last executing test programs:

1.439368804s ago: executing program 4 (id=1992):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b703000008000040850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000005c0)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}, {@grpid}]}, 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")

1.212681112s ago: executing program 4 (id=2001):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000840)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000040)=@req={0xf, 0x6, 0x1, 0xc}, 0x10)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000000540)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, <r6=>0x0})
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r3, 0x50009417, &(0x7f0000000a00)={{r3}, r6, 0x6, @unused=[0x1, 0xf, 0xfffffffffffffff7, 0x2], @subvolid=0x5})
r7 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x822b01)
ioctl$EVIOCGKEY(r7, 0x80404518, 0x0)
ioctl$EVIOCGKEY(r7, 0x80404518, &(0x7f00000001c0)=""/212)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
ioctl$TCSETSW2(r8, 0x402c542c, &(0x7f0000000280)={0xffffffff, 0x13aa, 0x52, 0x9, 0x9, "e912c56d1e08eb65c777c811d123c4d3ad9c72", 0x1, 0x9})
close(0x4)

1.026320897s ago: executing program 2 (id=2005):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
uname(0x0)

985.674911ms ago: executing program 2 (id=2007):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
pidfd_send_signal(r2, 0x2, &(0x7f0000000000)={0x2, 0x1, 0x80}, 0x0)
mremap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000ffb000/0x4000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f903", 0x11}], 0x1}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

939.603174ms ago: executing program 1 (id=2008):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r1, r2, 0x5}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r1}, &(0x7f00000006c0), &(0x7f0000000700)=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r1, &(0x7f00000007c0)}, 0x20)

906.088807ms ago: executing program 1 (id=2009):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x17, &(0x7f00000005c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x10001}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000680)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41000, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000006c0)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000700)={0x1, 0x9, 0x5, 0x4}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000740)=[r0, r0], &(0x7f0000000780)=[{0x1, 0x5, 0x9, 0xb}, {0x0, 0x4, 0xe, 0x8}, {0x1, 0x3, 0x4}, {0x0, 0x5, 0x10, 0x8}, {0x5, 0x3, 0xe, 0x4}, {0x1, 0x5, 0x1, 0x5}], 0x10, 0x32}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0b00000008000000070000000900000001"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfff}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x1100000000000000, &(0x7f0000000440)=@base={0x18, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0xffffffff}, 0x50)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x10000000000004}, 0x18)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), r4)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x20, r5, 0x2586ad4018a3b31b, 0x0, 0xffffffff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2208c08, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
stat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r9=>0x0})
sendmsg$netlink(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000100140001"], 0x114}, {&(0x7f00000009c0)=ANY=[@ANYBLOB="cc0200003100000425bd7000fddbdf25d2004b8090e985c10e41bc16c3afdfa48f5504b1be674defb8e523ca931fc47fca0761f089f12dee7390f97c1afc9919b1fe48e849ff8dfba904c78d93262ae3d33f0064ebf13671c70daa79cc0fe13e298fd364e11960d535c26097d135265e7942c4c5db720b1846c07b77ed5d954b166fd8b48c9e0f6ca471ddfcbb5f163f777786f7a3fbfa7733802ee8c4a951358fe78e1ef7f4dbe179e9502c3354b1cebef86cef6a5c32967a223845ba9396fced3f604240981e8f247067e1349e286bc6c8269ebede928867184559936b04001380000072f367e932248bbb5f84927c213d001b02bcf2d2bd5b90abb49e35b671d5cc9e8646e4ecaf6db0c14b26d2c061e2895d84e85ee2272e330857cf5816d5761dcdb9cbd0815823a9e2e08d59f3a8cac38f824e82d6a380359c14f0b327fd5004cfcb9ba79164d762baff997f2fd16507defa04591b820f92c60d5c85e8eab1cc5c87f6a6027e19ea6adec8a708b47f58365690e1", @ANYRES32=r9, @ANYBLOB="040094807a026c57d2654d115e528c1459241cdf02597f14d35c3655073c5f407b4160b64e80e167c709d80d9da587820eeb0f3c363a773f519c2717597d2217f73d756a1e5262327a0d6705cffb6119d2df818584899aaf8d7b874dbb99330a6d2593829a3125c105c65840af5555000d003f0026e4b56b1866ada1d6000000ae69a5084963450371edc84dc99933e5f3798214db2bbd9046f0ccf707e29850c523bbf617b1d7ef1a551fb4d16bc02c3b80b31afd787c9d7b26e5ddbb196f76b5ae845fa547821e75e7ce9e57909e40c4879551d2f2238d4b261e66380a5ae73b551539b77a6588ca710abc8bcf5659e97a7c436980198477bba636c008a123467d4ebde947f09e3e18471413aacf4976b500"], 0x2cc}], 0x2, 0x0, 0x0, 0x20000001}, 0x0)
setsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000300)={{{@in=@remote, @in6=@dev={0xfe, 0x80, '\x00', 0x1a}, 0x4e23, 0x0, 0x4e24, 0x0, 0x2, 0x80, 0x0, 0x11, 0x0, r9}, {0xe61, 0x0, 0x0, 0x8, 0xb, 0x800, 0xffd, 0xffffffffffffffff}, {0x7, 0x4, 0x7fffffffffffffff, 0x7}, 0x8000, 0x6e6bb3, 0x0, 0x0, 0x2, 0x3}, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x4d3, 0x3c}, 0x2, @in6=@remote, 0x3500, 0x0, 0x0, 0x4, 0xc, 0xd0, 0x1}}, 0xe8)
sendmsg$BATADV_CMD_SET_HARDIF(r7, 0xfffffffffffffffe, 0xc0)
quotactl_fd$Q_GETNEXTQUOTA(0xffffffffffffffff, 0xffffffff80000900, r9, &(0x7f0000000100))
lchown(&(0x7f0000000040)='./file0\x00', r9, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000380)=<r10=>0x0)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300), 0x8800, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@msize={'msize', 0x3d, 0x1}}, {@access_user}, {@posixacl}], [{@seclabel}, {@fscontext={'fscontext', 0x3d, 'system_u'}}, {@hash}, {@fowner_eq={'fowner', 0x3d, r9}}, {@obj_type={'obj_type', 0x3d, 'ramfs\x00'}}, {@seclabel}, {@hash}, {@appraise}, {@uid_eq={'uid', 0x3d, r10}}]}})
setsockopt$inet6_tcp_TCP_REPAIR(r7, 0x6, 0x13, &(0x7f0000000540)=0x1, 0x4)
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_LINK={0x8, 0x1, 0x4}, @IFLA_XFRM_IF_ID={0x8, 0x2, 0x2}]}}}, @IFLA_BROADCAST={0xa}]}, 0x50}}, 0x0)
umount2(&(0x7f0000000280)='./file0\x00', 0x0)

844.411952ms ago: executing program 1 (id=2010):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000200"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x2000}, 0x50)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000013c0)=@newqdisc={0x34, 0x24, 0xf0b, 0x70bd29, 0x0, {0x0, 0x0, 0x12, 0x0, {0x0, 0xf}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}}, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000000100)={'macvtap0\x00', @random="f40100000060"})

829.331873ms ago: executing program 1 (id=2011):
add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_dev$tty1(0xc, 0x4, 0x4)
openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f00000000c0)={0x82, 0x0, 0x4}, 0x18)
pipe2(&(0x7f0000000c40)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4800)
fcntl$setpipe(r1, 0x407, 0x6)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x2, 0x0, 0x0, 0x4, 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x81203, 0x10000, 0x0, 0x5, 0x4, 0x20005, 0x4, 0x0, 0x0, 0x0, 0x4ca6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x4)
sendmmsg$inet(r0, &(0x7f0000001840)=[{{&(0x7f00000000c0)={0x2, 0x4e1f, @multicast1}, 0x10, &(0x7f0000000640)}}, {{&(0x7f0000000840)={0x2, 0x4e24, @local}, 0x10, &(0x7f0000000980)=[{&(0x7f0000000880)="8b", 0x1}], 0x1}}, {{&(0x7f0000000100)={0x2, 0x6e20, @rand_addr=0x64010100}, 0x10, &(0x7f0000001740)}}], 0x3, 0x200040d0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={0x0, r2, 0x0, 0xffffffff80000001}, 0x18)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
msgget$private(0x0, 0x790)
r3 = io_uring_setup(0x6b9e, &(0x7f0000000240)={0x0, 0xfffffffe, 0x800, 0x103fc, 0x4000159})
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x2b)
sendmsg$rds(r4, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x4400, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x18, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8000, 0x0, 0x7, 0x1, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@errors_continue}, {@jqfmt_vfsv0}, {@init_itable}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b0}}, {@noblock_validity}, {@grpquota}, {@nobh}, {@user_xattr}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4}}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f00000004c0)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)

825.964593ms ago: executing program 2 (id=2012):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b703000008000040850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000005c0)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}, {@grpid}]}, 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")

704.748723ms ago: executing program 2 (id=2013):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r1, r2, 0x5}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r1}, &(0x7f00000006c0), &(0x7f0000000700)=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r1, &(0x7f00000007c0)}, 0x20)

696.615533ms ago: executing program 1 (id=2014):
r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_dev$tty1(0xc, 0x4, 0x4)
openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f00000000c0)={0x82, 0x0, 0x4}, 0x18)
pipe2(&(0x7f0000000c40)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x4800)
fcntl$setpipe(r2, 0x407, 0x6)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x2, 0x0, 0x0, 0x4, 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x81203, 0x10000, 0x0, 0x5, 0x4, 0x20005, 0x4, 0x0, 0x0, 0x0, 0x4ca6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x4)
sendmmsg$inet(r1, &(0x7f0000001840)=[{{&(0x7f00000000c0)={0x2, 0x4e1f, @multicast1}, 0x10, &(0x7f0000000640)}}, {{&(0x7f0000000840)={0x2, 0x4e24, @local}, 0x10, &(0x7f0000000980)=[{&(0x7f0000000880)="8b", 0x1}], 0x1}}, {{&(0x7f0000000100)={0x2, 0x6e20, @rand_addr=0x64010100}, 0x10, &(0x7f0000001740)}}], 0x3, 0x200040d0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={0x0, r3, 0x0, 0xffffffff80000001}, 0x18)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
msgget$private(0x0, 0x790)
r4 = io_uring_setup(0x6b9e, &(0x7f0000000240)={0x0, 0xfffffffe, 0x800, 0x103fc, 0x4000159})
r5 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r5, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x2b)
sendmsg$rds(r5, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x4400, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x18, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8000, 0x0, 0x7, 0x1, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
keyctl$restrict_keyring(0xa, r0, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='dn+\x88\xfe\xf7\x01')
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@errors_continue}, {@jqfmt_vfsv0}, {@init_itable}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b0}}, {@noblock_validity}, {@grpquota}, {@nobh}, {@user_xattr}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4}}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f00000004c0)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)

631.850379ms ago: executing program 2 (id=2015):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x18)
ioprio_get$pid(0x2, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x35, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), r3)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f0000001900)={'wg2\x00', <r5=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB="e0100000", @ANYRES16=r4, @ANYBLOB="0500000000000000000001000000060006004e240000901008809005008024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b24000100000000000000000000000000000000000000000000000000000000000000000024000200fcbefe9641719404cc5c9ab2766dd4793e367b0ea55e65e2e3416ac9d4e68841240002001171ee8da334a5099295af229a5d237a7f4102f01f28b34347d6cbbe135d83ec24000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691cb40409807c000080060001000a00000014000200000000000000000000000000000000010500030002000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200ff0100000000000000000000000000010500030001000000060001000200000008000200e00000010500030000000000f4000080060001000a00000014000200fc0000000000000000000000000000000500030001000000060001000a00000014000200fc0200000000000000000000000000010500030000000000060001000200000008000200e00000020500030003000000060001000200000008000200000000000500030000000000060001000200000008000200ac1414bb0500030001000000060001000200000008000200ac1414bb0500030000000000060001000a00000014000200000000000000000000000000000000010500030002000000060001000a00000014000200fc0200000000000000000000000000000500030003000000340000800600010002000000080002000a0101010500030004000000060001000200000008000200ac1414aa050003000300000064000080060001000a00000014000200200100000000000000000000000000000500030002000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200ff010000000000000000000000000001050003000200000094000080060001000200000008000200ac1e00010500030002000000060001000200000008000200e00000010500030002000000060001000a00000014000200fc0000000000000000000000000000000500030002000000060001000200000008000200000000000500030003000000060001000a00000014000200fe80000000000000000000000000000e050003000000000040000080060001000a00000014000200fc0200000000000000000000000000000500030002000000060001000200000008000200ac1414aa050003000000000064000080060001000a00000014000200200100000000000000000000000000020500030001000000060001000a00000014000200fc02000000000000000000000000000105000300020000000600010002000000080002000a010100050003000200000070000080060001000a00000014000200ff0200000000000000000000000000010500030000000000060001000a00000014000200000000000000000000000000000000000500030002000000060001000a0000001400020000000000000000000000000000000001050003000000000000010080060001000a00000014000200ff0200000000000000000000000000010500030000000000060001000200000008000200000000000500030003000000060001000200000008000200640101000500030002000000060001000200000008000200640101010500030001000000060001000200000008000200ac1414aa0500030002000000060001000a00000014000200fe8000000000000000000000000000bb05000300020000000600010002000000080002007f0000010500030002000000060001000a00000014000200fc0200000000000000000000000000010500030003000000060001000200000008000200640101010500030001000000240002005da952055e5857d673cddd36909746c80efa3ff95c317de1063db32bc80a0b3e1803008024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39220600050005000000e802098058000080060001000200000008000200ac1e00010500030001000000060001000a00000014000200000000000000000000000000000000010500030000000000060001000200000008000200ffffffff05000300010000007c000080060001000a00000014000200000000000000000000000000000000010500030002000000060001000200000008000200ac1414bb0500030002000000060001000a000000140002000000000000000000000000000000000105000300020000000600010002000000080002000a0101010500030003000000f4000080060001000a0000001400020000000000000000000000ffffac1414aa0500030003000000060001000200000008000200ac1414aa05000300000000000600010002000000080002000a01010205000300020000000600010002000000080002007f00000105000300000000000600010002000000080002000a0101010500030003000000060001000200000008000200e00000010500030003000000060001000a00000014000200fc01000000000000000000000000000005000300010000000600010002000000080002000a0101000500030000000000060001000200000008000200ac1e0101050003000200000094000080060001000a00000014000200fc0200000000000000000000000000010500030002000000060001000a00000014000200ff0100000000000000000000000000010500030001000000060001000200000008000200e00000010500030002000000060001000200000008000200ac1414bb0500030001000000060001000200000008000200ffffffff050003000200000088000080060001000a00000014000200fe8000000000000000000000000000aa0500030001000000060001000200000008000200ac1414aa0500030002000000060001000a00000014000200fe8800000000000000000000000001010500030002000000060001000a00000014000200ff02000000000000000000000000000105000300020000007c000080200004000a004e2100000006fc0100000000000000000000000000010400000008000a000100000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922080003000300000024000200379aa288b2244a5b504ba04bea45625d328fb93b62e607a1b2e4da2f7f76a549780000800800030001000000080003000400000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922080003000000000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b1400040002004e22000000000000000000000000e4060080dc020980f4000080060001000a00000014000200000000000000000000000000000000000500030002000000060001000a00000014000200fc0000000000000000000000000000000500030001000000060001000200000008000200ffffffff050003000100000006d4e23d7500000008000200ac1e00010500030001000000060001000200000008000200e000000105000300020000000600010002000000080002007f0000010500030002000000060001000a00000014000200000000000000000000000000000000010500030001000000060001000a00000014000200fc010000000000000000000000000001050003000300000034000080060001000200000008000200640101000500030001000000060001000200000008000200ac1414bb050003000200000000010080060001000a00000014000200200100000000000000000000000000010500030000000000060001000200000008000200e000000205000300020000000600010002000000080002006401010005000300020000000600010002000000080002007f00000105000300010000000600010002000000080002007f0000010500030001000000060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ffffffff0500030000000000060001000200000008000200e00000010500030003000000060001000a00000014000200fc0100000000000000000000000000010500030000000000940000800600010002000000080002006401010005000300010000000600010002000000080002006401010205000300000000000600010002000000080002007f0000010500030003000000060001000200000008000200e00000020500030003000000060001000200000008000200ac1414120500030002000000060001000200000008000200ac14142d05000300020000001c000080060001000200000008000200ffffffff05000300030000000800030002000000200004000a004e2000000005fc010000000000000000000000000001000000009403098094000080060001000a0000001400020000000000000000000000ffffac1414bb0500030003000000060001000a00000014000200fe8800000000000000000000000000010500030002000000060001000a00000014000200ff0100000000000000000000000000010500030003000000060001000a00000014000200fe880000000000000000000000000101050003000100000064000080060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ac1414bb0500030001000000060001000a0000001400020000000000000000000000ffffe00000020500030003000000f4000080060001000200000008000200000000000500030001000000060001000a00000014000200000000000000000000000000000000010500030003000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200fe80000000000000000000000000003e05000300010000000600010002000000080002007f0000010500030001000000060001000a00000014000200ff0200000000000000000000000000010500030001000000060001000a00000014000200000000000000000000000000000000010500030000000000060001000200000008000200e0000001050003000000000058000080060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ac1414410500030010000000060001000200000008000200ac1e00010500030001000000f4000080060001000200000008000200640101000500030002000000060001000a00000014000200200100000000000000000000000000000500030000000000060001000a00000014000200fc0200000000000000000000000000010500030003000000060001000a00000014000200fe8000000000000000000000000000aa0500030003000000060001000200000008000200ac1414aa0500030000000000060001000200000008000200000000000500030000000000060001000200000008000200ac1414270500030000000000060001000a0000001400020020010000000000000000000000000002050003000100000058000080060001000200000008000200ac1414aa0500030001000000060001000a00000014000200fe8000000000000000000000000000140500030000000000060001000200000008000200e0000001050003000000000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b240002000f1b8b82264208ab1a2dce776c03b9f348f500ef8e7606466943f5ba2ae2881e0c0000800800030006000000060006004e24000008000100", @ANYRES32=r5, @ANYBLOB="240003"], 0x10e0}}, 0x0)

