last executing test programs:

2.220505601s ago: executing program 4 (id=2128):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = add_key$fscrypt_v1(&(0x7f00000000c0), &(0x7f0000000180)={'fscrypt:', @auto=[0x0, 0x74, 0x0, 0x0, 0x0, 0x62, 0x0, 0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62]}, &(0x7f00000001c0)={0x0, "e2030013d278a1fc4a8d8c8eb43087655e4365991c3e1e6f89550928b7bc882f37d43e4bd36e0000438c04419900"}, 0x48, 0xffffffffffffffff)
keyctl$search(0xa, r1, &(0x7f0000000140)='keyring\x00', &(0x7f0000000300)={'syz', 0x2}, r1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRESOCT=r0, @ANYRES64=r0], 0x0, 0x200, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002105000d40930000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c000100636f756e7465720010000180090001006c617374"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x7}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r7, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r7, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000002c0), 0x1, r6}, 0x38)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8, 0x0, 0x2}, 0x18)
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r9 = semget$private(0x0, 0x4, 0x643)
semctl$SETALL(r9, 0x0, 0x11, &(0x7f0000000300))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000006c0)={<r10=>0xffffffffffffffff})
ioctl$FIDEDUPERANGE(r10, 0xc0189436, &(0x7f00000005c0)=ANY=[@ANYBLOB="fdffffffffcf3b316b9cffffffffffff7f"])

1.934632144s ago: executing program 4 (id=2131):
socket$nl_route(0x10, 0x3, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001900)=@newtaction={0xeb4, 0x30, 0xb, 0x0, 0x0, {}, [{0xea0, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xb, 0x0, 0x0, 0x0, 0x4}}]}, {0x4}, {0xc}, {0xc}}}, @m_pedit={0xe54, 0x2, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x1}, [{}, {}, {}, {0x0, 0x0, 0x0, 0x8db}, {0x0, 0x0, 0x7, 0x3}, {}, {}, {0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {0x0, 0x0, 0x0, 0x3}, {0x40}, {}, {}, {}, {0x400}, {}, {}, {0x0, 0x1000}, {}, {}, {}, {}, {}, {}, {}, {}, {0xd01}, {0x0, 0x0, 0x0, 0x0, 0x3, 0x2000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x9, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {0x6}, {0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x401}, {}, {0x0, 0xfffffffc}, {0x0, 0x0, 0x8001}, {}, {0x0, 0x0, 0xff}, {}, {}, {}, {}, {0x6, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {0x1, 0x0, 0x0, 0x401}, {0x1000000, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {}, {0x0, 0x0, 0x0, 0x1d4ce113}, {}, {0x400}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x1000000}, {}, {0x2}, {0x0, 0x0, 0x0, 0x7}, {0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {0x400000}, {}, {}, {}, {0xfffffffd}, {0x0, 0x0, 0x0, 0x4, 0x4000}, {0x0, 0x1}, {}, {}, {0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {0x0, 0x0, 0x1}, {0x0, 0x3}, {0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x40}], [{}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {0x6}, {}, {}, {}, {0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x721119ea02b29831}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {0x3}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}, @TCA_PEDIT_KEYS_EX={0x4}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xeb4}}, 0x4000)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4400000010000304000000000400000000000000", @ANYRES32=0x0, @ANYBLOB="00000000140000002400128009000100626f6e6400000000140002800500130d0000000008001e"], 0x44}, 0x1, 0x2000000000000000}, 0x0)
ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r0, 0x810, &(0x7f0000000200)=""/45)
bind$unix(r2, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r2, 0x0)
connect$unix(r1, &(0x7f0000000640)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r2, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

1.696163574s ago: executing program 1 (id=2139):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000280)='tlb_flush\x00', r0}, 0x10)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
writev(r2, &(0x7f0000000140)=[{&(0x7f0000000b00)='Yu', 0x2}, {0x0}], 0x2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x10001, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r6, &(0x7f00000002c0)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}, 0x1, 0xfffc}, 0x4000800)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000003080)=@delchain={0x50, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x20, 0x2, [@TCA_FLOWER_INDEV={0x14, 0x2, 'bridge_slave_0\x00'}, @TCA_FLOWER_KEY_IPV4_SRC={0x8, 0xa, @initdev={0xac, 0x1e, 0x0, 0x0}}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000011"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b0000040000000b000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x11, 0x200000000000003, 0x300)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b0000000700000008000000a6ad6a1a05"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r10}, 0x10)
r11 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r11, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r11, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@rdma_args={0x48, 0x114, 0x1, {{0x3, 0x3}, {0x0}, &(0x7f0000000440)=[{&(0x7f0000000a00)=""/4096, 0x1000}], 0x1, 0x51, 0x6}}], 0x48, 0x8004}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000940)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r7}}, 0x24}}, 0x0)
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000200)={@ipv4={'\x00', '\xff\xff', @local}, @loopback, @private2={0xfc, 0x2, '\x00', 0x1}, 0x6, 0x0, 0x8, 0x400, 0x7f, 0x1880000, r7})

1.676993825s ago: executing program 3 (id=2140):
r0 = socket(0x200000000000011, 0x2, 0xd)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r1=>0x0})
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f00000002c0)=0x6, 0x4)
bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$KDGKBSENT(r4, 0x4b48, &(0x7f00000003c0)={0x5, "77cbf1d1337b1454bddb63731116e258dee5ec8f4388ea780cbec8ca54dcfa5a5143bdfc50ba6b6aae5abfd0c68d96c159bce4facd02bf20df99d75a6d3b8e7241c15884dec5759d7fd039c52a9793ae8c9db5f994c708bb2f940519a3033ed3436684c0e26686bd5440e716a4169e6cc7b85ac6057978bd7619a444ff45da9baa4d6fe46b01b58903c7f72b23f703fe03771262c4817c4c3f607fb1308e0533a6aed0253d57011a8365bb53df40e3431ac6691ad845cf3cc01c094c7826ab39f235408dcd961b9deecdb424dea4fb76f73e7793b22f5b114aff632183cb52ebb88865f5ced77fa585fb30cb3bf8a417635be9c4756c6257ccef0abc086953174a9d1e626f20381c9c66dc0f638b35783a68689fbc547367216cd7808397d6556b3249d499b4c96d1d942de97d28ad8a10edd8b4f3b4d6ca27437033cd9a870d20d84ad7d0671e8371c257301726b423b7e39e28dc8b5aabbd4eb33b6894cda9169c4271cbd3e5b545489f45d30b78cd5d3d93e8535ea87d82451b664527dbeab2f2a4fb5fcbe4fb4b6d02993bdaa497da869cdcd538304329d2d0a673068e3b098869215820b22e4ccf00f1205da08273607e829ecf39772aa56fc0637878f879b03d3047beb620ddd1736d9530deb1df386a3ae19858885d2880d0d03318ca121ac6de8448c0920d1348a113004b1801c3d61a4c7892508314b67fe4401c5f"})
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r7)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r5, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0xfffffffe, 0x8}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {}, {0xfff1, 0x4}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x38, 0x2, [@TCA_CGROUP_ACT={0x34}]}}]}, 0x68}}, 0x0)

1.619151819s ago: executing program 3 (id=2141):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x1, 0x0, 0x1, 0xa, 0x21005, 0x9, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000000)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mkdir(0x0, 0x5)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r5 = dup(r4)
write$P9_RLERRORu(r5, &(0x7f0000000780)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
write$binfmt_elf64(r5, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
creat(&(0x7f00000003c0)='./file0\x00', 0x36)

1.610682801s ago: executing program 1 (id=2142):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e) (async)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94) (async, rerun: 64)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4, 0x0, 0x8ece}, 0x18)
lstat(0x0, 0x0) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002cbd701004000000050000000600010005000000080009000200000008000b000000000008000c00020000000c00160004009095"], 0x48}, 0x1, 0x0, 0x0, 0x20008000}, 0x30)

1.535924176s ago: executing program 0 (id=2144):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000080)={[{@bsdgroups}]}, 0xfc, 0x574, &(0x7f0000001980)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUk4gWC3qvS7INJZtuyW5KEwu2B3vxIkUQsSB69+6x+A/4VxS0UKQEPXiJzGY2XZPZNNlumm3384Fp35uZzZvvvvm+fbOzywbQt8bSfwoRL0fEN0nESMu2wcg2jq3tt/Lw+nS6JLG6+ulfSSTZuub+Sfb/oazyUkT89lXEycLmdmtLy3OlSqW8kNXH6/NXxmtLy6cuzZdmy7Ply5NTU2fempp89523uxbr6+f/+f6Tux+e+fr4yne/3D9yO4mzcTjb1hrHE7jRWhmLsew5GYqzG3ac6EJjvSTZ6wOgIwNZng9FOgaMxECW9blWR57moQG77Ms0rYE+lch/6FPNeUDz2r5L18HPjAfvr10AbY5/cO29kRhuXBsdXEn+d2WUXu+OdqH9tI1f/7xzO12i3fsQ+7vQEMAGN25GxOnBwc3jX5KNf507vY19NrbRb68/sJfupvOfN/LmP4X1+U/kzH8O5eRuJx6f/4X7XWimrXT+917u/Hf9ptXoQFZ7oTHnG0ouXqqU07HtxYg4EUP70/pERHyQfxPk88LKvdV27bfO/9Ilbb85F8yO4/7ghvnfTKleevLI1zy4GfFK7vw3We//JKf/0+fj/DbbOFa+82q7bY+Pf3et/hTxWm7/P+rMZOv7k+ON82G8eVZs9vetY7+3a3+v40/7/+DW8Y8mrfdraztv48fhf8vttnV6/u9LPmuU92XrrpXq9YWJiH3Jx5vXTz56bLPe3D+N/8Txrce/vPP/QJrY24z/1tFbrbsO7yz+3ZXGP7Oj/t954d5HX/zQrv3t9f+bjdKJbM12xr/tHuCTPHcAAAAAAADQawoRcTiSQnG9XCgUi2uf7zgaBwuVaq1+8mJ18fJMNL4rOxpDhead7pGWz0NMZJ+HbdYnN9SnIuJIRHw7cKBRL05XKzN7HTwAAAAAAAAAAAAAAAAAAAD0iEMRw3nf/0/9MZD/mDargWfRFj/5DTzn2ud/tqUbv/QE9CSv/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0L/kP/Wsn+f/zuV08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg+nD93Ll1WVx5en07rM1eXFueqV0/NlGtzxfnF6eJ0deFKcbZana2Ui9PV+cf9vUq1emViMhavjdfLtfp4bWn5wnx18XL9wqX50mz5QnnoqUQFAAAAAAAAAAAAAAAAAAAAz5ba0vJcqVIpLygodFQY7I3D6MFCoTcOo8PCXo9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDIfwEAAP//wGE62g==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = socket$inet6(0xa, 0x80003, 0xff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
close(r1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000180), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
pwrite64(0xffffffffffffffff, &(0x7f00000005c0)='\"', 0x1, 0x4fed0)
r2 = syz_io_uring_setup(0x83f, &(0x7f00000000c0)={0x0, 0xa9ee, 0x0, 0x3, 0x8002ae}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x8, 0x109880, 0x12345})
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==")
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x48100, 0x0)
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)

1.526363677s ago: executing program 1 (id=2145):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x1, 0x0, 0x1, 0xa, 0x21005, 0x9, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000000)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mkdir(0x0, 0x5)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70500000800000085"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000780)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
creat(&(0x7f00000003c0)='./file0\x00', 0x36)

1.524588458s ago: executing program 3 (id=2146):
r0 = syz_open_procfs(0x0, 0x0)
lseek(r0, 0x10001, 0x0)

1.438486194s ago: executing program 0 (id=2147):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="020000000400000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0xe, 0x18, &(0x7f00000001c0)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x10}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0014000000b7030000000000008500000083000000bf090000000000005509011d000000009500000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500"/96], &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x75, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_open_procfs(0x0, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8, 0x0, 0x2}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r3, 0x0, 0xffffffffffffffff}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b000100627269646765000018000280"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0x4, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x840)
r9 = socket$netlink(0x10, 0x3, 0x0)
rseq(&(0x7f0000000600)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0)
unshare(0x20000400)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000640)='./file0\x00', 0x810830, &(0x7f00000003c0)=ANY=[], 0x1, 0xa29, &(0x7f0000001800)="$eJzs3U1sXeWZB/D/ubYTY5gkQIZhEJCbMAkGPI7tDMlELJjEvknM+GNkOxLRLAhDnFEat7SklQBVIkhVV0Wt1KqLdoe6ajdIbMqmYtfu2lUXlSpW3aOu0k1dnXuvHX9c+9qJP5Lw+1nX93w8532fc95z75t7c3zecH+Z379sbn6+/rjD+Yu/3IGMuYedHfni408+Kh8f3syedOTl4tdJd5Jq0pnkyaRreGRqcrxNQdeTy0k+T4oke9N43pDLKX6YR27Pf57i52W9a9qz0ZJpZ56vtN0+/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4F5UDI8MDAwWezI6cfH1akNSXWV4ZGqyyPz86jUL2zR8ViR/bzuucGWx+nR3Lwz1/eTB2wFPJKkeydONuafrA5KnO+8//MSBVx7vrNQHFy+KFnlugb0bL/bGe+9ff3NubvadtUPmP2jsw9bkdo85X5sYnZ4cHT9zvlYdnZ6snj55cuD4hXPT1XOjY7XpS9MztfHq8FTtzMzkVLV3+IXq4OnTJ6q1/kuTFyfOj/SP1RYWnvr3oYGBk9XX+v+ndmZqenLi+Gv908MXRsfGRifO12PK1WXMqfJE/O/RmepM7cx4tXr12tzsiRU5daw82GXQYLs9KYOG2gUNDQwNDQ4ODQ1+2Bw9e3HByZdPv3xqYKBzYIWsitimk5Z7y0NrN/OWvn/D3ag0+v98bSyjmcjFvJ5qy5/hjGQqkxlfY31T2f8nxWdHj9fWrbfRfzf6/2Yv37lk9VPlryN5tjnbvUb/vzSDesWtc9u+nxt5L+/net7MXOYym3d2PION/RxrHsitLvd8apnIaKYzmdGM50x9SbW5pJrTOZmTGcgbuZBDmU415zKasdQynUuZzkxq9TNqOFOp5UxmMpmpVNOb4byQagZzOqdzItXU0p9LmczFTOR8RnKmXsrVXKsf9xPr5LgYNLiRoKF1glZ25uUpt7n+v/ag/kuQDdvS92+4G/PN/n9P+9De4Z1ICAAAANhy//q77Dv42G//nBR5pv69/LnRsdqru50WAAAAsIXqV809XT51lVPPdNc//w/sdloAAADAFirqf2NXJOnJocbUwl9C+RIAAAAAHhDlJ/9/Suqf/ZsLfP4HAACAB0z7e+y3jSj6Fm7/W73SeL7SjGjMFT3nRsdq/cOTY68M5lj9LgNJnlldWkdSdNX//ODFHG5EHe5pPPfcLrGss7uMGux/ZTAv5khzR3qfK5+e620ROdSIfL4R+fzSyI4sizxRRgLAg+7IOv3xRvv/F9PXiOh7qt7ldz7Vog8e0LMCwL1icYydvzWHNGvR/zcjnl2r//+PdT7/lxGP5eqhxiUF/Xkrb2cuV9K3cMXBoValLoxG0LgMoa/NtwE9zUsW/nCqkr5V3wd0L+7r0tjZDKWv5TcCS8otFnI40Yjr2J42AICddmTdfnhj/X9fm8//PS4pBIB7yuII9puY+GAzwbPv3NjtfQQAltNLAwAAAAAAAAAAAAAAAAAAAAAAAAAAwNbb0A38f38smZubTTZ02/+92eyAAi0nujeT4foTlWxBPvfFREeSuypnXzbYyqsnXt18u5dtfBe7/KuHmpv/ZfeP/AM3sctvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyIIulotbyS7E0ykOT4zme1fW7udgJbpbrnjjYrbuVW3s2+Lc8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOArrnn//0oazw83FqWzkhxNcjnJ/+52jlvp1m4nsD2K9iFfbwTevv9/JenKfJHORrOn6BoemZocL4sq9pbrv/j4k4/KR/uyV4+qUBZQ1rBscIlmDUuWdC3f6tH6Vj0jszeuf/vtb1ZHztZPzLMz58ZGxs9P/dftwCeKT5NqGo8FC/l+9+hvfrRkcXOghOLTck9bW1nvuXq9I6vr/ZdWW69R7wZcm5sdKmuaqb0+851vXHt3yarHcjh5rjfpXV7T/5ePNWo6vPJ4Lld8WXy/2Jef5nK9/cujUcwXZRPtr+//Q1evzc32v/X23JXFnD5YltOBHEpyJeneeE6H1j4362ddpausdaAeVP462Ka8dS0pcbBSb/pVx/XR+inTs6l9qLZ5fbU57s2MTrRs6R9/6/Ec23RLH2tTY0vFl8Wfigv5Y763ZPyPStn+R9Py1dmiiHrkkjNl6bplL69KI7K+50NLV7yxssw1X5Vsgx/k//Kfi+1fWfL+32yrnXk/WlJj69dFsvnXxS/2r+pRbqv3SAdX9EjNd5+1tmnmebARtUae/5yXGmVu4h3lpXY99ja9/n9W9OavuWn8HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4N5XJB2tlleSo0kOJNlfzleT+ZUxN++gvkpPcSdpbpk7yfn+U6y5o8Wt3Mq72bfTGQEAAAAAAACwPc6OfPHxJx+Vj/r/x3fk3yrNNdWkM8mB4iddwyNTk+NtCupKLi/8l3735nK4XP565Pb85+Xck2022t3LBwDgvvaPAAAA///F9G4J")
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r10 = open(&(0x7f00000000c0)='.\x00', 0x10000, 0x20)
getdents(r10, &(0x7f000001fc00)=""/179, 0xb3)
sendmmsg(r9, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.320884404s ago: executing program 3 (id=2151):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b701000000000000850000006d00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")
socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f0000000200)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
keyctl$revoke(0x3, r1)
prlimit64(0x0, 0xe, 0x0, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10138, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='dlm_unlock_end\x00', r5}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
syz_io_uring_setup(0x3c0a, &(0x7f0000000400)={0x0, 0xc890, 0x2000, 0x4}, 0x0, 0x0)
keyctl$chown(0x4, r1, 0xee01, 0x0)
open(0x0, 0x60840, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7f8ff00000079bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095000000000000000000"], 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffec9, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x4)
socket$inet6_sctp(0xa, 0x5, 0x84)
keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, &(0x7f0000000080)=' hash=', 0x0)

