKz6P4vLL2n328//d/cf2X5N/9p7vWh+4x5AfCl945c2VQnv4/Xln71/bV//cfeX3m4dlB5d9f/z/fqkzxJq7/7u1+G2jc9QQAAAAAAABgNNLW3L4knevE03Rurj3P9/8xk9bXNxpPXV1/80atPQewHFNpMdOr1DUfdKH9GHknvbgnfS4izkTEZ6UTrfTc8nq9Nu6DBwAAgCPi5ID7/8yvAx/2AAAAAP5zyuOuAAAAAHDg3P8DAADAofYg6/qLiIgc1si4z0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAR9tfAQAA///8h8MD")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0)
write(r2, &(0x7f00000001c0)="f14a18f6", 0x4)
sendfile(r2, r0, 0x0, 0x40001)
sendfile(r2, r1, 0x0, 0x7ffff000)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f00000000c0)={0x1ff, 0x8005, 0x1, 0x80}, &(0x7f0000000100)=0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)

0s ago: executing program 3 (id=4371):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000002c0)=0x1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x2)

kernel console output (not intermixed with test programs):

cate cleaned up
[  220.384746][T13141] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.399565][T13141] EXT4-fs error (device loop2): __ext4_get_inode_loc:4861: comm syz.2.3604: Invalid inode table block 0 in block_group 0
[  220.414060][T13143] EXT4-fs (loop0): mount failed
[  220.414317][T13141] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  220.430755][T13141] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #2: comm syz.2.3604: mark_inode_dirty error
[  220.450277][T13143] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=13143 comm=syz.0.3605
[  220.466904][  T148] EXT4-fs error (device loop2): __ext4_get_inode_loc:4861: comm kworker/u8:4: Invalid inode table block 0 in block_group 0
[  220.480929][T11416] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.550127][T13169] loop1: detected capacity change from 0 to 512
[  220.559272][T13169] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  220.580282][T13169] EXT4-fs (loop1): 1 truncate cleaned up
[  220.586464][T13169] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.671890][T11638] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.762431][T13188] loop1: detected capacity change from 0 to 512
[  220.769799][T13188] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  220.792920][T13188] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.3619: Invalid block bitmap block 0 in block_group 0
[  220.807928][T13188] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  220.820341][T13188] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #11: comm syz.1.3619: attempt to clear invalid blocks 983261 len 1
[  220.823558][T13193] smc: net device bond0 applied user defined pnetid SYZ0
[  220.843100][T13188] EXT4-fs error (device loop1): __ext4_get_inode_loc:4861: comm syz.1.3619: Invalid inode table block 0 in block_group 0
[  220.857709][T13188] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  220.867464][T13193] smc: net device bond0 erased user defined pnetid SYZ0
[  220.875639][T13188] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  220.875804][T13188] EXT4-fs error (device loop1): __ext4_get_inode_loc:4861: comm syz.1.3619: Invalid inode table block 0 in block_group 0
[  220.944223][T13188] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  220.957372][T13188] EXT4-fs error (device loop1): ext4_truncate:4666: inode #11: comm syz.1.3619: mark_inode_dirty error
[  220.969091][T13188] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  220.981347][T13188] EXT4-fs error (device loop1): __ext4_get_inode_loc:4861: comm syz.1.3619: Invalid inode table block 0 in block_group 0
[  220.996986][T13188] EXT4-fs (loop1): 1 truncate cleaned up
[  220.998843][T13204] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  221.003217][T13188] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.010179][T13204] batman_adv: batadv0: Removing interface: batadv_slave_0
[  221.031773][T13188] EXT4-fs error (device loop1): __ext4_get_inode_loc:4861: comm syz.1.3619: Invalid inode table block 0 in block_group 0
[  221.047019][T13204] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  221.051627][T13206] loop2: detected capacity change from 0 to 512
[  221.054548][T13204] batman_adv: batadv0: Removing interface: batadv_slave_1
[  221.061891][T13206] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  221.069468][T13188] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  221.079623][T13206] EXT4-fs (loop2): 1 truncate cleaned up
[  221.093441][T13206] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.110483][T13188] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #2: comm syz.1.3619: mark_inode_dirty error
[  221.123230][T13204] bond0: (slave batadv0): Releasing backup interface
[  221.140187][   T12] EXT4-fs error (device loop1): __ext4_get_inode_loc:4861: comm kworker/u8:0: Invalid inode table block 0 in block_group 0
[  221.154122][T11638] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.191581][T11416] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.220461][T13214] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3632'.
[  221.256555][T13220] loop0: detected capacity change from 0 to 1024
[  221.263871][T13220] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  221.283922][T13220] syzkaller1: entered promiscuous mode
[  221.289511][T13220] syzkaller1: entered allmulticast mode
[  221.305462][T13223] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3635'.
[  221.350397][T13229] netlink: 204 bytes leftover after parsing attributes in process `syz.3.3639'.
[  221.359609][T13229] validate_nla: 4 callbacks suppressed
[  221.359626][T13229] netlink: 'syz.3.3639': attribute type 1 has an invalid length.
[  221.372900][T13229] netlink: 'syz.3.3639': attribute type 3 has an invalid length.
[  221.380729][T13229] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3639'.
[  221.390234][T13229] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3639'.
[  221.556271][T13244] loop0: detected capacity change from 0 to 1024
[  221.563994][T13244] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  221.601414][T13244] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  221.609608][T13244] EXT4-fs (loop0): orphan cleanup on readonly fs
[  221.619265][T13244] EXT4-fs warning (device loop0): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  221.633951][T13244] EXT4-fs (loop0): Cannot turn on quotas: error -117
[  221.644580][T13244] EXT4-fs error (device loop0): ext4_free_blocks:6696: comm syz.0.3634: Freeing blocks not in datazone - block = 0, count = 4096
[  221.659674][T13244] EXT4-fs (loop0): 1 orphan inode deleted
[  221.666410][T13244] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  221.785478][T13250] smc: net device bond0 applied user defined pnetid SYZ0
[  221.816411][T13250] smc: net device bond0 erased user defined pnetid SYZ0
[  221.831773][T13250] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3648'.
[  221.884801][T13254] netlink: 204 bytes leftover after parsing attributes in process `syz.2.3650'.
[  221.894094][T13254] netlink: 'syz.2.3650': attribute type 1 has an invalid length.
[  221.901920][T13254] netlink: 'syz.2.3650': attribute type 3 has an invalid length.
[  222.119354][T13259] loop2: detected capacity change from 0 to 1024
[  222.121878][T13258] hub 9-0:1.0: USB hub found
[  222.130363][T13258] hub 9-0:1.0: 8 ports detected
[  222.134051][T13259] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.255905][T13272] loop1: detected capacity change from 0 to 1024
[  222.262635][T13272] EXT4-fs: Ignoring removed orlov option
[  222.270916][T13272] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.292564][T10775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.369618][T11416] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.400440][T11638] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.411211][T13283] smc: net device bond0 applied user defined pnetid SYZ0
[  222.419881][T13285] smc: net device bond0 erased user defined pnetid SYZ0
[  222.482735][T13293] loop2: detected capacity change from 0 to 1024
[  222.486109][T13291] hub 9-0:1.0: USB hub found
[  222.489743][T13293] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  222.494235][T13291] hub 9-0:1.0: 8 ports detected
[  222.522224][T13293] syzkaller1: entered promiscuous mode
[  222.527758][T13293] syzkaller1: entered allmulticast mode
[  222.546895][T13295] loop1: detected capacity change from 0 to 1024
[  222.605962][T13295] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  222.622337][T13301] loop0: detected capacity change from 0 to 128
[  222.645820][T13301] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  222.653733][T13301] FAT-fs (loop0): Filesystem has been set read-only
[  222.660437][T13301] syz.0.3670: attempt to access beyond end of device
[  222.660437][T13301] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  222.675287][T13301] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  222.683250][T13301] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  222.690163][T13304] loop4: detected capacity change from 0 to 512
[  222.696638][T13295] syzkaller1: entered promiscuous mode
[  222.698148][T13301] syz.0.3670: attempt to access beyond end of device
[  222.698148][T13301] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  222.702917][T13295] syzkaller1: entered allmulticast mode
[  222.848636][T13305] loop2: detected capacity change from 0 to 1024
[  222.855911][T13304] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  222.867471][T13301] syz.0.3670: attempt to access beyond end of device
[  222.867471][T13301] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  222.881403][T13301] syz.0.3670: attempt to access beyond end of device
[  222.881403][T13301] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  223.377894][T13307] loop1: detected capacity change from 0 to 1024
[  223.673176][T13304] EXT4-fs (loop4): 1 truncate cleaned up
[  223.683005][T13304] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.220844][T13307] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  224.222575][T13305] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  224.245429][T13307] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  224.253476][T13307] EXT4-fs (loop1): orphan cleanup on readonly fs
[  224.260170][T13307] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  224.275841][T13307] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  224.283063][T13307] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.3667: Freeing blocks not in datazone - block = 0, count = 4096
[  224.297374][T13305] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  224.297540][T13307] EXT4-fs (loop1): 1 orphan inode deleted
[  224.305474][T13305] EXT4-fs (loop2): orphan cleanup on readonly fs
[  224.311612][T13307] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  224.330268][T13305] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  224.344953][T13305] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  224.352343][T13306] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.3667: iget: bad extended attribute block 6
[  224.352521][T13305] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.3666: Freeing blocks not in datazone - block = 0, count = 4096
[  224.378502][T13305] EXT4-fs (loop2): 1 orphan inode deleted
[  224.384677][T13305] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  224.417401][T12014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.447740][T13322] smc: net device bond0 applied user defined pnetid SYZ0
[  224.455179][T13322] smc: net device bond0 erased user defined pnetid SYZ0
[  224.497205][T13324] hub 9-0:1.0: USB hub found
[  224.501955][T13324] hub 9-0:1.0: 8 ports detected
[  224.528366][T13325] loop3: detected capacity change from 0 to 1024
[  224.566847][   T29] kauditd_printk_skb: 124 callbacks suppressed
[  224.566863][   T29] audit: type=1326 audit(1758154766.991:9718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13326 comm="syz.0.3678" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd2c145eba9 code=0x0
[  224.596706][   T29] audit: type=1326 audit(1758154767.001:9719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13328 comm="syz.4.3679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2deee5eba9 code=0x7ffc0000
[  224.597775][T13325] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.620329][   T29] audit: type=1326 audit(1758154767.001:9720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13328 comm="syz.4.3679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2deee5eba9 code=0x7ffc0000
[  224.656315][   T29] audit: type=1326 audit(1758154767.001:9721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13328 comm="syz.4.3679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f2deee5eba9 code=0x7ffc0000
[  224.679982][   T29] audit: type=1326 audit(1758154767.001:9722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13328 comm="syz.4.3679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2deee5eba9 code=0x7ffc0000
[  224.689818][T13333] loop4: detected capacity change from 0 to 512
[  224.703813][   T29] audit: type=1326 audit(1758154767.001:9723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13328 comm="syz.4.3679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2deee5eba9 code=0x7ffc0000
[  224.733908][   T29] audit: type=1326 audit(1758154767.001:9724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13328 comm="syz.4.3679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=310 compat=0 ip=0x7f2deee5eba9 code=0x7ffc0000
[  224.757595][   T29] audit: type=1326 audit(1758154767.001:9725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13328 comm="syz.4.3679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2deee5eba9 code=0x7ffc0000
[  224.779786][T13333] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  224.781333][   T29] audit: type=1326 audit(1758154767.001:9726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13328 comm="syz.4.3679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2deee5eba9 code=0x7ffc0000
[  224.795117][T13333] EXT4-fs (loop4): 1 truncate cleaned up
[  224.815583][T11638] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.821831][T13333] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.833615][   T29] audit: type=1326 audit(1758154767.086:9727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13314 comm="syz.3.3674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4af0e5eba9 code=0x7ffc0000
[  224.881875][T11863] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.943048][T12014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.955642][T11416] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.989472][T13342] loop3: detected capacity change from 0 to 128
[  224.999166][T13348] vhci_hcd: invalid port number 236
[  225.004489][T13348] vhci_hcd: invalid port number 236
[  225.025913][T13350] FAULT_INJECTION: forcing a failure.