631.226019ms ago: executing program 2 (id=2016):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r1, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)

607.483521ms ago: executing program 0 (id=2017):
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
connect$inet6(r1, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
write$binfmt_script(r1, &(0x7f0000000780)={'#! ', './file0'}, 0xb)
close_range(r0, r1, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r4, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f00000001c0)={0x0, 0x20, &(0x7f0000000080)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in={0x2, 0x4e22, @remote}]}, &(0x7f0000000180)=0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x30, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00)

576.818863ms ago: executing program 1 (id=2018):
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
pipe2$9p(&(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r6, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r7 = dup(r6)
write$P9_RLERRORu(r7, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r7, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @ib_path={0x0}}, 0x20)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r7, 0x89f8, &(0x7f0000000200)={'erspan0\x00', &(0x7f0000000380)={'sit0\x00', 0x0, 0x7, 0x8000, 0x1, 0x7, {{0x5, 0x4, 0x0, 0x6, 0x14, 0x68, 0x0, 0x92, 0x4, 0x0, @remote, @multicast2}}}})
write$binfmt_elf64(r7, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r7])
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000200)={<r8=>0x0, 0x9, 0x1}, &(0x7f0000000400)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f0000000440)={r8, 0xffff}, 0x8)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r9}, 0x10)
setxattr$incfs_metadata(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), &(0x7f0000000500), 0x0, 0x2)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

538.292177ms ago: executing program 0 (id=2019):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r1}, 0x18)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r2, 0x545c, 0x200000000000000)

356.328671ms ago: executing program 0 (id=2021):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x17, &(0x7f00000005c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x10001}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000680)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41000, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000006c0)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000700)={0x1, 0x9, 0x5, 0x4}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000740)=[r0, r0], &(0x7f0000000780)=[{0x1, 0x5, 0x9, 0xb}, {0x0, 0x4, 0xe, 0x8}, {0x1, 0x3, 0x4}, {0x0, 0x5, 0x10, 0x8}, {0x5, 0x3, 0xe, 0x4}, {0x1, 0x5, 0x1, 0x5}], 0x10, 0x32}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0b00000008000000070000000900000001"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfff}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x1100000000000000, &(0x7f0000000440)=@base={0x18, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0xffffffff}, 0x50)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x10000000000004}, 0x18)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), r4)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x20, r5, 0x2586ad4018a3b31b, 0x0, 0xffffffff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2208c08, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
stat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r9=>0x0})
sendmsg$netlink(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000100140001"], 0x114}, {&(0x7f00000009c0)=ANY=[@ANYBLOB="cc0200003100000425bd7000fddbdf25d2004b8090e985c10e41bc16c3afdfa48f5504b1be674defb8e523ca931fc47fca0761f089f12dee7390f97c1afc9919b1fe48e849ff8dfba904c78d93262ae3d33f0064ebf13671c70daa79cc0fe13e298fd364e11960d535c26097d135265e7942c4c5db720b1846c07b77ed5d954b166fd8b48c9e0f6ca471ddfcbb5f163f777786f7a3fbfa7733802ee8c4a951358fe78e1ef7f4dbe179e9502c3354b1cebef86cef6a5c32967a223845ba9396fced3f604240981e8f247067e1349e286bc6c8269ebede928867184559936b04001380000072f367e932248bbb5f84927c213d001b02bcf2d2bd5b90abb49e35b671d5cc9e8646e4ecaf6db0c14b26d2c061e2895d84e85ee2272e330857cf5816d5761dcdb9cbd0815823a9e2e08d59f3a8cac38f824e82d6a380359c14f0b327fd5004cfcb9ba79164d762baff997f2fd16507defa04591b820f92c60d5c85e8eab1cc5c87f6a6027e19ea6adec8a708b47f58365690e1", @ANYRES32=r9, @ANYBLOB="040094807a026c57d2654d115e528c1459241cdf02597f14d35c3655073c5f407b4160b64e80e167c709d80d9da587820eeb0f3c363a773f519c2717597d2217f73d756a1e5262327a0d6705cffb6119d2df818584899aaf8d7b874dbb99330a6d2593829a3125c105c65840af5555000d003f0026e4b56b1866ada1d6000000ae69a5084963450371edc84dc99933e5f3798214db2bbd9046f0ccf707e29850c523bbf617b1d7ef1a551fb4d16bc02c3b80b31afd787c9d7b26e5ddbb196f76b5ae845fa547821e75e7ce9e57909e40c4879551d2f2238d4b261e66380a5ae73b551539b77a6588ca710abc8bcf5659e97a7c436980198477bba636c008a123467d4ebde947f09e3e18471413aacf4976b500"], 0x2cc}], 0x2, 0x0, 0x0, 0x20000001}, 0x0)
setsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000300)={{{@in=@remote, @in6=@dev={0xfe, 0x80, '\x00', 0x1a}, 0x4e23, 0x0, 0x4e24, 0x0, 0x2, 0x80, 0x0, 0x11, 0x0, r9}, {0xe61, 0x0, 0x0, 0x8, 0xb, 0x800, 0xffd, 0xffffffffffffffff}, {0x7, 0x4, 0x7fffffffffffffff, 0x7}, 0x8000, 0x6e6bb3, 0x0, 0x0, 0x2, 0x3}, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x4d3, 0x3c}, 0x2, @in6=@remote, 0x3500, 0x0, 0x0, 0x4, 0xc, 0xd0, 0x1}}, 0xe8)
sendmsg$BATADV_CMD_SET_HARDIF(r7, 0xfffffffffffffffe, 0xc0)
quotactl_fd$Q_GETNEXTQUOTA(0xffffffffffffffff, 0xffffffff80000900, r9, &(0x7f0000000100))
lchown(&(0x7f0000000040)='./file0\x00', r9, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000380)=<r10=>0x0)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300), 0x8800, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@msize={'msize', 0x3d, 0x1}}, {@access_user}, {@posixacl}], [{@seclabel}, {@fscontext={'fscontext', 0x3d, 'system_u'}}, {@hash}, {@fowner_eq={'fowner', 0x3d, r9}}, {@obj_type={'obj_type', 0x3d, 'ramfs\x00'}}, {@seclabel}, {@hash}, {@appraise}, {@uid_eq={'uid', 0x3d, r10}}]}})
setsockopt$inet6_tcp_TCP_REPAIR(r7, 0x6, 0x13, &(0x7f0000000540)=0x1, 0x4)
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_LINK={0x8, 0x1, 0x4}, @IFLA_XFRM_IF_ID={0x8, 0x2, 0x2}]}}}, @IFLA_BROADCAST={0xa}]}, 0x50}}, 0x0)
umount2(&(0x7f0000000280)='./file0\x00', 0x0)

315.041955ms ago: executing program 0 (id=2024):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b703000008000040850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000005c0)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}, {@grpid}]}, 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")

300.136316ms ago: executing program 4 (id=2025):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r1, r2, 0x5}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r1}, &(0x7f00000006c0), &(0x7f0000000700)=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r1, &(0x7f00000007c0)}, 0x20)

231.478321ms ago: executing program 3 (id=2026):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
uname(0x0)

230.556612ms ago: executing program 4 (id=2027):
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x8000000000000002, &(0x7f0000000e80)={<r2=>0xffffffffffffffff}, 0x2, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r1, &(0x7f00000000c0)={0x13, 0x10, 0x8, {0x0, r2, 0x1}}, 0x18)
write$RDMA_USER_CM_CMD_CONNECT(r0, &(0x7f0000000300)={0x6, 0x118, 0xfa00, {{0x2, 0x4, "14b0e25cfba3dad877bb46b13a08ef8ed63f1a8137c50284fec2082311ac94bebfd54e3a5b3db91fa3cba59233c14fa826b9da820c32ed6607e7331e30c81393257033a969480c1d3bd041570f52744505ac40ef88875c573bfbaf34d4fdabd0f89e790e6948f24ccaa587e563616da95f683c225c2141b9adcc79ba8350284c729da5d6ad7299c28dae92eea021a3e6de1c530fb452ac91ee39f38b59f7f8565b86cf828e85f0523d9e86186d99c78a292c583128dc733088475a706aae1dd06989665c55f6070c5e01e1d6d5df9b1858a83398a94763062f871c66d9113c5d8c1659a522439bfae1b417167d63c9f2a65e02ae8a95bcad90f7cf81b552bf00", 0x1, 0x40, 0x2, 0x1, 0x3, 0x18, 0x1}, r2}}, 0x120)
getrusage(0x1, &(0x7f0000000480))
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r3, 0x5412, &(0x7f00000000c0)=0x13)
ioctl$TCSETA(r3, 0x5406, &(0x7f0000000100)={0xfefd, 0x800, 0x1fff, 0xffff, 0xc, "a8dff370f0fff7fd"})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000050000000000000000000024000a20000000000a1f000000000000000000010000000900010073797a300000000058000000030a0104000000000000000001000000090003803d2175fbe782c2eb2b00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b400000000014000480100001800b0001006e756d67656e00000900010073797a30000000004c0004804800018008000100666962003c000280080003400000000c08000140000000020800014000000030080002400000000308000140000000120800034000000000080003400000000a"], 0x122}, 0x1, 0x0, 0x0, 0x40000}, 0x80d0)
accept4$bt_l2cap(0xffffffffffffffff, 0x0, &(0x7f0000000240), 0x800)
r6 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00'}, 0xe)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
close(r6)
r8 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
write$binfmt_misc(r8, &(0x7f0000000180)="e502", 0x2)
execveat(r8, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

225.016562ms ago: executing program 3 (id=2028):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
uname(0x0)

208.841093ms ago: executing program 3 (id=2029):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r1, r2, 0x5}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r1}, &(0x7f00000006c0), &(0x7f0000000700)=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r1, &(0x7f00000007c0)}, 0x20)

196.476754ms ago: executing program 3 (id=2030):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r0}, &(0x7f0000000380), &(0x7f0000000ac0)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0xa, 0xb, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000df00180100002020702500000000002020207b1af8ff00000000e3cc6fa54001fb099fdd7894bfa100000000000007010000f8ffff000000008500000073000000b400000000000000000000000000f1af1528680758231c16a7"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r4 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r3, r4, 0x5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3}, &(0x7f00000006c0), &(0x7f0000000700)=r2}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r3, &(0x7f00000007c0)}, 0x20)

160.432177ms ago: executing program 3 (id=2031):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
pidfd_send_signal(r3, 0x2, &(0x7f0000000000)={0x2, 0x1, 0x80}, 0x0)
mremap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000ffb000/0x4000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f903", 0x11}], 0x1}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

158.752207ms ago: executing program 0 (id=2032):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020100008500000043"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r2, 0x29, 0x16, &(0x7f00000001c0)=0x7f, 0x4)
close(r2)

139.647679ms ago: executing program 0 (id=2033):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b703000008000040850000006900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='kfree\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000005c0)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}, {@grpid}]}, 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")

136.669229ms ago: executing program 4 (id=2034):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000002000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x2000}, 0x50)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000013c0)=@newqdisc={0x34, 0x24, 0xf0b, 0x70bd29, 0x0, {0x0, 0x0, 0x12, 0x0, {0x0, 0xf}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}}, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000000100)={'macvtap0\x00', @random="f40100000060"})

84.438323ms ago: executing program 4 (id=2035):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x17, &(0x7f00000005c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x10001}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000680)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41000, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000006c0)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000700)={0x1, 0x9, 0x5, 0x4}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000740)=[r0, r0], &(0x7f0000000780)=[{0x1, 0x5, 0x9, 0xb}, {0x0, 0x4, 0xe, 0x8}, {0x1, 0x3, 0x4}, {0x0, 0x5, 0x10, 0x8}, {0x5, 0x3, 0xe, 0x4}, {0x1, 0x5, 0x1, 0x5}], 0x10, 0x32}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0b00000008000000070000000900000001"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfff}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x1100000000000000, &(0x7f0000000440)=@base={0x18, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0xffffffff}, 0x50)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x10000000000004}, 0x18)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), r4)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x20, r5, 0x2586ad4018a3b31b, 0x0, 0xffffffff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2208c08, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
stat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r9=>0x0})
sendmsg$netlink(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000100140001"], 0x114}, {&(0x7f00000009c0)=ANY=[@ANYBLOB="cc0200003100000425bd7000fddbdf25d2004b8090e985c10e41bc16c3afdfa48f5504b1be674defb8e523ca931fc47fca0761f089f12dee7390f97c1afc9919b1fe48e849ff8dfba904c78d93262ae3d33f0064ebf13671c70daa79cc0fe13e298fd364e11960d535c26097d135265e7942c4c5db720b1846c07b77ed5d954b166fd8b48c9e0f6ca471ddfcbb5f163f777786f7a3fbfa7733802ee8c4a951358fe78e1ef7f4dbe179e9502c3354b1cebef86cef6a5c32967a223845ba9396fced3f604240981e8f247067e1349e286bc6c8269ebede928867184559936b04001380000072f367e932248bbb5f84927c213d001b02bcf2d2bd5b90abb49e35b671d5cc9e8646e4ecaf6db0c14b26d2c061e2895d84e85ee2272e330857cf5816d5761dcdb9cbd0815823a9e2e08d59f3a8cac38f824e82d6a380359c14f0b327fd5004cfcb9ba79164d762baff997f2fd16507defa04591b820f92c60d5c85e8eab1cc5c87f6a6027e19ea6adec8a708b47f58365690e1", @ANYRES32=r9, @ANYBLOB="040094807a026c57d2654d115e528c1459241cdf02597f14d35c3655073c5f407b4160b64e80e167c709d80d9da587820eeb0f3c363a773f519c2717597d2217f73d756a1e5262327a0d6705cffb6119d2df818584899aaf8d7b874dbb99330a6d2593829a3125c105c65840af5555000d003f0026e4b56b1866ada1d6000000ae69a5084963450371edc84dc99933e5f3798214db2bbd9046f0ccf707e29850c523bbf617b1d7ef1a551fb4d16bc02c3b80b31afd787c9d7b26e5ddbb196f76b5ae845fa547821e75e7ce9e57909e40c4879551d2f2238d4b261e66380a5ae73b551539b77a6588ca710abc8bcf5659e97a7c436980198477bba636c008a123467d4ebde947f09e3e18471413aacf4976b500"], 0x2cc}], 0x2, 0x0, 0x0, 0x20000001}, 0x0)
setsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000300)={{{@in=@remote, @in6=@dev={0xfe, 0x80, '\x00', 0x1a}, 0x4e23, 0x0, 0x4e24, 0x0, 0x2, 0x80, 0x0, 0x11, 0x0, r9}, {0xe61, 0x0, 0x0, 0x8, 0xb, 0x800, 0xffd, 0xffffffffffffffff}, {0x7, 0x4, 0x7fffffffffffffff, 0x7}, 0x8000, 0x6e6bb3, 0x0, 0x0, 0x2, 0x3}, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x4d3, 0x3c}, 0x2, @in6=@remote, 0x3500, 0x0, 0x0, 0x4, 0xc, 0xd0, 0x1}}, 0xe8)
sendmsg$BATADV_CMD_SET_HARDIF(r7, 0xfffffffffffffffe, 0xc0)
quotactl_fd$Q_GETNEXTQUOTA(0xffffffffffffffff, 0xffffffff80000900, r9, &(0x7f0000000100))
lchown(&(0x7f0000000040)='./file0\x00', r9, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000380)=<r10=>0x0)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300), 0x8800, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@msize={'msize', 0x3d, 0x1}}, {@access_user}, {@posixacl}], [{@seclabel}, {@fscontext={'fscontext', 0x3d, 'system_u'}}, {@hash}, {@fowner_eq={'fowner', 0x3d, r9}}, {@obj_type={'obj_type', 0x3d, 'ramfs\x00'}}, {@seclabel}, {@hash}, {@appraise}, {@uid_eq={'uid', 0x3d, r10}}]}})
setsockopt$inet6_tcp_TCP_REPAIR(r7, 0x6, 0x13, &(0x7f0000000540)=0x1, 0x4)
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_LINK={0x8, 0x1, 0x4}, @IFLA_XFRM_IF_ID={0x8, 0x2, 0x2}]}}}, @IFLA_BROADCAST={0xa}]}, 0x50}}, 0x0)
umount2(&(0x7f0000000280)='./file0\x00', 0x0)

