last executing test programs:

1.904229202s ago: executing program 1 (id=5019):
unshare(0x6020400)
r0 = syz_open_dev$vcsn(&(0x7f0000000180), 0x0, 0x26642)
fsetxattr$security_capability(r0, &(0x7f0000000280), &(0x7f0000000380)=@v3={0x3000000, [{0x5, 0x82}, {0x80000000, 0xffffaf0a}]}, 0x18, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, 0x0, 0x0)

1.904117883s ago: executing program 1 (id=5020):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000540)='kfree\x00', r0, 0x0, 0x4}, 0x18)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x5, 0x0)
umount2(&(0x7f00000002c0)='./file0/../file0\x00', 0x0)

1.892288513s ago: executing program 2 (id=5022):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = dup(r0)
ioctl$PTP_EXTTS_REQUEST2(r1, 0xc0603d0f, &(0x7f0000000040))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5d, '\x00', 0x0, @fallback=0x36, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
get_mempolicy(0x0, 0x0, 0x800007, &(0x7f0000ffa000/0x4000)=nil, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000280)='tlb_flush\x00', r2}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f00000001c0)={'veth1_to_team\x00', &(0x7f00000000c0)=@ethtool_gstrings={0x1b, 0x7}})
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x5, 0x0)
umount2(&(0x7f00000002c0)='./file0/../file0\x00', 0x0)

1.865951293s ago: executing program 1 (id=5023):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ff"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="06"], 0x9)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={0x0, 0x6}, 0x8)

1.857334973s ago: executing program 2 (id=5025):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x0, &(0x7f0000000100), 0x1, 0x57e, &(0x7f00000005c0)="$eJzs3U1oHGUfAPD/zGbffuV90xcUVHooKlQo3ST90OqpvYqFQg+CFw2bbSjZZEM20SbkkN6L2IOo9FJvevCoePAgXjx6ErwonoVig0LTg67MfqRpvtzUJlszvx/M7jzz7Oz/eXb2/+zMMMMGkFtHs4c04umIuJhEDKyq64t25dHW65aXFsr3lhbKSTQal35NIomIu0sL5c7rk/bzoYhYjIinIuKbYsTxdH3c+tz8+Ei1WplulwdnJqYG63PzJ65MjIxVxiqTp156+czZ02eGTw6vXu1eY3WpuL2+Xv/pxrvXv3v11o1PPzuyWH5/JIlz0d+uW92PR6n1mRTj3Jrlp3ciWA8lvW4AD6XQzvMslZ6MgSi0s34jjYFdbRqwwxr7IhpATiXyH3Kqsx+QHf92pt3c/7h9vnUAksVdbk+tmr7WuYnY3zw2Ofhb8sCRSXa8eXg3G8qetHgtIob6+tZ//5P29+/hDT2KBrKjvj7f2lDrt3+6Mv7EBuNPf+fc6T/UGf+W141/9+MXNhn/LnYZ4483fv5o0/jXIp7ZMH6yEj/ZIH4aEW91Gf/m61+e3ayu8XHEsdg4fkey9fnhwctXqpWh1uOGMb46duSVrfp/cJP4rXO2+5s/M2v6fyhr01SX/f/i28+fXdwi/gvPbb39N/r8D0TEe13G///dT17brO72teROthew3e2fLbvVZfwXzx39scuXAgAAAAAAAAAA25A2r2VL0tLKfJqWSq17eJ+Ig2m1Vp85frk2OznauubtcBTTzpVWA61ykpWH29fjdson15RPFdoBCwea5VK5Vh3tcd8BAAAAAAAAAAAAAAAAAADgcXFozf3/vxea9/+v/btqYK/a/C+/gb1O/kN+PZj/Sc/aAew+v/+QWw35D/kl/yG/5D/kl/yH/JL/kF/yH/JL/gMAAAAAAAAAAAAAAAAAAAAAAAAAwI64eOFCNjXuLS2Us/Jo39zseO3tE6OV+nhpYrZcKtemp0pjtdpYtVIq1yb+7v2SWm1qKCZnrw7OVOozg/W5+TcnarOTSXzfrK4Ud6FPAAAAAAAAAAAAAAAAAAAA8G/T35yStBQRaXM+TUuliP9GxOEoJpevVCtDEfG/iPihUNyXlYd73WgAAAAAAAAAAAAAAAAAAADYY+pz8+Mj1Wplek/O7I+IB5f0bWf1iFh8tA3L3nHbaxXb2+px+VTN5GGmxwMTAAAAAAAAAAAAAAAAAADk0P2bfrtd48+dbRAAAAAAAAAAAAAAAAAAAADkUvpLEhHZdGzg+f61tf9JlgvN54h45+alD66OzMxMD2fL76wsn/mwvfxkL9oPdKuTp508BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO6rz82Pj1SrlekdnOl1HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAexl8BAAD//5aV1q4=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
write$tun(r2, &(0x7f0000000140)={@val={0x0, 0x22f0}, @val={0x6, 0x0, 0x9, 0xfffe, 0x0, 0x4a}, @x25={0x3, 0x1, 0xc1}}, 0x11) (fail_nth: 5)

1.824898024s ago: executing program 0 (id=5026):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = dup(r0)
ioctl$PTP_EXTTS_REQUEST2(r1, 0xc0603d0f, &(0x7f0000000040))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5d, '\x00', 0x0, @fallback=0x36, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
get_mempolicy(0x0, 0x0, 0x800007, &(0x7f0000ffa000/0x4000)=nil, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000280)='tlb_flush\x00', r2}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f00000001c0)={'veth1_to_team\x00', &(0x7f00000000c0)=@ethtool_gstrings={0x1b, 0x7}})
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x5, 0x0)
umount2(&(0x7f00000002c0)='./file0/../file0\x00', 0x0)

1.824686804s ago: executing program 1 (id=5027):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r0}, 0x8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="9feb01001800000000000000b4000000b4000000060000000500000006000085050000000c00000005000000010000ffffffff10000000050000000800000008000000030080000f00000007000000040000000104000004000000030000000b0000001000000000000002000000000600000000000010040000000400000000000009010000000400000004000004010000000e00000005000000ee9e230a0e00000004000000000000000900000004000000030000000e000000040000001000000000006f2e6100"/210], &(0x7f0000000040)=""/41, 0xd2, 0x29, 0x1, 0xfffffff8}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080000000080100", @ANYRES32, @ANYBLOB="000000000040267a4b6c8e945a00000000000000aefce68c62f79844fa61ee180000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000300"/24, @ANYRES32=r1, @ANYBLOB], 0x50)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x4041)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1d00000004000000020000000000000001020000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="01000000ffffffff00"/27], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = epoll_create1(0x0)
r3 = epoll_create1(0x80000)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
write$P9_RLERRORu(r5, &(0x7f0000000780)=ANY=[@ANYBLOB="2d00000007020015002f6465762f6275732f7573622f30000000003023007f00000003fa4d2e5d90992751191612507edc581c5657d1a5300228c50162354ecda0d71d9e6323466947d43f7fa8ec0a66c60a4120ae2bf15b259977922ca3c59257"], 0x22)
write$RDMA_USER_CM_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000024c0)={0x6, 0x118, 0xfa00, {{0x3, 0x800, "62c4880f51e3765fe134bfd9a1aa9dea088ba6801b657eaa450e475f3cf587b01d34c26d8835c979ff27754a932c93de101590af4a036119e73811c4f172519692c3ff2f71b1e423d6468aa0c374175195e3a4d2979974cb350e488e38ae06e0f53f6eab66c32c551ed131a6c719513783768e3bb9642bb6030d270639f1ff2d9eafa6b428a98caf430e94642762b6ed055ad25443feb4c26500d34b973da8f568af3d885cb0fb1c55ace28fe75eaf333086322493de9ef2c3bc90b76af9453674b492187d6d042141e8f5354b04605529a66c62ba2142d38fecb597570d4f9e4aa1b7c596b2ecc72545a8aad98950ac3d1c2dad2cd95a4d8bcde74c69ff15e5", 0x9, 0x40, 0xd0, 0xa, 0x50, 0x4, 0xd}}}, 0x120)
socket$inet6_udplite(0xa, 0x2, 0x88)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x40, 0x0)
fsetxattr$system_posix_acl(r6, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x34, 0x1)
setreuid(0xffffffffffffffff, 0xee01)
mkdir(&(0x7f0000000040)='./file1\x00', 0x114)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x400000000000000}, 0x0, &(0x7f00000002c0)={0x400, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, 0xffffffffffffffff, &(0x7f0000000400)={0xa})
epoll_pwait(r2, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x7460)
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f00000006c0)={[{@init_itable_val={'init_itable', 0x3d, 0x3}}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4000001}}, {@abort}, {@errors_remount}, {@quota}]}, 0x3, 0x433, &(0x7f0000000d80)="$eJzs28tvG0UYAPBv7SSlLxKq8ugDCBRExSNp0lJ64AICiQNISHAox5CkVajboCZItIogIFSOqBJ3xBGJv4ATXBBwQuIKd1SpQrm0cDJaezexHdt1Uidu699P2nZmd1Yzn3fHntnJBtC3RtN/kog9EfFnRAxXs/UFRqv/3VxZmv53ZWk6iXL5nX+SSrkbK0vTedH8vN15ZiCi8EUSh5rUu3Dp8rmpUmn2YpYfXzz/4fjCpcsvzJ2fOjt7dvbC5KlTJ45PvHRy8sWuxJnGdePgJ/OHD7zx3tW3pk9fff/X75M8/oY4umS03cGny+UuV9dbe2vSyUDHp5WLW9IaOlWsdtMYrPT/4SjG2sUbjtc/72njgC011P7wchm4h6WjeaAf5T/06fw337Zh2HHHuP5KdQKUxn0z26pHBqKQlRlsmN9202hEnF7+75t0i615DgEAUOfHdPzzfLPxXyEeqil3f7aGMhIRD0TEvog4GRH7I+LBiErZhyPikQ3W37hIsn78U7i2qcA6lI7/Xs7WturHf/noL0aKWW5vJf7B5MxcafZY9pkcjcEdaX6iTR0/vfbHV62O1Y7/0i2tPx8LZu24NrCj/pyZqcWp24m51vXPIg4ONIs/WV0JSCLiQEQc3GQdc89+d7jVsVvH30bn60wtlb+NeKZ6/ZejIf5c0n59cvy+KM0eG8/vivV++/3K263qv634uyC9/rua3v+r8Y8kteu1Cxuv48pfX7ac02z2/h9K3q3b9/HU4uLFiYih5M1qo2v3TzaUm1wrn8Z/9Ejz/r8v1j6JQxGR3sSPRsRjEfF41vYnIuLJiDjSJv5fXn3qg83Hv7XS+Gc2dP3XEkPRuKd5onju5x/qKh3ZSPzp9T9RSR3N9nTy/ddJuzZ3NwMAAMDdpxAReyIpjK2mC4Wxserf8O+PXYXS/MLic2fmP7owU31HYCQGC/mTruGa56ET2bQ+z0825I9nz42/Lu6s5Mem50szvQ4e+tzuFv0/9beXM+De14V1NOAupf9D/9L/oX/p/9C/mvT/nb1oB7D9Kv0/qd/3aY/aAmyvht9/y37QR8z/oX/p/9C/9H/oSws749YvyUtIrEtE4Y5ohsQWJXr9zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAd/wcAAP//VsrjzA==")
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000680)={'syztnl2\x00', &(0x7f0000000600)={'gretap0\x00', 0x0, 0x10, 0x8, 0xd, 0x3, {{0x15, 0x4, 0x1, 0x5, 0x54, 0x64, 0x0, 0xa6, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @local, {[@timestamp_addr={0x44, 0x2c, 0xd6, 0x1, 0x6, [{@rand_addr=0x64010100}, {@loopback, 0x1}, {@loopback}, {@multicast2, 0x100}, {@remote, 0x7f}]}, @end, @cipso={0x86, 0x10, 0x3, [{0x1, 0xa, "5b09fbc87fb9072a"}]}]}}}}})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000740)={0x2}, 0x8)
r7 = socket(0x9, 0x5, 0x0)
getsockopt(r7, 0x200000000114, 0x2717, 0x0, &(0x7f0000000300))

1.824389564s ago: executing program 4 (id=5028):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000100), &(0x7f0000000240)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x10, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRESHEX=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000580)='/proc/diskstats\x00', 0x0, 0x0)
sendfile(r1, r3, 0x0, 0x2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r5=>r4, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000180)={'vxcan1\x00', <r8=>0x0})
bind$can_raw(r7, &(0x7f0000000200)={0x1d, r8}, 0x10)
sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r8, {0x1}, {0xffff, 0xfff1}, {0x1}}}, 0x24}}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x2000000000000097, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x7fff, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)})
r10 = memfd_secret(0x80000)
fchownat(r10, &(0x7f0000000040)='\x00', 0x0, 0x0, 0x1000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r9}, 0x10)
process_mrelease(0xffffffffffffffff, 0x0)
r11 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x80000000}, 0x18)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x3, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000feffff9500000004000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r12}, 0x10)
r13 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r13, &(0x7f00000007c0)={0x400000000000000, 0x0, &(0x7f0000000700)={&(0x7f00000004c0)=ANY=[@ANYRES64=r10, @ANYRESHEX=r7, @ANYRES32=r11, @ANYRESOCT=r13, @ANYRES32=r5, @ANYRESDEC=r13, @ANYRESOCT=r4, @ANYRES64=<r14=>r12, @ANYRES16=r10], 0xa8}}, 0x40080)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00'})
r15 = socket$nl_generic(0x10, 0x3, 0x10)
r16 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r15)
sendmsg$NL80211_CMD_GET_WIPHY(r15, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r16, @ANYBLOB="01030000000000000000010000000800010014000000080003"], 0x30}}, 0x44)
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000300), 0xc, &(0x7f0000000340)={&(0x7f00000009c0)=ANY=[@ANYRESOCT=r6, @ANYRESDEC=r8, @ANYRES64=r14], 0xec}, 0x1, 0x0, 0x0, 0x20000000}, 0x2404c886)
umount2(0x0, 0x0)

1.790082235s ago: executing program 2 (id=5029):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x40089}, 0x8004)
write$nci(r0, &(0x7f0000000140)=ANY=[@ANYBLOB='AF'], 0x4)

1.789571834s ago: executing program 0 (id=5030):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x0, &(0x7f0000000100), 0x1, 0x57e, &(0x7f00000005c0)="$eJzs3U1oHGUfAPD/zGbffuV90xcUVHooKlQo3ST90OqpvYqFQg+CFw2bbSjZZEM20SbkkN6L2IOo9FJvevCoePAgXjx6ErwonoVig0LTg67MfqRpvtzUJlszvx/M7jzz7Oz/eXb2/+zMMMMGkFtHs4c04umIuJhEDKyq64t25dHW65aXFsr3lhbKSTQal35NIomIu0sL5c7rk/bzoYhYjIinIuKbYsTxdH3c+tz8+Ei1WplulwdnJqYG63PzJ65MjIxVxiqTp156+czZ02eGTw6vXu1eY3WpuL2+Xv/pxrvXv3v11o1PPzuyWH5/JIlz0d+uW92PR6n1mRTj3Jrlp3ciWA8lvW4AD6XQzvMslZ6MgSi0s34jjYFdbRqwwxr7IhpATiXyH3Kqsx+QHf92pt3c/7h9vnUAksVdbk+tmr7WuYnY3zw2Ofhb8sCRSXa8eXg3G8qetHgtIob6+tZ//5P29+/hDT2KBrKjvj7f2lDrt3+6Mv7EBuNPf+fc6T/UGf+W141/9+MXNhn/LnYZ4483fv5o0/jXIp7ZMH6yEj/ZIH4aEW91Gf/m61+e3ayu8XHEsdg4fkey9fnhwctXqpWh1uOGMb46duSVrfp/cJP4rXO2+5s/M2v6fyhr01SX/f/i28+fXdwi/gvPbb39N/r8D0TEe13G///dT17brO72teROthew3e2fLbvVZfwXzx39scuXAgAAAAAAAAAA25A2r2VL0tLKfJqWSq17eJ+Ig2m1Vp85frk2OznauubtcBTTzpVWA61ykpWH29fjdson15RPFdoBCwea5VK5Vh3tcd8BAAAAAAAAAAAAAAAAAADgcXFozf3/vxea9/+v/btqYK/a/C+/gb1O/kN+PZj/Sc/aAew+v/+QWw35D/kl/yG/5D/kl/yH/JL/kF/yH/JL/gMAAAAAAAAAAAAAAAAAAAAAAAAAwI64eOFCNjXuLS2Us/Jo39zseO3tE6OV+nhpYrZcKtemp0pjtdpYtVIq1yb+7v2SWm1qKCZnrw7OVOozg/W5+TcnarOTSXzfrK4Ud6FPAAAAAAAAAAAAAAAAAAAA8G/T35yStBQRaXM+TUuliP9GxOEoJpevVCtDEfG/iPihUNyXlYd73WgAAAAAAAAAAAAAAAAAAADYY+pz8+Mj1Wplek/O7I+IB5f0bWf1iFh8tA3L3nHbaxXb2+px+VTN5GGmxwMTAAAAAAAAAAAAAAAAAADk0P2bfrtd48+dbRAAAAAAAAAAAAAAAAAAAADkUvpLEhHZdGzg+f61tf9JlgvN54h45+alD66OzMxMD2fL76wsn/mwvfxkL9oPdKuTp508BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO6rz82Pj1SrlekdnOl1HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAexl8BAAD//5aV1q4=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000180)='kfree\x00', r3}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a0302000200000000000002000000090002"], 0x80}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000400003800800014000000000080002400000fbff2b0003801400010067656e6576653000000000000000000014000100776732000000000000000000c6e49c0f5c000000180a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c000380140001"], 0x110}}, 0x0)
write$tun(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="c100"/17], 0x11)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r1, 0x6628)

1.748868296s ago: executing program 0 (id=5031):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r0}, &(0x7f0000000040), &(0x7f00000002c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
mount$9p_tcp(0x0, &(0x7f0000000680)='.\x00', &(0x7f00000006c0), 0x8010, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=tcp'])

1.748357446s ago: executing program 0 (id=5032):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{0xffffffffffffffff, <r2=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f00000000c0)}, 0x20)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff})
read(r3, 0x0, 0x0)
process_mrelease(r3, 0x0)
r4 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000980)={{0xffffffffffffffff, <r5=>0xffffffffffffffff}, &(0x7f0000000900), &(0x7f0000000940)='%ps    \x00'}, 0x20)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000440)={&(0x7f0000000200)="51e155", &(0x7f0000000100)=""/27, &(0x7f0000000140), 0x0, 0x4, r6}, 0x38)
r7 = syz_open_dev$vcsa(&(0x7f00000009c0), 0x3, 0x101102)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x15, 0x1d, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0xb64f, 0x0, 0x0, 0x0, 0x4}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @func={0x85, 0x0, 0x1, 0x0, 0x6}, @func={0x85, 0x0, 0x1, 0x0, 0x4}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x149}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @ldst={0x3, 0x1, 0x2, 0x344769cc837e186a, 0x1, 0x50, 0x10}, @func={0x85, 0x0, 0x1, 0x0, 0x2}]}, &(0x7f0000000440)='GPL\x00', 0x3, 0x99, &(0x7f0000000b80)=""/153, 0x0, 0x68, '\x00', 0x0, @fallback=0xf, r3, 0x8, &(0x7f0000000540)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000000580)={0x2, 0xd, 0x3ff, 0x800}, 0x10, 0xffffffffffffffff, r4, 0x7, &(0x7f0000000a00)=[0xffffffffffffffff, r5, r6, r7, 0x1], &(0x7f0000000a40)=[{0x1, 0x3, 0x2, 0x1}, {0x0, 0x5, 0x9, 0x7}, {0x2, 0x5, 0x3, 0xb}, {0x1, 0x4, 0x4, 0x7}, {0x5, 0x1, 0xe, 0x5}, {0x2, 0x4}, {0x1, 0x3, 0xd, 0xa}], 0x10, 0x8}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r8, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r10=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r8, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)={0x2c, r9, 0x1, 0x70bd28, 0x1, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x4}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r10}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}]}, 0x2c}}, 0x80)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r11 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r12 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r12, &(0x7f00000008c0)="3bf58d7d45d32cfe1da7c797b82fee444b42785c24a8", 0x16)
sendfile(r12, r11, 0x0, 0x3ffff)
sendfile(r12, r11, 0x0, 0x7fffeffd)
r13 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r14 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r14, 0x0, 0x0)
sendfile(r14, r13, 0x0, 0x3ffff)
syz_emit_ethernet(0x6a, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000008004500005c000000000033907800000000ffffffff000000000048907803000000041fa3883e21cd9fe5caae18544a9131d14c91cf0d355079896e447a58f2e6a0893330bdb477ae5aa67404b54c7740eb6dcb6c5545363eff42"], 0x0)

