last executing test programs:

6.882114775s ago: executing program 4 (id=808):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmmsg$inet(r0, &(0x7f0000005380)=[{{0x0, 0x0, &(0x7f0000002c80)=[{0x0}], 0x1, &(0x7f0000002d00)=[@ip_tos_int={{0x14, 0x0, 0x1, 0xfff}}], 0x18}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{&(0x7f0000004e40)={0x2, 0x4e22, @local}, 0x10, &(0x7f0000005000)=[{&(0x7f0000004e80)="77b3463f8c779af63103bc4400da7540048bb2a1b72e5ba9d911d1605211c62676b89865c469dab631c8f35ba801f39c4f0fdbeeda285d305fc33564635bed161a1ad6377d28ec88582db796bddb0e34154b33ffa2595e8f0419eeace4a50ea77b6354e8c0ecaac3ddfc7bfe339407f7f9eb9b77c2765253559984213ed0c404a1b673f658bffe5c65111275d1744a0d14c893b92c4a87108425bd52519d15b155b3db058483d844573b4475e6340abdb769aee2e8bb3e8873f27cab1f", 0xbd}, {&(0x7f0000004f40)="d4827732ba81ea186c667682cd7249d55bb19e37527592cdc7fa0f819b1cc0cd8802ec7a143b79aa26869dcae2f422f58c89406a8390a27240fcdc6efc76f3df8befd3e40b328d4f165602110eb05b73ad1d68cca55ac8811ba49fb9de7cd139a145deabdab63d34fcae1e1e59f72b5f8870d9de577ef64d3fb9daf35f84b42b1e3276adef1ac86b5eb0cce15ca29198b0e9c8d935b51b0e0787c2af", 0x9c}], 0x2}}], 0x4, 0x20001081)

6.843882775s ago: executing program 4 (id=809):
r0 = syz_clone(0x32020200, &(0x7f0000000000)="32b62c5a042f5638bf1661bb7dbdbd0f932e57c7fe0b7eb6484b85477e", 0x1d, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0)="c208970fe18cd6a2406c740e6442b1d99b51b8206e904c55ea223d49bec7f19d6145d4ced9b97cb75a6e3d")
process_vm_readv(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)=""/132, 0x84}], 0x1, &(0x7f00000012c0)=[{&(0x7f0000000200)=""/4096, 0x1000}, {&(0x7f0000001200)}, {&(0x7f0000001240)=""/86, 0x56}], 0x3, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000001300)={0x0, <r1=>0x0})
ptrace$poke(0x5, r1, &(0x7f0000001340), 0x7ff)
r2 = socket$inet(0x2, 0xa, 0x1)
r3 = accept$inet(r2, &(0x7f0000001380)={0x2, 0x0, @multicast2}, &(0x7f00000013c0)=0x10)
r4 = socket$inet6_sctp(0xa, 0x0, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, &(0x7f0000001400)={0x0, 0x8}, 0x8)
r5 = pidfd_getfd(0xffffffffffffffff, r3, 0x0)
ioctl$LOOP_CHANGE_FD(r5, 0x4c06, r3)
r6 = pidfd_getfd(r5, r5, 0x0)
setsockopt$RDS_GET_MR(r6, 0x114, 0x2, &(0x7f00000014c0)={{&(0x7f0000001440)=""/37, 0x25}, &(0x7f0000001480), 0x28}, 0x20)