[  225.025913][T13350] name failslab, interval 1, probability 0, space 0, times 0
[  225.038976][T13350] CPU: 0 UID: 0 PID: 13350 Comm: syz.1.3687 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  225.039011][T13350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  225.039028][T13350] Call Trace:
[  225.039040][T13350]  <TASK>
[  225.039090][T13350]  __dump_stack+0x1d/0x30
[  225.039117][T13350]  dump_stack_lvl+0xe8/0x140
[  225.039144][T13350]  dump_stack+0x15/0x1b
[  225.039164][T13350]  should_fail_ex+0x265/0x280
[  225.039229][T13350]  should_failslab+0x8c/0xb0
[  225.039264][T13350]  kmem_cache_alloc_node_noprof+0x57/0x320
[  225.039304][T13350]  ? __alloc_skb+0x101/0x320
[  225.039372][T13350]  __alloc_skb+0x101/0x320
[  225.039409][T13350]  netlink_alloc_large_skb+0xba/0xf0
[  225.039441][T13350]  netlink_sendmsg+0x3cf/0x6b0
[  225.039491][T13350]  ? __pfx_netlink_sendmsg+0x10/0x10
[  225.039528][T13350]  __sock_sendmsg+0x145/0x180
[  225.039572][T13350]  ____sys_sendmsg+0x31e/0x4e0
[  225.039612][T13350]  ___sys_sendmsg+0x17b/0x1d0
[  225.039714][T13350]  __x64_sys_sendmsg+0xd4/0x160
[  225.039750][T13350]  x64_sys_call+0x191e/0x2ff0
[  225.039775][T13350]  do_syscall_64+0xd2/0x200
[  225.039881][T13350]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  225.039953][T13350]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  225.039985][T13350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.040027][T13350] RIP: 0033:0x7f9ba7daeba9
[  225.040043][T13350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  225.040062][T13350] RSP: 002b:00007f9ba6817038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  225.040082][T13350] RAX: ffffffffffffffda RBX: 00007f9ba7ff5fa0 RCX: 00007f9ba7daeba9
[  225.040104][T13350] RDX: 0000000000000880 RSI: 0000200000001ac0 RDI: 0000000000000006
[  225.040117][T13350] RBP: 00007f9ba6817090 R08: 0000000000000000 R09: 0000000000000000
[  225.040210][T13350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  225.040227][T13350] R13: 00007f9ba7ff6038 R14: 00007f9ba7ff5fa0 R15: 00007ffe79f89ea8
[  225.040248][T13350]  </TASK>
[  225.255385][T13353] hub 9-0:1.0: USB hub found
[  225.260155][T13353] hub 9-0:1.0: 8 ports detected
[  225.289485][T13359] loop4: detected capacity change from 0 to 1024
[  225.361306][T13359] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  225.394152][T13369] loop1: detected capacity change from 0 to 512
[  225.418075][T13359] __nla_validate_parse: 4 callbacks suppressed
[  225.418101][T13359] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3691'.
[  225.418824][T13369] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  225.440790][T13359] syzkaller1: entered promiscuous mode
[  225.448870][T13359] syzkaller1: entered allmulticast mode
[  225.490822][T13369] EXT4-fs (loop1): 1 truncate cleaned up
[  225.509356][T13369] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  225.536964][T13378] loop2: detected capacity change from 0 to 1024
[  225.555046][T13378] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  225.621824][T11638] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.659078][T13389] hub 9-0:1.0: USB hub found
[  225.675310][T13389] hub 9-0:1.0: 8 ports detected
[  225.746856][T13392] loop4: detected capacity change from 0 to 1024
[  225.754779][T13392] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  225.857609][T13392] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  225.865837][T13392] EXT4-fs (loop4): orphan cleanup on readonly fs
[  225.872999][T13392] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  225.887814][T13392] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  225.902857][T13392] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.3691: Freeing blocks not in datazone - block = 0, count = 4096
[  225.917285][T13392] EXT4-fs (loop4): 1 orphan inode deleted
[  225.923715][T13392] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  225.940904][T13392] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.3691: iget: bad extended attribute block 6
[  226.185933][T11416] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.196168][T12014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.240534][T13418] netlink: 'syz.4.3711': attribute type 1 has an invalid length.
[  226.262225][T13418] 8021q: adding VLAN 0 to HW filter on device bond1
[  226.270784][T13419] smc: net device bond0 applied user defined pnetid SYZ0
[  226.306751][T13419] smc: net device bond0 erased user defined pnetid SYZ0
[  226.318410][T13419] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3715'.
[  226.362522][T13434] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3722'.
[  226.362826][T13433] loop0: detected capacity change from 0 to 128
[  226.410023][T13433] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  226.432817][T13433] ext4 filesystem being mounted at /223/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  226.438343][T13441] hub 9-0:1.0: USB hub found
[  226.457679][T13441] hub 9-0:1.0: 8 ports detected
[  226.523583][T13453] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3730'.
[  226.572272][T13455] hub 9-0:1.0: USB hub found
[  226.589561][T13455] hub 9-0:1.0: 8 ports detected
[  226.600236][T10775] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  226.662784][T13471] FAULT_INJECTION: forcing a failure.
[  226.662784][T13471] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.676012][T13471] CPU: 0 UID: 0 PID: 13471 Comm: syz.3.3740 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  226.676111][T13471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  226.676127][T13471] Call Trace:
[  226.676134][T13471]  <TASK>
[  226.676141][T13471]  __dump_stack+0x1d/0x30
[  226.676241][T13471]  dump_stack_lvl+0xe8/0x140
[  226.676266][T13471]  dump_stack+0x15/0x1b
[  226.676335][T13471]  should_fail_ex+0x265/0x280
[  226.676367][T13471]  should_fail+0xb/0x20
[  226.676396][T13471]  should_fail_usercopy+0x1a/0x20
[  226.676503][T13471]  _copy_from_user+0x1c/0xb0
[  226.676547][T13471]  ___sys_sendmsg+0xc1/0x1d0
[  226.676601][T13471]  __x64_sys_sendmsg+0xd4/0x160
[  226.676643][T13471]  x64_sys_call+0x191e/0x2ff0
[  226.676720][T13471]  do_syscall_64+0xd2/0x200
[  226.676762][T13471]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  226.676851][T13471]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  226.676970][T13471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.676997][T13471] RIP: 0033:0x7f4af0e5eba9
[  226.677045][T13471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.677069][T13471] RSP: 002b:00007f4aef8c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  226.677093][T13471] RAX: ffffffffffffffda RBX: 00007f4af10a5fa0 RCX: 00007f4af0e5eba9
[  226.677109][T13471] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000007
[  226.677152][T13471] RBP: 00007f4aef8c7090 R08: 0000000000000000 R09: 0000000000000000
[  226.677168][T13471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.677182][T13471] R13: 00007f4af10a6038 R14: 00007f4af10a5fa0 R15: 00007fffe9777128
[  226.677207][T13471]  </TASK>
[  226.680609][T13470] loop1: detected capacity change from 0 to 512
[  226.850309][T13477] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3741'.
[  226.892150][T13470] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  226.914025][T13470] EXT4-fs (loop1): mount failed
[  226.926144][T13470] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=13470 comm=syz.1.3739
[  227.005835][T13487] loop1: detected capacity change from 0 to 512
[  227.009095][T13491] FAULT_INJECTION: forcing a failure.
[  227.009095][T13491] name failslab, interval 1, probability 0, space 0, times 0
[  227.024889][T13491] CPU: 1 UID: 0 PID: 13491 Comm: syz.3.3746 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  227.024919][T13491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  227.024964][T13491] Call Trace:
[  227.024972][T13491]  <TASK>
[  227.024982][T13491]  __dump_stack+0x1d/0x30
[  227.025010][T13491]  dump_stack_lvl+0xe8/0x140
[  227.025030][T13491]  dump_stack+0x15/0x1b
[  227.025047][T13491]  should_fail_ex+0x265/0x280
[  227.025098][T13491]  should_failslab+0x8c/0xb0
[  227.025128][T13491]  kmem_cache_alloc_noprof+0x50/0x310
[  227.025168][T13491]  ? __inet_hash_connect+0xbdf/0x1350
[  227.025276][T13491]  __inet_hash_connect+0xbdf/0x1350
[  227.025337][T13491]  inet6_hash_connect+0xaf/0xc0
[  227.025380][T13491]  tcp_v6_connect+0x983/0xc30
[  227.025420][T13491]  __inet_stream_connect+0x169/0x7e0
[  227.025455][T13491]  ? tcp_sendmsg_fastopen+0x172/0x520
[  227.025559][T13491]  ? should_failslab+0x8c/0xb0
[  227.025591][T13491]  ? __kmalloc_cache_noprof+0x189/0x320
[  227.025628][T13491]  tcp_sendmsg_fastopen+0x43a/0x520
[  227.025741][T13491]  tcp_sendmsg_locked+0x26e1/0x2c00
[  227.025783][T13491]  ? mntput_no_expire+0x6f/0x460
[  227.025828][T13491]  ? __rcu_read_unlock+0x4f/0x70
[  227.025855][T13491]  ? avc_has_perm_noaudit+0x1b1/0x200
[  227.025914][T13491]  ? avc_has_perm+0xf7/0x180
[  227.025949][T13491]  ? _raw_spin_unlock_bh+0x36/0x40
[  227.025978][T13491]  ? __pfx_tcp_sendmsg+0x10/0x10
[  227.026013][T13491]  tcp_sendmsg+0x2f/0x50
[  227.026035][T13491]  inet6_sendmsg+0x76/0xd0
[  227.026131][T13491]  __sock_sendmsg+0x8b/0x180
[  227.026168][T13491]  __sys_sendto+0x268/0x330
[  227.026201][T13491]  __x64_sys_sendto+0x76/0x90
[  227.026232][T13491]  x64_sys_call+0x2d05/0x2ff0
[  227.026319][T13491]  do_syscall_64+0xd2/0x200
[  227.026388][T13491]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  227.026474][T13491]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  227.026508][T13491]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.026531][T13491] RIP: 0033:0x7f4af0e5eba9
[  227.026547][T13491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  227.026567][T13491] RSP: 002b:00007f4aef8c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  227.026686][T13491] RAX: ffffffffffffffda RBX: 00007f4af10a5fa0 RCX: 00007f4af0e5eba9
[  227.026725][T13491] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  227.026740][T13491] RBP: 00007f4aef8c7090 R08: 0000200000000000 R09: 000000000000001c
[  227.026757][T13491] R10: 0000000024040014 R11: 0000000000000246 R12: 0000000000000001
[  227.026773][T13491] R13: 00007f4af10a6038 R14: 00007f4af10a5fa0 R15: 00007fffe9777128
[  227.026797][T13491]  </TASK>
[  227.302259][T13487] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  227.349243][T11638] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.426712][T13512] loop0: detected capacity change from 0 to 512
[  227.437425][T13511] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13511 comm=+}[@
[  227.455151][T13512] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  227.492064][T13518] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3757'.
[  227.513549][T13512] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.3755: Invalid block bitmap block 0 in block_group 0
[  227.564699][T13512] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  227.578729][T13512] EXT4-fs error (device loop0): ext4_clear_blocks:876: inode #11: comm syz.0.3755: attempt to clear invalid blocks 983261 len 1
[  227.599091][T13512] EXT4-fs error (device loop0): __ext4_get_inode_loc:4861: comm syz.0.3755: Invalid inode table block 0 in block_group 0
[  227.626383][T13512] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  227.644733][T13527] loop3: detected capacity change from 0 to 512
[  227.651662][T13512] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  227.651905][T13527] msdos: Unknown parameter ''
[  227.671902][T13527] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3761'.
[  227.681574][T13512] EXT4-fs error (device loop0): __ext4_get_inode_loc:4861: comm syz.0.3755: Invalid inode table block 0 in block_group 0
[  227.688847][T13527] 8021q: adding VLAN 0 to HW filter on device bond1
[  227.701184][T13512] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  227.709744][T13527] vlan2: entered allmulticast mode
[  227.715777][T13527] bond1: entered allmulticast mode
[  227.723893][T13512] EXT4-fs error (device loop0): ext4_truncate:4666: inode #11: comm syz.0.3755: mark_inode_dirty error
[  227.739556][T13512] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  227.750135][T13512] EXT4-fs error (device loop0): __ext4_get_inode_loc:4861: comm syz.0.3755: Invalid inode table block 0 in block_group 0
[  227.765051][T13512] EXT4-fs (loop0): 1 truncate cleaned up
[  227.771519][T13512] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  227.858227][T10775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.871067][T13546] loop3: detected capacity change from 0 to 164
[  227.922493][T13555] netlink: 'syz.4.3772': attribute type 1 has an invalid length.
[  227.961478][T13555] 8021q: adding VLAN 0 to HW filter on device bond2
[  228.017762][T13568] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3777'.
[  228.029837][T13564] loop1: detected capacity change from 0 to 1024
[  228.038280][T13564] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  228.047740][T13570] FAULT_INJECTION: forcing a failure.