1.320222184s ago: executing program 1 (id=2152):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000280)='tlb_flush\x00', r0}, 0x10)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
writev(r2, &(0x7f0000000140)=[{&(0x7f0000000b00)='Yu', 0x2}, {0x0}], 0x2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x10001, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r6, &(0x7f00000002c0)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}, 0x1, 0xfffc}, 0x4000800)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000003080)=@delchain={0x50, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x20, 0x2, [@TCA_FLOWER_INDEV={0x14, 0x2, 'bridge_slave_0\x00'}, @TCA_FLOWER_KEY_IPV4_SRC={0x8, 0xa, @initdev={0xac, 0x1e, 0x0, 0x0}}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b0000040000000b000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x11, 0x200000000000003, 0x300)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b0000000700000008000000a6ad6a1a05"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r10}, 0x10)
r11 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r11, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r11, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@rdma_args={0x48, 0x114, 0x1, {{0x3, 0x3}, {0x0}, &(0x7f0000000440)=[{&(0x7f0000000a00)=""/4096, 0x1000}], 0x1, 0x51, 0x6}}], 0x48, 0x8004}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000940)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r7}}, 0x24}}, 0x0)
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000200)={@ipv4={'\x00', '\xff\xff', @local}, @loopback, @private2={0xfc, 0x2, '\x00', 0x1}, 0x6, 0x0, 0x8, 0x400, 0x7f, 0x1880000, r7})

932.841045ms ago: executing program 4 (id=2153):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_open_dev$hidraw(&(0x7f00000000c0), 0x18, 0x400100)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@deltfilter={0x24, 0x2d, 0x400, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {0x4, 0xe}, {0x4, 0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x14000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b4000000100009"], 0xb4}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

898.137478ms ago: executing program 1 (id=2154):
syz_io_uring_setup(0x1104, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xfffffffe, 0x21e}, &(0x7f00000003c0)=<r0=>0x0, &(0x7f0000000000)=<r1=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r2 = socket$inet6(0xa, 0x800000000000002, 0x0)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x800714, &(0x7f0000000180)={[{@dioread_nolock}, {@jqfmt_vfsv0}]}, 0xff, 0x4a9, &(0x7f0000000580)="$eJzs3M9rXNUeAPDvnUnS301eX1/fa1+r0SoWfyRNWrULFyoKLhQEXdRlTNJaO22kiWBLsFGkLqXgXlwK/gXu3Ii6EMGtgkspFA1CUxcSub+aZDKZ5menzXw+MJlz5p6Zc773njNz5p7cCaBt9aZ/koidEfFzRHTn2YUFevO7menJ4ZvTk8NJzM6+9nuSlbsxPTlcFi2ft6PIHKlEVD5K4tlkcb3jFy+dHarVRi8U+f6Jc+/0j1+89MSZc0OnR0+Pnh88ceL4sYGnnxp8cl3iTOO6ceD9sYP7X3rj6ivDJ6+++d2XabP2Hcq3z4/jtm42CKiB3nSv/TGbqd/28Arafi/YNS+ddLSwIaxINSLSw9WZjf/uqMbcweuOFz9saeOADZV+Nm1ZevPULLCJJdHqFgCtUX7Qp99/y9sdmnrcFa4/F9EV+fmKmenJ4Zlb8XdEpSjTuYH190bEyam/PktvsdLzEAAAq5DNbR5vNP+rxL7sPl/r2F2sofRExL8iYk9E/Dsi9kbEfyKysv+NiP/lT57tXmb9vXX5xfOfyrWGbV4n6fzvmZib+83Mi7+466kWuV1Z/J3JqTO10aPFPjkSnVvS/ECTOr5+4adPlto2f/6X3tL6y7lg0YBrHXUn6EaGJobWaydc/yDiQEej+JNbKwFpD9gfEQdi8TpWE7vLxJlHvzi4VKHbx9/EOqwzzX4e8Uh+/KeiLv5S0nx9sn9r1EaP9pe9YrHvf7zy6oIHqnPJNcW/DtLjv31h/68r0f1nkq/XdkatNnphfOV1XPnl4yW/06yk/5ddPu3/Xcnr2Zr1D2/lB+q9oYmJCwMRXcnLWZmuomz2+ODcq5X5snwa/5HDjcf/nuI5aQX/j4i0Ex+KiPsi4v6i7Q9ExIMRcbhJ/N8+/9DbTeJPIomWHv+Rhu9/t/p/TzJ/vX4VierZb75aasV8ecf/eExl77W57P3vNpbbwDXuPgAAALgnVCJiZySVvjzduzMqlb6+/H/498b2Sm1sfOKxU2Pvnh/JrxHoic5Keaare9750IFkqnjFPD9YnCsutx8rzht/Wt2W5fuGx2ojLY4d2t2OheM/yvGf+q3a6tYBG871WtC+6sd/pUXtAO685Xz++y4Am1OD8b+tFe0A7jzf/6F9NRr/l+vy5v+wOXUsSvza4CfrgM3I/B/al/EP7cv4h7a0luv6V58oLxZY/etsXfYV/psmcbl5mfIXLzayGdti7pGo3B27pWHi7+LnLe+W9qw5kY6YBY9EJLGhlc79hgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC97J8AAAD//wHu668=")
r3 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r3, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
lseek(r3, 0x5, 0x4)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x1c1042, 0x0)
fallocate(r4, 0x1, 0x6, 0xfff)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', <r5=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@bloom_filter={0x1e, 0x7, 0x40, 0x7, 0x10100, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x0, 0xe}, 0x50)
ioctl$sock_inet6_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f0000000080)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7c, r5})
syz_io_uring_submit(r0, r1, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x1fc, 0x0, 0x1})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2b, '\x00', 0x0, @fallback=0x4, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r6, 0x0, 0xfffffffffffffffc}, 0x18)
sched_setscheduler(0x0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r7 = syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200008, &(0x7f0000000a40)={[{@nolazytime}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7}}, {@sysvgroups}, {@norecovery}, {@jqfmt_vfsv0}, {@orlov}, {@grpjquota}, {@noauto_da_alloc}, {@user_xattr}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ba}, 0x94)
r8 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r8, 0x2007ffc)
sendfile(r8, r8, 0x0, 0x800000009)
r9 = open(&(0x7f0000000340)='./file1\x00', 0x4000, 0x0)
preadv2(r9, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x100000000000000d, 0x0, 0x0, 0x0)
r10 = syz_pidfd_open(r7, 0x0)
process_mrelease(r10, 0x700000000000000)
exit(0x5)

683.631275ms ago: executing program 4 (id=2155):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2)

683.084595ms ago: executing program 4 (id=2156):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000540)='kfree\x00', r2, 0x0, 0x4}, 0x18)
connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @multicast2}, 0x2, 0x0, 0x1}}, 0x2e)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}, 0x2, 0x2}}, 0x26)
close_range(r1, 0xffffffffffffffff, 0x0)

663.231317ms ago: executing program 4 (id=2157):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe3}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200087f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bic\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000001e40)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000ac0)="89e4192d92359cb3ee294530ae76ad6dc4ff20cc3ccc9d41018dd482ad1f395d4e38bd22b6fcae05c49fbdfdf66ae2994f191e9222effcb97205d0aaed4b29919f9e3bab7fdb276ca29501903c98de0b0cc8afca563f94fe69b6927ae594d1b53ad9f4a9f9f5c84a518d37939c84a5bd15048115ac421e9c56866ab6f91b0e8181d8999dd86c0177a971a39bf35b38eb0504bf70c02cc307c62d6f06c80b146153ca56a182831696c8cf46d2b065744e6dd4415ceff773e8d3a45aacc4fd8972cbe77878ce48d531066ec9e4790196e4a17b08ea09d4d3febf6721a44390383c7261e9e09f20c23f95e9c04d3c10220f3962d98b2bd98d5c3e50169a4c0c99f29c7a336489c26259957c4bdeae1c8cdf60d817db09336f680bbe954dc05669c9d48cb0a0488ed2385d935a7166b3187189e08d421903d546126289651db812f9c8754c0dc6f24a22ca988a2ac131cc52d724bb086a53a94e515e09fef354e9ca0daacaa347e96b3efd7c5c4063f6eb0cf55f08ff942780e6846d78410057ca2b845e69eeda4066de60a033e2f3c7e47b2f0c0c4c7da98b1d658c620f70dbe6eb8b5dd90216caa82c91db4c0f7ea02df5d5f8d6815d2d7868e6a6053f31a4fbe8732a1310ca7a79814177a981e5ab68dfeba4fe46ed4c51819be1308f73455e311f511ce4360cc7c24836c9b895ee5ce93cc42dd88f02d91b479c1748339024343700cce897087bbaae4fbd8e2ad5da016265ef097043acaf87504dde24216c805b40cf4d6edf2ae6564182acdf06580dde3fb66ab01625ffadc22f1ac7b97b9dec871edd96e86af127be1ef27548917a49476ce87f1719173369caf69d35d25637f0514e3e06069877968eb874a1c1adc92e760670e42b6cccd2fe0a5f9c543a44b382befc422d4486416b6fabe2f11944a3f08cded6fad9e3304a202d1c58841a6ab78b28a4162db2671d9ea74ee6f3b33a282f42abc911e3245531a34f5567cfcaa1cf762677c9f61d3aa2c4d76210edf440bf53e816d008ab2ea29cf42de9b88442d6b2eec4fbf23f7d23eaab316335dfc2dc10f9148df0b83d92c3a94fb0b49365af5ba599a1ea8e6fc7aea8df9208795cbbdf0af04f5f08fc828cb347a6e9daddbe514675b31e5134c7dfbb060dfc632ad82141ddea4e77e6c63c1843ca6fc820558b7355bae86e106c2be9c9b500c5134ab62444a8423d596bfe0e3b2df47dabf5abe271ae947f48", 0x36b}], 0x1}}], 0x1, 0x40)
sendto$inet(r0, &(0x7f0000000580)="17", 0x1d4c, 0x10048095, 0x0, 0x0)

617.01645ms ago: executing program 2 (id=2158):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe3}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200087f9, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bic\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000001e40)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000ac0)="89e4192d92359cb3ee294530ae76ad6dc4ff20cc3ccc9d41018dd482ad1f395d4e38bd22b6fcae05c49fbdfdf66ae2994f191e9222effcb97205d0aaed4b29919f9e3bab7fdb276ca29501903c98de0b0cc8afca563f94fe69b6927ae594d1b53ad9f4a9f9f5c84a518d37939c84a5bd15048115ac421e9c56866ab6f91b0e8181d8999dd86c0177a971a39bf35b38eb0504bf70c02cc307c62d6f06c80b146153ca56a182831696c8cf46d2b065744e6dd4415ceff773e8d3a45aacc4fd8972cbe77878ce48d531066ec9e4790196e4a17b08ea09d4d3febf6721a44390383c7261e9e09f20c23f95e9c04d3c10220f3962d98b2bd98d5c3e50169a4c0c99f29c7a336489c26259957c4bdeae1c8cdf60d817db09336f680bbe954dc05669c9d48cb0a0488ed2385d935a7166b3187189e08d421903d546126289651db812f9c8754c0dc6f24a22ca988a2ac131cc52d724bb086a53a94e515e09fef354e9ca0daacaa347e96b3efd7c5c4063f6eb0cf55f08ff942780e6846d78410057ca2b845e69eeda4066de60a033e2f3c7e47b2f0c0c4c7da98b1d658c620f70dbe6eb8b5dd90216caa82c91db4c0f7ea02df5d5f8d6815d2d7868e6a6053f31a4fbe8732a1310ca7a79814177a981e5ab68dfeba4fe46ed4c51819be1308f73455e311f511ce4360cc7c24836c9b895ee5ce93cc42dd88f02d91b479c1748339024343700cce897087bbaae4fbd8e2ad5da016265ef097043acaf87504dde24216c805b40cf4d6edf2ae6564182acdf06580dde3fb66ab01625ffadc22f1ac7b97b9dec871edd96e86af127be1ef27548917a49476ce87f1719173369caf69d35d25637f0514e3e06069877968eb874a1c1adc92e760670e42b6cccd2fe0a5f9c543a44b382befc422d4486416b6fabe2f11944a3f08cded6fad9e3304a202d1c58841a6ab78b28a4162db2671d9ea74ee6f3b33a282f42abc911e3245531a34f5567cfcaa1cf762677c9f61d3aa2c4d76210edf440bf53e816d008ab2ea29cf42de9b88442d6b2eec4fbf23f7d23eaab316335dfc2dc10f9148df0b83d92c3a94fb0b49365af5ba599a1ea8e6fc7aea8df9208795cbbdf0af04f5f08fc828cb347a6e9daddbe514675b31e5134c7dfbb060dfc632ad82141ddea4e77e6c63c1843ca6fc820558b7355bae86e106c2be9c9b500c5134ab62444a8423d596bfe0e3b2df47dabf5abe271ae947f48", 0x36b}], 0x1}}], 0x1, 0x40)
sendto$inet(r0, &(0x7f0000000580)="17", 0x1d4c, 0x10048095, 0x0, 0x0)

586.623713ms ago: executing program 2 (id=2159):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x1, 0x0, 0x1, 0xa, 0x21005, 0x9, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000000)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70500000800000085"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r5 = dup(r4)
write$P9_RLERRORu(r5, &(0x7f0000000780)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
write$binfmt_elf64(r5, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
creat(&(0x7f00000003c0)='./file0\x00', 0x36)

515.107889ms ago: executing program 0 (id=2160):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000280)='tlb_flush\x00', r0}, 0x10)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
writev(r1, &(0x7f0000000140)=[{&(0x7f0000000b00)='Yu', 0x2}, {0x0}], 0x2)
r2 = socket$nl_route(0x10, 0x3, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x10001, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r5, &(0x7f00000002c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r6, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}, 0x1, 0xfffc}, 0x4000800)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000003080)=@delchain={0x50, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x20, 0x2, [@TCA_FLOWER_INDEV={0x14, 0x2, 'bridge_slave_0\x00'}, @TCA_FLOWER_KEY_IPV4_SRC={0x8, 0xa, @initdev={0xac, 0x1e, 0x0, 0x0}}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b0000040000000b000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000940)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r6}}, 0x24}}, 0x0)

465.622103ms ago: executing program 2 (id=2161):
r0 = syz_open_procfs(0x0, 0x0)
lseek(r0, 0x10001, 0x0)

386.412849ms ago: executing program 2 (id=2162):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000280)='tlb_flush\x00', r0}, 0x10)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
writev(r1, &(0x7f0000000140)=[{&(0x7f0000000b00)='Yu', 0x2}, {0x0}], 0x2)
socket$nl_route(0x10, 0x3, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x10001, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f00000002c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}, 0x1, 0xfffc}, 0x4000800)
sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000003080)=@delchain={0x48, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_INDEV={0x14, 0x2, 'bridge_slave_0\x00'}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)

385.259029ms ago: executing program 2 (id=2163):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000200)='cpuset.mem_hardwall\x00', 0x2, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x5})
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x92b, 0x1, 0x5)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
epoll_create(0x0)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x3938700}}, 0x0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYRES64=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
setpgid(r1, r1)
setuid(0xee00)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000b40)='./file1\x00', 0x0, 0x100, 0x12345})
r2 = syz_io_uring_setup(0x81f, &(0x7f0000000480)={0x0, 0x0, 0x10, 0x1, 0x34f}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffff9, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1fffffffffffffaa, &(0x7f0000000200)=[{0x30, 0x9, 0x0, 0x6}]}, 0xfffffffffffffdf1)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1000001)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r2, 0x47bc, 0x0, 0x21, 0x0, 0x0)
setpgid(0x0, r1)
wait4(0x0, 0x0, 0x8, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x18)
sched_getscheduler(r1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6gre0\x00', 0x210})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89f1, &(0x7f0000000080))

360.744141ms ago: executing program 0 (id=2164):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x14010, &(0x7f0000001280)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES32], 0x1, 0x11ee, &(0x7f0000003680)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x200000c0, 0xffffffff, 0xfffffff8}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0xb}]})
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
close(r4)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x99, 0x0, 0x0, 0x0, 0x0, 0x1, 0x26a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb3ff, 0x0, @perf_config_ext={0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
eventfd(0x0)
r5 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x2)
sendfile(r5, r5, 0x0, 0x800000009)

163.073617ms ago: executing program 0 (id=2165):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f0000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0xbc3, &(0x7f0000000480)={0x0, 0x1568, 0x11080, 0x0, 0x264}, &(0x7f0000000000)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, &(0x7f00000005c0)=[{&(0x7f0000000240)="5db5bd", 0x3}], 0x10000000000002a8, 0x8, 0x1, {0x2}})
io_uring_enter(r2, 0x47f8, 0x0, 0x0, 0x0, 0x0)

101.566012ms ago: executing program 0 (id=2166):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x50, &(0x7f0000000000)={&(0x7f00000084c0)=ANY=[@ANYBLOB="140000001000010000000200000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020025642532000000000900010073797a30000000000800054000000002"], 0x40c4}}, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0x4, 0x7, 0x50000}]})
syz_clone(0xb44040, 0x0, 0x0, 0x0, 0x0, 0x0)
io_uring_setup(0x13ec, &(0x7f0000000300)={0x0, 0x0, 0x440, 0x1, 0x2c3})
tkill(0x0, 0x1b)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x4b, &(0x7f0000000100)=0x4, 0x4)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x2}, 0x1c)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x11, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x137b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GENEVE_PORT={0x6, 0x5, 0x4e20}, @IFLA_GENEVE_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x40800)