syz_usb_connect$cdc_ncm(0x1, 0x8c, &(0x7f0000001500)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x7a, 0x2, 0x1, 0x2, 0x90, 0x0, "", {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xa, 0x24, 0x6, 0x0, 0x1, "38e0d3f61c"}, {0x5, 0x24, 0x0, 0x6}, {0xd, 0x24, 0xf, 0x1, 0x8, 0x1ff, 0x7, 0x6}, {0x6, 0x24, 0x1a, 0x100, 0x8}, [@mdlm={0x15}, @acm={0x4, 0x24, 0x2, 0x4}]}, {{0x9, 0x5, 0x81, 0x3, 0x10, 0xf5, 0xc, 0x80}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x3ff, 0x2, 0xc, 0x9}}, {{0x9, 0x5, 0x3, 0x2, 0x400, 0x10, 0x75, 0x1}}}}}}}]}}, &(0x7f00000019c0)={0xa, &(0x7f00000015c0)={0xa, 0x6, 0x300, 0x9, 0x0, 0x9, 0xff, 0x4}, 0x5, &(0x7f0000001600)={0x5, 0xf, 0x5}, 0x8, [{0x4, &(0x7f0000001640)=@lang_id={0x4, 0x3, 0x4ff}}, {0x6e, &(0x7f0000001680)=@string={0x6e, 0x3, "2c493162dad018fda5c7fb50e0fe7430f5fdc7aacf6f4c9c0845a1f1b80253abd1a47a3b6658221ccc49bc3ba9ead2961b846f27e122e0d6200c8371ab89ef5d16c5d6f7f97fd31e6f48903736c3cd9b89701c034ef13d90da009518fb1572bec6496aaa67fe5f19556a4919"}}, {0x43, &(0x7f0000001700)=@string={0x43, 0x3, "77d56b2b0e66bee9a9454d048a356bb16ba7c8feeafa0dab65d5396418a97d4af38693b16bdbffad2b853526cbae68f44d2d43895f32f1f1837f50a3c47ae895e2"}}, {0x39, &(0x7f0000001780)=@string={0x39, 0x3, "87e12e830f9d155d659a3dd3cbe5fc49445487a32a1953d298b0f06185cc9e31c389fe4df0f88a486573e6733498a8ec2b0c761d2af636"}}, {0x70, &(0x7f00000017c0)=@string={0x70, 0x3, "f48d2778760fa034b8036755aaeea696cf2e1c6c8af41547e622144cf2fc7448f2a2885f3c30742e22ba4323b173ed853aacf26fea635a219440642684c44a5b18e5337fc72d58325de2c2db01c4c81801e4c86466df326f26cc88dd4c1f0cb6709b2b5f7a640d41032ab8550cc6"}}, {0xfc, &(0x7f0000001840)=@string={0xfc, 0x3, "a59b9e876b2b47713a85159dc7252e1f99c66501f219a0ac8aec849975f2fa563f75167dd3c65bd40ec94f55a3b64ffc77039d865296a617f533613ec02f96c31dcb62e60c592c42d891fbcef209f1f3bef61c81d9e7c845a8fc2f8ac52fef549f6b5cb82356cb2034f7fec8959151585cb34fd04b0b0901e6991562186c4a62585ba8a1f26372057a663c7db0bc06ce1cb2ed4d86b44d17cd18075cd6caefcd8a99ce5c36b2058775bcdb791e1e0a0e2e425483dde2974c33effd981ea8daa74a6cecc027e39c45fd8d6d4d17ef785a8b03a709a7cae5c26a90855905d83a43f47e22ba520a2c7110973716c07cc2446041326d75fcaa91f009"}}, {0x4, &(0x7f0000001940)=@lang_id={0x4, 0x3, 0x411}}, {0x4, &(0x7f0000001980)=@lang_id={0x4, 0x3, 0x813}}]})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001d80)={r6, 0x0, 0xe1, 0x72, &(0x7f0000001a40)="3f78232d9a1d0c298fd82d7d513b650f213d9b037342a571f4c15714db2c5f8199ee7e4f4b32248e254d9d35221be74c2ebd895a73b37fa47d410e20d453f8cbf8fe076e9e009fdb65795908510c1460669af5e02322ca7304f5f13d56138915a10628e0018ce563a690947b4b660819240aaf23b27e318d9cf6c9d7256105872ed6182e206d6eb369c13a1b39c00e366c9e2a79c70063fa785787646f556bc7516bd4c762ec10f9ae45041a535282caf8adf73669e4e3e05f1eeb460b6ad36b39b11f6ee5aa7073e182b09765859779c5349d0128d882fd014e92ffb3ba041f57", &(0x7f0000001b40)=""/114, 0x8, 0x0, 0xef, 