last executing test programs:

3.133840667s ago: executing program 3 (id=1059):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xffffffffffffff54}, 0x18)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = dup(r1)
fsetxattr$security_selinux(r2, &(0x7f0000000180), &(0x7f0000000300)='system_u:object_r:apm_bios_t:s0\x00', 0x20, 0x2)

3.086241251s ago: executing program 3 (id=1061):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000240), 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000019ffffff0000000000000000180100002020732500000000002020207b0af8ff00000000bfa100000000000007010000f6ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000300)='syzkaller\x00', 0x1, 0xfe4, &(0x7f0000001e00)=""/4068, 0x40f00, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400}, 0x94)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="20010000120013"], 0x120}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYRES64=r0], 0x0, 0x33, 0x0, 0x408, 0x2afb}, 0x28)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000140), &(0x7f0000000180)=0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
openat$uhid(0xffffffffffffff9c, &(0x7f0000001440), 0x2, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000000140))
open(0x0, 0x141242, 0x40)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0xb10, 0x7}, 0x0, 0x2, 0xfffff7f0, 0x0, 0x12, 0x4, 0x1, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r3}, 0x9)
r4 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000009c0)="010000000037a788a11d1f000000000000006923c63a4541062101b60a2156566de77062086575a59ea9cb", 0x2b, r4)
unshare(0x24040000)
unshare(0x2c020400)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

2.285752195s ago: executing program 3 (id=1071):
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x3, 0x1000002, 0x0, 0xff, "d4e9002b2c000000ff00"})
r2 = syz_open_pts(r1, 0x0)
r3 = dup(r2)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0x3)
dup3(r1, r3, 0x0)
r4 = dup3(r2, r1, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x13)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r5, 0x40047438, &(0x7f0000000180)=""/246)
pwritev(r5, &(0x7f0000000300)=[{&(0x7f0000000600)="8414", 0x2}, {&(0x7f0000000640)='hQ', 0x2}, {&(0x7f0000000900)="0db834278411be986e8bd0ae880053c48bcd", 0x12}], 0x3, 0xffffffff, 0x4)
ioctl$TCFLSH(r1, 0x540b, 0x1)

1.627765658s ago: executing program 0 (id=1072):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xffffffffffffff54}, 0x18)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = dup(r1)
fsetxattr$security_selinux(r2, &(0x7f0000000180), &(0x7f0000000300)='system_u:object_r:apm_bios_t:s0\x00', 0x20, 0x2)

1.215462642s ago: executing program 0 (id=1076):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x3, 0x40)
syz_usb_disconnect(r1)

1.152425717s ago: executing program 3 (id=1078):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vxcan0\x00', <r3=>0x0})
connect$can_j1939(r2, &(0x7f0000000100)={0x1d, r3, 0x3, {0x1, 0xf0, 0x1}, 0xff}, 0x18)
r4 = syz_io_uring_setup(0x109, &(0x7f0000000580)={0x0, 0xd736, 0x8, 0x3, 0xbffffffa}, &(0x7f00000003c0)=<r5=>0x0, &(0x7f0000000340)=<r6=>0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES64=r6], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8a}, 0x94)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0xa, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x80, 0x6000})
io_uring_enter(r4, 0x1c3a, 0xe176, 0x22, 0x0, 0x0)
fsopen(&(0x7f0000000040)='affs\x00', 0x1)

1.152003697s ago: executing program 1 (id=1079):
r0 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000780)='./bus\x00', 0x41, &(0x7f0000000c00)={[{@bsdgroups}, {@resgid}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@resuid}, {@auto_da_alloc}, {@noload}, {@jqfmt_vfsv1}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r1, 0x0, 0xa20, 0x8000c64)
getsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f0000000000), &(0x7f0000000040)=0x4)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r2=>r0, {0xe3}}, './file1\x00'})
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000000100)=0x7, 0x4)

1.061703264s ago: executing program 3 (id=1080):
socket$l2tp(0x2, 0x2, 0x73)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000340)={0x4, &(0x7f00000004c0)=[{0x8, 0x2, 0x20, 0x9}, {0x5, 0x80, 0x0, 0x8}, {0xaa52, 0x3, 0x1, 0x1}, {0x6, 0x1, 0x0, 0x100}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="190000000400000004"], 0x48)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f00000003c0)={&(0x7f0000000180), 0x10, &(0x7f0000000380)=[{&(0x7f0000000480)="c3e972bd85a6d84136d6dd55048d3593a74f338ce6772ab9a6f64041c2f6fbbecdc08ebcd3192b6a53662dae7c8e9c665e80a5d0925f728dcac30c29793992e588952653d414cb8ccdabc38767fee819ec5af0c5ee936880fe8549b4ed347779cab4ffd4e0b62c53a1c01db28f2b3f91c34211c9353bc1dece61511917c2245fd66cb8dffeacb4d46d627c97b498bf1ff6b313bfbc9765457c831771d5eec7997ec242e4505f01c1bb3e069b2e630f42a2be86598a61", 0x64}, {&(0x7f0000000300)='V', 0x1}, {&(0x7f0000001600)="3eed50d0125719a810f88e3f47186fe4dae74182dfd109a2587c4797410c9b8e39bd3d9aa144d5908647c30c8db69b5c17084c9b1bfbb8680737c4f88abcdbc7d294d72ab1b344270915df9ddf5635644c351c22b29d948ac4106bce7107570beed63077cfbc98ef71699eae65d37724d995b553e7a3ade619b522313ab382caf879feb48942878e605ee3ee2872794e3abe22a3f025068b628a5d92468092a5cc649bbbd978b5772e537939432a502122235ced312dafd108c9ffeb0b38cc16da9418ca01d485a6afb5827da4df6e1121ec307de14bb32b6a977608e4576a998182dd93d592ff43e55bfdbbce23ecd501e43b3e93ef8d9d01711dff54c301e299d3801a3cffe6c9883fbd0e47124dc02569f62d48b878fcb58ce99fcffcd2a5166eff3ad93cf1d137274993d86a3b3730d63ded759f6ca88fa449e5575b15321e5a58a1f888eed7466db4976ce35f6d2efb5ad05d99a66482dc607cb5acb24d326803bd337519cc98103f59c63b5962cd72e4497d1b00817d6e09de70270a09b493c2226617b1c9ef9d506be00d6e07f14633a966f04ecca90fb8d2b963ad6f3817935bd6534fa3da1c5dc468789cbf1192f3c0bff3777f1edd2ada5d35f88f12f29e952c44445ce623509d66811c80a9e0f13ad85aba37d86ff0da4dda601d9e8acb264233bc939fb056316612cff687d5c44157be05bcc88b333ff2a40041d98f1acfe6e2231a84e09bd7a54a0442cf87ce3ee8fd8da39da1862862ae40fc3cb3055c8b70e62f243850707341f51426bb3e71c7a4fffefab060db786000618b05eb087a424a2f30f6a232ff44b605f70ceec0a8f70e37907f6e0bbba21e9d5b7ecb6d287742b75c101ba79525918c3473eae38f3c177249dfa8816661c9921f0b0c858d53ab87c8407b97950c842111002edd1d1e80b801b495da28bcd5409bc971e55dab1857e188ac9728efc8f9a4543945f86ade13b445eacecbbf848a96410ac37c57e3e9e8bc8b8fadd559d225c7468639da2b5d1208558b51e94c14faa7947a7c60e81a96bb5d194cc7289adbc02ebb4b49be1f1efc429db2f9b79b5a22919dba0c35341042c5776942c52365367c4bfc95b42be383cca7107161ded7e851d0126da33d581f1e2b08d0c061e86d31e7a83f9b51c79b4034c7deda7697034e1404c6e8e459f76c2efe64350146c7437ef808e04ca14df5f6f500264fd977272bbf8fc096774e8eb61d0963430751ac1425a073f84346b0eba368cba7fa34adc420800d4f99927280eba199f9695cf88124fafc3a2b1226d2f2ab3ea27c69a127650cf5c725b54c02bd8729033cf699ce7f030f9a3442056244da3cfb61a8126dba11377624f39eb009242152fd7b8b88de7dd86057f29bfcb7b7df0e65e7e9ac9eeaa41afa62743698bff03d5b2d51fb6bca2d92294e8e177cfa3661b26f1c040e9bed983b7bc0aa154eb9c92e4ee25091318c53113a1c23ac62d2d71504cba99041f29a4f332133292cf20abec9222a2acca57cac48fa6c0668ee5eecb494741a64d33b011dcca74696d4614c5b45a5d20983b1708d365ed3ffa60f9161972a611c22642c3c259b41f943f6d7a8b60f284d325e38fe76f0645e069ff70cae38850ccf973193b6232c987df26239a574691f7f07fffa6deae1eb0324fe546573c36f2a2c31cd442517a9b036ae6a2a491e7343864693c107a5dc2585820863c146c1ba6caa4fea9b87d567716f4c8ca1a9d2848055cd750512d3b7415d090019dc8a04a1a1d28931093cd8f00e94c407ca1fa2a5ce903d9df26e008c07cd13afa783220e1bd5e6b60645f3dbb6ecb4156fedafa2dd25498c6a99d94f0b38125ea7741b75109dcac9f80635f79f5c8a0483bb9f05a3a5bf721c7541edb252449f8b13e63c370a6146332f03ca1f1b6fe0bed984f13744bb7fa0fe322e83ddf9ffb2083e94f33604a0a199220c450dad94bf154805e7f9e4350ca2d81adf2978c87dcc8a8a7d56297ec124bfef0d28f35777205e973272c87e01070f14f5b14daa3b5104d9ff6b296c4f16ed49eb42d35e7ba3bccb7a26c33a263df88aadd596e9d9de0abbd4d449df11081f2cd62e1d8962b9b9feb25a3b8e03537d61a61c11ac22b7211d12c84e60a6abcc219e558b2513d8c530b3c7a57cdc47de545aafbb2a13c0e6c75b1b92fa241c713c83a09c92b2b61d565120372a9143415583c9596f27a663d4967cd653b08cebd6cb96c1f0dc80d57267ac9a8281d7149bde880828ee27d69a6818db58320db29d1b044eaf6ab8a5108bc522de406990b5393b1f7e7bab71bf6cf8eed1cd59c7607d662e8b313f5c4fce0f59b1027371381011b63dd5b2b09739082c0d62ffad96e30153a395234937d377c32fe7af82aca3a19d0ebc4a5c5fb5ff190f14d5695c703b571fb4bf03756635cafc6cf6267eab836c347a9d07e8089fc105346934cf3364e5be370b3c42b94bc5ae3d17a817398566a2953251eb91697d67278145df9a4b917bcca1bf211780b22f4caacfcb7604c84f943d05f6fdf8edbd258d7d8dbf84f9d99e57472c5b1c2337d749a1f345e662e2536d23c7a63bbbbf00f8b5b0a2106a0342ab27b9a10b82e82668cd49e0cbb09d7be0217645f1dda3be59c8232fa290d34791cda52aa5b5cec6339ab96a2eb3f5328cc7c0e6717c2824344547a2ed518f6b2b4e4fe5b684596aa6a9d3988fc5d5ff4cb46cec99d951b8386b10949a163af974b7543df97b4882a4ed60e927a1deb67c5f814235bef65fea79a2c712815be7403c93a3707fb90d4604ec3a6a3b0928f253f6ab6bd56c958e026c8c58172c4ac2a3efe2ecd5cea70c8313f9ac2d638bc296ba99e2ca86d2fd06b5402cdcddc3f3c9845d5ae77f6f36963b91e8f6cdccd17abe8d40ed02463af4bb0e496344f350097f1cc13313fa1e172b63556ed2b8a8121c01a5fb343ff7767821626fc49b0d6bd522e1c9bf137d5a5bccb4bc8dbb64c83a82ef6c2894f3896c9f6bf0c3764011d53eeb6db9ea9dae22d3ebcca4942d5828c0bca0d9ea37701d5a06c066ac4fe318e11e9c0d6c658ac810fb5d7836cfffe4ccbb0934e5567d74695980a156d4bf1c18861c5a29ccd349999dc20562d00e1f6c1851ae563541086438d60b975c8ceb466414ff60efa0b2dee790fd0659ffa98b92414c13d5a6825368f56c4984412205041cd8e006c7127d4395ecdffb5addf80ef938ce54a367154c4fc286d5f969325c12b13655a9a956dd3b98281f537e837669fc55d8930676e807aa8cd046e0f4583d59f86cb99f3f7a7ddde1fb39111fdec7677d2fee4b8f4814a5def5ebcc67c653384ce80eaffd880405f7edf8fd3ea049f040595df4a75e2f892e7a85e0ba351fb8d263bfff7168bb85017b360fcd2ba89346682a6ea7ccc46afbdb5ab444e3f477238b2ab503bde914d3cf1789539cde9c0621152cd97bff9f235d88a1ef4ea4309db3a05d401af7fb82784b050ef529dab4f1f003eb29710a962f7538c521e617e2f0efac36182d09985e1d725cc38c3833a53742a02f76fb2854a9e45f0febacf3bda83f11183ef5b9fef02ebcdf56d4104b175bad937d8f61964f97d673577cdcbbb48d8eb62b063ee6563b9ff053719baff871bcd83822d865b2f7ef023076425ac5cd71b1f2309de0c6f14cc9c4d3e8fad945f756a7c8a084ea1bfdf5ac6e740043e7f7bdaca06774b084ae314c2636529d4fdcd965c7f8c07156572620b827d694efdc9d2bfc5aa9391220a83765f2c71fcd48d4acaed60afb53d1013fa3b15e948ec4159f7d130ef85b594018346e99034c18738285223ea53a6b1d5cf11a607de2e19608ba03ec970a915b773824261f3fc931dd6d3b934d89f07baf14776314c3eeb8cd0537ef5736f565fbd14e520d4ab2f77ed9597b76ff91f8d1f99ebd6e473efda7accb273975a06944d1037032129992b994ca791a09b4d83980a1e494b0f97098df5f6fb6bbb02722adb11dc319c565c2c363cbd19d9fb3efb4613b62d6584cd53f7bd80e3e89304f444ce9dd1835661e3bb4de02ccf568a2a5daaf0d56898d4286c3fb62e22af62d7ac318685834467f337561dde2e0c1e2827cdffcf42c17728ee64b3ff4ccc0227590badd0bd7e448b8cca0892d6a5e0130d2ac665f47c6b28daa101c1b319869bdd39fa924d6d9ba7d72feda5f21ac78641c7d4801d41c7879721b3be4dab40d9c4a78552440101f373489cc5240b0144a9ce32691a784b6dfe971a21bb5980ff67da2d1bb90b223c9e192a39c1aeadd1f5c790811079c0b51a97105c99b6f95d71bb3ea47c33d9dcb0a53c929c44499e184a3cd722c908d3b0d157e28ffdeb2ed7192e780d96a7a2f0fd5a87bdc973e049da0caf931f26f5a21813e2e602ceb2259997e0205ce48fd9424bd6d4d75dd4301f429ee30745cd839a40dbeab4c3db2f0f10bbaea071ca41d1392385681730a3678a5f60f604dbe19cb9d7dd234337e327451b8cc65394af399432ef7fc3765d055874ebdca14e5999292d6f72f31e92bacf25db5ef8f5212952c1910de06ddbe1687a0e1837922f2228289916ed3aeb7b9cc24da3ae47139e371930afa6d3573df6732c26c0c7ae06d9cedfa77160711bcb06e6553338deae4c5731cf53cc154113096d02f3036d7d9edfcdc331e4bb860c5208489212e904eab70e7f860b0379895cbdecbf7a0b7a25e5b853c7dbe08a4e296a30afec8cf5a9f6ea4aef32a508655d539a770b21e660c9ee1d7688c56abeb7cf1afccc8d59780cf26312589e0c8e1bc00ad7b1325cd9a5dd69246e0b33407c381ea09265154aec297e4ccdf9785a1042a83e77c13d4ce4360782f2428f9916b5cd123b089eb683d30c1e895b9944aa905a1a5b52301d8cc5e4741834ead6ebdb5dc05c9c49c5e883e99d40b9838037beaf876534d747856103e59caf6266fbbe760b6ef83d004634b74f14f8eb4aef93c4cc9cbbd78d83d532c70feef51ea3f170b25d81a6a9b074bfca7e9b3771bf83517e0dd9d0600f70b86b20f61fe36076f8bada334b2390fa954973bc901619a3cfd039349cb328625f495ab288dbdd6dbfd022c2a83f59e0b998619a12e35891b5ae9e83a71765507b4a571cd2241e5885c705244c1022688bef7c5065fbcf219fc01753adb611b3fbc09403dcb10a4f99d788667eff75fa27074ca8481a633530e26163ccf7dada049d23e717e067b6fa5b2f652bc50abda9e7ccdc5f2f3c35ecc2c4431c819c9691be4422e379750774e9f39dae06f26423c8a4278789c9f3111b43f6dd25b0ad47c4cc5fda3f3ed82079c9366e0adced883488f429c1d7e1b351fd0bb204dd7977ef224c4df6d7a5f7697bc6500a7d03a8a914154779fa7092bf1be6bad4092367ce5d295a5d5d0e7c469f372ca2011d612637025e89f178ae9ada0c5b73bcb7d7c034ff595263cd4216e3c76ba5f3d81932a088a90bf8043e877e299c670ef1622a098d5519d9adc4ee7d4cd00e5934a4375fa83fdb81214b892482b31bdde59a70aaf25cb7f417c3a2a91c4e54b48149f6c41d9d396ee6ff13e3028c64a7c9b1f2e7c6e67184a3d52d6f570db3d225c947423c4c6533f22df57d15c5e5a3183422bd378b06fe4732a9401dcb19840fb8fa5c50a0ff497fef362c507753e46b8881d3e767f3b1d893a3805941c94f2efa05ce34b9ea81d716984af6834230d4707a87089d40779503ee6a9bb245d7d997f14acb80e89731c042bbbbe3dcd05177b0ee0eec23455830ef5b65aca357f2b0b887e0b9821c0", 0x1000}, {&(0x7f0000000340)="b768eb20304f2fdc5a9694a4867840d93170ca1a86406f", 0xfffffec0}], 0x4, 0x0, 0x0, 0x8010}, 0x0)
r3 = dup2(r2, r1)
sendmmsg(r3, &(0x7f0000008800)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000008480)=[{&(0x7f00000062c0)="4bd203afa8a0a820573831475cc1ca6053bd0284b52b6bcd4c502be0ff09b7129c217f3c9d67ba184004f2bf0b7f03b31257bf6d6812b36e1f51908ef687e8251bfbb0b9f69e302edc28ecffd45e833222c77c05fc230977e0d617288a2e66caaaa8778bfa68feadf212a2d744713b1384039886323d0ed34984459e40c4f186588a738c54cbf74af7a6216faa39c19fcfe445a434f39b46800f46b454b868dbbe072b5629a22e12f874b9f2991994434354be6ffd4d80e1f1230011874785146729a948328f155cedb5122aab4347840eb1f13e0b2d6ec445209f07110df6391737694972f66c41281c68a0744e51bcb90e6249946b6c213bb85d6a791235805ec9ddeb03afbbd3a57e2e122a8ec318c8926489e71cc276776d5d0ffc0f16ed590c076c8fd7640738268450aeec1011de0d913ccf3f68395ce63256677302dff0b176686ed4868618d677a5e52ab1996f64e499fb942cf04d0024ec633560d4eec2b71fb6bd774c501b87715f3e1df55ae1f7aa065dece77394069492ad8365e8ea39ead9538d48fb50a08e2af84312b3b30384ff8441c2f51fcabbfe76aee565f413237b77cf3f95ee0884077db0724c195a4d40cf903402da79cf8161bdae5e39f557e67be556424deda2982344edcad4f36f03e197c50c88929e887f57e3b0836e9cd58e1132df47f52e15177e3ed5d9908bdfe42b6fe282f670d2a44165775d19958d5e689c47e444b16911dbc5f0ade56c679aecedfbb9eef16572fdd117f921f9f89c504b4fc1dd6ab8939f2ac7b8057498ad5a9ab09c99f540aa9784767fde91c92fd7209dfa6ba78e9953d5b8cfebfeacde6763af29193601d9a7fc6b73148c3aa3b483297f4881ad2d95b492f1476d4b218ac49c7cfb867b1650ba16d91e9412c1762ceb66531113956096bca757a2fd8cc1ad9a8cdf9615121d5f0d636cfa222fb21deae21f9f1982a8d0ace1f9104785eeb015ad1792b26d475b1bc4a454b63e7c8346a5b2bd40bc7541b2f6c02895f54e2fdb88ec2d678aaa9c783d61473afa2c8f6c2df83cd7491f26c7f527a38f71d4924225fc4ae77ef33d46012fba2d0ef723e39c75908a66e884b936cd17e20d3f59bf48f5cbf9ef2542ef9af618fc7df6daa30de39934acf70c8309382c266761966beec9ee78aecdb6623102776a04ee83b6193c0e4492665092d8c872fd355012d9fa65e4bac319b19e95baefae67b20de2dd3c43c4c5f1708ed0fcfba9fc192bf0868f4490c41befc09a5dd744b028c3ea20cdaa738c272ec7a816eed47bfad2121ebdbb8415755148330fc6778313d9831131c5c0c6ac8dc3f2fd678e4f20ff1e0fcf82d4795797936401b0cdbfd23fcc9c1e76d1d063a23d126faab2a225f0174d39446bc4215d2cece1997b233e4a807b161626aa9c5d507cc260cb7bbc22ae36e8f7b3862e841bdb19a31a5eb169804aaa04c898f14056a04e7089be42fafd5d6bf6f2471546beaf8db492c76482a7acea8eee3dddf017e209f9f99343036236ac6b198b90a78ff1a50eba379940de611ddf06f6eda290f2bde25c9573d105ac8a0fb286f7deaeac6e56d065d198f61daccef695890a5f840222899a55adc6d0cea1b5c296096aafc9f598fa4869edcdf047d72feee3a7c60ef5859f4ad96084160d550a109eaea639e01dab9b98cd7dc54b55d7eb2d213331bba4dee7c2029d47339e68c31800d77f370b42d2497f66907db06a2de988dbd14cd157836ebbc7239a8d218a797c5ba6816b28cf11576b5e4ddacc5ade05848ede263cd0d8d65f112c294309aac0bc76e58f7d99a704ced501795c57db6615ec6128090fc61698dd5d7210f30c05faf505ae0641899faf1babb36789c83d7ed723a9e1f7400a94da511899da552d782a43f42623af305a7284b538b2579db694347f8fc9db65dbac055dfa3333a3c0aceaf054b8576d7b3d14769b0ab0147bc3506310bf91e0ece8a6bd1bd878a4559cff9f8074f9bbaa6a034eaccf1a13a2dcef5cf991b457b7bc68f5a4e65114aa3e79fa732200f29d925a9fbc5ba377771837166ebe749332627f0e6e898ac3dc22df2356eccaa03ee00cf890d951e8fdd32834256ec3cf0eaa2141", 0x5dd}], 0x1}}], 0x6, 0x20004095)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYRESHEX], &(0x7f0000000640)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r0}, &(0x7f0000001c00)=0x8000000, &(0x7f0000001c40)=r4}, 0x20)
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000002, &(0x7f0000000080), 0x1, 0x560, &(0x7f0000000b00)="$eJzs3d9vW1cdAPDvvYnjrOuaFvYAE9ACg4Kq2o27VdNetr6A0DQJMfGAeOhC4kahdl1qZyyhEtnfMCSQeII/gQckHpD2xANvPCLxgJDGA1KBCtQigWR0rx3XS5zFm39t8ecj3d577vE933Oa2Of4OL4ngLl1ISL2ImIpIl6PiJXu+aS7xcudLXvcwwf31h89uLeeRLv92j+SPD87l19QfFzmk90ylyPiW1+P+F5yOG5zZ/fWWq1WvdtNl1v1O+Xmzu7lrfraZnWzertSubZ67coLV5+vjK2t5+u/uv+1rVe+/dvffPbdP+x99UdZtU5383rtGLNO0wu9OJnFiHhlEsFmYKG7X5pxPfhw0oj4RER8IX/+r8RC/tsJAJxk7fZKtFf60wDASZfmc2BJWoqINO0OAkqdObyn41RaazRbl242tm9vdObKzkYhvblVq145V/zTD/IHF5IsvZrn5fl5unIgfTUizkXET4pP5OnSeqO2MZshDwDMvSf7+/+I+HcxTUuloS4d8KkeAPCxsTzrCgAAU6f/B4D5o/8HgPkzRP/f/bB/b+J1AQCm44O9/z8zsXoAANNj/h8A5o/+HwDmyjdffTXb2o+697/eeGNn+1bjjcsb1eatUn17vbTeuHuntNlobOb37KkfV16t0biz+lxsv1luVZutcnNn90a9sX27dSO/r/eNamEqrQIA3s+58+/8MYmIvRefyLfoW8tBXw0nWzrrCgAzszDKxQYI8LFmtS+YX0N14fkg4fcTrwswGwNv5r088PC9ftbZvT1MEH9nBB8pFz89/Py/NZ7hZDH/D/Prw83/vzT2egDTZ/4f5le7nRxc83+plwUAnEgj/Alf+8fjGoQAM3XcYt7Hff4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8+h0RHw/krSUrwWeZv+mpVLEUxFxNgrJza1a9UpEnInzEVEoZunVWVcaABhR+reku/7XxZVnTx/MXUr+U8z3EfHDn7/20zfXWq27q9n5f/bOF/eXD6s8vm6EdQUBgDHL++9Kd9/3Rv7hg3vr+9vgKxcnUp/71+N/3aWI1x89uJdv+/GykxHL+Vji1L+SXg2WI+KZiFgYQ/y9tyLiU4Pan+RzI2e7K5/2x49u7KfGFT+JJI6Nn74nfprndfbZ4OuTY6gLzJt3rkfEy4Oe/2lcyPeDn//LY3pFvH+9U9j+a9+jvviL3UgLA+Jnz/kLw8Z47nffOHSyvdLJeyvimcVB8ZNe/OSI+M8OGf/Pn/nc2y8dkdf+RcTFGBy/P1a5Vb9Tbu7sXt6qr21WN6u3K5Vrq9euvHD1+Uo5n6Mu789UH/b3Fy+dOapuWftPHRF/eWD7l3rXfmnI9v/yv69/9/OPk8WD8b/yxcE//6cHxu/I+sQvDxl/7dSvj1y+O4u/cUT7j/v5Xxoy/rt/3d0Y8qEAwBQ0d3ZvrdVq1bsjHWTvQsdRzqGDrIrDPXh/uDha0L/EJFox7MGByhcm9b868YPF3lhxvCV/JytxQFa6/0uSvVV6/3KW4qisxRh4VTr2Vox08HBasWb3mgRMR1/nAwAAAAAAAAAAAAAAfEQd/32gwuhfawMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAJ+X8AAAD//7xIx1c=")
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='.\x00', 0x0, 0x0)
getdents64(r5, &(0x7f0000000f80)=""/4096, 0x1000)
ioctl$EXT4_IOC_MIGRATE(r5, 0x6609)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000200), r7)
connect$inet(r6, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(r6, 0x89f9, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000000)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @empty, 0x11, 0x1d}})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'batadv_slave_0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
sendmmsg(r6, &(0x7f0000007fc0), 0x800001d, 0x0)
sendmsg$IPSET_CMD_ADD(r8, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="240000004e74162e1b44742b71abc48b6be55600000000000000000000020000050500010107000008030000"], 0x24}, 0x1, 0x0, 0x0, 0x24040084}, 0x0)