[  228.047740][T13570] name failslab, interval 1, probability 0, space 0, times 0
[  228.060470][T13570] CPU: 0 UID: 0 PID: 13570 Comm: syz.4.3779 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  228.060506][T13570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  228.060524][T13570] Call Trace:
[  228.060531][T13570]  <TASK>
[  228.060541][T13570]  __dump_stack+0x1d/0x30
[  228.060568][T13570]  dump_stack_lvl+0xe8/0x140
[  228.060620][T13570]  dump_stack+0x15/0x1b
[  228.060642][T13570]  should_fail_ex+0x265/0x280
[  228.060674][T13570]  should_failslab+0x8c/0xb0
[  228.060708][T13570]  kmem_cache_alloc_node_noprof+0x57/0x320
[  228.060827][T13570]  ? __alloc_skb+0x101/0x320
[  228.060878][T13570]  __alloc_skb+0x101/0x320
[  228.060900][T13570]  ? audit_log_start+0x365/0x6c0
[  228.060968][T13570]  audit_log_start+0x380/0x6c0
[  228.061003][T13570]  audit_seccomp+0x48/0x100
[  228.061107][T13570]  ? __seccomp_filter+0x68c/0x10d0
[  228.061215][T13570]  __seccomp_filter+0x69d/0x10d0
[  228.061244][T13570]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  228.061285][T13570]  ? vfs_write+0x7e8/0x960
[  228.061309][T13570]  ? __rcu_read_unlock+0x4f/0x70
[  228.061413][T13570]  ? __fget_files+0x184/0x1c0
[  228.061450][T13570]  __secure_computing+0x82/0x150
[  228.061473][T13570]  syscall_trace_enter+0xcf/0x1e0
[  228.061506][T13570]  do_syscall_64+0xac/0x200
[  228.061549][T13570]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  228.061588][T13570]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  228.061697][T13570]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.061726][T13570] RIP: 0033:0x7f2deee5eba9
[  228.061746][T13570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  228.061766][T13570] RSP: 002b:00007f2ded8bf038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[  228.061804][T13570] RAX: ffffffffffffffda RBX: 00007f2def0a5fa0 RCX: 00007f2deee5eba9
[  228.061817][T13570] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00002000000006c0
[  228.061907][T13570] RBP: 00007f2ded8bf090 R08: 0000000000000000 R09: 0000000000000000
[  228.061923][T13570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  228.061940][T13570] R13: 00007f2def0a6038 R14: 00007f2def0a5fa0 R15: 00007ffd6fe19958
[  228.061967][T13570]  </TASK>
[  228.277652][T13564] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3776'.
[  228.318332][T13564] syzkaller1: entered promiscuous mode
[  228.323917][T13564] syzkaller1: entered allmulticast mode
[  228.405634][T13579] loop0: detected capacity change from 0 to 128
[  228.477023][T13579] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  228.492102][T13579] ext4 filesystem being mounted at /232/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  228.509926][T13583] loop4: detected capacity change from 0 to 1024
[  228.522083][T13581] loop1: detected capacity change from 0 to 1024
[  228.529283][T13581] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  228.540426][T13581] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  228.548539][T13581] EXT4-fs (loop1): orphan cleanup on readonly fs
[  228.549712][T13588] FAULT_INJECTION: forcing a failure.
[  228.549712][T13588] name failslab, interval 1, probability 0, space 0, times 0
[  228.556203][T13581] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  228.567704][T13588] CPU: 0 UID: 0 PID: 13588 Comm: syz.3.3785 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  228.567789][T13588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  228.567813][T13588] Call Trace:
[  228.567822][T13588]  <TASK>
[  228.567835][T13588]  __dump_stack+0x1d/0x30
[  228.567867][T13588]  dump_stack_lvl+0xe8/0x140
[  228.567896][T13588]  dump_stack+0x15/0x1b
[  228.567994][T13588]  should_fail_ex+0x265/0x280
[  228.568030][T13588]  should_failslab+0x8c/0xb0
[  228.568067][T13588]  kmem_cache_alloc_node_noprof+0x57/0x320
[  228.568192][T13588]  ? __alloc_skb+0x101/0x320
[  228.568227][T13588]  __alloc_skb+0x101/0x320
[  228.568256][T13588]  ? audit_log_start+0x365/0x6c0
[  228.568372][T13588]  audit_log_start+0x380/0x6c0
[  228.568422][T13588]  audit_seccomp+0x48/0x100
[  228.568487][T13588]  ? __seccomp_filter+0x68c/0x10d0
[  228.568520][T13588]  __seccomp_filter+0x69d/0x10d0
[  228.568555][T13588]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  228.568596][T13588]  ? vfs_write+0x7e8/0x960
[  228.568661][T13588]  ? __rcu_read_unlock+0x4f/0x70
[  228.568694][T13588]  ? __fget_files+0x184/0x1c0
[  228.568735][T13588]  __secure_computing+0x82/0x150
[  228.568767][T13588]  syscall_trace_enter+0xcf/0x1e0
[  228.568804][T13588]  do_syscall_64+0xac/0x200
[  228.568874][T13588]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  228.568908][T13588]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  228.568996][T13588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.569027][T13588] RIP: 0033:0x7f4af0e5eba9
[  228.569049][T13588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  228.569145][T13588] RSP: 002b:00007f4aef8c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000008
[  228.569181][T13588] RAX: ffffffffffffffda RBX: 00007f4af10a5fa0 RCX: 00007f4af0e5eba9
[  228.569200][T13588] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000006
[  228.569220][T13588] RBP: 00007f4aef8c7090 R08: 0000000000000000 R09: 0000000000000000
[  228.569238][T13588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  228.569256][T13588] R13: 00007f4af10a6038 R14: 00007f4af10a5fa0 R15: 00007fffe9777128
[  228.569286][T13588]  </TASK>
[  228.645134][T10775] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  228.646290][T13581] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  228.670936][T13583] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  228.676796][T13581] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.3776: Freeing blocks not in datazone - block = 0, count = 4096
[  228.728202][T13592] netlink: 'syz.0.3786': attribute type 1 has an invalid length.
[  228.783658][T13581] EXT4-fs (loop1): 1 orphan inode deleted
[  228.814752][T13592] 8021q: adding VLAN 0 to HW filter on device bond3
[  228.827123][T13581] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  228.893457][T13581] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.3776: iget: bad extended attribute block 6
[  228.978912][T13602] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3790'.
[  229.018922][T13600] loop3: detected capacity change from 0 to 1024
[  229.031726][T13600] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  229.119391][T13600] syzkaller1: entered promiscuous mode
[  229.124999][T13600] syzkaller1: entered allmulticast mode
[  229.131417][T11638] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.164267][T12014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.280638][T13621] loop4: detected capacity change from 0 to 128
[  229.296130][T13621] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  229.309832][T13621] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  229.341513][T12014] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  229.415331][T13631] loop3: detected capacity change from 0 to 1024
[  229.422991][T13631] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  229.434498][T13631] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  229.442653][T13631] EXT4-fs (loop3): orphan cleanup on readonly fs
[  229.451895][T13631] __quota_error: 370 callbacks suppressed
[  229.451909][T13631] Quota error (device loop3): v2_read_file_info: Block with free entry 1283 out of range (1, 6).
[  229.468363][T13631] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  229.483004][T13631] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  229.490222][T13631] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.3789: Freeing blocks not in datazone - block = 0, count = 4096
[  229.503890][T13631] EXT4-fs (loop3): 1 orphan inode deleted
[  229.510407][T13631] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  229.699070][   T29] audit: type=1326 audit(1758154772.403:10091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13637 comm="syz.2.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ccbaeba9 code=0x7ffc0000
[  229.789806][   T29] audit: type=1326 audit(1758154772.435:10092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13637 comm="syz.2.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ccbaeba9 code=0x7ffc0000
[  229.813543][   T29] audit: type=1326 audit(1758154772.435:10093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13637 comm="syz.2.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f22ccbaeba9 code=0x7ffc0000
[  229.837328][   T29] audit: type=1326 audit(1758154772.435:10094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13637 comm="syz.2.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ccbaeba9 code=0x7ffc0000
[  229.860984][   T29] audit: type=1326 audit(1758154772.435:10095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13637 comm="syz.2.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ccbaeba9 code=0x7ffc0000
[  229.884784][   T29] audit: type=1400 audit(1758154772.467:10096): avc:  denied  { write } for  pid=13615 comm="syz.0.3798" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  229.904849][T13633] loop4: detected capacity change from 0 to 1024
[  229.945562][   T29] audit: type=1326 audit(1758154772.657:10097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13645 comm="syz.2.3806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ccbaeba9 code=0x7ffc0000
[  229.969350][   T29] audit: type=1326 audit(1758154772.657:10098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13645 comm="syz.2.3806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ccbaeba9 code=0x7ffc0000
[  230.005769][   T29] audit: type=1326 audit(1758154772.720:10099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13645 comm="syz.2.3806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f22ccbaeba9 code=0x7ffc0000
[  230.030153][T11863] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.040161][T13633] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  230.171773][T13659] __nla_validate_parse: 3 callbacks suppressed
[  230.171787][T13659] netlink: 204 bytes leftover after parsing attributes in process `syz.3.3812'.
[  230.187418][T13659] netlink: 'syz.3.3812': attribute type 1 has an invalid length.
[  230.195330][T13659] netlink: 'syz.3.3812': attribute type 3 has an invalid length.
[  230.203354][T13659] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3812'.
[  230.233320][T13659] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3812'.
[  230.258479][T13664] loop0: detected capacity change from 0 to 512
[  230.267904][T13664] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3814: bg 0: block 131: padding at end of block bitmap is not set
[  230.283988][T13664] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  230.293152][T13664] EXT4-fs (loop0): 1 truncate cleaned up
[  230.299910][T13664] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  230.349532][T12014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.424356][T13683] loop4: detected capacity change from 0 to 1024
[  230.432839][T13685] netlink: 204 bytes leftover after parsing attributes in process `syz.3.3825'.
[  230.441997][T13685] netlink: 'syz.3.3825': attribute type 1 has an invalid length.
[  230.448597][T13683] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  230.449736][T13685] netlink: 'syz.3.3825': attribute type 3 has an invalid length.
[  230.466225][T13685] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3825'.
[  230.475427][T13685] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3825'.
[  230.493343][T13683] syzkaller1: entered promiscuous mode
[  230.499063][T13683] syzkaller1: entered allmulticast mode
[  230.543436][T13693] loop1: detected capacity change from 0 to 128
[  230.551629][T13693] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  230.564937][T13693] ext4 filesystem being mounted at /156/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  230.607914][T11638] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  230.626563][T13698] FAULT_INJECTION: forcing a failure.
[  230.626563][T13698] name failslab, interval 1, probability 0, space 0, times 0
[  230.639375][T13698] CPU: 1 UID: 0 PID: 13698 Comm: syz.3.3830 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  230.639420][T13698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  230.639435][T13698] Call Trace:
[  230.639444][T13698]  <TASK>
[  230.639453][T13698]  __dump_stack+0x1d/0x30
[  230.639523][T13698]  dump_stack_lvl+0xe8/0x140
[  230.639547][T13698]  dump_stack+0x15/0x1b
[  230.639566][T13698]  should_fail_ex+0x265/0x280
[  230.639595][T13698]  should_failslab+0x8c/0xb0
[  230.639630][T13698]  kmem_cache_alloc_noprof+0x50/0x310
[  230.639729][T13698]  ? getname_flags+0x80/0x3b0
[  230.639763][T13698]  getname_flags+0x80/0x3b0
[  230.639834][T13698]  user_path_at+0x28/0x130
[  230.639872][T13698]  do_sys_truncate+0x5c/0x130
[  230.639902][T13698]  __x64_sys_truncate+0x31/0x40
[  230.640006][T13698]  x64_sys_call+0x1a2f/0x2ff0
[  230.640099][T13698]  do_syscall_64+0xd2/0x200
[  230.640137][T13698]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  230.640185][T13698]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  230.640219][T13698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.640243][T13698] RIP: 0033:0x7f4af0e5eba9
[  230.640261][T13698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.640363][T13698] RSP: 002b:00007f4aef8c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[  230.640386][T13698] RAX: ffffffffffffffda RBX: 00007f4af10a5fa0 RCX: 00007f4af0e5eba9
[  230.640402][T13698] RDX: 0000000000000000 RSI: 000000000008fff5 RDI: 0000200000000180
[  230.640417][T13698] RBP: 00007f4aef8c7090 R08: 0000000000000000 R09: 0000000000000000
[  230.640432][T13698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  230.640501][T13698] R13: 00007f4af10a6038 R14: 00007f4af10a5fa0 R15: 00007fffe9777128
[  230.640568][T13698]  </TASK>
[  230.874794][T13696] loop4: detected capacity change from 0 to 1024
[  230.882598][T13696] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  230.893987][T13696] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  230.902044][T13696] EXT4-fs (loop4): orphan cleanup on readonly fs
[  230.909417][T13696] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  230.924079][T13696] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  230.932666][T13696] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.3823: Freeing blocks not in datazone - block = 0, count = 4096
[  230.946671][T13696] EXT4-fs (loop4): 1 orphan inode deleted
[  230.953004][T13696] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  231.214098][T10775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.560088][T13721] netlink: 'syz.0.3834': attribute type 1 has an invalid length.
[  231.575018][T13721] 8021q: adding VLAN 0 to HW filter on device bond4
[  231.638865][T12014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.748384][T13742] loop4: detected capacity change from 0 to 164
[  231.937919][T13753] loop0: detected capacity change from 0 to 1024
[  231.972909][T13754] loop4: detected capacity change from 0 to 1024
[  231.980145][T13753] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  231.996919][T13762] loop3: detected capacity change from 0 to 128
[  232.007612][T13762] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  232.007714][T13754] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  232.026321][T13753] syzkaller1: entered promiscuous mode
[  232.037397][T13753] syzkaller1: entered allmulticast mode
[  232.063836][T13760] loop1: detected capacity change from 0 to 2048
[  232.075353][T13762] ext4 filesystem being mounted at /140/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  232.076824][T13760] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  232.218052][T12014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.257512][T11638] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.271577][T13762] Falling back ldisc for ttyS3.