69.636034ms ago: executing program 2 (id=2167):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'ip6tnl0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0x0, 0x4}, {0xffff, 0xffff}, {0xd, 0xf}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x4}, @TCA_CAKE_MEMORY={0x8, 0xa, 0x47}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40044004}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'veth0_vlan\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x3a, &(0x7f0000000580)={&(0x7f0000000680)=ANY=[@ANYBLOB="8c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000005000128009000100766c616e0000000040000280060001000000000004000480280003800c00010040000000060000000c0001000004000000000000d8fd010006000000090000000600050088a8000008000a00", @ANYRES32=r5, @ANYBLOB="08000500", @ANYRES32=r5], 0x8c}, 0x1, 0xba01, 0x0, 0x4004001}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfee6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x2, 0x1000000000000005, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x30, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kfree\x00', r7, 0x0, 0x40}, 0x18)
r8 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x4885, 0x100, 0x4, 0x1d}, &(0x7f0000000340)=<r9=>0x0, &(0x7f0000000600)=<r10=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r8, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0x6, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r11 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_io_uring_submit(r9, r10, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r11, 0x0, 0x0, 0x0, 0x12321, 0x1, {0x1}})
io_uring_enter(r8, 0x3516, 0x0, 0x0, 0x0, 0x0)

1.33991ms ago: executing program 3 (id=2168):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @multicast2}, 0x2, 0x0, 0x1}}, 0x2e)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}, 0x2, 0x2}}, 0x26)
close_range(r1, 0xffffffffffffffff, 0x0)

547.24µs ago: executing program 1 (id=2169):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x6, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000fdffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0xff2e)
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x60ae0}], 0x1, 0x0, 0xd66}, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x2, &(0x7f00000000c0), 0x31}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='kmem_cache_free\x00', r3}, 0x18)
close(0xffffffffffffffff)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4, "0040001e1d113c812e5d6000"})
r4 = syz_open_pts(r1, 0x0)
dup3(r4, r1, 0x0)
ppoll(&(0x7f0000000000)=[{r1, 0x4}], 0x1, 0x0, 0x0, 0x0)
ioctl$TCSETSF(r4, 0x5404, &(0x7f0000000180)={0xd, 0x8, 0xfffffffc, 0xb6b, 0x4, "aa00003986b9ee6bd231334c1a280d7ea400"})

0s ago: executing program 3 (id=2170):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000340)=ANY=[@ANYBLOB="00000000050800"])
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, 0x0, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0xc048)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a0b0400000000000000000200000038000480340001800b00010074617267657400002400028010000100434f4e4e5345434d41524b0005000300ef00000008000240000000000900010073797a30000000000900020073797a32"], 0xa0}, 0x1, 0x0, 0x0, 0x40000}, 0x44110)

kernel console output (not intermixed with test programs):