0xb4, &(0x7f0000001bc0)="992ecf555679539810f683ed7ede42101aa0f059796f82186624505c388fc92905357f9e0803d4b988531fe25785a8be60fc1869be427f1f5edf74076d8af5a51f79410c91f1bfbb062d9851314596e9c8959d7ff58e32e842b0807a52e7d38aadc670f28037234679a923153ca28aa779a1177215537f3aa26b10a664e9f7f0477ccb2906e86761fdeecadb3b065ce090f34f048f6cbbb1c719e6e06f4ecb8c8df5f1c4ec9387035b07b2693ca573b22dd92fdd8f1053667021c330edc0a747dc04dab124eba737f4fc5aebd88f3f965c7707a1531603b7f91d03f946f8cb684d9f6613755d9c2324e84be6ee239d", &(0x7f0000001cc0)="1772e5007981b4ce40e0dfd4cc3d608a4c8960550977dde83ef7785cecf1fdc77123d8345ceae444e581869d861cb8640ddc1aa0531e5e63b2bda94f7f4284903827a7b0cdb97cf2e3a43b5c5de201547b3a23104dac916e76ac1d2e06b7ea80bb737907ed6a4cf7372ea2a0d7d79df19adedf53b133872bfa8a09d0fb9920e8745132f85a51e097b64da515d008f9b407279352ef83aee410829b26400ccb74dc4dc3f566b7ad2f13590088a49203acdb9b324d", 0x1, 0x0, 0xfffffffa}, 0x50)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000001e00)={<r7=>0x0}, &(0x7f0000001e40)=0xc)
setpgid(r1, r7)
fstat(r5, &(0x7f0000001e80))
socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r5, 0x8010671f, &(0x7f0000001f80)={&(0x7f0000001f00)=""/105, 0x69})
openat$ptmx(0xffffffffffffff9c, &(0x7f0000001fc0), 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000002000)=[@in6={0xa, 0x4e20, 0x7fffffff, @remote, 0x40}, @in={0x2, 0x4e20, @broadcast}, @in={0x2, 0x4e23, @remote}, @in6={0xa, 0x4e20, 0x10, @private2, 0x4}, @in6={0xa, 0x4e23, 0xb, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7fffffff}, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x84)
socket$inet6_sctp(0xa, 0x1, 0x84)
write$9p(r5, &(0x7f00000020c0)="b2e3a500790dd24dd33005111ec56913724d6223eb7e0c90cc5f860c806d3e83b16de54581459e97726c27a02cd029643538c6a4f5eb72313c0ab2d1d36ef4e03114a0c472e330595e781d1aac03e3c364a7a09b3951202cd3f862691995d8ba8c1077045b1dc4ee49b4ae31c70e8d820f8d405058bedf60c94f9980729181c94fd1d3f5fb92a4c3618b93f01d515e33ea9b140ce51ffcff7e373687671aff82041dcd34b6d1c8e653bd7d4df29e511f3d25af57c26ebeac0dd66c8e36aed5b3eee4a94fefc2493cb37fcbbf7d0db3665d029d223454b672c750e8e245b9ef9b0d44a86da5e50f66f51b6757ddae4649b7844246516b5393016955856966b4a280ca7a0a95308399147e9007c62d2d22c02ed589a4b56a3030d585804b41d6b6bf03bbd9cf09ac1348b6df4180f9752cedfd651c7423e5756e0f5ec27e0b23da98bc63c12fffbb6dcb5cf2262306674f3111ac561217f90062572d25414056d246128cb01dd47761389e6d3eb6dd8b3f7139408b5d5ca668814c6089cdf95b83983308d9dab56f3c4d2a31873d2f7b1cc0f02e7a83ca49a43f64c58180607a6367752e01441a02aee51b27c477b944130b3e9daff1483aeca23580fd6eb8fc1746a79dfde858aa814f9c84117c78fa4b7f3277ff4e4071a7f675bf8d0d5c91df58a6b7cf5e8c8b11a37405def72085196ce70fa0a64ca3706c3a6cb293f83573db0c4d6b0c3210db60298b8efd