0s ago: executing program 3 (id=2036):
add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_dev$tty1(0xc, 0x4, 0x4)
openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f00000000c0)={0x82, 0x0, 0x4}, 0x18)
pipe2(&(0x7f0000000c40)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4800)
fcntl$setpipe(r1, 0x407, 0x6)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x2, 0x0, 0x0, 0x4, 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x81203, 0x10000, 0x0, 0x5, 0x4, 0x20005, 0x4, 0x0, 0x0, 0x0, 0x4ca6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x4)
sendmmsg$inet(r0, &(0x7f0000001840)=[{{&(0x7f00000000c0)={0x2, 0x4e1f, @multicast1}, 0x10, &(0x7f0000000640)}}, {{&(0x7f0000000840)={0x2, 0x4e24, @local}, 0x10, &(0x7f0000000980)=[{&(0x7f0000000880)="8b", 0x1}], 0x1}}, {{&(0x7f0000000100)={0x2, 0x6e20, @rand_addr=0x64010100}, 0x10, &(0x7f0000001740)}}], 0x3, 0x200040d0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={0x0, r2, 0x0, 0xffffffff80000001}, 0x18)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
msgget$private(0x0, 0x790)
r3 = io_uring_setup(0x6b9e, &(0x7f0000000240)={0x0, 0xfffffffe, 0x800, 0x103fc, 0x4000159})
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x2b)
sendmsg$rds(r4, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x4400, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x18, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8000, 0x0, 0x7, 0x1, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@errors_continue}, {@jqfmt_vfsv0}, {@init_itable}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b0}}, {@noblock_validity}, {@grpquota}, {@nobh}, {@user_xattr}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4}}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f00000004c0)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)

kernel console output (not intermixed with test programs):