1.015940008s ago: executing program 2 (id=1082):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000cc0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @tproxy={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_TPROXY_FAMILY={0x8}, @NFTA_TPROXY_REG_ADDR={0x8, 0x2, 0x1, 0x0, 0xd}, @NFTA_TPROXY_FAMILY={0x8, 0x1, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xcc}}, 0x0) (fail_nth: 7)

952.406673ms ago: executing program 4 (id=1083):
perf_event_open$cgroup(&(0x7f00000000c0)={0xa, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3832, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, @perf_config_ext={0x1800000000000000}, 0x102cc, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
timer_create(0xfffffffffffffffc, 0x0, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000500)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
sendmsg$DCCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=ANY=[@ANYBLOB="fc1100001200010200"/49, @ANYRES32=0x0], 0x11fc}, 0x1, 0x0, 0x0, 0x20000010}, 0x4000000)
timer_delete(0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$getregset(0x4204, r1, 0x1, &(0x7f0000000480)={0x0})
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0), 0x13f}}, 0x20)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)={0x50, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x3}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x50}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000ec0)=ANY=[@ANYBLOB="440000000906010200120000000c0000000000000900020073797a310000000005000100070000001c0007800c00018008000140fffffffe0c000280080001407f0000013c292f8c9e8c292aa4064b4e75d401369d4ea2"], 0x44}, 0x1, 0x0, 0x0, 0x10008086}, 0x4000050)
close(0x3)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), 0xffffffffffffffff)
r3 = semget$private(0x0, 0x6, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r5}, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000c00)=ANY=[@ANYBLOB="5c000000020601036c0000000000000000000000050005000a000000050001000600000005000400000000000900020073797a320000000015000300686173683a69702c706f72742c6e6574000000000c000780080012400a"], 0x5c}}, 0x0)
semtimedop(r3, &(0x7f00000003c0), 0x0, 0x0)
semop(r3, &(0x7f00000000c0)=[{0x4}, {0x2}], 0x2)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)

908.357697ms ago: executing program 4 (id=1084):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="020000000400000006000000010000000010"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r1}, 0x18)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000380), 0x1a1a01, 0x0)
ioctl$AUTOFS_IOC_FAIL(r2, 0x4c80, 0xffffffffffffffb6)

883.208398ms ago: executing program 4 (id=1085):
socket$kcm(0x2, 0x922000000001, 0x106)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000500)=ANY=[@ANYBLOB="b501000000000000bd110000000000008510000002000000850000007600000095000000000000009500a5050000000077d8f3b4000000002be16ad10a48b243ccc40806d25dfd73a015e0ca7fc2506a0f68a7d06d75357f21699cdc6751dfb265a0e3ccae669e173a649c1cfd6587d472d64e7cc955d77578f4c35235138d5421f9453559c35da860e8ef14142b2a3e314422b854421eed734ceb1efeecb9c66854c3b3ffe1b4ce25d7c983c005c03b1d1ca4cb3e26e7a23129d6606fd28a697a9d552af6d9a9df2c3af333e2008e11bbec0727cb3f647535deb6277f5696833a71011a7d06602e2fd5234712596b696418f163d1a13ed38a682f87925bfa753f631cd027edd68149ee99eebc6f7d6dd4ae59af7588c8e1f4efab57644ccb1973d7879b70a70001040000000000000000d7900a820b63278f4e9a217b98ef7042ad2a923132f208fd8289eaf8cd00000000000009d27d753a300800000000000000a5686f2fccc33e3e34c3969c5ad781302d40e97a8ad10ce0cbe17366d5ac6af2fca2360a15b80400d52040ef7b28d300747877e176fe4c4b8e40dbf260f5a9f7eee30293c1b163b795d0aef4deb851a30000f569dc8f39943f889008e1ec914faa9e6cd0b3b4b3b5db666ebeb49d6a62019d76459e70b459543c4ac42e53b4ad4c77cff373ebd95848f01864e456969cd28000170996016aceb583df5ee4dd722e8c350af489f9a900000000a0dcc391a65c674a9cce0439f832a20d7cbdcda5dff3ba92dd66afb9dcd3e7784dbea1e51a15b0f1a040cc63177f8fafa3192fc8e5552da1a982ab8dfe31ad1a0968faa47c2069d6bf09c3aa4f0fc128cb578d99b08a150b4cc4b22f6a464c6398c952519818a44a1b450ff502df87865c276588ea478e328e8277e811b99ce1acfecaf8e2c55ccc4b8eae0a61635514e99ffd438784060f23ba74c0b30b1180d935832deb686d789ba1d436d116394534e88492a42b8bcab12fcc661a2dc50b3a1dcfbc871e5c27e3d7260f6fa589e40000b89db451ff994845f6b49c12e89291398bcb3c06ef1289f74e0b0e2cab592d35f82a69e7284223a171c616b1f0fee6c4711d7aecb69746064d2c096554975d605ebe646302bf3d5cf32a9a09915ae3f3d4eb96615d7b237da56cd5e9904a19e145f25b6d98eb2c019967f553b61d0e80d6913cee9f8d18469a654a239a84a85debbc0284c5a5d51f0e115ab159e3b513a68284d2efc30587e433431b2896a3bd48020af67e9ac071b2dd6dc3b9efae4ff03558fa619aea909c7f2416e7e7da1c51ccc7e6ac27412f728dc6d80da8adf317ca863ed683897321f8c8bb5a5d953d6783b7a06353ee496bbdff418de3e53234df87756eb99e330253cf5da4aa1a9648a38f07e2d302b4165983db4f7b8972923fffa8c03c288512a3a38fbd7c816a44634f7a03fab30811b7b93257bea4369ba46024dee5e9b0b2c3d3324e9b7c1f99ab9bb3f498b1485373b79ec84a67dad4e37575dab87ce55a9a69ed856a4c4410d1242ac1bd1539094a641cc086c2c53e363beafc74ab4e9ff320373705cbf5644586ffe60d293944fa2d9dc18b55f1af5c42f27747bef1ffd0c1766f062d47d61bf9f64e6ee288fa7fc12d48da526527b9f5c318c93ec447cb8b5eee7aa8a1e85696af3dfef96657c0545c8ebd96528d9c28828e5befd80d684b03b6d153da3e3cbd3bfbf4a9375b8ad04a1d241bcb775505cb6cc7a44e2e24bd0b1ca4879caaff59d0ce39dc7f3fea447f4e46967855208e63ec988bd2692afefbed2b001205e4b30ee8fe417defa566a73ace8f01f7181de0ef25f1744896a3c38859e6148c42454949cd64b1a888e7fe9c2d86bb01023b6dde4ab67f5eb038af3e460c771518a4126c338b0390d459361e03adf6e6b558b3651a0e33d101b5febfff82794203da18db6fcf89715c2d338f78d8b9220171b418528f857a7cb79ca990de1208777e13faaa9b9cb9e67797b07d9eb9e909410b50c5d981d9a72aa36498b630519d1530ef0000000000000000000037fcffffffffffffff8db8379bd2044c652dff399a9f8bfa4e9c507f049d18837464276830461ee203ba51f6102d262fc9a26bc3638ecce24e65c55da6efaa462f03e0d36c62785f32ecc294a8c7a522b59f5a7b44d018cb2648383073d9e032492cae44350bc0a85697f431392eb22cae093e85954af97d6d7b2e6e8f43353062275ad1578a431594243452a2bfb89f91d8eaac00000000000080014573789425c4c22da528d89356aa6d2ae6da082e756c80cf39053431080ea6cbf9997a5a0ddad0b9d12bc3f880476ab32f0feaac5f16e61f7b72b8c9082eec423c6b3eaecfdcc9ec72795e7696421c83b76c2d6bac19bc875d009679778d8ef97d7e05329649d97b0dc54bea9b650873de2d3d702690176e0b23ee5cb5e469a8d1612d611722e6200e3a297d92f8e1de98326c5ef2b89d4e2d47767c0700783e5d865e373338e96ceb8399f296c59b2d70ca27735ecaff62982616d3ac1ab041733bce119d8002a6c8a2b08b32551b2313b1a2ff41b3f04af61c69c85cb2da48215727271bac2ffdeb62d9f5dc4845f1c3f63dc806e615ee8d28d6d7f181e30807afa27f41d0364c746a65a47464db68f3c433d88dd625db35fded2c86d75af88efaf20c8b37c644b6c4e773a9589200faa553bc92f916b75ddbfa18ab73979f46947b35914286d2499a0b8c970000000000000000f4fe74e0c26ab52329bd600627b256ca44dd121ffc8dbb6e5f70cbe03efccac70375b30cc927574d254d1b46c607e8b1ca7d1511568c4d885723734a3ef4b6b885f4582bdcef74e5e010627fc8e4fe00000000000000000000869d9640f06b11df2971909b90133983308ea4f033de613763f32d913bcbe9dd082a6fff197a20730269e6cfd31275395833f1c2b8a50a94c30cceae2a11fe9b9b835d0da73891c0b3ce22dea6bf31e7f51808cf72f44b4455b77a778440795e152dc1b7bb0a5636aa4742ce4d331a47de5836539cdf289176527277b70c8162aaf6f9475418b478329f3565450acfaf07000000eab8cabfa97e35081967bb92a264b07e8003d2f15537e72a1e4ca5ec1e2aaaf8236ecdefbaf512c75e636b6b6f518ad20521f909b12e9bc97e408e0dc82f950d12705f35708bc862196abb27e8d7991b5273987f38c4706289ff4f6130cee76465d487a07a74452f87da2029bd3debd9870335d58d3fe1ac809c227aa25842f75981bc6f569ffdb10ba3f20a86d95128d13e0c778998d3b3114bfb07bd61e4bff8a5e2ce4aa572c63e09b44ca4a181bcfe4eec3ce843c65c4948169fe639a186acc2b4a96c6b8d4d2e6d53ab97bea01eab953e6e89e3af34d4ada217bc6fda0fb2095c49195d0d6f365ca80a955b9ec81240a84ef672afa369fcd097728955cf04fec692b01fadfc8e3d444ba35d0f51a0065a3b982d09dfc6874fc0d8079b185447cb8a695e132d4d613a529d9c77e2a8f7320ecf698e8a2b170fd601dc1a9767a38b10788e92d1356f6a6c1bcfb2d31b46e735db13f1be80bac1b6be04fd98610000000000000000000000000000139af5493f74751c5e2501a4936bc4a0fa516117f4ccadc692003adee0a080eba2f1059660c0ee0e9aec72d4d0fe095632e4f641b0e34c611c5b3e0ba05fa36542d40837dda323910672a9097d68398fd3539686e4288db0d6bf7cb8a1835f46dfe11865a66ef47e736dada06677a5bca133d6cbc8fe5c4557e51b006bdccd7c5f32ff1d9e8b130f77df09236870fb3de5b87b4f8acc13df534eba329b86670000000000000000b27a2616c03cdf6c009447a652bca9b325e73c0737d5b717945e4fe7a169c5e2c54fc71a4104aa7cf0f5d30e2fcd9503650edbd8a5971a9a1fde5e5df37469ae204a6e899eacc1e63034cbabc5604739881cb82604bed3e53696a0606b26b879ef232a1a038291389593d1575cb79aa8284cf01a7e1a456acab9d8d608ad69d4c4b56492af7004e7ed9d47c5db3d76a00bea7c804f3a3638408bc1636f1009b7f185f51606918eaa0ab61a19"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'syzkaller0\x00', <r4=>0x0})
bind$packet(r3, &(0x7f0000000080)={0x11, 0x1a, r4, 0x1, 0x1, 0x6, @broadcast}, 0x14)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'})

718.271181ms ago: executing program 1 (id=1086):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xffffffffffffff54}, 0x18)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = dup(r1)
fsetxattr$security_selinux(r2, &(0x7f0000000180), &(0x7f0000000300)='system_u:object_r:apm_bios_t:s0\x00', 0x20, 0x2)

717.598142ms ago: executing program 2 (id=1087):
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x40900, 0x0)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x79ab, 0x8, 0x8000, 0x400250}, &(0x7f00000003c0)=<r2=>0x0, &(0x7f0000000400)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r4, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x48, 0x48, 0xa, [@union={0xd, 0x4, 0x0, 0x5, 0x1, 0x1, [{0x5, 0x2, 0x2}, {0x7, 0x0, 0x10000}, {0xa, 0x5, 0x8}, {0x5, 0x0, 0x401}]}, @const={0x5}]}, {0x0, [0x0, 0x5f, 0x5f, 0x0, 0x61, 0x61, 0x5f, 0x61]}}, &(0x7f00000006c0)=""/178, 0x6a, 0xb2, 0x1}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, r5, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000000)='kfree\x00'}, 0x18)
syz_io_uring_submit(r2, r3, &(0x7f0000000140)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x2007, @fd=r0, 0x6, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r1, 0x74d1, 0x4c3, 0x43, 0x0, 0xfffffffffffffd1d)