[  232.337013][T13777] loop0: detected capacity change from 0 to 1024
[  232.388373][T13777] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  232.474603][T13777] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  232.482881][T13777] EXT4-fs (loop0): orphan cleanup on readonly fs
[  232.490752][T13777] EXT4-fs warning (device loop0): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  232.505535][T13777] EXT4-fs (loop0): Cannot turn on quotas: error -117
[  232.516051][T13777] EXT4-fs error (device loop0): ext4_free_blocks:6696: comm syz.0.3852: Freeing blocks not in datazone - block = 0, count = 4096
[  232.529833][T13777] EXT4-fs (loop0): 1 orphan inode deleted
[  232.710698][T13780] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=13780 comm=syz.2.3860
[  232.967872][T13790] netlink: 'syz.4.3864': attribute type 1 has an invalid length.
[  233.025763][T13790] 8021q: adding VLAN 0 to HW filter on device bond3
[  233.082034][T13802] loop0: detected capacity change from 0 to 1024
[  233.089657][T13802] EXT4-fs: dax option not supported
[  233.100131][T13800] loop1: detected capacity change from 0 to 512
[  233.134479][T13800] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  233.160117][T13800] EXT4-fs (loop1): mount failed
[  233.178279][T13800] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=13800 comm=syz.1.3866
[  233.266350][T13828] netlink: 'syz.2.3880': attribute type 1 has an invalid length.
[  233.276155][T13826] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3879'.
[  233.318536][T13832] netlink: 204 bytes leftover after parsing attributes in process `syz.3.3881'.
[  233.327743][T13832] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3881'.
[  233.340017][T13828] 8021q: adding VLAN 0 to HW filter on device bond1
[  233.352660][T13832] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3881'.
[  233.389858][T13835] loop1: detected capacity change from 0 to 1024
[  233.541177][T13857] hub 9-0:1.0: USB hub found
[  233.545969][T13857] hub 9-0:1.0: 8 ports detected
[  233.585064][T13862] FAULT_INJECTION: forcing a failure.
[  233.585064][T13862] name failslab, interval 1, probability 0, space 0, times 0
[  233.597844][T13862] CPU: 0 UID: 0 PID: 13862 Comm: syz.1.3892 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  233.597880][T13862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  233.597897][T13862] Call Trace:
[  233.597906][T13862]  <TASK>
[  233.597916][T13862]  __dump_stack+0x1d/0x30
[  233.597943][T13862]  dump_stack_lvl+0xe8/0x140
[  233.598031][T13862]  dump_stack+0x15/0x1b
[  233.598054][T13862]  should_fail_ex+0x265/0x280
[  233.598106][T13862]  should_failslab+0x8c/0xb0
[  233.598139][T13862]  kmem_cache_alloc_noprof+0x50/0x310
[  233.598175][T13862]  ? audit_log_start+0x365/0x6c0
[  233.598225][T13862]  audit_log_start+0x365/0x6c0
[  233.598281][T13862]  audit_seccomp+0x48/0x100
[  233.598367][T13862]  ? __seccomp_filter+0x68c/0x10d0
[  233.598404][T13862]  __seccomp_filter+0x69d/0x10d0
[  233.598433][T13862]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  233.598479][T13862]  ? vfs_write+0x7e8/0x960
[  233.598539][T13862]  ? __rcu_read_unlock+0x4f/0x70
[  233.598567][T13862]  ? __fget_files+0x184/0x1c0
[  233.598602][T13862]  __secure_computing+0x82/0x150
[  233.598670][T13862]  syscall_trace_enter+0xcf/0x1e0
[  233.598697][T13862]  do_syscall_64+0xac/0x200
[  233.598738][T13862]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  233.598769][T13862]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  233.598823][T13862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.598852][T13862] RIP: 0033:0x7f9ba7daeba9
[  233.598871][T13862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.598893][T13862] RSP: 002b:00007f9ba6817038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c7
[  233.598954][T13862] RAX: ffffffffffffffda RBX: 00007f9ba7ff5fa0 RCX: 00007f9ba7daeba9
[  233.598971][T13862] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000005
[  233.598983][T13862] RBP: 00007f9ba6817090 R08: 0000000000000000 R09: 0000000000000000
[  233.598995][T13862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.599007][T13862] R13: 00007f9ba7ff6038 R14: 00007f9ba7ff5fa0 R15: 00007ffe79f89ea8
[  233.599032][T13862]  </TASK>
[  233.815807][T13864] netlink: 'syz.4.3893': attribute type 1 has an invalid length.
[  233.831843][T13864] 8021q: adding VLAN 0 to HW filter on device bond4
[  234.052578][T13891] netlink: 'syz.0.3906': attribute type 1 has an invalid length.
[  234.069775][T13891] 8021q: adding VLAN 0 to HW filter on device bond5
[  234.090776][T13898] loop1: detected capacity change from 0 to 1024
[  234.103395][T13898] EXT4-fs: dax option not supported
[  234.123306][T13900] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.213932][T13900] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.283694][T13900] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.313440][   T29] kauditd_printk_skb: 266 callbacks suppressed
[  234.313457][   T29] audit: type=1400 audit(1758154777.266:10359): avc:  denied  { ioctl } for  pid=13912 comm="syz.2.3916" path="socket:[44790]" dev="sockfs" ino=44790 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  234.361610][T13900] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.414745][   T31] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  234.452435][   T31] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  234.459396][T13923] netlink: 'syz.2.3921': attribute type 1 has an invalid length.
[  234.475806][T13923] 8021q: adding VLAN 0 to HW filter on device bond2
[  234.484856][   T31] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  234.506603][   T31] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  234.527002][   T29] audit: type=1326 audit(1758154777.487:10360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13929 comm="syz.2.3924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ccbaeba9 code=0x7ffc0000
[  234.550804][   T29] audit: type=1326 audit(1758154777.487:10361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13929 comm="syz.2.3924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ccbaeba9 code=0x7ffc0000
[  234.551699][T13928] loop0: detected capacity change from 0 to 512
[  234.581667][   T29] audit: type=1326 audit(1758154777.550:10362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13929 comm="syz.2.3924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f22ccbaeba9 code=0x7ffc0000
[  234.605445][   T29] audit: type=1326 audit(1758154777.550:10363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13929 comm="syz.2.3924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ccbaeba9 code=0x7ffc0000
[  234.629185][   T29] audit: type=1326 audit(1758154777.550:10364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13929 comm="syz.2.3924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ccbaeba9 code=0x7ffc0000
[  234.644858][T13928] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3923: bg 0: block 131: padding at end of block bitmap is not set
[  234.653189][   T29] audit: type=1326 audit(1758154777.550:10365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13929 comm="syz.2.3924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=310 compat=0 ip=0x7f22ccbaeba9 code=0x7ffc0000
[  234.653226][   T29] audit: type=1326 audit(1758154777.550:10366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13929 comm="syz.2.3924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ccbaeba9 code=0x7ffc0000
[  234.668967][T13928] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  234.727472][T13928] EXT4-fs (loop0): 1 truncate cleaned up
[  234.742216][   T29] audit: type=1326 audit(1758154777.719:10367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13927 comm="syz.0.3923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c145eba9 code=0x7ffc0000
[  234.766065][   T29] audit: type=1326 audit(1758154777.719:10368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13927 comm="syz.0.3923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c145eba9 code=0x7ffc0000
[  234.869103][T13946] IPv6: Can't replace route, no match found
[  234.905313][T13950] smc: net device bond0 applied user defined pnetid SYZ0
[  234.915570][T13950] smc: net device bond0 erased user defined pnetid SYZ0
[  234.924453][T13950] __nla_validate_parse: 4 callbacks suppressed
[  234.924479][T13950] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3932'.
[  235.064953][T13964] loop0: detected capacity change from 0 to 1024
[  235.071763][T13964] EXT4-fs: dax option not supported
[  235.090853][T13966] netlink: 'syz.4.3940': attribute type 30 has an invalid length.
[  235.278711][T13978] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  235.288453][T13978] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  235.298368][T13978] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  235.308227][T13978] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  235.318159][T13978] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  235.327969][T13978] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  235.337753][T13978] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  235.347545][T13978] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  235.357333][T13978] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  235.367043][T13978] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  235.376846][T13978] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  235.850989][T14023] netlink: 204 bytes leftover after parsing attributes in process `syz.1.3957'.
[  235.860274][T14023] netlink: 72 bytes leftover after parsing attributes in process `syz.1.3957'.
[  235.869679][T14023] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3957'.
[  235.970625][T14037] loop0: detected capacity change from 0 to 1024
[  236.157857][T14058] loop1: detected capacity change from 0 to 128
[  236.166561][T14058] ext4 filesystem being mounted at /183/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  236.302403][T14082] IPv6: Can't replace route, no match found
[  236.356154][T14089] loop3: detected capacity change from 0 to 512
[  236.414797][T14095] smc: net device bond0 applied user defined pnetid SYZ0
[  236.437437][T14095] smc: net device bond0 erased user defined pnetid SYZ0
[  236.502919][T14095] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3970'.
[  236.773070][T14143] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3977'.
[  236.812373][T14145] loop3: detected capacity change from 0 to 512
[  236.962645][T14156] smc: net device bond0 applied user defined pnetid SYZ0
[  236.976917][T14156] smc: net device bond0 erased user defined pnetid SYZ0
[  236.993014][T14156] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3982'.
[  237.059158][T14161] loop0: detected capacity change from 0 to 128
[  237.088653][T14161] ext4 filesystem being mounted at /262/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  237.128254][T14169] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3988'.
[  237.203162][T14173] hub 9-0:1.0: USB hub found
[  237.211781][T14174] loop4: detected capacity change from 0 to 512
[  237.218897][T14173] hub 9-0:1.0: 8 ports detected
[  237.249784][T14178] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3991'.
[  237.259355][T14174] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  237.277754][T14174] EXT4-fs (loop4): orphan cleanup on readonly fs
[  237.310117][T14174] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.3989: corrupted inode contents
[  237.339319][T14186] netlink: 204 bytes leftover after parsing attributes in process `syz.1.3995'.
[  237.348400][T14174] EXT4-fs (loop4): Remounting filesystem read-only
[  237.348603][T14174] EXT4-fs (loop4): 1 truncate cleaned up
[  237.363943][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  237.374547][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  237.430878][T14192] smc: net device bond0 applied user defined pnetid SYZ0
[  237.439684][   T12] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  237.451595][T14192] smc: net device bond0 erased user defined pnetid SYZ0
[  237.522814][T14200] IPv6: Can't replace route, no match found
[  237.664919][T14217] smc: net device bond0 applied user defined pnetid SYZ0
[  237.692364][T14217] smc: net device bond0 erased user defined pnetid SYZ0
[  237.748134][T14223] loop3: detected capacity change from 0 to 1024
[  237.778881][T14228] netlink: 'syz.2.4015': attribute type 1 has an invalid length.
[  237.849587][T14228] 8021q: adding VLAN 0 to HW filter on device bond3
[  238.571773][T14250] netlink: 'syz.0.4021': attribute type 1 has an invalid length.
[  238.579740][T14250] netlink: 'syz.0.4021': attribute type 3 has an invalid length.
[  238.597202][T14248] loop3: detected capacity change from 0 to 2048
[  238.823354][T14280] FAULT_INJECTION: forcing a failure.