512
[   96.273313][ T6993] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.299236][ T6982] loop4: detected capacity change from 0 to 1024
[   96.306768][ T6990] EXT4-fs (loop2): 1 truncate cleaned up
[   96.314572][ T6982] EXT4-fs: Ignoring removed nobh option
[   96.321394][ T6996] EXT4-fs (loop0): too many log groups per flexible block group
[   96.329100][ T6996] EXT4-fs (loop0): failed to initialize mballoc (-12)
[   96.333959][ T7003] validate_nla: 1 callbacks suppressed
[   96.333974][ T7003] netlink: 'syz.1.981': attribute type 13 has an invalid length.
[   96.347135][ T6990] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.367680][ T6996] EXT4-fs (loop0): mount failed
[   96.395330][ T6584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.395594][ T6982] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.499526][ T6718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.523033][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.586037][ T7020] loop1: detected capacity change from 0 to 512
[   96.610465][ T7020] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   96.633295][ T7020] EXT4-fs (loop1): 1 truncate cleaned up
[   96.639615][ T7020] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.655802][ T7025] random: crng reseeded on system resumption
[   96.683118][ T7027] netlink: 'syz.3.991': attribute type 13 has an invalid length.
[   96.683141][ T7025] netlink: 'syz.4.985': attribute type 1 has an invalid length.
[   96.698749][ T7025] netlink: 224 bytes leftover after parsing attributes in process `syz.4.985'.
[   96.725486][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.760627][ T7034] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   96.788574][ T7034] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   96.828155][ T7038] loop3: detected capacity change from 0 to 512
[   96.846698][ T7041] netlink: 'syz.1.997': attribute type 1 has an invalid length.
[   96.854467][ T7041] netlink: 224 bytes leftover after parsing attributes in process `syz.1.997'.
[   96.866501][ T7038] EXT4-fs (loop3): external journal device major/minor numbers have changed
[   96.876075][ T7041] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[   96.927126][ T7038] EXT4-fs (loop3): failed to open journal device unknown-block(0,8) -6
[   96.956675][ T7038] netlink: 'syz.3.996': attribute type 4 has an invalid length.
[   96.993440][ T7049] FAULT_INJECTION: forcing a failure.
[   96.993440][ T7049] name failslab, interval 1, probability 0, space 0, times 0
[   97.006145][ T7049] CPU: 0 UID: 0 PID: 7049 Comm: ’ Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   97.006178][ T7049] Tainted: [W]=WARN
[   97.006246][ T7049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   97.006257][ T7049] Call Trace:
[   97.006264][ T7049]  <TASK>
[   97.006273][ T7049]  __dump_stack+0x1d/0x30
[   97.006294][ T7049]  dump_stack_lvl+0xe8/0x140
[   97.006333][ T7049]  dump_stack+0x15/0x1b
[   97.006350][ T7049]  should_fail_ex+0x265/0x280
[   97.006475][ T7049]  should_failslab+0x8c/0xb0
[   97.006505][ T7049]  kmem_cache_alloc_noprof+0x50/0x310
[   97.006533][ T7049]  ? security_file_alloc+0x32/0x100
[   97.006565][ T7049]  security_file_alloc+0x32/0x100
[   97.006659][ T7049]  init_file+0x5c/0x1d0
[   97.006687][ T7049]  alloc_empty_file+0x8b/0x200
[   97.006731][ T7049]  alloc_file_pseudo+0xc6/0x160
[   97.006761][ T7049]  __shmem_file_setup+0x1de/0x210
[   97.006798][ T7049]  shmem_file_setup+0x3b/0x50
[   97.006827][ T7049]  __se_sys_memfd_create+0x2c3/0x590
[   97.006861][ T7049]  __x64_sys_memfd_create+0x31/0x40
[   97.006881][ T7049]  x64_sys_call+0x2abe/0x2ff0
[   97.006902][ T7049]  do_syscall_64+0xd2/0x200
[   97.006927][ T7049]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.007020][ T7049]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   97.007045][ T7049]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.007066][ T7049] RIP: 0033:0x7f3757c1ebe9
[   97.007083][ T7049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.007125][ T7049] RSP: 002b:00007f3756686d68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   97.007144][ T7049] RAX: ffffffffffffffda RBX: 0000000000000593 RCX: 00007f3757c1ebe9
[   97.007156][ T7049] RDX: 00007f3756686dec RSI: 0000000000000000 RDI: 00007f3757ca27e8
[   97.007185][ T7049] RBP: 00002000000005c0 R08: 00007f3756686b07 R09: 0000000000000000
[   97.007198][ T7049] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001
[   97.007211][ T7049] R13: 00007f3756686dec R14: 00007f3756686df0 R15: 00007ffe36601308
[   97.007284][ T7049]  </TASK>
[   97.019002][ T7009] loop0: detected capacity change from 0 to 1024
[   97.193271][ T7037] loop4: detected capacity change from 0 to 1024
[   97.200855][ T7009] EXT4-fs: Ignoring removed nobh option
[   97.240477][ T7052] loop3: detected capacity change from 0 to 512
[   97.241264][ T7037] EXT4-fs: Ignoring removed nobh option
[   97.265086][ T7037] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.280857][ T7052] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.294727][   T29] kauditd_printk_skb: 241 callbacks suppressed
[   97.294741][   T29] audit: type=1326 audit(1756633315.978:7288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7053 comm="syz.1.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[   97.312095][ T7009] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.324869][   T29] audit: type=1326 audit(1756633315.978:7289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7053 comm="syz.1.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[   97.360125][   T29] audit: type=1326 audit(1756633315.978:7290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7053 comm="syz.1.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[   97.383579][   T29] audit: type=1326 audit(1756633315.978:7291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7053 comm="syz.1.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[   97.407022][   T29] audit: type=1326 audit(1756633315.978:7292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7053 comm="syz.1.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[   97.430534][   T29] audit: type=1326 audit(1756633315.988:7293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7053 comm="syz.1.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[   97.454036][   T29] audit: type=1326 audit(1756633315.988:7294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7053 comm="syz.1.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[   97.477485][   T29] audit: type=1326 audit(1756633315.988:7295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7053 comm="syz.1.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[   97.501202][   T29] audit: type=1326 audit(1756633315.988:7296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7053 comm="syz.1.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[   97.524674][   T29] audit: type=1326 audit(1756633315.988:7297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7053 comm="syz.1.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[   97.549129][ T6584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.559856][ T6718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.633388][ T7082] loop4: detected capacity change from 0 to 512
[   97.668167][ T6553] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.681474][ T7088] loop1: detected capacity change from 0 to 136
[   97.690737][ T7082] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   97.694255][ T7088] iso9660: Unknown parameter ''
[   97.708122][ T7082] EXT4-fs (loop4): 1 truncate cleaned up
[   97.724575][ T7082] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.742017][ T7088] loop1: detected capacity change from 0 to 128
[   97.753081][ T7088] msdos: Unknown parameter 'ÿÿÿÿÿÿÿÿ0x0000000000000000'
[   97.771683][ T6718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.898467][ T7099] loop1: detected capacity change from 0 to 512
[   97.945238][ T7099] EXT4-fs (loop1): too many log groups per flexible block group
[   97.953014][ T7099] EXT4-fs (loop1): failed to initialize mballoc (-12)
[   97.960278][ T7099] EXT4-fs (loop1): mount failed
[   98.012143][ T7114] random: crng reseeded on system resumption
[   98.049810][ T7116] netlink: 'syz.0.1018': attribute type 13 has an invalid length.
[   98.129311][ T7116] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.136643][ T7116] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.149784][ T7116] batman_adv: batadv0: Interface deactivated: dummy0
[   98.190152][ T7116] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   98.213149][ T7116] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   98.247343][ T7120] loop4: detected capacity change from 0 to 4096
[   98.270621][ T7120] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   98.293140][ T4533] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   98.302459][ T7120] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.309026][ T7112] loop1: detected capacity change from 0 to 1024
[   98.322418][ T4533] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   98.323451][ T7112] EXT4-fs: Ignoring removed nobh option
[   98.347454][ T4533] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   98.347872][ T7112] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.356525][ T4533] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   98.562434][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.709589][ T6718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.766221][ T7146] loop3: detected capacity change from 0 to 512
[   98.787164][ T7147] loop4: detected capacity change from 0 to 512
[   98.802178][ T7146] EXT4-fs (loop3): too many log groups per flexible block group
[   98.809931][ T7146] EXT4-fs (loop3): failed to initialize mballoc (-12)
[   98.830254][ T7146] EXT4-fs (loop3): mount failed
[   98.830877][ T7147] EXT4-fs (loop4): external journal device major/minor numbers have changed
[   98.878665][ T7147] EXT4-fs (loop4): failed to open journal device unknown-block(0,8) -6
[   98.893298][ T7136] loop0: detected capacity change from 0 to 1024
[   98.903289][ T7136] EXT4-fs: Ignoring removed nobh option
[   98.912517][ T7136] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.928458][ T7147] netlink: 'syz.4.1028': attribute type 4 has an invalid length.
[   98.988686][ T6553] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.074474][ T7140] loop1: detected capacity change from 0 to 1024
[   99.083425][ T7140] EXT4-fs: Ignoring removed nobh option
[   99.131961][ T7140] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.158161][ T7174] random: crng reseeded on system resumption
[   99.168864][ T7174] netlink: 'syz.4.1038': attribute type 1 has an invalid length.
[   99.176803][ T7174] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1038'.
[   99.249150][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.281780][ T7179] FAULT_INJECTION: forcing a failure.
[   99.281780][ T7179] name failslab, interval 1, probability 0, space 0, times 0
[   99.294526][ T7179] CPU: 1 UID: 0 PID: 7179 Comm: syz.1.1040 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   99.294555][ T7179] Tainted: [W]=WARN
[   99.294560][ T7179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   99.294569][ T7179] Call Trace:
[   99.294575][ T7179]  <TASK>
[   99.294582][ T7179]  __dump_stack+0x1d/0x30
[   99.294602][ T7179]  dump_stack_lvl+0xe8/0x140
[   99.294631][ T7179]  dump_stack+0x15/0x1b
[   99.294644][ T7179]  should_fail_ex+0x265/0x280
[   99.294663][ T7179]  should_failslab+0x8c/0xb0
[   99.294684][ T7179]  __kvmalloc_node_noprof+0x123/0x4e0
[   99.294707][ T7179]  ? io_sqe_buffers_register+0xc2/0x530
[   99.294759][ T7179]  io_sqe_buffers_register+0xc2/0x530
[   99.294782][ T7179]  ? __fget_files+0x184/0x1c0
[   99.294805][ T7179]  __se_sys_io_uring_register+0xa9f/0xeb0
[   99.294908][ T7179]  ? fput+0x8f/0xc0
[   99.294999][ T7179]  ? ksys_write+0x192/0x1a0
[   99.295019][ T7179]  __x64_sys_io_uring_register+0x55/0x70
[   99.295118][ T7179]  x64_sys_call+0x18a3/0x2ff0
[   99.295134][ T7179]  do_syscall_64+0xd2/0x200
[   99.295159][ T7179]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   99.295182][ T7179]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   99.295286][ T7179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.295305][ T7179] RIP: 0033:0x7f3757c1ebe9
[   99.295318][ T7179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.295369][ T7179] RSP: 002b:00007f3756687038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[   99.295387][ T7179] RAX: ffffffffffffffda RBX: 00007f3757e55fa0 RCX: 00007f3757c1ebe9
[   99.295398][ T7179] RDX: 0000200000000080 RSI: 0000000000000000 RDI: 0000000000000006
[   99.295409][ T7179] RBP: 00007f3756687090 R08: 0000000000000000 R09: 0000000000000000
[   99.295420][ T7179] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[   99.295431][ T7179] R13: 00007f3757e56038 R14: 00007f3757e55fa0 R15: 00007ffe36601308
[   99.295448][ T7179]  </TASK>
[   99.498000][ T7170] loop0: detected capacity change from 0 to 1024
[   99.507749][ T7170] EXT4-fs: Ignoring removed nobh option
[   99.542907][ T7170] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.564980][ T7187] loop1: detected capacity change from 0 to 1024
[   99.592095][ T7191] loop4: detected capacity change from 0 to 512
[   99.599498][ T7187] EXT4-fs: Ignoring removed nomblk_io_submit option
[   99.600857][ T7191] EXT4-fs (loop4): external journal device major/minor numbers have changed
[   99.624317][ T6553] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.634233][ T7187] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.675938][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.676572][ T7191] EXT4-fs (loop4): failed to open journal device unknown-block(0,8) -6
[   99.744998][ T7191] netlink: 'syz.4.1045': attribute type 4 has an invalid length.
[   99.762117][ T7203] loop1: detected capacity change from 0 to 2048
[   99.778831][ T7206] loop2: detected capacity change from 0 to 1024
[   99.794585][ T7208] loop3: detected capacity change from 0 to 512
[   99.805685][ T7206] EXT4-fs: Ignoring removed nobh option
[   99.814776][ T7203] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1048'.
[   99.824255][ T7203] batman_adv: batadv0: Removing interface: batadv_slave_0
[   99.838411][ T7208] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.1051: corrupted in-inode xattr: invalid ea_ino
[   99.859042][ T7203] batman_adv: batadv0: Removing interface: batadv_slave_1
[   99.871974][ T7206] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.879308][ T7208] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1051: couldn't read orphan inode 15 (err -117)
[   99.899104][ T7208] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.932433][ T7203] batman_adv: batadv0: Removing interface: dummy0
[   99.954571][ T7219] loop0: detected capacity change from 0 to 512
[   99.962438][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.966858][ T7219] EXT4-fs: Ignoring removed oldalloc option
[   99.979249][ T6584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.989985][ T7221] random: crng reseeded on system resumption
[   99.999487][ T7221] netlink: 'syz.4.1058': attribute type 1 has an invalid length.
[  100.007305][ T7221] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1058'.
[  100.017533][ T7203] bond0: (slave batadv0): Releasing backup interface
[  100.028137][ T7219] EXT4-fs error (device loop0): ext4_xattr_inode_iget:433: comm syz.0.1056: Parent and EA inode have the same ino 15
[  100.043494][ T7219] EXT4-fs (loop0): Remounting filesystem read-only
[  100.050036][ T7219] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -30)
[  100.059400][ T7219] EXT4-fs (loop0): 1 orphan inode deleted
[  100.080124][ T7219] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.114449][ T7219] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1056'.
[  100.138505][ T7219] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1056'.
[  100.188050][ T6553] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.241519][ T7236] loop4: detected capacity change from 0 to 512
[  100.251737][ T7239] netlink: 7 bytes leftover after parsing attributes in process `syz.0.1063'.
[  100.266770][ T7236] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  100.291795][ T7236] EXT4-fs (loop4): failed to open journal device unknown-block(0,8) -6
[  100.333898][ T7245] loop3: detected capacity change from 0 to 512
[  100.371290][ T7245] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  100.383894][ T7249] loop0: detected capacity change from 0 to 1024
[  100.395009][ T7249] EXT4-fs: Ignoring removed nobh option
[  100.403940][ T7252] loop1: detected capacity change from 0 to 512
[  100.423971][ T7256] random: crng reseeded on system resumption
[  100.431182][ T7245] EXT4-fs (loop3): 1 truncate cleaned up
[  100.445668][ T7249] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.457131][ T7238] loop2: detected capacity change from 0 to 1024
[  100.465386][ T7238] EXT4-fs: Ignoring removed nobh option
[  100.473910][ T7245] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.477198][ T7252] EXT4-fs (loop1): too many log groups per flexible block group
[  100.494176][ T7252] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  100.501075][ T7252] EXT4-fs (loop1): mount failed
[  100.510066][ T7238] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.544137][ T6553] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.564787][ T7266] SELinux:  Context system_u:object_r:netutils_exec_t:s0 is not valid (left unmapped).
[  100.608597][ T6584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.697787][ T7278] __nla_validate_parse: 4 callbacks suppressed
[  100.697802][ T7278] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1078'.
[  100.757360][ T7278] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1078'.
[  100.832779][ T7291] loop3: detected capacity change from 0 to 512
[  100.849813][ T7291] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.865660][ T7289] loop4: detected capacity change from 0 to 1024
[  100.873790][ T7289] EXT4-fs: Ignoring removed nobh option
[  100.921559][ T7289] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.929198][ T6584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.943900][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.030209][ T7299] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1087'.
[  101.039793][ T7299] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  101.085382][ T7301] loop3: detected capacity change from 0 to 512
[  101.101122][ T6718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.118274][ T7301] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  101.119693][ T7301] EXT4-fs (loop3): 1 truncate cleaned up
[  101.120138][ T7301] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.190474][ T7295] loop1: detected capacity change from 0 to 1024
[  101.191014][ T7295] EXT4-fs: Ignoring removed nobh option
[  101.236364][ T6584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.257401][ T7295] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.274632][ T7313] loop4: detected capacity change from 0 to 512
[  101.296946][ T7317] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1092'.
[  101.317005][ T7317] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1092'.
[  101.446657][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.472942][ T7326] loop4: detected capacity change from 0 to 512
[  101.496565][ T7330] validate_nla: 5 callbacks suppressed
[  101.496618][ T7330] netlink: 'syz.1.1095': attribute type 4 has an invalid length.
[  101.517001][ T7326] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.542162][ T7331] netlink: 'syz.3.1098': attribute type 1 has an invalid length.
[  101.549988][ T7331] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1098'.
[  101.571213][ T6718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.580240][ T7331] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  101.588894][ T3400] IPVS: starting estimator thread 0...
[  101.614714][ T7336] netlink: 'syz.4.1099': attribute type 10 has an invalid length.
[  101.648992][ T7336] team0: Port device dummy0 added
[  101.657013][ T7336] FAULT_INJECTION: forcing a failure.
[  101.657013][ T7336] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.670217][ T7336] CPU: 1 UID: 0 PID: 7336 Comm: syz.4.1099 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  101.670352][ T7336] Tainted: [W]=WARN
[  101.670358][ T7336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  101.670369][ T7336] Call Trace:
[  101.670375][ T7336]  <TASK>
[  101.670382][ T7336]  __dump_stack+0x1d/0x30
[  101.670400][ T7336]  dump_stack_lvl+0xe8/0x140
[  101.670419][ T7336]  dump_stack+0x15/0x1b
[  101.670435][ T7336]  should_fail_ex+0x265/0x280
[  101.670491][ T7336]  should_fail+0xb/0x20
[  101.670508][ T7336]  should_fail_usercopy+0x1a/0x20
[  101.670530][ T7336]  _copy_from_user+0x1c/0xb0
[  101.670633][ T7336]  ___sys_sendmsg+0xc1/0x1d0
[  101.670667][ T7336]  __x64_sys_sendmsg+0xd4/0x160
[  101.670690][ T7336]  x64_sys_call+0x191e/0x2ff0
[  101.670810][ T7336]  do_syscall_64+0xd2/0x200
[  101.670835][ T7336]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.670858][ T7336]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  101.670883][ T7336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.670906][ T7336] RIP: 0033:0x7fd08a22ebe9
[  101.670921][ T7336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.670950][ T7336] RSP: 002b:00007fd088c97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  101.670970][ T7336] RAX: ffffffffffffffda RBX: 00007fd08a465fa0 RCX: 00007fd08a22ebe9
[  101.670983][ T7336] RDX: 0000000000008000 RSI: 0000200000000600 RDI: 0000000000000005
[  101.670996][ T7336] RBP: 00007fd088c97090 R08: 0000000000000000 R09: 0000000000000000
[  101.671065][ T7336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.671122][ T7336] R13: 00007fd08a466038 R14: 00007fd08a465fa0 R15: 00007ffefe47c9e8
[  101.671137][ T7336]  </TASK>
[  101.850525][ T7334] IPVS: using max 2880 ests per chain, 144000 per kthread
[  101.878191][ T7342] loop1: detected capacity change from 0 to 512
[  101.885296][ T7342] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  101.892421][ T7339] GUP no longer grows the stack in syz.3.1100 (7339): 200000004000-20000000a000 (200000002000)
[  101.905544][ T7339] CPU: 1 UID: 0 PID: 7339 Comm: syz.3.1100 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  101.905573][ T7339] Tainted: [W]=WARN
[  101.905579][ T7339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  101.905590][ T7339] Call Trace:
[  101.905647][ T7339]  <TASK>
[  101.905655][ T7339]  __dump_stack+0x1d/0x30