704.521483ms ago: executing program 2 (id=1088):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
syz_clone3(&(0x7f0000000540)={0x8000000, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, 0x0}, 0x58)
setxattr$incfs_metadata(&(0x7f0000000800)='./cgroup\x00', &(0x7f0000000840), 0x0, 0x0, 0x2)

671.692526ms ago: executing program 4 (id=1089):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001140)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x10001}, 0x14)
r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
ioctl$SG_GET_VERSION_NUM(r1, 0x2284, &(0x7f0000000080))
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffe, 0x10000}, 0x28)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r2}, 0x10)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000180)={0x0, 0x3, 0x10}, 0xc)
r3 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8}, 0x50)
r4 = memfd_create(&(0x7f0000000000)='\xfb\"a&\x8fe\x11\x8c\xd64\xf9\x12\x00\x00\x00\x00\x00\x12\x1a\'<\xf5\xbeV\x12\xaal\xfa\xf0o\xd8\xb1,\xbd>M\xe3\x98?\xd9\x96\xab\xc7\x06F\x9b\xab\xc8\x1e\x89]\x13bZ\x8d /#k\x95\x9eLV(\x8a\x0e\x93\x93Vc]mP\xbativ\xce\xa4K\xfb\xf2\xe0\xbf\x9d\xa1\xa2\xcd\xb39\xb4\x17a9\x1c\x82\x1aLT\xd0\xb9\x1a\xafB\x95\xb4\xcf\x91X\x8c\x87\xc2\xa1\x1b\xfe\xe7\xbc\xf7\xeb\xdeL\x1d\x98Zq\xcc%\x98\xb0Yc\xec\xb7\xb5m(9\xde\xd3\xefB\xd4\xee\xb5\xee\xe0\xaa\xdd\x00\xb1jOB\xdas\xe3\xb47}%)\xb9\xbf{\xce\x94^\xec\xdf\xbcW\xe0I\x0e\xa4\x1e}\x06\vK\xed\x11\x880\x0e\x9c\xaeVU\x88\xb0\x842kgA]\x1e\x88\xecif\xee\xba\x8b\xc6\"\xcej\x84\x06\x8a\x99\x80\xd7\xcf\x96\xed\x89\x1e6\x93+\xec#\x1d2\xb8\x80Z\xf7\x06\xbe\xc9[L\xc5\xc9\xb5\xd6{\xee\xce\x17\x89\xa6r\xc5j\xec\x1b\xaa\x996\x14e\xcf\x8axQ\x8fXeT\'0.\x85\xa2\xc8\xb3c\t\xe8\x1a\x89\xecL\xcf\xd8\xb5\xfb\xbc\tX\x88\xbe\xf4@[\xb2\xd5\x8c\xb9\x0e\x17\x8b\xce\xd09\xd2\xfb\x9e\b\x00\x00\x00\x00\x00\x00\x00\x9c\x01\x91\xacH\xdb\xf9\xcb\x7fh\x83>\x8e\xe1=\xedR\xc9\xe68h\x19\xafLD\x94\x93\xebT\x15\x817\x9d#\xea\xd2\xa8\xfb^\x8c\x87#\x10', 0x3)
fallocate(r4, 0x0, 0x0, 0x8)
fcntl$addseals(r4, 0x409, 0xe)
ftruncate(r4, 0x0)
read$qrtrtun(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_icmp(0xa, 0x2, 0x3a)
syz_emit_ethernet(0x0, 0x0, 0x0)

669.487476ms ago: executing program 2 (id=1090):
socket$inet(0x2b, 0x801, 0x0)
socket(0x1e, 0x4, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000080), &(0x7f00000006c0)='%-010d \x00'}, 0x20)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x40481c0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e"], 0x70}}, 0x0)
sendmmsg(r2, 0x0, 0x0, 0x0)

561.774024ms ago: executing program 4 (id=1091):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000240), 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000019ffffff0000000000000000180100002020732500000000002020207b0af8ff00000000bfa100000000000007010000f6ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000300)='syzkaller\x00', 0x1, 0xfe4, &(0x7f0000001e00)=""/4068, 0x40f00, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400}, 0x94)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="20010000120013"], 0x120}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYRES64=r0], 0x0, 0x33, 0x0, 0x408, 0x2afb}, 0x28)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000140), &(0x7f0000000180)=0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
openat$uhid(0xffffffffffffff9c, &(0x7f0000001440), 0x2, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000000140))
open(0x0, 0x141242, 0x40)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0xb10, 0x7}, 0x0, 0x2, 0xfffff7f0, 0x0, 0x12, 0x4, 0x1, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
removexattr(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=@known='system.posix_acl_access\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r3}, 0x9)
r4 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000009c0)="010000000037a788a11d1f000000000000006923c63a4541062101b60a2156566de77062086575a59ea9cb", 0x2b, r4)
unshare(0x24040000)
unshare(0x2c020400)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

558.576765ms ago: executing program 1 (id=1092):
r0 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000005c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r2}, 0x18)
write$selinux_access(r0, &(0x7f0000001a80)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a7570647077645f657865635f742073797374656d5f753a73797374656d5f723afaffffffffff"], 0x56)

521.062708ms ago: executing program 1 (id=1093):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
io_getevents(0x0, 0x100000001, 0x0, 0x0, 0x0)
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000002780)={0x0, 0x0, &(0x7f0000002740)={&(0x7f00000002c0)=ANY=[@ANYBLOB="24d2f21ec0816b8eab1f3fe722000040", @ANYRES16, @ANYBLOB="210027bd7000fbdbdf2504"], 0x24}}, 0x0)
splice(0xffffffffffffffff, &(0x7f0000000040)=0x6, r0, 0x0, 0x800000000ff, 0x6)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
r3 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000020f7b6f031bb52e4ea9f673a00000000e892052c888dfc"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x4, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = add_key$user(&(0x7f0000000080), &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000300)="31efbd21ca9ee3aaeb5bbdd4541f1ab72a66d79e9c750ce8ae826ecd88da09824120da13688f20fe16b8a906f5084e41b04e01000000000000000000004062d6479f7ae3680112ec0a44eeeb21383f80b83db5dfeefc859b4bdeeca7841c00035af1773cbeaa0471ccebdf65bafbe0599bc51a6b9117d3f9389c412098bac281c78f9b97d37cd9f1021594986264a1035b4f", 0x92, 0xfffffffffffffffd)
keyctl$KEYCTL_MOVE(0x1e, r5, 0xfffffffffffffffb, 0xffffffffffffffff, 0x1)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x2, 0x11, r2, 0x0)
sendmsg$NLBL_MGMT_C_ADD(0xffffffffffffffff, 0x0, 0x4000840)
r6 = mq_open(&(0x7f0000000480)='!sel\x00\x00\x00\x10\x00\x00\x00\x00\xd7\\P\xc1\xde.O\xcb]0y\x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x196, &(0x7f0000000440)={0x2000000000002000, 0x1, 0x56, 0x3})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e000000080000000000180003801400038010"], 0x44}}, 0x20008000)
mq_timedsend(r6, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r6, &(0x7f0000000880)=""/202, 0xca, 0x100000000000000, 0x0)

486.35152ms ago: executing program 1 (id=1094):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x800000000000002, 0x0)
r3 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
fchdir(r4)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$sock_timeval(r5, 0x1, 0x1, &(0x7f00000025c0), &(0x7f0000002600)=0x10)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
setsockopt$inet6_udp_int(r2, 0x11, 0x67, &(0x7f0000000940)=0x28, 0x4)
sendto$inet6(r2, 0x0, 0x0, 0x400ad80, &(0x7f0000000080)={0xa, 0x4621, 0x0, @local}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000006780)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000001c0)="b3ab706204ee39c9dae21a1718ee351ebc92d2f0d482a863ae5c0b4d768ffe745af2c53a083d9b761b", 0xfff7}], 0x1}, 0xb00}], 0x1, 0x0)

431.864425ms ago: executing program 2 (id=1095):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)
truncate(&(0x7f0000000040)='./file1\x00', 0x40006)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
fallocate(r2, 0x20, 0x2000, 0x8000)

425.586726ms ago: executing program 0 (id=1096):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00"/13], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0, r1}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r3)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, 0x0, 0x4000054)
r4 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000280)={0x4, 0x0, 0xb51b, 0x10}, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="200000005200010a"], 0x26}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16, @ANYBLOB="0100000000000000000009000000440003800800010002000000140002007663616e300000000000000000000000080003"], 0x58}}, 0x0)
sendmsg$IPVS_CMD_GET_DEST(r4, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000280)={&(0x7f00000000c0)={0x110, 0x0, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_DAEMON={0x60, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth0_to_hsr\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x12}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x2}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0x26}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x4}]}, @IPVS_CMD_ATTR_SERVICE={0x34, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x3}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x8, 0x14}}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2e}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'dh\x00'}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x101}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_SERVICE={0x40, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x76}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'ovf\x00'}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9}]}, 0x110}, 0x1, 0x0, 0x0, 0x4044001}, 0x40004)
sendmsg$IPVS_CMD_DEL_DEST(r3, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000880)={0x114, 0x0, 0x400, 0x70bd27, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x400}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e22}]}, @IPVS_CMD_ATTR_SERVICE={0x44, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@private0={0xfc, 0x0, '\x00', 0x1}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2c}}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x62}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'dh\x00'}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e24}]}, @IPVS_CMD_ATTR_DAEMON={0x30, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x7f}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @rand_addr=0x64010100}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @empty}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @empty}]}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0xe}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x6}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x3}]}, @IPVS_CMD_ATTR_DEST={0x2c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xfffffff9}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0xa}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x46}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xfff}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x8000}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xfffffff9}, @IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}]}]}, 0x114}, 0x1, 0x0, 0x0, 0x20000082}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000d80)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000220000a3c000000120a09080000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a"], 0x64}, 0x1, 0x0, 0x0, 0x5}, 0x0)
fchmod(r2, 0x2)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x110)
r8 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00')
pread64(r8, &(0x7f000001a240)=""/102385, 0x18ff1, 0x100008)

335.829913ms ago: executing program 1 (id=1097):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0) (fail_nth: 12)

321.080374ms ago: executing program 0 (id=1098):
r0 = io_uring_setup(0x4d3f, &(0x7f0000000200)={0x0, 0xca6a, 0x40, 0x3, 0x23b})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x1, 0x200000}, 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9, 0x0, r1}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x60, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r3}, 0x18)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, &(0x7f0000000080)=[@ioring_restriction_sqe_flags_allowed={0x2, 0x17}, @ioring_restriction_sqe_op={0x1, 0x12}, @ioring_restriction_sqe_op={0x1, 0x17}], 0x3)

69.970964ms ago: executing program 0 (id=1099):
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x40900, 0x0)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x79ab, 0x8, 0x8000, 0x400250}, &(0x7f00000003c0)=<r2=>0x0, &(0x7f0000000400)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r4, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x48, 0x48, 0xa, [@union={0xd, 0x4, 0x0, 0x5, 0x1, 0x1, [{0x5, 0x2, 0x2}, {0x7, 0x0, 0x10000}, {0xa, 0x5, 0x8}, {0x5, 0x0, 0x401}]}, @const={0x5}]}, {0x0, [0x0, 0x5f, 0x5f, 0x0, 0x61, 0x61, 0x5f, 0x61]}}, &(0x7f00000006c0)=""/178, 0x6a, 0xb2, 0x1}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, r5, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000000)='kfree\x00'}, 0x18)
syz_io_uring_submit(r2, r3, &(0x7f0000000140)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x2007, @fd=r0, 0x6, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r1, 0x74d1, 0x4c3, 0x43, 0x0, 0xfffffffffffffd1d)

69.271554ms ago: executing program 4 (id=1100):
socket$kcm(0x2, 0x922000000001, 0x106)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000500)=ANY=[@ANYBLOB="b501000000000000bd110000000000008510000002000000850000007600000095000000000000009500a5050000000077d8f3b4000000002be16ad10a48b243ccc40806d25dfd73a015e0ca7fc2506a0f68a7d06d75357f21699cdc6751dfb265a0e3ccae669e173a649c1cfd6587d472d64e7cc955d77578f4c35235138d5421f9453559c35da860e8ef14142b2a3e314422b854421eed734ceb1efeecb9c66854c3b3ffe1b4ce25d7c983c005c03b1d1ca4cb3e26e7a23129d6606fd28a697a9d552af6d9a9df2c3af333e2008e11bbec0727cb3f647535deb6277f5696833a71011a7d06602e2fd5234712596b696418f163d1a13ed38a682f87925bfa753f631cd027edd68149ee99eebc6f7d6dd4ae59af7588c8e1f4efab57644ccb1973d7879b70a70001040000000000000000d7900a820b63278f4e9a217b98ef7042ad2a923132f208fd8289eaf8cd00000000000009d27d753a300800000000000000a5686f2fccc33e3e34c3969c5ad781302d40e97a8ad10ce0cbe17366d5ac6af2fca2360a15b80400d52040ef7b28d300747877e176fe4c4b8e40dbf260f5a9f7eee30293c1b163b795d0aef4deb851a30000f569dc8f39943f889008e1ec914faa9e6cd0b3b4b3b5db666ebeb49d6a62019d76459e70b459543c4ac42e53b4ad4c77cff373ebd95848f01864e456969cd28000170996016aceb583df5ee4dd722e8c350af489f9a900000000a0dcc391a65c674a9cce0439f832a20d7cbdcda5dff3ba92dd66afb9dcd3e7784dbea1e51a15b0f1a040cc63177f8fafa3192fc8e5552da1a982ab8dfe31ad1a0968faa47c2069d6bf09c3aa4f0fc128cb578d99b08a150b4cc4b22f6a464c6398c952519818a44a1b450ff502df87865c276588ea478e328e8277e811b99ce1acfecaf8e2c55ccc4b8eae0a61635514e99ffd438784060f23ba74c0b30b1180d935832deb686d789ba1d436d116394534e88492a42b8bcab12fcc661a2dc50b3a1dcfbc871e5c27e3d7260f6fa589e40000b89db451ff994845f6b49c12e89291398bcb3c06ef1289f74e0b0e2cab592d35f82a69e7284223a171c616b1f0fee6c4711d7aecb69746064d2c096554975d605ebe646302bf3d5cf32a9a09915ae3f3d4eb96615d7b237da56cd5e9904a19e145f25b6d98eb2c019967f553b61d0e80d6913cee9f8d18469a654a239a84a85debbc0284c5a5d51f0e115ab159e3b513a68284d2efc30587e433431b2896a3bd48020af67e9ac071b2dd6dc3b9efae4ff03558fa619aea909c7f2416e7e7da1c51ccc7e6ac27412f728dc6d80da8adf317ca863ed683897321f8c8bb5a5d953d6783b7a06353ee496bbdff418de3e53234df87756eb99e330253cf5da4aa1a9648a38f07e2d302b4165983db4f7b8972923fffa8c03c288512a3a38fbd7c816a44634f7a03fab30811b7b93257bea4369ba46024dee5e9b0b2c3d3324e9b7c1f99ab9bb3f498b1485373b79ec84a67dad4e37575dab87ce55a9a69ed856a4c4410d1242ac1bd1539094a641cc086c2c53e363beafc74ab4e9ff320373705cbf5644586ffe60d293944fa2d9dc18b55f1af5c42f27747bef1ffd0c1766f062d47d61bf9f64e6ee288fa7fc12d48da526527b9f5c318c93ec447cb8b5eee7aa8a1e85696af3dfef96657c0545c8ebd96528d9c28828e5befd80d684b03b6d153da3e3cbd3bfbf4a9375b8ad04a1d241bcb775505cb6cc7a44e2e24bd0b1ca4879caaff59d0ce39dc7f3fea447f4e46967855208e63ec988bd2692afefbed2b001205e4b30ee8fe417defa566a73ace8f01f7181de0ef25f1744896a3c38859e6148c42454949cd64b1a888e7fe9c2d86bb01023b6dde4ab67f5eb038af3e460c771518a4126c338b0390d459361e03adf6e6b558b3651a0e33d101b5febfff82794203da18db6fcf89715c2d338f78d8b9220171b418528f857a7cb79ca990de1208777e13faaa9b9cb9e67797b07d9eb9e909410b50c5d981d9a72aa36498b630519d1530ef0000000000000000000037fcffffffffffffff8db8379bd2044c652dff399a9f8bfa4e9c507f049d18837464276830461ee203ba51f6102d262fc9a26bc3638ecce24e65c55da6efaa462f03e0d36c62785f32ecc294a8c7a522b59f5a7b44d018cb2648383073d9e032492cae44350bc0a85697f431392eb22cae093e85954af97d6d7b2e6e8f43353062275ad1578a431594243452a2bfb89f91d8eaac00000000000080014573789425c4c22da528d89356aa6d2ae6da082e756c80cf39053431080ea6cbf9997a5a0ddad0b9d12bc3f880476ab32f0feaac5f16e61f7b72b8c9082eec423c6b3eaecfdcc9ec72795e7696421c83b76c2d6bac19bc875d009679778d8ef97d7e05329649d97b0dc54bea9b650873de2d3d702690176e0b23ee5cb5e469a8d1612d611722e6200e3a297d92f8e1de98326c5ef2b89d4e2d47767c0700783e5d865e373338e96ceb8399f296c59b2d70ca27735ecaff62982616d3ac1ab041733bce119d8002a6c8a2b08b32551b2313b1a2ff41b3f04af61c69c85cb2da48215727271bac2ffdeb62d9f5dc4845f1c3f63dc806e615ee8d28d6d7f181e30807afa27f41d0364c746a65a47464db68f3c433d88dd625db35fded2c86d75af88efaf20c8b37c644b6c4e773a9589200faa553bc92f916b75ddbfa18ab73979f46947b35914286d2499a0b8c970000000000000000f4fe74e0c26ab52329bd600627b256ca44dd121ffc8dbb6e5f70cbe03efccac70375b30cc927574d254d1b46c607e8b1ca7d1511568c4d885723734a3ef4b6b885f4582bdcef74e5e010627fc8e4fe00000000000000000000869d9640f06b11df2971909b90133983308ea4f033de613763f32d913bcbe9dd082a6fff197a20730269e6cfd31275395833f1c2b8a50a94c30cceae2a11fe9b9b835d0da73891c0b3ce22dea6bf31e7f51808cf72f44b4455b77a778440795e152dc1b7bb0a5636aa4742ce4d331a47de5836539cdf289176527277b70c8162aaf6f9475418b478329f3565450acfaf07000000eab8cabfa97e35081967bb92a264b07e8003d2f15537e72a1e4ca5ec1e2aaaf8236ecdefbaf512c75e636b6b6f518ad20521f909b12e9bc97e408e0dc82f950d12705f35708bc862196abb27e8d7991b5273987f38c4706289ff4f6130cee76465d487a07a74452f87da2029bd3debd9870335d58d3fe1ac809c227aa25842f75981bc6f569ffdb10ba3f20a86d95128d13e0c778998d3b3114bfb07bd61e4bff8a5e2ce4aa572c63e09b44ca4a181bcfe4eec3ce843c65c4948169fe639a186acc2b4a96c6b8d4d2e6d53ab97bea01eab953e6e89e3af34d4ada217bc6fda0fb2095c49195d0d6f365ca80a955b9ec81240a84ef672afa369fcd097728955cf04fec692b01fadfc8e3d444ba35d0f51a0065a3b982d09dfc6874fc0d8079b185447cb8a695e132d4d613a529d9c77e2a8f7320ecf698e8a2b170fd601dc1a9767a38b10788e92d1356f6a6c1bcfb2d31b46e735db13f1be80bac1b6be04fd98610000000000000000000000000000139af5493f74751c5e2501a4936bc4a0fa516117f4ccadc692003adee0a080eba2f1059660c0ee0e9aec72d4d0fe095632e4f641b0e34c611c5b3e0ba05fa36542d40837dda323910672a9097d68398fd3539686e4288db0d6bf7cb8a1835f46dfe11865a66ef47e736dada06677a5bca133d6cbc8fe5c4557e51b006bdccd7c5f32ff1d9e8b130f77df09236870fb3de5b87b4f8acc13df534eba329b86670000000000000000b27a2616c03cdf6c009447a652bca9b325e73c0737d5b717945e4fe7a169c5e2c54fc71a4104aa7cf0f5d30e2fcd9503650edbd8a5971a9a1fde5e5df37469ae204a6e899eacc1e63034cbabc5604739881cb82604bed3e53696a0606b26b879ef232a1a038291389593d1575cb79aa8284cf01a7e1a456acab9d8d608ad69d4c4b56492af7004e7ed9d47c5db3d76a00bea7c804f3a3638408bc1636f1009b7f185f51606918eaa0ab61a19"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'syzkaller0\x00', <r4=>0x0})
bind$packet(r3, &(0x7f0000000080)={0x11, 0x1a, r4, 0x1, 0x1, 0x6, @broadcast}, 0x14)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'})