8031746384d34e30345c83b0bc89b8bab3097bf1a1824b6a4a3f598ec692dd1addd63c75edb1288c4a0dcab32e70b5536dc6152a4dcd4ad280089667e69caad6cd6d8ff1f194eaf449d1b56d9afc78a4780c1932d6112564e465cd3067684bebaa53c91fa836782e296443c0beabedacf5603cad567fc1d0fcf318d5a8ec8c59f65e91bc5ed8fec44ce7ab46fffc04f5320fac3161b5a05eb323a71c5d7f71856323df0b071167526447d5a7478441595074d1248242f9ccb53784a05067470cfc3b0ba487f7f5bcc7b974d1e81df7a2fe424a1d52287292f304d3328965dcde6b8f7b7a6db29dee5a8c0949d9fc6df9f6a38a363a1cc5716e32f72dea875e50e51773988b6410d9cbde1eb1cdb8c23cd23320580dd4c310797110037b7b06c56d19667d8fc4b6a020bc07aa76a8d7960a78e4811e5b560e9cb002e61b854d639ab67e996d941eb525130affbc6b06118a6fee5a6cfc291b77e2e634fea2c3a6d19bcc47085fb6dace1595a3b6e8b48cc16012cddb810581db3cadfaa0002be721224e3a1273f3e5b5726127336b6b987dd1f74e1f1f08fd80b9b20838261f0a5d8241beddb8c7b857b386fe4a82c0b1db366af198b82e3bcac57f7414853b1ee590e50b640d9f55731db8d101da3441687fd43fad60d2ab2b04069e02705a261e1a023b4bccab3ddb974437f80ae63d59cef7f1a96ef6b8f0087125719e74273e0aaec8d4e90e0eac5ad52daee8f5174dfc5e1a35894d69844c2eba36df353a371eb252cf0d230382216785c3088863564c720c355f23432b32607cb0559ff71c23e5cc90be01a2b20c1d3c52cd1946990d928ae7d8a051c50174338b4b688642fed3732dba2c5e78fb93a2bdb75c76af4c8d6eca53ca001a28a35c3593039263fed6007f040e508fa5f0db6b565499ae364d9c075c4574ed4bd948c4de4139060dc3e9e20a1451ce35274d04b1ca971777b418d0031cac1d25e4ee66956e6b05a556122710e758a00d863e1f0231317f213d3c8a26de9c498bf261be8d342ba0f93c3217ab251e92d74a069a07658d36cb4c63f1ec2a5f6082b3a1b66a8f4a6138daff0210c15bffc6afb8a9b2f8c49b0f2e300aceb6c44530fb2694f5f4f25258a1e5122b451423f81d17d72d82337d813c057b42a016085553f0eba0e7f3f2d2c7dfbfd34d7dcf357c3a781d4e969aa65a1fe8553070d5a93a08c4b11efe5e0ca61deef8b26b2fe3b342ec4d873bba6357e048f1cba6cf89fe0e1dc37cca9016ca1c3281f4ebbd22d21a050d2a0e0b477ff45bd512aa00918c0b61b9baee502cd0ba3026126b87f74b96b3caefcba8f4672fe50c268c34b56a26f0c8579b32e3bebd7886ddebc2b3c89bd61b222fcb177331942d92c2954d08273f4be95353cd5b50b07e0b930eabb326cc2926b2fc97475c521fa9a5d845e0832cba11c30f788a291bb8a48213e781fd24771b6b80cb2a73b8314c8b217e3bc43ee5d1dd55811a933eaa2329e2fd01fc00c9375c7226974f45e4d671192a971f873254a04e80bc88d2267f7bae4c8c4cfad1dd41c2eac4714eb68b3e86415aedd8ed448ca1496f2e09f664dccbabd7e8f0bac86bfbbc27dca63b6137b85e9ee9212188be5a6db627ed6bf54dc8360fc117a526d3170222ff7c55c4201d1d9e826fa5054731f0130fb35d78c5b71ecedfd97a0053fce2b6b893d077d86cfc2bd6e11c5132ca7b6795ea126a9f87c75727dd4d3f06e8c05289114287f8136510fe2fdaad862ea218f235a37d21688529737d93e5978aa06963adf6f2f9dfe7f377050d632cbfbf802a67677177dbff93e534f651293ac4905a2c3865c2a8f8d5e89392e22