1.365379653s ago: executing program 3 (id=5035):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)

1.308209514s ago: executing program 3 (id=5036):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ff"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="06"], 0x9)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000380)={0x0, 0x6}, 0x8)

1.308085344s ago: executing program 3 (id=5037):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000140), &(0x7f0000000040)='%pI4   \x00'}, 0x2a)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
mount$9p_rdma(&(0x7f00000013c0), &(0x7f0000001400)='.\x00', &(0x7f0000001440), 0x800, &(0x7f00000000c0)={'trans=rdma,', {'port', 0x3d, 0x4e20}, 0x2c, {[{@sq={'sq', 0x3d, 0x10000}}, {@timeout={'timeout', 0x3d, 0x3}}]}})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r3, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)

979.24833ms ago: executing program 1 (id=5038):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000dc0)={0x0, 0x4000, 0x0, 0x865d, 0xfd, "ffff00"})
io_setup(0x5, &(0x7f0000000140)=<r5=>0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@getqdisc={0x3c, 0x26, 0x20, 0x70bd2e, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffff}, {0xfff1, 0xd}, {0x9, 0x4}}, [{0x4}, {0x4}, {0x4}, {0x4}, {0x4}, {0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x20044880)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=0x0, @ANYRES32=r8, @ANYBLOB="9000000010000305000000000000000000000700", @ANYBLOB="08000100", @ANYRES32=r7, @ANYRESDEC=r6], 0x90}}, 0x0)
r9 = eventfd(0x10)
io_submit(r5, 0x1, &(0x7f00000006c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4, 0xffffffffffffffff, &(0x7f00000003c0)='z', 0x1, 0xcead, 0x0, 0x5, r9}])
close_range(r4, 0xffffffffffffffff, 0x0)
unshare(0x20400)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x17, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="1800ceed78c94f3743"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r10, 0x6, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

887.249873ms ago: executing program 4 (id=5039):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB, @ANYRES32=r3], 0x44}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
fcntl$F_GET_RW_HINT(r1, 0x40b, &(0x7f0000000840))
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r5}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000880)={0x7, <r6=>0x0}, 0x8)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r7, 0x0, 0x1}, 0x18)
syz_clone3(0x0, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x3}]}], {0x14}}, 0x64}}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000130a0300000000000000000002000000092d490073797a310200000008000340000000010900010073797a3000"], 0x34}}, 0x20000000)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
r10 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r10, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port1\x00', 0x62, 0x811, 0x0, 0x8000007, 0x3, 0xfffffffe, 0x1, 0x0, 0x7cce8c743ee810dd})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r10, 0x40505330, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r10, 0x40505330, &(0x7f0000000500)={0x800000, 0x210002, 0xffffffdd, 0x7fffffff, 0x2, 0x69})
r11 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\t\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2\xbdA\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x2)
write$binfmt_misc(r11, &(0x7f0000000180)="e502", 0x2)
syz_mount_image$iso9660(&(0x7f00000009c0), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000001140)=ANY=[], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")

835.171263ms ago: executing program 0 (id=5040):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r0}, &(0x7f00000004c0), &(0x7f0000000300)=r1}, 0x20)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0xff0f}], 0x1}, 0x0)
recvmsg(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000880)=[{0x0}], 0x1}, 0x0)

834.726763ms ago: executing program 3 (id=5041):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x0, &(0x7f0000000100), 0x1, 0x57e, &(0x7f00000005c0)="$eJzs3U1oHGUfAPD/zGbffuV90xcUVHooKlQo3ST90OqpvYqFQg+CFw2bbSjZZEM20SbkkN6L2IOo9FJvevCoePAgXjx6ErwonoVig0LTg67MfqRpvtzUJlszvx/M7jzz7Oz/eXb2/+zMMMMGkFtHs4c04umIuJhEDKyq64t25dHW65aXFsr3lhbKSTQal35NIomIu0sL5c7rk/bzoYhYjIinIuKbYsTxdH3c+tz8+Ei1WplulwdnJqYG63PzJ65MjIxVxiqTp156+czZ02eGTw6vXu1eY3WpuL2+Xv/pxrvXv3v11o1PPzuyWH5/JIlz0d+uW92PR6n1mRTj3Jrlp3ciWA8lvW4AD6XQzvMslZ6MgSi0s34jjYFdbRqwwxr7IhpATiXyH3Kqsx+QHf92pt3c/7h9vnUAksVdbk+tmr7WuYnY3zw2Ofhb8sCRSXa8eXg3G8qetHgtIob6+tZ//5P29+/hDT2KBrKjvj7f2lDrt3+6Mv7EBuNPf+fc6T/UGf+W141/9+MXNhn/LnYZ4483fv5o0/jXIp7ZMH6yEj/ZIH4aEW91Gf/m61+e3ayu8XHEsdg4fkey9fnhwctXqpWh1uOGMb46duSVrfp/cJP4rXO2+5s/M2v6fyhr01SX/f/i28+fXdwi/gvPbb39N/r8D0TEe13G///dT17brO72teROthew3e2fLbvVZfwXzx39scuXAgAAAAAAAAAA25A2r2VL0tLKfJqWSq17eJ+Ig2m1Vp85frk2OznauubtcBTTzpVWA61ykpWH29fjdson15RPFdoBCwea5VK5Vh3tcd8BAAAAAAAAAAAAAAAAAADgcXFozf3/vxea9/+v/btqYK/a/C+/gb1O/kN+PZj/Sc/aAew+v/+QWw35D/kl/yG/5D/kl/yH/JL/kF/yH/JL/gMAAAAAAAAAAAAAAAAAAAAAAAAAwI64eOFCNjXuLS2Us/Jo39zseO3tE6OV+nhpYrZcKtemp0pjtdpYtVIq1yb+7v2SWm1qKCZnrw7OVOozg/W5+TcnarOTSXzfrK4Ud6FPAAAAAAAAAAAAAAAAAAAA8G/T35yStBQRaXM+TUuliP9GxOEoJpevVCtDEfG/iPihUNyXlYd73WgAAAAAAAAAAAAAAAAAAADYY+pz8+Mj1Wplek/O7I+IB5f0bWf1iFh8tA3L3nHbaxXb2+px+VTN5GGmxwMTAAAAAAAAAAAAAAAAAADk0P2bfrtd48+dbRAAAAAAAAAAAAAAAAAAAADkUvpLEhHZdGzg+f61tf9JlgvN54h45+alD66OzMxMD2fL76wsn/mwvfxkL9oPdKuTp508BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO6rz82Pj1SrlekdnOl1HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAexl8BAAD//5aV1q4=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000180)='kfree\x00', r3}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a0302000200000000000002000000090002"], 0x80}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000400003800800014000000000080002400000fbff2b0003801400010067656e6576653000000000000000000014000100776732000000000000000000c6e49c0f5c000000180a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c000380140001"], 0x110}}, 0x0)
write$tun(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="c100"/17], 0x11)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r1, 0x6628)

788.237654ms ago: executing program 2 (id=5042):
r0 = openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
close(0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{}, &(0x7f0000000100), &(0x7f0000000280)}, 0x20)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r3], 0x1c}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r5}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x2, 0x0, 0x0, 0x4, 0x0)

490.25748ms ago: executing program 0 (id=5043):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x2)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040001000400003a29000097f4"], 0x48)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r4)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r4, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[], 0x44}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r5=>r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x43, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x3)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYRES64=r3, @ANYRES64=r1, @ANYRESOCT=r5, @ANYRES32=r1, @ANYBLOB="0800c300741300000800c4"], 0x30}, 0x1, 0x0, 0x0, 0x240408c3}, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x580)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r7, 0xc0105303, &(0x7f0000000440))
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x2000000, 0x300)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r8, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r8, &(0x7f0000000440)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r8, 0x6, 0x1f, &(0x7f0000000240), 0x3)
setsockopt$inet6_tcp_TLS_TX(r8, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "9806d1267c49cd76", "c442e6adcb511ad19648396c5352e18f", "6086c2ca", "b973738a82366fb2"}, 0x28)
setsockopt$inet6_tcp_int(r8, 0x11a, 0x4, &(0x7f0000000040), 0x44)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001540)={&(0x7f00000004c0)=ANY=[@ANYBLOB="240100001600010428bd700000000000fe8000000000000000000000000000bbfc01000000000000000000000000000100040000000000000000a00000000000", @ANYRESDEC, @ANYRES32, @ANYBLOB="ff02000000000000000000000000000100000000330000000a0101010000000000000000000000000000000000004e3401000000000000000000000000000000040000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000a0000002bbd700000000000000002000000000000000000082c002700"/179], 0x124}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)
bpf$MAP_CREATE(0x0, 0x0, 0x48)

347.473133ms ago: executing program 4 (id=5044):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000540)='kfree\x00', r0, 0x0, 0x4}, 0x18)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x5, 0x0)
umount2(&(0x7f00000002c0)='./file0/../file0\x00', 0x0)

310.313184ms ago: executing program 2 (id=5045):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mount$9p_tcp(0x0, &(0x7f0000000680)='.\x00', &(0x7f00000006c0), 0x8010, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=tcp'])

309.663524ms ago: executing program 4 (id=5046):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)

285.390064ms ago: executing program 3 (id=5047):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001180)=@newtaction={0x898, 0x30, 0x12f, 0x0, 0x0, {}, [{0x884, 0x1, [@m_police={0x880, 0x1, 0x0, 0x0, {{0xb}, {0x854, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x2, 0x2, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x247ecded, 0x0, 0x80000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x240, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0x8, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xb, 0x37, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0xffffff35, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0xb, 0x0, 0x0, 0x9, 0xfffffffd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xa, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x5, 0x0, 0x0, 0x0, 0x6, 0x5, 0x0, 0x0, 0x3, 0x0, 0x1]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x10000004a56}, @TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x0, 0x5, 0x0, 0x2, 0xb, 0xfffffffb, 0x0, 0x7, 0xfea7, 0x1, 0xffff8000, 0x90, 0x9fd, 0x2, 0xb8, 0xca2, 0x6, 0x3c, 0x7, 0x1, 0xa89c, 0x402, 0xc, 0x492217a0, 0xff, 0x5, 0x3, 0x1ff, 0xe5, 0x2d, 0xd, 0x3, 0xa, 0x3, 0x1, 0x9, 0x11, 0x188, 0x6, 0x3ff, 0x7, 0xc, 0x3, 0xc0000, 0x8, 0x8, 0xffffff40, 0x100, 0x3, 0x5, 0x7, 0xe0b2, 0x1, 0x8fc, 0xbf0, 0x9, 0x1, 0x9, 0x7ffffffd, 0x6, 0x0, 0x8, 0x800, 0x9, 0x4, 0x100, 0x401, 0x8, 0x3, 0xb5, 0x10001, 0x401, 0x1, 0x7f, 0x0, 0x8, 0x2, 0x7f, 0x0, 0x2, 0x4, 0x0, 0x1000004, 0x8000, 0x0, 0x9, 0x80, 0x7, 0x5, 0x1, 0x0, 0x7, 0xeb22, 0xd, 0x8000, 0xfffffff7, 0x0, 0x4, 0x3ff, 0x4, 0x10, 0x5, 0x3, 0x10000, 0x1000005, 0x1, 0x0, 0x2, 0x6, 0x5, 0x6, 0xe5a, 0x4, 0x2, 0x1081, 0xd44, 0x10, 0x6, 0x7fff, 0x800, 0xfffffff4, 0x10000, 0x5, 0x8, 0xba, 0x2, 0x89, 0x2, 0x6, 0x6, 0x9, 0xffffa3e0, 0x86b9, 0xff, 0x1, 0x2, 0xf, 0x24b9, 0x3a, 0xe01, 0x1, 0x6430, 0xd, 0x8, 0x0, 0x3, 0x7eb6, 0x3, 0x0, 0x200, 0xfffffeff, 0x9, 0xff, 0xa, 0x6, 0x7, 0x100, 0x1, 0x8001, 0x100, 0xffff9c6f, 0x20000008, 0x101, 0x6, 0x2, 0xfffffc00, 0x81, 0x81, 0x200, 0x80000001, 0x1, 0xfffffffd, 0x9, 0x7, 0x4, 0xb, 0x80, 0x0, 0x0, 0x0, 0x5, 0x2, 0x7, 0x4, 0xfffffa0c, 0x3, 0x0, 0x2, 0x4, 0x35bc0, 0x9, 0xfffffffa, 0x7, 0x5, 0x3, 0x0, 0x6, 0x8, 0x28, 0x4000002, 0x5, 0x10001, 0x2, 0xf, 0xffffffff, 0x1, 0x723, 0x0, 0x9, 0x9, 0x4, 0x6, 0x7, 0x200, 0xfffffbff, 0x7, 0x3, 0x8, 0x5, 0xfffffffb, 0x2, 0x7f, 0x2, 0x80000002, 0x0, 0x9, 0x1ff, 0xfffffffe, 0x928, 0x4, 0xffffffff, 0x5, 0x6042, 0xb85, 0x6, 0x8d8d, 0x55, 0x101, 0x3, 0x64e8, 0x8, 0xf, 0x772, 0x80a, 0xffe, 0x3, 0x3f7, 0x5, 0x8, 0x7, 0x1, 0x5d, 0x9, 0xd, 0x82]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x3, 0x1}}}}]}]}, 0x898}, 0x1, 0x0, 0x0, 0x50}, 0x0)
r1 = syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x80c406, &(0x7f0000000540)=ANY=[@ANYBLOB='dots,dots,dmask=000000000200000,nodots,discard,nfs=nostale_ro,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c646f733178666c6f70707900000000000000003030ffffffff303030303031373737373737373756c0f39fdb37372c004c0f1208ec0c34b7df4ba1c1e6b76697434db8574db9bcaef6a61a12c3f260bebc7ac5b1b11361119b83f1cf9f686b715b8e58fd37cea6623dc422c2ddbcefe94e5c255b5e8c90613e6b598b3b7a2c05de53dab7"], 0x1, 0x291, &(0x7f0000000280)="$eJzs3M9r034YwPGn6dZ0+7Ifpy/oxQe96CXMelQPVTYQC0q3inoQMpZpaG1HErQVwZw97e8YHr0J4j+w/8LbEGSnnYyszbKs+4Wza2f7fkHJkzz5tE8SUp5PId16uv66uupbq3YgRl7FEAllR2RWXNmTiZe5dpxLtsvdgoRyY+7N9sfFZ88fFkul+bLqQnHpVkFVp698ffv+09VvwX9PPk+bpmzOvtj6Wfi++f/mpa1fS69cX11f641AbV1uNAJ7ueboiutXLdXHNcf2HXXrvuMdyK/WGmtrLbXrK1OTa57j+2rXW2pIS4OG5uOq6mpZlk5N7sZ5GSG5Px5R2SiX7eK5FIMLw/OKdlZEJg7dDZWNwVQEAAAG6fj+30j22ev/je7+X+SU/v9DvNf0l573/1lJ+v+q0+7/A6+l9kvbTff/ONHZ+n/jfIrB38iEqZV7B1KeV5w4ehD9PwAAAAAAAAAAAAAAAAAAAAAA/4KdKJqJomhmd2mISBSvmyKSTa0fMXSknq0fVunrH6VeZnyBT7j+GAKpB/fyIj/CZqVZybSXnfzCg9L8nLalHvzbbjYr2SR/s5PXg/lxmYzzhSPzObl+rZPfzd1/VErn15uVCVk5sfKwV6cAAAAAAIChZ2liNtmYl2R+b1lqSne+PX/vROH+7wNd8/sxuTzWv+MAAAAAAADH81vvqnat5nj9CbJ9/KwzByJnG347MntSRlZETtmnvCgy+BN1KDDlQpQxzMGdnr1hlBHpbBmPvwy67gIAAAAAw2V/PjDoSgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF39+OuyQR8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFH8DgAA//8sg70h")
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000100)='.\x00', 0x1b624bc, &(0x7f00000037c0)=ANY=[@ANYRES8=r1, @ANYRES32=r1, @ANYRESOCT, @ANYBLOB="f1bcca05ed588d63a576cc3afd51baf29cde0400000092f4e66ff7ef22aa9af727ceae8a8ec95fc1b73083de2de825a0cb2b0be774fdb33650d7dace27c16bc23b2f7c7fb72585548939698f280d138aa9255a8a924008f8477e82ba11cdb11efd5ca2f1ab049ce2cc7815d2daf8daea25533a558d561654faf5e0924f1376174f374d664fad4a6ab24ec000ccace822e7f9426e8e5de1fe58085a0ae86fd02a118b9365961834d46208b9fb4c91a1fa962a8b00a9717fcbb46c2400dc2e319379ea1e5a07aeb3f9cd4e648df445a1b4213e732300000000000010000758027a472e7d263ef567a84166f26ee56e701c63a8863787889bf1c90fccf31954a940c8b584ca89a512f28edec08eb1c0823c028840eeaf3f5d8769023c01ac63f7f959571e8e899b43c293bc21a2b833e5c9c703c4cfa063dd050045706bde3d7ac373ab04b62b4111b59eabd436dd97e788a36ef25bad99beec474e667589d37100ec36292c15c6", @ANYRES32=r1, @ANYRESHEX=r1, @ANYBLOB="67b492c11f8bc8985216c4cb38d9a93a392abd659f72c8ddd8f58c9d9d05d41f1bb4e21e5dbbe0dedcbed6ef4959285fb758eb158538fc238492f1d7f2845ff901fd53796e415c579db2d5cc4e9316589a2f7cdb164d4cbc166904ede9898e0b4e4966456c91c5e7ccb625b13a132380983fe05c119e74e90a1cb51b8b7b085ec526494bd0a67c4b0245110daea7b6b8968469e4c24b962f94bbaf36f5d0b8b61b22cc392bc11dc7844950a09b9538f30786074bb2c23878fc62a080be83c41c367e2d3ee816c769a99093b7517b617ae2c048b3abdeb7b7fdef17b37a6afe05adf138da4098688af7525db73fc082dd6254afc2bf1a00a6e1c583b0cea95c6f97ef23f2e321c182f24a061f7024ef710b90c3807cf15e2407dfba4233aab1d69c3f13949f7cdf92ac459802ae50d724ea690938f56ce56a25e1f72ef23fdc033eece09a2ec288401d977213a128746c17e5da8dc6aa0c7e26a2df8a11de556e4a60eac1b02d1720e236bb44959a2dfa8777f9945c1acee99c7cd3d10f4d1cf7241069c49d1a67830fa6f09a1457c0caa4981e2b8c2148c808fa71", @ANYRES8, @ANYRES32=r1, @ANYRESHEX=r1], 0x0, 0x0, &(0x7f0000000000))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={<r4=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0x2, 0x4e21, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0xa, 0x0, 0x0, @mcast2}, r4}}, 0x48)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f00000004c0)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000500), r4, 0x0, 0x2, 0x4}}, 0x20)
sendmsg$nl_route(r2, &(0x7f0000000480)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={&(0x7f00000003c0)=@mpls_newroute={0x1c, 0x18, 0x400, 0x70bd25, 0x25dfdbfb, {0x1c, 0x80, 0x10, 0x9, 0xfc, 0x1, 0x0, 0x6, 0x400}}, 0x1c}, 0x1, 0x0, 0x0, 0x20044090}, 0xc080)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000068000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000212c0011800a0001006c696d69740000001c0002800c00024000000000000000030c0001400000000200000101480000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000001c0003800c00008008000340000000020c0000800800034000000002"], 0xf8}}, 0x0)