67.666524ms ago: executing program 3 (id=1101):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x4, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000240)={0x40, 0x0, 0x1, 0x101, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x24000010}, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000fcdfffff0000000000000000c3000000000000009500000080000000"], &(0x7f0000000180)='syzkaller\x00', 0x3, 0xd2, &(0x7f00000002c0)=""/210}, 0x94)

18.218368ms ago: executing program 2 (id=1102):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000004000000020000000000000f0400000000005f"], 0x0, 0x28}, 0x20)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x52e, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ///+864GIw8IlpAdcIJ0Yrq6u+//pzLASAS5d6/5/vwN5nCzASCn2NQIQGGX/9/3/c6XpQyUEAAAM3HRrSgql7Ou96SgUSqWIm62fBSgmaxvVynxEPBERv50pXmvWF1pbJn2MEQAAAAAAAAAAAAAAAAAAAAAAAAAAovVU7iRSAAAAYKRFFP6U/LL9LP+5meenu78fmEj+1fpJ4ImIeOuHb3z/7nKjsbvQXP63o+WNH2TLXxzGNxgAAABAt851emv+z2FnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCoee/B2yudqY+XTw0q7l++EBGzefHHY7I1n4xiRFz/exLjJ7ZLImJsAPEP70XER/PiJ820jkLmxR/Em3BO/JjN3oW8+DcGEB+usvvN489ref2vEM+25vn9bzzif+ofVO/jXxwd/8Z69P+bfcZ46p2flXvGvxfx1Hj+8acTP+kR/7k+43/9awcHvdalP4qY63z+tI54JyMcl8qNrZ1yff/g9sbW8nplvbK9uLjw8tIrSy8tzZfXNqqV7N/cGN95+ufvn9X+67mff0mWTe/2P5+zv7zPpP+8c/fBhzuVw9Pxbz2XE/9XP85ecTp+IYvzqazcXD/XKR+2yyc989PfPHNW+1eP2198mP//W7122u1UR3m63z8dAOAC1PcPNper1cruyBaaV+mPQBoKj2DhWwPdYZqmabNP5ay6HxH97CeJAbe0kJ/PcaHnEWDYRyYAAGDQjk/6h50JAAAAAAAAAAAAAAAAAAAAXF2X8ZS17pjHj0BOBvEIbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfhvAAAA//89e9P5")
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")

0s ago: executing program 0 (id=1103):
r0 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000005c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r2}, 0x18)
write$selinux_access(r0, &(0x7f0000001a80)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a7570647077645f657865635f742073797374656d5f753a73797374656d5f723afaffffffffff"], 0x56)

kernel console output (not intermixed with test programs):