apacity change from 0 to 512
[  118.161303][ T7837] ext4 filesystem being mounted at /317/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.333957][ T7860] loop4: detected capacity change from 0 to 1024
[  118.348892][ T7863] loop1: detected capacity change from 0 to 1024
[  118.395232][ T7869] loop3: detected capacity change from 0 to 1024
[  118.471702][ T7876] loop2: detected capacity change from 0 to 1024
[  118.629436][   T31] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  118.653637][ T7890] loop4: detected capacity change from 0 to 1024
[  118.663156][   T31] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  118.675654][   T31] EXT4-fs (loop3): This should not happen!! Data will be lost
[  118.675654][   T31] 
[  118.686207][   T31] EXT4-fs (loop3): Total free blocks count 0
[  118.692455][   T31] EXT4-fs (loop3): Free/Dirty block details
[  118.698402][   T31] EXT4-fs (loop3): free_blocks=68451041280
[  118.704295][   T31] EXT4-fs (loop3): dirty_blocks=320
[  118.710433][   T31] EXT4-fs (loop3): Block reservation details
[  118.716588][   T31] EXT4-fs (loop3): i_reserved_data_blocks=20
[  118.746017][   T31] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  118.772385][   T31] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  118.784992][   T31] EXT4-fs (loop2): This should not happen!! Data will be lost
[  118.784992][   T31] 
[  118.794787][   T31] EXT4-fs (loop2): Total free blocks count 0
[  118.800934][   T31] EXT4-fs (loop2): Free/Dirty block details
[  118.806928][   T31] EXT4-fs (loop2): free_blocks=68451041280
[  118.813428][   T31] EXT4-fs (loop2): dirty_blocks=320
[  118.818661][   T31] EXT4-fs (loop2): Block reservation details
[  118.824688][   T31] EXT4-fs (loop2): i_reserved_data_blocks=20
[  118.863715][ T7904] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1569'.
[  118.929122][ T7910] netlink: 'syz.0.1572': attribute type 30 has an invalid length.
[  118.937576][ T7910] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  118.946741][ T7910] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  118.975351][ T7912] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1573'.
[  118.991087][ T7915] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1574'.
[  119.031698][ T1874] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  119.039130][ T7915] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1574'.
[  119.047864][ T7916] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1573'.
[  119.066200][ T1874] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  119.078632][ T1874] EXT4-fs (loop4): This should not happen!! Data will be lost
[  119.078632][ T1874] 
[  119.088354][ T1874] EXT4-fs (loop4): Total free blocks count 0
[  119.094355][ T1874] EXT4-fs (loop4): Free/Dirty block details
[  119.100290][ T1874] EXT4-fs (loop4): free_blocks=68451041280
[  119.106148][ T1874] EXT4-fs (loop4): dirty_blocks=320
[  119.111379][ T1874] EXT4-fs (loop4): Block reservation details
[  119.117411][ T1874] EXT4-fs (loop4): i_reserved_data_blocks=20
[  119.138704][ T7918] loop4: detected capacity change from 0 to 1024
[  119.212146][ T7928] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1579'.
[  119.237259][ T1874] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  119.252625][ T1874] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  119.265677][ T1874] EXT4-fs (loop4): This should not happen!! Data will be lost
[  119.265677][ T1874] 
[  119.275388][ T1874] EXT4-fs (loop4): Total free blocks count 0
[  119.281544][ T1874] EXT4-fs (loop4): Free/Dirty block details
[  119.288010][ T1874] EXT4-fs (loop4): free_blocks=68451041280
[  119.293859][ T1874] EXT4-fs (loop4): dirty_blocks=320
[  119.299081][ T1874] EXT4-fs (loop4): Block reservation details
[  119.305056][ T1874] EXT4-fs (loop4): i_reserved_data_blocks=20
[  119.371434][ T7938] loop3: detected capacity change from 0 to 1024
[  119.381723][ T7940] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7940 comm=syz.4.1584
[  119.571467][   T37] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  119.587956][   T37] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  119.600446][   T37] EXT4-fs (loop3): This should not happen!! Data will be lost
[  119.600446][   T37] 
[  119.610134][   T37] EXT4-fs (loop3): Total free blocks count 0
[  119.616154][   T37] EXT4-fs (loop3): Free/Dirty block details
[  119.622100][   T37] EXT4-fs (loop3): free_blocks=68451041280
[  119.627969][   T37] EXT4-fs (loop3): dirty_blocks=320
[  119.633189][   T37] EXT4-fs (loop3): Block reservation details
[  119.639227][   T37] EXT4-fs (loop3): i_reserved_data_blocks=20
[  119.845776][ T7977] FAULT_INJECTION: forcing a failure.
[  119.845776][ T7977] name failslab, interval 1, probability 0, space 0, times 0
[  119.859152][ T7977] CPU: 0 UID: 0 PID: 7977 Comm: syz.0.1600 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  119.859236][ T7977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  119.859253][ T7977] Call Trace:
[  119.859260][ T7977]  <TASK>
[  119.859269][ T7977]  __dump_stack+0x1d/0x30
[  119.859335][ T7977]  dump_stack_lvl+0xe8/0x140
[  119.859359][ T7977]  dump_stack+0x15/0x1b
[  119.859379][ T7977]  should_fail_ex+0x265/0x280
[  119.859404][ T7977]  should_failslab+0x8c/0xb0
[  119.859496][ T7977]  kmem_cache_alloc_noprof+0x50/0x310
[  119.859749][ T7977]  ? getname_flags+0x80/0x3b0
[  119.859779][ T7977]  getname_flags+0x80/0x3b0
[  119.859849][ T7977]  do_sys_openat2+0x60/0x110
[  119.859889][ T7977]  __x64_sys_open+0xe6/0x110
[  119.859927][ T7977]  x64_sys_call+0x1457/0x2ff0
[  119.859954][ T7977]  do_syscall_64+0xd2/0x200
[  119.860046][ T7977]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  119.860123][ T7977]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  119.860147][ T7977]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.860165][ T7977] RIP: 0033:0x7f712aebebe9
[  119.860178][ T7977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.860194][ T7977] RSP: 002b:00007f712991f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  119.860287][ T7977] RAX: ffffffffffffffda RBX: 00007f712b0f5fa0 RCX: 00007f712aebebe9
[  119.860298][ T7977] RDX: 0000000000000040 RSI: 0000000000000300 RDI: 00002000000001c0
[  119.860309][ T7977] RBP: 00007f712991f090 R08: 0000000000000000 R09: 0000000000000000
[  119.860319][ T7977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  119.860330][ T7977] R13: 00007f712b0f6038 R14: 00007f712b0f5fa0 R15: 00007fffaf7881e8
[  119.860350][ T7977]  </TASK>
[  120.395623][ T7992] __nla_validate_parse: 6 callbacks suppressed
[  120.395640][ T7992] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1606'.
[  120.417678][ T7997] netlink: 'syz.0.1608': attribute type 30 has an invalid length.
[  120.425688][ T7997] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  120.435460][ T7997] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  120.467756][ T8001] loop1: detected capacity change from 0 to 1024
[  120.502916][ T8006] FAULT_INJECTION: forcing a failure.
[  120.502916][ T8006] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  120.516187][ T8006] CPU: 1 UID: 0 PID: 8006 Comm: syz.4.1611 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  120.516212][ T8006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  120.516228][ T8006] Call Trace:
[  120.516234][ T8006]  <TASK>
[  120.516243][ T8006]  __dump_stack+0x1d/0x30
[  120.516294][ T8006]  dump_stack_lvl+0xe8/0x140
[  120.516317][ T8006]  dump_stack+0x15/0x1b
[  120.516337][ T8006]  should_fail_ex+0x265/0x280
[  120.516363][ T8006]  should_fail+0xb/0x20
[  120.516385][ T8006]  should_fail_usercopy+0x1a/0x20
[  120.516448][ T8006]  strncpy_from_user+0x25/0x230
[  120.516484][ T8006]  ? kmem_cache_alloc_noprof+0x186/0x310
[  120.516544][ T8006]  ? getname_flags+0x80/0x3b0
[  120.516573][ T8006]  getname_flags+0xae/0x3b0
[  120.516599][ T8006]  user_path_at+0x28/0x130
[  120.516699][ T8006]  __se_sys_name_to_handle_at+0xff/0x630
[  120.516754][ T8006]  ? __bpf_trace_sys_enter+0x10/0x30
[  120.516781][ T8006]  ? trace_sys_enter+0xd0/0xf0
[  120.516816][ T8006]  __x64_sys_name_to_handle_at+0x67/0x80
[  120.516852][ T8006]  x64_sys_call+0x1552/0x2ff0
[  120.516888][ T8006]  do_syscall_64+0xd2/0x200
[  120.516912][ T8006]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  120.516977][ T8006]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  120.517120][ T8006]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.517200][ T8006] RIP: 0033:0x7fe552a5ebe9
[  120.517219][ T8006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.517273][ T8006] RSP: 002b:00007fe5514bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000012f
[  120.517297][ T8006] RAX: ffffffffffffffda RBX: 00007fe552c95fa0 RCX: 00007fe552a5ebe9
[  120.517311][ T8006] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  120.517324][ T8006] RBP: 00007fe5514bf090 R08: 0000000000000000 R09: 0000000000000000
[  120.517339][ T8006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.517354][ T8006] R13: 00007fe552c96038 R14: 00007fe552c95fa0 R15: 00007ffdbbe96958
[  120.517377][ T8006]  </TASK>
[  120.879206][ T8031] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1615'.
[  120.911499][ T8031] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1615'.
[  120.975835][ T8037] FAULT_INJECTION: forcing a failure.
[  120.975835][ T8037] name failslab, interval 1, probability 0, space 0, times 0
[  120.988730][ T8037] CPU: 0 UID: 0 PID: 8037 Comm: syz.3.1618 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  120.988822][ T8037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  120.988834][ T8037] Call Trace:
[  120.988858][ T8037]  <TASK>
[  120.988864][ T8037]  __dump_stack+0x1d/0x30
[  120.988957][ T8037]  dump_stack_lvl+0xe8/0x140
[  120.988981][ T8037]  dump_stack+0x15/0x1b
[  120.989007][ T8037]  should_fail_ex+0x265/0x280
[  120.989033][ T8037]  should_failslab+0x8c/0xb0
[  120.989060][ T8037]  kmem_cache_alloc_noprof+0x50/0x310
[  120.989094][ T8037]  ? alloc_empty_file+0x76/0x200
[  120.989240][ T8037]  alloc_empty_file+0x76/0x200
[  120.989273][ T8037]  alloc_file_pseudo+0xc6/0x160
[  120.989348][ T8037]  sock_alloc_file+0x9c/0x1e0
[  120.989385][ T8037]  __sys_socketpair+0x23d/0x430
[  120.989455][ T8037]  __x64_sys_socketpair+0x52/0x60
[  120.989604][ T8037]  x64_sys_call+0x2bf2/0x2ff0
[  120.989627][ T8037]  do_syscall_64+0xd2/0x200
[  120.989661][ T8037]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  120.989691][ T8037]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  120.989731][ T8037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.989757][ T8037] RIP: 0033:0x7f25c9ee0b3a
[  120.989775][ T8037] Code: 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 35 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.989876][ T8037] RSP: 002b:00007f25c8946f78 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  120.989935][ T8037] RAX: ffffffffffffffda RBX: 00007f25ca115f00 RCX: 00007f25c9ee0b3a
[  120.989951][ T8037] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[  120.989966][ T8037] RBP: 00007f25c8947090 R08: 0000000000000000 R09: 0000000000000000
[  120.989977][ T8037] R10: 00007f25c8946f98 R11: 0000000000000246 R12: 0000000000000001
[  120.989988][ T8037] R13: 00007f25ca116038 R14: 00007f25ca115fa0 R15: 00007fff02b0d478
[  120.990011][ T8037]  </TASK>
[  121.399711][ T8044] netlink: 'syz.0.1621': attribute type 3 has an invalid length.
[  121.511219][ T8054] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1625'.
[  121.533855][ T8054] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1625'.
[  121.692849][ T8063] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1627'.
[  121.719852][ T8063] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1627'.
[  121.771213][ T8069] loop3: detected capacity change from 0 to 1024
[  121.854498][ T8073] netlink: 'syz.2.1631': attribute type 30 has an invalid length.
[  121.862680][ T8073] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  121.872610][ T8073] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  121.911219][  T420] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  121.926258][  T420] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  121.938743][  T420] EXT4-fs (loop3): This should not happen!! Data will be lost
[  121.938743][  T420] 
[  121.948431][  T420] EXT4-fs (loop3): Total free blocks count 0
[  121.954442][  T420] EXT4-fs (loop3): Free/Dirty block details
[  121.960489][  T420] EXT4-fs (loop3): free_blocks=68451041280
[  121.966311][  T420] EXT4-fs (loop3): dirty_blocks=320
[  121.971583][  T420] EXT4-fs (loop3): Block reservation details
[  121.977599][  T420] EXT4-fs (loop3): i_reserved_data_blocks=20
[  121.997279][ T8079] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1633'.
[  122.009177][ T8079] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1633'.
[  122.034311][   T29] kauditd_printk_skb: 224 callbacks suppressed
[  122.034329][   T29] audit: type=1400 audit(1756698922.882:12734): avc:  denied  { create } for  pid=8081 comm="syz.3.1634" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  122.308160][ T8088] netlink: 'syz.0.1635': attribute type 10 has an invalid length.
[  122.316052][ T8088] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1635'.
[  122.653553][   T29] audit: type=1400 audit(1756698923.502:12735): avc:  denied  { getopt } for  pid=8103 comm="syz.4.1641" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  122.718879][   T29] audit: type=1400 audit(1756698923.532:12736): avc:  denied  { setopt } for  pid=8103 comm="syz.4.1641" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  122.780171][   T29] audit: type=1326 audit(1756698923.602:12737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8110 comm="syz.1.1643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  122.803830][   T29] audit: type=1326 audit(1756698923.602:12738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8110 comm="syz.1.1643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  122.827432][   T29] audit: type=1326 audit(1756698923.602:12739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8110 comm="syz.1.1643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  122.850872][   T29] audit: type=1326 audit(1756698923.602:12740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8110 comm="syz.1.1643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  122.874427][   T29] audit: type=1326 audit(1756698923.602:12741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8110 comm="syz.1.1643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  122.898032][   T29] audit: type=1326 audit(1756698923.602:12742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8110 comm="syz.1.1643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  122.921685][   T29] audit: type=1326 audit(1756698923.602:12743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8110 comm="syz.1.1643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  123.213573][ T8135] loop1: detected capacity change from 0 to 1024
[  123.231554][ T8131] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  123.238193][ T8131] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  123.245934][ T8131] vhci_hcd vhci_hcd.0: Device attached
[  123.342000][ T8133] 9pnet: p9_errstr2errno: server reported unknown error 
[  123.412628][   T31] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  123.432013][ T8146] loop0: detected capacity change from 0 to 512
[  123.439739][   T31] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  123.445929][ T8146] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  123.452141][   T31] EXT4-fs (loop1): This should not happen!! Data will be lost
[  123.452141][   T31] 
[  123.452160][   T31] EXT4-fs (loop1): Total free blocks count 0
[  123.452175][   T31] EXT4-fs (loop1): Free/Dirty block details
[  123.452189][   T31] EXT4-fs (loop1): free_blocks=68451041280
[  123.452234][   T31] EXT4-fs (loop1): dirty_blocks=320
[  123.452248][   T31] EXT4-fs (loop1): Block reservation details
[  123.452261][   T31] EXT4-fs (loop1): i_reserved_data_blocks=20
[  123.506086][   T36] usb 5-1: new low-speed USB device number 2 using vhci_hcd
[  123.516471][ T8146] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.1657: corrupted in-inode xattr: overlapping e_value 
[  123.533708][ T8146] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1657: couldn't read orphan inode 15 (err -117)
[  123.843158][ T8175] loop4: detected capacity change from 0 to 1024
[  123.861308][ T8136] vhci_hcd: connection reset by peer
[  123.866918][ T1874] vhci_hcd: stop threads
[  123.871255][ T1874] vhci_hcd: release socket
[  123.875705][ T1874] vhci_hcd: disconnect device
[  123.886140][ T8181] loop3: detected capacity change from 0 to 1024
[  123.975276][ T8190] FAULT_INJECTION: forcing a failure.
[  123.975276][ T8190] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.988478][ T8190] CPU: 0 UID: 0 PID: 8190 Comm: syz.1.1671 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  123.988507][ T8190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  123.988521][ T8190] Call Trace:
[  123.988528][ T8190]  <TASK>
[  123.988535][ T8190]  __dump_stack+0x1d/0x30
[  123.988567][ T8190]  dump_stack_lvl+0xe8/0x140
[  123.988587][ T8190]  dump_stack+0x15/0x1b
[  123.988615][ T8190]  should_fail_ex+0x265/0x280
[  123.988637][ T8190]  should_fail+0xb/0x20
[  123.988656][ T8190]  should_fail_usercopy+0x1a/0x20
[  123.988702][ T8190]  _copy_from_user+0x1c/0xb0
[  123.988793][ T8190]  set_selection_user+0x4a/0xe0
[  123.988836][ T8190]  tioclinux+0x347/0x460
[  123.988902][ T8190]  vt_ioctl+0x75f/0x1880
[  123.988931][ T8190]  ? tty_jobctrl_ioctl+0x29e/0x810
[  123.988959][ T8190]  tty_ioctl+0x7db/0xb80
[  123.988990][ T8190]  ? __pfx_tty_ioctl+0x10/0x10
[  123.989024][ T8190]  __se_sys_ioctl+0xcb/0x140
[  123.989043][ T8190]  __x64_sys_ioctl+0x43/0x50
[  123.989087][ T8190]  x64_sys_call+0x1816/0x2ff0
[  123.989109][ T8190]  do_syscall_64+0xd2/0x200
[  123.989169][ T8190]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  123.989194][ T8190]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  123.989243][ T8190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.989265][ T8190] RIP: 0033:0x7fa11ac8ebe9
[  123.989281][ T8190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.989301][ T8190] RSP: 002b:00007fa1196f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  123.989321][ T8190] RAX: ffffffffffffffda RBX: 00007fa11aec5fa0 RCX: 00007fa11ac8ebe9
[  123.989334][ T8190] RDX: 0000200000001900 RSI: 000000000000541c RDI: 0000000000000003
[  123.989346][ T8190] RBP: 00007fa1196f7090 R08: 0000000000000000 R09: 0000000000000000
[  123.989402][ T8190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.989414][ T8190] R13: 00007fa11aec6038 R14: 00007fa11aec5fa0 R15: 00007ffeb8f79168
[  123.989434][ T8190]  </TASK>
[  124.222587][  T363] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  124.252028][  T363] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  124.264489][  T363] EXT4-fs (loop4): This should not happen!! Data will be lost
[  124.264489][  T363] 
[  124.274232][  T363] EXT4-fs (loop4): Total free blocks count 0
[  124.280310][  T363] EXT4-fs (loop4): Free/Dirty block details
[  124.286219][  T363] EXT4-fs (loop4): free_blocks=68451041280
[  124.292085][  T363] EXT4-fs (loop4): dirty_blocks=320
[  124.297312][  T363] EXT4-fs (loop4): Block reservation details
[  124.303347][  T363] EXT4-fs (loop4): i_reserved_data_blocks=20
[  124.743063][ T8215] FAULT_INJECTION: forcing a failure.
[  124.743063][ T8215] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  124.756309][ T8215] CPU: 1 UID: 0 PID: 8215 Comm: syz.2.1681 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  124.756342][ T8215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  124.756414][ T8215] Call Trace:
[  124.756423][ T8215]  <TASK>
[  124.756432][ T8215]  __dump_stack+0x1d/0x30
[  124.756457][ T8215]  dump_stack_lvl+0xe8/0x140
[  124.756489][ T8215]  dump_stack+0x15/0x1b
[  124.756507][ T8215]  should_fail_ex+0x265/0x280
[  124.756550][ T8215]  should_fail+0xb/0x20
[  124.756566][ T8215]  should_fail_usercopy+0x1a/0x20
[  124.756590][ T8215]  strncpy_from_user+0x25/0x230
[  124.756617][ T8215]  ? kmem_cache_alloc_noprof+0x186/0x310
[  124.756698][ T8215]  ? getname_flags+0x80/0x3b0
[  124.756733][ T8215]  getname_flags+0xae/0x3b0
[  124.756760][ T8215]  __x64_sys_renameat2+0x5f/0x90
[  124.756824][ T8215]  x64_sys_call+0x3f9/0x2ff0
[  124.756852][ T8215]  do_syscall_64+0xd2/0x200
[  124.756890][ T8215]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  124.756984][ T8215]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  124.757018][ T8215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.757039][ T8215] RIP: 0033:0x7fbb242cebe9
[  124.757066][ T8215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.757083][ T8215] RSP: 002b:00007fbb22d2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  124.757136][ T8215] RAX: ffffffffffffffda RBX: 00007fbb24505fa0 RCX: 00007fbb242cebe9
[  124.757155][ T8215] RDX: ffffffffffffff9c RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  124.757171][ T8215] RBP: 00007fbb22d2f090 R08: 0000000000000000 R09: 0000000000000000
[  124.757186][ T8215] R10: 0000200000000440 R11: 0000000000000246 R12: 0000000000000001
[  124.757200][ T8215] R13: 00007fbb24506038 R14: 00007fbb24505fa0 R15: 00007fffdd4c9728
[  124.757219][ T8215]  </TASK>
[  125.071081][ T8223] program syz.4.1684 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  125.132962][ T8227] loop4: detected capacity change from 0 to 1024
[  125.252812][ T8234] netlink: 'syz.3.1688': attribute type 3 has an invalid length.
[  125.343112][  T420] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  125.371654][  T420] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  125.384128][  T420] EXT4-fs (loop4): This should not happen!! Data will be lost
[  125.384128][  T420] 
[  125.394650][  T420] EXT4-fs (loop4): Total free blocks count 0
[  125.400761][  T420] EXT4-fs (loop4): Free/Dirty block details
[  125.406692][  T420] EXT4-fs (loop4): free_blocks=68451041280
[  125.412581][  T420] EXT4-fs (loop4): dirty_blocks=320
[  125.418735][  T420] EXT4-fs (loop4): Block reservation details
[  125.424753][  T420] EXT4-fs (loop4): i_reserved_data_blocks=20
[  125.454679][ T8244] __nla_validate_parse: 11 callbacks suppressed