285.104004ms ago: executing program 2 (id=5048):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r0}, 0x8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="9feb01001800000000000000b4000000b4000000060000000500000006000085050000000c00000005000000010000ffffffff10000000050000000800000008000000030080000f00000007000000040000000104000004000000030000000b0000001000000000000002000000000600000000000010040000000400000000000009010000000400000004000004010000000e00000005000000ee9e230a0e00000004000000000000000900000004000000030000000e000000040000001000000000006f2e6100"/210], &(0x7f0000000040)=""/41, 0xd2, 0x29, 0x1, 0xfffffff8}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080000000080100", @ANYRES32, @ANYBLOB="000000000040267a4b6c8e945a00000000000000aefce68c62f79844fa61ee180000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000300"/24, @ANYRES32=r1, @ANYBLOB], 0x50)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x4041)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1d00000004000000020000000000000001020000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="01000000ffffffff00"/27], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = epoll_create1(0x0)
r3 = epoll_create1(0x80000)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
write$P9_RLERRORu(r5, &(0x7f0000000780)=ANY=[@ANYBLOB="2d00000007020015002f6465762f6275732f7573622f30000000003023007f00000003fa4d2e5d90992751191612507edc581c5657d1a5300228c50162354ecda0d71d9e6323466947d43f7fa8ec0a66c60a4120ae2bf15b259977922ca3c59257"], 0x22)
write$RDMA_USER_CM_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000024c0)={0x6, 0x118, 0xfa00, {{0x3, 0x800, "62c4880f51e3765fe134bfd9a1aa9dea088ba6801b657eaa450e475f3cf587b01d34c26d8835c979ff27754a932c93de101590af4a036119e73811c4f172519692c3ff2f71b1e423d6468aa0c374175195e3a4d2979974cb350e488e38ae06e0f53f6eab66c32c551ed131a6c719513783768e3bb9642bb6030d270639f1ff2d9eafa6b428a98caf430e94642762b6ed055ad25443feb4c26500d34b973da8f568af3d885cb0fb1c55ace28fe75eaf333086322493de9ef2c3bc90b76af9453674b492187d6d042141e8f5354b04605529a66c62ba2142d38fecb597570d4f9e4aa1b7c596b2ecc72545a8aad98950ac3d1c2dad2cd95a4d8bcde74c69ff15e5", 0x9, 0x40, 0xd0, 0xa, 0x50, 0x4, 0xd}}}, 0x120)
socket$inet6_udplite(0xa, 0x2, 0x88)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x40, 0x0)
fsetxattr$system_posix_acl(r6, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x34, 0x1)
setreuid(0xffffffffffffffff, 0xee01)
mkdir(&(0x7f0000000040)='./file1\x00', 0x114)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x400000000000000}, 0x0, &(0x7f00000002c0)={0x400, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, 0xffffffffffffffff, &(0x7f0000000400)={0xa})
epoll_pwait(r2, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x7460)
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f00000006c0)={[{@init_itable_val={'init_itable', 0x3d, 0x3}}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4000001}}, {@abort}, {@errors_remount}, {@quota}]}, 0x3, 0x433, &(0x7f0000000d80)="$eJzs28tvG0UYAPBv7SSlLxKq8ugDCBRExSNp0lJ64AICiQNISHAox5CkVajboCZItIogIFSOqBJ3xBGJv4ATXBBwQuIKd1SpQrm0cDJaezexHdt1Uidu699P2nZmd1Yzn3fHntnJBtC3RtN/kog9EfFnRAxXs/UFRqv/3VxZmv53ZWk6iXL5nX+SSrkbK0vTedH8vN15ZiCi8EUSh5rUu3Dp8rmpUmn2YpYfXzz/4fjCpcsvzJ2fOjt7dvbC5KlTJ45PvHRy8sWuxJnGdePgJ/OHD7zx3tW3pk9fff/X75M8/oY4umS03cGny+UuV9dbe2vSyUDHp5WLW9IaOlWsdtMYrPT/4SjG2sUbjtc/72njgC011P7wchm4h6WjeaAf5T/06fw337Zh2HHHuP5KdQKUxn0z26pHBqKQlRlsmN9202hEnF7+75t0i615DgEAUOfHdPzzfLPxXyEeqil3f7aGMhIRD0TEvog4GRH7I+LBiErZhyPikQ3W37hIsn78U7i2qcA6lI7/Xs7WturHf/noL0aKWW5vJf7B5MxcafZY9pkcjcEdaX6iTR0/vfbHV62O1Y7/0i2tPx8LZu24NrCj/pyZqcWp24m51vXPIg4ONIs/WV0JSCLiQEQc3GQdc89+d7jVsVvH30bn60wtlb+NeKZ6/ZejIf5c0n59cvy+KM0eG8/vivV++/3K263qv634uyC9/rua3v+r8Y8kteu1Cxuv48pfX7ac02z2/h9K3q3b9/HU4uLFiYih5M1qo2v3TzaUm1wrn8Z/9Ejz/r8v1j6JQxGR3sSPRsRjEfF41vYnIuLJiDjSJv5fXn3qg83Hv7XS+Gc2dP3XEkPRuKd5onju5x/qKh3ZSPzp9T9RSR3N9nTy/ddJuzZ3NwMAAMDdpxAReyIpjK2mC4Wxserf8O+PXYXS/MLic2fmP7owU31HYCQGC/mTruGa56ET2bQ+z0825I9nz42/Lu6s5Mem50szvQ4e+tzuFv0/9beXM+De14V1NOAupf9D/9L/oX/p/9C/mvT/nb1oB7D9Kv0/qd/3aY/aAmyvht9/y37QR8z/oX/p/9C/9H/oSws749YvyUtIrEtE4Y5ohsQWJXr9zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAd/wcAAP//VsrjzA==")
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000680)={'syztnl2\x00', &(0x7f0000000600)={'gretap0\x00', 0x0, 0x10, 0x8, 0xd, 0x3, {{0x15, 0x4, 0x1, 0x5, 0x54, 0x64, 0x0, 0xa6, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @local, {[@timestamp_addr={0x44, 0x2c, 0xd6, 0x1, 0x6, [{@rand_addr=0x64010100}, {@loopback, 0x1}, {@loopback}, {@multicast2, 0x100}, {@remote, 0x7f}]}, @end, @cipso={0x86, 0x10, 0x3, [{0x1, 0xa, "5b09fbc87fb9072a"}]}]}}}}})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000740)={0x2}, 0x8)
r7 = socket(0x9, 0x5, 0x0)
getsockopt(r7, 0x200000000114, 0x2717, 0x0, &(0x7f0000000300))

232.146066ms ago: executing program 4 (id=5049):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000100), &(0x7f0000000240)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x10, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRESHEX=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000580)='/proc/diskstats\x00', 0x0, 0x0)
sendfile(r1, r3, 0x0, 0x2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r5=>r4, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000180)={'vxcan1\x00', <r8=>0x0})
bind$can_raw(r7, &(0x7f0000000200)={0x1d, r8}, 0x10)
sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r8, {0x1}, {0xffff, 0xfff1}, {0x1}}}, 0x24}}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x2000000000000097, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x7fff, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r10 = memfd_secret(0x80000)
fchownat(r10, 0x0, 0x0, 0x0, 0x1000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r9}, 0x10)
process_mrelease(0xffffffffffffffff, 0x0)
r11 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x80000000}, 0x18)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x3, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000feffff9500000004000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r12}, 0x10)
r13 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r13, &(0x7f00000007c0)={0x400000000000000, 0x0, &(0x7f0000000700)={&(0x7f00000004c0)=ANY=[@ANYRES64=r10, @ANYRESHEX=r7, @ANYRES32=r11, @ANYRESOCT=r13, @ANYRES32=r5, @ANYRESDEC=r13, @ANYRESOCT=r4, @ANYRES64=<r14=>r12, @ANYRES16=r10], 0xa8}}, 0x40080)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00'})
r15 = socket$nl_generic(0x10, 0x3, 0x10)
r16 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r15)
sendmsg$NL80211_CMD_GET_WIPHY(r15, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r16, @ANYBLOB="01030000000000000000010000000800010014000000080003"], 0x30}}, 0x44)
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000300), 0xc, &(0x7f0000000340)={&(0x7f00000009c0)=ANY=[@ANYRESOCT=r6, @ANYRESDEC=r8, @ANYRES64=r14], 0xec}, 0x1, 0x0, 0x0, 0x20000000}, 0x2404c886)
umount2(0x0, 0x0)

231.621596ms ago: executing program 3 (id=5050):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x40900, 0x0)
r1 = syz_io_uring_setup(0x493, &(0x7f0000000180)={0x0, 0x5eab, 0x8, 0x7ffe, 0x342}, &(0x7f0000000080)=<r2=>0x0, &(0x7f0000000400)=<r3=>0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r4}, &(0x7f0000000200), &(0x7f0000000340)=r5}, 0x20)
r6 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000005304000425bd7000fedbdf2523000000f76828be9b05c02231bbfd5b8f6b3c9e7edb7dbd702de440373d64ba141d9fe37f95d4"], 0x14}, 0x1, 0x0, 0x0, 0x40008080}, 0x10)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000140)=@IORING_OP_READ=@pass_buffer={0x16, 0x48, 0x2007, @fd=r0, 0x2, &(0x7f0000000580)=""/204, 0xcc, 0x2, 0x1})
io_uring_enter(r1, 0x74d1, 0x4c3, 0x43, 0x0, 0xfffffffffffffd1d)
inotify_init()
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
r7 = semget$private(0x0, 0x6, 0x0)
semtimedop(r7, &(0x7f0000000040)=[{0x0, 0x7}], 0x1, 0x0)
semop(r7, &(0x7f00000000c0)=[{}], 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)

196.642176ms ago: executing program 4 (id=5051):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{0xffffffffffffffff, <r2=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f00000000c0)}, 0x20)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff})
read(r3, 0x0, 0x0)
process_mrelease(r3, 0x0)
r4 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000980)={{0xffffffffffffffff, <r5=>0xffffffffffffffff}, &(0x7f0000000900), &(0x7f0000000940)='%ps    \x00'}, 0x20)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000440)={&(0x7f0000000200)="51e155", &(0x7f0000000100)=""/27, &(0x7f0000000140), 0x0, 0x4, r6}, 0x38)
r7 = syz_open_dev$vcsa(&(0x7f00000009c0), 0x3, 0x101102)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x15, 0x1d, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0xb64f, 0x0, 0x0, 0x0, 0x4}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @func={0x85, 0x0, 0x1, 0x0, 0x6}, @func={0x85, 0x0, 0x1, 0x0, 0x4}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x149}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @ldst={0x3, 0x1, 0x2, 0x344769cc837e186a, 0x1, 0x50, 0x10}, @func={0x85, 0x0, 0x1, 0x0, 0x2}]}, &(0x7f0000000440)='GPL\x00', 0x3, 0x99, &(0x7f0000000b80)=""/153, 0x0, 0x68, '\x00', 0x0, @fallback=0xf, r3, 0x8, &(0x7f0000000540)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000000580)={0x2, 0xd, 0x3ff, 0x800}, 0x10, 0xffffffffffffffff, r4, 0x7, &(0x7f0000000a00)=[0xffffffffffffffff, r5, r6, r7, 0x1], &(0x7f0000000a40)=[{0x1, 0x3, 0x2, 0x1}, {0x0, 0x5, 0x9, 0x7}, {0x2, 0x5, 0x3, 0xb}, {0x1, 0x4, 0x4, 0x7}, {0x5, 0x1, 0xe, 0x5}, {0x2, 0x4}, {0x1, 0x3, 0xd, 0xa}], 0x10, 0x8}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r8, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r10=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r8, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)={0x2c, r9, 0x1, 0x70bd28, 0x1, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x4}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r10}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}]}, 0x2c}}, 0x80)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r11 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r12 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r12, &(0x7f00000008c0)="3bf58d7d45d32cfe1da7c797b82fee444b42785c24a8", 0x16)
sendfile(r12, r11, 0x0, 0x3ffff)
sendfile(r12, r11, 0x0, 0x7fffeffd)
r13 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r14 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r14, 0x0, 0x0)
sendfile(r14, r13, 0x0, 0x3ffff)
syz_emit_ethernet(0x6a, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000008004500005c000000000033907800000000ffffffff000000000048907803000000041fa3883e21cd9fe5caae18544a9131d14c91cf0d355079896e447a58f2e6a0893330bdb477ae5aa67404b54c7740eb6dcb6c5545363eff42"], 0x0)

0s ago: executing program 1 (id=5052):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x40089}, 0x8004)
write$nci(r0, &(0x7f0000000140)=ANY=[@ANYBLOB='AF'], 0x4)

kernel console output (not intermixed with test programs):