111d7de52839f8aec99a7bd5ac66f1650fe93bea5ba1c466db5d55ebf8935f4d756ae59affa6b02684863303226ecc08b6c9ae3ad74fd86e0fe62ed43b68a1c3e7a9deac7810f118a0536fa04a0d0b2df9bcf7979fcbfbba90dc6d16bdde5ac1bc49da23907eb508530d5757617a3540540967331698e82fda21b26fa61ff9919a5dfe1e2d2c9d394559957179fbd3ca0ee8b10fc65e3cd4e6ff1269290f7795e5fa300a5b0453ca7bc203e182368580b95225cb086b5b93a2885d674ea5917cf1cb2dd850a052e441ae680150b59e8b8cead9774c8484e7eb3f4918a2d378235c35a5b998abf617af02b7da741f5d90b2027ef66378ef3a62d452583ad8b92840df98109e10a2327767093ac03b6c2ae398409737f1661203aa2cffca6afc3691d5ae36e24c5b0541868fc2be9b0e7f16f9e0aaccfa310dbae28e65cec38b0cf04f6c4ff66197f99c7806012bbd2f59d09a410a2f8cd9b330840fa38e971ae0760b663b82420e99da70ec2d23515421e425bece81edd5d69afc8f5fca96c44a285fd1f4558e90a30492f6821cc3f415b0469502f985d085ad5b0872f04e44adde95dba19f3c9c098f946d9174c5963751b867fa7e1127df4055a096039ac27b2794b494a1b7b0281703847ee1a112c2fd13fb259dbcf254c62b969efba10a11aa9e2bd4ad1400e059c81d36a052d8b7f187a13ee6a0198ce771c015fc49327a48788bcd979a12d7a6e846c02d0ec927a445f82924b6803378d866ec286b13cf05151763e16fd38c9a563154c8f8b474d0a86be916416bf903c0ce001384cdca7b1f0c87113401bebda410e1a533e62ea939451f138ccdc28919c68f3a49ef30674e8f6944183ba35dbc69bc0a800c1ac9a1e5b1dd56a8e9e7206ce4c0729ec98cc9c0be7532146a5cddffa1ce969f8b03d69ab9442dec9089237731eabe87dbbf8ee31d23faae70d91d0b52700b7c3e6ac63d7b7d9ae73cd5ecab1b7fcf8752712bec086933297adca7ad121048eb26749ec7db3d89d79a49d9732a8edb32bd20fb2218422af637be6b9d109adf6b090a6bade222e9f8f7df7c21464617e8bea221920c334a6a954eeb63425c81c9fbdc6e338438f32dc560044f8575ce8bbae2c21e48c987aad1d1e0e9b7a1c6f690a9ee8c53e87647bebbe36ee438412c10ba865204851c591b0bbbab321f61258fdcfa056ffff07e7483100c4bba6e5c36fe3159d32fb5bf4529824486ba9674c2c8b7d5b76aaa2a3f5d7aac241706b6ade077e8d7fe386bfa6076e31b8fcef1b5b36d749da8b63fcf5ceb43ce7559939fca7016911adc2779189f2492ef0a18687600890299fdaddf04d8b089f98aebe249c101bfbd8c24c1bdc219ce7cc3e16b783fea6de64f09c4775c0767a8d493138656832d59ce2cec2d405b8ffe72e0e2f3c60e2b9e22b09392c6de9d5edf8d399ee61d3d2ecef3888c3d0d960bdc5f3a771a1c001d6b19baeaff8166ed1efce1809102d54bf91b44c8e4733136989188ceede7abf5bbdc60fd787fe568abd8913ec5b33977f956a186d92a1f3700f91da86bb548a49e99408ccbd1a77b41eb6df858c7acfa12d8155cd9d0395a8385f08ce66a8e99bff9382d807e7cf1ce6579d7e01bc7173e26c4859edf652cdb8b97465c50ff196a217fcb3e7706a04d896cc4bff485d1ba74fd736dccf8f25b783cd90f9f2a1de89ea092ef1e6eecde3a7fa6f579dd1ac5a0fb8b7e84cb09f5a5b5943f82ef1666661be21aa6da410b9d7e3548fe6f9ffab96692670dc5fe485fa6ea210fc74b366eb60fa472364e865ea071e6d322164ca389a09e194ea8db1de80fdc518ad805fbc97537588d65933ed0