[  101.905678][ T7339]  dump_stack_lvl+0xe8/0x140
[  101.905720][ T7339]  dump_stack+0x15/0x1b
[  101.905734][ T7339]  __get_user_pages+0x198d/0x1fa0
[  101.905765][ T7339]  ? __rcu_read_unlock+0x4f/0x70
[  101.905787][ T7339]  get_user_pages_remote+0x1d5/0x6d0
[  101.905814][ T7339]  __access_remote_vm+0x15c/0x590
[  101.905887][ T7339]  access_remote_vm+0x32/0x40
[  101.905917][ T7339]  proc_pid_cmdline_read+0x32b/0x6c0
[  101.905945][ T7339]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  101.905965][ T7339]  vfs_readv+0x3fb/0x690
[  101.906051][ T7339]  __x64_sys_preadv+0xfd/0x1c0
[  101.906073][ T7339]  x64_sys_call+0x282a/0x2ff0
[  101.906091][ T7339]  do_syscall_64+0xd2/0x200
[  101.906114][ T7339]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.906162][ T7339]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  101.906189][ T7339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.906211][ T7339] RIP: 0033:0x7fbaafc4ebe9
[  101.906228][ T7339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.906245][ T7339] RSP: 002b:00007fbaae6af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  101.906345][ T7339] RAX: ffffffffffffffda RBX: 00007fbaafe85fa0 RCX: 00007fbaafc4ebe9
[  101.906356][ T7339] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 000000000000000b
[  101.906366][ T7339] RBP: 00007fbaafcd1e19 R08: 0000000000000000 R09: 0000000000000000
[  101.906441][ T7339] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  101.906455][ T7339] R13: 00007fbaafe86038 R14: 00007fbaafe85fa0 R15: 00007ffdb2c52768
[  101.906474][ T7339]  </TASK>
[  102.130559][ T7345] netlink: 'syz.3.1103': attribute type 1 has an invalid length.
[  102.138402][ T7345] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1103'.
[  102.149468][ T7345] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  102.178912][ T7342] EXT4-fs (loop1): 1 truncate cleaned up
[  102.185020][ T7342] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.243683][ T7343] loop2: detected capacity change from 0 to 1024
[  102.250518][ T7343] EXT4-fs: Ignoring removed nobh option
[  102.262054][ T7343] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.314780][ T7349] loop3: detected capacity change from 0 to 4096
[  102.324494][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.347516][ T7349] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  102.357948][ T7354] loop4: detected capacity change from 0 to 2048
[  102.368338][ T7349] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.406021][ T7354] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1106'.
[  102.459416][ T7354] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  102.467032][ T7354] batman_adv: batadv0: Removing interface: batadv_slave_0
[  102.496771][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.506809][ T7354] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  102.514260][ T7354] batman_adv: batadv0: Removing interface: batadv_slave_1
[  102.629821][ T7367] netlink: 'syz.2.1111': attribute type 1 has an invalid length.
[  102.637657][ T7367] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1111'.
[  102.675465][ T7371] netlink: 'syz.1.1113': attribute type 1 has an invalid length.
[  102.681579][ T7367] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  102.683267][ T7371] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1113'.
[  102.735307][ T7371] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  102.767804][ T7375] loop1: detected capacity change from 0 to 512
[  102.797268][ T7375] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.860666][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.912253][ T7379] netlink: 'syz.1.1116': attribute type 1 has an invalid length.
[  102.930728][ T7379] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  102.962611][ T6584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.050239][   T29] kauditd_printk_skb: 474 callbacks suppressed
[  103.050255][   T29] audit: type=1326 audit(1756633321.728:7772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7385 comm="syz.3.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaafc4ebe9 code=0x7ffc0000
[  103.080007][   T29] audit: type=1400 audit(1756633321.728:7773): avc:  denied  { read } for  pid=7383 comm="syz.1.1119" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  103.101399][   T29] audit: type=1326 audit(1756633321.728:7774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7385 comm="syz.3.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaafc4ebe9 code=0x7ffc0000
[  103.124997][   T29] audit: type=1326 audit(1756633321.748:7775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7385 comm="syz.3.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7fbaafc4ebe9 code=0x7ffc0000
[  103.125185][ T7369] loop4: detected capacity change from 0 to 1024
[  103.148481][   T29] audit: type=1326 audit(1756633321.748:7776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7385 comm="syz.3.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaafc4ebe9 code=0x7ffc0000
[  103.178200][   T29] audit: type=1326 audit(1756633321.748:7777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7385 comm="syz.3.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaafc4ebe9 code=0x7ffc0000
[  103.201695][   T29] audit: type=1326 audit(1756633321.748:7778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7385 comm="syz.3.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fbaafc4ebe9 code=0x7ffc0000
[  103.220214][ T7369] EXT4-fs: Ignoring removed nobh option
[  103.225534][   T29] audit: type=1326 audit(1756633321.748:7779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7385 comm="syz.3.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaafc4ebe9 code=0x7ffc0000
[  103.254581][   T29] audit: type=1326 audit(1756633321.748:7780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7385 comm="syz.3.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaafc4ebe9 code=0x7ffc0000
[  103.278172][   T29] audit: type=1326 audit(1756633321.748:7781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7385 comm="syz.3.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fbaafc4ebe9 code=0x7ffc0000
[  103.312072][ T7369] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.374570][ T6718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.437017][ T7380] loop2: detected capacity change from 0 to 1024
[  103.460261][ T7380] EXT4-fs: Ignoring removed nobh option
[  103.493037][ T7380] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.535147][ T7400] netlink: 'syz.4.1123': attribute type 13 has an invalid length.
[  103.598614][ T7392] loop3: detected capacity change from 0 to 1024
[  103.605750][ T7392] EXT4-fs: Ignoring removed nobh option
[  103.627669][ T7405] loop0: detected capacity change from 0 to 512
[  103.642107][ T7392] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.664076][ T7400] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.671326][ T7400] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.681941][ T7405] EXT4-fs (loop0): too many log groups per flexible block group
[  103.689629][ T7405] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  103.732673][ T7405] EXT4-fs (loop0): mount failed
[  103.842161][ T7423] loop0: detected capacity change from 0 to 512
[  103.873924][ T7423] EXT4-fs (loop0): external journal device major/minor numbers have changed
[  103.953253][ T7437] loop1: detected capacity change from 0 to 512
[  103.963348][ T7423] EXT4-fs (loop0): failed to open journal device unknown-block(0,8) -6
[  104.009488][ T4547] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  104.020689][ T4596] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  104.029705][ T4596] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  104.067597][ T7446] netlink: 'syz.2.1134': attribute type 1 has an invalid length.
[  104.071378][ T4596] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  104.093989][ T7423] netlink: 'syz.0.1128': attribute type 4 has an invalid length.
[  104.151013][ T7449] FAULT_INJECTION: forcing a failure.
[  104.151013][ T7449] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  104.164128][ T7449] CPU: 1 UID: 0 PID: 7449 Comm: syz.4.1137 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  104.164160][ T7449] Tainted: [W]=WARN
[  104.164167][ T7449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  104.164259][ T7449] Call Trace:
[  104.164264][ T7449]  <TASK>
[  104.164273][ T7449]  __dump_stack+0x1d/0x30
[  104.164295][ T7449]  dump_stack_lvl+0xe8/0x140
[  104.164314][ T7449]  dump_stack+0x15/0x1b
[  104.164331][ T7449]  should_fail_ex+0x265/0x280
[  104.164357][ T7449]  should_fail+0xb/0x20
[  104.164374][ T7449]  should_fail_usercopy+0x1a/0x20
[  104.164396][ T7449]  _copy_to_user+0x20/0xa0
[  104.164498][ T7449]  simple_read_from_buffer+0xb5/0x130
[  104.164523][ T7449]  proc_fail_nth_read+0x10e/0x150
[  104.164561][ T7449]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  104.164581][ T7449]  vfs_read+0x1a8/0x770
[  104.164596][ T7449]  ? __rcu_read_unlock+0x4f/0x70
[  104.164622][ T7449]  ? __fget_files+0x184/0x1c0
[  104.164646][ T7449]  ksys_read+0xda/0x1a0
[  104.164732][ T7449]  __x64_sys_read+0x40/0x50
[  104.164758][ T7449]  x64_sys_call+0x27bc/0x2ff0
[  104.164775][ T7449]  do_syscall_64+0xd2/0x200
[  104.164797][ T7449]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  104.164817][ T7449]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  104.164856][ T7449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.164874][ T7449] RIP: 0033:0x7fd08a22d5fc
[  104.164889][ T7449] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  104.164904][ T7449] RSP: 002b:00007fd088c97030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  104.164923][ T7449] RAX: ffffffffffffffda RBX: 00007fd08a465fa0 RCX: 00007fd08a22d5fc
[  104.164940][ T7449] RDX: 000000000000000f RSI: 00007fd088c970a0 RDI: 0000000000000006
[  104.164952][ T7449] RBP: 00007fd088c97090 R08: 0000000000000000 R09: 0000000000000000
[  104.164963][ T7449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.164986][ T7449] R13: 00007fd08a466038 R14: 00007fd08a465fa0 R15: 00007ffefe47c9e8
[  104.165019][ T7449]  </TASK>
[  104.442719][ T7454] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  104.455046][ T7458] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  104.601868][ T7478] loop2: detected capacity change from 0 to 256
[  104.633048][ T7484] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  104.679685][ T7489] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  104.735422][ T7480] loop3: detected capacity change from 0 to 4096
[  104.742040][ T7494] loop1: detected capacity change from 0 to 512
[  104.767158][ T7494] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  104.779185][ T7480] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  104.840187][ T7494] EXT4-fs (loop1): failed to open journal device unknown-block(0,8) -6
[  104.947830][ T7519] loop1: detected capacity change from 0 to 512
[  104.964721][ T7520] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  105.014139][ T7519] ext4 filesystem being mounted at /285/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.088578][ T7534] loop2: detected capacity change from 0 to 512
[  105.144396][ T7541] loop1: detected capacity change from 0 to 1024
[  105.186969][ T7544] loop0: detected capacity change from 0 to 512
[  105.220245][ T7546] loop2: detected capacity change from 0 to 512
[  105.275864][ T7546] EXT4-fs (loop2): too many log groups per flexible block group
[  105.283645][ T7546] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  105.307946][ T3562] IPVS: starting estimator thread 0...
[  105.314344][ T7554] syzkaller1: entered promiscuous mode
[  105.319853][ T7554] syzkaller1: entered allmulticast mode
[  105.327887][ T7554] batman_adv: batadv0: Adding interface: dummy0
[  105.334201][ T7554] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.359518][ T7554] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  105.359688][ T7546] EXT4-fs (loop2): mount failed
[  105.410414][ T7555] IPVS: using max 2784 ests per chain, 139200 per kthread
[  105.498289][ T7562] loop2: detected capacity change from 0 to 2048
[  105.524973][ T7532] loop4: detected capacity change from 0 to 1024
[  105.549491][ T7532] EXT4-fs: Ignoring removed nobh option
[  105.569580][ T7570] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  105.580111][ T7562] ext4 filesystem being mounted at /283/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.699318][ T7583] loop4: detected capacity change from 0 to 512
[  105.746573][ T7589] FAULT_INJECTION: forcing a failure.
[  105.746573][ T7589] name failslab, interval 1, probability 0, space 0, times 0
[  105.759378][ T7589] CPU: 0 UID: 0 PID: 7589 Comm: syz.4.1189 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  105.759461][ T7589] Tainted: [W]=WARN
[  105.759468][ T7589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  105.759480][ T7589] Call Trace:
[  105.759487][ T7589]  <TASK>
[  105.759494][ T7589]  __dump_stack+0x1d/0x30
[  105.759513][ T7589]  dump_stack_lvl+0xe8/0x140
[  105.759528][ T7589]  dump_stack+0x15/0x1b
[  105.759621][ T7589]  should_fail_ex+0x265/0x280
[  105.759639][ T7589]  should_failslab+0x8c/0xb0
[  105.759732][ T7589]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  105.759754][ T7589]  ? shmem_alloc_inode+0x34/0x50
[  105.759777][ T7589]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  105.759799][ T7589]  shmem_alloc_inode+0x34/0x50
[  105.759829][ T7589]  alloc_inode+0x40/0x170
[  105.759846][ T7589]  new_inode+0x1d/0xe0
[  105.759915][ T7589]  shmem_get_inode+0x244/0x750
[  105.759944][ T7589]  __shmem_file_setup+0x113/0x210
[  105.759976][ T7589]  shmem_file_setup+0x3b/0x50
[  105.760000][ T7589]  __se_sys_memfd_create+0x2c3/0x590
[  105.760245][ T7589]  __x64_sys_memfd_create+0x31/0x40
[  105.760262][ T7589]  x64_sys_call+0x2abe/0x2ff0
[  105.760280][ T7589]  do_syscall_64+0xd2/0x200
[  105.760351][ T7589]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  105.760372][ T7589]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  105.760464][ T7589]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.760482][ T7589] RIP: 0033:0x7fd08a22ebe9
[  105.760494][ T7589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.760568][ T7589] RSP: 002b:00007fd088c96d68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  105.760588][ T7589] RAX: ffffffffffffffda RBX: 00000000000005bd RCX: 00007fd08a22ebe9
[  105.760599][ T7589] RDX: 00007fd088c96dec RSI: 0000000000000000 RDI: 00007fd08a2b27e8
[  105.760610][ T7589] RBP: 0000200000000000 R08: 00007fd088c96b07 R09: 0000000000000000
[  105.760623][ T7589] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001
[  105.760653][ T7589] R13: 00007fd088c96dec R14: 00007fd088c96df0 R15: 00007ffefe47c9e8
[  105.760669][ T7589]  </TASK>
[  105.760672][ T7556] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.1172: Allocating blocks 497-513 which overlap fs metadata
[  105.987448][ T7556] EXT4-fs (loop1): pa ffff88810726e850: logic 320, phys. 449, len 4
[  105.995596][ T7556] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  106.009552][ T7604] __nla_validate_parse: 11 callbacks suppressed
[  106.009567][ T7604] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1192'.
[  106.244455][ T7618] loop2: detected capacity change from 0 to 512
[  106.276871][ T7625] FAULT_INJECTION: forcing a failure.
[  106.276871][ T7625] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  106.290049][ T7625] CPU: 0 UID: 0 PID: 7625 Comm: syz.4.1201 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  106.290081][ T7625] Tainted: [W]=WARN
[  106.290088][ T7625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  106.290100][ T7625] Call Trace:
[  106.290106][ T7625]  <TASK>
[  106.290115][ T7625]  __dump_stack+0x1d/0x30
[  106.290136][ T7625]  dump_stack_lvl+0xe8/0x140
[  106.290232][ T7625]  dump_stack+0x15/0x1b
[  106.290248][ T7625]  should_fail_ex+0x265/0x280
[  106.290268][ T7625]  should_fail+0xb/0x20
[  106.290285][ T7625]  should_fail_usercopy+0x1a/0x20
[  106.290348][ T7625]  _copy_from_user+0x1c/0xb0
[  106.290371][ T7625]  ___sys_recvmsg+0xaa/0x370
[  106.290392][ T7625]  ? 0xffffffff81000000
[  106.290431][ T7625]  ? __rcu_read_unlock+0x4f/0x70
[  106.290454][ T7625]  __x64_sys_recvmsg+0xd1/0x160
[  106.290484][ T7625]  x64_sys_call+0x2b42/0x2ff0
[  106.290503][ T7625]  do_syscall_64+0xd2/0x200
[  106.290525][ T7625]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  106.290568][ T7625]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  106.290592][ T7625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.290613][ T7625] RIP: 0033:0x7fd08a22ebe9
[  106.290694][ T7625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.290708][ T7625] RSP: 002b:00007fd088c97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  106.290723][ T7625] RAX: ffffffffffffffda RBX: 00007fd08a465fa0 RCX: 00007fd08a22ebe9
[  106.290736][ T7625] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000005
[  106.290746][ T7625] RBP: 00007fd088c97090 R08: 0000000000000000 R09: 0000000000000000
[  106.290758][ T7625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.290768][ T7625] R13: 00007fd08a466038 R14: 00007fd08a465fa0 R15: 00007ffefe47c9e8
[  106.290784][ T7625]  </TASK>
[  106.307663][ T7611] loop3: detected capacity change from 0 to 1024
[  106.481838][ T7611] EXT4-fs: Ignoring removed nobh option
[  106.491229][ T7618] ext4 filesystem being mounted at /288/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  106.517219][ T7637] SELinux: security policydb version 17 (MLS) not backwards compatible
[  106.545106][ T7637] SELinux: failed to load policy
[  106.552491][ T7637] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1199'.
[  106.563014][ T7637] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1199'.
[  106.577347][ T3392] lo speed is unknown, defaulting to 1000
[  106.583144][ T3392] syz0: Port: 1 Link ACTIVE
[  106.611618][ T7643] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1205'.
[  106.689122][ T7651] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[  106.913788][ T7666] netlink: 7 bytes leftover after parsing attributes in process `syz.1.1212'.
[  106.923172][ T7666] netlink: 7 bytes leftover after parsing attributes in process `syz.1.1212'.
[  106.964904][ T7668] loop1: detected capacity change from 0 to 512
[  106.974487][ T7668] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  106.994130][ T7668] EXT4-fs (loop1): 1 truncate cleaned up
[  107.079857][ T7683] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1219'.
[  107.105959][ T7683] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7683 comm=syz.1.1219
[  107.133445][ T7683] validate_nla: 7 callbacks suppressed
[  107.133458][ T7683] netlink: 'syz.1.1219': attribute type 16 has an invalid length.
[  107.146851][ T7683] netlink: 'syz.1.1219': attribute type 17 has an invalid length.
[  107.169575][ T7683] 0ªî{X¹¦: left allmulticast mode
[  107.195365][ T7683] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.205552][ T7683] 8021q: adding VLAN 0 to HW filter on device team0
[  107.215255][ T7683] net_ratelimit: 10 callbacks suppressed
[  107.215264][ T7683] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  107.236777][ T7693] netlink: 'syz.2.1222': attribute type 1 has an invalid length.
[  107.244659][ T7693] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1222'.
[  107.271345][ T7687] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  107.462058][ T7692] loop0: detected capacity change from 0 to 1024
[  107.468921][ T7692] EXT4-fs: Ignoring removed nobh option
[  107.565304][ T7721] loop4: detected capacity change from 0 to 1024
[  107.601178][ T7725] loop0: detected capacity change from 0 to 512
[  107.606532][ T7721] EXT4-fs: Ignoring removed orlov option
[  107.629854][ T7700] loop2: detected capacity change from 0 to 1024
[  107.644653][ T7725] EXT4-fs (loop0): too many log groups per flexible block group
[  107.652521][ T7725] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  107.665888][ T7700] EXT4-fs: Ignoring removed nobh option
[  107.669768][ T7725] EXT4-fs (loop0): mount failed
[  107.855895][ T7753] loop4: detected capacity change from 0 to 4096
[  107.875895][ T7753] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  107.896716][ T7756] loop1: detected capacity change from 0 to 512
[  107.906930][ T7756] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  107.950869][ T7756] EXT4-fs (loop1): 1 truncate cleaned up
[  108.072577][   T29] kauditd_printk_skb: 808 callbacks suppressed
[  108.072592][   T29] audit: type=1326 audit(1756633326.758:8590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7767 comm="syz.0.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0bb6ebe9 code=0x7ffc0000
[  108.074497][ T7769] random: crng reseeded on system resumption
[  108.080081][ T7766] netlink: 'syz.3.1250': attribute type 1 has an invalid length.
[  108.116153][ T7766] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1250'.
[  108.125518][   T29] audit: type=1326 audit(1756633326.758:8591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7767 comm="syz.0.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea0bb6ebe9 code=0x7ffc0000
[  108.138238][ T7766] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  108.149007][   T29] audit: type=1326 audit(1756633326.758:8592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7767 comm="syz.0.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0bb6ebe9 code=0x7ffc0000
[  108.180909][   T29] audit: type=1326 audit(1756633326.758:8593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7767 comm="syz.0.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0bb6ebe9 code=0x7ffc0000
[  108.204306][   T29] audit: type=1326 audit(1756633326.758:8594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7767 comm="syz.0.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea0bb6ebe9 code=0x7ffc0000
[  108.227691][   T29] audit: type=1326 audit(1756633326.758:8595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7767 comm="syz.0.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0bb6ebe9 code=0x7ffc0000
[  108.251142][   T29] audit: type=1326 audit(1756633326.758:8596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7767 comm="syz.0.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0bb6ebe9 code=0x7ffc0000
[  108.274540][   T29] audit: type=1326 audit(1756633326.758:8597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7767 comm="syz.0.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea0bb6ebe9 code=0x7ffc0000