 pid=5951 comm="syz.4.561" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon=DC
[   66.100093][   T29] audit: type=1400 audit(834.333:7085): avc:  denied  { associate } for  pid=5951 comm="syz.4.561" name="bus" scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon=DC
[   66.122355][   T29] audit: type=1400 audit(834.333:7086): avc:  denied  { mounton } for  pid=5951 comm="syz.4.561" path="/115/bus" dev="tmpfs" ino=618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon=DC
[   66.162931][ T5967] loop1: detected capacity change from 0 to 512
[   66.179789][ T5969] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5969 comm=syz.3.563
[   66.211155][ T5967] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   66.236975][ T5967] EXT4-fs (loop1): mount failed
[   66.237593][ T5975] rdma_op ffff88811fbe4180 conn xmit_rdma 0000000000000000
[   66.252089][ T5971] loop4: detected capacity change from 0 to 2048
[   66.277923][ T5967] loop1: detected capacity change from 0 to 1024
[   66.288827][ T5967] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   66.300393][ T5967] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   66.313377][ T5967] JBD2: no valid journal superblock found
[   66.319307][ T5967] EXT4-fs (loop1): Could not load journal inode
[   66.363046][ T5980] loop3: detected capacity change from 0 to 1024
[   66.371688][ T5982] netlink: 4 bytes leftover after parsing attributes in process `syz.1.571'.
[   66.394210][ T3685]  loop4: p2 p3 p7
[   66.394415][ T5980] EXT4-fs: Ignoring removed oldalloc option
[   66.417003][ T5980] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   66.420903][ T5971]  loop4: p2 p3 p7
[   66.427749][ T5984] loop0: detected capacity change from 0 to 512
[   66.443137][ T2992]  loop4: p2 p3 p7
[   66.485175][ T5980] EXT4-fs mount: 4 callbacks suppressed
[   66.485266][ T5980] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   66.512475][ T5984] netlink: 'syz.0.572': attribute type 10 has an invalid length.
[   66.533536][ T5977] loop2: detected capacity change from 0 to 8192
[   66.618636][ T3685] udevd[3685]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[   66.618726][ T3863] udevd[3863]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory
[   66.630591][ T5603] udevd[5603]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[   66.657370][ T3685] udevd[3685]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[   66.669443][ T5603] udevd[5603]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[   66.680976][ T3863] udevd[3863]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory
[   66.697242][ T5603] udevd[5603]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[   66.709728][ T3863] udevd[3863]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory
[   66.754014][ T3685] udevd[3685]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[   66.847999][ T6005] netlink: 24 bytes leftover after parsing attributes in process `syz.0.576'.
[   66.902481][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.226016][ T6015] netlink: 272 bytes leftover after parsing attributes in process `syz.3.580'.
[   67.303281][ T6015] loop3: detected capacity change from 0 to 128
[   67.571991][ T6015] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   67.593838][ T6021] loop1: detected capacity change from 0 to 512
[   67.623862][ T3304] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   67.635104][ T6021] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   67.663683][ T6021] EXT4-fs (loop1): mount failed
[   67.715952][ T6029] loop3: detected capacity change from 0 to 512
[   67.795920][ T6021] loop1: detected capacity change from 0 to 512
[   67.811278][ T6029] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.584: casefold flag without casefold feature
[   67.864492][ T6045] rdma_op ffff888120ea4180 conn xmit_rdma 0000000000000000
[   67.872505][ T6029] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.584: couldn't read orphan inode 15 (err -117)
[   67.893005][ T6029] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.911439][ T6021] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   67.927958][ T6021] EXT4-fs (loop1): can't mount with journal_checksum, fs mounted w/o journal
[   67.959695][ T6053] netlink: 272 bytes leftover after parsing attributes in process `syz.4.594'.
[   67.970069][ T6050] loop0: detected capacity change from 0 to 512
[   67.986803][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.012571][ T6050] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   68.062643][ T6050] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.078652][ T6053] loop4: detected capacity change from 0 to 128
[   68.109947][ T6050] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz.0.592: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[   68.162320][ T6050] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 12: comm syz.0.592: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[   68.197014][ T6050] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 13: comm syz.0.592: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[   68.203958][ T6053] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   68.283073][ T6050] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 14: comm syz.0.592: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   68.351959][ T6050] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 15: comm syz.0.592: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   68.395015][ T6050] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 16: comm syz.0.592: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[   68.417219][ T6050] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 17: comm syz.0.592: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   68.443902][ T6050] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #2: block 18: comm syz.0.592: lblock 23 mapped to illegal pblock 18 (length 1)
[   68.461357][ T6050] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 19: comm syz.0.592: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   68.485493][ T6050] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 20: comm syz.0.592: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[   68.598621][ T3302] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   69.258582][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.271604][ T6143] rdma_op ffff88811f8f2180 conn xmit_rdma 0000000000000000
[   69.361716][ T6154] FAULT_INJECTION: forcing a failure.
[   69.361716][ T6154] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   69.375096][ T6154] CPU: 0 UID: 0 PID: 6154 Comm: syz.4.608 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   69.375124][ T6154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   69.375135][ T6154] Call Trace:
[   69.375141][ T6154]  <TASK>
[   69.375147][ T6154]  __dump_stack+0x1d/0x30
[   69.375197][ T6154]  dump_stack_lvl+0xe8/0x140
[   69.375227][ T6154]  dump_stack+0x15/0x1b
[   69.375246][ T6154]  should_fail_ex+0x265/0x280
[   69.375278][ T6154]  should_fail+0xb/0x20
[   69.375335][ T6154]  should_fail_usercopy+0x1a/0x20
[   69.375359][ T6154]  _copy_from_user+0x1c/0xb0
[   69.375385][ T6154]  __sys_bpf+0x178/0x7b0
[   69.375413][ T6154]  __x64_sys_bpf+0x41/0x50
[   69.375471][ T6154]  x64_sys_call+0x2aea/0x2ff0
[   69.375490][ T6154]  do_syscall_64+0xd2/0x200
[   69.375514][ T6154]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   69.375540][ T6154]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   69.375568][ T6154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.375660][ T6154] RIP: 0033:0x7f12dd62ebe9
[   69.375677][ T6154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.375696][ T6154] RSP: 002b:00007f12dc08f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   69.375719][ T6154] RAX: ffffffffffffffda RBX: 00007f12dd855fa0 RCX: 00007f12dd62ebe9
[   69.375811][ T6154] RDX: 0000000000000094 RSI: 0000200000000300 RDI: 0000000000000005
[   69.375824][ T6154] RBP: 00007f12dc08f090 R08: 0000000000000000 R09: 0000000000000000
[   69.375837][ T6154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   69.375850][ T6154] R13: 00007f12dd856038 R14: 00007f12dd855fa0 R15: 00007ffea151f2d8
[   69.375885][ T6154]  </TASK>
[   69.384459][ T6157] __nla_validate_parse: 2 callbacks suppressed
[   69.384474][ T6157] netlink: 4 bytes leftover after parsing attributes in process `syz.3.610'.
[   69.658669][ T6168] loop3: detected capacity change from 0 to 128
[   69.818766][ T6177] loop4: detected capacity change from 0 to 512
[   69.855388][ T6177] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   69.916791][ T6177] EXT4-fs (loop4): mount failed
[   70.112791][ T6185] loop0: detected capacity change from 0 to 512
[   70.138318][ T6187] loop2: detected capacity change from 0 to 512
[   70.152321][ T6185] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   70.231079][ T6185] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.261498][ T6187] __quota_error: 293 callbacks suppressed
[   70.261513][ T6187] Quota error (device loop2): v2_read_file_info: Free block number 1 out of range (1, 6).
[   70.288578][ T6177] loop4: detected capacity change from 0 to 1024
[   70.297390][ T6187] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   70.307653][ T6177] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   70.321515][ T6185] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz.0.618: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[   70.323747][ T6177] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   70.346108][ T6187] EXT4-fs (loop2): mount failed
[   70.365451][   T29] audit: type=1400 audit(839.036:7377): avc:  denied  { create } for  pid=6192 comm="syz.3.621" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   70.387897][ T6193] FAULT_INJECTION: forcing a failure.
[   70.387897][ T6193] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   70.400986][ T6193] CPU: 0 UID: 0 PID: 6193 Comm: syz.3.621 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   70.401015][ T6193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   70.401027][ T6193] Call Trace:
[   70.401034][ T6193]  <TASK>
[   70.401043][ T6193]  __dump_stack+0x1d/0x30
[   70.401072][ T6193]  dump_stack_lvl+0xe8/0x140
[   70.401092][ T6193]  dump_stack+0x15/0x1b
[   70.401142][ T6193]  should_fail_ex+0x265/0x280
[   70.401164][ T6193]  should_fail+0xb/0x20
[   70.401183][ T6193]  should_fail_usercopy+0x1a/0x20
[   70.401204][ T6193]  _copy_from_iter+0xd2/0xe80
[   70.401299][ T6193]  ? __build_skb_around+0x1a0/0x200
[   70.401335][ T6193]  ? __alloc_skb+0x223/0x320
[   70.401357][ T6193]  netlink_sendmsg+0x471/0x6b0
[   70.401456][ T6193]  ? __pfx_netlink_sendmsg+0x10/0x10
[   70.401481][ T6193]  __sock_sendmsg+0x145/0x180
[   70.401588][ T6193]  ____sys_sendmsg+0x31e/0x4e0
[   70.401612][ T6193]  ___sys_sendmsg+0x17b/0x1d0
[   70.401709][ T6193]  __x64_sys_sendmsg+0xd4/0x160
[   70.401738][ T6193]  x64_sys_call+0x191e/0x2ff0
[   70.401832][ T6193]  do_syscall_64+0xd2/0x200
[   70.401855][ T6193]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   70.401879][ T6193]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   70.401950][ T6193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.402036][ T6193] RIP: 0033:0x7f74b9adebe9
[   70.402097][ T6193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.402115][ T6193] RSP: 002b:00007f74b8547038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   70.402136][ T6193] RAX: ffffffffffffffda RBX: 00007f74b9d05fa0 RCX: 00007f74b9adebe9
[   70.402149][ T6193] RDX: 00000000240008c4 RSI: 0000200000000000 RDI: 0000000000000007
[   70.402162][ T6193] RBP: 00007f74b8547090 R08: 0000000000000000 R09: 0000000000000000
[   70.402174][ T6193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   70.402187][ T6193] R13: 00007f74b9d06038 R14: 00007f74b9d05fa0 R15: 00007fff02cb6788
[   70.402271][ T6193]  </TASK>
[   70.405177][ T6185] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 12: comm syz.0.618: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[   70.453817][ T6199] netlink: 8 bytes leftover after parsing attributes in process `syz.0.618'.
[   70.480431][ T6185] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 13: comm syz.0.618: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[   70.483577][ T6199] netlink: 4 bytes leftover after parsing attributes in process `syz.0.618'.
[   70.508075][   T29] audit: type=1326 audit(839.183:7378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6192 comm="syz.3.621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9adebe9 code=0x7ffc0000
[   70.559802][ T6177] JBD2: no valid journal superblock found
[   70.564787][   T29] audit: type=1326 audit(839.183:7379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6192 comm="syz.3.621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9adebe9 code=0x7ffc0000
[   70.572791][ T6177] EXT4-fs (loop4): Could not load journal inode
[   70.615535][ T6187] loop2: detected capacity change from 0 to 1024
[   70.671412][ T6185] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 14: comm syz.0.618: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   70.765048][ T6187] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   70.776218][ T6187] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   70.798831][   T29] audit: type=1400 audit(839.477:7380): avc:  denied  { create } for  pid=6203 comm="syz.4.624" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   70.801188][ T6206] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   70.817878][   T29] audit: type=1400 audit(839.477:7381): avc:  denied  { ioctl } for  pid=6203 comm="syz.4.624" path="socket:[10942]" dev="sockfs" ino=10942 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   70.843974][ T6206] netlink: 4 bytes leftover after parsing attributes in process `syz.4.625'.
[   70.864213][ T6187] JBD2: no valid journal superblock found
[   70.870208][ T6187] EXT4-fs (loop2): Could not load journal inode
[   70.877256][ T6185] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 15: comm syz.0.618: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   70.917961][ T6206] netlink: 4 bytes leftover after parsing attributes in process `syz.4.625'.
[   70.951670][   T29] audit: type=1326 audit(839.498:7382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6205 comm="syz.4.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12dd62ebe9 code=0x7ffc0000
[   70.974807][   T29] audit: type=1326 audit(839.498:7383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6205 comm="syz.4.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12dd62ebe9 code=0x7ffc0000
[   70.997891][   T29] audit: type=1326 audit(839.498:7384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6205 comm="syz.4.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f12dd62ebe9 code=0x7ffc0000
[   71.020793][   T29] audit: type=1326 audit(839.498:7385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6205 comm="syz.4.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12dd62ebe9 code=0x7ffc0000
[   71.063447][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.240844][ T6227] loop2: detected capacity change from 0 to 128
[   71.359531][ T6227] EXT4-fs: Ignoring removed nobh option
[   71.459506][ T6236] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   71.474357][ T6227] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   71.497056][ T6236] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   71.534749][ T6236] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   71.545526][ T6236] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   71.557158][ T6236] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   71.568390][ T6236] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   71.578997][ T6236] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   71.589658][ T6236] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   71.600326][ T6236] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   71.610397][ T6236] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   71.621875][ T6236] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   71.632918][ T6236] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   71.694586][ T3311] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   71.788531][ T6241] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   71.799667][ T6241] netlink: 4 bytes leftover after parsing attributes in process `syz.4.639'.
[   71.809270][ T6241] netlink: 4 bytes leftover after parsing attributes in process `syz.4.639'.
[   71.835705][ T6242] loop2: detected capacity change from 0 to 1764
[   71.874048][ T6242] iso9660: Unknown parameter 'overridÎüÿ¨ã™çžm'
[   71.982193][ T6245] loop4: detected capacity change from 0 to 512
[   72.002155][ T6245] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   72.036197][ T6245] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.049890][ T6245] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 3: comm syz.4.640: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[   72.071597][ T6245] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 12: comm syz.4.640: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[   72.094519][ T6245] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 13: comm syz.4.640: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[   72.118970][ T6250] netlink: 8 bytes leftover after parsing attributes in process `syz.4.640'.
[   72.127836][ T6250] netlink: 4 bytes leftover after parsing attributes in process `syz.4.640'.
[   72.137426][ T6245] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 14: comm syz.4.640: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   72.158880][ T6245] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 15: comm syz.4.640: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   72.166741][ T6221] Set syz1 is full, maxelem 65536 reached
[   72.182175][ T6245] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 16: comm syz.4.640: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[   72.219895][ T6245] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 17: comm syz.4.640: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   72.241750][ T6245] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #2: block 18: comm syz.4.640: lblock 23 mapped to illegal pblock 18 (length 1)
[   72.258196][ T6245] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 19: comm syz.4.640: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   72.260604][ T6253] lo speed is unknown, defaulting to 1000
[   72.279609][ T6245] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 20: comm syz.4.640: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[   72.284706][ T6253] lo speed is unknown, defaulting to 1000
[   72.336106][ T6253] lo speed is unknown, defaulting to 1000
[   72.350228][ T6253] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   72.357644][ T6256] loop0: detected capacity change from 0 to 2048
[   72.366608][ T6255] netlink: 'syz.3.643': attribute type 4 has an invalid length.
[   72.381584][ T6255] hub 6-0:1.0: USB hub found
[   72.386385][ T6255] hub 6-0:1.0: 8 ports detected
[   72.406756][ T6253] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   72.422602][ T6253] lo speed is unknown, defaulting to 1000
[   72.430832][ T6253] lo speed is unknown, defaulting to 1000
[   72.437257][ T6253] lo speed is unknown, defaulting to 1000
[   72.443865][ T6253] lo speed is unknown, defaulting to 1000
[   72.450414][ T6253] lo speed is unknown, defaulting to 1000
[   72.457653][ T3685]  loop0: p1 < > p4
[   72.462194][ T3685] loop0: p4 size 8388608 extends beyond EOD, truncated
[   72.480865][ T6256]  loop0: p1 < > p4
[   72.492278][ T6256] loop0: p4 size 8388608 extends beyond EOD, truncated
[   72.554631][ T6268] rdma_op ffff88811fbe5d80 conn xmit_rdma 0000000000000000
[   72.562781][ T6253] 9pnet_fd: Insufficient options for proto=fd
[   72.569570][ T6266] netlink: 4 bytes leftover after parsing attributes in process `syz.3.647'.
[   72.677973][ T6266] lo speed is unknown, defaulting to 1000
[   72.699448][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.715119][   T10] IPVS: starting estimator thread 0...
[   72.778442][ T5603] udevd[5603]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[   72.779489][ T3863] udevd[3863]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   72.789159][ T6286] sctp: [Deprecated]: syz.4.651 (pid 6286) Use of struct sctp_assoc_value in delayed_ack socket option.
[   72.789159][ T6286] Use struct sctp_sack_info instead
[   72.813208][ T3685] udevd[3685]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[   72.822448][ T6288] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   72.834295][ T6288] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   72.843760][ T6277] IPVS: using max 2832 ests per chain, 141600 per kthread
[   72.865459][ T5603] udevd[5603]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   72.878749][ T6295] FAULT_INJECTION: forcing a failure.
[   72.878749][ T6295] name failslab, interval 1, probability 0, space 0, times 0
[   72.891743][ T6295] CPU: 0 UID: 0 PID: 6295 Comm: syz.2.654 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   72.891772][ T6295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   72.891823][ T6295] Call Trace:
[   72.891830][ T6295]  <TASK>
[   72.891837][ T6295]  __dump_stack+0x1d/0x30
[   72.891858][ T6295]  dump_stack_lvl+0xe8/0x140
[   72.891876][ T6295]  dump_stack+0x15/0x1b
[   72.891891][ T6295]  should_fail_ex+0x265/0x280
[   72.891943][ T6295]  should_failslab+0x8c/0xb0
[   72.891969][ T6295]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   72.892001][ T6295]  ? __d_alloc+0x3d/0x340
[   72.892064][ T6295]  __d_alloc+0x3d/0x340
[   72.892093][ T6295]  d_alloc+0x2e/0x100
[   72.892128][ T6295]  lookup_one_qstr_excl+0x99/0x250
[   72.892154][ T6295]  filename_create+0x149/0x230
[   72.892174][ T6295]  do_symlinkat+0x65/0x3c0
[   72.892217][ T6295]  __x64_sys_symlinkat+0x5a/0x70
[   72.892238][ T6295]  x64_sys_call+0x293d/0x2ff0
[   72.892257][ T6295]  do_syscall_64+0xd2/0x200
[   72.892318][ T6295]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   72.892421][ T6295]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   72.892450][ T6295]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.892497][ T6295] RIP: 0033:0x7fe594a3ebe9
[   72.892512][ T6295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.892527][ T6295] RSP: 002b:00007fe59349f038 EFLAGS: 00000246 ORIG_RAX: 000000000000010a
[   72.892545][ T6295] RAX: ffffffffffffffda RBX: 00007fe594c65fa0 RCX: 00007fe594a3ebe9
[   72.892635][ T6295] RDX: 0000200000000040 RSI: 0000000000000004 RDI: 0000200000000000
[   72.892648][ T6295] RBP: 00007fe59349f090 R08: 0000000000000000 R09: 0000000000000000
[   72.892661][ T6295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   72.892674][ T6295] R13: 00007fe594c66038 R14: 00007fe594c65fa0 R15: 00007ffca23ec308
[   72.892694][ T6295]  </TASK>
[   73.132016][ T3388] IPVS: starting estimator thread 0...
[   73.301362][ T6300] IPVS: using max 2736 ests per chain, 136800 per kthread
[   73.409991][ T6324] loop2: detected capacity change from 0 to 128
[   73.527514][ T6324] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   73.652242][ T6334] loop4: detected capacity change from 0 to 2048
[   73.708444][ T6334] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   73.852329][ T6336] loop3: detected capacity change from 0 to 8192
[   73.892298][ T6336] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   73.906206][ T6336] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001)
[   73.914128][ T6336] FAT-fs (loop3): Filesystem has been set read-only
[   73.931769][ T3311] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   73.947874][ T6347] loop1: detected capacity change from 0 to 2048
[   73.960705][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   73.969110][ T6350] loop2: detected capacity change from 0 to 128
[   73.982949][ T6350] EXT4-fs: Ignoring removed nobh option
[   74.038972][ T6347] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.074908][ T6350] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   74.077560][ T6353] macvlan1: entered promiscuous mode
[   74.093906][ T6347] EXT4-fs error (device loop1): empty_inline_dir:1760: inode #12: block 9: comm syz.1.671: bad entry in directory: rec_len % 4 != 0 - offset=4, inode=13, rec_len=21, size=60 fake=0
[   74.108755][ T6353] ipvlan0: entered promiscuous mode
[   74.118075][ T6353] ipvlan0: left promiscuous mode
[   74.149003][ T6353] macvlan1: left promiscuous mode
[   74.149495][ T6347] EXT4-fs (loop1): Remounting filesystem read-only
[   74.160843][ T6347] EXT4-fs warning (device loop1): empty_inline_dir:1767: bad inline directory (dir #12) - inode 13, rec_len 21, name_len 5inline size 60
[   74.179112][ T3311] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   74.191245][ T6358] __nla_validate_parse: 5 callbacks suppressed
[   74.191262][ T6358] netlink: 24 bytes leftover after parsing attributes in process `syz.4.676'.
[   74.247535][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.299866][ T6370] FAULT_INJECTION: forcing a failure.
[   74.299866][ T6370] name failslab, interval 1, probability 0, space 0, times 0
[   74.312926][ T6370] CPU: 1 UID: 0 PID: 6370 Comm: syz.4.680 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   74.312951][ T6370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   74.313012][ T6370] Call Trace:
[   74.313019][ T6370]  <TASK>
[   74.313028][ T6370]  __dump_stack+0x1d/0x30
[   74.313050][ T6370]  dump_stack_lvl+0xe8/0x140
[   74.313068][ T6370]  dump_stack+0x15/0x1b
[   74.313083][ T6370]  should_fail_ex+0x265/0x280
[   74.313104][ T6370]  should_failslab+0x8c/0xb0
[   74.313211][ T6370]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   74.313289][ T6370]  ? asymmetric_lookup_restriction+0x7b/0x370
[   74.313315][ T6370]  ? should_fail_ex+0xdb/0x280
[   74.313367][ T6370]  ? asymmetric_key_describe+0xb1/0x150
[   74.313407][ T6370]  kstrndup+0x80/0x130
[   74.313436][ T6370]  ? __pfx_asymmetric_lookup_restriction+0x10/0x10
[   74.313468][ T6370]  asymmetric_lookup_restriction+0x7b/0x370
[   74.313521][ T6370]  ? strcmp+0x22/0x50
[   74.313550][ T6370]  ? __pfx_asymmetric_lookup_restriction+0x10/0x10
[   74.313631][ T6370]  keyring_restrict+0xf7/0x280
[   74.313664][ T6370]  keyctl_restrict_keyring+0x107/0x1b0
[   74.313689][ T6370]  __se_sys_keyctl+0x1ed/0xb80
[   74.313785][ T6370]  ? __rcu_read_unlock+0x4f/0x70
[   74.313839][ T6370]  ? __fget_files+0x184/0x1c0
[   74.313862][ T6370]  ? fput+0x8f/0xc0
[   74.313908][ T6370]  __x64_sys_keyctl+0x67/0x80
[   74.313932][ T6370]  x64_sys_call+0x2f6d/0x2ff0
[   74.313952][ T6370]  do_syscall_64+0xd2/0x200
[   74.313976][ T6370]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   74.314006][ T6370]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   74.314031][ T6370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.314098][ T6370] RIP: 0033:0x7f12dd62ebe9
[   74.314164][ T6370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.314185][ T6370] RSP: 002b:00007f12dc08f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[   74.314206][ T6370] RAX: ffffffffffffffda RBX: 00007f12dd855fa0 RCX: 00007f12dd62ebe9
[   74.314270][ T6370] RDX: 0000200000000040 RSI: 00000000268a9162 RDI: 000000000000001d
[   74.314282][ T6370] RBP: 00007f12dc08f090 R08: 0000000000000000 R09: 0000000000000000
[   74.314294][ T6370] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.314306][ T6370] R13: 00007f12dd856038 R14: 00007f12dd855fa0 R15: 00007ffea151f2d8