[  125.454697][ T8244] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1689'.
[  125.711353][ T8251] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1695'.
[  125.794049][ T8251] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1695'.
[  125.960837][ T8256] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1697'.
[  125.969892][ T8256] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1697'.
[  126.057963][ T8260] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1696'.
[  126.082512][ T8260] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0'
[  126.658412][ T8264] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1699'.
[  126.667377][ T8264] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1699'.
[  126.757619][ T8267] 9pnet: Could not find request transport: r
[  126.830393][ T8275] netlink: 'syz.3.1704': attribute type 1 has an invalid length.
[  126.914713][ T8285] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1707'.
[  126.959093][ T8285] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1707'.
[  127.109912][ T8299] 0��{X��: renamed from gretap0 (while UP)
[  127.133546][ T8299] 0��{X��: entered allmulticast mode
[  127.154671][ T8299] A link change request failed with some changes committed already. Interface 
30��{X�� may have been left with an inconsistent configuration, please check.
[  127.199724][   T29] kauditd_printk_skb: 170 callbacks suppressed
[  127.199743][   T29] audit: type=1400 audit(1756698928.052:12912): avc:  denied  { bind } for  pid=8296 comm="syz.3.1711" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  127.240793][   T29] audit: type=1400 audit(1756698928.082:12913): avc:  denied  { write } for  pid=8296 comm="syz.3.1711" path="socket:[20139]" dev="sockfs" ino=20139 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  127.400632][ T8306] netlink: 'syz.1.1714': attribute type 3 has an invalid length.
[  127.439749][ T8310] loop1: detected capacity change from 0 to 1024
[  127.446592][ T8310] EXT4-fs: Ignoring removed orlov option
[  127.489549][ T8314] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0'
[  127.570364][ T8316] loop3: detected capacity change from 0 to 1024
[  127.581379][ T8318] loop1: detected capacity change from 0 to 1024
[  127.747235][  T420] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  127.792110][  T420] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  127.804519][  T420] EXT4-fs (loop3): This should not happen!! Data will be lost
[  127.804519][  T420] 
[  127.814423][  T420] EXT4-fs (loop3): Total free blocks count 0
[  127.820435][  T420] EXT4-fs (loop3): Free/Dirty block details
[  127.826342][  T420] EXT4-fs (loop3): free_blocks=68451041280
[  127.832260][  T420] EXT4-fs (loop3): dirty_blocks=320
[  127.837500][  T420] EXT4-fs (loop3): Block reservation details
[  127.843487][  T420] EXT4-fs (loop3): i_reserved_data_blocks=20
[  127.853398][  T363] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  127.910683][  T363] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  127.923207][  T363] EXT4-fs (loop1): This should not happen!! Data will be lost
[  127.923207][  T363] 
[  127.933002][  T363] EXT4-fs (loop1): Total free blocks count 0
[  127.939691][  T363] EXT4-fs (loop1): Free/Dirty block details
[  127.945657][  T363] EXT4-fs (loop1): free_blocks=68451041280
[  127.951523][  T363] EXT4-fs (loop1): dirty_blocks=320
[  127.956742][  T363] EXT4-fs (loop1): Block reservation details
[  127.962753][  T363] EXT4-fs (loop1): i_reserved_data_blocks=20
[  128.302641][ T8346] FAULT_INJECTION: forcing a failure.
[  128.302641][ T8346] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  128.315796][ T8346] CPU: 1 UID: 0 PID: 8346 Comm: syz.3.1726 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  128.315866][ T8346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  128.315878][ T8346] Call Trace:
[  128.315886][ T8346]  <TASK>
[  128.315895][ T8346]  __dump_stack+0x1d/0x30
[  128.315923][ T8346]  dump_stack_lvl+0xe8/0x140
[  128.315947][ T8346]  dump_stack+0x15/0x1b
[  128.316110][ T8346]  should_fail_ex+0x265/0x280
[  128.316173][ T8346]  should_fail+0xb/0x20
[  128.316189][ T8346]  should_fail_usercopy+0x1a/0x20
[  128.316210][ T8346]  copy_fpstate_to_sigframe+0x628/0x7d0
[  128.316255][ T8346]  ? copy_fpstate_to_sigframe+0xe6/0x7d0
[  128.316355][ T8346]  ? x86_task_fpu+0x36/0x60
[  128.316381][ T8346]  get_sigframe+0x34d/0x490
[  128.316403][ T8346]  ? get_signal+0xdc8/0xf70
[  128.316500][ T8346]  x64_setup_rt_frame+0xa8/0x580
[  128.316524][ T8346]  arch_do_signal_or_restart+0x27c/0x480
[  128.316549][ T8346]  exit_to_user_mode_loop+0x7a/0x100
[  128.316631][ T8346]  do_syscall_64+0x1d6/0x200
[  128.316667][ T8346]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  128.316697][ T8346]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  128.316792][ T8346]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.316820][ T8346] RIP: 0033:0x7f25c9edebe7
[  128.316855][ T8346] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  128.316920][ T8346] RSP: 002b:00007f25c8947038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  128.316962][ T8346] RAX: 0000000000000000 RBX: 00007f25ca115fa0 RCX: 00007f25c9edebe9
[  128.316979][ T8346] RDX: 0000000000018fdc RSI: 0000200000032440 RDI: 0000000000000003
[  128.316995][ T8346] RBP: 00007f25c8947090 R08: 0000000000000000 R09: 0000000000000000
[  128.317008][ T8346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  128.317023][ T8346] R13: 00007f25ca116038 R14: 00007f25ca115fa0 R15: 00007fff02b0d478
[  128.317047][ T8346]  </TASK>
[  128.564915][   T36] usb 5-1: enqueue for inactive port 0
[  128.575341][   T36] usb 5-1: enqueue for inactive port 0
[  128.584923][ T8351] loop1: detected capacity change from 0 to 512
[  128.611094][ T8354] loop3: detected capacity change from 0 to 1024
[  128.621505][ T8351] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.1727: invalid block
[  128.648253][ T8351] EXT4-fs (loop1): Remounting filesystem read-only
[  128.657247][   T36] vhci_hcd: vhci_device speed not set
[  128.675543][ T8351] EXT4-fs (loop1): 2 truncates cleaned up
[  128.888600][  T420] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  128.923914][  T420] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  128.923945][ T8364] loop1: detected capacity change from 0 to 128
[  128.924279][ T8364] vfat: Unknown parameter 'uni�'
[  128.936417][  T420] EXT4-fs (loop3): This should not happen!! Data will be lost
[  128.936417][  T420] 
[  128.957554][  T420] EXT4-fs (loop3): Total free blocks count 0
[  128.963552][  T420] EXT4-fs (loop3): Free/Dirty block details
[  128.969530][  T420] EXT4-fs (loop3): free_blocks=68451041280
[  128.975359][  T420] EXT4-fs (loop3): dirty_blocks=320
[  128.980606][  T420] EXT4-fs (loop3): Block reservation details
[  128.986595][  T420] EXT4-fs (loop3): i_reserved_data_blocks=20
[  129.031396][ T8366] FAULT_INJECTION: forcing a failure.
[  129.031396][ T8366] name failslab, interval 1, probability 0, space 0, times 0
[  129.044279][ T8366] CPU: 0 UID: 0 PID: 8366 Comm: syz.4.1735 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  129.044309][ T8366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  129.044321][ T8366] Call Trace:
[  129.044327][ T8366]  <TASK>
[  129.044417][ T8366]  __dump_stack+0x1d/0x30
[  129.044440][ T8366]  dump_stack_lvl+0xe8/0x140
[  129.044459][ T8366]  dump_stack+0x15/0x1b
[  129.044475][ T8366]  should_fail_ex+0x265/0x280
[  129.044506][ T8366]  ? __pfx_cond_bools_destroy+0x10/0x10
[  129.044620][ T8366]  should_failslab+0x8c/0xb0
[  129.044713][ T8366]  kmem_cache_alloc_noprof+0x50/0x310
[  129.044760][ T8366]  ? hashtab_duplicate+0xfe/0x360
[  129.044821][ T8366]  ? __pfx_cond_bools_destroy+0x10/0x10
[  129.044847][ T8366]  hashtab_duplicate+0xfe/0x360
[  129.044872][ T8366]  ? __pfx_cond_bools_copy+0x10/0x10
[  129.044940][ T8366]  cond_policydb_dup+0xd2/0x4e0
[  129.044979][ T8366]  security_set_bools+0xa0/0x340
[  129.045013][ T8366]  sel_commit_bools_write+0x1ea/0x270
[  129.045054][ T8366]  vfs_writev+0x403/0x8b0
[  129.045092][ T8366]  ? __pfx_sel_commit_bools_write+0x10/0x10
[  129.045199][ T8366]  ? mutex_lock+0xd/0x30
[  129.045228][ T8366]  do_writev+0xe7/0x210
[  129.045261][ T8366]  __x64_sys_writev+0x45/0x50
[  129.045285][ T8366]  x64_sys_call+0x1e9a/0x2ff0
[  129.045305][ T8366]  do_syscall_64+0xd2/0x200
[  129.045388][ T8366]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  129.045417][ T8366]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  129.045511][ T8366]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.045533][ T8366] RIP: 0033:0x7fe552a5ebe9
[  129.045549][ T8366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.045571][ T8366] RSP: 002b:00007fe5514bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  129.045596][ T8366] RAX: ffffffffffffffda RBX: 00007fe552c95fa0 RCX: 00007fe552a5ebe9
[  129.045657][ T8366] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000006
[  129.045673][ T8366] RBP: 00007fe5514bf090 R08: 0000000000000000 R09: 0000000000000000
[  129.045689][ T8366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  129.045705][ T8366] R13: 00007fe552c96038 R14: 00007fe552c95fa0 R15: 00007ffdbbe96958
[  129.045731][ T8366]  </TASK>
[  129.295215][ T8371] loop1: detected capacity change from 0 to 1024
[  129.307258][   T29] audit: type=1326 audit(1756698930.122:12914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8367 comm="syz.3.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25c9edebe9 code=0x7ffc0000
[  129.331522][   T29] audit: type=1326 audit(1756698930.132:12915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8367 comm="syz.3.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f25c9edebe9 code=0x7ffc0000
[  129.355186][   T29] audit: type=1326 audit(1756698930.132:12916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8367 comm="syz.3.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25c9edebe9 code=0x7ffc0000
[  129.379374][   T29] audit: type=1326 audit(1756698930.132:12917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8367 comm="syz.3.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f25c9edebe9 code=0x7ffc0000
[  129.403167][   T29] audit: type=1326 audit(1756698930.132:12918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8367 comm="syz.3.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25c9edebe9 code=0x7ffc0000
[  129.427407][   T29] audit: type=1326 audit(1756698930.132:12919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8367 comm="syz.3.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=94 compat=0 ip=0x7f25c9edebe9 code=0x7ffc0000
[  129.451048][   T29] audit: type=1326 audit(1756698930.132:12920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8367 comm="syz.3.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25c9edebe9 code=0x7ffc0000
[  129.475391][   T29] audit: type=1326 audit(1756698930.132:12921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8367 comm="syz.3.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f25c9edebe9 code=0x7ffc0000
[  129.683788][ T8387] loop4: detected capacity change from 0 to 8192
[  129.854580][ T8396] loop3: detected capacity change from 0 to 512
[  129.887886][ T8396] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  129.909081][ T8396] EXT4-fs (loop3): 1 truncate cleaned up
[  129.926121][ T8396] EXT4-fs mount: 64 callbacks suppressed
[  129.926140][ T8396] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.995915][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.106252][ T8405] loop3: detected capacity change from 0 to 1024
[  130.130063][ T8405] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.149892][ T8411] FAULT_INJECTION: forcing a failure.
[  130.149892][ T8411] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.163051][ T8411] CPU: 0 UID: 0 PID: 8411 Comm: syz.4.1748 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  130.163078][ T8411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  130.163151][ T8411] Call Trace:
[  130.163160][ T8411]  <TASK>
[  130.163169][ T8411]  __dump_stack+0x1d/0x30
[  130.163200][ T8411]  dump_stack_lvl+0xe8/0x140
[  130.163218][ T8411]  dump_stack+0x15/0x1b
[  130.163266][ T8411]  should_fail_ex+0x265/0x280
[  130.163302][ T8411]  should_fail+0xb/0x20
[  130.163323][ T8411]  should_fail_usercopy+0x1a/0x20
[  130.163368][ T8411]  _copy_to_user+0x20/0xa0
[  130.163429][ T8411]  simple_read_from_buffer+0xb5/0x130
[  130.163458][ T8411]  proc_fail_nth_read+0x10e/0x150
[  130.163543][ T8411]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  130.163577][ T8411]  vfs_read+0x1a8/0x770
[  130.163598][ T8411]  ? __rcu_read_unlock+0x4f/0x70
[  130.163657][ T8411]  ? __fget_files+0x184/0x1c0
[  130.163683][ T8411]  ksys_read+0xda/0x1a0
[  130.163707][ T8411]  __x64_sys_read+0x40/0x50
[  130.163734][ T8411]  x64_sys_call+0x27bc/0x2ff0
[  130.163768][ T8411]  do_syscall_64+0xd2/0x200
[  130.163861][ T8411]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  130.163890][ T8411]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  130.163924][ T8411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.164011][ T8411] RIP: 0033:0x7fe552a5d5fc
[  130.164029][ T8411] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  130.164045][ T8411] RSP: 002b:00007fe5514bf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  130.164065][ T8411] RAX: ffffffffffffffda RBX: 00007fe552c95fa0 RCX: 00007fe552a5d5fc
[  130.164081][ T8411] RDX: 000000000000000f RSI: 00007fe5514bf0a0 RDI: 0000000000000006
[  130.164110][ T8411] RBP: 00007fe5514bf090 R08: 0000000000000000 R09: 0000000000000000
[  130.164124][ T8411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.164200][ T8411] R13: 00007fe552c96038 R14: 00007fe552c95fa0 R15: 00007ffdbbe96958
[  130.164220][ T8411]  </TASK>
[  130.394064][ T8415] netlink: 'syz.4.1749': attribute type 13 has an invalid length.
[  130.454177][  T363] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  130.470419][  T363] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  130.483586][  T363] EXT4-fs (loop3): This should not happen!! Data will be lost
[  130.483586][  T363] 
[  130.493375][  T363] EXT4-fs (loop3): Total free blocks count 0
[  130.499513][  T363] EXT4-fs (loop3): Free/Dirty block details
[  130.505413][  T363] EXT4-fs (loop3): free_blocks=68451041280
[  130.512056][  T363] EXT4-fs (loop3): dirty_blocks=320
[  130.517495][  T363] EXT4-fs (loop3): Block reservation details
[  130.523484][  T363] EXT4-fs (loop3): i_reserved_data_blocks=20
[  130.533345][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.540067][ T8415] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.549910][ T8415] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.591667][ T8415] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  130.603375][ T8415] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  130.613609][ T8427] netlink: 'syz.2.1752': attribute type 4 has an invalid length.
[  130.697378][  T420] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  130.707026][  T420] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  130.721598][ T8424] netlink: 'syz.3.1751': attribute type 3 has an invalid length.
[  130.761068][  T420] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  130.780449][  T420] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  130.826296][ T8441] netlink: 'syz.4.1757': attribute type 3 has an invalid length.
[  130.850682][ T8447] loop2: detected capacity change from 0 to 1024
[  130.864114][ T8451] loop4: detected capacity change from 0 to 1024
[  130.875319][ T8447] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.912330][ T8451] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.956635][  T363] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  130.986153][  T363] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  130.998592][  T363] EXT4-fs (loop2): This should not happen!! Data will be lost
[  130.998592][  T363] 
[  131.008258][  T363] EXT4-fs (loop2): Total free blocks count 0
[  131.014267][  T363] EXT4-fs (loop2): Free/Dirty block details
[  131.020197][  T363] EXT4-fs (loop2): free_blocks=68451041280
[  131.026111][  T363] EXT4-fs (loop2): dirty_blocks=320
[  131.031412][  T363] EXT4-fs (loop2): Block reservation details
[  131.037545][  T363] EXT4-fs (loop2): i_reserved_data_blocks=20
[  131.108695][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.119927][  T363] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  131.136314][  T363] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  131.149404][  T363] EXT4-fs (loop4): This should not happen!! Data will be lost
[  131.149404][  T363] 
[  131.159165][  T363] EXT4-fs (loop4): Total free blocks count 0
[  131.165163][  T363] EXT4-fs (loop4): Free/Dirty block details
[  131.171132][  T363] EXT4-fs (loop4): free_blocks=68451041280
[  131.176948][  T363] EXT4-fs (loop4): dirty_blocks=320
[  131.182839][  T363] EXT4-fs (loop4): Block reservation details
[  131.188883][  T363] EXT4-fs (loop4): i_reserved_data_blocks=20
[  131.210117][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.305803][ T8473] netlink: 'syz.4.1771': attribute type 7 has an invalid length.
[  131.313648][ T8473] __nla_validate_parse: 14 callbacks suppressed
[  131.313664][ T8473] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1771'.
[  131.354528][ T8473] SELinux:  Context system_u:object_r:klogd_var_run_t:s0 is not valid (left unmapped).
[  131.365962][ T8473] netlink: 'syz.4.1771': attribute type 10 has an invalid length.
[  131.373854][ T8473] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1771'.
[  131.383805][ T8473] batman_adv: batadv0: Adding interface: macvlan0
[  131.390278][ T8473] batman_adv: batadv0: The MTU of interface macvlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  131.415867][ T8473] batman_adv: batadv0: Interface activated: macvlan0
[  131.470743][ T8491] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1777'.
[  131.480452][ T8491] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1777'.
[  131.803204][ T8501] loop1: detected capacity change from 0 to 512
[  131.829471][ T8501] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  131.884195][ T8501] EXT4-fs (loop1): mount failed
[  131.932217][ T8505] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1781'.
[  131.952756][ T8505] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1781'.
[  131.994421][ T8501] FAULT_INJECTION: forcing a failure.
[  131.994421][ T8501] name failslab, interval 1, probability 0, space 0, times 0
[  132.007231][ T8501] CPU: 0 UID: 0 PID: 8501 Comm: syz.1.1780 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  132.007266][ T8501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  132.007283][ T8501] Call Trace:
[  132.007297][ T8501]  <TASK>
[  132.007320][ T8501]  __dump_stack+0x1d/0x30
[  132.007341][ T8501]  dump_stack_lvl+0xe8/0x140
[  132.007363][ T8501]  dump_stack+0x15/0x1b
[  132.007384][ T8501]  should_fail_ex+0x265/0x280
[  132.007409][ T8501]  should_failslab+0x8c/0xb0
[  132.007439][ T8501]  kmem_cache_alloc_noprof+0x50/0x310
[  132.007507][ T8501]  ? getname_flags+0x80/0x3b0
[  132.007537][ T8501]  getname_flags+0x80/0x3b0
[  132.007579][ T8501]  path_setxattrat+0x223/0x310
[  132.007678][ T8501]  __x64_sys_lsetxattr+0x71/0x90
[  132.007707][ T8501]  x64_sys_call+0x2877/0x2ff0
[  132.007729][ T8501]  do_syscall_64+0xd2/0x200
[  132.007823][ T8501]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  132.007897][ T8501]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  132.007962][ T8501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.007991][ T8501] RIP: 0033:0x7fa11ac8ebe9
[  132.008010][ T8501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.008034][ T8501] RSP: 002b:00007fa1196f7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  132.008083][ T8501] RAX: ffffffffffffffda RBX: 00007fa11aec5fa0 RCX: 00007fa11ac8ebe9
[  132.008097][ T8501] RDX: 0000200000000280 RSI: 0000200000000000 RDI: 0000200000000400
[  132.008113][ T8501] RBP: 00007fa1196f7090 R08: 0000000000000000 R09: 0000000000000000
[  132.008129][ T8501] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000001
[  132.008210][ T8501] R13: 00007fa11aec6038 R14: 00007fa11aec5fa0 R15: 00007ffeb8f79168
[  132.008259][ T8501]  </TASK>
[  132.225285][ T8510] netlink: 'syz.3.1783': attribute type 30 has an invalid length.
[  132.233465][ T8510] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  132.242746][ T8510] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  132.298915][   T29] kauditd_printk_skb: 227 callbacks suppressed
[  132.298931][   T29] audit: type=1326 audit(1756698934.157:13148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8515 comm="syz.1.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  132.335182][   T29] audit: type=1326 audit(1756698934.187:13149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8515 comm="syz.1.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  132.358961][   T29] audit: type=1326 audit(1756698934.187:13150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8515 comm="syz.1.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  132.382463][   T29] audit: type=1326 audit(1756698934.187:13151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8515 comm="syz.1.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  132.406026][   T29] audit: type=1326 audit(1756698934.187:13152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8515 comm="syz.1.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  132.429813][   T29] audit: type=1326 audit(1756698934.187:13153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8515 comm="syz.1.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  132.453431][   T29] audit: type=1326 audit(1756698934.187:13154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8515 comm="syz.1.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  132.477038][   T29] audit: type=1326 audit(1756698934.187:13155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8515 comm="syz.1.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  132.500682][   T29] audit: type=1326 audit(1756698934.187:13156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8515 comm="syz.1.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  132.524396][   T29] audit: type=1326 audit(1756698934.187:13157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8515 comm="syz.1.1786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  132.552936][ T8523] FAULT_INJECTION: forcing a failure.