[  238.823354][T14280] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  238.836602][T14280] CPU: 1 UID: 0 PID: 14280 Comm: syz.0.4032 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  238.836633][T14280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  238.836651][T14280] Call Trace:
[  238.836660][T14280]  <TASK>
[  238.836668][T14280]  __dump_stack+0x1d/0x30
[  238.836689][T14280]  dump_stack_lvl+0xe8/0x140
[  238.836709][T14280]  dump_stack+0x15/0x1b
[  238.836763][T14280]  should_fail_ex+0x265/0x280
[  238.836796][T14280]  should_fail+0xb/0x20
[  238.836823][T14280]  should_fail_usercopy+0x1a/0x20
[  238.836885][T14280]  _copy_from_user+0x1c/0xb0
[  238.837075][T14280]  kstrtouint_from_user+0x69/0xf0
[  238.837103][T14280]  ? 0xffffffff81000000
[  238.837116][T14280]  ? selinux_file_permission+0x1e4/0x320
[  238.837184][T14280]  proc_fail_nth_write+0x50/0x160
[  238.837212][T14280]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  238.837248][T14280]  vfs_write+0x269/0x960
[  238.837276][T14280]  ? vfs_read+0x4e6/0x770
[  238.837324][T14280]  ? __rcu_read_unlock+0x4f/0x70
[  238.837347][T14280]  ? __fget_files+0x184/0x1c0
[  238.837430][T14280]  ksys_write+0xda/0x1a0
[  238.837460][T14280]  __x64_sys_write+0x40/0x50
[  238.837483][T14280]  x64_sys_call+0x27fe/0x2ff0
[  238.837505][T14280]  do_syscall_64+0xd2/0x200
[  238.837580][T14280]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  238.837741][T14280]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  238.837857][T14280]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.837914][T14280] RIP: 0033:0x7fd2c145d65f
[  238.837932][T14280] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  238.837950][T14280] RSP: 002b:00007fd2bfea6030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  238.838012][T14280] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd2c145d65f
[  238.838029][T14280] RDX: 0000000000000001 RSI: 00007fd2bfea60a0 RDI: 0000000000000003
[  238.838043][T14280] RBP: 00007fd2bfea6090 R08: 0000000000000000 R09: 0000000000000000
[  238.838056][T14280] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  238.838092][T14280] R13: 00007fd2c16a6128 R14: 00007fd2c16a6090 R15: 00007ffcd5343008
[  238.838117][T14280]  </TASK>
[  239.068930][T14282] loop3: detected capacity change from 0 to 512
[  239.140845][   T29] kauditd_printk_skb: 166 callbacks suppressed
[  239.140864][   T29] audit: type=1400 audit(1758154782.316:10529): avc:  denied  { connect } for  pid=14283 comm="syz.0.4035" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  239.144031][T14282] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4034: bg 0: block 131: padding at end of block bitmap is not set
[  239.173395][T14289] loop1: detected capacity change from 0 to 128
[  239.189861][T14282] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  239.199471][T14282] EXT4-fs (loop3): 1 truncate cleaned up
[  239.208769][T14289] ext4 filesystem being mounted at /195/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  239.221076][T14287] loop0: detected capacity change from 0 to 8192
[  239.232891][   T29] audit: type=1326 audit(1758154782.464:10530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14281 comm="syz.3.4034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4af0e5eba9 code=0x7ffc0000
[  239.256609][   T29] audit: type=1326 audit(1758154782.464:10531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14281 comm="syz.3.4034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4af0e5eba9 code=0x7ffc0000
[  239.280414][   T29] audit: type=1326 audit(1758154782.464:10532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14281 comm="syz.3.4034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4af0e5eba9 code=0x7ffc0000
[  239.304128][   T29] audit: type=1326 audit(1758154782.464:10533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14281 comm="syz.3.4034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4af0e5eba9 code=0x7ffc0000
[  239.327840][   T29] audit: type=1326 audit(1758154782.464:10534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14281 comm="syz.3.4034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f4af0e5eba9 code=0x7ffc0000
[  239.351604][   T29] audit: type=1326 audit(1758154782.464:10535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14281 comm="syz.3.4034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4af0e5eba9 code=0x7ffc0000
[  239.375279][   T29] audit: type=1326 audit(1758154782.464:10536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14281 comm="syz.3.4034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f4af0e5eba9 code=0x7ffc0000
[  239.398888][   T29] audit: type=1326 audit(1758154782.464:10537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14281 comm="syz.3.4034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4af0e5eba9 code=0x7ffc0000
[  239.422887][   T29] audit: type=1326 audit(1758154782.464:10538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14281 comm="syz.3.4034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4af0e5eba9 code=0x7ffc0000
[  239.489042][T14289] Falling back ldisc for ttyS3.
[  239.559311][T14303] loop1: detected capacity change from 0 to 512
[  239.567345][T14303] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4041: bg 0: block 131: padding at end of block bitmap is not set
[  239.583420][T14303] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  239.592655][T14303] EXT4-fs (loop1): 1 truncate cleaned up
[  239.881651][T14322] loop0: detected capacity change from 0 to 1024
[  239.894342][T14322] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  239.911725][T14322] syzkaller1: entered promiscuous mode
[  239.917305][T14322] syzkaller1: entered allmulticast mode
[  240.110948][T14329] __nla_validate_parse: 13 callbacks suppressed
[  240.111003][T14329] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4051'.
[  240.136682][T14330] loop0: detected capacity change from 0 to 1024
[  240.144995][T14330] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  240.221876][T14330] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  240.230246][T14330] EXT4-fs (loop0): orphan cleanup on readonly fs
[  240.238232][T14330] EXT4-fs warning (device loop0): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  240.252965][T14330] EXT4-fs (loop0): Cannot turn on quotas: error -117
[  240.260902][T14330] EXT4-fs error (device loop0): ext4_free_blocks:6696: comm syz.0.4049: Freeing blocks not in datazone - block = 0, count = 4096
[  240.275631][T14330] EXT4-fs (loop0): 1 orphan inode deleted
[  240.368347][T14333] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4052'.
[  240.439838][T14334] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4052'.
[  240.448848][T14334] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4052'.
[  240.476798][T14333] 9pnet_fd: p9_fd_create_tcp (14333): problem connecting socket to 127.0.0.1
[  240.574398][T14338] loop1: detected capacity change from 0 to 2048
[  240.588911][T14341] loop4: detected capacity change from 0 to 128
[  240.601375][T14341] ext4 filesystem being mounted at /160/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.642749][T14347] FAULT_INJECTION: forcing a failure.
[  240.642749][T14347] name failslab, interval 1, probability 0, space 0, times 0
[  240.655708][T14347] CPU: 0 UID: 0 PID: 14347 Comm: syz.1.4056 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  240.655738][T14347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  240.655761][T14347] Call Trace:
[  240.655770][T14347]  <TASK>
[  240.655779][T14347]  __dump_stack+0x1d/0x30
[  240.655871][T14347]  dump_stack_lvl+0xe8/0x140
[  240.655891][T14347]  dump_stack+0x15/0x1b
[  240.655913][T14347]  should_fail_ex+0x265/0x280
[  240.655950][T14347]  should_failslab+0x8c/0xb0
[  240.656042][T14347]  kmem_cache_alloc_noprof+0x50/0x310
[  240.656080][T14347]  ? getname_flags+0x80/0x3b0
[  240.656119][T14347]  getname_flags+0x80/0x3b0
[  240.656217][T14347]  user_path_at+0x28/0x130
[  240.656308][T14347]  do_sys_truncate+0x5c/0x130
[  240.656341][T14347]  __x64_sys_truncate+0x31/0x40
[  240.656380][T14347]  x64_sys_call+0x1a2f/0x2ff0
[  240.656421][T14347]  do_syscall_64+0xd2/0x200
[  240.656455][T14347]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  240.656483][T14347]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  240.656562][T14347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.656629][T14347] RIP: 0033:0x7f9ba7daeba9
[  240.656645][T14347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.656666][T14347] RSP: 002b:00007f9ba6817038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[  240.656690][T14347] RAX: ffffffffffffffda RBX: 00007f9ba7ff5fa0 RCX: 00007f9ba7daeba9
[  240.656703][T14347] RDX: 0000000000000000 RSI: 000000000008fff5 RDI: 0000200000000180
[  240.656716][T14347] RBP: 00007f9ba6817090 R08: 0000000000000000 R09: 0000000000000000
[  240.656755][T14347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  240.656812][T14347] R13: 00007f9ba7ff6038 R14: 00007f9ba7ff5fa0 R15: 00007ffe79f89ea8
[  240.656832][T14347]  </TASK>
[  241.075839][T14377] loop4: detected capacity change from 0 to 128
[  241.084734][T14377] ext4 filesystem being mounted at /165/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  241.086645][T14370] loop1: detected capacity change from 0 to 2048
[  241.211187][T14393] loop1: detected capacity change from 0 to 2048
[  241.258260][T14393]  loop1: p1 < > p4
[  241.264704][T14393] loop1: p4 size 8388608 extends beyond EOD, truncated
[  241.768412][T14419] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4085'.
[  241.777661][T14413] loop4: detected capacity change from 0 to 2048
[  241.827671][T14415] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.866326][T14415] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.886044][T14426] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.912179][T14415] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.919613][T14434] netlink: 204 bytes leftover after parsing attributes in process `syz.3.4091'.
[  241.931682][T14434] netlink: 'syz.3.4091': attribute type 1 has an invalid length.
[  241.939555][T14434] netlink: 'syz.3.4091': attribute type 3 has an invalid length.
[  241.947325][T14434] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4091'.
[  241.956641][T14434] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4091'.
[  242.022536][T14415] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.065804][T14426] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.101258][T14124] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  242.106012][T14447] loop3: detected capacity change from 0 to 512
[  242.127918][T14426] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.140478][T14447] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4096: bg 0: block 131: padding at end of block bitmap is not set
[  242.160111][T14447] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  242.170198][T14124] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  242.181211][T14447] EXT4-fs (loop3): 1 truncate cleaned up
[  242.197754][T14426] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.222030][T14124] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  242.240474][T14124] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  242.262493][T14124] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  242.282118][  T148] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  242.334756][T14463] loop0: detected capacity change from 0 to 1024
[  242.388471][  T148] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  242.396831][  T148] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  242.613423][T14470] loop1: detected capacity change from 0 to 1024
[  242.683333][T14475] loop4: detected capacity change from 0 to 128
[  242.714595][T14475] ext4 filesystem being mounted at /173/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  242.955543][T14493] loop3: detected capacity change from 0 to 128
[  242.964992][T14493] ext4 filesystem being mounted at /172/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  243.547449][T14503] loop4: detected capacity change from 0 to 1024
[  243.613793][T14509] netlink: 'syz.2.4118': attribute type 1 has an invalid length.
[  243.715853][T14509] 8021q: adding VLAN 0 to HW filter on device bond4
[  243.826717][T14519] loop1: detected capacity change from 0 to 128
[  243.835131][T14493] Falling back ldisc for ttyS3.
[  243.839999][T14519] ext4 filesystem being mounted at /216/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  243.894856][T14526] loop3: detected capacity change from 0 to 512
[  243.919697][T14519] Falling back ldisc for ttyS3.
[  243.942940][   T29] kauditd_printk_skb: 557 callbacks suppressed
[  243.942958][   T29] audit: type=1326 audit(1758154787.417:11095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14523 comm="syz.4.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2deee5eba9 code=0x7ffc0000
[  243.975317][   T29] audit: type=1326 audit(1758154787.460:11096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14523 comm="syz.4.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f2deee5eba9 code=0x7ffc0000
[  243.999033][   T29] audit: type=1326 audit(1758154787.460:11097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14523 comm="syz.4.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2deee5eba9 code=0x7ffc0000
[  244.022749][   T29] audit: type=1326 audit(1758154787.460:11098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14523 comm="syz.4.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2deee5eba9 code=0x7ffc0000
[  244.046407][   T29] audit: type=1326 audit(1758154787.460:11099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14523 comm="syz.4.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2deee5eba9 code=0x7ffc0000
[  244.070006][   T29] audit: type=1326 audit(1758154787.460:11100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14523 comm="syz.4.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2deee5eba9 code=0x7ffc0000
[  244.093723][   T29] audit: type=1326 audit(1758154787.460:11101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14523 comm="syz.4.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f2deee5eba9 code=0x7ffc0000
[  244.117331][   T29] audit: type=1326 audit(1758154787.460:11102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14523 comm="syz.4.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2deee5eba9 code=0x7ffc0000
[  244.140943][   T29] audit: type=1326 audit(1758154787.460:11103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14523 comm="syz.4.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2deee5eba9 code=0x7ffc0000
[  244.164709][   T29] audit: type=1326 audit(1758154787.460:11104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14523 comm="syz.4.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2deee5eba9 code=0x7ffc0000
[  244.194057][T14524] 9pnet_virtio: no channels available for device syz
[  244.257837][T14545] loop3: detected capacity change from 0 to 128
[  244.286443][T14545] ext4 filesystem being mounted at /174/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  244.346961][T14545] Falling back ldisc for ttyS3.
[  244.353290][T14557] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4135'.
[  244.401532][T14562] loop0: detected capacity change from 0 to 1024
[  244.528733][T14569] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4138'.
[  244.577376][T14575] loop0: detected capacity change from 0 to 512
[  244.701260][T14584] bridge0: entered promiscuous mode
[  244.706966][T14584] macvtap1: entered allmulticast mode
[  244.712479][T14584] bridge0: entered allmulticast mode
[  244.719910][T14584] bridge0: port 3(macvtap1) entered blocking state
[  244.726746][T14584] bridge0: port 3(macvtap1) entered disabled state
[  244.736015][T14584] bridge0: left allmulticast mode
[  244.741090][T14584] bridge0: left promiscuous mode
[  244.791612][T14586] loop0: detected capacity change from 0 to 1024
[  244.932888][T14596] __nla_validate_parse: 4 callbacks suppressed
[  244.932902][T14596] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4148'.
[  244.997270][T14603] wireguard0: entered promiscuous mode
[  245.002833][T14603] wireguard0: entered allmulticast mode
[  245.019978][T14607] netlink: 204 bytes leftover after parsing attributes in process `syz.0.4153'.
[  245.029152][T14607] netlink: 72 bytes leftover after parsing attributes in process `syz.0.4153'.
[  245.038259][T14607] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4153'.
[  245.051448][T14608] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4151'.
[  245.061593][T14608] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4151'.
[  245.154535][T14614] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14614 comm=syz.4.4156
[  245.187533][T14621] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4151'.
[  245.225519][T14621] IPVS: Error joining to the multicast group
[  245.246274][T14623] loop4: detected capacity change from 0 to 2048
[  245.326521][T14629] loop1: detected capacity change from 0 to 1024
[  245.470235][T14643] netlink: 204 bytes leftover after parsing attributes in process `syz.3.4164'.