[   74.314323][ T6370]  </TASK>
[   74.334734][ T6380] netlink: 8 bytes leftover after parsing attributes in process `syz.1.678'.
[   74.453986][ T6383] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   74.532858][ T6387] loop4: detected capacity change from 0 to 8192
[   74.621777][ T6380] netlink: 4 bytes leftover after parsing attributes in process `syz.1.678'.
[   74.645232][ T6380] netlink: 4 bytes leftover after parsing attributes in process `syz.1.678'.
[   74.760311][ T6424] netlink: 24 bytes leftover after parsing attributes in process `syz.2.691'.
[   74.855173][ T6440] netlink: 4 bytes leftover after parsing attributes in process `syz.2.694'.
[   74.906893][ T6455] wireguard0: entered promiscuous mode
[   74.912510][ T6455] wireguard0: entered allmulticast mode
[   75.128808][   T29] kauditd_printk_skb: 588 callbacks suppressed
[   75.128825][   T29] audit: type=1400 audit(844.034:7974): avc:  denied  { lock } for  pid=6498 comm="syz.3.697" path="socket:[11234]" dev="sockfs" ino=11234 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   75.166293][   T29] audit: type=1400 audit(844.055:7975): avc:  denied  { read write } for  pid=6498 comm="syz.3.697" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   75.190430][   T29] audit: type=1400 audit(844.055:7976): avc:  denied  { open } for  pid=6498 comm="syz.3.697" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   75.220085][   T29] audit: type=1400 audit(844.139:7977): avc:  denied  { sqpoll } for  pid=6498 comm="syz.3.697" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   75.244573][   T29] audit: type=1326 audit(844.160:7978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6498 comm="syz.3.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9adebe9 code=0x7ffc0000
[   75.274894][ T6509] netlink: 56 bytes leftover after parsing attributes in process `syz.4.698'.
[   75.277697][   T29] audit: type=1326 audit(844.191:7979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6498 comm="syz.3.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74b9adebe9 code=0x7ffc0000
[   75.309429][   T29] audit: type=1400 audit(844.202:7980): avc:  denied  { ioctl } for  pid=6501 comm="syz.4.698" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=11252 ioctlcmd=0x671e scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   75.336779][   T29] audit: type=1400 audit(844.254:7981): avc:  denied  { read } for  pid=6498 comm="syz.3.697" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   75.357713][   T29] audit: type=1400 audit(844.286:7982): avc:  denied  { write } for  pid=6501 comm="syz.4.698" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   75.377601][ T6514] mmap: syz.4.698 (6514) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   75.417523][   T29] audit: type=1400 audit(844.349:7983): avc:  denied  { read } for  pid=3031 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[   75.508615][ T6523] process 'syz.2.703' launched './file0' with NULL argv: empty string added
[   75.519636][ T6523] FAULT_INJECTION: forcing a failure.
[   75.519636][ T6523] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   75.532897][ T6523] CPU: 1 UID: 0 PID: 6523 Comm: syz.2.703 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   75.533037][ T6523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   75.533050][ T6523] Call Trace:
[   75.533057][ T6523]  <TASK>
[   75.533065][ T6523]  __dump_stack+0x1d/0x30
[   75.533088][ T6523]  dump_stack_lvl+0xe8/0x140
[   75.533109][ T6523]  dump_stack+0x15/0x1b
[   75.533156][ T6523]  should_fail_ex+0x265/0x280
[   75.533195][ T6523]  should_fail+0xb/0x20
[   75.533216][ T6523]  should_fail_usercopy+0x1a/0x20
[   75.533239][ T6523]  _copy_from_user+0x1c/0xb0
[   75.533267][ T6523]  ___sys_sendmsg+0xc1/0x1d0
[   75.533300][ T6523]  __x64_sys_sendmsg+0xd4/0x160
[   75.533334][ T6523]  x64_sys_call+0x191e/0x2ff0
[   75.533355][ T6523]  do_syscall_64+0xd2/0x200
[   75.533380][ T6523]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   75.533416][ T6523]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   75.533443][ T6523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.533544][ T6523] RIP: 0033:0x7fe594a3ebe9
[   75.533561][ T6523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.533657][ T6523] RSP: 002b:00007fe59349f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   75.533680][ T6523] RAX: ffffffffffffffda RBX: 00007fe594c65fa0 RCX: 00007fe594a3ebe9
[   75.533694][ T6523] RDX: 0000000000000040 RSI: 00002000000007c0 RDI: 0000000000000004
[   75.533709][ T6523] RBP: 00007fe59349f090 R08: 0000000000000000 R09: 0000000000000000
[   75.533723][ T6523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.533782][ T6523] R13: 00007fe594c66038 R14: 00007fe594c65fa0 R15: 00007ffca23ec308
[   75.533812][ T6523]  </TASK>
[   76.173086][ T6550] netlink: 8 bytes leftover after parsing attributes in process `syz.4.710'.
[   76.195194][ T6529] loop2: detected capacity change from 0 to 32768
[   76.276388][ T6552] bridge_slave_0: left allmulticast mode
[   76.282306][ T6552] bridge_slave_0: left promiscuous mode
[   76.288041][ T6552] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.330106][ T6552] bridge_slave_1: left allmulticast mode
[   76.335996][ T6552] bridge_slave_1: left promiscuous mode
[   76.341822][ T6552] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.398191][ T6552] bond0: (slave bond_slave_0): Releasing backup interface
[   76.415446][ T6552] bond0: (slave bond_slave_1): Releasing backup interface
[   76.445088][ T6552] team0: Port device team_slave_0 removed
[   76.464919][ T6552] team0: Port device team_slave_1 removed
[   76.479821][ T6552] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   76.487420][ T6552] batman_adv: batadv0: Removing interface: batadv_slave_0
[   76.510030][ T6552] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   76.517693][ T6552] batman_adv: batadv0: Removing interface: batadv_slave_1
[   76.804594][ T6635] netlink: 8 bytes leftover after parsing attributes in process `syz.3.721'.
[   76.854816][ T6635] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   76.890189][ T6645] syzkaller0: entered promiscuous mode
[   76.895749][ T6645] syzkaller0: entered allmulticast mode
[   76.905124][ T6635] netlink: 4 bytes leftover after parsing attributes in process `syz.3.721'.
[   76.918060][ T6645] loop1: detected capacity change from 0 to 128
[   76.941688][ T6645] msdos: Unknown parameter 'ÿ0x0000000000000000ÿÿÿÿÿÿÿÿ'
[   77.572218][ T6672] FAULT_INJECTION: forcing a failure.
[   77.572218][ T6672] name failslab, interval 1, probability 0, space 0, times 0
[   77.585197][ T6672] CPU: 1 UID: 0 PID: 6672 Comm: syz.3.734 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   77.585291][ T6672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   77.585305][ T6672] Call Trace:
[   77.585313][ T6672]  <TASK>
[   77.585322][ T6672]  __dump_stack+0x1d/0x30
[   77.585427][ T6672]  dump_stack_lvl+0xe8/0x140
[   77.585502][ T6672]  dump_stack+0x15/0x1b
[   77.585518][ T6672]  should_fail_ex+0x265/0x280
[   77.585558][ T6672]  should_failslab+0x8c/0xb0
[   77.585581][ T6672]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   77.585616][ T6672]  ? llcp_sock_bind+0x1c9/0x320
[   77.585648][ T6672]  kmemdup_noprof+0x2b/0x70
[   77.585717][ T6672]  llcp_sock_bind+0x1c9/0x320
[   77.585798][ T6672]  __sys_bind+0x1ce/0x2a0
[   77.585830][ T6672]  __x64_sys_bind+0x3f/0x50
[   77.585860][ T6672]  x64_sys_call+0x2b6e/0x2ff0
[   77.585938][ T6672]  do_syscall_64+0xd2/0x200
[   77.585969][ T6672]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   77.585994][ T6672]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   77.586029][ T6672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.586053][ T6672] RIP: 0033:0x7f74b9adebe9
[   77.586071][ T6672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.586091][ T6672] RSP: 002b:00007f74b8547038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[   77.586110][ T6672] RAX: ffffffffffffffda RBX: 00007f74b9d05fa0 RCX: 00007f74b9adebe9
[   77.586173][ T6672] RDX: 0000000000000060 RSI: 0000200000000080 RDI: 0000000000000008
[   77.586187][ T6672] RBP: 00007f74b8547090 R08: 0000000000000000 R09: 0000000000000000
[   77.586201][ T6672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   77.586212][ T6672] R13: 00007f74b9d06038 R14: 00007f74b9d05fa0 R15: 00007fff02cb6788
[   77.586230][ T6672]  </TASK>
[   77.814782][ T6676] syz!: rxe_newlink: already configured on team_slave_0
[   77.888373][ T6687] can0: slcan on ttyS3.
[   77.930305][ T6687] can0 (unregistered): slcan off ttyS3.
[   77.938818][ T6687] can0: slcan on ttyS3.
[   77.987472][ T6686] can0 (unregistered): slcan off ttyS3.
[   78.336253][ T6741] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   78.557897][ T1042] hid_parser_main: 33 callbacks suppressed
[   78.557946][ T1042] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[   78.571641][ T1042] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[   78.579335][ T1042] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[   78.594184][ T1042] hid-generic 0003:0004:0000.0002: hidraw0: USB HID v0.00 Device [syz0] on syz1
[   78.663506][ T6766] fido_id[6766]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   78.808068][ T6719] loop2: detected capacity change from 0 to 736
[   78.958411][ T6704] Set syz1 is full, maxelem 65536 reached
[   79.066109][ T6801] loop3: detected capacity change from 0 to 512
[   79.083898][ T6801] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   79.097938][ T6801] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002]
[   79.115278][ T6801] System zones: 1-12
[   79.116974][ T6808] __nla_validate_parse: 9 callbacks suppressed
[   79.116988][ T6808] netlink: 8 bytes leftover after parsing attributes in process `syz.4.768'.
[   79.135560][ T6801] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.767: corrupted in-inode xattr: e_value size too large
[   79.160630][ T6801] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.767: couldn't read orphan inode 15 (err -117)
[   79.183087][ T6801] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.199204][ T6719] rock: directory entry would overflow storage
[   79.208451][ T6719] rock: sig=0x3b10, size=4, remaining=3
[   79.216365][ T6808] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   79.226418][ T6808] netlink: 4 bytes leftover after parsing attributes in process `syz.4.768'.
[   79.235973][ T6808] netlink: 4 bytes leftover after parsing attributes in process `syz.4.768'.
[   79.297941][ T6829] netlink: 8 bytes leftover after parsing attributes in process `syz.4.769'.
[   79.314725][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.426110][ T6861] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   79.460107][ T6829] netlink: 4 bytes leftover after parsing attributes in process `syz.4.769'.
[   79.494461][ T6868] siw: device registration error -23
[   79.508175][ T6861] netlink: 4 bytes leftover after parsing attributes in process `syz.4.769'.
[   79.583564][ T6883] netlink: 'syz.1.777': attribute type 11 has an invalid length.
[   79.591852][ T6883] netlink: 44 bytes leftover after parsing attributes in process `syz.1.777'.
[   79.630027][ T6889] loop0: detected capacity change from 0 to 512
[   79.637870][ T6889] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   79.653235][ T6891] loop1: detected capacity change from 0 to 128
[   79.661506][ T6891] EXT4-fs: Ignoring removed nobh option
[   79.669250][ T6889] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.684865][ T6889] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz.0.776: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[   79.707310][ T6889] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 12: comm syz.0.776: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[   79.736267][ T6889] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 13: comm syz.0.776: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[   79.757999][ T6889] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 14: comm syz.0.776: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   79.793452][ T6891] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   79.823341][ T6898] netlink: 8 bytes leftover after parsing attributes in process `syz.4.780'.
[   79.857224][ T6889] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 15: comm syz.0.776: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   79.883931][ T6889] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 16: comm syz.0.776: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[   79.905253][   T29] kauditd_printk_skb: 525 callbacks suppressed
[   79.905269][   T29] audit: type=1326 audit(849.042:8509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6718 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe594a3ebe9 code=0x7ffc0000
[   79.934780][   T29] audit: type=1326 audit(849.042:8510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6718 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe594a3ebe9 code=0x7ffc0000
[   79.935421][ T6889] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 17: comm syz.0.776: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   79.957945][   T29] audit: type=1326 audit(849.042:8511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6718 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fe594a3ebe9 code=0x7ffc0000
[   79.957977][   T29] audit: type=1326 audit(849.042:8512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6718 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe594a3ebe9 code=0x7ffc0000
[   79.979257][ T6889] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #2: block 18: comm syz.0.776: lblock 23 mapped to illegal pblock 18 (length 1)
[   80.001163][   T29] audit: type=1326 audit(849.042:8513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6718 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=245 compat=0 ip=0x7fe594a3ebe9 code=0x7ffc0000
[   80.025502][ T6889] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 19: comm syz.0.776: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   80.038164][   T29] audit: type=1326 audit(849.052:8514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6718 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe594a3ebe9 code=0x7ffc0000
[   80.038217][   T29] audit: type=1326 audit(849.052:8515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6718 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7fe594a3ebe9 code=0x7ffc0000
[   80.038245][   T29] audit: type=1326 audit(849.052:8516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6718 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe594a3ebe9 code=0x7ffc0000
[   80.038266][   T29] audit: type=1326 audit(849.052:8517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6718 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7fe594a3ebe9 code=0x7ffc0000
[   80.063147][ T6900] netlink: 4 bytes leftover after parsing attributes in process `syz.4.780'.
[   80.081290][   T29] audit: type=1326 audit(849.052:8518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6718 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe594a3ebe9 code=0x7ffc0000
[   80.107375][ T6901] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   80.154362][ T6898] infiniband syz!: set down
[   80.174576][ T6901] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   80.183256][ T6898] infiniband syz!: added team_slave_0
[   80.207120][ T3300] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   80.216492][ T6889] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 20: comm syz.0.776: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[   80.226551][ T6900] netlink: 4 bytes leftover after parsing attributes in process `syz.4.780'.
[   80.271272][ T6868] netlink: 'syz.3.773': attribute type 10 has an invalid length.
[   80.279574][ T6868] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[   80.399812][ T6914] FAULT_INJECTION: forcing a failure.
[   80.399812][ T6914] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   80.413200][ T6914] CPU: 0 UID: 0 PID: 6914 Comm: wg1 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   80.413230][ T6914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   80.413244][ T6914] Call Trace:
[   80.413252][ T6914]  <TASK>
[   80.413261][ T6914]  __dump_stack+0x1d/0x30
[   80.413348][ T6914]  dump_stack_lvl+0xe8/0x140
[   80.413404][ T6914]  dump_stack+0x15/0x1b
[   80.413418][ T6914]  should_fail_ex+0x265/0x280
[   80.413468][ T6914]  should_fail+0xb/0x20
[   80.413488][ T6914]  should_fail_usercopy+0x1a/0x20
[   80.413511][ T6914]  _copy_from_user+0x1c/0xb0
[   80.413535][ T6914]  rds_rdma_extra_size+0xe2/0x270
[   80.413553][ T6914]  ? krealloc_noprof+0x136/0x2d0
[   80.413579][ T6914]  rds_rm_size+0x326/0x490
[   80.413611][ T6914]  rds_sendmsg+0x842/0x14a0
[   80.413642][ T6914]  ? __pfx_rds_sendmsg+0x10/0x10
[   80.413736][ T6914]  __sock_sendmsg+0x145/0x180
[   80.413763][ T6914]  ____sys_sendmsg+0x31e/0x4e0
[   80.413791][ T6914]  ___sys_sendmsg+0x17b/0x1d0
[   80.413835][ T6914]  __x64_sys_sendmsg+0xd4/0x160
[   80.413921][ T6914]  x64_sys_call+0x191e/0x2ff0
[   80.413940][ T6914]  do_syscall_64+0xd2/0x200
[   80.413963][ T6914]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   80.413988][ T6914]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   80.414047][ T6914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.414126][ T6914] RIP: 0033:0x7f74b9adebe9
[   80.414144][ T6914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.414226][ T6914] RSP: 002b:00007f74b8547038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   80.414250][ T6914] RAX: ffffffffffffffda RBX: 00007f74b9d05fa0 RCX: 00007f74b9adebe9
[   80.414264][ T6914] RDX: 0000000000000000 RSI: 0000200000001600 RDI: 0000000000000005
[   80.414279][ T6914] RBP: 00007f74b8547090 R08: 0000000000000000 R09: 0000000000000000
[   80.414293][ T6914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.414306][ T6914] R13: 00007f74b9d06038 R14: 00007f74b9d05fa0 R15: 00007fff02cb6788
[   80.414322][ T6914]  </TASK>
[   80.641247][ T6910] loop2: detected capacity change from 0 to 512
[   80.648980][ T6898] RDS/IB: syz!: added
[   80.653373][ T6898] smc: adding ib device syz! with port count 1
[   80.662183][ T6898] smc:    ib device syz! port 1 has pnetid 
[   80.691760][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.712900][ T6910] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   80.731539][ T6910] EXT4-fs (loop2): mount failed
[   80.746781][ T6910] loop2: detected capacity change from 0 to 1024
[   80.754514][ T6910] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   80.766065][ T6910] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   80.783926][ T6910] JBD2: no valid journal superblock found
[   80.789946][ T6910] EXT4-fs (loop2): Could not load journal inode
[   80.816029][ T6922] loop0: detected capacity change from 0 to 512
[   80.839391][ T6922] EXT4-fs: Ignoring removed oldalloc option
[   80.860800][ T6922] EXT4-fs error (device loop0): ext4_xattr_inode_iget:433: comm syz.0.788: Parent and EA inode have the same ino 15
[   80.873476][ T6926] vlan2: entered allmulticast mode
[   80.878890][ T6926] dummy0: entered allmulticast mode
[   80.889727][ T6922] EXT4-fs (loop0): Remounting filesystem read-only
[   80.896629][ T6922] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -30)
[   80.906518][ T6922] EXT4-fs (loop0): 1 orphan inode deleted
[   80.913066][ T6922] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.970182][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.994290][ T6930] loop3: detected capacity change from 0 to 2034
[   81.004712][ T6930] EXT4-fs (loop3): bad geometry: block count 512 exceeds size of device (508 blocks)
[   81.044598][ T6930] loop3: detected capacity change from 0 to 512
[   81.059596][ T6930] EXT4-fs: Ignoring removed bh option
[   81.065791][ T6930] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   81.079226][ T6930] EXT4-fs error (device loop3): ext4_get_journal_inode:5800: comm syz.3.792: inode #4294901760: comm syz.3.792: iget: illegal inode #
[   81.094676][ T6930] EXT4-fs (loop3): no journal found
[   81.100006][ T6930] EXT4-fs (loop3): can't get journal size
[   81.107134][ T6930] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[   81.118265][ T6930] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.190964][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.227955][ T6950] loop3: detected capacity change from 0 to 512
[   81.244961][ T6950] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.280308][ T6948] loop1: detected capacity change from 0 to 128
[   81.344372][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.395273][ T6957] loop3: detected capacity change from 0 to 512
[   81.415759][ T6957] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   81.445509][ T6954] loop4: detected capacity change from 0 to 512
[   81.505098][ T6954] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   81.510971][ T6957] EXT4-fs (loop3): mount failed
[   81.513332][ T6954] EXT4-fs (loop4): orphan cleanup on readonly fs
[   81.533609][ T6954] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.796: corrupted inode contents
[   81.545957][ T6954] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #16: comm syz.4.796: mark_inode_dirty error
[   81.558980][ T6954] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.796: corrupted inode contents
[   81.573165][ T6954] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #16: comm syz.4.796: mark_inode_dirty error
[   81.585275][ T6954] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.796: corrupted inode contents
[   81.598192][ T6954] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[   81.608393][ T6954] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.796: corrupted inode contents
[   81.621433][ T6954] EXT4-fs error (device loop4): ext4_truncate:4666: inode #16: comm syz.4.796: mark_inode_dirty error
[   81.633218][ T6954] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[   81.644198][ T6954] EXT4-fs (loop4): 1 truncate cleaned up
[   81.650701][ T5585] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:43: Failed to release dquot type 1
[   81.672499][ T6957] loop3: detected capacity change from 0 to 1024
[   81.680103][ T6954] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   81.697913][ T6957] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   81.709477][ T6957] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   81.726551][ T6957] JBD2: no valid journal superblock found
[   81.732544][ T6957] EXT4-fs (loop3): Could not load journal inode
[   81.757136][ T6976] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   81.786551][ T6978] loop3: detected capacity change from 0 to 512
[   81.812759][ T6978] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.861501][ T6978] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.807: corrupted inode contents
[   81.874959][ T6978] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #2: comm syz.3.807: mark_inode_dirty error
[   81.886678][ T6978] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.807: corrupted inode contents
[   81.898769][ T6978] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.807: mark_inode_dirty error
[   81.933028][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.034092][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.106517][ T7004] loop1: detected capacity change from 0 to 512
[   82.145027][ T7004] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   82.165635][ T7010] loop4: detected capacity change from 0 to 512
[   82.173491][ T7010] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   82.188879][ T7004] EXT4-fs (loop1): mount failed
[   82.227240][ T6991] @: renamed from vlan0 (while UP)
[   82.249647][ T7004] loop1: detected capacity change from 0 to 1024
[   82.308456][ T7010] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.331840][ T7004] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   82.343014][ T7004] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   82.357735][ T7010] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 3: comm syz.4.815: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[   82.383545][ T7004] JBD2: no valid journal superblock found
[   82.389679][ T7004] EXT4-fs (loop1): Could not load journal inode
[   82.398083][ T7010] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 12: comm syz.4.815: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[   82.477645][ T7010] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 13: comm syz.4.815: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[   82.500866][ T7010] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 14: comm syz.4.815: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   82.667290][ T7033] netlink: 'syz.2.826': attribute type 1 has an invalid length.
[   82.680688][ T7030] loop0: detected capacity change from 0 to 2048
[   82.694232][ T7010] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 15: comm syz.4.815: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   82.722997][ T7033] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[   82.779173][ T7030] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.845078][ T7010] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 16: comm syz.4.815: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[   82.898419][ T7010] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 17: comm syz.4.815: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   82.997047][ T7041] FAULT_INJECTION: forcing a failure.
[   82.997047][ T7041] name failslab, interval 1, probability 0, space 0, times 0
[   83.010230][ T7041] CPU: 1 UID: 0 PID: 7041 Comm: syz.2.827 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   83.010260][ T7041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   83.010273][ T7041] Call Trace:
[   83.010280][ T7041]  <TASK>
[   83.010288][ T7041]  __dump_stack+0x1d/0x30
[   83.010313][ T7041]  dump_stack_lvl+0xe8/0x140
[   83.010331][ T7041]  dump_stack+0x15/0x1b
[   83.010345][ T7041]  should_fail_ex+0x265/0x280
[   83.010365][ T7041]  should_failslab+0x8c/0xb0
[   83.010423][ T7041]  kmem_cache_alloc_node_noprof+0x57/0x320
[   83.010453][ T7041]  ? __alloc_skb+0x101/0x320
[   83.010473][ T7041]  __alloc_skb+0x101/0x320
[   83.010491][ T7041]  ? audit_log_start+0x365/0x6c0
[   83.010604][ T7041]  audit_log_start+0x380/0x6c0
[   83.010633][ T7041]  ? copy_fpstate_to_sigframe+0xe6/0x7d0
[   83.010677][ T7041]  audit_seccomp+0x48/0x100
[   83.010725][ T7041]  ? __seccomp_filter+0x68c/0x10d0
[   83.010748][ T7041]  __seccomp_filter+0x69d/0x10d0
[   83.010771][ T7041]  ? _raw_spin_unlock_irq+0x26/0x50
[   83.010836][ T7041]  ? signal_setup_done+0x266/0x290
[   83.010852][ T7041]  ? xfd_validate_state+0x45/0xf0
[   83.010989][ T7041]  ? fpu__clear_user_states+0x63/0x1e0
[   83.011013][ T7041]  ? fpregs_mark_activate+0x66/0x140
[   83.011102][ T7041]  ? fpu__clear_user_states+0x63/0x1e0
[   83.011161][ T7041]  __secure_computing+0x82/0x150
[   83.011179][ T7041]  syscall_trace_enter+0xcf/0x1e0
[   83.011199][ T7041]  do_syscall_64+0xac/0x200
[   83.011222][ T7041]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   83.011305][ T7041]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   83.011326][ T7041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.011345][ T7041] RIP: 0033:0x7fe5949dade9