[  132.552936][ T8523] name failslab, interval 1, probability 0, space 0, times 0
[  132.566495][ T8523] CPU: 0 UID: 0 PID: 8523 Comm: syz.4.1788 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  132.566531][ T8523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  132.566547][ T8523] Call Trace:
[  132.566555][ T8523]  <TASK>
[  132.566565][ T8523]  __dump_stack+0x1d/0x30
[  132.566591][ T8523]  dump_stack_lvl+0xe8/0x140
[  132.566615][ T8523]  dump_stack+0x15/0x1b
[  132.566636][ T8523]  should_fail_ex+0x265/0x280
[  132.566664][ T8523]  should_failslab+0x8c/0xb0
[  132.566694][ T8523]  kmem_cache_alloc_noprof+0x50/0x310
[  132.566729][ T8523]  ? mas_alloc_nodes+0x265/0x520
[  132.566770][ T8523]  mas_alloc_nodes+0x265/0x520
[  132.566808][ T8523]  mas_preallocate+0x33e/0x520
[  132.566845][ T8523]  mmap_region+0xbdd/0x1630
[  132.566904][ T8523]  do_mmap+0x9b3/0xbe0
[  132.566939][ T8523]  vm_mmap_pgoff+0x17a/0x2e0
[  132.566975][ T8523]  ksys_mmap_pgoff+0xc2/0x310
[  132.567009][ T8523]  ? __x64_sys_mmap+0x49/0x70
[  132.567036][ T8523]  x64_sys_call+0x14a3/0x2ff0
[  132.567061][ T8523]  do_syscall_64+0xd2/0x200
[  132.567093][ T8523]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  132.567122][ T8523]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  132.567160][ T8523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.567186][ T8523] RIP: 0033:0x7fe552a5ec23
[  132.567210][ T8523] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[  132.567231][ T8523] RSP: 002b:00007fe5514bee18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  132.567252][ T8523] RAX: ffffffffffffffda RBX: 0000000000000623 RCX: 00007fe552a5ec23
[  132.567268][ T8523] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  132.567283][ T8523] RBP: 0000200000000c82 R08: 00000000ffffffff R09: 0000000000000000
[  132.567298][ T8523] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000007
[  132.567314][ T8523] R13: 00007fe5514beef0 R14: 00007fe5514beeb0 R15: 00002000000001c0
[  132.567336][ T8523]  </TASK>
[  132.871243][ T8534] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1793'.
[  132.901225][ T8534] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1793'.
[  132.960866][ T8540] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1797'.
[  133.008076][ T8545] loop4: detected capacity change from 0 to 1024
[  133.021556][ T8547] loop1: detected capacity change from 0 to 1024
[  133.040757][ T8547] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.060399][ T8545] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.147444][  T363] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  133.174490][  T363] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  133.187044][  T363] EXT4-fs (loop1): This should not happen!! Data will be lost
[  133.187044][  T363] 
[  133.197432][  T363] EXT4-fs (loop1): Total free blocks count 0
[  133.203433][  T363] EXT4-fs (loop1): Free/Dirty block details
[  133.209374][  T363] EXT4-fs (loop1): free_blocks=68451041280
[  133.215250][  T363] EXT4-fs (loop1): dirty_blocks=320
[  133.220547][  T363] EXT4-fs (loop1): Block reservation details
[  133.226538][  T363] EXT4-fs (loop1): i_reserved_data_blocks=20
[  133.235546][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.370011][  T363] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  133.385147][  T363] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  133.398290][  T363] EXT4-fs (loop4): This should not happen!! Data will be lost
[  133.398290][  T363] 
[  133.407966][  T363] EXT4-fs (loop4): Total free blocks count 0
[  133.413961][  T363] EXT4-fs (loop4): Free/Dirty block details
[  133.419909][  T363] EXT4-fs (loop4): free_blocks=68451041280
[  133.425730][  T363] EXT4-fs (loop4): dirty_blocks=320
[  133.431689][  T363] EXT4-fs (loop4): Block reservation details
[  133.437795][  T363] EXT4-fs (loop4): i_reserved_data_blocks=20
[  133.461319][ T8560] FAULT_INJECTION: forcing a failure.
[  133.461319][ T8560] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  133.474520][ T8560] CPU: 1 UID: 0 PID: 8560 Comm: syz.1.1803 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  133.474620][ T8560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  133.474637][ T8560] Call Trace:
[  133.474645][ T8560]  <TASK>
[  133.474654][ T8560]  __dump_stack+0x1d/0x30
[  133.474678][ T8560]  dump_stack_lvl+0xe8/0x140
[  133.474696][ T8560]  dump_stack+0x15/0x1b
[  133.474711][ T8560]  should_fail_ex+0x265/0x280
[  133.474782][ T8560]  should_fail+0xb/0x20
[  133.474799][ T8560]  should_fail_usercopy+0x1a/0x20
[  133.474820][ T8560]  _copy_from_user+0x1c/0xb0
[  133.474854][ T8560]  __se_sys_mount+0x10d/0x2e0
[  133.474915][ T8560]  ? __bpf_trace_sys_enter+0x10/0x30
[  133.474945][ T8560]  ? trace_sys_enter+0xd0/0xf0
[  133.474969][ T8560]  __x64_sys_mount+0x67/0x80
[  133.475035][ T8560]  x64_sys_call+0x2b4d/0x2ff0
[  133.475082][ T8560]  do_syscall_64+0xd2/0x200
[  133.475127][ T8560]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  133.475153][ T8560]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  133.475206][ T8560]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.475229][ T8560] RIP: 0033:0x7fa11ac8ebe9
[  133.475285][ T8560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.475303][ T8560] RSP: 002b:00007fa1196f7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  133.475325][ T8560] RAX: ffffffffffffffda RBX: 00007fa11aec5fa0 RCX: 00007fa11ac8ebe9
[  133.475341][ T8560] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 0000000000000000
[  133.475357][ T8560] RBP: 00007fa1196f7090 R08: 0000200000000080 R09: 0000000000000000
[  133.475372][ T8560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  133.475387][ T8560] R13: 00007fa11aec6038 R14: 00007fa11aec5fa0 R15: 00007ffeb8f79168
[  133.475462][ T8560]  </TASK>
[  133.660252][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.678368][ T8560] 9pnet: p9_errstr2errno: server reported unknown error 
[  133.763799][ T8564] loop0: detected capacity change from 0 to 8192
[  133.799309][ T8570] netlink: 'syz.1.1806': attribute type 178 has an invalid length.
[  133.835456][ T8575] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1807'.
[  133.921687][ T8579] netlink: 'syz.0.1809': attribute type 3 has an invalid length.
[  133.959772][ T8586] loop2: detected capacity change from 0 to 1024
[  133.995047][ T8588] loop4: detected capacity change from 0 to 2048
[  134.003385][ T8586] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.027300][ T8592] netlink: 'syz.0.1814': attribute type 30 has an invalid length.
[  134.046537][ T8592] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  134.055749][ T8592] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  134.115027][ T8597] loop1: detected capacity change from 0 to 1024
[  134.139154][ T8597] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.172879][ T1874] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  134.189323][ T1874] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  134.201771][ T1874] EXT4-fs (loop2): This should not happen!! Data will be lost
[  134.201771][ T1874] 
[  134.211456][ T1874] EXT4-fs (loop2): Total free blocks count 0
[  134.217568][ T1874] EXT4-fs (loop2): Free/Dirty block details
[  134.223545][ T1874] EXT4-fs (loop2): free_blocks=68451041280
[  134.229401][ T1874] EXT4-fs (loop2): dirty_blocks=320
[  134.234660][ T1874] EXT4-fs (loop2): Block reservation details
[  134.240694][ T1874] EXT4-fs (loop2): i_reserved_data_blocks=20
[  134.247653][  T363] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  134.249848][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.265605][  T363] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  134.284199][  T363] EXT4-fs (loop1): This should not happen!! Data will be lost
[  134.284199][  T363] 
[  134.294565][  T363] EXT4-fs (loop1): Total free blocks count 0
[  134.300570][  T363] EXT4-fs (loop1): Free/Dirty block details
[  134.306461][  T363] EXT4-fs (loop1): free_blocks=68451041280
[  134.312275][  T363] EXT4-fs (loop1): dirty_blocks=320
[  134.318196][  T363] EXT4-fs (loop1): Block reservation details
[  134.324261][  T363] EXT4-fs (loop1): i_reserved_data_blocks=20
[  134.332997][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.455935][ T8619] loop1: detected capacity change from 0 to 1024
[  134.499336][ T8619] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.565613][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.668563][ T8645] 9pnet_fd: Insufficient options for proto=fd
[  134.719466][ T8650] loop3: detected capacity change from 0 to 512
[  134.727097][ T8650] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  134.880641][ T8659] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8659 comm=syz.0.1835
[  134.904105][ T8660] FAULT_INJECTION: forcing a failure.
[  134.904105][ T8660] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  134.917233][ T8660] CPU: 0 UID: 0 PID: 8660 Comm: syz.3.1833 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  134.917294][ T8660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  134.917310][ T8660] Call Trace:
[  134.917317][ T8660]  <TASK>
[  134.917324][ T8660]  __dump_stack+0x1d/0x30
[  134.917344][ T8660]  dump_stack_lvl+0xe8/0x140
[  134.917361][ T8660]  dump_stack+0x15/0x1b
[  134.917405][ T8660]  should_fail_ex+0x265/0x280
[  134.917430][ T8660]  should_fail+0xb/0x20
[  134.917446][ T8660]  should_fail_usercopy+0x1a/0x20
[  134.917516][ T8660]  _copy_from_user+0x1c/0xb0
[  134.917551][ T8660]  __ia32_sys_rt_sigreturn+0x128/0x350
[  134.917590][ T8660]  x64_sys_call+0x2d3c/0x2ff0
[  134.917610][ T8660]  do_syscall_64+0xd2/0x200
[  134.917675][ T8660]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  134.917747][ T8660]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  134.917811][ T8660]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.917832][ T8660] RIP: 0033:0x7f25c9e7adb9
[  134.917846][ T8660] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  134.917864][ T8660] RSP: 002b:00007f25c88c0a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[  134.917881][ T8660] RAX: ffffffffffffffda RBX: 00007f25ca116090 RCX: 00007f25c9e7adb9
[  134.917894][ T8660] RDX: 00007f25c88c0a80 RSI: 00007f25c88c0bb0 RDI: 0000000000000021
[  134.917908][ T8660] RBP: 00007f25c88c1090 R08: 0000000000000000 R09: 0000000000000000
[  134.918024][ T8660] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[  134.918036][ T8660] R13: 00007f25ca116128 R14: 00007f25ca116090 R15: 00007fff02b0d478
[  134.918056][ T8660]  </TASK>
[  135.133884][ T8676] loop0: detected capacity change from 0 to 512
[  135.207097][ T8684] loop2: detected capacity change from 0 to 2048
[  135.239965][ T8684] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.265920][ T8684] FAULT_INJECTION: forcing a failure.
[  135.265920][ T8684] name failslab, interval 1, probability 0, space 0, times 0
[  135.279307][ T8684] CPU: 0 UID: 0 PID: 8684 Comm: syz.2.1844 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  135.279402][ T8684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  135.279415][ T8684] Call Trace:
[  135.279423][ T8684]  <TASK>
[  135.279429][ T8684]  __dump_stack+0x1d/0x30
[  135.279451][ T8684]  dump_stack_lvl+0xe8/0x140
[  135.279547][ T8684]  dump_stack+0x15/0x1b
[  135.279561][ T8684]  should_fail_ex+0x265/0x280
[  135.279582][ T8684]  ? __iomap_dio_rw+0x14b/0x1250
[  135.279619][ T8684]  should_failslab+0x8c/0xb0
[  135.279722][ T8684]  __kmalloc_cache_noprof+0x4c/0x320
[  135.279760][ T8684]  __iomap_dio_rw+0x14b/0x1250
[  135.279860][ T8684]  ? ext4_xattr_security_get+0x32/0x40
[  135.279881][ T8684]  ? __pfx_ext4_xattr_security_get+0x10/0x10
[  135.279903][ T8684]  ? __vfs_getxattr+0x2aa/0x2c0
[  135.280008][ T8684]  ? ext4_journal_check_start+0x11a/0x1b0
[  135.280030][ T8684]  iomap_dio_rw+0x40/0x90
[  135.280067][ T8684]  ext4_file_write_iter+0xad9/0xf00
[  135.280175][ T8684]  do_iter_readv_writev+0x49c/0x540
[  135.280202][ T8684]  vfs_writev+0x2df/0x8b0
[  135.280286][ T8684]  __se_sys_pwritev2+0xfc/0x1c0
[  135.280313][ T8684]  __x64_sys_pwritev2+0x67/0x80
[  135.280422][ T8684]  x64_sys_call+0x2c55/0x2ff0
[  135.280501][ T8684]  do_syscall_64+0xd2/0x200
[  135.280527][ T8684]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  135.280619][ T8684]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  135.280643][ T8684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.280744][ T8684] RIP: 0033:0x7fbb242cebe9
[  135.280762][ T8684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.280788][ T8684] RSP: 002b:00007fbb22d2f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  135.280810][ T8684] RAX: ffffffffffffffda RBX: 00007fbb24505fa0 RCX: 00007fbb242cebe9
[  135.280824][ T8684] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000008
[  135.280910][ T8684] RBP: 00007fbb22d2f090 R08: 0000000000000000 R09: 0000000000000000
[  135.280924][ T8684] R10: 0000000000001400 R11: 0000000000000246 R12: 0000000000000001
[  135.280939][ T8684] R13: 00007fbb24506038 R14: 00007fbb24505fa0 R15: 00007fffdd4c9728
[  135.280958][ T8684]  </TASK>
[  135.560012][ T8693] loop3: detected capacity change from 0 to 2048
[  135.568184][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.590030][ T8693] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.706984][ T8705] loop2: detected capacity change from 0 to 1024
[  135.749370][ T8705] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.901824][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.988554][ T8715] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.999118][  T363] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  136.048724][  T363] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  136.061338][  T363] EXT4-fs (loop2): This should not happen!! Data will be lost
[  136.061338][  T363] 
[  136.071774][  T363] EXT4-fs (loop2): Total free blocks count 0
[  136.077823][  T363] EXT4-fs (loop2): Free/Dirty block details
[  136.083771][  T363] EXT4-fs (loop2): free_blocks=68451041280
[  136.089706][  T363] EXT4-fs (loop2): dirty_blocks=320
[  136.094971][  T363] EXT4-fs (loop2): Block reservation details
[  136.101635][  T363] EXT4-fs (loop2): i_reserved_data_blocks=20
[  136.115884][ T8719] loop0: detected capacity change from 0 to 512
[  136.126134][ T8715] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.148786][ T8719] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  136.179582][ T8719] EXT4-fs (loop0): 1 truncate cleaned up
[  136.185782][ T8719] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.196729][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.215902][ T8729] loop4: detected capacity change from 0 to 1024
[  136.228248][ T8715] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.257316][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.273204][ T8729] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.310739][ T8715] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.325843][ T8736] FAULT_INJECTION: forcing a failure.
[  136.325843][ T8736] name failslab, interval 1, probability 0, space 0, times 0
[  136.339261][ T8736] CPU: 0 UID: 0 PID: 8736 Comm: syz.0.1859 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  136.339305][ T8736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  136.339320][ T8736] Call Trace:
[  136.339328][ T8736]  <TASK>
[  136.339337][ T8736]  __dump_stack+0x1d/0x30
[  136.339358][ T8736]  dump_stack_lvl+0xe8/0x140
[  136.339376][ T8736]  dump_stack+0x15/0x1b
[  136.339395][ T8736]  should_fail_ex+0x265/0x280
[  136.339423][ T8736]  ? audit_log_d_path+0x8d/0x150
[  136.339457][ T8736]  should_failslab+0x8c/0xb0
[  136.339498][ T8736]  __kmalloc_cache_noprof+0x4c/0x320
[  136.339553][ T8736]  audit_log_d_path+0x8d/0x150
[  136.339598][ T8736]  audit_log_d_path_exe+0x42/0x70
[  136.339631][ T8736]  audit_log_task+0x1e9/0x250
[  136.339662][ T8736]  audit_seccomp+0x61/0x100
[  136.339734][ T8736]  ? __seccomp_filter+0x68c/0x10d0
[  136.339762][ T8736]  __seccomp_filter+0x69d/0x10d0
[  136.339798][ T8736]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  136.339888][ T8736]  ? vfs_write+0x7e8/0x960
[  136.339915][ T8736]  __secure_computing+0x82/0x150
[  136.339934][ T8736]  syscall_trace_enter+0xcf/0x1e0
[  136.340033][ T8736]  do_syscall_64+0xac/0x200
[  136.340080][ T8736]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  136.340110][ T8736]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  136.340137][ T8736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.340175][ T8736] RIP: 0033:0x7f712aebebe9
[  136.340193][ T8736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.340216][ T8736] RSP: 002b:00007f712991f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e2
[  136.340239][ T8736] RAX: ffffffffffffffda RBX: 00007f712b0f5fa0 RCX: 00007f712aebebe9
[  136.340254][ T8736] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  136.340267][ T8736] RBP: 00007f712991f090 R08: 0000000000000000 R09: 0000000000000000
[  136.340303][ T8736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.340318][ T8736] R13: 00007f712b0f6038 R14: 00007f712b0f5fa0 R15: 00007fffaf7881e8
[  136.340342][ T8736]  </TASK>
[  136.621864][  T363] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  136.638471][  T363] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  136.683102][  T363] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  136.699179][  T363] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  136.919457][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.938985][ T8751] __nla_validate_parse: 12 callbacks suppressed
[  136.939000][ T8751] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1865'.
[  137.109990][ T8753] validate_nla: 2 callbacks suppressed
[  137.110007][ T8753] netlink: 'syz.4.1866': attribute type 178 has an invalid length.
[  137.280473][ T8775] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1873'.
[  137.336552][   T29] kauditd_printk_skb: 688 callbacks suppressed
[  137.336570][   T29] audit: type=1400 audit(1756698940.183:13846): avc:  denied  { read write } for  pid=8773 comm="syz.0.1873" name="ptp0" dev="devtmpfs" ino=247 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  137.366402][   T29] audit: type=1400 audit(1756698940.183:13847): avc:  denied  { open } for  pid=8773 comm="syz.0.1873" path="/dev/ptp0" dev="devtmpfs" ino=247 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  137.390907][ T8775] batadv1: entered promiscuous mode
[  137.396143][ T8775] batadv1: entered allmulticast mode
[  137.407644][ T8782] loop3: detected capacity change from 0 to 1024
[  137.440731][ T8782] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.469282][   T29] audit: type=1400 audit(1756698940.243:13848): avc:  denied  { ioctl } for  pid=8773 comm="syz.0.1873" path="/dev/ptp0" dev="devtmpfs" ino=247 ioctlcmd=0x3d0c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  137.616704][ T8793] loop4: detected capacity change from 0 to 1024
[  137.641011][ T8793] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.681780][   T29] audit: type=1400 audit(1756698940.523:13849): avc:  denied  { create } for  pid=8797 comm="syz.2.1880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  137.703022][   T29] audit: type=1400 audit(1756698940.523:13850): avc:  denied  { write } for  pid=8797 comm="syz.2.1880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  137.738714][ T1800] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  137.797182][ T1800] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  137.809735][ T1800] EXT4-fs (loop3): This should not happen!! Data will be lost
[  137.809735][ T1800] 
[  137.819402][ T1800] EXT4-fs (loop3): Total free blocks count 0
[  137.825376][ T1800] EXT4-fs (loop3): Free/Dirty block details
[  137.831293][ T1800] EXT4-fs (loop3): free_blocks=68451041280
[  137.837120][ T1800] EXT4-fs (loop3): dirty_blocks=320
[  137.842386][ T1800] EXT4-fs (loop3): Block reservation details
[  137.848454][ T1800] EXT4-fs (loop3): i_reserved_data_blocks=20
[  137.909668][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.961769][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.063019][ T8820] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1886'.
[  138.100874][ T8820] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1886'.
[  138.187213][   T29] audit: type=1400 audit(1756698941.033:13851): avc:  denied  { create } for  pid=8825 comm="syz.4.1890" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  138.193435][ T8826] loop4: detected capacity change from 0 to 512
[  138.236222][ T8826] EXT4-fs: Ignoring removed mblk_io_submit option
[  138.262143][ T8826] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  138.288419][ T8826] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  138.305111][ T8826] System zones: 1-12
[  138.315545][ T8826] EXT4-fs (loop4): 1 truncate cleaned up
[  138.327121][ T8826] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.432017][ T8834] loop2: detected capacity change from 0 to 1024
[  138.451711][   T29] audit: type=1400 audit(1756698941.303:13852): avc:  denied  { append } for  pid=8825 comm="syz.4.1890" path="/371/bus/memory.events.local" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  138.499234][ T8834] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.547039][ T8833] netlink: 'syz.0.1892': attribute type 3 has an invalid length.
[  138.555888][   T29] audit: type=1400 audit(1756698941.343:13853): avc:  denied  { ioctl } for  pid=8835 comm="syz.3.1893" path="socket:[22117]" dev="sockfs" ino=22117 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  138.674280][ T8843] loop0: detected capacity change from 0 to 1024
[  138.681425][ T1874] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  138.703318][ T1874] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  138.715880][ T1874] EXT4-fs (loop2): This should not happen!! Data will be lost
[  138.715880][ T1874] 
[  138.725679][ T1874] EXT4-fs (loop2): Total free blocks count 0
[  138.731703][ T1874] EXT4-fs (loop2): Free/Dirty block details
[  138.731877][ T8843] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.737629][ T1874] EXT4-fs (loop2): free_blocks=68451041280
[  138.737647][ T1874] EXT4-fs (loop2): dirty_blocks=320