[  245.479374][T14643] netlink: 72 bytes leftover after parsing attributes in process `syz.3.4164'.
[  245.490459][T14643] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4164'.
[  245.560768][T14650] FAULT_INJECTION: forcing a failure.
[  245.560768][T14650] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  245.573950][T14650] CPU: 0 UID: 0 PID: 14650 Comm: syz.3.4166 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  245.573984][T14650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  245.574041][T14650] Call Trace:
[  245.574050][T14650]  <TASK>
[  245.574060][T14650]  __dump_stack+0x1d/0x30
[  245.574088][T14650]  dump_stack_lvl+0xe8/0x140
[  245.574183][T14650]  dump_stack+0x15/0x1b
[  245.574257][T14650]  should_fail_ex+0x265/0x280
[  245.574284][T14650]  should_fail+0xb/0x20
[  245.574306][T14650]  should_fail_usercopy+0x1a/0x20
[  245.574343][T14650]  _copy_from_user+0x1c/0xb0
[  245.574385][T14650]  memdup_user+0x5e/0xd0
[  245.574420][T14650]  strndup_user+0x68/0xb0
[  245.574517][T14650]  __se_sys_mount+0x4d/0x2e0
[  245.574554][T14650]  ? fput+0x8f/0xc0
[  245.574590][T14650]  ? ksys_write+0x192/0x1a0
[  245.574675][T14650]  __x64_sys_mount+0x67/0x80
[  245.574702][T14650]  x64_sys_call+0x2b4d/0x2ff0
[  245.574731][T14650]  do_syscall_64+0xd2/0x200
[  245.574770][T14650]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  245.574842][T14650]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  245.574881][T14650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.574931][T14650] RIP: 0033:0x7f4af0e5eba9
[  245.574951][T14650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.574974][T14650] RSP: 002b:00007f4aef8c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  245.574999][T14650] RAX: ffffffffffffffda RBX: 00007f4af10a5fa0 RCX: 00007f4af0e5eba9
[  245.575016][T14650] RDX: 0000200000000300 RSI: 0000200000000200 RDI: 0000000000000000
[  245.575032][T14650] RBP: 00007f4aef8c7090 R08: 0000200000000440 R09: 0000000000000000
[  245.575049][T14650] R10: 0000000000008800 R11: 0000000000000246 R12: 0000000000000001
[  245.575132][T14650] R13: 00007f4af10a6038 R14: 00007f4af10a5fa0 R15: 00007fffe9777128
[  245.575154][T14650]  </TASK>
[  245.579501][T14656] IPv6: Can't replace route, no match found
[  245.642479][T14655] loop4: detected capacity change from 0 to 2048
[  246.576204][T14686] loop4: detected capacity change from 0 to 1024
[  246.617293][T14692] loop3: detected capacity change from 0 to 512
[  246.630353][T14691] loop1: detected capacity change from 0 to 512
[  246.645466][T14691] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4181: bg 0: block 131: padding at end of block bitmap is not set
[  246.673124][T14691] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  246.709371][T14691] EXT4-fs (loop1): 1 truncate cleaned up
[  246.769202][T14697] loop0: detected capacity change from 0 to 1024
[  246.795176][T14697] EXT4-fs: dax option not supported
[  246.871896][T14705] loop4: detected capacity change from 0 to 1024
[  246.878960][T14705] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  246.904647][T14705] syzkaller1: entered promiscuous mode
[  246.910415][T14705] syzkaller1: entered allmulticast mode
[  247.092353][T14709] loop4: detected capacity change from 0 to 1024
[  247.099384][T14709] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  247.110529][T14709] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  247.118734][T14709] EXT4-fs (loop4): orphan cleanup on readonly fs
[  247.125435][T14709] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  247.140141][T14709] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  247.147176][T14709] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.4187: Freeing blocks not in datazone - block = 0, count = 4096
[  247.161055][T14709] EXT4-fs (loop4): 1 orphan inode deleted
[  247.169636][T14709] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.4187: iget: bad extended attribute block 6
[  247.438675][T14714] loop3: detected capacity change from 0 to 512
[  247.464566][T14712] loop1: detected capacity change from 0 to 2048
[  247.557522][T11638] EXT4-fs unmount: 80 callbacks suppressed
[  247.557596][T11638] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.602769][T14725] IPv6: Can't replace route, no match found
[  247.743473][T14731] loop1: detected capacity change from 0 to 512
[  247.774644][T14731] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  247.810535][T14731] EXT4-fs (loop1): mount failed
[  247.830520][T14731] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=14731 comm=syz.1.4195
[  247.907417][T12014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.292135][T11863] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.569235][T14761] loop3: detected capacity change from 0 to 128
[  248.586675][T14761] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  248.599942][T14761] ext4 filesystem being mounted at /187/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  248.665387][T14761] Falling back ldisc for ttyS3.
[  248.693553][   T29] kauditd_printk_skb: 298 callbacks suppressed
[  248.693571][   T29] audit: type=1326 audit(1758154792.422:11401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14765 comm="syz.0.4209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c145eba9 code=0x50000
[  248.723266][   T29] audit: type=1326 audit(1758154792.422:11402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14765 comm="syz.0.4209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c145eba9 code=0x50000
[  248.746655][   T29] audit: type=1326 audit(1758154792.422:11403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14765 comm="syz.0.4209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c145eba9 code=0x50000
[  248.770194][   T29] audit: type=1326 audit(1758154792.422:11404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14765 comm="syz.0.4209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c145eba9 code=0x50000
[  248.793526][   T29] audit: type=1326 audit(1758154792.422:11405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14765 comm="syz.0.4209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c145eba9 code=0x50000
[  248.817399][   T29] audit: type=1326 audit(1758154792.422:11406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14765 comm="syz.0.4209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c145eba9 code=0x50000
[  248.840832][   T29] audit: type=1326 audit(1758154792.422:11407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14765 comm="syz.0.4209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c145eba9 code=0x50000
[  248.864277][   T29] audit: type=1326 audit(1758154792.422:11408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14765 comm="syz.0.4209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c145eba9 code=0x50000
[  248.887793][   T29] audit: type=1326 audit(1758154792.422:11409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14765 comm="syz.0.4209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c145eba9 code=0x50000
[  248.911234][   T29] audit: type=1326 audit(1758154792.422:11410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14765 comm="syz.0.4209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c145eba9 code=0x50000
[  248.947200][T11863] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  248.992687][T14769] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=14769 comm=syz.2.4210
[  249.005683][T14773] loop1: detected capacity change from 0 to 1024
[  249.017993][T14773] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  249.095175][T11638] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.129509][T14781] FAULT_INJECTION: forcing a failure.
[  249.129509][T14781] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  249.142699][T14781] CPU: 0 UID: 0 PID: 14781 Comm: syz.3.4216 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  249.142731][T14781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  249.142748][T14781] Call Trace:
[  249.142756][T14781]  <TASK>
[  249.142763][T14781]  __dump_stack+0x1d/0x30
[  249.142856][T14781]  dump_stack_lvl+0xe8/0x140
[  249.142876][T14781]  dump_stack+0x15/0x1b
[  249.142893][T14781]  should_fail_ex+0x265/0x280
[  249.142922][T14781]  should_fail+0xb/0x20
[  249.142981][T14781]  should_fail_usercopy+0x1a/0x20
[  249.143008][T14781]  strncpy_from_user+0x25/0x230
[  249.143052][T14781]  ? kmem_cache_alloc_noprof+0x186/0x310
[  249.143153][T14781]  ? getname_flags+0x80/0x3b0
[  249.143192][T14781]  getname_flags+0xae/0x3b0
[  249.143230][T14781]  user_path_at+0x28/0x130
[  249.143273][T14781]  __x64_sys_umount+0x85/0xe0
[  249.143314][T14781]  x64_sys_call+0xdd2/0x2ff0
[  249.143343][T14781]  do_syscall_64+0xd2/0x200
[  249.143382][T14781]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  249.143422][T14781]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  249.143458][T14781]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.143480][T14781] RIP: 0033:0x7f4af0e5eba9
[  249.143557][T14781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.143580][T14781] RSP: 002b:00007f4aef8c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  249.143674][T14781] RAX: ffffffffffffffda RBX: 00007f4af10a5fa0 RCX: 00007f4af0e5eba9
[  249.143692][T14781] RDX: 0000000000000000 RSI: 000000000000000a RDI: 00002000000003c0
[  249.143705][T14781] RBP: 00007f4aef8c7090 R08: 0000000000000000 R09: 0000000000000000
[  249.143717][T14781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  249.143730][T14781] R13: 00007f4af10a6038 R14: 00007f4af10a5fa0 R15: 00007fffe9777128
[  249.143755][T14781]  </TASK>
[  249.148532][T14758] syz.4.4206 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  249.347531][T14758] CPU: 0 UID: 0 PID: 14758 Comm: syz.4.4206 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  249.347574][T14758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  249.347590][T14758] Call Trace:
[  249.347599][T14758]  <TASK>
[  249.347608][T14758]  __dump_stack+0x1d/0x30
[  249.347635][T14758]  dump_stack_lvl+0xe8/0x140
[  249.347688][T14758]  dump_stack+0x15/0x1b
[  249.347763][T14758]  dump_header+0x81/0x220
[  249.347804][T14758]  oom_kill_process+0x342/0x400
[  249.347863][T14758]  out_of_memory+0x979/0xb80
[  249.347907][T14758]  try_charge_memcg+0x5e6/0x9e0
[  249.347956][T14758]  obj_cgroup_charge_pages+0xa6/0x150
[  249.348003][T14758]  __memcg_kmem_charge_page+0x9f/0x170
[  249.348200][T14758]  __alloc_frozen_pages_noprof+0x188/0x360
[  249.348249][T14758]  alloc_pages_mpol+0xb3/0x250
[  249.348294][T14758]  alloc_pages_noprof+0x90/0x130
[  249.348327][T14758]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  249.348403][T14758]  __kvmalloc_node_noprof+0x30f/0x4e0
[  249.348440][T14758]  ? ip_set_alloc+0x1f/0x30
[  249.348537][T14758]  ? ip_set_alloc+0x1f/0x30
[  249.348557][T14758]  ? hash_netiface_create+0x21b/0x740
[  249.348580][T14758]  ? __kmalloc_cache_noprof+0x189/0x320
[  249.348619][T14758]  ip_set_alloc+0x1f/0x30
[  249.348672][T14758]  hash_netiface_create+0x282/0x740
[  249.348699][T14758]  ? __pfx_hash_netiface_create+0x10/0x10
[  249.348725][T14758]  ip_set_create+0x3c9/0x960
[  249.348761][T14758]  ? __nla_parse+0x40/0x60
[  249.348830][T14758]  nfnetlink_rcv_msg+0x4c3/0x590
[  249.348871][T14758]  netlink_rcv_skb+0x123/0x220
[  249.348941][T14758]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  249.348969][T14758]  nfnetlink_rcv+0x16b/0x1690
[  249.348991][T14758]  ? nlmon_xmit+0x4f/0x60
[  249.349024][T14758]  ? consume_skb+0x49/0x150
[  249.349049][T14758]  ? nlmon_xmit+0x4f/0x60
[  249.349169][T14758]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  249.349201][T14758]  ? __dev_queue_xmit+0x1200/0x2000
[  249.349230][T14758]  ? __dev_queue_xmit+0x182/0x2000
[  249.349260][T14758]  ? ref_tracker_free+0x37d/0x3e0
[  249.349369][T14758]  ? __netlink_deliver_tap+0x4dc/0x500
[  249.349402][T14758]  netlink_unicast+0x5bd/0x690
[  249.349428][T14758]  netlink_sendmsg+0x58b/0x6b0
[  249.349458][T14758]  ? __pfx_netlink_sendmsg+0x10/0x10
[  249.349487][T14758]  __sock_sendmsg+0x145/0x180
[  249.349575][T14758]  ____sys_sendmsg+0x31e/0x4e0
[  249.349607][T14758]  ___sys_sendmsg+0x17b/0x1d0
[  249.349681][T14758]  __x64_sys_sendmsg+0xd4/0x160
[  249.349716][T14758]  x64_sys_call+0x191e/0x2ff0
[  249.349787][T14758]  do_syscall_64+0xd2/0x200
[  249.349823][T14758]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  249.349850][T14758]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  249.349953][T14758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.350048][T14758] RIP: 0033:0x7f2deee5eba9
[  249.350065][T14758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.350085][T14758] RSP: 002b:00007f2ded8bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  249.350105][T14758] RAX: ffffffffffffffda RBX: 00007f2def0a5fa0 RCX: 00007f2deee5eba9
[  249.350119][T14758] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  249.350133][T14758] RBP: 00007f2deeee1e19 R08: 0000000000000000 R09: 0000000000000000
[  249.350208][T14758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  249.350221][T14758] R13: 00007f2def0a6038 R14: 00007f2def0a5fa0 R15: 00007ffd6fe19958
[  249.350241][T14758]  </TASK>
[  249.685582][T14758] memory: usage 307200kB, limit 307200kB, failcnt 294
[  249.692613][T14758] memory+swap: usage 307388kB, limit 9007199254740988kB, failcnt 0
[  249.700668][T14758] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[  249.708075][T14758] Memory cgroup stats for /syz4:
[  249.708450][T14758] cache 0
[  249.716399][T14758] rss 0
[  249.719192][T14758] shmem 0
[  249.722218][T14758] mapped_file 0
[  249.725684][T14758] dirty 0
[  249.728662][T14758] writeback 0
[  249.732003][T14758] workingset_refault_anon 17
[  249.736602][T14758] workingset_refault_file 272
[  249.741329][T14758] swap 192512
[  249.744705][T14758] swapcached 0
[  249.748176][T14758] pgpgin 183344
[  249.751639][T14758] pgpgout 183344
[  249.755195][T14758] pgfault 229882
[  249.758784][T14758] pgmajfault 22
[  249.762245][T14758] inactive_anon 0
[  249.765884][T14758] active_anon 0
[  249.769391][T14758] inactive_file 0
[  249.773105][T14758] active_file 0
[  249.776603][T14758] unevictable 0
[  249.780151][T14758] hierarchical_memory_limit 314572800
[  249.785624][T14758] hierarchical_memsw_limit 9223372036854771712
[  249.791787][T14758] total_cache 0
[  249.795291][T14758] total_rss 0
[  249.798632][T14758] total_shmem 0
[  249.802101][T14758] total_mapped_file 0
[  249.806156][T14758] total_dirty 0
[  249.809636][T14758] total_writeback 0
[  249.813678][T14758] total_workingset_refault_anon 17
[  249.818900][T14758] total_workingset_refault_file 272
[  249.824189][T14758] total_swap 192512
[  249.828000][T14758] total_swapcached 0
[  249.832041][T14758] total_pgpgin 183344
[  249.836059][T14758] total_pgpgout 183344
[  249.840144][T14758] total_pgfault 229882
[  249.844242][T14758] total_pgmajfault 22
[  249.844252][T14758] total_inactive_anon 0
[  249.844260][T14758] total_active_anon 0
[  249.844339][T14758] total_inactive_file 0
[  249.844350][T14758] total_active_file 0
[  249.844359][T14758] total_unevictable 0
[  249.844370][T14758] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.4206,pid=14757,uid=0
[  249.844567][T14758] Memory cgroup out of memory: Killed process 14757 (syz.4.4206) total-vm:95940kB, anon-rss:1072kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  249.848319][T14789] IPv6: Can't replace route, no match found
[  250.199095][T14805] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=14805 comm=syz.2.4225
[  250.283191][T14810] __nla_validate_parse: 3 callbacks suppressed
[  250.283210][T14810] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4226'.