[  108.298112][   T29] audit: type=1326 audit(1756633326.758:8598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7767 comm="syz.0.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0bb6ebe9 code=0x7ffc0000
[  108.321580][   T29] audit: type=1326 audit(1756633326.758:8599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7767 comm="syz.0.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea0bb6ebe9 code=0x7ffc0000
[  108.386617][ T7778] netlink: 'syz.1.1252': attribute type 1 has an invalid length.
[  108.394427][ T7778] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1252'.
[  108.400158][ T7779] netlink: 'syz.3.1254': attribute type 13 has an invalid length.
[  108.418887][ T7776] loop0: detected capacity change from 0 to 512
[  108.427730][ T7778] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  108.436493][ T7776] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  108.462387][ T7776] EXT4-fs (loop0): 1 orphan inode deleted
[  108.475746][ T7776] ext4 filesystem being mounted at /68/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.491631][ T4596] EXT4-fs error (device loop0): ext4_release_dquot:6973: comm kworker/u8:65: Failed to release dquot type 1
[  108.510017][ T7785] loop3: detected capacity change from 0 to 512
[  108.609343][ T7794] loop3: detected capacity change from 0 to 512
[  108.633161][ T7794] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  108.693767][ T7798] loop0: detected capacity change from 0 to 1024
[  108.702482][ T7794] EXT4-fs (loop3): failed to open journal device unknown-block(0,8) -6
[  108.741692][ T7794] netlink: 'syz.3.1259': attribute type 4 has an invalid length.
[  108.759098][ T7805] loop1: detected capacity change from 0 to 512
[  108.774300][ T7805] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  108.821406][ T7805] EXT4-fs (loop1): 1 truncate cleaned up
[  108.922228][ T7815] netlink: 'syz.3.1266': attribute type 1 has an invalid length.
[  108.936673][ T7817] netlink: 'syz.2.1267': attribute type 13 has an invalid length.
[  108.945157][ T7815] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  109.006310][ T7822] loop2: detected capacity change from 0 to 512
[  109.063188][ T7825] loop3: detected capacity change from 0 to 512
[  109.095151][ T7829] loop1: detected capacity change from 0 to 512
[  109.113486][ T7829] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  109.131333][ T7825] EXT4-fs (loop3): too many log groups per flexible block group
[  109.139061][ T7825] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  109.152898][ T7825] EXT4-fs (loop3): mount failed
[  109.167703][ T7818] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.1260: Allocating blocks 497-513 which overlap fs metadata
[  109.168724][ T7829] EXT4-fs (loop1): 1 truncate cleaned up
[  109.188659][ T7818] EXT4-fs (loop0): pa ffff88810726e930: logic 320, phys. 449, len 4
[  109.196769][ T7818] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  109.406648][ T7851] netlink: 'syz.4.1279': attribute type 1 has an invalid length.
[  109.431270][ T7851] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  109.603963][ T7864] loop2: detected capacity change from 0 to 512
[  109.622946][ T7864] EXT4-fs (loop2): too many log groups per flexible block group
[  109.630718][ T7864] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  109.650509][ T7864] EXT4-fs (loop2): mount failed
[  109.780511][ T7871] serio: Serial port ttyS3
[  109.866158][ T7881] loop3: detected capacity change from 0 to 512
[  109.880624][ T7881] EXT4-fs: Ignoring removed mblk_io_submit option
[  109.905469][ T7881] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  109.927525][ T7853] loop1: detected capacity change from 0 to 1024
[  109.953036][ T7853] EXT4-fs: Ignoring removed nobh option
[  109.973808][ T7881] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e002c018, mo2=0002]
[  109.990845][ T7881] System zones: 1-12
[  110.020876][ T7881] EXT4-fs (loop3): 1 truncate cleaned up
[  110.079182][ T7855] loop4: detected capacity change from 0 to 1024
[  110.103850][ T7855] EXT4-fs: Ignoring removed nobh option
[  110.137281][ T7897] loop1: detected capacity change from 0 to 512
[  110.222445][ T7911] loop0: detected capacity change from 0 to 512
[  110.234837][ T7897] ext4 filesystem being mounted at /312/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  110.258570][ T7897] EXT4-fs error (device loop1): ext4_empty_dir:3080: inode #12: comm ’: Directory hole found for htree leaf block 0
[  110.285628][ T7911] EXT4-fs (loop0): external journal device major/minor numbers have changed
[  110.326508][ T7920] loop3: detected capacity change from 0 to 512
[  110.354565][ T7911] EXT4-fs (loop0): failed to open journal device unknown-block(0,8) -6
[  110.392446][ T7920] EXT4-fs (loop3): too many log groups per flexible block group
[  110.392510][ T7920] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  110.392531][ T7920] EXT4-fs (loop3): mount failed
[  110.465068][ T7934] FAULT_INJECTION: forcing a failure.
[  110.465068][ T7934] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  110.465102][ T7934] CPU: 0 UID: 0 PID: 7934 Comm: syz.0.1310 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  110.465172][ T7934] Tainted: [W]=WARN
[  110.465178][ T7934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  110.465235][ T7934] Call Trace:
[  110.465241][ T7934]  <TASK>
[  110.465248][ T7934]  __dump_stack+0x1d/0x30
[  110.465269][ T7934]  dump_stack_lvl+0xe8/0x140
[  110.465289][ T7934]  dump_stack+0x15/0x1b
[  110.465306][ T7934]  should_fail_ex+0x265/0x280
[  110.465361][ T7934]  should_fail+0xb/0x20
[  110.465378][ T7934]  should_fail_usercopy+0x1a/0x20
[  110.465404][ T7934]  _copy_from_user+0x1c/0xb0
[  110.465538][ T7934]  do_sock_getsockopt+0xf1/0x240
[  110.465562][ T7934]  __x64_sys_getsockopt+0x11e/0x1a0
[  110.465585][ T7934]  x64_sys_call+0x2bc6/0x2ff0
[  110.465602][ T7934]  do_syscall_64+0xd2/0x200
[  110.465649][ T7934]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  110.465671][ T7934]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  110.465696][ T7934]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.465717][ T7934] RIP: 0033:0x7fea0bb6ebe9
[  110.465732][ T7934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.465762][ T7934] RSP: 002b:00007fea0a5cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  110.465780][ T7934] RAX: ffffffffffffffda RBX: 00007fea0bda5fa0 RCX: 00007fea0bb6ebe9
[  110.465793][ T7934] RDX: 0000000000000009 RSI: 0000000000000084 RDI: 0000000000000004
[  110.465805][ T7934] RBP: 00007fea0a5cf090 R08: 0000200000000180 R09: 0000000000000000
[  110.465818][ T7934] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  110.465830][ T7934] R13: 00007fea0bda6038 R14: 00007fea0bda5fa0 R15: 00007fff2842ddd8
[  110.465858][ T7934]  </TASK>
[  110.525740][ T7893] loop2: detected capacity change from 0 to 1024
[  110.526103][ T7893] EXT4-fs: Ignoring removed nobh option
[  110.547030][ T7941] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  110.547030][ T7941]    program syz.1.1306 not setting count and/or reply_len properly
[  110.774067][ T7955] loop2: detected capacity change from 0 to 512
[  110.860923][ T7926] loop4: detected capacity change from 0 to 1024
[  110.863737][ T7926] EXT4-fs: Ignoring removed nobh option
[  111.059533][ T7970] __nla_validate_parse: 13 callbacks suppressed
[  111.059548][ T7970] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1320'.
[  111.151913][ T7976] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  111.253911][ T7980] lo speed is unknown, defaulting to 1000
[  111.324916][ T7985] loop1: detected capacity change from 0 to 512
[  111.381186][ T7985] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  111.415750][ T7982] loop0: detected capacity change from 0 to 1024
[  111.421704][ T7985] EXT4-fs (loop1): failed to open journal device unknown-block(0,8) -6
[  111.432999][ T7982] EXT4-fs: Ignoring removed nobh option
[  111.456772][ T3511] lo speed is unknown, defaulting to 1000
[  111.462595][ T3511] syz0: Port: 1 Link DOWN
[  111.469428][ T7987] syzkaller1: entered promiscuous mode
[  111.475031][ T7987] syzkaller1: entered allmulticast mode
[  111.547905][ T7962] loop4: detected capacity change from 0 to 1024
[  111.556822][ T7962] EXT4-fs: Ignoring removed nobh option
[  111.643148][ T8006] loop1: detected capacity change from 0 to 512
[  111.753795][ T8015] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1339'.
[  111.794226][ T8021] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1342'.
[  111.822008][ T8021] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8021 comm=syz.4.1342
[  111.859874][ T8025] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1344'.
[  111.870555][ T8025] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1344'.
[  111.909593][ T8027] netlink: 7 bytes leftover after parsing attributes in process `syz.2.1354'.
[  111.926804][ T8030] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1346'.
[  111.936466][ T8027] netlink: 7 bytes leftover after parsing attributes in process `syz.2.1354'.
[  111.983584][ T8036] loop4: detected capacity change from 0 to 512
[  112.013166][ T8038] netlink: 7 bytes leftover after parsing attributes in process `syz.2.1349'.
[  112.067424][ T8038] netlink: 7 bytes leftover after parsing attributes in process `syz.2.1349'.
[  112.083063][ T8043] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  112.142822][ T8049] validate_nla: 9 callbacks suppressed
[  112.142836][ T8049] netlink: 'syz.0.1363': attribute type 1 has an invalid length.
[  112.245248][ T8049] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  112.388013][ T8070] loop0: detected capacity change from 0 to 512
[  112.419347][ T8070] EXT4-fs (loop0): external journal device major/minor numbers have changed
[  112.481878][ T8070] EXT4-fs (loop0): failed to open journal device unknown-block(0,8) -6
[  112.483684][ T8033] loop3: detected capacity change from 0 to 1024
[  112.499311][ T8033] EXT4-fs: Ignoring removed nobh option
[  112.520197][ T8070] netlink: 'syz.0.1364': attribute type 4 has an invalid length.
[  112.666943][ T8093] loop3: detected capacity change from 0 to 512
[  112.673586][ T8092] netlink: 'syz.0.1372': attribute type 13 has an invalid length.
[  112.707903][ T8093] EXT4-fs (loop3): too many log groups per flexible block group
[  112.715776][ T8093] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  112.727339][ T8068] loop2: detected capacity change from 0 to 1024
[  112.746036][ T8093] EXT4-fs (loop3): mount failed
[  112.756570][ T8068] EXT4-fs: Ignoring removed nobh option
[  112.798033][ T8103] loop0: detected capacity change from 0 to 512
[  112.971246][ T8115] loop2: detected capacity change from 0 to 512
[  112.980579][ T8115] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  113.016675][ T8115] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.1381: corrupted in-inode xattr: bad e_name length
[  113.031843][ T8115] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.1381: couldn't read orphan inode 15 (err -117)
[  113.154423][ T8118] loop4: detected capacity change from 0 to 2048
[  113.174602][ T8106] loop3: detected capacity change from 0 to 1024
[  113.183945][ T8106] EXT4-fs: Ignoring removed nobh option
[  113.191318][ T8118]  loop4: p1 < > p4
[  113.196213][ T8129] netlink: 'syz.2.1385': attribute type 13 has an invalid length.
[  113.214378][ T8118] loop4: p4 size 8388608 extends beyond EOD, truncated
[  113.278663][ T8137] loop0: detected capacity change from 0 to 512
[  113.286480][ T8137] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  113.309294][   T29] kauditd_printk_skb: 710 callbacks suppressed
[  113.309310][   T29] audit: type=1326 audit(1756633331.988:9309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8136 comm="syz.1.1387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  113.319267][ T8137] EXT4-fs (loop0): 1 truncate cleaned up
[  113.349758][   T29] audit: type=1326 audit(1756633331.988:9310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8136 comm="syz.1.1387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  113.349792][   T29] audit: type=1326 audit(1756633331.988:9311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8136 comm="syz.1.1387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  113.349861][   T29] audit: type=1326 audit(1756633331.988:9312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8136 comm="syz.1.1387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  113.349909][   T29] audit: type=1326 audit(1756633331.988:9313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8136 comm="syz.1.1387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  113.350006][   T29] audit: type=1326 audit(1756633331.988:9314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8136 comm="syz.1.1387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  113.350036][   T29] audit: type=1326 audit(1756633331.988:9315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8136 comm="syz.1.1387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  113.532222][ T8145] netlink: 'syz.1.1390': attribute type 1 has an invalid length.
[  113.551913][ T8145] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  113.635847][ T8150] loop3: detected capacity change from 0 to 512
[  113.692957][   T29] audit: type=1326 audit(1756633332.378:9316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8153 comm="syz.4.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd08a22ebe9 code=0x7ffc0000
[  113.749869][ T8138] loop2: detected capacity change from 0 to 1024
[  113.759472][ T8138] EXT4-fs: Ignoring removed nobh option
[  113.766155][   T29] audit: type=1326 audit(1756633332.408:9317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8153 comm="syz.4.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd08a22ebe9 code=0x7ffc0000
[  113.789742][   T29] audit: type=1326 audit(1756633332.408:9318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8153 comm="syz.4.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd08a22ebe9 code=0x7ffc0000
[  113.895106][ T8167] loop1: detected capacity change from 0 to 512
[  113.915290][ T8172] random: crng reseeded on system resumption
[  113.926716][ T8172] netlink: 'syz.4.1402': attribute type 1 has an invalid length.
[  113.963626][ T8167] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  114.015630][ T8167] EXT4-fs (loop1): failed to open journal device unknown-block(0,8) -6
[  114.028804][ T8167] netlink: 'syz.1.1399': attribute type 4 has an invalid length.
[  114.237510][ T8198] netlink: 'syz.4.1410': attribute type 13 has an invalid length.
[  114.365791][ T8215] netlink: 'syz.4.1419': attribute type 1 has an invalid length.
[  114.425809][ T8221] netlink: 'syz.2.1422': attribute type 1 has an invalid length.
[  114.434957][ T8224] loop4: detected capacity change from 0 to 512
[  114.444034][ T8221] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  114.445710][ T8225] loop0: detected capacity change from 0 to 4096
[  114.464706][ T8224] EXT4-fs (loop4): too many log groups per flexible block group
[  114.465463][ T8225] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  114.472631][ T8224] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  114.494435][ T8224] EXT4-fs (loop4): mount failed
[  114.559453][ T8236] loop4: detected capacity change from 0 to 512
[  114.677283][ T8251] loop1: detected capacity change from 0 to 512
[  114.685429][ T8251] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  114.715676][ T8251] EXT4-fs (loop1): failed to open journal device unknown-block(0,8) -6
[  114.924530][ T8272] loop3: detected capacity change from 0 to 512
[  114.950957][ T8274] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  114.960584][ T8274] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  115.153240][ T8292] loop4: detected capacity change from 0 to 512
[  115.168214][ T8290] loop0: detected capacity change from 0 to 512
[  115.179070][ T8292] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  115.189571][ T8270] loop2: detected capacity change from 0 to 1024
[  115.197586][ T8270] EXT4-fs: Ignoring removed nobh option
[  115.206845][ T8290] EXT4-fs (loop0): too many log groups per flexible block group
[  115.207479][ T8292] EXT4-fs (loop4): 1 truncate cleaned up
[  115.214667][ T8290] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  115.229505][ T8290] EXT4-fs (loop0): mount failed
[  115.308772][ T8305] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  115.336612][ T8308] loop2: detected capacity change from 0 to 512
[  115.339797][ T8309] loop3: detected capacity change from 0 to 512
[  115.372361][ T8309] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  115.397860][ T8309] EXT4-fs (loop3): failed to open journal device unknown-block(0,8) -6
[  115.531241][ T8327] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  115.583944][ T8331] loop4: detected capacity change from 0 to 512
[  115.591258][ T8331] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  115.608676][ T8331] EXT4-fs (loop4): 1 truncate cleaned up
[  115.804998][ T8326] loop3: detected capacity change from 0 to 1024
[  115.807791][ T8349] loop2: detected capacity change from 0 to 512
[  115.813607][ T8326] EXT4-fs: Ignoring removed nobh option
[  115.848552][ T8353] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  115.857807][ T8349] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  115.884789][ T8359] loop4: detected capacity change from 0 to 512
[  115.902275][ T8349] EXT4-fs (loop2): failed to open journal device unknown-block(0,8) -6
[  115.912722][ T8359] EXT4-fs (loop4): too many log groups per flexible block group
[  115.920535][ T8359] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  115.930799][ T8359] EXT4-fs (loop4): mount failed
[  115.953132][ T8363] loop3: detected capacity change from 0 to 512
[  115.967500][ T8363] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  115.979420][ T8363] EXT4-fs (loop3): 1 truncate cleaned up
[  116.100619][ T8384] loop2: detected capacity change from 0 to 512
[  116.195548][ T8393] loop3: detected capacity change from 0 to 512
[  116.212117][ T8393] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  116.239455][ T8393] EXT4-fs (loop3): failed to open journal device unknown-block(0,8) -6
[  116.397777][ T8417] loop4: detected capacity change from 0 to 512
[  116.414369][ T8419] loop3: detected capacity change from 0 to 2048
[  116.452872][ T8419] __nla_validate_parse: 26 callbacks suppressed
[  116.452885][ T8419] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1501'.
[  116.468673][ T8398] loop2: detected capacity change from 0 to 1024
[  116.479135][ T8398] EXT4-fs: Ignoring removed nobh option
[  116.485690][ T8419] batman_adv: batadv0: Removing interface: batadv_slave_0
[  116.491662][ T8423] loop4: detected capacity change from 0 to 512
[  116.499641][ T8419] batman_adv: batadv0: Removing interface: batadv_slave_1
[  116.513694][ T8419] batman_adv: batadv0: Removing interface: dummy0
[  116.532975][ T8423] EXT4-fs (loop4): too many log groups per flexible block group
[  116.540782][ T8423] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  116.547693][ T8423] EXT4-fs (loop4): mount failed
[  116.642661][ T8434] loop4: detected capacity change from 0 to 512
[  116.662059][ T8434] EXT4-fs (loop4): too many log groups per flexible block group
[  116.669863][ T8434] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  116.677762][ T8434] EXT4-fs (loop4): mount failed
[  116.827673][ T8455] loop4: detected capacity change from 0 to 512
[  116.878311][ T8455] EXT4-fs (loop4): too many log groups per flexible block group
[  116.886164][ T8455] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  116.893465][ T8455] EXT4-fs (loop4): mount failed
[  116.937781][ T8459] loop4: detected capacity change from 0 to 512
[  116.949229][ T8459] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  116.961812][ T8459] EXT4-fs (loop4): 1 truncate cleaned up
[  117.242613][ T8469] loop4: detected capacity change from 0 to 1024
[  117.251548][ T8469] EXT4-fs: Ignoring removed nobh option
[  117.409216][ T8495] loop4: detected capacity change from 0 to 512
[  117.418924][ T8495] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  117.435469][ T8495] EXT4-fs (loop4): 1 truncate cleaned up
[  117.486507][ T8480] loop3: detected capacity change from 0 to 1024
[  117.516895][ T8480] EXT4-fs: Ignoring removed nobh option
[  117.593859][ T8514] validate_nla: 8 callbacks suppressed
[  117.593939][ T8514] netlink: 'syz.2.1537': attribute type 1 has an invalid length.
[  117.607409][ T8514] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1537'.
[  117.671808][ T8522] netlink: 'syz.2.1541': attribute type 13 has an invalid length.
[  117.703984][ T8526] loop2: detected capacity change from 0 to 512
[  117.712497][ T8526] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  117.729216][ T8528] loop4: detected capacity change from 0 to 512
[  117.738999][ T8526] EXT4-fs (loop2): 1 truncate cleaned up
[  117.796979][ T8536] netlink: 'syz.3.1547': attribute type 1 has an invalid length.
[  117.804907][ T8536] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1547'.
[  117.815618][ T8536] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  117.880801][ T8542] loop4: detected capacity change from 0 to 4096
[  117.899222][ T8542] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  117.977347][ T8555] netlink: 'syz.2.1556': attribute type 1 has an invalid length.
[  117.985206][ T8555] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1556'.
[  117.995757][ T8555] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  118.022916][ T8558] netlink: 'syz.2.1558': attribute type 13 has an invalid length.
[  118.168041][ T8574] loop2: detected capacity change from 0 to 512
[  118.181986][ T8574] EXT4-fs (loop2): too many log groups per flexible block group
[  118.189745][ T8574] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  118.206189][ T8574] EXT4-fs (loop2): mount failed
[  118.310426][   T29] kauditd_printk_skb: 1064 callbacks suppressed
[  118.310443][   T29] audit: type=1326 audit(1756633336.988:10383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8582 comm="syz.2.1568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe42cfbebe9 code=0x7ffc0000
[  118.340256][   T29] audit: type=1326 audit(1756633336.988:10384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8582 comm="syz.2.1568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe42cfbebe9 code=0x7ffc0000
[  118.364908][   T29] audit: type=1326 audit(1756633336.998:10385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8582 comm="syz.2.1568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fe42cfbebe9 code=0x7ffc0000