[  138.755970][   T29] audit: type=1400 audit(1756698941.603:13854): avc:  denied  { append } for  pid=8848 comm="syz.1.1898" name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  138.760730][ T1874] EXT4-fs (loop2): Block reservation details
[  138.760745][ T1874] EXT4-fs (loop2): i_reserved_data_blocks=20
[  138.766146][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.804938][ T8851] usb usb1: usbfs: process 8851 (syz.1.1898) did not claim interface 4 before use
[  138.830883][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.843874][ T8853] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1899'.
[  138.869256][ T8853] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1899'.
[  138.882374][ T8855] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1900'.
[  138.882960][   T29] audit: type=1326 audit(1756698941.733:13855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8856 comm="syz.2.1897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb242cebe9 code=0x7ffc0000
[  138.906065][ T8857] netlink: 'syz.2.1897': attribute type 30 has an invalid length.
[  138.927613][ T8857] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  138.936781][ T8857] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  138.955283][ T8855] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1900'.
[  138.968616][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.137252][ T8873] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1906'.
[  139.146347][ T8873] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1906'.
[  139.354781][ T8883] netlink: 'syz.1.1910': attribute type 3 has an invalid length.
[  139.469962][ T8892] loop1: detected capacity change from 0 to 1024
[  139.499679][ T8892] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.625398][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.855868][ T8906] loop1: detected capacity change from 0 to 1024
[  139.880985][ T8906] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.918105][ T8911] netlink: 'syz.2.1917': attribute type 4 has an invalid length.
[  140.025288][ T1874] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  140.044861][ T1874] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  140.057391][ T1874] EXT4-fs (loop1): This should not happen!! Data will be lost
[  140.057391][ T1874] 
[  140.067051][ T1874] EXT4-fs (loop1): Total free blocks count 0
[  140.073121][ T1874] EXT4-fs (loop1): Free/Dirty block details
[  140.079860][ T1874] EXT4-fs (loop1): free_blocks=68451041280
[  140.085735][ T1874] EXT4-fs (loop1): dirty_blocks=320
[  140.091004][ T1874] EXT4-fs (loop1): Block reservation details
[  140.097166][ T1874] EXT4-fs (loop1): i_reserved_data_blocks=20
[  140.108070][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.160462][ T8922] netlink: 'syz.1.1921': attribute type 3 has an invalid length.
[  140.194319][ T8926] loop0: detected capacity change from 0 to 1024
[  140.218984][ T8926] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.255279][ T8933] SELinux: security_context_str_to_sid (��) failed with errno=-22
[  140.292928][ T8933] loop1: detected capacity change from 0 to 2048
[  140.365853][ T8933]  loop1: p2 p3 p7
[  140.433626][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.606113][ T8954] sctp: [Deprecated]: syz.1.1934 (pid 8954) Use of int in max_burst socket option.
[  140.606113][ T8954] Use struct sctp_assoc_value instead
[  140.622389][ T8952] SELinux:  Context �Y7��j
[  140.622389][ T8952] u/$2Sٟ�2'��k�s2-�	vj�d��	�#���,�N<
[  140.622389][ T8952] �:�E]Y��\?�ͼ�=�ً�1�KI�������k��{kL^���0�����}�4n�r��}���
pį����N�w
���yxiu?+������H~���F���1�W����j����N���2�)Gx�V�%�5��xeRM4 is not valid (left unmapped).
[  140.655377][ T8954] loop1: detected capacity change from 0 to 512
[  140.662633][ T8954] EXT4-fs: Ignoring removed mblk_io_submit option
[  140.669726][ T8952] SELinux:  Context *M�:+�� is not valid (left unmapped).
[  140.678023][ T8954] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  140.688429][ T8952] SELinux:  Context ���KM*�,h�X�/GǾ�û��̋y���+�.�+y��0�[pr�;J�A9�����Iq�j�Ǽ=7)o
M{���nF��=����Xmnx��r�D�㑉��垳�4��TW
��}�t�����eȖY��^s�lF����B�53��h�m���5�}��;J�����Xom%~"�~9mM��~alʺL�I8��i��<B�3
[  140.688429][ T8952] \�,:��gՀ^!�(D�.�0 is not valid (left unmapped).
[  140.720782][ T8952] SELinux:  Context 5�}��M3�p�X:����]�Q?��֧�p����{��O)B��R���D��P_N�[��`�3�?"�Mp$�=J�9[Ճ�CZ<R is not valid (left unmapped).
[  140.721295][ T8954] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  140.734994][ T8952] SELinux:  Context 77Q�����.�y��H.j��o���@���M����ɭ+�Š��~���o��)�ơ�s�#��{�2t������f���Л�����7�ZDt�ǩ)�X� is not valid (left unmapped).
[  140.758433][ T8954] System zones: 1-12
[  140.758655][ T8952] SELinux:  Context A��)��t�'����*'ĺ����k�����ش�L�&��z�
[  140.758655][ T8952] :_t� �0��H^����B��>&��Zw8	lX&�D;t�d�B�I�ݛ~���L
[  140.758655][ T8952] uSċ�kxI��R��I$4"�l��X�
7f9�٬��b���B��|72�*�
��k���NM������ is not valid (left unmapped).
[  140.787904][ T8952] SELinux:  Context �W�X�E��][O�:Ѹ���o�߭O���bZD�fq	:�~�t6�uY�x���(��Q��8����NPZ��eo����Q[aS��I> is not valid (left unmapped).
[  140.814735][ T8954] EXT4-fs (loop1): 1 truncate cleaned up
[  140.821962][ T8954] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.920191][ T8966] loop2: detected capacity change from 0 to 1024
[  140.960558][ T8966] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.051341][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.092668][ T8984] loop1: detected capacity change from 0 to 1024
[  141.111242][ T8984] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.203433][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.219281][ T8993] loop0: detected capacity change from 0 to 8192
[  141.235389][  T363] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  141.252120][  T363] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  141.265199][  T363] EXT4-fs (loop1): This should not happen!! Data will be lost
[  141.265199][  T363] 
[  141.274899][  T363] EXT4-fs (loop1): Total free blocks count 0
[  141.280959][  T363] EXT4-fs (loop1): Free/Dirty block details
[  141.286945][  T363] EXT4-fs (loop1): free_blocks=68451041280
[  141.293455][  T363] EXT4-fs (loop1): dirty_blocks=320
[  141.298692][  T363] EXT4-fs (loop1): Block reservation details
[  141.304673][  T363] EXT4-fs (loop1): i_reserved_data_blocks=20
[  141.315337][ T8995] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8995 comm=syz.3.1950
[  141.332555][ T8995] erspan1: entered promiscuous mode
[  141.349297][ T9003] FAULT_INJECTION: forcing a failure.
[  141.349297][ T9003] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.362482][ T9003] CPU: 1 UID: 0 PID: 9003 Comm: syz.4.1948 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  141.362575][ T9003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  141.362588][ T9003] Call Trace:
[  141.362595][ T9003]  <TASK>
[  141.362602][ T9003]  __dump_stack+0x1d/0x30
[  141.362623][ T9003]  dump_stack_lvl+0xe8/0x140
[  141.362644][ T9003]  dump_stack+0x15/0x1b
[  141.362661][ T9003]  should_fail_ex+0x265/0x280
[  141.362805][ T9003]  should_fail+0xb/0x20
[  141.362828][ T9003]  should_fail_usercopy+0x1a/0x20
[  141.362856][ T9003]  strncpy_from_user+0x25/0x230
[  141.362941][ T9003]  ? kmem_cache_alloc_noprof+0x186/0x310
[  141.362969][ T9003]  ? getname_flags+0x80/0x3b0
[  141.362998][ T9003]  getname_flags+0xae/0x3b0
[  141.363110][ T9003]  __x64_sys_renameat2+0x5f/0x90
[  141.363141][ T9003]  x64_sys_call+0x3f9/0x2ff0
[  141.363169][ T9003]  do_syscall_64+0xd2/0x200
[  141.363203][ T9003]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  141.363282][ T9003]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  141.363312][ T9003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.363338][ T9003] RIP: 0033:0x7fe552a5ebe9
[  141.363410][ T9003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.363433][ T9003] RSP: 002b:00007fe5514bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  141.363517][ T9003] RAX: ffffffffffffffda RBX: 00007fe552c95fa0 RCX: 00007fe552a5ebe9
[  141.363530][ T9003] RDX: ffffffffffffff9c RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  141.363541][ T9003] RBP: 00007fe5514bf090 R08: 0000000000000000 R09: 0000000000000000
[  141.363554][ T9003] R10: 0000200000000440 R11: 0000000000000246 R12: 0000000000000001
[  141.363570][ T9003] R13: 00007fe552c96038 R14: 00007fe552c95fa0 R15: 00007ffdbbe96958
[  141.363594][ T9003]  </TASK>
[  141.369711][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.635915][ T9019] loop3: detected capacity change from 0 to 512
[  141.747480][ T9019] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  141.755451][ T9019] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  141.795198][ T9019] System zones: 0-1, 15-15, 18-18, 34-34
[  141.815514][ T9019] EXT4-fs (loop3): orphan cleanup on readonly fs
[  141.971779][ T9019] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  141.986445][ T9019] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  142.019219][ T9026] loop0: detected capacity change from 0 to 8192
[  142.050642][ T9019] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1954: bg 0: block 40: padding at end of block bitmap is not set
[  142.079623][ T9026]  loop0: p3 p4 < >
[  142.083596][ T9026] loop0: p3 size 33554432 extends beyond EOD, truncated
[  142.131419][ T9019] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  142.193976][ T9019] EXT4-fs (loop3): 1 truncate cleaned up
[  142.235799][ T9019] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  142.347282][   T29] kauditd_printk_skb: 920 callbacks suppressed
[  142.347296][   T29] audit: type=1400 audit(1756698945.203:14775): avc:  denied  { remount } for  pid=9008 comm="syz.3.1954" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  142.380371][ T9019] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  142.388479][ T9019] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  142.442993][ T9031] FAULT_INJECTION: forcing a failure.
[  142.442993][ T9031] name failslab, interval 1, probability 0, space 0, times 0
[  142.456511][ T9031] CPU: 0 UID: 0 PID: 9031 Comm: syz.4.1957 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  142.456546][ T9031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  142.456577][ T9031] Call Trace:
[  142.456638][ T9031]  <TASK>
[  142.456648][ T9031]  __dump_stack+0x1d/0x30
[  142.456674][ T9031]  dump_stack_lvl+0xe8/0x140
[  142.456758][ T9031]  dump_stack+0x15/0x1b
[  142.456776][ T9031]  should_fail_ex+0x265/0x280
[  142.456804][ T9031]  should_failslab+0x8c/0xb0
[  142.456833][ T9031]  kmem_cache_alloc_node_noprof+0x57/0x320
[  142.456896][ T9031]  ? __alloc_skb+0x101/0x320
[  142.456978][ T9031]  __alloc_skb+0x101/0x320
[  142.457000][ T9031]  netlink_alloc_large_skb+0xba/0xf0
[  142.457065][ T9031]  netlink_sendmsg+0x3cf/0x6b0
[  142.457093][ T9031]  ? __pfx_netlink_sendmsg+0x10/0x10
[  142.457147][ T9031]  __sock_sendmsg+0x145/0x180
[  142.457185][ T9031]  ____sys_sendmsg+0x345/0x4e0
[  142.457219][ T9031]  ___sys_sendmsg+0x17b/0x1d0
[  142.457292][ T9031]  __sys_sendmmsg+0x178/0x300
[  142.457326][ T9031]  __x64_sys_sendmmsg+0x57/0x70
[  142.457359][ T9031]  x64_sys_call+0x1c4a/0x2ff0
[  142.457391][ T9031]  do_syscall_64+0xd2/0x200
[  142.457503][ T9031]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  142.457534][ T9031]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  142.457585][ T9031]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.457613][ T9031] RIP: 0033:0x7fe552a5ebe9
[  142.457632][ T9031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.457656][ T9031] RSP: 002b:00007fe5514bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  142.457675][ T9031] RAX: ffffffffffffffda RBX: 00007fe552c95fa0 RCX: 00007fe552a5ebe9
[  142.457711][ T9031] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000005
[  142.457785][ T9031] RBP: 00007fe5514bf090 R08: 0000000000000000 R09: 0000000000000000
[  142.457849][ T9031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  142.457865][ T9031] R13: 00007fe552c96038 R14: 00007fe552c95fa0 R15: 00007ffdbbe96958
[  142.457890][ T9031]  </TASK>
[  142.719397][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.761607][ T9033] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  142.774428][ T9033] netlink: 'syz.2.1958': attribute type 10 has an invalid length.
[  142.777229][   T29] audit: type=1326 audit(1756698945.603:14776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9032 comm="syz.2.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb242cebe9 code=0x7ffc0000
[  142.806513][   T29] audit: type=1326 audit(1756698945.603:14777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9032 comm="syz.2.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb242cebe9 code=0x7ffc0000
[  142.830765][   T29] audit: type=1326 audit(1756698945.603:14778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9032 comm="syz.2.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbb242cebe9 code=0x7ffc0000
[  142.854791][   T29] audit: type=1326 audit(1756698945.613:14779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9032 comm="syz.2.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb242cebe9 code=0x7ffc0000
[  142.860096][ T9035] loop1: detected capacity change from 0 to 1024
[  142.879208][   T29] audit: type=1326 audit(1756698945.613:14780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9032 comm="syz.2.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbb242cebe9 code=0x7ffc0000
[  142.908910][   T29] audit: type=1326 audit(1756698945.613:14781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9032 comm="syz.2.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb242cebe9 code=0x7ffc0000
[  142.932465][   T29] audit: type=1326 audit(1756698945.613:14782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9032 comm="syz.2.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fbb242cebe9 code=0x7ffc0000
[  142.956930][   T29] audit: type=1326 audit(1756698945.613:14783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9032 comm="syz.2.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb242cebe9 code=0x7ffc0000
[  142.981136][   T29] audit: type=1326 audit(1756698945.613:14784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9032 comm="syz.2.1958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fbb242cebe9 code=0x7ffc0000
[  143.099113][ T9035] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.142705][ T9042] tipc: Started in network mode
[  143.147703][ T9042] tipc: Node identity b6ab132ffd9f, cluster identity 4711
[  143.154882][ T9042] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  143.208626][ T9046] syzkaller0: entered promiscuous mode
[  143.214195][ T9046] syzkaller0: entered allmulticast mode
[  143.246296][ T9046] tipc: Resetting bearer <eth:syzkaller0>
[  143.273200][ T9040] tipc: Resetting bearer <eth:syzkaller0>
[  143.290518][ T9040] tipc: Disabling bearer <eth:syzkaller0>
[  143.342695][  T420] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  143.380645][  T420] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  143.393195][  T420] EXT4-fs (loop1): This should not happen!! Data will be lost
[  143.393195][  T420] 
[  143.403671][  T420] EXT4-fs (loop1): Total free blocks count 0
[  143.409756][  T420] EXT4-fs (loop1): Free/Dirty block details
[  143.415931][  T420] EXT4-fs (loop1): free_blocks=68451041280
[  143.421843][  T420] EXT4-fs (loop1): dirty_blocks=320
[  143.427053][  T420] EXT4-fs (loop1): Block reservation details
[  143.433333][  T420] EXT4-fs (loop1): i_reserved_data_blocks=20
[  143.443945][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.466923][ T9059] __nla_validate_parse: 16 callbacks suppressed
[  143.467037][ T9059] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1968'.
[  143.501993][ T9065] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1970'.
[  143.519120][ T9066] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1968'.
[  143.588860][ T9065] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1970'.
[  143.688699][ T9078] loop1: detected capacity change from 0 to 736
[  143.691584][ T9076] hub 9-0:1.0: USB hub found
[  143.712189][ T9076] hub 9-0:1.0: 8 ports detected
[  143.746737][ T9078] rock: directory entry would overflow storage
[  143.752977][ T9078] rock: sig=0x4f50, size=4, remaining=3
[  143.758697][ T9078] iso9660: Corrupted directory entry in block 2 of inode 1472
[  143.758905][ T9081] loop2: detected capacity change from 0 to 1024
[  143.808540][ T9081] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.878417][ T9078] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.885849][ T9078] bridge0: port 1(bridge_slave_0) entered disabled state
[  144.032555][ T9094] FAULT_INJECTION: forcing a failure.
[  144.032555][ T9094] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  144.041487][ T9078] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  144.045780][ T9094] CPU: 1 UID: 0 PID: 9094 Comm: syz.3.1978 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  144.045870][ T9094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  144.045888][ T9094] Call Trace:
[  144.045896][ T9094]  <TASK>
[  144.045904][ T9094]  __dump_stack+0x1d/0x30
[  144.045933][ T9094]  dump_stack_lvl+0xe8/0x140
[  144.045960][ T9094]  dump_stack+0x15/0x1b
[  144.046049][ T9094]  should_fail_ex+0x265/0x280
[  144.046078][ T9094]  should_fail+0xb/0x20
[  144.046103][ T9094]  should_fail_usercopy+0x1a/0x20
[  144.046149][ T9094]  _copy_from_user+0x1c/0xb0
[  144.046236][ T9094]  ___sys_sendmsg+0xc1/0x1d0
[  144.046287][ T9094]  __sys_sendmmsg+0x178/0x300
[  144.046333][ T9094]  __x64_sys_sendmmsg+0x57/0x70
[  144.046378][ T9094]  x64_sys_call+0x1c4a/0x2ff0
[  144.046409][ T9094]  do_syscall_64+0xd2/0x200
[  144.046447][ T9094]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  144.046547][ T9094]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  144.046655][ T9094]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.046684][ T9094] RIP: 0033:0x7f25c9edebe9
[  144.046725][ T9094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.046751][ T9094] RSP: 002b:00007f25c8947038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  144.046776][ T9094] RAX: ffffffffffffffda RBX: 00007f25ca115fa0 RCX: 00007f25c9edebe9
[  144.046828][ T9094] RDX: 0000000000000002 RSI: 0000200000000140 RDI: 0000000000000007
[  144.046845][ T9094] RBP: 00007f25c8947090 R08: 0000000000000000 R09: 0000000000000000
[  144.046860][ T9094] R10: 0000000020080058 R11: 0000000000000246 R12: 0000000000000001
[  144.046874][ T9094] R13: 00007f25ca116038 R14: 00007f25ca115fa0 R15: 00007fff02b0d478
[  144.046900][ T9094]  </TASK>
[  144.222556][ T1874] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  144.237271][ T9096] loop3: detected capacity change from 0 to 1024
[  144.263598][ T1874] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  144.276165][ T1874] EXT4-fs (loop2): This should not happen!! Data will be lost
[  144.276165][ T1874] 
[  144.286039][ T1874] EXT4-fs (loop2): Total free blocks count 0
[  144.292861][ T1874] EXT4-fs (loop2): Free/Dirty block details
[  144.298808][ T1874] EXT4-fs (loop2): free_blocks=68451041280
[  144.304705][ T1874] EXT4-fs (loop2): dirty_blocks=320
[  144.309966][ T1874] EXT4-fs (loop2): Block reservation details
[  144.316047][ T1874] EXT4-fs (loop2): i_reserved_data_blocks=20
[  144.325381][ T9096] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.350099][   T31] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  144.359094][   T31] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  144.385882][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.388098][   T31] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  144.427283][   T31] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  144.460945][ T9104] loop4: detected capacity change from 0 to 128
[  144.496816][ T9104] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  144.529215][ T9104] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  144.663594][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.714063][ T9120] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1984'.
[  144.727434][ T9120] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0'
[  144.738056][ T9122] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1990'.
[  144.873415][ T9122] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1990'.
[  145.119402][ T9135] loop1: detected capacity change from 0 to 1024
[  145.232951][ T9135] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.252799][ T9139] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1995'.
[  145.261835][ T9139] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1995'.
[  145.330048][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.412858][ T9148] loop1: detected capacity change from 0 to 1024
[  145.438795][ T9148] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.623800][ T9156] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1999'.
[  145.677048][  T420] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  145.693719][  T420] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  145.706204][  T420] EXT4-fs (loop1): This should not happen!! Data will be lost
[  145.706204][  T420] 
[  145.715898][  T420] EXT4-fs (loop1): Total free blocks count 0
[  145.721944][  T420] EXT4-fs (loop1): Free/Dirty block details
[  145.727965][  T420] EXT4-fs (loop1): free_blocks=68451041280
[  145.733812][  T420] EXT4-fs (loop1): dirty_blocks=320
[  145.739055][  T420] EXT4-fs (loop1): Block reservation details
[  145.745049][  T420] EXT4-fs (loop1): i_reserved_data_blocks=20
[  145.764639][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.846536][ T9158] loop4: detected capacity change from 0 to 8192
[  145.981584][ T9178] loop1: detected capacity change from 0 to 1024
[  146.001432][ T9178] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.330804][ T9191] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0'
[  146.453021][ T9193] loop2: detected capacity change from 0 to 1764
[  146.815063][ T1874] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  146.823908][ T1874] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  146.827207][  T420] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  146.856592][ T1874] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  146.892842][  T420] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  146.905413][  T420] EXT4-fs (loop1): This should not happen!! Data will be lost