ion error -23
[  313.146640][T22374] SELinux: security_context_str_to_sid (�S<��̖ҺF�w8 xߦ�x�������/uV����YbLQG�u�~g�!�
[  313.146640][T22374] ����ӝZU���/���S�:�4���z������Qq�r
[  313.146640][T22374] 
6Fr|��:vȑ���Е=;���%~�C~)���_�r���1�KL\���T�:6sݖ�(��;�"�L��GfP���5(V����\Ǥ��ꥺ�g=s�/�vf��u��'�
[  313.146640][T22374] �gK
V��\j�GD�fb��6&��XnLM���̑D�������"���) failed with errno=-22
[  313.317176][T22387] rdma_rxe: rxe_newlink: failed to add lo
[  313.362792][T22389] loop3: detected capacity change from 0 to 164
[  313.537116][T22400] loop4: detected capacity change from 0 to 512
[  313.565448][T22400] EXT4-fs: Invalid want_extra_isize 67108865
[  313.581774][T22402] netlink: 'syz.0.4189': attribute type 10 has an invalid length.
[  313.890380][T22413] siw: device registration error -23
[  314.164026][T22441] netlink: 'syz.0.4201': attribute type 10 has an invalid length.
[  314.500280][   T29] kauditd_printk_skb: 190 callbacks suppressed
[  314.500317][   T29] audit: type=1326 audit(315.477:39944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22463 comm="syz.0.4209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  314.530173][   T29] audit: type=1326 audit(315.477:39945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22463 comm="syz.0.4209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  314.537343][T22466] netlink: 'syz.0.4210': attribute type 10 has an invalid length.
[  314.553478][   T29] audit: type=1326 audit(315.477:39946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22463 comm="syz.0.4209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  314.584689][   T29] audit: type=1326 audit(315.477:39947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22463 comm="syz.0.4209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  314.607788][   T29] audit: type=1326 audit(315.477:39948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22463 comm="syz.0.4209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  314.631274][   T29] audit: type=1326 audit(315.477:39949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22463 comm="syz.0.4209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  314.654242][   T29] audit: type=1326 audit(315.477:39950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22463 comm="syz.0.4209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  314.677759][   T29] audit: type=1326 audit(315.477:39951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22463 comm="syz.0.4209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  314.700833][   T29] audit: type=1326 audit(315.477:39952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22463 comm="syz.0.4209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  314.724322][   T29] audit: type=1326 audit(315.477:39953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22463 comm="syz.0.4209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  314.767312][T22470] netlink: 'syz.0.4212': attribute type 10 has an invalid length.
[  314.856123][T22492] __nla_validate_parse: 15 callbacks suppressed
[  314.856141][T22492] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4217'.
[  314.873650][T22492] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4217'.
[  314.899043][T22492] loop4: detected capacity change from 0 to 164
[  314.906525][T22496] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4219'.
[  314.944949][T22505] netlink: 'syz.2.4223': attribute type 10 has an invalid length.
[  314.954577][T22505] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  315.059121][T22536] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4226'.
[  315.759009][T22556] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4235'.
[  315.769786][T22556] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4235'.
[  315.782125][T22556] loop3: detected capacity change from 0 to 164
[  315.932117][T22563] SELinux: security_context_str_to_sid (>'is�X�H�U~�n�v0���m�2�$�S�8{-�z�b��_r���.%�6���`�|>��޴�@_ja�`[;NQ��'۵�����]~V!� v����.E���#i��8Vq��ÍO����H�	u6�>`\lL�O��4���D���z2��)P��0��>Kc=��Jq�ۍ����G��}��Oͱ���d�C�,jS5W^�u���)|i��G�-�#'}�_��n��f���̓$5Px) failed with errno=-22
[  316.128076][T22594] SELinux: security_context_str_to_sid (���;�
���E�.�����M���P��%X`�������	�T�-
[  316.128076][T22594] ����IV�,9@��>�8���� �s7=J	�U^����0,E���D��w��q	А|�u8������R�ZD�8�͐�B�0�rT1Z�!)q�n1z	�r"���0��?��-�ʩ�����I���Y�e?Y+���o�ع�"���N}0<�@u�@@#кf��k�HVX�1��pK.H���鰟(4�H��e�#v�"O�ӫ�R(`dAB) failed with errno=-22
[  316.264907][T22603] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4246'.
[  316.274750][T22603] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4246'.
[  316.384555][T22607] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4247'.
[  316.729856][T22609] siw: device registration error -23
[  316.833014][T22614] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4249'.
[  317.134725][T22618] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  317.146195][T22629] netlink: 'syz.0.4253': attribute type 1 has an invalid length.
[  317.423378][T22654] SELinux: security_context_str_to_sid (�&uC�;v��`¦) failed with errno=-22
[  317.462210][T22653] loop9: detected capacity change from 0 to 7
[  317.468533][T22653] Buffer I/O error on dev loop9, logical block 0, async page read
[  317.476473][T22653] Buffer I/O error on dev loop9, logical block 0, async page read
[  317.484441][T22653]  loop9: unable to read partition table
[  317.490188][T22653] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  317.490188][T22653] 
) failed (rc=-5)
[  317.507195][T22656] rdma_rxe: rxe_newlink: failed to add lo
[  317.517556][T22651] siw: device registration error -23
[  318.352697][T22678] netlink: 'syz.1.4267': attribute type 1 has an invalid length.
[  319.213854][T22708] netlink: 'syz.2.4275': attribute type 10 has an invalid length.
[  319.223491][T22708] bond0: (slave dummy0): Releasing backup interface
[  319.233589][T22708] team0: Failed to send options change via netlink (err -105)
[  319.241231][T22708] team0: Port device dummy0 added
[  319.698170][T22722] loop9: detected capacity change from 0 to 7
[  319.704612][T22722] Buffer I/O error on dev loop9, logical block 0, async page read
[  319.712752][T22722] Buffer I/O error on dev loop9, logical block 0, async page read
[  319.720915][T22722]  loop9: unable to read partition table
[  319.726594][T22722] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  319.726594][T22722] 
) failed (rc=-5)
[  320.120629][   T29] kauditd_printk_skb: 350 callbacks suppressed
[  320.120647][   T29] audit: type=1326 audit(321.097:40304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22728 comm="syz.4.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824381eec9 code=0x7ffc0000
[  320.150853][   T29] audit: type=1326 audit(321.097:40305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22728 comm="syz.4.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824381eec9 code=0x7ffc0000
[  320.179538][   T29] audit: type=1326 audit(321.127:40306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22728 comm="syz.4.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f824381eec9 code=0x7ffc0000
[  320.202656][   T29] audit: type=1326 audit(321.127:40307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22728 comm="syz.4.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824381eec9 code=0x7ffc0000
[  320.225760][   T29] audit: type=1326 audit(321.127:40308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22728 comm="syz.4.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824381eec9 code=0x7ffc0000
[  320.248932][   T29] audit: type=1326 audit(321.157:40309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22728 comm="syz.4.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f824381eec9 code=0x7ffc0000
[  320.272060][   T29] audit: type=1326 audit(321.157:40310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22728 comm="syz.4.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824381eec9 code=0x7ffc0000
[  320.295212][   T29] audit: type=1326 audit(321.157:40311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22728 comm="syz.4.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824381eec9 code=0x7ffc0000
[  320.318369][   T29] audit: type=1326 audit(321.157:40312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22728 comm="syz.4.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f824381eec9 code=0x7ffc0000
[  320.341325][   T29] audit: type=1326 audit(321.157:40313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22728 comm="syz.4.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824381eec9 code=0x7ffc0000
[  320.467133][T22744] loop4: detected capacity change from 0 to 1024
[  320.480503][T22744] EXT4-fs: Ignoring removed orlov option
[  320.496440][T22744] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  320.525384][T22763] __nla_validate_parse: 7 callbacks suppressed
[  320.525403][T22763] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4288'.
[  320.663106][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.686108][T22782] netlink: 'syz.4.4293': attribute type 10 has an invalid length.
[  320.695769][T22782] bond0: (slave dummy0): Releasing backup interface
[  320.703876][T22782] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  320.712683][T22782] team0: Failed to send options change via netlink (err -105)
[  320.720510][T22782] team0: Port device dummy0 added
[  320.795393][T22787] loop4: detected capacity change from 0 to 1024
[  320.802183][T22787] EXT4-fs: Ignoring removed orlov option
[  320.811386][T22787] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  321.423874][T22797] loop9: detected capacity change from 0 to 7
[  321.430434][T22797] Buffer I/O error on dev loop9, logical block 0, async page read
[  321.438350][T22797] Buffer I/O error on dev loop9, logical block 0, async page read
[  321.446533][T22797]  loop9: unable to read partition table
[  321.452204][T22797] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  321.452204][T22797] 
) failed (rc=-5)
[  321.623819][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.651054][T22824] 9pnet: Could not find request transport: t
[  321.702827][T22829] rdma_rxe: rxe_newlink: failed to add lo
[  322.174203][T22838] netlink: 'syz.2.4309': attribute type 10 has an invalid length.
[  322.477162][T22862] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4316'.
[  322.497052][T22862] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4316'.
[  322.778527][T22885] loop4: detected capacity change from 0 to 128
[  322.806954][T22885] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4323'.
[  322.960450][T22891] loop4: detected capacity change from 0 to 1024
[  322.997408][T22891] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  323.059150][T22891] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  323.101101][T22891] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  323.113501][T22891] EXT4-fs (loop4): This should not happen!! Data will be lost
[  323.113501][T22891] 
[  323.123250][T22891] EXT4-fs (loop4): Total free blocks count 0
[  323.123813][T22901] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4327'.
[  323.129447][T22891] EXT4-fs (loop4): Free/Dirty block details
[  323.129467][T22891] EXT4-fs (loop4): free_blocks=4293918720
[  323.150394][T22891] EXT4-fs (loop4): dirty_blocks=16
[  323.155654][T22891] EXT4-fs (loop4): Block reservation details
[  323.161742][T22891] EXT4-fs (loop4): i_reserved_data_blocks=1
[  323.218349][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  323.403191][T22923] siw: device registration error -23
[  324.132699][T22942] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4342'.
[  324.217162][T22946] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4344'.
[  324.255018][T22950] loop4: detected capacity change from 0 to 1024
[  324.273520][T22950] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  324.287829][T22957] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4347'.
[  324.290071][T22950] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: block 3: comm syz.4.4346: lblock 3 mapped to illegal pblock 3 (length 3)
[  324.311509][T22950] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  324.314474][T22957] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4347'.
[  324.323882][T22950] EXT4-fs (loop4): This should not happen!! Data will be lost
[  324.323882][T22950] 
[  324.371295][  T168] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: block 8: comm kworker/u8:6: lblock 8 mapped to illegal pblock 8 (length 8)
[  324.390610][  T168] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  324.403058][  T168] EXT4-fs (loop4): This should not happen!! Data will be lost
[  324.403058][  T168] 
[  324.416800][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  324.555414][T22982] loop4: detected capacity change from 0 to 128
[  324.590924][T22990] loop3: detected capacity change from 0 to 128
[  324.600002][T22982] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4356'.
[  324.611988][T22990] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002]
[  324.623028][T22990] System zones: 1-3, 19-19, 35-36
[  324.634976][T22990] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  324.706474][T17180] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  324.770059][T23006] loop3: detected capacity change from 0 to 1024
[  324.777205][T23006] EXT4-fs: Ignoring removed orlov option
[  324.786880][T23006] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  324.960647][T17180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.042091][T23032] SELinux: security_context_str_to_sid ((�Wk�-!XY���ʅ5o)J?*�(������uE���
c����:�K���(��1g	B��311$��LPAyg�ɰ�D���D?��|�3��%&ۇ��4p��S"��������[�ya]!��X��Ԝ�����yĜS����,aZ�J�� ��~,F(%��~�5Մ�����wf��*6�G�K�&@e*���v��"��p) failed with errno=-22
[  325.125041][   T29] kauditd_printk_skb: 301 callbacks suppressed
[  325.125056][   T29] audit: type=1326 audit(326.107:40615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23027 comm="syz.3.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f383c17eec9 code=0x7ffc0000
[  325.205961][   T29] audit: type=1326 audit(326.137:40616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23027 comm="syz.3.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f383c17eec9 code=0x7ffc0000
[  325.213434][T23038] rdma_rxe: rxe_newlink: failed to add lo
[  325.229293][   T29] audit: type=1326 audit(326.137:40617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23027 comm="syz.3.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f383c17eec9 code=0x7ffc0000
[  325.259456][   T29] audit: type=1326 audit(326.147:40618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23027 comm="syz.3.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f383c17eec9 code=0x7ffc0000
[  325.283045][   T29] audit: type=1326 audit(326.147:40619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23027 comm="syz.3.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f383c17eec9 code=0x7ffc0000
[  325.306722][   T29] audit: type=1326 audit(326.147:40620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23027 comm="syz.3.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f383c17eec9 code=0x7ffc0000
[  325.330931][   T29] audit: type=1326 audit(326.147:40621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23027 comm="syz.3.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f383c17eec9 code=0x7ffc0000
[  325.450870][T23046] loop3: detected capacity change from 0 to 128
[  325.477115][T23046] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002]
[  325.486562][T23046] System zones: 1-3, 19-19, 35-36
[  325.501368][T23046] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  325.581141][T17180] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  325.663751][T23057] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4373'.
[  325.718670][T23062] loop3: detected capacity change from 0 to 128
[  325.741445][T23060] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4374'.
[  325.850169][   T29] audit: type=1326 audit(326.827:40622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23074 comm="syz.1.4379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00bbf6eec9 code=0x7ffc0000
[  325.873447][   T29] audit: type=1326 audit(326.827:40623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23074 comm="syz.1.4379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00bbf6eec9 code=0x7ffc0000
[  325.902723][T23077] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4378'.
[  325.928983][   T29] audit: type=1326 audit(326.877:40624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23074 comm="syz.1.4379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f00bbf6eec9 code=0x7ffc0000
[  325.955599][T23072] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4378'.
[  326.072605][T23093] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4382'.
[  326.093937][T23086] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4382'.
[  326.416074][T23104] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4386'.
[  326.930663][T23112] netlink: 'syz.1.4389': attribute type 10 has an invalid length.
[  326.941576][T23112] bond0: (slave dummy0): Releasing backup interface
[  326.952757][T23112] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  326.962929][T23112] team0: Failed to send options change via netlink (err -105)
[  326.970828][T23112] team0: Port device dummy0 added
[  326.972071][T23114] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4390'.
[  327.116730][T23128] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4392'.
[  327.133608][T23130] loop3: detected capacity change from 0 to 128
[  327.164059][T23119] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4392'.
[  327.347062][T23136] siw: device registration error -23
[  328.715832][T23209] loop9: detected capacity change from 0 to 7
[  328.722094][T23209] Buffer I/O error on dev loop9, logical block 0, async page read
[  328.730298][T23209] Buffer I/O error on dev loop9, logical block 0, async page read
[  328.738215][T23209]  loop9: unable to read partition table
[  328.743961][T23209] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  328.743961][T23209] 
) failed (rc=-5)
[  328.971671][T23212] siw: device registration error -23
[  329.470138][T23268] FAULT_INJECTION: forcing a failure.
[  329.470138][T23268] name failslab, interval 1, probability 0, space 0, times 0
[  329.483196][T23268] CPU: 1 UID: 0 PID: 23268 Comm: syz.2.4438 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  329.483287][T23268] Tainted: [W]=WARN
[  329.483295][T23268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  329.483307][T23268] Call Trace:
[  329.483320][T23268]  <TASK>
[  329.483328][T23268]  __dump_stack+0x1d/0x30
[  329.483351][T23268]  dump_stack_lvl+0xe8/0x140
[  329.483374][T23268]  dump_stack+0x15/0x1b
[  329.483432][T23268]  should_fail_ex+0x265/0x280
[  329.483470][T23268]  ? audit_log_d_path+0x8d/0x150
[  329.483504][T23268]  should_failslab+0x8c/0xb0
[  329.483590][T23268]  __kmalloc_cache_noprof+0x4c/0x320
[  329.483634][T23268]  audit_log_d_path+0x8d/0x150
[  329.483717][T23268]  audit_log_d_path_exe+0x42/0x70
[  329.483796][T23268]  audit_log_task+0x1e9/0x250
[  329.483866][T23268]  audit_seccomp+0x61/0x100
[  329.483936][T23268]  ? __seccomp_filter+0x69f/0x10c0
[  329.483959][T23268]  __seccomp_filter+0x6b0/0x10c0
[  329.483982][T23268]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  329.484037][T23268]  ? vfs_write+0x7e8/0x960
[  329.484059][T23268]  ? __rcu_read_unlock+0x4f/0x70
[  329.484088][T23268]  ? __fget_files+0x184/0x1c0
[  329.484126][T23268]  __secure_computing+0x82/0x150
[  329.484201][T23268]  syscall_trace_enter+0xcf/0x1e0
[  329.484234][T23268]  do_syscall_64+0xac/0x200
[  329.484261][T23268]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  329.484292][T23268]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  329.484357][T23268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.484385][T23268] RIP: 0033:0x7f2417e5eec9
[  329.484404][T23268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  329.484428][T23268] RSP: 002b:00007f24168c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  329.484518][T23268] RAX: ffffffffffffffda RBX: 00007f24180b5fa0 RCX: 00007f2417e5eec9
[  329.484535][T23268] RDX: 0000200000000000 RSI: 0000000080045505 RDI: 0000000000000003
[  329.484582][T23268] RBP: 00007f24168c7090 R08: 0000000000000000 R09: 0000000000000000
[  329.484597][T23268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  329.484612][T23268] R13: 00007f24180b6038 R14: 00007f24180b5fa0 R15: 00007fffd4dd61b8
[  329.484638][T23268]  </TASK>
[  329.712681][T23268] hub 1-0:1.0: USB hub found
[  329.717740][T23268] hub 1-0:1.0: 8 ports detected
[  329.801581][T23287] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  329.810644][T23287] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  329.991338][T23300] loop4: detected capacity change from 0 to 164
[  330.715853][T23330] loop3: detected capacity change from 0 to 1024
[  330.727135][T23330] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  330.742218][T23330] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 3: comm syz.3.4455: lblock 3 mapped to illegal pblock 3 (length 3)
[  330.757090][T23332] __nla_validate_parse: 20 callbacks suppressed
[  330.757111][T23332] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4456'.
[  330.772851][T23330] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  330.785318][T23330] EXT4-fs (loop3): This should not happen!! Data will be lost
[  330.785318][T23330] 
[  330.793697][T23332] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4456'.
[  330.796705][   T29] kauditd_printk_skb: 481 callbacks suppressed
[  330.796723][   T29] audit: type=1326 audit(331.767:41106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23331 comm="syz.0.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  330.833324][   T29] audit: type=1326 audit(331.767:41107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23331 comm="syz.0.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  330.856536][   T29] audit: type=1326 audit(331.767:41108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23331 comm="syz.0.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  330.879538][   T29] audit: type=1326 audit(331.767:41109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23331 comm="syz.0.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  330.903204][   T29] audit: type=1326 audit(331.767:41110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23331 comm="syz.0.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  330.926335][   T29] audit: type=1326 audit(331.767:41111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23331 comm="syz.0.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  330.949428][   T29] audit: type=1326 audit(331.767:41112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23331 comm="syz.0.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  330.972443][   T29] audit: type=1326 audit(331.767:41113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23331 comm="syz.0.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  330.995621][   T29] audit: type=1326 audit(331.767:41114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23331 comm="syz.0.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  331.018786][   T29] audit: type=1326 audit(331.767:41115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23331 comm="syz.0.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  331.046193][   T59] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 8: comm kworker/u8:4: lblock 8 mapped to illegal pblock 8 (length 8)