[  118.388386][   T29] audit: type=1326 audit(1756633336.998:10386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8582 comm="syz.2.1568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe42cfbebe9 code=0x7ffc0000
[  118.412165][   T29] audit: type=1326 audit(1756633336.998:10387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8582 comm="syz.2.1568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7fe42cfbebe9 code=0x7ffc0000
[  118.435645][   T29] audit: type=1326 audit(1756633336.998:10388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8582 comm="syz.2.1568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe42cfbebe9 code=0x7ffc0000
[  118.459131][   T29] audit: type=1326 audit(1756633336.998:10389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8582 comm="syz.2.1568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7fe42cfbebe9 code=0x7ffc0000
[  118.482695][   T29] audit: type=1326 audit(1756633336.998:10390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8582 comm="syz.2.1568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe42cfbebe9 code=0x7ffc0000
[  118.506673][   T29] audit: type=1326 audit(1756633336.998:10391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8582 comm="syz.2.1568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fe42cfbebe9 code=0x7ffc0000
[  118.530116][   T29] audit: type=1326 audit(1756633336.998:10392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8582 comm="syz.2.1568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe42cfbebe9 code=0x7ffc0000
[  118.597126][ T8592] netlink: 'syz.2.1571': attribute type 1 has an invalid length.
[  118.604923][ T8592] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1571'.
[  118.647973][ T8595] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  118.721622][ T8599] loop2: detected capacity change from 0 to 512
[  118.940149][ T8610] loop1: detected capacity change from 0 to 512
[  119.011248][ T8610] EXT4-fs (loop1): too many log groups per flexible block group
[  119.019004][ T8610] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  119.038554][ T8610] EXT4-fs (loop1): mount failed
[  119.051020][ T8617] netlink: 'syz.2.1580': attribute type 1 has an invalid length.
[  119.058774][ T8617] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1580'.
[  119.073611][ T8600] loop4: detected capacity change from 0 to 1024
[  119.086962][ T8617] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  119.095545][ T8600] EXT4-fs: Ignoring removed nobh option
[  119.159482][ T8623] netlink: 7 bytes leftover after parsing attributes in process `syz.2.1582'.
[  119.168593][ T8589] loop0: detected capacity change from 0 to 1024
[  119.175708][ T8623] netlink: 7 bytes leftover after parsing attributes in process `syz.2.1582'.
[  119.177572][ T8589] EXT4-fs: Ignoring removed nobh option
[  119.326264][ T8637] loop4: detected capacity change from 0 to 4096
[  119.343566][ T8637] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  119.372447][ T8646] netlink: 'syz.3.1592': attribute type 1 has an invalid length.
[  119.380199][ T8646] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1592'.
[  119.393507][ T8653] netlink: 7 bytes leftover after parsing attributes in process `syz.2.1596'.
[  119.408058][ T8646] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  119.623680][ T8676] loop0: detected capacity change from 0 to 512
[  119.633505][ T8676] EXT4-fs (loop0): external journal device major/minor numbers have changed
[  119.689097][ T8676] EXT4-fs (loop0): failed to open journal device unknown-block(0,8) -6
[  119.709758][ T8676] netlink: 'syz.0.1606': attribute type 4 has an invalid length.
[  119.853905][ T8697] netlink: 'syz.0.1614': attribute type 13 has an invalid length.
[  119.927392][ T8705] loop3: detected capacity change from 0 to 4096
[  119.935386][ T8705] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  120.038838][ T8717] loop0: detected capacity change from 0 to 512
[  120.046159][ T8717] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  120.059403][ T8717] EXT4-fs (loop0): 1 truncate cleaned up
[  120.112057][ T8720] loop1: detected capacity change from 0 to 512
[  120.136747][ T8720] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  120.177414][ T8723] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  120.198332][ T8720] EXT4-fs (loop1): failed to open journal device unknown-block(0,8) -6
[  120.458015][ T8745] loop2: detected capacity change from 0 to 512
[  120.479574][ T8745] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  120.531332][ T8745] EXT4-fs (loop2): 1 truncate cleaned up
[  120.577274][ T8735] loop3: detected capacity change from 0 to 1024
[  120.591486][ T8751] loop1: detected capacity change from 0 to 512
[  120.597831][ T8735] EXT4-fs: Ignoring removed nobh option
[  120.610896][ T8751] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  120.664346][ T8759] loop2: detected capacity change from 0 to 512
[  120.672679][ T8751] EXT4-fs (loop1): failed to open journal device unknown-block(0,8) -6
[  120.690518][ T8759] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  120.739532][ T8759] EXT4-fs (loop2): 1 truncate cleaned up
[  120.874686][ T8753] loop4: detected capacity change from 0 to 1024
[  120.900300][ T8779] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  120.907180][ T8753] EXT4-fs: Ignoring removed nobh option
[  120.976261][ T8791] loop2: detected capacity change from 0 to 512
[  120.996901][ T8791] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  121.050473][ T8791] EXT4-fs (loop2): failed to open journal device unknown-block(0,8) -6
[  121.066862][ T8799] loop3: detected capacity change from 0 to 4096
[  121.094879][ T8799] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  121.127737][ T8805] loop4: detected capacity change from 0 to 4096
[  121.154447][ T8805] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  121.286490][ T8819] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  121.484744][ T8806] loop0: detected capacity change from 0 to 1024
[  121.499374][ T8806] EXT4-fs: Ignoring removed nobh option
[  121.593159][ T8837] __nla_validate_parse: 6 callbacks suppressed
[  121.593174][ T8837] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1669'.
[  121.614190][ T8839] loop4: detected capacity change from 0 to 512
[  121.624750][ T8837] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  121.649118][ T8839] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  121.668571][ T8839] EXT4-fs (loop4): 1 truncate cleaned up
[  121.755442][ T8824] loop2: detected capacity change from 0 to 1024
[  121.781164][ T8824] EXT4-fs: Ignoring removed nobh option
[  121.825279][ T8854] loop3: detected capacity change from 0 to 4096
[  121.858662][ T8854] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  121.891147][ T8864] loop1: detected capacity change from 0 to 512
[  121.903925][ T8866] loop4: detected capacity change from 0 to 512
[  121.911669][ T8864] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  121.913500][ T8866] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  121.941353][ T8864] EXT4-fs (loop1): 1 truncate cleaned up
[  121.955685][ T8871] loop2: detected capacity change from 0 to 512
[  121.985469][ T8873] loop0: detected capacity change from 0 to 512
[  121.994911][ T8866] EXT4-fs (loop4): failed to open journal device unknown-block(0,8) -6
[  121.998074][ T8873] EXT4-fs (loop0): external journal device major/minor numbers have changed
[  122.037643][ T8871] EXT4-fs (loop2): too many log groups per flexible block group
[  122.045526][ T8871] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  122.059548][ T8871] EXT4-fs (loop2): mount failed
[  122.131750][ T8873] EXT4-fs (loop0): failed to open journal device unknown-block(0,8) -6
[  122.261488][ T8892] loop1: detected capacity change from 0 to 512
[  122.296840][ T8899] netlink: 7 bytes leftover after parsing attributes in process `syz.3.1693'.
[  122.316208][ T8899] netlink: 7 bytes leftover after parsing attributes in process `syz.3.1693'.
[  122.330307][ T8903] loop4: detected capacity change from 0 to 512
[  122.340497][ T8892] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  122.369483][ T8903] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  122.390219][ T8892] EXT4-fs (loop1): failed to open journal device unknown-block(0,8) -6
[  122.420403][ T8903] EXT4-fs (loop4): 1 truncate cleaned up
[  122.583020][ T8919] loop3: detected capacity change from 0 to 512
[  122.589728][ T8891] loop2: detected capacity change from 0 to 1024
[  122.591211][ T8921] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1702'.
[  122.597426][ T8891] EXT4-fs: Ignoring removed nobh option
[  122.612364][ T8921] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  122.643305][ T8925] validate_nla: 15 callbacks suppressed
[  122.643393][ T8925] netlink: 'syz.4.1704': attribute type 1 has an invalid length.
[  122.656857][ T8925] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1704'.
[  122.681534][ T8919] EXT4-fs (loop3): too many log groups per flexible block group
[  122.689245][ T8919] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  122.699051][ T8930] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  122.719118][ T8919] EXT4-fs (loop3): mount failed
[  122.725740][ T8902] loop0: detected capacity change from 0 to 1024
[  122.733477][ T8902] EXT4-fs: Ignoring removed nobh option
[  122.742814][ T8932] netlink: 'syz.1.1706': attribute type 13 has an invalid length.
[  122.839510][ T8948] FAULT_INJECTION: forcing a failure.
[  122.839510][ T8948] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  122.852633][ T8948] CPU: 1 UID: 0 PID: 8948 Comm: syz.4.1712 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  122.852661][ T8948] Tainted: [W]=WARN
[  122.852667][ T8948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  122.852679][ T8948] Call Trace:
[  122.852732][ T8948]  <TASK>
[  122.852739][ T8948]  __dump_stack+0x1d/0x30
[  122.852758][ T8948]  dump_stack_lvl+0xe8/0x140
[  122.852774][ T8948]  dump_stack+0x15/0x1b
[  122.852790][ T8948]  should_fail_ex+0x265/0x280
[  122.852809][ T8948]  should_fail+0xb/0x20
[  122.852823][ T8948]  should_fail_usercopy+0x1a/0x20
[  122.852861][ T8948]  _copy_from_user+0x1c/0xb0
[  122.852884][ T8948]  ___sys_recvmsg+0xaa/0x370
[  122.852904][ T8948]  ? __rcu_read_unlock+0x4f/0x70
[  122.852927][ T8948]  __x64_sys_recvmsg+0xd1/0x160
[  122.852974][ T8948]  x64_sys_call+0x2b42/0x2ff0
[  122.852991][ T8948]  do_syscall_64+0xd2/0x200
[  122.853014][ T8948]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  122.853080][ T8948]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  122.853100][ T8948]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.853171][ T8948] RIP: 0033:0x7fd08a22ebe9
[  122.853190][ T8948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.853204][ T8948] RSP: 002b:00007fd088c97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  122.853250][ T8948] RAX: ffffffffffffffda RBX: 00007fd08a465fa0 RCX: 00007fd08a22ebe9
[  122.853260][ T8948] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000004
[  122.853271][ T8948] RBP: 00007fd088c97090 R08: 0000000000000000 R09: 0000000000000000
[  122.853314][ T8948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  122.853325][ T8948] R13: 00007fd08a466038 R14: 00007fd08a465fa0 R15: 00007ffefe47c9e8
[  122.853340][ T8948]  </TASK>
[  123.083100][ T8952] netlink: 'syz.1.1714': attribute type 1 has an invalid length.
[  123.090941][ T8952] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1714'.
[  123.110884][ T8952] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  123.144410][ T8959] netlink: 7 bytes leftover after parsing attributes in process `syz.0.1717'.
[  123.177496][ T8964] netlink: 'syz.4.1719': attribute type 13 has an invalid length.
[  123.186349][ T8959] netlink: 7 bytes leftover after parsing attributes in process `syz.0.1717'.
[  123.315305][ T8980] loop0: detected capacity change from 0 to 512
[  123.326847][ T8983] netlink: 'syz.2.1729': attribute type 1 has an invalid length.
[  123.334707][ T8983] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1729'.
[  123.347496][ T8983] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  123.371667][ T8980] EXT4-fs (loop0): too many log groups per flexible block group
[  123.379488][ T8980] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  123.391857][ T8988] loop3: detected capacity change from 0 to 4096
[  123.395618][ T8992] netlink: 7 bytes leftover after parsing attributes in process `syz.2.1732'.
[  123.402748][ T8980] EXT4-fs (loop0): mount failed
[  123.412880][ T8988] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  123.469801][ T8998] netlink: 'syz.2.1734': attribute type 1 has an invalid length.
[  123.492934][ T9002] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  123.508596][   T29] kauditd_printk_skb: 486 callbacks suppressed
[  123.508624][   T29] audit: type=1400 audit(1756633342.198:10879): avc:  denied  { read } for  pid=9001 comm="syz.2.1736" name="usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  123.538495][   T29] audit: type=1400 audit(1756633342.198:10880): avc:  denied  { open } for  pid=9001 comm="syz.2.1736" path="/dev/usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  123.673859][ T9017] loop0: detected capacity change from 0 to 512
[  123.675507][ T9021] loop3: detected capacity change from 0 to 512
[  123.680755][ T9017] journal_path: Non-blockdev passed as './file1'
[  123.692788][ T9017] EXT4-fs: error: could not find journal device path
[  123.713680][ T9021] EXT4-fs (loop3): too many log groups per flexible block group
[  123.721423][ T9021] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  123.734109][ T9021] EXT4-fs (loop3): mount failed
[  123.787977][ T9027] ALSA: seq fatal error: cannot create timer (-22)
[  123.809701][ T9029] netlink: 'syz.0.1747': attribute type 1 has an invalid length.
[  123.829307][ T9031] FAULT_INJECTION: forcing a failure.
[  123.829307][ T9031] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.842457][ T9031] CPU: 0 UID: 0 PID: 9031 Comm: syz.3.1748 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  123.842522][ T9031] Tainted: [W]=WARN
[  123.842528][ T9031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  123.842538][ T9031] Call Trace:
[  123.842545][ T9031]  <TASK>
[  123.842551][ T9031]  __dump_stack+0x1d/0x30
[  123.842571][ T9031]  dump_stack_lvl+0xe8/0x140
[  123.842585][ T9031]  dump_stack+0x15/0x1b
[  123.842676][ T9031]  should_fail_ex+0x265/0x280
[  123.842695][ T9031]  should_fail+0xb/0x20
[  123.842709][ T9031]  should_fail_usercopy+0x1a/0x20
[  123.842795][ T9031]  _copy_from_user+0x1c/0xb0
[  123.842827][ T9031]  snd_seq_ioctl+0x127/0x2e0
[  123.842858][ T9031]  ? __pfx_snd_seq_ioctl+0x10/0x10
[  123.842883][ T9031]  __se_sys_ioctl+0xce/0x140
[  123.842970][ T9031]  __x64_sys_ioctl+0x43/0x50
[  123.842994][ T9031]  x64_sys_call+0x1816/0x2ff0
[  123.843019][ T9031]  do_syscall_64+0xd2/0x200
[  123.843057][ T9031]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  123.843201][ T9031]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  123.843221][ T9031]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.843238][ T9031] RIP: 0033:0x7fbaafc4ebe9
[  123.843313][ T9031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.843329][ T9031] RSP: 002b:00007fbaae6af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  123.843349][ T9031] RAX: ffffffffffffffda RBX: 00007fbaafe85fa0 RCX: 00007fbaafc4ebe9
[  123.843360][ T9031] RDX: 0000200000000280 RSI: 0000000040605346 RDI: 0000000000000003
[  123.843372][ T9031] RBP: 00007fbaae6af090 R08: 0000000000000000 R09: 0000000000000000
[  123.843420][ T9031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.843431][ T9031] R13: 00007fbaafe86038 R14: 00007fbaafe85fa0 R15: 00007ffdb2c52768
[  123.843448][ T9031]  </TASK>
[  124.052603][   T29] audit: type=1326 audit(1756633342.728:10881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9036 comm="syz.1.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  124.076148][   T29] audit: type=1326 audit(1756633342.728:10882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9036 comm="syz.1.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  124.099795][   T29] audit: type=1326 audit(1756633342.728:10883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9036 comm="syz.1.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  124.123448][   T29] audit: type=1326 audit(1756633342.728:10884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9036 comm="syz.1.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  124.146954][   T29] audit: type=1326 audit(1756633342.728:10885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9036 comm="syz.1.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  124.170386][   T29] audit: type=1326 audit(1756633342.728:10886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9036 comm="syz.1.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  124.194097][   T29] audit: type=1326 audit(1756633342.728:10887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9036 comm="syz.1.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  124.217593][   T29] audit: type=1326 audit(1756633342.728:10888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9036 comm="syz.1.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  124.220741][ T9048] netlink: 'syz.3.1754': attribute type 1 has an invalid length.
[  124.248406][ T9050] loop0: detected capacity change from 0 to 512
[  124.275217][ T9048] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  124.301385][ T9050] EXT4-fs (loop0): too many log groups per flexible block group
[  124.308461][ T9056] netlink: 'syz.4.1760': attribute type 1 has an invalid length.
[  124.309175][ T9050] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  124.355738][ T9050] EXT4-fs (loop0): mount failed
[  124.473120][ T9076] loop2: detected capacity change from 0 to 512
[  124.483750][ T9076] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  124.512600][ T9080] netlink: 'syz.4.1769': attribute type 10 has an invalid length.
[  124.524170][ T9080] dummy0: entered promiscuous mode
[  124.532915][ T9076] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548)
[  124.542930][ T9076] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548)
[  124.551590][ T9076] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548)
[  124.564423][ T9080] team0: Port device dummy0 removed
[  124.569927][ T9080] bridge0: port 3(dummy0) entered blocking state
[  124.576347][ T9080] bridge0: port 3(dummy0) entered disabled state
[  124.590821][ T9080] dummy0: entered allmulticast mode
[  124.597146][ T9076] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548)
[  124.612123][ T9076] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548)
[  124.622424][ T9059] syz.1.1759 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  124.633021][ T9076] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548)
[  124.666971][ T9090] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  124.671023][ T9076] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548)
[  124.687609][ T9076] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548)
[  124.710672][ T9076] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548)
[  124.727141][ T9076] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548)
[  124.760469][ T9076] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548)
[  124.770787][ T9076] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548)
[  124.786969][ T9076] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548)
[  124.796239][ T9076] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548)
[  124.812221][ T9076] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548)
[  124.829053][ T9076] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548)
[  124.841459][ T9076] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 548)
[  124.856748][ T9109] loop4: detected capacity change from 0 to 1024
[  124.864078][ T9109] EXT4-fs: Ignoring removed nobh option
[  124.870002][ T9076] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548)
[  125.009241][ T9128] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  125.143747][ T9148] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  125.187266][ T9153] loop2: detected capacity change from 0 to 1024
[  125.195661][ T9153] EXT4-fs: Ignoring removed nobh option
[  125.212210][ T9157] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  125.321436][ T9171] loop2: detected capacity change from 0 to 512
[  125.345175][ T9173] FAULT_INJECTION: forcing a failure.
[  125.345175][ T9173] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  125.358357][ T9173] CPU: 0 UID: 0 PID: 9173 Comm: syz.3.1810 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  125.358386][ T9173] Tainted: [W]=WARN
[  125.358392][ T9173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  125.358402][ T9173] Call Trace:
[  125.358408][ T9173]  <TASK>
[  125.358418][ T9173]  __dump_stack+0x1d/0x30
[  125.358440][ T9173]  dump_stack_lvl+0xe8/0x140
[  125.358531][ T9173]  dump_stack+0x15/0x1b
[  125.358544][ T9173]  should_fail_ex+0x265/0x280
[  125.358564][ T9173]  should_fail+0xb/0x20
[  125.358579][ T9173]  should_fail_usercopy+0x1a/0x20
[  125.358629][ T9173]  _copy_from_user+0x1c/0xb0
[  125.358650][ T9173]  ___sys_sendmsg+0xc1/0x1d0
[  125.358683][ T9173]  __x64_sys_sendmsg+0xd4/0x160
[  125.358748][ T9173]  x64_sys_call+0x191e/0x2ff0
[  125.358832][ T9173]  do_syscall_64+0xd2/0x200
[  125.358857][ T9173]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  125.358935][ T9173]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  125.359021][ T9173]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.359042][ T9173] RIP: 0033:0x7fbaafc4ebe9
[  125.359056][ T9173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.359165][ T9173] RSP: 002b:00007fbaae6af038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  125.359260][ T9173] RAX: ffffffffffffffda RBX: 00007fbaafe85fa0 RCX: 00007fbaafc4ebe9
[  125.359273][ T9173] RDX: 0000000004004000 RSI: 0000200000000240 RDI: 0000000000000003
[  125.359283][ T9173] RBP: 00007fbaae6af090 R08: 0000000000000000 R09: 0000000000000000
[  125.359353][ T9173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  125.359364][ T9173] R13: 00007fbaafe86038 R14: 00007fbaafe85fa0 R15: 00007ffdb2c52768
[  125.359381][ T9173]  </TASK>
[  125.387650][ T9171] EXT4-fs (loop2): too many log groups per flexible block group
[  125.543982][ T9171] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  125.550974][ T9171] EXT4-fs (loop2): mount failed