[  146.905413][  T420] 
[  146.915117][  T420] EXT4-fs (loop1): Total free blocks count 0
[  146.921140][  T420] EXT4-fs (loop1): Free/Dirty block details
[  146.927054][  T420] EXT4-fs (loop1): free_blocks=68451041280
[  146.932973][  T420] EXT4-fs (loop1): dirty_blocks=320
[  146.938472][  T420] EXT4-fs (loop1): Block reservation details
[  146.944554][  T420] EXT4-fs (loop1): i_reserved_data_blocks=20
[  146.952869][ T1874] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  146.978145][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.013245][ T9197] loop1: detected capacity change from 0 to 1024
[  147.027395][ T9195] loop4: detected capacity change from 0 to 4096
[  147.123178][ T9202] loop2: detected capacity change from 0 to 1024
[  147.146581][   T37] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  147.190929][   T37] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  147.203468][   T37] EXT4-fs (loop1): This should not happen!! Data will be lost
[  147.203468][   T37] 
[  147.213218][   T37] EXT4-fs (loop1): Total free blocks count 0
[  147.219257][   T37] EXT4-fs (loop1): Free/Dirty block details
[  147.225250][   T37] EXT4-fs (loop1): free_blocks=68451041280
[  147.231111][   T37] EXT4-fs (loop1): dirty_blocks=320
[  147.236318][   T37] EXT4-fs (loop1): Block reservation details
[  147.242340][   T37] EXT4-fs (loop1): i_reserved_data_blocks=20
[  147.372397][   T29] kauditd_printk_skb: 192 callbacks suppressed
[  147.372415][   T29] audit: type=1326 audit(1756698950.223:14977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9210 comm="syz.1.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  147.419482][ T9211] FAULT_INJECTION: forcing a failure.
[  147.419482][ T9211] name failslab, interval 1, probability 0, space 0, times 0
[  147.431551][   T29] audit: type=1326 audit(1756698950.223:14978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9210 comm="syz.1.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  147.432398][ T9211] CPU: 0 UID: 0 PID: 9211 Comm: syz.1.2016 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  147.432434][ T9211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  147.432452][ T9211] Call Trace:
[  147.432461][ T9211]  <TASK>
[  147.432496][ T9211]  __dump_stack+0x1d/0x30
[  147.432525][ T9211]  dump_stack_lvl+0xe8/0x140
[  147.432552][ T9211]  dump_stack+0x15/0x1b
[  147.432605][ T9211]  should_fail_ex+0x265/0x280
[  147.432633][ T9211]  ? audit_log_d_path+0x8d/0x150
[  147.432675][ T9211]  should_failslab+0x8c/0xb0
[  147.432707][ T9211]  __kmalloc_cache_noprof+0x4c/0x320
[  147.432805][ T9211]  audit_log_d_path+0x8d/0x150
[  147.432847][ T9211]  audit_log_d_path_exe+0x42/0x70
[  147.432890][ T9211]  audit_log_task+0x1e9/0x250
[  147.432973][ T9211]  audit_seccomp+0x61/0x100
[  147.433039][ T9211]  ? __seccomp_filter+0x68c/0x10d0
[  147.433124][ T9211]  __seccomp_filter+0x69d/0x10d0
[  147.433235][ T9211]  ? __rcu_read_unlock+0x4f/0x70
[  147.433263][ T9211]  ? radix_tree_lookup+0xfa/0x140
[  147.433363][ T9211]  ? idr_find+0x2d/0x40
[  147.433405][ T9211]  __secure_computing+0x82/0x150
[  147.433434][ T9211]  syscall_trace_enter+0xcf/0x1e0
[  147.433468][ T9211]  do_syscall_64+0xac/0x200
[  147.433594][ T9211]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  147.433625][ T9211]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  147.433664][ T9211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.433747][ T9211] RIP: 0033:0x7fa11ac8d5fc
[  147.433768][ T9211] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  147.433803][ T9211] RSP: 002b:00007fa1196f7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  147.433828][ T9211] RAX: ffffffffffffffda RBX: 00007fa11aec5fa0 RCX: 00007fa11ac8d5fc
[  147.433846][ T9211] RDX: 000000000000000f RSI: 00007fa1196f70a0 RDI: 0000000000000006
[  147.433863][ T9211] RBP: 00007fa1196f7090 R08: 0000000000000000 R09: 0000000000000000
[  147.433880][ T9211] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[  147.433897][ T9211] R13: 00007fa11aec6038 R14: 00007fa11aec5fa0 R15: 00007ffeb8f79168
[  147.433923][ T9211]  </TASK>
[  147.665661][   T29] audit: type=1326 audit(1756698950.263:14979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9210 comm="syz.1.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  147.689224][   T29] audit: type=1326 audit(1756698950.263:14980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9210 comm="syz.1.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  147.712843][   T29] audit: type=1326 audit(1756698950.263:14981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9210 comm="syz.1.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  147.723463][ T9213] program syz.1.2018 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  147.736375][   T29] audit: type=1326 audit(1756698950.273:14982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9210 comm="syz.1.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  147.736412][   T29] audit: type=1326 audit(1756698950.273:14983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9210 comm="syz.1.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  147.736444][   T29] audit: type=1326 audit(1756698950.273:14984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9210 comm="syz.1.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  147.736476][   T29] audit: type=1326 audit(1756698950.273:14985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9210 comm="syz.1.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  147.736587][   T29] audit: type=1326 audit(1756698950.273:14986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9210 comm="syz.1.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11ac8ebe9 code=0x7ffc0000
[  147.927521][ T9215] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  147.936809][ T9215] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  148.052238][ T9213] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.065046][ T9213] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  148.214131][ T9230] loop4: detected capacity change from 0 to 512
[  148.262572][ T9234] loop2: detected capacity change from 0 to 1024
[  148.299768][ T9230] ext4 filesystem being mounted at /391/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.482913][   T37] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  148.499083][   T37] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  148.511552][   T37] EXT4-fs (loop2): This should not happen!! Data will be lost
[  148.511552][   T37] 
[  148.521319][   T37] EXT4-fs (loop2): Total free blocks count 0
[  148.528166][   T37] EXT4-fs (loop2): Free/Dirty block details
[  148.534195][   T37] EXT4-fs (loop2): free_blocks=68451041280
[  148.540104][   T37] EXT4-fs (loop2): dirty_blocks=320
[  148.545373][   T37] EXT4-fs (loop2): Block reservation details
[  148.551392][   T37] EXT4-fs (loop2): i_reserved_data_blocks=20
[  148.647628][ T9249] loop1: detected capacity change from 0 to 1024
[  148.795112][   T31] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  148.814040][   T31] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  148.827291][   T31] EXT4-fs (loop1): This should not happen!! Data will be lost
[  148.827291][   T31] 
[  148.836962][   T31] EXT4-fs (loop1): Total free blocks count 0
[  148.842986][   T31] EXT4-fs (loop1): Free/Dirty block details
[  148.848913][   T31] EXT4-fs (loop1): free_blocks=68451041280
[  148.854781][   T31] EXT4-fs (loop1): dirty_blocks=320
[  148.860748][   T31] EXT4-fs (loop1): Block reservation details
[  148.866805][   T31] EXT4-fs (loop1): i_reserved_data_blocks=20
[  148.920220][ T9270] 9pnet_fd: Insufficient options for proto=fd
[  148.946656][ T9271] __nla_validate_parse: 9 callbacks suppressed
[  148.946677][ T9271] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2032'.
[  148.962617][ T9271] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2032'.
[  149.153205][ T9286] SELinux: security_context_str_to_sid (��) failed with errno=-22
[  149.235038][ T9295] netlink: 'syz.2.2043': attribute type 30 has an invalid length.
[  149.243262][ T9295] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  149.252548][ T9295] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  149.360626][ T9303] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2045'.
[  149.385268][ T9303] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2045'.
[  149.458974][ T9306] loop0: detected capacity change from 0 to 512
[  149.486100][ T9306] EXT4-fs warning (device loop0): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  149.512099][ T9306] EXT4-fs (loop0): mount failed
[  149.744048][ T9321] SELinux: security_context_str_to_sid (��) failed with errno=-22
[  149.799423][ T9324] SELinux: security_context_str_to_sid (��) failed with errno=-22
[  149.915621][ T9331] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2057'.
[  150.062255][ T9342] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2059'.
[  150.104513][ T9342] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2059'.
[  150.410849][ T9358] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2063'.
[  150.454037][ T9359] SELinux: security_context_str_to_sid (��) failed with errno=-22
[  150.454485][ T9358] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0'
[  150.539962][ T9361] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2066'.
[  150.616726][ T9361] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2066'.
[  150.805580][ T9367] loop2: detected capacity change from 0 to 1024
[  151.186950][ T9378] loop0: detected capacity change from 0 to 1024
[  151.249198][ T9380] netlink: 'syz.1.2071': attribute type 30 has an invalid length.
[  151.277375][ T9380] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  151.286550][ T9380] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  151.429996][ T1874] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  151.465277][ T1874] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  151.477702][ T1874] EXT4-fs (loop0): This should not happen!! Data will be lost
[  151.477702][ T1874] 
[  151.487459][ T1874] EXT4-fs (loop0): Total free blocks count 0
[  151.493496][ T1874] EXT4-fs (loop0): Free/Dirty block details
[  151.499414][ T1874] EXT4-fs (loop0): free_blocks=68451041280
[  151.505409][ T1874] EXT4-fs (loop0): dirty_blocks=320
[  151.510654][ T1874] EXT4-fs (loop0): Block reservation details
[  151.512078][ T9388] loop2: detected capacity change from 0 to 128
[  151.516627][ T1874] EXT4-fs (loop0): i_reserved_data_blocks=20
[  151.583548][ T9388] Process accounting resumed
[  151.629669][ T9392] SELinux: security_context_str_to_sid (��) failed with errno=-22
[  151.679447][ T9396] netlink: 'syz.0.2077': attribute type 3 has an invalid length.
[  151.798193][ T9408] vhci_hcd: invalid port number 96
[  151.803353][ T9408] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  151.871617][ T9417] SELinux: security_context_str_to_sid (��) failed with errno=-22
[  151.932283][ T9426] SELinux: security_context_str_to_sid (��) failed with errno=-22
[  151.972801][ T9436] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  151.981785][ T9436] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  152.103130][ T9448] netlink: 'syz.1.2099': attribute type 10 has an invalid length.
[  152.114931][ T9448] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  152.216181][ T9461] loop1: detected capacity change from 0 to 1024
[  152.224973][ T9461] EXT4-fs: Ignoring removed nomblk_io_submit option
[  152.232042][ T9461] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  152.271234][ T9461] nfs4: Unknown parameter '!-+.!�^+^:%{'
[  152.290751][ T9470] loop3: detected capacity change from 0 to 1024
[  152.310762][ T9472] loop2: detected capacity change from 0 to 1024
[  152.382896][  T420] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  152.400183][  T420] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  152.412758][  T420] EXT4-fs (loop3): This should not happen!! Data will be lost
[  152.412758][  T420] 
[  152.422456][  T420] EXT4-fs (loop3): Total free blocks count 0
[  152.428559][  T420] EXT4-fs (loop3): Free/Dirty block details
[  152.434469][  T420] EXT4-fs (loop3): free_blocks=68451041280
[  152.440318][  T420] EXT4-fs (loop3): dirty_blocks=320
[  152.445621][  T420] EXT4-fs (loop3): Block reservation details
[  152.451617][  T420] EXT4-fs (loop3): i_reserved_data_blocks=20
[  152.461762][  T420] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  152.481827][  T420] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  152.494291][  T420] EXT4-fs (loop2): This should not happen!! Data will be lost
[  152.494291][  T420] 
[  152.503989][  T420] EXT4-fs (loop2): Total free blocks count 0
[  152.510076][  T420] EXT4-fs (loop2): Free/Dirty block details
[  152.515977][  T420] EXT4-fs (loop2): free_blocks=68451041280
[  152.521890][  T420] EXT4-fs (loop2): dirty_blocks=320
[  152.527094][  T420] EXT4-fs (loop2): Block reservation details
[  152.533140][  T420] EXT4-fs (loop2): i_reserved_data_blocks=20
[  152.593493][ T9495] loop2: detected capacity change from 0 to 512
[  152.625950][ T9495] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #3: comm syz.2.2110: corrupted inode contents
[  152.629910][ T9499] loop4: detected capacity change from 0 to 1024
[  152.647801][ T9495] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #3: comm syz.2.2110: mark_inode_dirty error
[  152.668160][ T9502] vhci_hcd: invalid port number 96
[  152.673413][ T9502] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  152.682137][ T9495] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #3: comm syz.2.2110: corrupted inode contents
[  152.700406][ T9495] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.2110: mark_inode_dirty error
[  152.713314][ T9504] loop1: detected capacity change from 0 to 8192
[  152.713741][ T9495] __quota_error: 1065 callbacks suppressed
[  152.713759][ T9495] Quota error (device loop2): write_blk: dquota write failed
[  152.734572][ T9495] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  152.744684][ T9495] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.2110: Failed to acquire dquot type 0
[  152.775697][ T9495] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.2110: corrupted inode contents
[  152.812460][ T9495] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #16: comm syz.2.2110: mark_inode_dirty error
[  152.839904][ T9495] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.2110: corrupted inode contents
[  152.862123][ T9495] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.2110: mark_inode_dirty error
[  152.875121][ T9495] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.2110: corrupted inode contents
[  152.890077][ T9495] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  152.900527][ T9495] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.2110: corrupted inode contents
[  152.917720][ T9514] SELinux: security_context_str_to_sid (��) failed with errno=-22
[  152.937253][ T9495] EXT4-fs error (device loop2): ext4_truncate:4666: inode #16: comm syz.2.2110: mark_inode_dirty error
[  152.995051][ T9495] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  153.036658][ T9495] EXT4-fs (loop2): 1 truncate cleaned up
[  153.065571][ T9495] ext4 filesystem being mounted at /456/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  153.360124][ T9537] loop2: detected capacity change from 0 to 1024
[  153.370092][   T29] audit: type=1326 audit(1756698956.223:16051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9534 comm="syz.4.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe552a5ebe9 code=0x7ffc0000
[  153.393740][   T29] audit: type=1326 audit(1756698956.223:16052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9534 comm="syz.4.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe552a5ebe9 code=0x7ffc0000
[  153.420790][   T29] audit: type=1326 audit(1756698956.223:16053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9534 comm="syz.4.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7fe552a5ebe9 code=0x7ffc0000
[  153.444386][   T29] audit: type=1326 audit(1756698956.223:16054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9534 comm="syz.4.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe552a5ebe9 code=0x7ffc0000
[  153.467995][   T29] audit: type=1326 audit(1756698956.223:16055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9534 comm="syz.4.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7fe552a5ebe9 code=0x7ffc0000
[  153.491495][   T29] audit: type=1326 audit(1756698956.223:16056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9534 comm="syz.4.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe552a5ebe9 code=0x7ffc0000
[  153.515077][   T29] audit: type=1326 audit(1756698956.223:16057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9534 comm="syz.4.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe552a5ebe9 code=0x7ffc0000
[  153.538733][   T29] audit: type=1326 audit(1756698956.303:16058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9534 comm="syz.4.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe552a5ebe9 code=0x7ffc0000
[  153.649199][ T9543] netlink: 'syz.4.2131': attribute type 30 has an invalid length.
[  153.673530][ T9543] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  153.682847][ T9543] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  153.714741][  T363] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  153.751099][  T363] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 320 with error 28
[  153.764289][  T363] EXT4-fs (loop2): This should not happen!! Data will be lost
[  153.764289][  T363] 
[  153.773987][  T363] EXT4-fs (loop2): Total free blocks count 0
[  153.780013][  T363] EXT4-fs (loop2): Free/Dirty block details
[  153.785923][  T363] EXT4-fs (loop2): free_blocks=68451041280
[  153.792469][  T363] EXT4-fs (loop2): dirty_blocks=320
[  153.797776][  T363] EXT4-fs (loop2): Block reservation details
[  153.803763][  T363] EXT4-fs (loop2): i_reserved_data_blocks=20
[  153.836229][ T9552] SELinux: security_context_str_to_sid (��) failed with errno=-22
[  153.995664][ T9570] __nla_validate_parse: 12 callbacks suppressed
[  153.995681][ T9570] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2142'.
[  154.005952][ T9576] loop0: detected capacity change from 0 to 1024
[  154.213495][ T9599] loop3: detected capacity change from 0 to 512
[  154.243916][ T9605] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2152'.
[  154.265217][ T9599] EXT4-fs (loop3): too many log groups per flexible block group
[  154.273726][ T9599] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  154.280779][ T9599] EXT4-fs (loop3): mount failed
[  154.291283][ T9605] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2152'.
[  154.388537][ T9607] loop0: detected capacity change from 0 to 1764
[  154.403486][ T9607] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2147'.
[  154.413130][ T9607] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2147'.
[  154.427464][ T9607] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2147'.
[  154.436371][ T9607] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2147'.
[  154.457379][   T31] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  154.479876][   T31] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  154.535286][   T31] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  154.603325][   T31] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  154.693412][ T9610] netlink: 148 bytes leftover after parsing attributes in process `syz.4.2153'.
[  154.715432][ T9611] loop1: detected capacity change from 0 to 512
[  154.777040][ T9611] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  154.794990][ T9611] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.2154: corrupted in-inode xattr: overlapping e_value 
[  154.811197][ T9611] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.2154: couldn't read orphan inode 15 (err -117)
[  155.055438][ T9631] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2160'.
[  155.092762][ T9631] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2160'.
[  155.277812][ T9641] loop0: detected capacity change from 0 to 8192
[  155.585624][ T9655] geneve1: entered promiscuous mode
[  155.591052][ T9655] geneve1: entered allmulticast mode
[  155.683369][ T1874] ==================================================================
[  155.691501][ T1874] BUG: KCSAN: data-race in n_tty_receive_char_flow_ctrl / tty_set_termios
[  155.700035][ T1874] 
[  155.702366][ T1874] write to 0xffff888103582908 of 44 bytes by task 9656 on cpu 0:
[  155.710115][ T1874]  tty_set_termios+0xc0/0x8c0
[  155.714810][ T1874]  set_termios+0x496/0x4e0
[  155.719246][ T1874]  tty_mode_ioctl+0x379/0x5c0
[  155.723949][ T1874]  n_tty_ioctl_helper+0x91/0x210
[  155.729032][ T1874]  n_tty_ioctl+0x101/0x200
[  155.733468][ T1874]  tty_ioctl+0x845/0xb80
[  155.737734][ T1874]  __se_sys_ioctl+0xcb/0x140
[  155.742341][ T1874]  __x64_sys_ioctl+0x43/0x50
[  155.746961][ T1874]  x64_sys_call+0x1816/0x2ff0
[  155.751646][ T1874]  do_syscall_64+0xd2/0x200
[  155.756171][ T1874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.762076][ T1874] 
[  155.764416][ T1874] read to 0xffff888103582922 of 1 bytes by task 1874 on cpu 1:
[  155.772002][ T1874]  n_tty_receive_char_flow_ctrl+0x59/0x1a0
[  155.777835][ T1874]  n_tty_lookahead_flow_ctrl+0xed/0x130
[  155.783402][ T1874]  tty_port_default_lookahead_buf+0x91/0xc0
[  155.789316][ T1874]  flush_to_ldisc+0x285/0x340
[  155.794005][ T1874]  process_scheduled_works+0x4ce/0x9d0
[  155.799477][ T1874]  worker_thread+0x582/0x770
[  155.804082][ T1874]  kthread+0x486/0x510
[  155.808150][ T1874]  ret_from_fork+0xda/0x150
[  155.812657][ T1874]  ret_from_fork_asm+0x1a/0x30
[  155.817425][ T1874] 
[  155.819739][ T1874] value changed: 0x13 -> 0x31
[  155.824407][ T1874] 
[  155.826734][ T1874] Reported by Kernel Concurrency Sanitizer on:
[  155.832884][ T1874] CPU: 1 UID: 0 PID: 1874 Comm: kworker/u8:7 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  155.842878][ T1874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  155.852942][ T1874] Workqueue: events_unbound flush_to_ldisc
[  155.858772][ T1874] ==================================================================
[  155.918039][ T9654] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0'