[  331.063393][   T59] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  331.075923][   T59] EXT4-fs (loop3): This should not happen!! Data will be lost
[  331.075923][   T59] 
[  331.087419][T17180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  331.480599][T23385] loop4: detected capacity change from 0 to 1024
[  331.508617][T23385] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  331.551212][T23395] loop3: detected capacity change from 0 to 512
[  331.584201][T23385] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  331.600901][T23385] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  331.613190][T23385] EXT4-fs (loop4): This should not happen!! Data will be lost
[  331.613190][T23385] 
[  331.623090][T23385] EXT4-fs (loop4): Total free blocks count 0
[  331.629144][T23385] EXT4-fs (loop4): Free/Dirty block details
[  331.635209][T23385] EXT4-fs (loop4): free_blocks=4293918720
[  331.636407][T23395] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  331.641088][T23385] EXT4-fs (loop4): dirty_blocks=16
[  331.641109][T23385] EXT4-fs (loop4): Block reservation details
[  331.641123][T23385] EXT4-fs (loop4): i_reserved_data_blocks=1
[  331.761923][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.778182][T17180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.993019][T23420] loop4: detected capacity change from 0 to 1024
[  332.008165][T23420] EXT4-fs: Ignoring removed orlov option
[  332.398047][T23440] SELinux: security_context_str_to_sid (�e�]߬z^��?d-ٽ�D�UUˡ��i"���/C�}O`�B�tf�Z �_�9�ƈ,O�n��D|C�	���*��7�6�Α�<=b�l�z�(�G�_��@`�֓�R9�`9e���;��Ø�`y$W�[�Z���-{_>1��)���e�g��ai.�Զ��oQJVG��
[  332.398047][T23440] t0���p?����z��z�]_���L/-�%��c�R�bk��!����L#�TQ�)�8�]�V�ˏL�zR i?ȿ�F��`) failed with errno=-22
[  332.500500][T23420] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.735906][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.815816][T23457] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4485'.
[  332.845540][T23461] loop4: detected capacity change from 0 to 512
[  332.898252][T23461] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  333.161057][T23498] loop3: detected capacity change from 0 to 1024
[  333.165216][T23500] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4497'.
[  333.216471][T23498] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  333.234544][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.276281][T23498] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  333.303132][T23498] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  333.315605][T23498] EXT4-fs (loop3): This should not happen!! Data will be lost
[  333.315605][T23498] 
[  333.325434][T23498] EXT4-fs (loop3): Total free blocks count 0
[  333.331510][T23498] EXT4-fs (loop3): Free/Dirty block details
[  333.337472][T23498] EXT4-fs (loop3): free_blocks=4293918720
[  333.343243][T23498] EXT4-fs (loop3): dirty_blocks=16
[  333.348441][T23498] EXT4-fs (loop3): Block reservation details
[  333.354491][T23498] EXT4-fs (loop3): i_reserved_data_blocks=1
[  333.421768][T17180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.480145][T23522] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4501'.
[  333.505059][T23524] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4503'.
[  333.597516][T23527] siw: device registration error -23
[  333.619871][T23542] loop3: detected capacity change from 0 to 128
[  333.707339][T23556] netlink: 72 bytes leftover after parsing attributes in process `syz.3.4510'.
[  333.814527][T23574] loop3: detected capacity change from 0 to 1024
[  333.827359][T23574] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  333.849090][T23574] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  333.865308][T23574] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  333.877719][T23574] EXT4-fs (loop3): This should not happen!! Data will be lost
[  333.877719][T23574] 
[  333.887524][T23574] EXT4-fs (loop3): Total free blocks count 0
[  333.893546][T23574] EXT4-fs (loop3): Free/Dirty block details
[  333.899563][T23574] EXT4-fs (loop3): free_blocks=4293918720
[  333.905334][T23574] EXT4-fs (loop3): dirty_blocks=16
[  333.910468][T23574] EXT4-fs (loop3): Block reservation details
[  333.916588][T23574] EXT4-fs (loop3): i_reserved_data_blocks=1
[  333.936834][T17180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.422607][T23614] SELinux: security_context_str_to_sid (e�N:9Ê�9��9;D�4MW����ڙc�U��S��"%l�Ξ��Ql~E��3����r��ZI�N��Mث(�ZC) failed with errno=-22
[  334.570500][T23621] loop4: detected capacity change from 0 to 1024
[  334.588466][T23621] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  334.601180][T23624] loop3: detected capacity change from 0 to 1024
[  334.613552][T23621] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  334.629095][T23621] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  334.641428][T23621] EXT4-fs (loop4): This should not happen!! Data will be lost
[  334.641428][T23621] 
[  334.651256][T23621] EXT4-fs (loop4): Total free blocks count 0
[  334.654670][T23624] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  334.657282][T23621] EXT4-fs (loop4): Free/Dirty block details
[  334.675600][T23621] EXT4-fs (loop4): free_blocks=4293918720
[  334.681588][T23621] EXT4-fs (loop4): dirty_blocks=16
[  334.686789][T23621] EXT4-fs (loop4): Block reservation details
[  334.692793][T23621] EXT4-fs (loop4): i_reserved_data_blocks=1
[  334.701533][T17180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  334.733944][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.771850][T23642] loop3: detected capacity change from 0 to 128
[  334.794803][T23656] loop4: detected capacity change from 0 to 1024
[  334.807347][T23656] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  334.824122][T23656] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  334.840612][T23656] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  334.852883][T23656] EXT4-fs (loop4): This should not happen!! Data will be lost
[  334.852883][T23656] 
[  334.862597][T23656] EXT4-fs (loop4): Total free blocks count 0
[  334.868650][T23656] EXT4-fs (loop4): Free/Dirty block details
[  334.874678][T23656] EXT4-fs (loop4): free_blocks=4293918720
[  334.880619][T23656] EXT4-fs (loop4): dirty_blocks=16
[  334.885919][T23656] EXT4-fs (loop4): Block reservation details
[  334.892001][T23656] EXT4-fs (loop4): i_reserved_data_blocks=1
[  334.911574][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.122642][T23687] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4539'.
[  335.184882][T23690] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4540'.
[  335.470371][T23693] rdma_rxe: rxe_newlink: failed to add lo
[  335.804525][   T29] kauditd_printk_skb: 353 callbacks suppressed
[  335.804551][   T29] audit: type=1326 audit(336.777:41467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23711 comm="syz.0.4547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  335.834757][   T29] audit: type=1326 audit(336.777:41468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23711 comm="syz.0.4547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  335.856080][T23721] SELinux: security_context_str_to_sid (l}�I@5[�GM3-ydEN-VcIY�) failed with errno=-22
[  335.857790][   T29] audit: type=1326 audit(336.777:41469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23711 comm="syz.0.4547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  335.890972][   T29] audit: type=1326 audit(336.777:41470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23711 comm="syz.0.4547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  335.914184][   T29] audit: type=1326 audit(336.777:41471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23711 comm="syz.0.4547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  335.937315][   T29] audit: type=1326 audit(336.777:41472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23711 comm="syz.0.4547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  335.960353][   T29] audit: type=1326 audit(336.777:41473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23711 comm="syz.0.4547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  335.983363][   T29] audit: type=1326 audit(336.777:41474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23711 comm="syz.0.4547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  336.006994][   T29] audit: type=1326 audit(336.777:41475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23711 comm="syz.0.4547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  336.030968][   T29] audit: type=1326 audit(336.777:41476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23711 comm="syz.0.4547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  336.226814][T23737] loop4: detected capacity change from 0 to 128
[  336.257761][T23737] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4552'.
[  336.355630][T23743] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4553'.
[  336.366229][T23743] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4553'.
[  336.379025][T23743] loop4: detected capacity change from 0 to 164
[  336.523485][T23765] loop4: detected capacity change from 0 to 128
[  336.799792][T23790] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4564'.
[  337.012893][T23809] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4565'.
[  337.090168][T23811] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4569'.
[  337.280592][T23814] SELinux: security_context_str_to_sid (/���X���L䜿�yy��En��hN���’�q��)�gP��8�����|�	�PG!���I������kw+�	��+��~����y�JW�j6���O{�h�m����&m��r�%�԰J�y�[�R%F��/�X40Z��2���M���P�v��������(j?��8����`h�ӼR�6�eb�A(�����Q��g,�W�wanJVk���/܍�]��ϧt�d$$��]���|���^��ܦ��֐_���]��) failed with errno=-22
[  337.382369][T23818] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4572'.
[  337.398157][T23818] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4572'.
[  337.717932][T23836] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4577'.
[  337.799363][T23840] SELinux: security_context_str_to_sid (m[�{cڪ�Y���}�����9��U���Z�
[  337.799363][T23840] ���2ޱ�ж�u�գA\x�fj*�s��q1��m�Z+Uy��6��2"ZX���	2~B-�����Y%ߖ:`�Dt�F] ��~��;Z��7�o) failed with errno=-22
[  337.944041][T23848] SELinux: security_context_str_to_sid (^�u���_�
^�{o�.w5*j���X�8�<����sd��;��?r���4��E���)h�՜y;_���{���P8�	�Ċ	���o%2P��ʺ7,�<� 1
[  337.944041][T23848] ��:�y�a��u4b�r{��q�u�O1��.d��s�;]2��%��K��V�8���q���SJm��͜&oV�PFsV�!��N��L�,ɠ'���
[  337.944041][T23848] �#�MY��ۄr��I\m��� ��%F�W,hm{�.h
q��%l%dv()����{) failed with errno=-22
[  338.321740][T23866] loop3: detected capacity change from 0 to 128
[  338.366455][T23864] loop4: detected capacity change from 0 to 1024
[  338.376645][T23864] EXT4-fs: Ignoring removed orlov option
[  338.397296][T23864] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  338.414344][T23875] loop3: detected capacity change from 0 to 128
[  338.484309][T23875] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4589'.
[  338.628383][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  339.281101][T23918] loop3: detected capacity change from 0 to 1024
[  339.311089][T23918] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  339.462056][T23918] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  339.477269][T23918] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  339.489596][T23918] EXT4-fs (loop3): This should not happen!! Data will be lost
[  339.489596][T23918] 
[  339.499304][T23918] EXT4-fs (loop3): Total free blocks count 0
[  339.505451][T23918] EXT4-fs (loop3): Free/Dirty block details
[  339.511719][T23918] EXT4-fs (loop3): free_blocks=4293918720
[  339.517571][T23918] EXT4-fs (loop3): dirty_blocks=16
[  339.522705][T23918] EXT4-fs (loop3): Block reservation details
[  339.528739][T23918] EXT4-fs (loop3): i_reserved_data_blocks=1
[  339.554676][T17180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.021092][T23944] SELinux: security_context_str_to_sid (Z랲y3��1�����'jT���oJ	b.KeUǡ��r�qa��R��wz�n��$x>^�T�^Xp���/p�������n��GhA'g<J��y���FbL>��O|���/6S�`C����]�z��![�Bˠ�u3J�S����֍M=L�N��ð�?��	z�T��U��P3.j,�|n��R
[  340.021092][T23944] ��j��e�1,
[  340.021092][T23944] [D��)���ԕD-��s	I��봣c�aа���hYW��wp�7�4h�5��) failed with errno=-22
[  340.240774][T23934] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  340.309254][T23951] netlink: 'syz.4.4605': attribute type 1 has an invalid length.
[  340.602308][T24001] FAULT_INJECTION: forcing a failure.
[  340.602308][T24001] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  340.615501][T24001] CPU: 0 UID: 0 PID: 24001 Comm: syz.3.4617 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  340.615598][T24001] Tainted: [W]=WARN
[  340.615623][T24001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  340.615643][T24001] Call Trace:
[  340.615650][T24001]  <TASK>
[  340.615660][T24001]  __dump_stack+0x1d/0x30
[  340.615686][T24001]  dump_stack_lvl+0xe8/0x140
[  340.615768][T24001]  dump_stack+0x15/0x1b
[  340.615785][T24001]  should_fail_ex+0x265/0x280
[  340.615817][T24001]  should_fail+0xb/0x20
[  340.615881][T24001]  should_fail_usercopy+0x1a/0x20
[  340.615921][T24001]  _copy_to_user+0x20/0xa0
[  340.615948][T24001]  simple_read_from_buffer+0xb5/0x130
[  340.615978][T24001]  proc_fail_nth_read+0x10e/0x150
[  340.616013][T24001]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  340.616077][T24001]  vfs_read+0x1a5/0x770
[  340.616100][T24001]  ? __rcu_read_unlock+0x4f/0x70
[  340.616122][T24001]  ? __fget_files+0x184/0x1c0
[  340.616165][T24001]  ksys_read+0xda/0x1a0
[  340.616235][T24001]  __x64_sys_read+0x40/0x50
[  340.616266][T24001]  x64_sys_call+0x27bc/0x2ff0
[  340.616354][T24001]  do_syscall_64+0xd2/0x200
[  340.616379][T24001]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  340.616409][T24001]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  340.616516][T24001]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.616544][T24001] RIP: 0033:0x7f383c17d8dc
[  340.616564][T24001] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  340.616586][T24001] RSP: 002b:00007f383abe7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  340.616610][T24001] RAX: ffffffffffffffda RBX: 00007f383c3d5fa0 RCX: 00007f383c17d8dc
[  340.616634][T24001] RDX: 000000000000000f RSI: 00007f383abe70a0 RDI: 0000000000000007
[  340.616649][T24001] RBP: 00007f383abe7090 R08: 0000000000000000 R09: 0000000000000000
[  340.616665][T24001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  340.616680][T24001] R13: 00007f383c3d6038 R14: 00007f383c3d5fa0 R15: 00007ffe87b7f438
[  340.616706][T24001]  </TASK>
[  340.828739][   T29] kauditd_printk_skb: 622 callbacks suppressed
[  340.828759][   T29] audit: type=1326 audit(341.807:42099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24004 comm="syz.2.4619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2417e5eec9 code=0x7ffc0000
[  340.862083][   T29] audit: type=1326 audit(341.807:42100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24004 comm="syz.2.4619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2417e5eec9 code=0x7ffc0000
[  340.885639][   T29] audit: type=1326 audit(341.807:42101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24004 comm="syz.2.4619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2417e5eec9 code=0x7ffc0000
[  340.908950][   T29] audit: type=1326 audit(341.807:42102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24004 comm="syz.2.4619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2417e5eec9 code=0x7ffc0000
[  340.932022][   T29] audit: type=1326 audit(341.807:42103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24004 comm="syz.2.4619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2417e5eec9 code=0x7ffc0000
[  340.955255][   T29] audit: type=1326 audit(341.837:42104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24004 comm="syz.2.4619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2417e5eec9 code=0x7ffc0000
[  340.978447][   T29] audit: type=1326 audit(341.837:42105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24004 comm="syz.2.4619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2417e5eec9 code=0x7ffc0000
[  341.004364][   T29] audit: type=1326 audit(341.837:42106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24004 comm="syz.2.4619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f2417e5eec9 code=0x7ffc0000
[  341.027578][   T29] audit: type=1326 audit(341.837:42107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24004 comm="syz.2.4619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2417e5eec9 code=0x7ffc0000
[  341.050913][   T29] audit: type=1326 audit(341.837:42108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24004 comm="syz.2.4619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2417e5eec9 code=0x7ffc0000
[  341.128511][T24010] loop3: detected capacity change from 0 to 1024
[  341.136999][T24010] EXT4-fs: Ignoring removed orlov option
[  341.142746][T24010] EXT4-fs: Ignoring removed nomblk_io_submit option
[  341.186072][T24010] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  341.332868][T24022] __nla_validate_parse: 7 callbacks suppressed
[  341.332883][T24022] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4622'.
[  341.358334][T24025] SELinux: security_context_str_to_sid (W�vƋ���O��s�hn���|Ţj���%���|��D�) failed with errno=-22
[  341.492370][T24041] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4623'.
[  341.510050][T24033] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4623'.
[  341.548675][T24046] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4629'.
[  341.570757][T24018] sd 0:0:1:0: device reset
[  341.664552][T24049] loop4: detected capacity change from 0 to 1024
[  341.671608][T24049] EXT4-fs: Ignoring removed orlov option
[  341.680625][T24049] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  342.313538][T24066] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4635'.
[  342.331703][T24066] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4635'.
[  342.469566][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.643007][T17180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.663567][T24089] loop3: detected capacity change from 0 to 128
[  342.696255][T24089] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4641'.
[  342.831243][T24106] netlink: 144 bytes leftover after parsing attributes in process `syz.3.4643'.
[  342.919852][T24111] FAULT_INJECTION: forcing a failure.
[  342.919852][T24111] name failslab, interval 1, probability 0, space 0, times 0
[  342.932924][T24111] CPU: 1 UID: 0 PID: 24111 Comm: syz.1.4646 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  342.932960][T24111] Tainted: [W]=WARN
[  342.932967][T24111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  342.933072][T24111] Call Trace:
[  342.933080][T24111]  <TASK>
[  342.933092][T24111]  __dump_stack+0x1d/0x30
[  342.933150][T24111]  dump_stack_lvl+0xe8/0x140
[  342.933178][T24111]  dump_stack+0x15/0x1b
[  342.933194][T24111]  should_fail_ex+0x265/0x280
[  342.933276][T24111]  should_failslab+0x8c/0xb0
[  342.933301][T24111]  kmem_cache_alloc_noprof+0x50/0x310
[  342.933328][T24111]  ? security_inode_alloc+0x37/0x100
[  342.933435][T24111]  security_inode_alloc+0x37/0x100
[  342.933530][T24111]  inode_init_always_gfp+0x4b7/0x500
[  342.933554][T24111]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  342.933601][T24111]  alloc_inode+0x58/0x170
[  342.933621][T24111]  new_inode+0x1d/0xe0
[  342.933643][T24111]  shmem_get_inode+0x244/0x750
[  342.933665][T24111]  __shmem_file_setup+0x113/0x210
[  342.933712][T24111]  shmem_file_setup+0x3b/0x50
[  342.933790][T24111]  __se_sys_memfd_create+0x2c3/0x590
[  342.933845][T24111]  __x64_sys_memfd_create+0x31/0x40
[  342.933865][T24111]  x64_sys_call+0x2abe/0x2ff0
[  342.933907][T24111]  do_syscall_64+0xd2/0x200
[  342.933931][T24111]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  342.933965][T24111]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  342.934082][T24111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.934175][T24111] RIP: 0033:0x7f00bbf6eec9
[  342.934195][T24111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  342.934221][T24111] RSP: 002b:00007f00ba9d6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  342.934399][T24111] RAX: ffffffffffffffda RBX: 00000000000007b6 RCX: 00007f00bbf6eec9
[  342.934416][T24111] RDX: 00007f00ba9d6ef0 RSI: 0000000000000000 RDI: 00007f00bbff2960
[  342.934432][T24111] RBP: 0000200000001140 R08: 00007f00ba9d6bb7 R09: 00007f00ba9d6e40
[  342.934444][T24111] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000001100
[  342.934455][T24111] R13: 00007f00ba9d6ef0 R14: 00007f00ba9d6eb0 R15: 0000200000000200
[  342.934485][T24111]  </TASK>
[  343.301648][T24121] FAULT_INJECTION: forcing a failure.
[  343.301648][T24121] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  343.314845][T24121] CPU: 0 UID: 0 PID: 24121 Comm: syz.0.4648 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  343.314949][T24121] Tainted: [W]=WARN
[  343.314958][T24121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  343.314972][T24121] Call Trace:
[  343.314980][T24121]  <TASK>
[  343.314988][T24121]  __dump_stack+0x1d/0x30
[  343.315009][T24121]  dump_stack_lvl+0xe8/0x140
[  343.315033][T24121]  dump_stack+0x15/0x1b
[  343.315053][T24121]  should_fail_ex+0x265/0x280
[  343.315121][T24121]  should_fail+0xb/0x20
[  343.315201][T24121]  should_fail_usercopy+0x1a/0x20
[  343.315242][T24121]  _copy_to_iter+0x251/0xe70
[  343.315280][T24121]  ? should_fail_ex+0xdb/0x280
[  343.315340][T24121]  copy_page_to_iter+0x18f/0x2d0
[  343.315438][T24121]  process_vm_rw+0x59e/0x960
[  343.315500][T24121]  ? __bpf_trace_sys_enter+0x10/0x30
[  343.315533][T24121]  __x64_sys_process_vm_readv+0x78/0x90
[  343.315681][T24121]  x64_sys_call+0x1874/0x2ff0
[  343.315703][T24121]  do_syscall_64+0xd2/0x200
[  343.315727][T24121]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  343.315751][T24121]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  343.315807][T24121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.315834][T24121] RIP: 0033:0x7fcd2b78eec9