[  250.336446][T14811] loop3: detected capacity change from 0 to 1024
[  250.347418][T14813] 9pnet_fd: Insufficient options for proto=fd
[  250.375136][T14811] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  250.626702][T14838] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4238'.
[  250.718646][T11863] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.785893][T14854] FAULT_INJECTION: forcing a failure.
[  250.785893][T14854] name failslab, interval 1, probability 0, space 0, times 0
[  250.798770][T14854] CPU: 0 UID: 0 PID: 14854 Comm: syz.3.4246 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  250.798807][T14854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  250.798824][T14854] Call Trace:
[  250.798833][T14854]  <TASK>
[  250.798842][T14854]  __dump_stack+0x1d/0x30
[  250.798869][T14854]  dump_stack_lvl+0xe8/0x140
[  250.798891][T14854]  dump_stack+0x15/0x1b
[  250.798909][T14854]  should_fail_ex+0x265/0x280
[  250.798950][T14854]  should_failslab+0x8c/0xb0
[  250.798982][T14854]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  250.799017][T14854]  ? __d_alloc+0x3d/0x340
[  250.799113][T14854]  __d_alloc+0x3d/0x340
[  250.799142][T14854]  ? mpol_shared_policy_init+0xbd/0x4c0
[  250.799164][T14854]  d_alloc_pseudo+0x1e/0x80
[  250.799272][T14854]  alloc_file_pseudo+0x71/0x160
[  250.799335][T14854]  __shmem_file_setup+0x1de/0x210
[  250.799373][T14854]  shmem_file_setup+0x3b/0x50
[  250.799392][T14854]  __se_sys_memfd_create+0x2c3/0x590
[  250.799489][T14854]  __x64_sys_memfd_create+0x31/0x40
[  250.799517][T14854]  x64_sys_call+0x2abe/0x2ff0
[  250.799541][T14854]  do_syscall_64+0xd2/0x200
[  250.799646][T14854]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  250.799672][T14854]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  250.799757][T14854]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.799780][T14854] RIP: 0033:0x7f4af0e5eba9
[  250.799796][T14854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.799818][T14854] RSP: 002b:00007f4aef8c6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  250.799872][T14854] RAX: ffffffffffffffda RBX: 000000000000046b RCX: 00007f4af0e5eba9
[  250.799886][T14854] RDX: 00007f4aef8c6ef0 RSI: 0000000000000000 RDI: 00007f4af0ee27e8
[  250.799963][T14854] RBP: 00002000000009c0 R08: 00007f4aef8c6bb7 R09: 00007f4aef8c6e40
[  250.799977][T14854] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000080
[  250.799990][T14854] R13: 00007f4aef8c6ef0 R14: 00007f4aef8c6eb0 R15: 0000200000000180
[  250.800010][T14854]  </TASK>
[  251.010894][T14856] loop1: detected capacity change from 0 to 1024
[  251.019283][T14856] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  251.044246][T14856] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4247'.
[  251.058631][T14862] loop4: detected capacity change from 0 to 1024
[  251.067614][T14862] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  251.068386][T14856] syzkaller1: entered promiscuous mode
[  251.081811][T14856] syzkaller1: entered allmulticast mode
[  251.107113][T14862] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4250'.
[  251.120802][T14862] syzkaller1: entered promiscuous mode
[  251.126344][T14862] syzkaller1: entered allmulticast mode
[  251.217471][T14866] IPv6: Can't replace route, no match found
[  251.233359][T14868] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4253'.
[  251.258670][T14869] loop1: detected capacity change from 0 to 1024
[  251.265898][T14869] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  251.283019][T14869] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  251.291427][T14869] EXT4-fs (loop1): orphan cleanup on readonly fs
[  251.298159][T14869] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  251.312891][T14869] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  251.319850][T14873] loop4: detected capacity change from 0 to 1024
[  251.321750][T14869] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.4247: Freeing blocks not in datazone - block = 0, count = 4096
[  251.340154][T14873] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  251.340662][T14869] EXT4-fs (loop1): 1 orphan inode deleted
[  251.356853][T14869] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  251.372124][T14869] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.4247: iget: bad extended attribute block 6
[  251.372250][T14873] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  251.392332][T14873] EXT4-fs (loop4): orphan cleanup on readonly fs
[  251.400674][T14873] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  251.415347][T14873] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  251.422498][T14873] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.4250: Freeing blocks not in datazone - block = 0, count = 4096
[  251.436222][T14873] EXT4-fs (loop4): 1 orphan inode deleted
[  251.442419][T14873] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  251.462222][T14873] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.4250: iget: bad extended attribute block 6
[  251.890336][T11638] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.027839][T12014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.155370][T14927] syzkaller0: entered allmulticast mode
[  252.167983][T14934] syzkaller0: entered promiscuous mode
[  252.181288][T14926] syzkaller0 (unregistering): left allmulticast mode
[  252.188065][T14926] syzkaller0 (unregistering): left promiscuous mode
[  252.194656][T14938] loop3: detected capacity change from 0 to 1024
[  252.195004][T14938] EXT4-fs: dax option not supported
[  252.206518][T14940] loop1: detected capacity change from 0 to 1024
[  252.213893][T14940] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  252.239009][T14940] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4283'.
[  252.254655][T14945] loop0: detected capacity change from 0 to 1024
[  252.266955][T14940] syzkaller1: entered promiscuous mode
[  252.272565][T14940] syzkaller1: entered allmulticast mode
[  252.393629][T14945] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  252.412425][T14954] loop4: detected capacity change from 0 to 1024
[  252.427109][T14954] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  252.445040][T14949] loop1: detected capacity change from 0 to 1024
[  252.453275][T14949] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  252.464557][T14949] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  252.472750][T14949] EXT4-fs (loop1): orphan cleanup on readonly fs
[  252.479527][T14949] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  252.494230][T14949] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  252.494470][T14954] ext4 filesystem being mounted at /204/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  252.501963][T14949] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.4283: Freeing blocks not in datazone - block = 0, count = 4096
[  252.525209][T14949] EXT4-fs (loop1): 1 orphan inode deleted
[  252.531490][T14949] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  252.547379][T14949] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.4283: iget: bad extended attribute block 6
[  252.573505][T14124] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: block 1: comm kworker/u8:11: lblock 1 mapped to illegal pblock 1 (length 15)
[  252.589413][T14124] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 15 with error 117
[  252.601845][T14124] EXT4-fs (loop4): This should not happen!! Data will be lost
[  252.601845][T14124] 
[  252.605531][T10775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.621993][T12014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.670012][T14965] IPv6: Can't replace route, no match found
[  252.847871][T14979] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4298'.
[  252.875567][T14983] netlink: 52 bytes leftover after parsing attributes in process `syz.4.4299'.
[  253.037724][T14983] bridge_slave_0: left allmulticast mode
[  253.042139][T14985] netlink: 'syz.4.4299': attribute type 10 has an invalid length.
[  253.043591][T14983] bridge_slave_0: left promiscuous mode
[  253.051475][T14985] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4299'.
[  253.057307][T14983] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.099768][T14983] bridge_slave_1: left allmulticast mode
[  253.105491][T14983] bridge_slave_1: left promiscuous mode
[  253.111260][T14983] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.125318][T14983] bond0: (slave bond_slave_0): Releasing backup interface
[  253.137260][T14983] bond0: (slave bond_slave_1): Releasing backup interface
[  253.160669][T14983] team0: Port device team_slave_0 removed
[  253.183143][T14983] team0: Port device team_slave_1 removed
[  253.214031][T14983] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  253.221548][T14983] batman_adv: batadv0: Removing interface: batadv_slave_0
[  253.221694][T14988] loop3: detected capacity change from 0 to 1024
[  253.237494][T14983] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  253.244967][T14983] batman_adv: batadv0: Removing interface: batadv_slave_1
[  253.254672][T14988] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  253.327215][T14985] batman_adv: batadv0: Adding interface: veth1_vlan
[  253.333861][T14985] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  253.406736][T11638] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.447450][T14985] batman_adv: batadv0: Interface activated: veth1_vlan
[  253.523022][T11863] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.623519][T14998] loop4: detected capacity change from 0 to 512
[  253.687596][T14998] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  253.713399][T14998] ext4 filesystem being mounted at /211/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  253.726011][T14998] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #2: comm syz.4.4305: corrupted inode contents
[  253.758462][T15013] loop0: detected capacity change from 0 to 1024
[  253.765975][T14998] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #2: comm syz.4.4305: mark_inode_dirty error
[  253.784557][T15013] EXT4-fs: dax option not supported
[  253.798693][T14998] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #2: comm syz.4.4305: corrupted inode contents
[  253.813008][T15017] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4311'.
[  253.822473][T15018] loop1: detected capacity change from 0 to 1024
[  253.831299][T14998] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.4305: mark_inode_dirty error
[  253.844737][T15018] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  253.865552][T12014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.903833][T15025] loop3: detected capacity change from 0 to 512
[  253.912713][T15025] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4313: bg 0: block 131: padding at end of block bitmap is not set
[  253.928688][T15025] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  253.953143][T15025] EXT4-fs (loop3): 1 truncate cleaned up
[  253.964154][T15025] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  253.996660][   T29] kauditd_printk_skb: 169 callbacks suppressed
[  253.996679][   T29] audit: type=1326 audit(1758154798.005:11577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15024 comm="syz.3.4313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4af0e5eba9 code=0x7ffc0000
[  254.026807][   T29] audit: type=1326 audit(1758154798.005:11578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15024 comm="syz.3.4313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4af0e5eba9 code=0x7ffc0000
[  254.051245][   T29] audit: type=1326 audit(1758154798.005:11579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15024 comm="syz.3.4313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4af0e60ac7 code=0x7ffc0000
[  254.074884][   T29] audit: type=1326 audit(1758154798.005:11580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15024 comm="syz.3.4313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f4af0e60a3c code=0x7ffc0000
[  254.098416][   T29] audit: type=1326 audit(1758154798.005:11581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15024 comm="syz.3.4313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f4af0e60974 code=0x7ffc0000
[  254.122074][   T29] audit: type=1326 audit(1758154798.005:11582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15024 comm="syz.3.4313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f4af0e60974 code=0x7ffc0000
[  254.145615][   T29] audit: type=1326 audit(1758154798.005:11583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15024 comm="syz.3.4313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f4af0e5d80a code=0x7ffc0000
[  254.169096][   T29] audit: type=1326 audit(1758154798.016:11584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15024 comm="syz.3.4313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4af0e5eba9 code=0x7ffc0000
[  254.169136][   T29] audit: type=1326 audit(1758154798.016:11585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15024 comm="syz.3.4313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4af0e5eba9 code=0x7ffc0000
[  254.169194][   T29] audit: type=1326 audit(1758154798.016:11586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15024 comm="syz.3.4313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4af0e5eba9 code=0x7ffc0000
[  254.181153][T11638] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.220409][T15031] loop4: detected capacity change from 0 to 1024
[  254.268476][T15031] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.302372][T15037] loop1: detected capacity change from 0 to 512
[  254.310339][T15037] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4315: bg 0: block 131: padding at end of block bitmap is not set
[  254.324871][T15037] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  254.333907][T15037] EXT4-fs (loop1): 1 truncate cleaned up
[  254.340199][T15037] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.419187][T12014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.437834][T15040] FAULT_INJECTION: forcing a failure.