[   83.011359][ T7041] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[   83.011477][ T7041] RSP: 002b:00007fe59349ea80 EFLAGS: 00000246 ORIG_RAX: 000000000000000f
[   83.011495][ T7041] RAX: ffffffffffffffda RBX: 00007fe594c65fa0 RCX: 00007fe5949dade9
[   83.011506][ T7041] RDX: 00007fe59349ea80 RSI: 00007fe59349ebb0 RDI: 0000000000000011
[   83.011525][ T7041] RBP: 00007fe59349f090 R08: 0000000000000000 R09: 0000000000000000
[   83.011535][ T7041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.011603][ T7041] R13: 00007fe594c66038 R14: 00007fe594c65fa0 R15: 00007ffca23ec308
[   83.011619][ T7041]  </TASK>
[   83.012336][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.239120][ T7045] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.824: bg 0: block 234: padding at end of block bitmap is not set
[   83.308077][ T7045] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   83.320874][ T7045] EXT4-fs (loop0): This should not happen!! Data will be lost
[   83.320874][ T7045] 
[   83.330853][ T7045] EXT4-fs (loop0): Total free blocks count 0
[   83.337027][ T7045] EXT4-fs (loop0): Free/Dirty block details
[   83.343056][ T7045] EXT4-fs (loop0): free_blocks=0
[   83.348009][ T7045] EXT4-fs (loop0): dirty_blocks=8208
[   83.353443][ T7045] EXT4-fs (loop0): Block reservation details
[   83.359713][ T7045] EXT4-fs (loop0): i_reserved_data_blocks=513
[   83.514139][ T7068] loop1: detected capacity change from 0 to 2048
[   83.535991][ T5584] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[   83.578622][ T7068] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.768368][ T7084] netlink: 'syz.3.841': attribute type 10 has an invalid length.
[   83.790666][ T7072] lo speed is unknown, defaulting to 1000
[   84.271934][ T7106] __nla_validate_parse: 14 callbacks suppressed
[   84.271953][ T7106] netlink: 256 bytes leftover after parsing attributes in process `syz.4.843'.
[   84.381408][ T7080] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.836: bg 0: block 234: padding at end of block bitmap is not set
[   84.436704][ T7080] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 117
[   84.449501][ T7080] EXT4-fs (loop1): This should not happen!! Data will be lost
[   84.449501][ T7080] 
[   84.794133][ T5565] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[   84.798228][ T7157] FAULT_INJECTION: forcing a failure.
[   84.798228][ T7157] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   84.807061][ T5565] EXT4-fs (loop1): This should not happen!! Data will be lost
[   84.807061][ T5565] 
[   84.820199][ T7157] CPU: 0 UID: 0 PID: 7157 Comm: syz.3.847 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   84.820307][ T7157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   84.820319][ T7157] Call Trace:
[   84.820328][ T7157]  <TASK>
[   84.820337][ T7157]  __dump_stack+0x1d/0x30
[   84.820359][ T7157]  dump_stack_lvl+0xe8/0x140
[   84.820445][ T7157]  dump_stack+0x15/0x1b
[   84.820462][ T7157]  should_fail_ex+0x265/0x280
[   84.820483][ T7157]  should_fail+0xb/0x20
[   84.820500][ T7157]  should_fail_usercopy+0x1a/0x20
[   84.820522][ T7157]  _copy_to_user+0x20/0xa0
[   84.820621][ T7157]  simple_read_from_buffer+0xb5/0x130
[   84.820744][ T7157]  proc_fail_nth_read+0x10e/0x150
[   84.820770][ T7157]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   84.820801][ T7157]  vfs_read+0x1a8/0x770
[   84.820866][ T7157]  ? __sys_bpf+0x310/0x7b0
[   84.820943][ T7157]  ksys_read+0xda/0x1a0
[   84.820964][ T7157]  __x64_sys_read+0x40/0x50
[   84.820985][ T7157]  x64_sys_call+0x27bc/0x2ff0
[   84.821013][ T7157]  do_syscall_64+0xd2/0x200
[   84.821116][ T7157]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   84.821139][ T7157]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   84.821215][ T7157]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.821236][ T7157] RIP: 0033:0x7f74b9add5fc
[   84.821251][ T7157] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   84.821268][ T7157] RSP: 002b:00007f74b8547030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   84.821288][ T7157] RAX: ffffffffffffffda RBX: 00007f74b9d05fa0 RCX: 00007f74b9add5fc
[   84.821301][ T7157] RDX: 000000000000000f RSI: 00007f74b85470a0 RDI: 0000000000000003
[   84.821339][ T7157] RBP: 00007f74b8547090 R08: 0000000000000000 R09: 0000000000000000
[   84.821351][ T7157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   84.821363][ T7157] R13: 00007f74b9d06038 R14: 00007f74b9d05fa0 R15: 00007fff02cb6788
[   84.821381][ T7157]  </TASK>
[   84.834908][ T7159] loop4: detected capacity change from 0 to 512
[   84.839997][ T5565] EXT4-fs (loop1): Total free blocks count 0
[   84.840016][ T5565] EXT4-fs (loop1): Free/Dirty block details
[   84.840028][ T5565] EXT4-fs (loop1): free_blocks=0
[   84.840039][ T5565] EXT4-fs (loop1): dirty_blocks=6064
[   84.940514][ T7159] netlink: 12 bytes leftover after parsing attributes in process `syz.4.849'.
[   84.944189][ T5565] EXT4-fs (loop1): Block reservation details
[   84.987865][   T29] kauditd_printk_skb: 381 callbacks suppressed
[   84.987881][   T29] audit: type=1400 audit(854.355:8894): avc:  denied  { read } for  pid=7165 comm="syz.3.852" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   85.074274][ T7170] loop4: detected capacity change from 0 to 128
[   85.080232][   T29] audit: type=1400 audit(854.386:8895): avc:  denied  { create } for  pid=7165 comm="syz.3.852" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[   85.130642][ T7170] vfat: Unknown parameter './file0'
[   85.143220][ T7164] netlink: 24 bytes leftover after parsing attributes in process `syz.0.851'.
[   85.155548][ T7172] netlink: 'syz.1.848': attribute type 30 has an invalid length.
[   85.192166][ T7159] 8021q: adding VLAN 0 to HW filter on device bond1
[   85.229394][ T7180] netlink: 8 bytes leftover after parsing attributes in process `syz.1.848'.
[   85.265245][ T7172] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[   85.274711][ T7172] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[   85.423082][   T29] audit: type=1326 audit(854.838:8896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7179 comm="syz.0.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d90aebe9 code=0x7ffc0000
[   85.446137][   T29] audit: type=1326 audit(854.838:8897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7179 comm="syz.0.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d90aebe9 code=0x7ffc0000
[   85.469286][   T29] audit: type=1326 audit(854.838:8898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7179 comm="syz.0.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54d90aebe9 code=0x7ffc0000
[   85.492077][   T29] audit: type=1326 audit(854.838:8899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7179 comm="syz.0.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d90aebe9 code=0x7ffc0000
[   85.515636][   T29] audit: type=1326 audit(854.838:8900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7179 comm="syz.0.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d90aebe9 code=0x7ffc0000
[   85.538602][   T29] audit: type=1326 audit(854.838:8901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7179 comm="syz.0.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54d90aebe9 code=0x7ffc0000
[   85.561414][   T29] audit: type=1326 audit(854.838:8902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7179 comm="syz.0.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d90aebe9 code=0x7ffc0000
[   85.584633][   T29] audit: type=1326 audit(854.838:8903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7179 comm="syz.0.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d90aebe9 code=0x7ffc0000
[   86.706648][ T7256] FAULT_INJECTION: forcing a failure.
[   86.706648][ T7256] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   86.720011][ T7256] CPU: 0 UID: 0 PID: 7256 Comm: syz.4.864 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   86.720118][ T7256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   86.720131][ T7256] Call Trace:
[   86.720139][ T7256]  <TASK>
[   86.720149][ T7256]  __dump_stack+0x1d/0x30
[   86.720174][ T7256]  dump_stack_lvl+0xe8/0x140
[   86.720197][ T7256]  dump_stack+0x15/0x1b
[   86.720216][ T7256]  should_fail_ex+0x265/0x280
[   86.720259][ T7256]  should_fail+0xb/0x20
[   86.720275][ T7256]  should_fail_usercopy+0x1a/0x20
[   86.720295][ T7256]  _copy_to_user+0x20/0xa0
[   86.720346][ T7256]  simple_read_from_buffer+0xb5/0x130
[   86.720372][ T7256]  proc_fail_nth_read+0x10e/0x150
[   86.720400][ T7256]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   86.720490][ T7256]  vfs_read+0x1a8/0x770
[   86.720509][ T7256]  ? __rcu_read_unlock+0x4f/0x70
[   86.720530][ T7256]  ? __fget_files+0x184/0x1c0
[   86.720554][ T7256]  ksys_read+0xda/0x1a0
[   86.720575][ T7256]  __x64_sys_read+0x40/0x50
[   86.720611][ T7256]  x64_sys_call+0x27bc/0x2ff0
[   86.720633][ T7256]  do_syscall_64+0xd2/0x200
[   86.720662][ T7256]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   86.720719][ T7256]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   86.720824][ T7256]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.720847][ T7256] RIP: 0033:0x7f12dd62d5fc
[   86.720866][ T7256] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   86.720965][ T7256] RSP: 002b:00007f12dc08f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   86.720987][ T7256] RAX: ffffffffffffffda RBX: 00007f12dd855fa0 RCX: 00007f12dd62d5fc
[   86.720999][ T7256] RDX: 000000000000000f RSI: 00007f12dc08f0a0 RDI: 0000000000000007
[   86.721011][ T7256] RBP: 00007f12dc08f090 R08: 0000000000000000 R09: 0000000000000000
[   86.721023][ T7256] R10: 000000000000012e R11: 0000000000000246 R12: 0000000000000001
[   86.721034][ T7256] R13: 00007f12dd856038 R14: 00007f12dd855fa0 R15: 00007ffea151f2d8
[   86.721050][ T7256]  </TASK>
[   86.953378][ T7261] netlink: 24 bytes leftover after parsing attributes in process `syz.3.866'.
[   87.071169][ T7269] netlink: 8 bytes leftover after parsing attributes in process `syz.1.869'.
[   87.224694][ T7279] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   87.518993][ T7289] loop0: detected capacity change from 0 to 512
[   88.260936][ T7289] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   88.270930][ T7269] netlink: 4 bytes leftover after parsing attributes in process `syz.1.869'.
[   88.285733][ T7289] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.389321][ T7279] netlink: 4 bytes leftover after parsing attributes in process `syz.1.869'.
[   88.401317][ T7289] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz.0.876: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[   88.473269][ T7306] netlink: 24 bytes leftover after parsing attributes in process `syz.4.881'.
[   88.491893][ T7289] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 12: comm syz.0.876: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[   88.517853][ T7289] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 13: comm syz.0.876: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[   88.541701][ T7307] loop3: detected capacity change from 0 to 128
[   88.565683][ T7289] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 14: comm syz.0.876: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   88.566085][ T7307] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   88.599122][ T7289] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 15: comm syz.0.876: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   88.645433][ T7289] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 16: comm syz.0.876: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[   88.668893][ T7311] loop1: detected capacity change from 0 to 8192
[   88.683138][ T7289] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 17: comm syz.0.876: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   88.706746][ T3685]  loop1: p1[EZD] p2 p4
[   88.711013][ T3685] loop1: p1 start 150996992 is beyond EOD, truncated
[   88.717424][ T7315] loop4: detected capacity change from 0 to 8192
[   88.721102][ T3685] loop1: p4 size 281856 extends beyond EOD, truncated
[   88.724320][ T7289] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #2: block 18: comm syz.0.876: lblock 23 mapped to illegal pblock 18 (length 1)
[   88.747463][ T7289] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 19: comm syz.0.876: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   88.775085][ T7311]  loop1: p1[EZD] p2 p4
[   88.786554][ T7311] loop1: p1 start 150996992 is beyond EOD, truncated
[   88.794034][ T6906]  loop4: p1[EZD] p2 p4
[   88.800994][ T7311] loop1: p4 size 281856 extends beyond EOD, truncated
[   88.801076][ T6906] loop4: p1 start 150996992 is beyond EOD, truncated
[   88.840957][ T7326] FAULT_INJECTION: forcing a failure.
[   88.840957][ T7326] name failslab, interval 1, probability 0, space 0, times 0
[   88.841053][ T7326] CPU: 0 UID: 0 PID: 7326 Comm: syz.4.885 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   88.841077][ T7326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   88.841089][ T7326] Call Trace:
[   88.841097][ T7326]  <TASK>
[   88.841112][ T7326]  __dump_stack+0x1d/0x30
[   88.841136][ T7326]  dump_stack_lvl+0xe8/0x140
[   88.841156][ T7326]  dump_stack+0x15/0x1b
[   88.841249][ T7326]  should_fail_ex+0x265/0x280
[   88.841272][ T7326]  should_failslab+0x8c/0xb0
[   88.841299][ T7326]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   88.841329][ T7326]  ? sidtab_sid2str_get+0xa0/0x130
[   88.841357][ T7326]  ? skb_put+0xa9/0xf0
[   88.841374][ T7326]  kmemdup_noprof+0x2b/0x70
[   88.841463][ T7326]  sidtab_sid2str_get+0xa0/0x130
[   88.841482][ T7326]  security_sid_to_context_core+0x1eb/0x2e0
[   88.841502][ T7326]  security_sid_to_context+0x27/0x40
[   88.841558][ T7326]  avc_audit_post_callback+0x9d/0x520
[   88.841587][ T7326]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   88.841616][ T7326]  common_lsm_audit+0x1b8/0x230
[   88.841699][ T7326]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   88.841809][ T7326]  slow_avc_audit+0x104/0x140
[   88.841838][ T7326]  avc_has_perm+0x13a/0x180
[   88.841862][ T7326]  selinux_kernel_load_data+0x128/0x140
[   88.841919][ T7326]  security_kernel_load_data+0x3e/0x80
[   88.841992][ T7326]  __se_sys_kexec_load+0x38/0x160
[   88.842014][ T7326]  __x64_sys_kexec_load+0x55/0x70
[   88.842053][ T7326]  x64_sys_call+0x2898/0x2ff0
[   88.842146][ T7326]  do_syscall_64+0xd2/0x200
[   88.842169][ T7326]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   88.842193][ T7326]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   88.842220][ T7326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.842281][ T7326] RIP: 0033:0x7f12dd62ebe9
[   88.842295][ T7326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.842314][ T7326] RSP: 002b:00007f12dc06e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[   88.842334][ T7326] RAX: ffffffffffffffda RBX: 00007f12dd856090 RCX: 00007f12dd62ebe9
[   88.842345][ T7326] RDX: 0000200000000140 RSI: 0000000000000001 RDI: 0000000000000000
[   88.842357][ T7326] RBP: 00007f12dc06e090 R08: 0000000000000000 R09: 0000000000000000
[   88.842373][ T7326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.842385][ T7326] R13: 00007f12dd856128 R14: 00007f12dd856090 R15: 00007ffea151f2d8
[   88.842404][ T7326]  </TASK>
[   88.843067][ T6906] loop4: p4 size 281856 extends beyond EOD, truncated
[   88.847348][ T7315]  loop4: p1[EZD] p2 p4
[   88.847417][ T7315] loop4: p1 start 150996992 is beyond EOD, truncated
[   88.861331][ T7315] loop4: p4 size 281856 extends beyond EOD, truncated
[   88.881927][ T3304] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   88.941571][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.165027][ T7336] netlink: 25 bytes leftover after parsing attributes in process `syz.3.889'.
[   89.240527][ T7334] netlink: 56 bytes leftover after parsing attributes in process `syz.2.893'.
[   89.252603][ T7340] netlink: 24 bytes leftover after parsing attributes in process `syz.1.894'.
[   89.281883][ T7334] netlink: 16 bytes leftover after parsing attributes in process `syz.2.893'.
[   89.303219][ T3685] udevd[3685]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   89.319810][ T6906] udevd[6906]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[   89.330534][ T5603] udevd[5603]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[   89.346702][ T3863] udevd[3863]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   89.375952][ T7349] netlink: 8 bytes leftover after parsing attributes in process `syz.1.897'.
[   89.427863][ T7352] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   89.428640][ T7346] netlink: 12 bytes leftover after parsing attributes in process `syz.4.896'.
[   89.439163][ T7351] netlink: 8 bytes leftover after parsing attributes in process `syz.3.898'.
[   89.455025][ T7352] netlink: 4 bytes leftover after parsing attributes in process `syz.1.897'.
[   89.467324][ T7349] netlink: 4 bytes leftover after parsing attributes in process `syz.1.897'.
[   89.564223][ T7337] lo speed is unknown, defaulting to 1000
[   89.576521][ T7356] netlink: 4 bytes leftover after parsing attributes in process `syz.3.898'.
[   89.690856][ T7351] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   89.759842][   T29] kauditd_printk_skb: 239 callbacks suppressed
[   89.759860][   T29] audit: type=1400 audit(859.405:9143): avc:  denied  { compute_member } for  pid=7359 comm="syz.1.901" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   89.804835][   T29] audit: type=1400 audit(859.405:9144): avc:  denied  { bind } for  pid=7358 comm="syz.0.900" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   89.830208][ T7360] random: crng reseeded on system resumption
[   89.982947][   T29] audit: type=1326 audit(859.625:9145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7368 comm="syz.1.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218d7eebe9 code=0x7ffc0000
[   90.006057][   T29] audit: type=1326 audit(859.625:9146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7368 comm="syz.1.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f218d7eebe9 code=0x7ffc0000
[   90.028906][   T29] audit: type=1326 audit(859.625:9147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7368 comm="syz.1.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218d7eebe9 code=0x7ffc0000
[   90.052157][   T29] audit: type=1326 audit(859.625:9148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7368 comm="syz.1.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f218d7eebe9 code=0x7ffc0000
[   90.075068][   T29] audit: type=1326 audit(859.636:9149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7368 comm="syz.1.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218d7eebe9 code=0x7ffc0000
[   90.098808][   T29] audit: type=1326 audit(859.636:9150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7368 comm="syz.1.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f218d7eebe9 code=0x7ffc0000
[   90.126444][   T29] audit: type=1326 audit(859.636:9151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7368 comm="syz.1.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218d7eebe9 code=0x7ffc0000
[   90.140970][    C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[   90.150547][   T29] audit: type=1326 audit(859.636:9152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7368 comm="syz.1.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f218d7eebe9 code=0x7ffc0000
[   90.282025][ T7346] Set syz1 is full, maxelem 65536 reached
[   90.298177][ T7378] netlink: 'syz.0.907': attribute type 1 has an invalid length.
[   90.310973][ T7375] syz0: rxe_newlink: already configured on team_slave_0
[   90.346439][ T7371] program syz.3.905 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   90.363319][ T7380] loop1: detected capacity change from 0 to 128
[   90.424104][ T7380] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   90.541152][ T3300] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   90.574857][ T7411] loop1: detected capacity change from 0 to 512
[   90.590872][ T7411] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.639182][ T7411] EXT4-fs (loop1): shut down requested (0)
[   90.665011][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.776763][ T7440] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   91.277459][ T7487] loop4: detected capacity change from 0 to 128
[   91.423437][ T7487] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   91.501598][ T7531] loop0: detected capacity change from 0 to 512
[   91.520376][ T7531] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   91.650215][ T3302] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   91.664293][ T7531] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.718209][ T7531] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz.0.926: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[   91.893438][ T7531] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 12: comm syz.0.926: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[   91.915097][ T7531] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 13: comm syz.0.926: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[   91.939530][ T7531] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 14: comm syz.0.926: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   91.960774][ T7531] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 15: comm syz.0.926: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   92.027368][ T7531] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 16: comm syz.0.926: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[   92.065351][ T7531] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 17: comm syz.0.926: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   92.087643][ T7531] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #2: block 18: comm syz.0.926: lblock 23 mapped to illegal pblock 18 (length 1)
[   92.162486][ T7540] bridge0: port 1(batadv1) entered blocking state
[   92.169074][ T7540] bridge0: port 1(batadv1) entered disabled state
[   92.169248][ T7551] loop1: detected capacity change from 0 to 2048
[   92.178467][ T7531] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 19: comm syz.0.926: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   92.217132][ T7540] batadv1: entered allmulticast mode
[   92.225576][ T7540] batadv1: entered promiscuous mode
[   92.274146][ T7551] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   92.290476][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.348017][ T7551] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   92.502602][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   92.532704][ T7568] loop2: detected capacity change from 0 to 128
[   92.578352][ T7571] loop1: detected capacity change from 0 to 1024
[   92.611025][ T7563] loop4: detected capacity change from 0 to 128
[   92.656655][ T5583] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[   92.666120][ T5583] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[   92.749165][ T7571] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.777594][ T7563] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   92.845993][ T7571] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #15: block 1: comm syz.1.939: lblock 1 mapped to illegal pblock 1 (length 15)
[   92.962097][ T7571] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 15 with error 117
[   92.975113][ T7571] EXT4-fs (loop1): This should not happen!! Data will be lost
[   92.975113][ T7571] 
[   92.987395][ T7571] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[   93.032898][ T3302] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   93.059530][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.203685][ T7584] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   93.285157][ T7597] netlink: 'syz.4.948': attribute type 1 has an invalid length.
[   93.293646][ T7595] FAULT_INJECTION: forcing a failure.
[   93.293646][ T7595] name failslab, interval 1, probability 0, space 0, times 0
[   93.306528][ T7595] CPU: 0 UID: 0 PID: 7595 Comm: syz.2.949 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   93.306574][ T7595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   93.306588][ T7595] Call Trace:
[   93.306596][ T7595]  <TASK>
[   93.306605][ T7595]  __dump_stack+0x1d/0x30
[   93.306701][ T7595]  dump_stack_lvl+0xe8/0x140
[   93.306721][ T7595]  dump_stack+0x15/0x1b
[   93.306746][ T7595]  should_fail_ex+0x265/0x280
[   93.306769][ T7595]  should_failslab+0x8c/0xb0
[   93.306797][ T7595]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   93.306865][ T7595]  ? sidtab_sid2str_get+0xa0/0x130
[   93.306932][ T7595]  kmemdup_noprof+0x2b/0x70
[   93.306954][ T7595]  sidtab_sid2str_get+0xa0/0x130
[   93.306973][ T7595]  security_sid_to_context_core+0x1eb/0x2e0
[   93.307029][ T7595]  security_sid_to_context+0x27/0x40
[   93.307051][ T7595]  selinux_lsmprop_to_secctx+0x67/0xf0
[   93.307152][ T7595]  security_lsmprop_to_secctx+0x43/0x80
[   93.307183][ T7595]  audit_log_task_context+0x77/0x190
[   93.307218][ T7595]  audit_log_task+0xf4/0x250
[   93.307243][ T7595]  audit_seccomp+0x61/0x100
[   93.307366][ T7595]  ? __seccomp_filter+0x68c/0x10d0
[   93.307388][ T7595]  __seccomp_filter+0x69d/0x10d0
[   93.307489][ T7595]  ? putname+0xda/0x100
[   93.307512][ T7595]  ? kmem_cache_free+0xdf/0x300
[   93.307545][ T7595]  __secure_computing+0x82/0x150
[   93.307568][ T7595]  syscall_trace_enter+0xcf/0x1e0
[   93.307657][ T7595]  do_syscall_64+0xac/0x200
[   93.307681][ T7595]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   93.307702][ T7595]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   93.307746][ T7595]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.307768][ T7595] RIP: 0033:0x7fe594a3d5fc
[   93.307786][ T7595] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   93.307805][ T7595] RSP: 002b:00007fe59349f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   93.307826][ T7595] RAX: ffffffffffffffda RBX: 00007fe594c65fa0 RCX: 00007fe594a3d5fc
[   93.307883][ T7595] RDX: 000000000000000f RSI: 00007fe59349f0a0 RDI: 0000000000000005
[   93.307895][ T7595] RBP: 00007fe59349f090 R08: 0000000000000000 R09: 0000000000000000
[   93.307907][ T7595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   93.307918][ T7595] R13: 00007fe594c66038 R14: 00007fe594c65fa0 R15: 00007ffca23ec308
[   93.307936][ T7595]  </TASK>
[   93.557781][ T7597] 8021q: adding VLAN 0 to HW filter on device bond2
[   93.651275][ T7604] syz0: rxe_newlink: already configured on team_slave_0
[   93.755460][ T7612] loop2: detected capacity change from 0 to 512
[   93.763195][ T7612] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   93.781346][ T7612] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.955: invalid indirect mapped block 4294967295 (level 0)
[   93.849276][ T7612] EXT4-fs (loop2): Remounting filesystem read-only
[   93.883626][ T7612] EXT4-fs (loop2): 1 orphan inode deleted
[   93.889590][ T7612] EXT4-fs (loop2): 1 truncate cleaned up
[   93.902003][ T7606] loop1: detected capacity change from 0 to 128
[   94.021825][ T7624] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.067900][ T7624] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.097944][ T7628] loop4: detected capacity change from 0 to 512
[   94.105187][ T7628] EXT4-fs: Ignoring removed nomblk_io_submit option
[   94.112006][ T7628] ext3: Unknown parameter 'fsname'