[  125.583623][ T9185] loop3: detected capacity change from 0 to 256
[  125.612858][ T9187] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  125.634285][ T9155] loop4: detected capacity change from 0 to 1024
[  125.651492][ T9155] EXT4-fs: Ignoring removed nobh option
[  125.660303][ T9189] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  125.773520][ T9207] loop4: detected capacity change from 0 to 4096
[  125.801217][ T9207] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  125.848631][ T9220] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  125.865864][ T9217] loop3: detected capacity change from 0 to 512
[  125.909101][ T9227] loop2: detected capacity change from 0 to 512
[  125.942264][ T9217] EXT4-fs (loop3): too many log groups per flexible block group
[  125.950112][ T9217] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  125.965681][ T9227] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  125.976982][ T9217] EXT4-fs (loop3): mount failed
[  125.983476][ T9227] EXT4-fs (loop2): 1 truncate cleaned up
[  126.025476][ T9241] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  126.046233][ T9231] lo speed is unknown, defaulting to 1000
[  126.157600][ T3315] EXT4-fs unmount: 173 callbacks suppressed
[  126.157613][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.176285][ T9248] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  126.257071][ T9261] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  126.268952][ T9260] loop0: detected capacity change from 0 to 4096
[  126.273629][ T9261] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  126.288273][ T9260] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  126.331763][ T9260] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.398638][ T9268] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  126.407683][ T9270] loop4: detected capacity change from 0 to 512
[  126.433743][ T9270] EXT4-fs (loop4): too many log groups per flexible block group
[  126.441587][ T9270] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  126.450536][ T9270] EXT4-fs (loop4): mount failed
[  126.461988][ T9275] loop3: detected capacity change from 0 to 512
[  126.481133][ T9275] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  126.519825][ T9275] EXT4-fs (loop3): 1 truncate cleaned up
[  126.527290][ T9275] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.587311][ T6553] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.626382][ T6584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.681338][ T9294] loop3: detected capacity change from 0 to 512
[  126.698979][ T9294] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  126.705763][ T9300] loop4: detected capacity change from 0 to 512
[  126.731593][ T9300] EXT4-fs (loop4): too many log groups per flexible block group
[  126.739333][ T9300] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  126.747985][ T9300] EXT4-fs (loop4): mount failed
[  126.748171][ T9294] EXT4-fs (loop3): failed to open journal device unknown-block(0,8) -6
[  126.857753][ T9317] loop1: detected capacity change from 0 to 512
[  126.876747][ T9313] loop4: detected capacity change from 0 to 4096
[  126.884642][ T9317] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  126.895761][ T9313] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  126.913505][ T9317] EXT4-fs (loop1): 1 truncate cleaned up
[  126.919876][ T9313] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.932924][ T9317] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.031876][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.192631][ T6718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.242913][ T9340] loop4: detected capacity change from 0 to 512
[  127.271792][ T9340] EXT4-fs (loop4): too many log groups per flexible block group
[  127.279676][ T9340] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  127.286713][ T9340] EXT4-fs (loop4): mount failed
[  127.321644][ T9345] __nla_validate_parse: 29 callbacks suppressed
[  127.321660][ T9345] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1876'.
[  127.337678][ T9345] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  127.383440][ T9329] loop1: detected capacity change from 0 to 1024
[  127.391569][ T9329] EXT4-fs: Ignoring removed nobh option
[  127.412343][ T9329] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.458963][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.543466][ T9363] loop1: detected capacity change from 0 to 4096
[  127.552143][ T9363] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  127.569599][ T9363] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.723214][ T9384] loop0: detected capacity change from 0 to 512
[  127.732824][ T9384] EXT4-fs (loop0): external journal device major/minor numbers have changed
[  127.763084][ T9384] EXT4-fs (loop0): failed to open journal device unknown-block(0,8) -6
[  127.775346][ T9384] validate_nla: 18 callbacks suppressed
[  127.775360][ T9384] netlink: 'syz.0.1893': attribute type 4 has an invalid length.
[  127.847608][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.851806][ T9388] netlink: 'syz.4.1895': attribute type 1 has an invalid length.
[  127.864591][ T9388] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1895'.
[  127.890771][ T9388] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  127.943755][ T9398] FAULT_INJECTION: forcing a failure.
[  127.943755][ T9398] name failslab, interval 1, probability 0, space 0, times 0
[  127.956481][ T9398] CPU: 0 UID: 0 PID: 9398 Comm: syz.4.1899 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  127.956530][ T9398] Tainted: [W]=WARN
[  127.956536][ T9398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  127.956545][ T9398] Call Trace:
[  127.956628][ T9398]  <TASK>
[  127.956635][ T9398]  __dump_stack+0x1d/0x30
[  127.956653][ T9398]  dump_stack_lvl+0xe8/0x140
[  127.956669][ T9398]  dump_stack+0x15/0x1b
[  127.956683][ T9398]  should_fail_ex+0x265/0x280
[  127.956702][ T9398]  should_failslab+0x8c/0xb0
[  127.956722][ T9398]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  127.956820][ T9398]  ? shmem_alloc_inode+0x34/0x50
[  127.956840][ T9398]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  127.956859][ T9398]  shmem_alloc_inode+0x34/0x50
[  127.956924][ T9398]  alloc_inode+0x40/0x170
[  127.956944][ T9398]  new_inode+0x1d/0xe0
[  127.956966][ T9398]  shmem_get_inode+0x244/0x750
[  127.956988][ T9398]  __shmem_file_setup+0x113/0x210
[  127.957112][ T9398]  shmem_file_setup+0x3b/0x50
[  127.957204][ T9398]  __se_sys_memfd_create+0x2c3/0x590
[  127.957223][ T9398]  __x64_sys_memfd_create+0x31/0x40
[  127.957239][ T9398]  x64_sys_call+0x2abe/0x2ff0
[  127.957325][ T9398]  do_syscall_64+0xd2/0x200
[  127.957407][ T9398]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  127.957476][ T9398]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  127.957501][ T9398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.957522][ T9398] RIP: 0033:0x7fd08a22ebe9
[  127.957535][ T9398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.957591][ T9398] RSP: 002b:00007fd088c96d68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  127.957687][ T9398] RAX: ffffffffffffffda RBX: 000000000000059d RCX: 00007fd08a22ebe9
[  127.957765][ T9398] RDX: 00007fd088c96dec RSI: 0000000000000000 RDI: 00007fd08a2b27e8
[  127.957776][ T9398] RBP: 0000200000000000 R08: 00007fd088c96b07 R09: 0000000000000000
[  127.957793][ T9398] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001
[  127.957803][ T9398] R13: 00007fd088c96dec R14: 00007fd088c96df0 R15: 00007ffefe47c9e8
[  127.957819][ T9398]  </TASK>
[  128.195596][ T9403] loop4: detected capacity change from 0 to 512
[  128.217068][ T9403] EXT4-fs (loop4): too many log groups per flexible block group
[  128.225049][ T9403] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  128.235233][ T9411] netlink: 'syz.3.1904': attribute type 1 has an invalid length.
[  128.243253][ T9411] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1904'.
[  128.255564][ T9403] EXT4-fs (loop4): mount failed
[  128.516795][   T29] kauditd_printk_skb: 649 callbacks suppressed
[  128.516810][   T29] audit: type=1326 audit(1756633347.198:11538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9435 comm="syz.1.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  128.573489][   T29] audit: type=1326 audit(1756633347.228:11539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9435 comm="syz.1.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  128.597076][   T29] audit: type=1326 audit(1756633347.228:11540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9435 comm="syz.1.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  128.620702][   T29] audit: type=1326 audit(1756633347.228:11541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9435 comm="syz.1.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  128.644249][   T29] audit: type=1326 audit(1756633347.238:11542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9435 comm="syz.1.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  128.667814][   T29] audit: type=1326 audit(1756633347.238:11543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9435 comm="syz.1.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  128.691342][   T29] audit: type=1326 audit(1756633347.238:11544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9435 comm="syz.1.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  128.715471][   T29] audit: type=1326 audit(1756633347.238:11545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9435 comm="syz.1.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  128.739171][   T29] audit: type=1326 audit(1756633347.238:11546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9435 comm="syz.1.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  128.762683][   T29] audit: type=1326 audit(1756633347.238:11547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9435 comm="syz.1.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3757c1ebe9 code=0x7ffc0000
[  128.819034][ T9447] loop1: detected capacity change from 0 to 512
[  128.838841][ T9447] EXT4-fs (loop1): too many log groups per flexible block group
[  128.846626][ T9447] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  128.865277][ T9447] EXT4-fs (loop1): mount failed
[  128.919802][ T9433] loop3: detected capacity change from 0 to 1024
[  128.936239][ T9433] EXT4-fs: Ignoring removed nobh option
[  128.975440][ T9433] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.051519][ T6584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.101073][ T9476] netlink: 'syz.3.1932': attribute type 1 has an invalid length.
[  129.108910][ T9476] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1932'.
[  129.148201][ T9480] loop4: detected capacity change from 0 to 512
[  129.171641][ T9476] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  129.189211][ T9480] EXT4-fs (loop4): too many log groups per flexible block group
[  129.197193][ T9480] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  129.220505][ T9480] EXT4-fs (loop4): mount failed
[  129.241916][ T9488] FAULT_INJECTION: forcing a failure.
[  129.241916][ T9488] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  129.255049][ T9488] CPU: 1 UID: 0 PID: 9488 Comm: syz.0.1936 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  129.255140][ T9488] Tainted: [W]=WARN
[  129.255148][ T9488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  129.255159][ T9488] Call Trace:
[  129.255166][ T9488]  <TASK>
[  129.255174][ T9488]  __dump_stack+0x1d/0x30
[  129.255196][ T9488]  dump_stack_lvl+0xe8/0x140
[  129.255212][ T9488]  dump_stack+0x15/0x1b
[  129.255342][ T9488]  should_fail_ex+0x265/0x280
[  129.255362][ T9488]  should_fail+0xb/0x20
[  129.255378][ T9488]  should_fail_usercopy+0x1a/0x20
[  129.255396][ T9488]  _copy_from_user+0x1c/0xb0
[  129.255528][ T9488]  bpf_test_init+0xdf/0x160
[  129.255549][ T9488]  bpf_prog_test_run_xdp+0x274/0x910
[  129.255569][ T9488]  ? kstrtouint+0x76/0xc0
[  129.255608][ T9488]  ? __rcu_read_unlock+0x4f/0x70
[  129.255633][ T9488]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  129.255651][ T9488]  bpf_prog_test_run+0x22a/0x390
[  129.255742][ T9488]  __sys_bpf+0x4b9/0x7b0
[  129.255771][ T9488]  __x64_sys_bpf+0x41/0x50
[  129.255789][ T9488]  x64_sys_call+0x2aea/0x2ff0
[  129.255820][ T9488]  do_syscall_64+0xd2/0x200
[  129.255846][ T9488]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  129.255868][ T9488]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  129.255893][ T9488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.255925][ T9488] RIP: 0033:0x7fea0bb6ebe9
[  129.255940][ T9488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.256030][ T9488] RSP: 002b:00007fea0a5cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  129.256047][ T9488] RAX: ffffffffffffffda RBX: 00007fea0bda5fa0 RCX: 00007fea0bb6ebe9
[  129.256058][ T9488] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  129.256110][ T9488] RBP: 00007fea0a5cf090 R08: 0000000000000000 R09: 0000000000000000
[  129.256122][ T9488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.256134][ T9488] R13: 00007fea0bda6038 R14: 00007fea0bda5fa0 R15: 00007fff2842ddd8
[  129.256158][ T9488]  </TASK>
[  129.524117][ T9495] loop0: detected capacity change from 0 to 512
[  129.610389][ T9495] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  129.651527][ T9495] EXT4-fs (loop0): 1 truncate cleaned up
[  129.657681][ T9495] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.761517][ T6553] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.793419][ T9515] netlink: 'syz.1.1948': attribute type 1 has an invalid length.
[  129.801291][ T9515] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1948'.
[  129.822341][ T9515] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  129.858121][ T9520] loop1: detected capacity change from 0 to 512
[  129.887983][ T9520] EXT4-fs (loop1): too many log groups per flexible block group
[  129.895761][ T9520] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  129.903254][ T9520] EXT4-fs (loop1): mount failed
[  129.911691][ T9493] loop4: detected capacity change from 0 to 1024
[  129.938323][ T9493] EXT4-fs: Ignoring removed nobh option
[  129.958799][ T9503] loop2: detected capacity change from 0 to 1024
[  129.967441][ T9503] EXT4-fs: Ignoring removed nobh option
[  129.974615][ T9493] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.048270][ T9503] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.087732][ T6718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.166246][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.179942][ T9546] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1958'.
[  130.199577][ T9546] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1958'.
[  130.289430][ T9552] loop2: detected capacity change from 0 to 4096
[  130.290741][ T9558] netlink: 'syz.4.1964': attribute type 1 has an invalid length.
[  130.303592][ T9558] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1964'.
[  130.346742][ T9564] loop4: detected capacity change from 0 to 512
[  130.359264][ T9552] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  130.382840][ T9539] loop1: detected capacity change from 0 to 1024
[  130.389431][ T9564] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  130.400810][ T9539] EXT4-fs: Ignoring removed nobh option
[  130.414819][ T9552] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.428008][ T9539] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.456472][ T9564] EXT4-fs (loop4): 1 truncate cleaned up
[  130.473037][ T9564] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.519639][ T9572] loop0: detected capacity change from 0 to 512
[  130.527337][ T9572] EXT4-fs (loop0): external journal device major/minor numbers have changed
[  130.557287][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.593003][ T9572] EXT4-fs (loop0): failed to open journal device unknown-block(0,8) -6
[  130.649280][ T9572] netlink: 'syz.0.1968': attribute type 4 has an invalid length.
[  130.680890][ T6718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.850299][ T9600] netlink: 'syz.0.1980': attribute type 1 has an invalid length.
[  130.858205][ T9600] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1980'.
[  130.891066][ T9600] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  130.902465][ T9605] loop3: detected capacity change from 0 to 512
[  130.932639][ T9605] EXT4-fs (loop3): too many log groups per flexible block group
[  130.940527][ T9605] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  130.984403][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.006862][ T9605] EXT4-fs (loop3): mount failed
[  131.016206][ T9615] loop0: detected capacity change from 0 to 512
[  131.024032][ T9615] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  131.067829][ T9615] EXT4-fs (loop0): 1 truncate cleaned up
[  131.078068][ T9615] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.093537][ T9623] netlink: 7 bytes leftover after parsing attributes in process `syz.2.1983'.
[  131.158662][ T9588] loop1: detected capacity change from 0 to 1024
[  131.188253][ T9588] EXT4-fs: Ignoring removed nobh option
[  131.212530][ T9631] netlink: 'syz.2.1994': attribute type 1 has an invalid length.
[  131.228581][ T9633] loop4: detected capacity change from 0 to 512
[  131.235118][ T9631] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  131.249623][ T9588] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.271435][ T6553] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.281492][ T9633] EXT4-fs (loop4): too many log groups per flexible block group
[  131.289183][ T9633] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  131.310405][ T9633] EXT4-fs (loop4): mount failed
[  131.345650][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.396842][ T9645] loop0: detected capacity change from 0 to 4096
[  131.411299][ T9645] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  131.424084][ T9649] loop2: detected capacity change from 0 to 512
[  131.446843][ T9645] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.488316][ T9649] EXT4-fs (loop2): too many log groups per flexible block group
[  131.496207][ T9649] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  131.530460][ T9649] EXT4-fs (loop2): mount failed
[  131.645510][ T9661] loop3: detected capacity change from 0 to 1024
[  131.660817][ T9661] EXT4-fs: Ignoring removed nobh option
[  131.681963][ T9661] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.710649][ T9676] netlink: 'syz.1.2009': attribute type 1 has an invalid length.
[  131.719077][ T9676] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  131.777463][ T9680] loop1: detected capacity change from 0 to 1024
[  131.786967][ T9680] EXT4-fs: Ignoring removed nobh option
[  131.799582][ T9682] loop2: detected capacity change from 0 to 512
[  131.820725][ T9680] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.831854][ T9682] EXT4-fs (loop2): too many log groups per flexible block group
[  131.841085][ T9682] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  131.850451][ T9682] EXT4-fs (loop2): mount failed
[  131.894301][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.943807][ T9690] loop1: detected capacity change from 0 to 1024
[  131.950954][ T9690] EXT4-fs: Ignoring removed nobh option
[  131.982718][ T9690] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.003807][ T6553] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.014320][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.196340][ T6584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.250903][ T9709] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  132.296333][ T9715] loop0: detected capacity change from 0 to 512
[  132.321570][ T9715] EXT4-fs (loop0): too many log groups per flexible block group
[  132.329372][ T9715] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  132.343838][ T9723] __nla_validate_parse: 6 callbacks suppressed
[  132.343852][ T9723] netlink: 7 bytes leftover after parsing attributes in process `syz.4.2027'.
[  132.350721][ T9715] EXT4-fs (loop0): mount failed
[  132.372761][ T9723] netlink: 7 bytes leftover after parsing attributes in process `syz.4.2027'.
[  132.458424][ T9736] loop0: detected capacity change from 0 to 512
[  132.488746][ T9736] EXT4-fs (loop0): too many log groups per flexible block group
[  132.496667][ T9736] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  132.509381][ T9736] EXT4-fs (loop0): mount failed
[  132.519538][ T9742] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2035'.
[  132.538312][ T2995] ==================================================================
[  132.542991][ T9742] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  132.546440][ T2995] BUG: KCSAN: data-race in d_delete / step_into
[  132.561170][ T2995] 
[  132.563494][ T2995] read-write to 0xffff8881072c7000 of 4 bytes by task 3627 on cpu 1:
[  132.571572][ T2995]  d_delete+0x15a/0x180
[  132.575732][ T2995]  d_delete_notify+0x32/0x100
[  132.580404][ T2995]  vfs_unlink+0x30b/0x420
[  132.584737][ T2995]  do_unlinkat+0x24e/0x480
[  132.589160][ T2995]  __x64_sys_unlink+0x2e/0x40
[  132.593848][ T2995]  x64_sys_call+0x2dc0/0x2ff0
[  132.598548][ T2995]  do_syscall_64+0xd2/0x200
[  132.603064][ T2995]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.608955][ T2995] 
[  132.611278][ T2995] read to 0xffff8881072c7000 of 4 bytes by task 2995 on cpu 0:
[  132.618868][ T2995]  step_into+0xe3/0x820
[  132.623027][ T2995]  walk_component+0x162/0x220
[  132.627703][ T2995]  path_lookupat+0xfe/0x2a0
[  132.632221][ T2995]  filename_lookup+0x147/0x340
[  132.637002][ T2995]  do_readlinkat+0x7d/0x320
[  132.641499][ T2995]  __x64_sys_readlink+0x47/0x60
[  132.646421][ T2995]  x64_sys_call+0x28da/0x2ff0
[  132.651108][ T2995]  do_syscall_64+0xd2/0x200
[  132.655607][ T2995]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.661509][ T2995] 
[  132.663838][ T2995] value changed: 0x00300180 -> 0x00004080
[  132.669538][ T2995] 
[  132.671847][ T2995] Reported by Kernel Concurrency Sanitizer on:
[  132.677999][ T2995] CPU: 0 UID: 0 PID: 2995 Comm: udevd Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  132.688840][ T2995] Tainted: [W]=WARN
[  132.692630][ T2995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  132.702672][ T2995] ==================================================================
[  132.793872][ T9747] loop3: detected capacity change from 0 to 1024
[  132.800962][ T9747] EXT4-fs: Ignoring removed nobh option
[  132.821974][ T9747] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.858032][ T6584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.