[  254.437834][T15040] name failslab, interval 1, probability 0, space 0, times 0
[  254.450922][T15040] CPU: 0 UID: 0 PID: 15040 Comm: syz.4.4316 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  254.450961][T15040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  254.450978][T15040] Call Trace:
[  254.450987][T15040]  <TASK>
[  254.450998][T15040]  __dump_stack+0x1d/0x30
[  254.451062][T15040]  dump_stack_lvl+0xe8/0x140
[  254.451079][T15040]  dump_stack+0x15/0x1b
[  254.451102][T15040]  should_fail_ex+0x265/0x280
[  254.451165][T15040]  should_failslab+0x8c/0xb0
[  254.451191][T15040]  kmem_cache_alloc_noprof+0x50/0x310
[  254.451228][T15040]  ? audit_log_start+0x365/0x6c0
[  254.451271][T15040]  audit_log_start+0x365/0x6c0
[  254.451433][T15040]  audit_seccomp+0x48/0x100
[  254.451463][T15040]  ? __seccomp_filter+0x68c/0x10d0
[  254.451486][T15040]  __seccomp_filter+0x69d/0x10d0
[  254.451510][T15040]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  254.451596][T15040]  ? vfs_write+0x7e8/0x960
[  254.451617][T15040]  ? __rcu_read_unlock+0x4f/0x70
[  254.451636][T15040]  ? __fget_files+0x184/0x1c0
[  254.451661][T15040]  __secure_computing+0x82/0x150
[  254.451681][T15040]  syscall_trace_enter+0xcf/0x1e0
[  254.451721][T15040]  do_syscall_64+0xac/0x200
[  254.451751][T15040]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  254.451811][T15040]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  254.451840][T15040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.451860][T15040] RIP: 0033:0x7f2deee5eba9
[  254.451873][T15040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.451889][T15040] RSP: 002b:00007f2ded8bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[  254.451951][T15040] RAX: ffffffffffffffda RBX: 00007f2def0a5fa0 RCX: 00007f2deee5eba9
[  254.452031][T15040] RDX: 0000000000000000 RSI: 000000000008fff5 RDI: 0000200000000180
[  254.452049][T15040] RBP: 00007f2ded8bf090 R08: 0000000000000000 R09: 0000000000000000
[  254.452064][T15040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.452075][T15040] R13: 00007f2def0a6038 R14: 00007f2def0a5fa0 R15: 00007ffd6fe19958
[  254.452134][T15040]  </TASK>
[  254.734025][T15046] IPv6: Can't replace route, no match found
[  254.748797][T11863] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.880574][T15058] loop3: detected capacity change from 0 to 512
[  255.052864][T15067] loop4: detected capacity change from 0 to 512
[  255.068769][T15058] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  255.102848][T15067] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  255.118104][T15058] ext4 filesystem being mounted at /222/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  255.119345][T15067] EXT4-fs (loop4): mount failed
[  255.143380][T11638] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.159889][T15058] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  255.175491][T15058] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 13 with max blocks 1 with error 28
[  255.188064][T15058] EXT4-fs (loop3): This should not happen!! Data will be lost
[  255.188064][T15058] 
[  255.197824][T15058] EXT4-fs (loop3): Total free blocks count 0
[  255.203845][T15058] EXT4-fs (loop3): Free/Dirty block details
[  255.209853][T15058] EXT4-fs (loop3): free_blocks=65280
[  255.215231][T15058] EXT4-fs (loop3): dirty_blocks=1
[  255.220367][T15058] EXT4-fs (loop3): Block reservation details
[  255.226430][T15058] EXT4-fs (loop3): i_reserved_data_blocks=1
[  255.275699][T15067] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15067 comm=syz.4.4328
[  255.289341][T15074] loop1: detected capacity change from 0 to 1024
[  255.311089][T15074] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  255.330904][T15074] syzkaller1: entered promiscuous mode
[  255.336414][T15074] syzkaller1: entered allmulticast mode
[  255.400661][T11863] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.461720][T15084] loop4: detected capacity change from 0 to 512
[  255.473843][T15084] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4335: bg 0: block 131: padding at end of block bitmap is not set
[  255.489070][T15084] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  255.507783][T15084] EXT4-fs (loop4): 1 truncate cleaned up
[  255.513999][T15084] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.722286][T15103] loop1: detected capacity change from 0 to 1024
[  255.747852][T15103] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  255.769543][T15103] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  255.786437][T15103] EXT4-fs (loop1): orphan cleanup on readonly fs
[  255.816274][T15103] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  255.830958][T15103] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  255.845068][T15103] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.4330: Freeing blocks not in datazone - block = 0, count = 4096
[  255.859819][T15103] EXT4-fs (loop1): 1 orphan inode deleted
[  255.866605][T15103] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  255.955681][T15119] FAULT_INJECTION: forcing a failure.
[  255.955681][T15119] name failslab, interval 1, probability 0, space 0, times 0
[  255.968498][T15119] CPU: 0 UID: 0 PID: 15119 Comm: syz.0.4347 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  255.968533][T15119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  255.968555][T15119] Call Trace:
[  255.968589][T15119]  <TASK>
[  255.968596][T15119]  __dump_stack+0x1d/0x30
[  255.968633][T15119]  dump_stack_lvl+0xe8/0x140
[  255.968659][T15119]  dump_stack+0x15/0x1b
[  255.968688][T15119]  should_fail_ex+0x265/0x280
[  255.968722][T15119]  should_failslab+0x8c/0xb0
[  255.968754][T15119]  __kmalloc_noprof+0xa5/0x3e0
[  255.968782][T15119]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[  255.968853][T15119]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[  255.968897][T15119]  genl_family_rcv_msg_doit+0x48/0x1b0
[  255.968980][T15119]  ? selinux_capable+0x31/0x40
[  255.969016][T15119]  ? security_capable+0x83/0x90
[  255.969040][T15119]  ? ns_capable+0x7d/0xb0
[  255.969061][T15119]  genl_rcv_msg+0x422/0x460
[  255.969149][T15119]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  255.969187][T15119]  netlink_rcv_skb+0x123/0x220
[  255.969219][T15119]  ? __pfx_genl_rcv_msg+0x10/0x10
[  255.969330][T15119]  genl_rcv+0x28/0x40
[  255.969360][T15119]  netlink_unicast+0x5bd/0x690
[  255.969385][T15119]  netlink_sendmsg+0x58b/0x6b0
[  255.969422][T15119]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.969518][T15119]  __sock_sendmsg+0x145/0x180
[  255.969571][T15119]  ____sys_sendmsg+0x31e/0x4e0
[  255.969610][T15119]  ___sys_sendmsg+0x17b/0x1d0
[  255.969727][T15119]  __x64_sys_sendmsg+0xd4/0x160
[  255.969768][T15119]  x64_sys_call+0x191e/0x2ff0
[  255.969797][T15119]  do_syscall_64+0xd2/0x200
[  255.969889][T15119]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  255.969922][T15119]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  255.969963][T15119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.969992][T15119] RIP: 0033:0x7fd2c145eba9
[  255.970081][T15119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.970106][T15119] RSP: 002b:00007fd2bfec7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  255.970131][T15119] RAX: ffffffffffffffda RBX: 00007fd2c16a5fa0 RCX: 00007fd2c145eba9
[  255.970147][T15119] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000003
[  255.970180][T15119] RBP: 00007fd2bfec7090 R08: 0000000000000000 R09: 0000000000000000
[  255.970197][T15119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  255.970213][T15119] R13: 00007fd2c16a6038 R14: 00007fd2c16a5fa0 R15: 00007ffcd5343008
[  255.970238][T15119]  </TASK>
[  256.256327][T15120] netlink: 'syz.3.4346': attribute type 1 has an invalid length.
[  256.264223][T15120] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4346'.
[  256.300745][T12014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.359169][T15125] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4350'.
[  256.463794][T15135] TCP: TCP_TX_DELAY enabled
[  256.476461][T15135] loop4: detected capacity change from 0 to 512
[  256.483509][T11638] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.507431][T15135] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  256.515578][T15135] EXT4-fs (loop4): orphan cleanup on readonly fs
[  256.523575][T15135] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.4354: Failed to acquire dquot type 1
[  256.535661][T15135] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4354: bg 0: block 40: padding at end of block bitmap is not set
[  256.554350][T15135] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  256.563708][T15135] EXT4-fs (loop4): 1 truncate cleaned up
[  256.569900][T15135] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  256.611894][T15148] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15148 comm=syz.2.4359
[  256.676149][T15154] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4361'.
[  256.704731][T15156] loop3: detected capacity change from 0 to 1024
[  256.712512][T12014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.727263][T15156] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.876429][T11863] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.895022][T15178] loop4: detected capacity change from 0 to 512
[  256.904334][T15178] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.188506][T15184] ==================================================================
[  257.196659][T15184] BUG: KCSAN: data-race in file_write_and_wait_range / xas_set_mark
[  257.204699][T15184] 
[  257.207040][T15184] write to 0xffff8881071fe54c of 4 bytes by task 15178 on cpu 0:
[  257.215137][T15184]  xas_set_mark+0x12b/0x140
[  257.219700][T15184]  __folio_start_writeback+0x1dd/0x440
[  257.225198][T15184]  ext4_bio_write_folio+0x5ad/0x9f0
[  257.230444][T15184]  mpage_process_page_bufs+0x4a1/0x620
[  257.236017][T15184]  mpage_prepare_extent_to_map+0x786/0xc00
[  257.241852][T15184]  ext4_do_writepages+0x708/0x2750
[  257.247022][T15184]  ext4_writepages+0x176/0x300
[  257.251927][T15184]  do_writepages+0x1c6/0x310
[  257.256573][T15184]  file_write_and_wait_range+0x156/0x2c0
[  257.262251][T15184]  generic_buffers_fsync_noflush+0x45/0x120
[  257.268164][T15184]  ext4_sync_file+0x1ab/0x690
[  257.272871][T15184]  vfs_fsync_range+0x10d/0x130
[  257.277674][T15184]  ext4_buffered_write_iter+0x34f/0x3c0
[  257.283298][T15184]  ext4_file_write_iter+0x383/0xf00
[  257.288548][T15184]  iter_file_splice_write+0x663/0xa60
[  257.293953][T15184]  direct_splice_actor+0x153/0x2a0
[  257.299096][T15184]  splice_direct_to_actor+0x30f/0x680
[  257.304503][T15184]  do_splice_direct+0xda/0x150
[  257.309300][T15184]  do_sendfile+0x380/0x650
[  257.313758][T15184]  __x64_sys_sendfile64+0x105/0x150
[  257.318999][T15184]  x64_sys_call+0x2bb0/0x2ff0
[  257.323709][T15184]  do_syscall_64+0xd2/0x200
[  257.328264][T15184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.334176][T15184] 
[  257.336517][T15184] read to 0xffff8881071fe54c of 4 bytes by task 15184 on cpu 1:
[  257.344163][T15184]  file_write_and_wait_range+0x10e/0x2c0
[  257.350049][T15184]  generic_buffers_fsync_noflush+0x45/0x120
[  257.355979][T15184]  ext4_sync_file+0x1ab/0x690
[  257.360696][T15184]  vfs_fsync_range+0x10d/0x130
[  257.365527][T15184]  ext4_buffered_write_iter+0x34f/0x3c0
[  257.371121][T15184]  ext4_file_write_iter+0x383/0xf00
[  257.376361][T15184]  iter_file_splice_write+0x663/0xa60
[  257.381751][T15184]  direct_splice_actor+0x153/0x2a0
[  257.386876][T15184]  splice_direct_to_actor+0x30f/0x680
[  257.392257][T15184]  do_splice_direct+0xda/0x150
[  257.397027][T15184]  do_sendfile+0x380/0x650
[  257.401458][T15184]  __x64_sys_sendfile64+0x105/0x150
[  257.406672][T15184]  x64_sys_call+0x2bb0/0x2ff0
[  257.411360][T15184]  do_syscall_64+0xd2/0x200
[  257.415974][T15184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.421874][T15184] 
[  257.424200][T15184] value changed: 0x0a000021 -> 0x04000021
[  257.429919][T15184] 
[  257.432242][T15184] Reported by Kernel Concurrency Sanitizer on:
[  257.438390][T15184] CPU: 1 UID: 0 PID: 15184 Comm: syz.4.4370 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  257.448210][T15184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  257.458276][T15184] ==================================================================
[  257.802393][T12014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.