[  343.315854][T24121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  343.315878][T24121] RSP: 002b:00007fcd2a1ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[  343.315902][T24121] RAX: ffffffffffffffda RBX: 00007fcd2b9e5fa0 RCX: 00007fcd2b78eec9
[  343.315926][T24121] RDX: 0000000000000048 RSI: 0000200000008400 RDI: 000000000000032a
[  343.315942][T24121] RBP: 00007fcd2a1ef090 R08: 0000000000000286 R09: 0000000000000000
[  343.315975][T24121] R10: 0000200000008640 R11: 0000000000000246 R12: 0000000000000001
[  343.315991][T24121] R13: 00007fcd2b9e6038 R14: 00007fcd2b9e5fa0 R15: 00007ffde814ed48
[  343.316014][T24121]  </TASK>
[  344.137185][T24169] loop4: detected capacity change from 0 to 512
[  344.486731][T24186] loop3: detected capacity change from 0 to 128
[  344.716592][T24200] netlink: 'syz.1.4672': attribute type 2 has an invalid length.
[  344.726122][T24200] usb usb8: usbfs: process 24200 (syz.1.4672) did not claim interface 0 before use
[  344.807184][T24210] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4675'.
[  344.895403][T24215] loop4: detected capacity change from 0 to 1024
[  344.918107][T24215] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  344.953605][T24217] loop9: detected capacity change from 0 to 7
[  344.960044][T24217] Buffer I/O error on dev loop9, logical block 0, async page read
[  344.968138][T24217] Buffer I/O error on dev loop9, logical block 0, async page read
[  344.976274][T24217]  loop9: unable to read partition table
[  344.982087][T24217] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  344.982087][T24217] 
) failed (rc=-5)
[  344.982623][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  345.078797][T24241] loop4: detected capacity change from 0 to 1024
[  345.091078][T24241] EXT4-fs: Ignoring removed orlov option
[  345.107029][T24241] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  345.648650][T24253] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  345.707217][T24274] FAULT_INJECTION: forcing a failure.
[  345.707217][T24274] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  345.720580][T24274] CPU: 1 UID: 0 PID: 24274 Comm: syz.2.4688 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  345.720622][T24274] Tainted: [W]=WARN
[  345.720629][T24274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  345.720643][T24274] Call Trace:
[  345.720652][T24274]  <TASK>
[  345.720660][T24274]  __dump_stack+0x1d/0x30
[  345.720682][T24274]  dump_stack_lvl+0xe8/0x140
[  345.720758][T24274]  dump_stack+0x15/0x1b
[  345.720780][T24274]  should_fail_ex+0x265/0x280
[  345.720820][T24274]  should_fail+0xb/0x20
[  345.720855][T24274]  should_fail_usercopy+0x1a/0x20
[  345.720895][T24274]  _copy_to_user+0x20/0xa0
[  345.720986][T24274]  simple_read_from_buffer+0xb5/0x130
[  345.721013][T24274]  proc_fail_nth_read+0x10e/0x150
[  345.721052][T24274]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  345.721087][T24274]  vfs_read+0x1a5/0x770
[  345.721126][T24274]  ? io_register_rsrc+0x1b2/0x1e0
[  345.721283][T24274]  ? __rcu_read_unlock+0x4f/0x70
[  345.721308][T24274]  ? __fget_files+0x184/0x1c0
[  345.721336][T24274]  ksys_read+0xda/0x1a0
[  345.721360][T24274]  __x64_sys_read+0x40/0x50
[  345.721423][T24274]  x64_sys_call+0x27bc/0x2ff0
[  345.721451][T24274]  do_syscall_64+0xd2/0x200
[  345.721547][T24274]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  345.721576][T24274]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  345.721692][T24274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.721755][T24274] RIP: 0033:0x7f2417e5d8dc
[  345.721772][T24274] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  345.721791][T24274] RSP: 002b:00007f24168c7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  345.721811][T24274] RAX: ffffffffffffffda RBX: 00007f24180b5fa0 RCX: 00007f2417e5d8dc
[  345.721826][T24274] RDX: 000000000000000f RSI: 00007f24168c70a0 RDI: 0000000000000007
[  345.721838][T24274] RBP: 00007f24168c7090 R08: 0000000000000000 R09: 0000000000000000
[  345.721850][T24274] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000001
[  345.721881][T24274] R13: 00007f24180b6038 R14: 00007f24180b5fa0 R15: 00007fffd4dd61b8
[  345.721904][T24274]  </TASK>
[  345.973852][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  345.985513][T24277] loop3: detected capacity change from 0 to 128
[  345.997083][   T29] kauditd_printk_skb: 408 callbacks suppressed
[  345.997101][   T29] audit: type=1400 audit(346.977:42517): avc:  denied  { write } for  pid=24278 comm="syz.2.4691" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  346.016430][T24277] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4689'.
[  346.110853][T24282] FAULT_INJECTION: forcing a failure.
[  346.110853][T24282] name failslab, interval 1, probability 0, space 0, times 0
[  346.123880][T24282] CPU: 0 UID: 0 PID: 24282 Comm: syz.2.4691 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  346.123917][T24282] Tainted: [W]=WARN
[  346.123924][T24282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  346.123940][T24282] Call Trace:
[  346.123947][T24282]  <TASK>
[  346.123955][T24282]  __dump_stack+0x1d/0x30
[  346.123982][T24282]  dump_stack_lvl+0xe8/0x140
[  346.124082][T24282]  dump_stack+0x15/0x1b
[  346.124098][T24282]  should_fail_ex+0x265/0x280
[  346.124183][T24282]  should_failslab+0x8c/0xb0
[  346.124211][T24282]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  346.124244][T24282]  ? sidtab_sid2str_get+0xa0/0x130
[  346.124324][T24282]  kmemdup_noprof+0x2b/0x70
[  346.124356][T24282]  sidtab_sid2str_get+0xa0/0x130
[  346.124387][T24282]  security_sid_to_context_core+0x1eb/0x2e0
[  346.124413][T24282]  security_sid_to_context+0x27/0x40
[  346.124446][T24282]  selinux_lsmprop_to_secctx+0x67/0xf0
[  346.124473][T24282]  security_lsmprop_to_secctx+0x43/0x80
[  346.124514][T24282]  audit_log_task_context+0x77/0x190
[  346.124628][T24282]  audit_log_task+0xf4/0x250
[  346.124739][T24282]  audit_seccomp+0x61/0x100
[  346.124770][T24282]  ? __seccomp_filter+0x69f/0x10c0
[  346.124798][T24282]  __seccomp_filter+0x6b0/0x10c0
[  346.124827][T24282]  ? _raw_spin_unlock+0x26/0x50
[  346.124883][T24282]  __secure_computing+0x82/0x150
[  346.124925][T24282]  syscall_trace_enter+0xcf/0x1e0
[  346.124952][T24282]  do_syscall_64+0xac/0x200
[  346.124976][T24282]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  346.125084][T24282]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  346.125128][T24282]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.125163][T24282] RIP: 0033:0x7f2417e5eec9
[  346.125179][T24282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.125198][T24282] RSP: 002b:00007f24168c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000004d
[  346.125293][T24282] RAX: ffffffffffffffda RBX: 00007f24180b5fa0 RCX: 00007f2417e5eec9
[  346.125310][T24282] RDX: 0000000000000000 RSI: 0000000000000006 RDI: ffffffffffffffff
[  346.125326][T24282] RBP: 00007f24168c7090 R08: 0000000000000000 R09: 0000000000000000
[  346.125343][T24282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  346.125413][T24282] R13: 00007f24180b6038 R14: 00007f24180b5fa0 R15: 00007fffd4dd61b8
[  346.125439][T24282]  </TASK>
[  346.363475][T24282] audit: error in audit_log_task_context
[  346.380436][   T29] audit: type=1326 audit(347.087:42518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24278 comm="syz.2.4691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2417e5eec9 code=0x7ffc0000
[  346.403538][   T29] audit: type=1326 audit(347.087:42519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24278 comm="syz.2.4691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2417e5eec9 code=0x7ffc0000
[  346.426643][   T29] audit: type=1326 audit(347.087:42520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24278 comm="syz.2.4691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2417e5eec9 code=0x7ffc0000
[  346.449724][   T29] audit: type=1326 audit(347.087:42521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24278 comm="syz.2.4691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2417e5eec9 code=0x7ffc0000
[  346.473017][   T29] audit: type=1326 audit(347.087:42522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24278 comm="syz.2.4691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2417e5eec9 code=0x7ffc0000
[  346.496039][   T29] audit: type=1326 audit(347.087:42523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24278 comm="syz.2.4691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2417e5d710 code=0x7ffc0000
[  346.519184][   T29] audit: type=1326 audit(347.087:42524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24278 comm="syz.2.4691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2417e5d97f code=0x7ffc0000
[  346.547046][   T29] audit: type=1326 audit(347.087:42525): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=24278 comm="syz.2.4691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7f2417e5eec9 code=0x7ffc0000
[  346.785062][T24316] SELinux: security_context_str_to_sid (�F�g�m�п<ƍk��c��<���Xذҧ��*d=E[��9���T�]�'��
�?f3d�>�q���9���ɞQ��/egͬ�R^��׍��z.��8~B:g�S�1��@��������<���~�+f�M!^B��j���*��Sًr)-�|�Z�V-jٜRF�?��;*:rem�����ۻ�S����/U�󑒾���4��P��d���oA��������>'�#v,J��l��b��ĝ) failed with errno=-22
[  347.494462][T24299] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4696'.
[  347.545249][T24338] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4704'.
[  347.769613][T24367] SELinux: security_context_str_to_sid (������MN�F~��fu��1]�Q Շ3T!�+S ���"�4c�/�
[  347.769613][T24367] ����u���VV�Z�\�*�ީ���&8�ȢB�7{<�v|kX�Jm�;e���D;y��E'�BbS$�Ep4�ҳ�"Ќ�p�	�")�:�Gm�6[^�&?7:=i������X1���V}��9 ��mDح���u׿t|�YH�O�H峫dJҵhM`>fŁ��L-��I'��f����A;Y�|l�3�3@���b
[  347.769613][T24367] �#~���״�1�?K) failed with errno=-22
[  348.734944][T24422] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4729'.
[  348.913888][T24427] loop3: detected capacity change from 0 to 512
[  348.923879][T24427] EXT4-fs warning (device loop3): ext4_xattr_inode_get:556: inode #11: comm syz.3.4731: EA inode hash validation failed
[  348.937482][T24427] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.4731: corrupted inode contents
[  348.949866][T24427] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #15: comm syz.3.4731: mark_inode_dirty error
[  348.961725][T24427] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.4731: corrupted inode contents
[  348.973962][T24427] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #15: comm syz.3.4731: mark_inode_dirty error
[  348.986587][T24427] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #15: comm syz.3.4731: mark inode dirty (error -117)
[  348.999798][T24427] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  349.009544][T24427] EXT4-fs (loop3): 1 orphan inode deleted
[  349.015949][T24427] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  349.030593][T24427] netlink: 256 bytes leftover after parsing attributes in process `syz.3.4731'.
[  349.039772][T24427] netlink: 72 bytes leftover after parsing attributes in process `syz.3.4731'.
[  349.056023][T24427] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4731'.
[  349.080756][T17180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.557124][T24482] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4743'.
[  349.655250][T24498] FAULT_INJECTION: forcing a failure.
[  349.655250][T24498] name failslab, interval 1, probability 0, space 0, times 0
[  349.668036][T24498] CPU: 0 UID: 0 PID: 24498 Comm: syz.2.4745 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  349.668148][T24498] Tainted: [W]=WARN
[  349.668156][T24498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  349.668169][T24498] Call Trace:
[  349.668177][T24498]  <TASK>
[  349.668186][T24498]  __dump_stack+0x1d/0x30
[  349.668215][T24498]  dump_stack_lvl+0xe8/0x140
[  349.668255][T24498]  dump_stack+0x15/0x1b
[  349.668278][T24498]  should_fail_ex+0x265/0x280
[  349.668318][T24498]  ? nft_trans_table_add+0x36/0x190
[  349.668361][T24498]  should_failslab+0x8c/0xb0
[  349.668565][T24498]  __kmalloc_cache_noprof+0x4c/0x320
[  349.668656][T24498]  nft_trans_table_add+0x36/0x190
[  349.668706][T24498]  nf_tables_newtable+0x955/0xea0
[  349.668753][T24498]  nfnetlink_rcv+0xb96/0x1690
[  349.668815][T24498]  netlink_unicast+0x5bd/0x690
[  349.668852][T24498]  netlink_sendmsg+0x58b/0x6b0
[  349.668894][T24498]  ? __pfx_netlink_sendmsg+0x10/0x10
[  349.669060][T24498]  __sock_sendmsg+0x145/0x180
[  349.669088][T24498]  ____sys_sendmsg+0x31e/0x4e0
[  349.669192][T24498]  ___sys_sendmsg+0x17b/0x1d0
[  349.669251][T24498]  __x64_sys_sendmsg+0xd4/0x160
[  349.669287][T24498]  x64_sys_call+0x191e/0x2ff0
[  349.669312][T24498]  do_syscall_64+0xd2/0x200
[  349.669350][T24498]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  349.669376][T24498]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  349.669413][T24498]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.669478][T24498] RIP: 0033:0x7f2417e5eec9
[  349.669499][T24498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  349.669521][T24498] RSP: 002b:00007f24168c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  349.669567][T24498] RAX: ffffffffffffffda RBX: 00007f24180b5fa0 RCX: 00007f2417e5eec9
[  349.669582][T24498] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  349.669599][T24498] RBP: 00007f24168c7090 R08: 0000000000000000 R09: 0000000000000000
[  349.669616][T24498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  349.669633][T24498] R13: 00007f24180b6038 R14: 00007f24180b5fa0 R15: 00007fffd4dd61b8
[  349.669661][T24498]  </TASK>
[  350.484168][T24527] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4753'.
[  350.533981][T24530] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4754'.
[  350.578913][T24533] 9pnet_fd: Insufficient options for proto=fd
[  350.671916][T24539] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4760'.
[  350.926866][T24553] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  351.091943][   T29] kauditd_printk_skb: 653 callbacks suppressed
[  351.091961][   T29] audit: type=1326 audit(352.067:43179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24586 comm="syz.4.4768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824381eec9 code=0x7ffc0000
[  351.122052][   T29] audit: type=1326 audit(352.067:43180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24586 comm="syz.4.4768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f824381eec9 code=0x7ffc0000
[  351.145165][   T29] audit: type=1326 audit(352.067:43181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24586 comm="syz.4.4768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824381eec9 code=0x7ffc0000
[  351.168365][   T29] audit: type=1326 audit(352.067:43182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24586 comm="syz.4.4768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824381eec9 code=0x7ffc0000
[  351.184653][T24591] loop4: detected capacity change from 0 to 1764
[  351.191844][   T29] audit: type=1326 audit(352.067:43183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24586 comm="syz.4.4768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7f824381eec9 code=0x7ffc0000
[  351.221480][   T29] audit: type=1326 audit(352.067:43184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24586 comm="syz.4.4768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824381eec9 code=0x7ffc0000
[  351.244784][   T29] audit: type=1326 audit(352.067:43185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24586 comm="syz.4.4768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f824381eec9 code=0x7ffc0000
[  351.268024][   T29] audit: type=1326 audit(352.067:43186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24586 comm="syz.4.4768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824381eec9 code=0x7ffc0000
[  351.268065][   T29] audit: type=1326 audit(352.067:43187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24586 comm="syz.4.4768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f824381eec9 code=0x7ffc0000
[  351.315482][   T29] audit: type=1326 audit(352.067:43188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24586 comm="syz.4.4768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824381eec9 code=0x7ffc0000
[  351.431308][T24598] FAULT_INJECTION: forcing a failure.
[  351.431308][T24598] name failslab, interval 1, probability 0, space 0, times 0
[  351.444630][T24598] CPU: 0 UID: 0 PID: 24598 Comm: syz.4.4771 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  351.444674][T24598] Tainted: [W]=WARN
[  351.444683][T24598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  351.444765][T24598] Call Trace:
[  351.444775][T24598]  <TASK>
[  351.444785][T24598]  __dump_stack+0x1d/0x30
[  351.444837][T24598]  dump_stack_lvl+0xe8/0x140
[  351.444864][T24598]  dump_stack+0x15/0x1b
[  351.444885][T24598]  should_fail_ex+0x265/0x280
[  351.444968][T24598]  ? nf_tables_newtable+0x375/0xea0
[  351.445005][T24598]  should_failslab+0x8c/0xb0
[  351.445039][T24598]  __kmalloc_cache_noprof+0x4c/0x320
[  351.445097][T24598]  ? __nla_validate_parse+0x1652/0x1d00
[  351.445140][T24598]  nf_tables_newtable+0x375/0xea0
[  351.445187][T24598]  nfnetlink_rcv+0xb96/0x1690
[  351.445269][T24598]  netlink_unicast+0x5bd/0x690
[  351.445309][T24598]  netlink_sendmsg+0x58b/0x6b0
[  351.445340][T24598]  ? __pfx_netlink_sendmsg+0x10/0x10
[  351.445422][T24598]  __sock_sendmsg+0x145/0x180
[  351.445449][T24598]  ____sys_sendmsg+0x31e/0x4e0
[  351.445490][T24598]  ___sys_sendmsg+0x17b/0x1d0
[  351.445553][T24598]  __x64_sys_sendmsg+0xd4/0x160
[  351.445588][T24598]  x64_sys_call+0x191e/0x2ff0
[  351.445609][T24598]  do_syscall_64+0xd2/0x200
[  351.445684][T24598]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  351.445712][T24598]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  351.445750][T24598]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.445829][T24598] RIP: 0033:0x7f824381eec9
[  351.445848][T24598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  351.445873][T24598] RSP: 002b:00007f8242287038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  351.445898][T24598] RAX: ffffffffffffffda RBX: 00007f8243a75fa0 RCX: 00007f824381eec9
[  351.445927][T24598] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  351.445940][T24598] RBP: 00007f8242287090 R08: 0000000000000000 R09: 0000000000000000
[  351.445954][T24598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  351.445970][T24598] R13: 00007f8243a76038 R14: 00007f8243a75fa0 R15: 00007ffe54f470b8
[  351.445997][T24598]  </TASK>
[  351.732742][T24609] FAULT_INJECTION: forcing a failure.
[  351.732742][T24609] name failslab, interval 1, probability 0, space 0, times 0
[  351.745780][T24609] CPU: 0 UID: 0 PID: 24609 Comm: syz.4.4776 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  351.745823][T24609] Tainted: [W]=WARN
[  351.745832][T24609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  351.745849][T24609] Call Trace:
[  351.745859][T24609]  <TASK>
[  351.745868][T24609]  __dump_stack+0x1d/0x30
[  351.745938][T24609]  dump_stack_lvl+0xe8/0x140
[  351.745962][T24609]  dump_stack+0x15/0x1b
[  351.745983][T24609]  should_fail_ex+0x265/0x280
[  351.746036][T24609]  should_failslab+0x8c/0xb0
[  351.746070][T24609]  kmem_cache_alloc_node_noprof+0x57/0x320
[  351.746136][T24609]  ? __alloc_skb+0x101/0x320
[  351.746166][T24609]  __alloc_skb+0x101/0x320
[  351.746191][T24609]  inet6_netconf_notify_devconf+0x10f/0x1d0
[  351.746232][T24609]  addrconf_ifdown+0xd8f/0xf30
[  351.746280][T24609]  ? __nf_tables_flowtable_event+0x4b5/0x540
[  351.746321][T24609]  ? tls_dev_event+0x3d7/0x910
[  351.746429][T24609]  addrconf_notify+0x222/0x930
[  351.746487][T24609]  ? __pfx_addrconf_notify+0x10/0x10
[  351.746525][T24609]  raw_notifier_call_chain+0x6c/0x1b0
[  351.746559][T24609]  ? call_netdevice_notifiers_info+0x9c/0x100
[  351.746664][T24609]  call_netdevice_notifiers_info+0xae/0x100
[  351.746686][T24609]  unregister_netdevice_many_notify+0xda9/0x15d0
[  351.746729][T24609]  unregister_netdevice_queue+0x1f5/0x220
[  351.746803][T24609]  vti6_siocdevprivate+0x273/0x8e0
[  351.746846][T24609]  dev_ifsioc+0x8f8/0xaa0
[  351.746881][T24609]  dev_ioctl+0x78d/0x960
[  351.746979][T24609]  sock_ioctl+0x593/0x610
[  351.747057][T24609]  ? __pfx_sock_ioctl+0x10/0x10
[  351.747091][T24609]  __se_sys_ioctl+0xce/0x140
[  351.747140][T24609]  __x64_sys_ioctl+0x43/0x50
[  351.747184][T24609]  x64_sys_call+0x1816/0x2ff0
[  351.747213][T24609]  do_syscall_64+0xd2/0x200
[  351.747316][T24609]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  351.747366][T24609]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  351.747401][T24609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.747426][T24609] RIP: 0033:0x7f824381eec9
[  351.747442][T24609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  351.747462][T24609] RSP: 002b:00007f8242287038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  351.747607][T24609] RAX: ffffffffffffffda RBX: 00007f8243a75fa0 RCX: 00007f824381eec9
[  351.747625][T24609] RDX: 0000200000000240 RSI: 00000000000089f2 RDI: 0000000000000003
[  351.747642][T24609] RBP: 00007f8242287090 R08: 0000000000000000 R09: 0000000000000000
[  351.747658][T24609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  351.747710][T24609] R13: 00007f8243a76038 R14: 00007f8243a75fa0 R15: 00007ffe54f470b8
[  351.747734][T24609]  </TASK>
[  352.296116][T24608] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  352.309737][T24639] FAULT_INJECTION: forcing a failure.
[  352.309737][T24639] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  352.323706][T24639] CPU: 0 UID: 0 PID: 24639 Comm: syz.3.4781 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  352.323746][T24639] Tainted: [W]=WARN
[  352.323755][T24639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  352.323771][T24639] Call Trace:
[  352.323779][T24639]  <TASK>
[  352.323789][T24639]  __dump_stack+0x1d/0x30
[  352.323816][T24639]  dump_stack_lvl+0xe8/0x140
[  352.323973][T24639]  dump_stack+0x15/0x1b
[  352.323994][T24639]  should_fail_ex+0x265/0x280
[  352.324039][T24639]  should_fail+0xb/0x20
[  352.324065][T24639]  should_fail_usercopy+0x1a/0x20
[  352.324099][T24639]  _copy_to_user+0x20/0xa0
[  352.324126][T24639]  rng_dev_read+0x3ef/0x740
[  352.324187][T24639]  ? __pfx_rng_dev_read+0x10/0x10
[  352.324216][T24639]  vfs_readv+0x3f8/0x690
[  352.324275][T24639]  __x64_sys_preadv+0xfd/0x1c0
[  352.324327][T24639]  x64_sys_call+0x282a/0x2ff0
[  352.324393][T24639]  do_syscall_64+0xd2/0x200
[  352.324413][T24639]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  352.324438][T24639]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  352.324540][T24639]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.324569][T24639] RIP: 0033:0x7f383c17eec9