[   94.203395][ T7624] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.251417][ T7641] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   94.260649][ T7641] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   94.287602][ T7624] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.330695][ T5565] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.345962][ T5565] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.375563][ T5565] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.385287][ T5565] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.413620][ T7656] __nla_validate_parse: 15 callbacks suppressed
[   94.413638][ T7656] netlink: 8 bytes leftover after parsing attributes in process `syz.0.971'.
[   94.456979][ T7656] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   94.470871][ T7656] netlink: 4 bytes leftover after parsing attributes in process `syz.0.971'.
[   94.484473][ T7656] netlink: 4 bytes leftover after parsing attributes in process `syz.0.971'.
[   94.781168][   T29] kauditd_printk_skb: 438 callbacks suppressed
[   94.781188][   T29] audit: type=1326 audit(864.675:9588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7667 comm="syz.0.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d90aebe9 code=0x7ffc0000
[   94.825732][ T7670] tipc: Started in network mode
[   94.831150][ T7670] tipc: Node identity cab286e28c83, cluster identity 4711
[   94.839097][ T7670] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   94.855092][   T29] audit: type=1326 audit(864.675:9589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7667 comm="syz.0.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f54d90aebe9 code=0x7ffc0000
[   94.878081][   T29] audit: type=1326 audit(864.675:9590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7667 comm="syz.0.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d90aebe9 code=0x7ffc0000
[   94.901440][   T29] audit: type=1326 audit(864.675:9591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7667 comm="syz.0.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54d90aebe9 code=0x7ffc0000
[   94.924704][   T29] audit: type=1326 audit(864.675:9592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7667 comm="syz.0.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d90aebe9 code=0x7ffc0000
[   94.949387][   T29] audit: type=1326 audit(864.675:9593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7667 comm="syz.0.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54d90aebe9 code=0x7ffc0000
[   94.972944][   T29] audit: type=1326 audit(864.675:9594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7667 comm="syz.0.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d90aebe9 code=0x7ffc0000
[   94.996761][   T29] audit: type=1326 audit(864.675:9595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7667 comm="syz.0.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54d90aebe9 code=0x7ffc0000
[   95.020437][   T29] audit: type=1326 audit(864.675:9596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7667 comm="syz.0.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d90aebe9 code=0x7ffc0000
[   95.044148][   T29] audit: type=1326 audit(864.675:9597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7667 comm="syz.0.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54d90aebe9 code=0x7ffc0000
[   95.106238][ T7672] loop4: detected capacity change from 0 to 512
[   95.128343][ T7672] EXT4-fs: Ignoring removed nomblk_io_submit option
[   95.151433][ T7672] EXT4-fs: Ignoring removed nomblk_io_submit option
[   95.179701][ T7672] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   95.262242][ T7672] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[   95.271215][ T7672] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[   95.281285][ T7672] EXT4-fs (loop4): 1 truncate cleaned up
[   95.287520][ T7672] EXT4-fs mount: 4 callbacks suppressed
[   95.287534][ T7672] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.310664][ T7672] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters
[   95.325995][ T7672] EXT4-fs (loop4): Remounting filesystem read-only
[   95.326238][ T7681] loop2: detected capacity change from 0 to 512
[   95.349076][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.350671][ T7681] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   95.376989][ T7683] netlink: 'syz.4.981': attribute type 3 has an invalid length.
[   95.385997][ T7681] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.414846][ T7681] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.980: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[   95.446012][ T7693] netlink: 8 bytes leftover after parsing attributes in process `syz.4.983'.
[   95.448789][ T7681] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 12: comm syz.2.980: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[   95.481413][ T7693] syz!: rxe_newlink: already configured on team_slave_0
[   95.491753][ T7667] tipc: Disabling bearer <eth:syzkaller0>
[   95.494933][ T7693] netlink: 4 bytes leftover after parsing attributes in process `syz.4.983'.
[   95.509479][ T7693] netlink: 4 bytes leftover after parsing attributes in process `syz.4.983'.
[   95.519462][ T7681] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 13: comm syz.2.980: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[   95.541749][ T7681] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 14: comm syz.2.980: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   95.615292][ T7700] loop0: detected capacity change from 0 to 512
[   95.622978][ T7681] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 15: comm syz.2.980: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   95.646291][ T7690] loop1: detected capacity change from 0 to 32768
[   95.654270][ T7700] EXT4-fs warning (device loop0): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   95.675443][ T7700] EXT4-fs (loop0): mount failed
[   95.675460][ T7681] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 16: comm syz.2.980: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[   95.691762][ T7705] loop4: detected capacity change from 0 to 128
[   95.713325][ T7705] EXT4-fs: Ignoring removed nobh option
[   95.717712][ T7681] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 17: comm syz.2.980: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   95.740220][ T3685]  loop1: p1 p3 < >
[   95.749335][ T7700] loop0: detected capacity change from 0 to 1024
[   95.757000][ T7681] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #2: block 18: comm syz.2.980: lblock 23 mapped to illegal pblock 18 (length 1)
[   95.764245][ T7700] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   95.773560][ T7705] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   95.782751][ T7700] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   95.795055][ T7690]  loop1: p1 p3 < >
[   95.822192][ T7681] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 19: comm syz.2.980: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   95.852681][ T7681] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 20: comm syz.2.980: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[   95.853591][ T7700] JBD2: no valid journal superblock found
[   95.879701][ T7700] EXT4-fs (loop0): Could not load journal inode
[   95.917526][ T3302] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   95.992565][ T3685] udevd[3685]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   95.993704][ T6906] udevd[6906]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   96.190208][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.338428][ T7728] netlink: 272 bytes leftover after parsing attributes in process `syz.2.994'.
[   96.403503][ T7728] loop2: detected capacity change from 0 to 128
[   96.500017][ T7728] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   96.610348][ T3311] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   96.721744][ T7735] loop2: detected capacity change from 0 to 128
[   96.728340][ T7735] EXT4-fs: Ignoring removed nobh option
[   96.736268][ T7735] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   96.758456][ T3311] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   96.883984][ T7744] 9pnet_fd: Insufficient options for proto=fd
[   96.926053][ T7749] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1002'.
[   96.973671][ T7749] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   96.999445][ T7757] loop2: detected capacity change from 0 to 512
[   97.007238][ T7749] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1002'.
[   97.020426][ T7749] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1002'.
[   97.030490][ T7757] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   97.062549][ T7757] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.095896][ T7757] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.1004: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[   97.117040][ T7746] loop1: detected capacity change from 0 to 512
[   97.157780][ T7757] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 12: comm syz.2.1004: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[   97.206374][ T7746] EXT4-fs (loop1): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   97.233923][ T7757] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 13: comm syz.2.1004: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[   97.265040][ T7757] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 14: comm syz.2.1004: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   97.290405][ T7757] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 15: comm syz.2.1004: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   97.315885][ T7746] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   97.315906][ T7757] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 16: comm syz.2.1004: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[   97.364755][ T7757] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 17: comm syz.2.1004: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   97.405309][ T7757] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #2: block 18: comm syz.2.1004: lblock 23 mapped to illegal pblock 18 (length 1)
[   97.430875][ T7796] FAULT_INJECTION: forcing a failure.
[   97.430875][ T7796] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   97.444185][ T7796] CPU: 0 UID: 0 PID: 7796 Comm: syz.4.1015 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   97.444215][ T7796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   97.444228][ T7796] Call Trace:
[   97.444235][ T7796]  <TASK>
[   97.444243][ T7796]  __dump_stack+0x1d/0x30
[   97.444293][ T7796]  dump_stack_lvl+0xe8/0x140
[   97.444320][ T7796]  dump_stack+0x15/0x1b
[   97.444335][ T7796]  should_fail_ex+0x265/0x280
[   97.444355][ T7796]  should_fail_alloc_page+0xf2/0x100
[   97.444378][ T7796]  __alloc_frozen_pages_noprof+0xff/0x360
[   97.444487][ T7796]  alloc_pages_mpol+0xb3/0x250
[   97.444520][ T7796]  alloc_pages_noprof+0x90/0x130
[   97.444606][ T7796]  pgd_alloc+0x51/0x2e0
[   97.444680][ T7796]  mm_init+0x377/0x7f0
[   97.444701][ T7796]  ? kmem_cache_alloc_noprof+0x220/0x310
[   97.444726][ T7796]  copy_mm+0x101/0x370
[   97.444774][ T7796]  copy_process+0xd08/0x2000
[   97.444803][ T7796]  kernel_clone+0x16c/0x5c0
[   97.444826][ T7796]  ? vfs_write+0x7e8/0x960
[   97.444893][ T7796]  __x64_sys_clone+0xe6/0x120
[   97.444922][ T7796]  x64_sys_call+0x119c/0x2ff0
[   97.444942][ T7796]  do_syscall_64+0xd2/0x200
[   97.444966][ T7796]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.445003][ T7796]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   97.445026][ T7796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.445046][ T7796] RIP: 0033:0x7f12dd62ebe9
[   97.445104][ T7796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.445120][ T7796] RSP: 002b:00007f12dc08efe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   97.445198][ T7796] RAX: ffffffffffffffda RBX: 00007f12dd855fa0 RCX: 00007f12dd62ebe9
[   97.445214][ T7796] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400
[   97.445228][ T7796] RBP: 00007f12dc08f090 R08: 0000000000000000 R09: 0000000000000000
[   97.445243][ T7796] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[   97.445257][ T7796] R13: 00007f12dd856038 R14: 00007f12dd855fa0 R15: 00007ffea151f2d8
[   97.445276][ T7796]  </TASK>
[   97.665581][ T7757] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 19: comm syz.2.1004: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   97.687646][ T7757] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 20: comm syz.2.1004: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[   97.688727][ T3300] EXT4-fs (loop1): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[   97.790660][ T7811] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   97.807736][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.815900][ T7815] syz!: rxe_newlink: already configured on team_slave_0
[   97.970290][ T7841] loop4: detected capacity change from 0 to 512
[   98.092122][ T7841] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   98.132318][ T7841] EXT4-fs (loop4): mount failed
[   98.143953][ T7884] syz0: rxe_newlink: already configured on team_slave_0
[   98.194076][ T7841] loop4: detected capacity change from 0 to 1024
[   98.225371][ T7841] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   98.236590][ T7841] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   98.267101][ T5603] udevd[5603]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[   98.287712][ T7841] JBD2: no valid journal superblock found
[   98.293528][ T7841] EXT4-fs (loop4): Could not load journal inode
[   98.564850][ T7931] syz!: rxe_newlink: already configured on team_slave_0
[   98.752999][ T7947] loop4: detected capacity change from 0 to 512
[   98.790756][ T7947] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   98.810349][ T7947] EXT4-fs (loop4): mount failed
[   98.922074][ T7947] loop4: detected capacity change from 0 to 1024
[   98.941713][ T7947] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   98.952878][ T7947] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   98.974977][ T7947] JBD2: no valid journal superblock found
[   98.980931][ T7947] EXT4-fs (loop4): Could not load journal inode
[   99.132182][ T8003] pim6reg: entered allmulticast mode
[   99.140613][ T8003] pim6reg: left allmulticast mode
[   99.367861][ T8055] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   99.406290][ T8055] __nla_validate_parse: 9 callbacks suppressed
[   99.406307][ T8055] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1057'.
[   99.424906][ T8055] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1057'.
[   99.471635][ T8076] netlink: 272 bytes leftover after parsing attributes in process `syz.3.1061'.
[   99.511167][ T8081] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1063'.
[   99.606629][ T8095] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1065'.
[   99.608664][   T29] kauditd_printk_skb: 446 callbacks suppressed
[   99.608714][   T29] audit: type=1400 audit(869.736:10038): avc:  denied  { connect } for  pid=8093 comm="syz.2.1065" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   99.616023][ T8095] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1065'.
[   99.635839][ T8076] loop3: detected capacity change from 0 to 128
[   99.659094][   T29] audit: type=1326 audit(869.788:10039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7985 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12dd62ebe9 code=0x7ffc0000
[   99.659136][   T29] audit: type=1326 audit(869.788:10040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7985 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f12dd62ebe9 code=0x7ffc0000
[   99.659164][   T29] audit: type=1326 audit(869.788:10041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7985 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12dd62ebe9 code=0x7ffc0000
[   99.659203][   T29] audit: type=1326 audit(869.788:10042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7985 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f12dd62ebe9 code=0x7ffc0000
[   99.659243][   T29] audit: type=1326 audit(869.788:10043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7985 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12dd62ebe9 code=0x7ffc0000
[   99.659273][   T29] audit: type=1326 audit(869.788:10044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7985 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f12dd62ebe9 code=0x7ffc0000
[   99.659350][   T29] audit: type=1326 audit(869.788:10045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7985 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12dd62ebe9 code=0x7ffc0000
[   99.659382][   T29] audit: type=1326 audit(869.788:10046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7985 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f12dd62ebe9 code=0x7ffc0000
[   99.659411][   T29] audit: type=1326 audit(869.788:10047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7985 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12dd62ebe9 code=0x7ffc0000
[   99.969508][ T8076] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   99.996462][ T8104] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1068'.
[  100.130080][ T8104] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1068'.
[  100.140471][ T8104] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1068'.
[  100.260367][ T3304] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  101.313592][ T8169] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1073'.
[  101.370673][ T8180] syz0: rxe_newlink: already configured on team_slave_0
[  101.420326][ T8186] loop1: detected capacity change from 0 to 512
[  101.426923][ T8181] loop4: detected capacity change from 0 to 8192
[  101.467494][ T8186] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  101.477589][ T8186] EXT4-fs (loop1): orphan cleanup on readonly fs
[  101.485757][ T8186] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1079: bg 0: block 248: padding at end of block bitmap is not set
[  101.503407][ T8186] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.1079: Failed to acquire dquot type 1
[  101.524316][ T8186] EXT4-fs (loop1): 1 truncate cleaned up
[  101.530281][ T8190] loop3: detected capacity change from 0 to 512
[  101.531633][ T8193] FAULT_INJECTION: forcing a failure.
[  101.531633][ T8193] name failslab, interval 1, probability 0, space 0, times 0
[  101.549602][ T8193] CPU: 1 UID: 0 PID: 8193 Comm: syz.2.1082 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  101.549630][ T8193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  101.549642][ T8193] Call Trace:
[  101.549659][ T8193]  <TASK>
[  101.549667][ T8193]  __dump_stack+0x1d/0x30
[  101.549689][ T8193]  dump_stack_lvl+0xe8/0x140
[  101.549708][ T8193]  dump_stack+0x15/0x1b
[  101.549726][ T8193]  should_fail_ex+0x265/0x280
[  101.549750][ T8193]  ? nf_tables_newtable+0x375/0xea0
[  101.549774][ T8193]  should_failslab+0x8c/0xb0
[  101.549846][ T8193]  __kmalloc_cache_noprof+0x4c/0x320
[  101.549872][ T8193]  ? __nla_validate_parse+0x1652/0x1d00
[  101.549899][ T8193]  nf_tables_newtable+0x375/0xea0
[  101.549979][ T8193]  nfnetlink_rcv+0xb96/0x1690
[  101.550094][ T8193]  netlink_unicast+0x5bd/0x690
[  101.550130][ T8193]  netlink_sendmsg+0x58b/0x6b0
[  101.550151][ T8193]  ? __pfx_netlink_sendmsg+0x10/0x10
[  101.550171][ T8193]  __sock_sendmsg+0x145/0x180
[  101.550199][ T8193]  ____sys_sendmsg+0x31e/0x4e0
[  101.550224][ T8193]  ___sys_sendmsg+0x17b/0x1d0
[  101.550312][ T8193]  __x64_sys_sendmsg+0xd4/0x160
[  101.550335][ T8193]  x64_sys_call+0x191e/0x2ff0
[  101.550354][ T8193]  do_syscall_64+0xd2/0x200
[  101.550410][ T8193]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.550471][ T8193]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  101.550494][ T8193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.550564][ T8193] RIP: 0033:0x7fe594a3ebe9
[  101.550647][ T8193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.550667][ T8193] RSP: 002b:00007fe59349f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  101.550689][ T8193] RAX: ffffffffffffffda RBX: 00007fe594c65fa0 RCX: 00007fe594a3ebe9
[  101.550704][ T8193] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  101.550740][ T8193] RBP: 00007fe59349f090 R08: 0000000000000000 R09: 0000000000000000
[  101.550754][ T8193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.550767][ T8193] R13: 00007fe594c66038 R14: 00007fe594c65fa0 R15: 00007ffca23ec308
[  101.550786][ T8193]  </TASK>
[  101.552374][ T8190] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  101.561903][ T8186] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  101.706555][ T8190] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.718991][ T8186] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.1079: iget: bad i_size value: 360287970189639690
[  101.728634][ T8190] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 3: comm syz.3.1080: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  101.834181][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.859395][ T8190] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 12: comm syz.3.1080: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  101.883629][ T8190] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 13: comm syz.3.1080: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  101.921094][ T8190] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 14: comm syz.3.1080: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  101.948715][ T8190] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 15: comm syz.3.1080: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  101.970405][ T8190] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 16: comm syz.3.1080: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  102.027146][ T8224] loop4: detected capacity change from 0 to 128
[  102.035728][ T8190] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 17: comm syz.3.1080: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  102.073590][ T8190] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #2: block 18: comm syz.3.1080: lblock 23 mapped to illegal pblock 18 (length 1)
[  102.082954][ T8234] loop2: detected capacity change from 0 to 128
[  102.106647][ T8190] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 19: comm syz.3.1080: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  102.123735][ T8234] EXT4-fs: Ignoring removed nobh option
[  102.135847][ T8224] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  102.158787][ T8190] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 20: comm syz.3.1080: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[  102.187306][ T8234] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  102.223306][ T8239] FAULT_INJECTION: forcing a failure.
[  102.223306][ T8239] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  102.239012][ T8239] CPU: 1 UID: 0 PID: 8239 Comm: syz.1.1097 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  102.239034][ T8239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  102.239043][ T8239] Call Trace:
[  102.239050][ T8239]  <TASK>
[  102.239057][ T8239]  __dump_stack+0x1d/0x30
[  102.239085][ T8239]  dump_stack_lvl+0xe8/0x140
[  102.239099][ T8239]  dump_stack+0x15/0x1b
[  102.239207][ T8239]  should_fail_ex+0x265/0x280
[  102.239248][ T8239]  should_fail+0xb/0x20
[  102.239345][ T8239]  should_fail_usercopy+0x1a/0x20
[  102.239368][ T8239]  _copy_to_user+0x20/0xa0
[  102.239450][ T8239]  simple_read_from_buffer+0xb5/0x130
[  102.239514][ T8239]  proc_fail_nth_read+0x10e/0x150
[  102.239544][ T8239]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  102.239592][ T8239]  vfs_read+0x1a8/0x770
[  102.239869][ T8239]  ? __rcu_read_unlock+0x4f/0x70
[  102.239964][ T8239]  ? __fget_files+0x184/0x1c0
[  102.239994][ T8239]  ksys_read+0xda/0x1a0
[  102.240019][ T8239]  __x64_sys_read+0x40/0x50
[  102.240043][ T8239]  x64_sys_call+0x27bc/0x2ff0
[  102.240129][ T8239]  do_syscall_64+0xd2/0x200
[  102.240159][ T8239]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  102.240185][ T8239]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  102.240285][ T8239]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.240311][ T8239] RIP: 0033:0x7f218d7ed5fc
[  102.240329][ T8239] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  102.240350][ T8239] RSP: 002b:00007f218c257030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  102.240419][ T8239] RAX: ffffffffffffffda RBX: 00007f218da15fa0 RCX: 00007f218d7ed5fc
[  102.240433][ T8239] RDX: 000000000000000f RSI: 00007f218c2570a0 RDI: 0000000000000006
[  102.240447][ T8239] RBP: 00007f218c257090 R08: 0000000000000000 R09: 0000000000000000
[  102.240461][ T8239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  102.240473][ T8239] R13: 00007f218da16038 R14: 00007f218da15fa0 R15: 00007ffc361233e8
[  102.240493][ T8239]  </TASK>
[  102.475172][ T3302] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  102.492659][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.515761][ T3311] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  102.529835][ T2992] ==================================================================
[  102.538035][ T2992] BUG: KCSAN: data-race in set_nlink / set_nlink
[  102.544468][ T2992] 
[  102.546807][ T2992] read to 0xffff88810695e518 of 4 bytes by task 6906 on cpu 0:
[  102.554386][ T2992]  set_nlink+0x29/0xb0
[  102.558479][ T2992]  kernfs_iop_permission+0x1e2/0x220
[  102.563783][ T2992]  inode_permission+0x1ca/0x310
[  102.568748][ T2992]  link_path_walk+0x162/0x900
[  102.573435][ T2992]  path_openat+0x1de/0x2170
[  102.577935][ T2992]  do_filp_open+0x109/0x230
[  102.582444][ T2992]  do_sys_openat2+0xa6/0x110
[  102.587048][ T2992]  __x64_sys_openat+0xf2/0x120
[  102.591921][ T2992]  x64_sys_call+0x2e9c/0x2ff0
[  102.596602][ T2992]  do_syscall_64+0xd2/0x200
[  102.601206][ T2992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.607097][ T2992] 
[  102.609423][ T2992] write to 0xffff88810695e518 of 4 bytes by task 2992 on cpu 1:
[  102.617318][ T2992]  set_nlink+0x99/0xb0
[  102.621475][ T2992]  kernfs_iop_permission+0x1e2/0x220
[  102.626853][ T2992]  inode_permission+0x1ca/0x310
[  102.631710][ T2992]  link_path_walk+0x162/0x900
[  102.636568][ T2992]  path_lookupat+0x63/0x2a0
[  102.641248][ T2992]  filename_lookup+0x147/0x340
[  102.646017][ T2992]  vfs_statx+0x9d/0x390
[  102.650176][ T2992]  vfs_fstatat+0x115/0x170
[  102.654598][ T2992]  __se_sys_newfstatat+0x55/0x260
[  102.659805][ T2992]  __x64_sys_newfstatat+0x55/0x70
[  102.664840][ T2992]  x64_sys_call+0x135a/0x2ff0
[  102.669518][ T2992]  do_syscall_64+0xd2/0x200
[  102.674900][ T2992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.680891][ T2992] 
[  102.683217][ T2992] value changed: 0x00000009 -> 0x00000008
[  102.688949][ T2992] 
[  102.691272][ T2992] Reported by Kernel Concurrency Sanitizer on:
[  102.697512][ T2992] CPU: 1 UID: 0 PID: 2992 Comm: udevd Not tainted syzkaller #0 PREEMPT(voluntary) 
[  102.706795][ T2992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  102.717024][ T2992] ==================================================================
[  102.738020][ T8249] loop2: detected capacity change from 0 to 512
[  102.764811][ T8249] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  102.801106][ T8249] EXT4-fs (loop2): mount failed
[  102.813601][ T8249] loop2: detected capacity change from 0 to 1024
[  102.821913][ T8249] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  102.833146][ T8249] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  102.849152][ T8249] JBD2: no valid journal superblock found
[  102.854928][ T8249] EXT4-fs (loop2): Could not load journal inode