[  352.324588][T24639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  352.324612][T24639] RSP: 002b:00007f383abe7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  352.324635][T24639] RAX: ffffffffffffffda RBX: 00007f383c3d5fa0 RCX: 00007f383c17eec9
[  352.324652][T24639] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000003
[  352.324733][T24639] RBP: 00007f383abe7090 R08: 0000000000000000 R09: 0000000000000000
[  352.324749][T24639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  352.324764][T24639] R13: 00007f383c3d6038 R14: 00007f383c3d5fa0 R15: 00007ffe87b7f438
[  352.324790][T24639]  </TASK>
[  352.641753][T24653] loop3: detected capacity change from 0 to 512
[  352.650719][T24653] EXT4-fs: Invalid want_extra_isize 67108865
[  353.409425][T24670] __nla_validate_parse: 4 callbacks suppressed
[  353.409444][T24670] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4788'.
[  353.508877][T24680] loop4: detected capacity change from 0 to 1024
[  353.552024][T24680] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  353.570572][T24680] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  353.587190][T24680] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  353.599673][T24680] EXT4-fs (loop4): This should not happen!! Data will be lost
[  353.599673][T24680] 
[  353.609479][T24680] EXT4-fs (loop4): Total free blocks count 0
[  353.615632][T24680] EXT4-fs (loop4): Free/Dirty block details
[  353.621546][T24680] EXT4-fs (loop4): free_blocks=4293918720
[  353.627360][T24680] EXT4-fs (loop4): dirty_blocks=16
[  353.632500][T24680] EXT4-fs (loop4): Block reservation details
[  353.638503][T24680] EXT4-fs (loop4): i_reserved_data_blocks=1
[  353.660792][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.689098][T24700] netlink: 5356 bytes leftover after parsing attributes in process `+}[@'.
[  353.857649][T24705] loop4: detected capacity change from 0 to 128
[  353.890976][T24705] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4796'.
[  354.132060][T24726] loop4: detected capacity change from 0 to 512
[  354.183542][T24726] EXT4-fs: Invalid want_extra_isize 67108865
[  354.195391][T24729] FAULT_INJECTION: forcing a failure.
[  354.195391][T24729] name failslab, interval 1, probability 0, space 0, times 0
[  354.208692][T24729] CPU: 0 UID: 0 PID: 24729 Comm: syz.3.4800 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  354.208818][T24729] Tainted: [W]=WARN
[  354.208825][T24729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  354.208837][T24729] Call Trace:
[  354.208843][T24729]  <TASK>
[  354.208850][T24729]  __dump_stack+0x1d/0x30
[  354.208869][T24729]  dump_stack_lvl+0xe8/0x140
[  354.208886][T24729]  dump_stack+0x15/0x1b
[  354.208906][T24729]  should_fail_ex+0x265/0x280
[  354.208933][T24729]  should_failslab+0x8c/0xb0
[  354.208956][T24729]  kmem_cache_alloc_noprof+0x50/0x310
[  354.208981][T24729]  ? skb_clone+0x151/0x1f0
[  354.209053][T24729]  skb_clone+0x151/0x1f0
[  354.209079][T24729]  __netlink_deliver_tap+0x2c9/0x500
[  354.209110][T24729]  netlink_unicast+0x66b/0x690
[  354.209201][T24729]  netlink_sendmsg+0x58b/0x6b0
[  354.209229][T24729]  ? __pfx_netlink_sendmsg+0x10/0x10
[  354.209255][T24729]  __sock_sendmsg+0x145/0x180
[  354.209354][T24729]  ____sys_sendmsg+0x345/0x4e0
[  354.209384][T24729]  ___sys_sendmsg+0x17b/0x1d0
[  354.209438][T24729]  __sys_sendmmsg+0x178/0x300
[  354.209476][T24729]  __x64_sys_sendmmsg+0x57/0x70
[  354.209504][T24729]  x64_sys_call+0x1c4a/0x2ff0
[  354.209559][T24729]  do_syscall_64+0xd2/0x200
[  354.209577][T24729]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  354.209657][T24729]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  354.209752][T24729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.209773][T24729] RIP: 0033:0x7f383c17eec9
[  354.209787][T24729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  354.209804][T24729] RSP: 002b:00007f383abe7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  354.209827][T24729] RAX: ffffffffffffffda RBX: 00007f383c3d5fa0 RCX: 00007f383c17eec9
[  354.209914][T24729] RDX: 04000000000001f2 RSI: 0000200000000000 RDI: 0000000000000006
[  354.209926][T24729] RBP: 00007f383abe7090 R08: 0000000000000000 R09: 0000000000000000
[  354.209938][T24729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  354.210027][T24729] R13: 00007f383c3d6038 R14: 00007f383c3d5fa0 R15: 00007ffe87b7f438
[  354.210045][T24729]  </TASK>
[  354.210097][T24729] netlink: 3 bytes leftover after parsing attributes in process `syz.3.4800'.
[  354.440895][T24729] batadv1: entered promiscuous mode
[  354.446180][T24729] batadv1: entered allmulticast mode
[  354.597730][T24748] loop3: detected capacity change from 0 to 512
[  354.626552][T24748] EXT4-fs warning (device loop3): ext4_enable_quotas:7178: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  354.648783][T24748] EXT4-fs (loop3): mount failed
[  354.661681][T24748] FAULT_INJECTION: forcing a failure.
[  354.661681][T24748] name failslab, interval 1, probability 0, space 0, times 0
[  354.674505][T24748] CPU: 0 UID: 0 PID: 24748 Comm: syz.3.4803 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  354.674609][T24748] Tainted: [W]=WARN
[  354.674619][T24748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  354.674636][T24748] Call Trace:
[  354.674643][T24748]  <TASK>
[  354.674653][T24748]  __dump_stack+0x1d/0x30
[  354.674681][T24748]  dump_stack_lvl+0xe8/0x140
[  354.674766][T24748]  dump_stack+0x15/0x1b
[  354.674788][T24748]  should_fail_ex+0x265/0x280
[  354.674884][T24748]  should_failslab+0x8c/0xb0
[  354.674918][T24748]  kmem_cache_alloc_node_noprof+0x57/0x320
[  354.674959][T24748]  ? __alloc_skb+0x101/0x320
[  354.675048][T24748]  __alloc_skb+0x101/0x320
[  354.675117][T24748]  ? pfkey_broadcast+0x223/0x240
[  354.675174][T24748]  pfkey_sendmsg+0x7e4/0x900
[  354.675338][T24748]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  354.675455][T24748]  __sock_sendmsg+0x145/0x180
[  354.675539][T24748]  ____sys_sendmsg+0x31e/0x4e0
[  354.675582][T24748]  ___sys_sendmsg+0x17b/0x1d0
[  354.675640][T24748]  __x64_sys_sendmsg+0xd4/0x160
[  354.675759][T24748]  x64_sys_call+0x191e/0x2ff0
[  354.675790][T24748]  do_syscall_64+0xd2/0x200
[  354.675817][T24748]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  354.675850][T24748]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  354.675894][T24748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.675938][T24748] RIP: 0033:0x7f383c17eec9
[  354.675957][T24748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  354.676060][T24748] RSP: 002b:00007f383abe7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  354.676084][T24748] RAX: ffffffffffffffda RBX: 00007f383c3d5fa0 RCX: 00007f383c17eec9
[  354.676101][T24748] RDX: 0000000000000002 RSI: 0000200000000400 RDI: 0000000000000003
[  354.676117][T24748] RBP: 00007f383abe7090 R08: 0000000000000000 R09: 0000000000000000
[  354.676133][T24748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  354.676225][T24748] R13: 00007f383c3d6038 R14: 00007f383c3d5fa0 R15: 00007ffe87b7f438
[  354.676250][T24748]  </TASK>
[  355.090587][T24777] infiniband syz1: set active
[  355.095507][T24777] infiniband syz1: added syz_tun
[  355.112716][T24779] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4809'.
[  355.170796][T24784] loop3: detected capacity change from 0 to 128
[  355.177519][T24777] RDS/IB: syz1: added
[  355.193868][T24777] smc: adding ib device syz1 with port count 1
[  355.212202][T24777] smc:    ib device syz1 port 1 has pnetid 
[  355.264626][T24791] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4811'.
[  355.325003][T24791] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4811'.
[  355.343336][T24802] loop3: detected capacity change from 0 to 1024
[  355.401554][T24802] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  355.445561][T24815] SELinux: security_context_str_to_sid (?>��\$Xv��\S:l�o���ou�\��?�H�94ea_�Y��6�S{Oד9r�"Z�i$߫Y+ܨ�i&�
�� �Y�tP�'�2#;���t_�dp��t���R�N=9A@B��	֠R,�2Uń�JY��aU�Ƌ4�t���Г�b�ȳ������(����Q�*&&x)����}�~�-#05wY
����`|Bs��/%�K݊�䊟��	gS�p�) failed with errno=-22
[  355.487475][T24752] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  355.502429][T24802] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  355.514724][T24802] EXT4-fs (loop3): This should not happen!! Data will be lost
[  355.514724][T24802] 
[  355.524515][T24802] EXT4-fs (loop3): Total free blocks count 0
[  355.530602][T24802] EXT4-fs (loop3): Free/Dirty block details
[  355.536617][T24802] EXT4-fs (loop3): free_blocks=4293918720
[  355.542367][T24802] EXT4-fs (loop3): dirty_blocks=16
[  355.547591][T24802] EXT4-fs (loop3): Block reservation details
[  355.553677][T24802] EXT4-fs (loop3): i_reserved_data_blocks=1
[  355.626329][T17180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.639996][T24781] bridge0: port 2(bridge_slave_1) entered disabled state
[  355.647223][T24781] bridge0: port 1(bridge_slave_0) entered disabled state
[  355.752921][T24781] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  355.794058][T24781] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  355.849507][ T7705] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  355.858637][ T3387] syz1: Port: 1 Link DOWN
[  355.869734][ T7705] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  355.905709][ T7705] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  355.934484][ T7705] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  356.107175][T24845] loop3: detected capacity change from 0 to 128
[  356.141225][T24845] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4823'.
[  356.174491][   T29] kauditd_printk_skb: 720 callbacks suppressed
[  356.174563][   T29] audit: type=1326 audit(357.147:43908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24850 comm="syz.0.4825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  356.213681][   T29] audit: type=1326 audit(357.187:43909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24850 comm="syz.0.4825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  356.236777][   T29] audit: type=1326 audit(357.187:43910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24850 comm="syz.0.4825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  356.260188][   T29] audit: type=1326 audit(357.187:43911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24850 comm="syz.0.4825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  356.283344][   T29] audit: type=1326 audit(357.187:43912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24850 comm="syz.0.4825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  356.306502][   T29] audit: type=1326 audit(357.187:43913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24850 comm="syz.0.4825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  356.330237][   T29] audit: type=1326 audit(357.187:43914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24850 comm="syz.0.4825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  356.353946][   T29] audit: type=1326 audit(357.187:43915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24850 comm="syz.0.4825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  356.377649][   T29] audit: type=1326 audit(357.187:43916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24850 comm="syz.0.4825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  356.401249][   T29] audit: type=1326 audit(357.187:43917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24850 comm="syz.0.4825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  356.407517][T24858] loop4: detected capacity change from 0 to 1024
[  356.455576][T24858] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  356.481199][T24873] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  356.500678][T24873] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  356.510829][T24858] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  356.527304][T24858] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  356.539730][T24858] EXT4-fs (loop4): This should not happen!! Data will be lost
[  356.539730][T24858] 
[  356.549547][T24858] EXT4-fs (loop4): Total free blocks count 0
[  356.556106][T24858] EXT4-fs (loop4): Free/Dirty block details
[  356.562292][T24858] EXT4-fs (loop4): free_blocks=4293918720
[  356.568207][T24858] EXT4-fs (loop4): dirty_blocks=16
[  356.573681][T24858] EXT4-fs (loop4): Block reservation details
[  356.579821][T24858] EXT4-fs (loop4): i_reserved_data_blocks=1
[  356.713550][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  357.263953][T24904] SELinux: security_context_str_to_sid (�gN�i�pW) failed with errno=-22
[  357.314906][T24910] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4838'.
[  357.711134][T24921] SELinux: security_context_str_to_sid (fa��.
!V��vJ�Z�	9�/M�yE�������{�f�/�H�Ǥ��6�yE��W���d���"o���i8.~��ԙ���VU�����s%u�Q'O�i�K�v�rVBx�"�x��l�K��7=KuU����1[۹��e`�`u�B�jb�a�K��]�"3�9��%)6\�^HHX9W,a�zSŗ�
[  357.711134][T24921] �~���>څ�"71��R��-$��sE7B�������ユZʹU�7<���k��]�-��_�+��.Uٞ) failed with errno=-22
[  357.882842][T24939] FAULT_INJECTION: forcing a failure.
[  357.882842][T24939] name failslab, interval 1, probability 0, space 0, times 0
[  357.895731][T24939] CPU: 0 UID: 0 PID: 24939 Comm: syz.3.4844 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  357.895770][T24939] Tainted: [W]=WARN
[  357.895799][T24939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  357.895814][T24939] Call Trace:
[  357.895822][T24939]  <TASK>
[  357.895832][T24939]  __dump_stack+0x1d/0x30
[  357.895858][T24939]  dump_stack_lvl+0xe8/0x140
[  357.895899][T24939]  dump_stack+0x15/0x1b
[  357.895918][T24939]  should_fail_ex+0x265/0x280
[  357.895958][T24939]  should_failslab+0x8c/0xb0
[  357.896003][T24939]  kmem_cache_alloc_node_noprof+0x57/0x320
[  357.896042][T24939]  ? __alloc_skb+0x101/0x320
[  357.896069][T24939]  __alloc_skb+0x101/0x320
[  357.896127][T24939]  alloc_skb_with_frags+0x7d/0x470
[  357.896218][T24939]  ? selinux_file_open+0x2df/0x330
[  357.896261][T24939]  sock_alloc_send_pskb+0x43a/0x4f0
[  357.896305][T24939]  ? mntput+0x4b/0x80
[  357.896346][T24939]  tun_get_user+0x9b3/0x26e0
[  357.896446][T24939]  ? ref_tracker_alloc+0x1f2/0x2f0
[  357.896482][T24939]  ? selinux_file_permission+0x2f0/0x320
[  357.896553][T24939]  tun_chr_write_iter+0x15e/0x210
[  357.896578][T24939]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  357.896682][T24939]  vfs_write+0x527/0x960
[  357.896721][T24939]  ksys_write+0xda/0x1a0
[  357.896745][T24939]  __x64_sys_write+0x40/0x50
[  357.896788][T24939]  x64_sys_call+0x27fe/0x2ff0
[  357.896818][T24939]  do_syscall_64+0xd2/0x200
[  357.896841][T24939]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  357.896882][T24939]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  357.896922][T24939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.896947][T24939] RIP: 0033:0x7f383c17d97f
[  357.896963][T24939] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  357.896988][T24939] RSP: 002b:00007f383abe7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  357.897057][T24939] RAX: ffffffffffffffda RBX: 00007f383c3d5fa0 RCX: 00007f383c17d97f
[  357.897075][T24939] RDX: 0000000000000d81 RSI: 00002000000019c0 RDI: 00000000000000c8
[  357.897092][T24939] RBP: 00007f383abe7090 R08: 0000000000000000 R09: 0000000000000000
[  357.897105][T24939] R10: 0000000000000d81 R11: 0000000000000293 R12: 0000000000000001
[  357.897117][T24939] R13: 00007f383c3d6038 R14: 00007f383c3d5fa0 R15: 00007ffe87b7f438
[  357.897137][T24939]  </TASK>
[  358.169278][T24942] loop3: detected capacity change from 0 to 1024
[  358.176528][T24942] EXT4-fs: Ignoring removed bh option
[  358.200269][T24942] EXT4-fs: inline encryption not supported
[  358.207681][T24942] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  358.220370][T24942] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.4845: lblock 2 mapped to illegal pblock 2 (length 1)
[  358.235890][T24942] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.4845: lblock 0 mapped to illegal pblock 48 (length 1)
[  358.250664][T24942] EXT4-fs error (device loop3): ext4_acquire_dquot:6943: comm syz.3.4845: Failed to acquire dquot type 0
[  358.262961][T24947] netlink: 244 bytes leftover after parsing attributes in process `syz.2.4847'.
[  358.296302][T24942] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  358.318119][T24942] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.4845: mark_inode_dirty error
[  358.345616][T24942] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  358.356368][T24950] loop9: detected capacity change from 0 to 7
[  358.362693][T24950] Buffer I/O error on dev loop9, logical block 0, async page read
[  358.370773][T24950] Buffer I/O error on dev loop9, logical block 0, async page read
[  358.370911][T24942] EXT4-fs (loop3): 1 orphan inode deleted
[  358.378794][T24950]  loop9: unable to read partition table
[  358.390314][T24950] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  358.390314][T24950] 
) failed (rc=-5)
[  358.411052][   T12] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1)
[  358.411263][T24942] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  358.451017][   T12] EXT4-fs error (device loop3): ext4_release_dquot:6979: comm kworker/u8:0: Failed to release dquot type 0
[  358.460609][T24957] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4849'.
[  358.487187][T24942] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #2: block 16: comm syz.3.4845: lblock 0 mapped to illegal pblock 16 (length 1)
[  358.512338][T24942] netlink: 244 bytes leftover after parsing attributes in process `syz.3.4845'.
[  358.541175][T24942] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #2: block 16: comm syz.3.4845: lblock 0 mapped to illegal pblock 16 (length 1)
[  359.254166][T17180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.266059][T17180] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[  359.279824][T17180] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  359.293848][T17180] EXT4-fs error (device loop3): ext4_quota_off:7227: inode #3: comm syz-executor: mark_inode_dirty error
[  359.333919][T24994] syzkaller1: entered promiscuous mode
[  359.339640][T24994] syzkaller1: entered allmulticast mode
[  359.561366][T25023] SELinux: security_context_str_to_sid (_N��R Y�����������l�_�<6i�f��%g8Gs�2(d�=}P�ؽ��B���Zk�?��s�<��UI\^pιE
[  359.561366][T25023] }7�0o\��� E�
R�w�(n�B~����V�����X��u�!�Ўt��Т6�yƧ �q_�k���hH�r��;���D�����V��_lIq�G;��a��ޕ�P�<�g���e]a�3xw�����G+�<S��m��Y���=V�m��ʵ=�Y�}�I*�p餷3s) failed with errno=-22
[  359.785743][T25031] SELinux: security_context_str_to_sid (�m|W�@�zZ�
�%�½$홯օH����������
���F.i��UB��,�q޴dp<M��W���G�ֿ�������D��p8.}#eX$�ԩ�i�,���Ag��r��峹	z
���]C?��{`�Ӹj�1P�;'�b��H;.���^����y�Ǽ��=��c g7�
X(*�z�W�n����8�^��an�|��V+�Z�����zd0���*h�m>�P����A�hY��ʟ�(:��) failed with errno=-22
[  360.318162][T25039] loop4: detected capacity change from 0 to 1024
[  360.338044][T25039] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  360.509933][T25039] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  360.535120][T25049] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4864'.
[  360.546005][T25039] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  360.558280][T25039] EXT4-fs (loop4): This should not happen!! Data will be lost
[  360.558280][T25039] 
[  360.568332][T25039] EXT4-fs (loop4): Total free blocks count 0
[  360.574508][T25039] EXT4-fs (loop4): Free/Dirty block details
[  360.580683][T25039] EXT4-fs (loop4): free_blocks=4293918720
[  360.586636][T25039] EXT4-fs (loop4): dirty_blocks=16
[  360.591798][T25039] EXT4-fs (loop4): Block reservation details
[  360.597993][T25039] EXT4-fs (loop4): i_reserved_data_blocks=1
[  360.687331][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  360.770343][T25061] loop4: detected capacity change from 0 to 1024
[  360.806803][T25061] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  360.844380][T25061] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  360.864450][T25061] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  360.876845][T25061] EXT4-fs (loop4): This should not happen!! Data will be lost
[  360.876845][T25061] 
[  360.886789][T25061] EXT4-fs (loop4): Total free blocks count 0
[  360.892786][T25061] EXT4-fs (loop4): Free/Dirty block details
[  360.898847][T25061] EXT4-fs (loop4): free_blocks=4293918720
[  360.904765][T25061] EXT4-fs (loop4): dirty_blocks=16
[  360.909904][T25061] EXT4-fs (loop4): Block reservation details
[  360.916220][T25061] EXT4-fs (loop4): i_reserved_data_blocks=1
[  360.998274][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  361.191967][T25088] SELinux: security_context_str_to_sid (�#�N)��)�_�tn��l�y��o	D\}��{�r
J�{=ц�P%|���^��l�<G
J&%�X٣3��?Z��	��rP���k����?�N�r�����^��) failed with errno=-22
[  361.427678][   T29] kauditd_printk_skb: 263 callbacks suppressed
[  361.427697][   T29] audit: type=1107 audit(362.397:44178): pid=25100 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='#'
[  361.998720][T25121] loop4: detected capacity change from 0 to 128
[  362.040248][   T29] audit: type=1326 audit(363.017:44179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25129 comm="syz.4.4883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8243815d67 code=0x7ffc0000
[  362.063717][   T29] audit: type=1326 audit(363.017:44180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25129 comm="syz.4.4883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f82437baf79 code=0x7ffc0000
[  362.087694][   T29] audit: type=1326 audit(363.017:44181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25129 comm="syz.4.4883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8243815d67 code=0x7ffc0000
[  362.110991][   T29] audit: type=1326 audit(363.017:44182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25129 comm="syz.4.4883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f82437baf79 code=0x7ffc0000
[  362.135318][   T29] audit: type=1326 audit(363.017:44183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25129 comm="syz.4.4883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8243815d67 code=0x7ffc0000
[  362.158824][   T29] audit: type=1326 audit(363.017:44184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25129 comm="syz.4.4883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f82437baf79 code=0x7ffc0000
[  362.181812][   T29] audit: type=1326 audit(363.017:44185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25129 comm="syz.4.4883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8243815d67 code=0x7ffc0000
[  362.205770][   T29] audit: type=1326 audit(363.017:44186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25129 comm="syz.4.4883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f82437baf79 code=0x7ffc0000
[  362.228956][   T29] audit: type=1326 audit(363.017:44187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25129 comm="syz.4.4883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8243815d67 code=0x7ffc0000
[  362.266660][T25109] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4878'.
[  362.883595][T25167] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4895'.
[  362.916601][T25167] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4895'.
[  363.019668][T25175] loop3: detected capacity change from 0 to 1024
[  363.038724][T25175] EXT4-fs: Ignoring removed bh option
[  363.044409][T25175] EXT4-fs: inline encryption not supported
[  363.054789][T25175] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  363.082964][T25175] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.4898: lblock 2 mapped to illegal pblock 2 (length 1)
[  363.106631][T25187] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4900'.
[  363.116037][T25175] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.4898: lblock 0 mapped to illegal pblock 48 (length 1)
[  363.130588][T25175] EXT4-fs error (device loop3): ext4_acquire_dquot:6943: comm syz.3.4898: Failed to acquire dquot type 0
[  363.142574][T25175] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  363.153880][T25175] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.4898: mark_inode_dirty error
[  363.166562][T25175] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  363.188807][T25175] EXT4-fs (loop3): 1 orphan inode deleted
[  363.199591][T25175] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  363.212483][   T35] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1)
[  363.229671][T25175] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #2: block 16: comm syz.3.4898: lblock 0 mapped to illegal pblock 16 (length 1)
[  363.233942][T25192] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4903'.
[  363.254236][   T35] EXT4-fs error (device loop3): ext4_release_dquot:6979: comm kworker/u8:2: Failed to release dquot type 0
[  363.269650][T25175] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4898'.
[  363.279752][T25197] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4904'.
[  363.298303][T25175] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #2: block 16: comm syz.3.4898: lblock 0 mapped to illegal pblock 16 (length 1)
[  363.534960][T25232] loop4: detected capacity change from 0 to 1024
[  363.563195][T25232] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  363.596634][T25232] 9pnet_fd: Insufficient options for proto=fd
[  363.634204][T25240] __nla_validate_parse: 5 callbacks suppressed
[  363.634220][T25240] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4917'.
[  363.682700][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.806430][T17180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.824875][T17180] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[  363.847961][T17180] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  363.864598][T17180] EXT4-fs error (device loop3): ext4_quota_off:7227: inode #3: comm syz-executor: mark_inode_dirty error
[  363.905770][T25263] loop3: detected capacity change from 0 to 1024
[  363.916699][T25263] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  363.939040][T25263] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  363.954279][T25263] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  363.966618][T25263] EXT4-fs (loop3): This should not happen!! Data will be lost
[  363.966618][T25263] 
[  363.976550][T25263] EXT4-fs (loop3): Total free blocks count 0
[  363.982712][T25263] EXT4-fs (loop3): Free/Dirty block details
[  363.988811][T25263] EXT4-fs (loop3): free_blocks=4293918720
[  363.994292][T25272] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4928'.
[  363.994949][T25263] EXT4-fs (loop3): dirty_blocks=16
[  364.008974][T25263] EXT4-fs (loop3): Block reservation details
[  364.014991][T25263] EXT4-fs (loop3): i_reserved_data_blocks=1
[  364.043163][T25276] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4929'.
[  364.060658][T17180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  364.070380][T25275] tipc: Started in network mode
[  364.075364][T25275] tipc: Node identity , cluster identity 4711
[  364.081452][T25275] tipc: Failed to obtain node identity
[  364.086949][T25275] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  364.204795][T25292] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4932'.
[  364.346984][T25305] loop3: detected capacity change from 0 to 1024
[  364.366119][T25305] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  364.383352][T25305] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  364.400447][T25305] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  364.400527][T25310] SELinux: security_context_str_to_sid (�6���6���.�H�#�=K�5����*#ۍ%΀�茘���ǣ�q��M��S��'�q����72�kH|��j�UJ�F���gq;{ЃFqz��
[  364.400527][T25310] �G��B�zM{Y�q�0�S•��x���k�V�1��Q�����Q��愯e�,���/�<��X��҉�#sP&&@#�
J��o��<}�m��$�E�B�OL�*2�$�?r�:Q��"t��Cu�[�e��`OưsΒ�d���|�`���) failed with errno=-22
[  364.412885][T25305] EXT4-fs (loop3): This should not happen!! Data will be lost
[  364.412885][T25305] 
[  364.455040][T25305] EXT4-fs (loop3): Total free blocks count 0
[  364.461091][T25305] EXT4-fs (loop3): Free/Dirty block details
[  364.467159][T25305] EXT4-fs (loop3): free_blocks=4293918720
[  364.472993][T25305] EXT4-fs (loop3): dirty_blocks=16
[  364.478304][T25305] EXT4-fs (loop3): Block reservation details
[  364.484303][T25305] EXT4-fs (loop3): i_reserved_data_blocks=1
[  364.511357][T17180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  364.548218][T25314] FAULT_INJECTION: forcing a failure.
[  364.548218][T25314] name failslab, interval 1, probability 0, space 0, times 0
[  364.561045][T25314] CPU: 1 UID: 0 PID: 25314 Comm: syz.0.4940 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  364.561159][T25314] Tainted: [W]=WARN
[  364.561169][T25314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  364.561186][T25314] Call Trace:
[  364.561195][T25314]  <TASK>
[  364.561205][T25314]  __dump_stack+0x1d/0x30
[  364.561294][T25314]  dump_stack_lvl+0xe8/0x140
[  364.561320][T25314]  dump_stack+0x15/0x1b
[  364.561342][T25314]  should_fail_ex+0x265/0x280
[  364.561383][T25314]  should_failslab+0x8c/0xb0
[  364.561452][T25314]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  364.561501][T25314]  ? __d_alloc+0x3d/0x340
[  364.561533][T25314]  __d_alloc+0x3d/0x340
[  364.561624][T25314]  ? __rcu_read_unlock+0x4f/0x70
[  364.561695][T25314]  d_alloc_parallel+0x53/0xc60
[  364.561733][T25314]  ? avc_has_perm+0xf7/0x180
[  364.561769][T25314]  ? lockref_get_not_dead+0x120/0x1c0
[  364.561791][T25314]  ? __rcu_read_unlock+0x4f/0x70
[  364.561886][T25314]  __lookup_slow+0x8c/0x250
[  364.561931][T25314]  lookup_slow+0x3c/0x60
[  364.562039][T25314]  link_path_walk+0x753/0x900
[  364.562073][T25314]  __filename_parentat+0x15c/0x3f0
[  364.562131][T25314]  do_renameat2+0x197/0x9e0
[  364.562166][T25314]  ? vfs_write+0x7e8/0x960
[  364.562237][T25314]  ? should_fail_ex+0xdb/0x280
[  364.562272][T25314]  ? should_fail_ex+0xdb/0x280
[  364.562317][T25314]  __x64_sys_rename+0x58/0x70
[  364.562382][T25314]  x64_sys_call+0x1f9/0x2ff0
[  364.562404][T25314]  do_syscall_64+0xd2/0x200
[  364.562451][T25314]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  364.562490][T25314]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  364.562535][T25314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.562609][T25314] RIP: 0033:0x7fcd2b78eec9
[  364.562627][T25314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  364.562656][T25314] RSP: 002b:00007fcd2a1ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[  364.562677][T25314] RAX: ffffffffffffffda RBX: 00007fcd2b9e5fa0 RCX: 00007fcd2b78eec9
[  364.562753][T25314] RDX: 0000000000000000 RSI: 000020000001fb80 RDI: 000020000001fb40
[  364.562786][T25314] RBP: 00007fcd2a1ef090 R08: 0000000000000000 R09: 0000000000000000
[  364.562802][T25314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  364.562814][T25314] R13: 00007fcd2b9e6038 R14: 00007fcd2b9e5fa0 R15: 00007ffde814ed48
[  364.562839][T25314]  </TASK>
[  364.812362][T25322] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4942'.
[  365.088694][T25351] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4949'.
[  365.103515][T25352] 
: renamed from bond0 (while UP)
[  365.131572][T25344] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4949'.
[  365.140963][T25354] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4953'.
[  365.168682][T25354] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4953'.
[  365.328616][T25369] siw: device registration error -23
[  365.357393][T25385] loop3: detected capacity change from 0 to 256
[  365.371887][T25385] FAT-fs (loop3): Directory bread(block 64) failed
[  365.378949][T25385] FAT-fs (loop3): Directory bread(block 65) failed
[  365.386400][T25385] FAT-fs (loop3): Directory bread(block 66) failed
[  365.404415][T25385] FAT-fs (loop3): Directory bread(block 67) failed
[  365.421326][T25385] FAT-fs (loop3): Directory bread(block 68) failed
[  365.431421][T25385] FAT-fs (loop3): Directory bread(block 69) failed
[  365.441557][T25385] FAT-fs (loop3): Directory bread(block 70) failed
[  365.461767][T25385] FAT-fs (loop3): Directory bread(block 71) failed
[  365.471877][T25385] FAT-fs (loop3): Directory bread(block 72) failed
[  365.485532][T25385] FAT-fs (loop3): Directory bread(block 73) failed
[  365.512740][T25385] syz.3.4962: attempt to access beyond end of device
[  365.512740][T25385] loop3: rw=0, sector=1800, nr_sectors = 4 limit=256
[  365.620670][T25401] loop3: detected capacity change from 0 to 1024
[  365.627529][T25401] EXT4-fs: Ignoring removed orlov option
[  365.627950][T25404] SELinux: security_context_str_to_sid ( �_������G) failed with errno=-22
[  365.633355][T25401] ext4: Unknown parameter 'obj_type'
[  365.697990][T25409] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4968'.
[  365.754696][T25414] FAULT_INJECTION: forcing a failure.
[  365.754696][T25414] name failslab, interval 1, probability 0, space 0, times 0
[  365.767752][T25414] CPU: 1 UID: 0 PID: 25414 Comm: syz.1.4969 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  365.767785][T25414] Tainted: [W]=WARN
[  365.767792][T25414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  365.767837][T25414] Call Trace:
[  365.767843][T25414]  <TASK>
[  365.767851][T25414]  __dump_stack+0x1d/0x30
[  365.767872][T25414]  dump_stack_lvl+0xe8/0x140
[  365.767892][T25414]  dump_stack+0x15/0x1b
[  365.767992][T25414]  should_fail_ex+0x265/0x280
[  365.768043][T25414]  should_failslab+0x8c/0xb0
[  365.768075][T25414]  __kvmalloc_node_noprof+0x123/0x4e0
[  365.768121][T25414]  ? rhashtable_init_noprof+0x316/0x4f0
[  365.768241][T25414]  ? rhashtable_init_noprof+0xd4/0x4f0
[  365.768336][T25414]  rhashtable_init_noprof+0x316/0x4f0
[  365.768377][T25414]  rhltable_init_noprof+0x1d/0x40
[  365.768421][T25414]  nf_tables_newtable+0x522/0xea0
[  365.768500][T25414]  nfnetlink_rcv+0xb96/0x1690
[  365.768575][T25414]  netlink_unicast+0x5bd/0x690
[  365.768638][T25414]  netlink_sendmsg+0x58b/0x6b0
[  365.768679][T25414]  ? __pfx_netlink_sendmsg+0x10/0x10
[  365.768795][T25414]  __sock_sendmsg+0x145/0x180
[  365.768837][T25414]  ____sys_sendmsg+0x31e/0x4e0
[  365.768935][T25414]  ___sys_sendmsg+0x17b/0x1d0
[  365.768984][T25414]  __x64_sys_sendmsg+0xd4/0x160
[  365.769071][T25414]  x64_sys_call+0x191e/0x2ff0
[  365.769100][T25414]  do_syscall_64+0xd2/0x200
[  365.769127][T25414]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  365.769152][T25414]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  365.769262][T25414]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.769285][T25414] RIP: 0033:0x7f00bbf6eec9
[  365.769300][T25414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  365.769361][T25414] RSP: 002b:00007f00ba9d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  365.769381][T25414] RAX: ffffffffffffffda RBX: 00007f00bc1c5fa0 RCX: 00007f00bbf6eec9
[  365.769394][T25414] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  365.769406][T25414] RBP: 00007f00ba9d7090 R08: 0000000000000000 R09: 0000000000000000
[  365.769419][T25414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  365.769431][T25414] R13: 00007f00bc1c6038 R14: 00007f00bc1c5fa0 R15: 00007fff1d0f7298
[  365.769489][T25414]  </TASK>
[  366.439811][T25446] vlan2: entered allmulticast mode
[  366.496398][T25456] loop3: detected capacity change from 0 to 1024
[  366.503491][T25456] EXT4-fs: Ignoring removed orlov option
[  366.537145][T25456] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  366.551060][   T29] kauditd_printk_skb: 1514 callbacks suppressed
[  366.551080][   T29] audit: type=1326 audit(367.517:45699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25461 comm="syz.0.4987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  366.580901][   T29] audit: type=1326 audit(367.517:45700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25461 comm="syz.0.4987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  366.604506][   T29] audit: type=1326 audit(367.517:45701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25461 comm="syz.0.4987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  366.627606][   T29] audit: type=1326 audit(367.517:45702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25461 comm="syz.0.4987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  366.650774][   T29] audit: type=1326 audit(367.517:45703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25461 comm="syz.0.4987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  366.673898][   T29] audit: type=1326 audit(367.527:45704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25461 comm="syz.0.4987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  366.697202][   T29] audit: type=1326 audit(367.527:45705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25461 comm="syz.0.4987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  366.720589][   T29] audit: type=1326 audit(367.527:45706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25461 comm="syz.0.4987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  366.744370][   T29] audit: type=1326 audit(367.527:45707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25461 comm="syz.0.4987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  366.767338][   T29] audit: type=1326 audit(367.527:45708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25461 comm="syz.0.4987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2b78eec9 code=0x7ffc0000
[  366.807879][T17180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.951356][T25485] loop3: detected capacity change from 0 to 1024
[  366.967068][T25485] EXT4-fs: Ignoring removed orlov option
[  366.989897][T25485] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  367.025567][T25485] FAULT_INJECTION: forcing a failure.
[  367.025567][T25485] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  367.038831][T25485] CPU: 1 UID: 0 PID: 25485 Comm: syz.3.4996 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  367.038879][T25485] Tainted: [W]=WARN
[  367.038885][T25485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  367.038902][T25485] Call Trace:
[  367.038911][T25485]  <TASK>
[  367.038922][T25485]  __dump_stack+0x1d/0x30
[  367.038952][T25485]  dump_stack_lvl+0xe8/0x140
[  367.039036][T25485]  dump_stack+0x15/0x1b
[  367.039056][T25485]  should_fail_ex+0x265/0x280
[  367.039092][T25485]  should_fail+0xb/0x20
[  367.039123][T25485]  should_fail_usercopy+0x1a/0x20
[  367.039177][T25485]  _copy_to_user+0x20/0xa0
[  367.039203][T25485]  copy_siginfo_to_user+0x22/0xb0
[  367.039230][T25485]  x64_setup_rt_frame+0x2b5/0x580
[  367.039304][T25485]  arch_do_signal_or_restart+0x27c/0x480
[  367.039337][T25485]  exit_to_user_mode_loop+0x7a/0x100
[  367.039361][T25485]  do_syscall_64+0x1d6/0x200
[  367.039400][T25485]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  367.039432][T25485]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  367.039475][T25485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.039504][T25485] RIP: 0033:0x7f383c17eec7
[  367.039529][T25485] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  367.039581][T25485] RSP: 002b:00007f383abe7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  367.039606][T25485] RAX: 0000000000000028 RBX: 00007f383c3d5fa0 RCX: 00007f383c17eec9
[  367.039624][T25485] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000007
[  367.039639][T25485] RBP: 00007f383abe7090 R08: 0000000000000000 R09: 0000000000000000
[  367.039657][T25485] R10: 000000000003ffff R11: 0000000000000246 R12: 0000000000000001
[  367.039674][T25485] R13: 00007f383c3d6038 R14: 00007f383c3d5fa0 R15: 00007ffe87b7f438
[  367.039698][T25485]  </TASK>
[  367.347864][T25506] loop4: detected capacity change from 0 to 164
[  367.419785][T25511] lo speed is unknown, defaulting to 1000
[  367.427596][T25511] lo speed is unknown, defaulting to 1000
[  367.434086][T25511] lo speed is unknown, defaulting to 1000
[  367.443964][T25511] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  367.462530][T25521] loop4: detected capacity change from 0 to 128
[  367.476812][T25523] SELinux: security_context_str_to_sid (Z��p�\H�Dҧ-����P����|2�ԙ�J��) failed with errno=-22
[  367.488810][T25511] lo speed is unknown, defaulting to 1000
[  367.505957][T25511] lo speed is unknown, defaulting to 1000
[  367.518713][T25511] lo speed is unknown, defaulting to 1000
[  367.528191][T25511] lo speed is unknown, defaulting to 1000
[  367.545539][T25511] lo speed is unknown, defaulting to 1000
[  367.561458][T25511] lo speed is unknown, defaulting to 1000
[  367.617524][T25530] loop4: detected capacity change from 0 to 8192
[  367.657147][T17180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  367.666239][T25530] loop4: detected capacity change from 0 to 1024
[  369.176606][T25630] __nla_validate_parse: 7 callbacks suppressed
[  369.176625][T25630] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5039'.
[  369.179267][T25635] loop3: detected capacity change from 0 to 1024
[  369.200330][T25630] netlink: 32 bytes leftover after parsing attributes in process `syz.4.5039'.
[  369.385580][T25635] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  369.449387][T25630] loop4: detected capacity change from 0 to 164
[  369.477702][T25635] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  369.581684][T25635] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  369.594135][T25635] EXT4-fs (loop3): This should not happen!! Data will be lost
[  369.594135][T25635] 
[  369.603844][T25635] EXT4-fs (loop3): Total free blocks count 0
[  369.609863][T25635] EXT4-fs (loop3): Free/Dirty block details
[  369.615958][T25635] EXT4-fs (loop3): free_blocks=4293918720
[  369.621691][T25635] EXT4-fs (loop3): dirty_blocks=16
[  369.626826][T25635] EXT4-fs (loop3): Block reservation details
[  369.632866][T25635] EXT4-fs (loop3): i_reserved_data_blocks=1
[  369.702993][T17180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.716449][T25658] netlink: 44 bytes leftover after parsing attributes in process `syz.0.5043'.
[  369.740881][T25664] loop3: detected capacity change from 0 to 128
[  369.762476][T25666] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5049'.
[  369.778746][T25666] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5049'.
[  369.833753][T25677] loop4: detected capacity change from 0 to 1024
[  369.840538][T25677] EXT4-fs: Ignoring removed orlov option
[  369.851411][T25677] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  370.206664][T25677] ==================================================================
[  370.215066][T25677] BUG: KCSAN: data-race in __writeback_single_inode / xas_set_mark
[  370.223010][T25677] 
[  370.225352][T25677] write to 0xffff888106e75c9c of 4 bytes by task 25682 on cpu 1:
[  370.233090][T25677]  xas_set_mark+0x12b/0x140
[  370.237619][T25677]  __folio_start_writeback+0x1dd/0x440
[  370.243191][T25677]  ext4_bio_write_folio+0x5ad/0x9f0
[  370.248599][T25677]  mpage_process_page_bufs+0x4a1/0x620
[  370.254080][T25677]  mpage_prepare_extent_to_map+0x786/0xc00
[  370.259995][T25677]  ext4_do_writepages+0x708/0x2750
[  370.265230][T25677]  ext4_writepages+0x176/0x300
[  370.270008][T25677]  do_writepages+0x1c3/0x310
[  370.274615][T25677]  file_write_and_wait_range+0x156/0x2c0
[  370.280271][T25677]  generic_buffers_fsync_noflush+0x45/0x120
[  370.286355][T25677]  ext4_sync_file+0x1ab/0x690
[  370.291431][T25677]  vfs_fsync_range+0x10d/0x130
[  370.296731][T25677]  ext4_buffered_write_iter+0x34f/0x3c0
[  370.302321][T25677]  ext4_file_write_iter+0xdbf/0xf00
[  370.307651][T25677]  iter_file_splice_write+0x663/0xa60
[  370.313027][T25677]  direct_splice_actor+0x153/0x2a0
[  370.318226][T25677]  splice_direct_to_actor+0x30f/0x680
[  370.323601][T25677]  do_splice_direct+0xda/0x150
[  370.328389][T25677]  do_sendfile+0x380/0x650
[  370.332851][T25677]  __x64_sys_sendfile64+0x105/0x150
[  370.338182][T25677]  x64_sys_call+0x2bb0/0x2ff0
[  370.342871][T25677]  do_syscall_64+0xd2/0x200
[  370.347385][T25677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.353294][T25677] 
[  370.355640][T25677] read to 0xffff888106e75c9c of 4 bytes by task 25677 on cpu 0:
[  370.363478][T25677]  __writeback_single_inode+0x1f9/0x7c0
[  370.369054][T25677]  writeback_single_inode+0x16d/0x3f0
[  370.374538][T25677]  sync_inode_metadata+0x5b/0x90
[  370.379659][T25677]  generic_buffers_fsync_noflush+0xd9/0x120
[  370.385755][T25677]  ext4_sync_file+0x1ab/0x690
[  370.390656][T25677]  vfs_fsync_range+0x10d/0x130
[  370.395452][T25677]  ext4_buffered_write_iter+0x34f/0x3c0
[  370.401043][T25677]  ext4_file_write_iter+0xdbf/0xf00
[  370.406264][T25677]  iter_file_splice_write+0x663/0xa60
[  370.411744][T25677]  direct_splice_actor+0x153/0x2a0
[  370.416951][T25677]  splice_direct_to_actor+0x30f/0x680
[  370.422343][T25677]  do_splice_direct+0xda/0x150
[  370.427108][T25677]  do_sendfile+0x380/0x650
[  370.431568][T25677]  __x64_sys_sendfile64+0x105/0x150
[  370.437308][T25677]  x64_sys_call+0x2bb0/0x2ff0
[  370.442004][T25677]  do_syscall_64+0xd2/0x200
[  370.446606][T25677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.452527][T25677] 
[  370.455038][T25677] value changed: 0x0a000021 -> 0x04000021
[  370.460776][T25677] 
[  370.463114][T25677] Reported by Kernel Concurrency Sanitizer on:
[  370.469358][T25677] CPU: 0 UID: 0 PID: 25677 Comm: syz.4.5051 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  370.480957][T25677] Tainted: [W]=WARN
[  370.484861][T25677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  370.494927][T25677] ==================================================================
[  370.667937][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.