665312853336e5f652880191bfd8457170586c306f2383651e4c1ef20c6945c273f0f639d6ebf39acc8a890ab4d3b4e2fcdcb7e61360e1261da81f60272fcfab3f3a67f8831f33e83be01e2e29354db7dc2becf09027d83819ac6f55f7d63e78c2ab3f24064481db1907482033e86f0f686434044d6efce2b7f47307b648fc361da850e61b72852d3b76609677c5dd6666da2ff486402f081d7fb987574e92667e22e2beefdd3dc832d765d905519103377cacd47744f4fe662792abd1c093863d7d0781178260d682d53636a932c150eba9d69715dfba0641d625731f81d82a1700b22aa372bf87453447614056eed4a10ae97d2fc41bb862611802d984bd57a9119c1f16fcc7a99b8f05c55146feb70040b108c43cfb5d5259ffaa7642fbcbc80375b60e8c0fb0a579dc0d74fd5c4988822c945c878f8651ab27e7ea321d53c90a19d6a516f97d632b4e1b4c866a36b55b3a7563acca1ed7bd570b4d1626ce58df0138f9bb6ca12c9cdd95ee895f0d56ba5734efe2a57f4398ecb0cc1c79add52b9dbc0d941073bbd203ba08af569491d2e10584a4b311f90d1debe85333c5cf2e772a075e558bd1fda9040add4f1f5cd8a18c7ed9055b58b15467976adb78e35343c412ae198a8d359ccf875d57d9e29e7c10eb48f22c04f9dbe67432af8610d02fa8518add2d641ecf27de87cea129a62ad003422342665393343f8ad695da2ad80442d0cfa726f73c21f87f4a51972bf0a2858d08b9c4425946d0eec523fffeb050f37d939dc4502fedf2d5e9d5ecd7cac0fc7d321f5527b01a93d39dde206ba442e1001120247af9c0b2f82a2d202a94e1dca0d06ea4bbb8b3ae7b56c089d7d07dbc59a32ca6d95f06d38297a726b51f605c7d108aed3b9eea0f245bd30e5ce42e20d37d7209dca3a19480ff767a8d01b12cfeca2e2bcb423ad9c84a95cf09db6414b88cfef2072b3721261b0ff1ac1f1741ef967f283143a0ea494611ba8c0cb7c100a42e62a0d18840067a43ed275781231f80c18f003d4318839365724374879370762d92759053ac5199066030d4b5f88082eaad2da6266660fe4cd41c650aad310a5629dc2ca885d08e0e0286ff5f5937cf35dec9930de29c0577de9ebd1824e6539b9efa78f279923fa0ddd695c630bd83e563f9d33f7fcaf000e6aef27e33ac047753ac88f07182a84ee919d8d416fcb873914c7dc355705fc33ecc39bbeea45a6bedba710a0aad2267114ad0a4aab7b6f5769683d559df4e6faa9c7b2dec6c3dc5f4c94903d76b7dd4552ae140b5a069df1d31b48de3a1e4b8809453b6c8166c3d5979e69ec143ff0fe1097f3", 0x1000)
ioctl$SNDRV_TIMER_IOCTL_START(r5, 0x54a0)
setsockopt$sock_int(r3, 0x1, 0x5, &(0x7f00000030c0)=0xffffffff, 0x4)
r8 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000003100)={<r9=>0x0, 0xfda}, &(0x7f0000003140)=0x8)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r8, 0x84, 0x71, &(0x7f0000003180)={r9, 0x6}, 0x8)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r5, 0x40505412, &(0x7f00000031c0)={0x3, 0x0, 0x80, 0x0, 0x12})
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r6)

5.582542265s ago: executing program 4 (id=815):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x84ff, &(0x7f00000000c0)={&(0x7f0000000180)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd26, 0x8000, {0x0, 0x0, 0x0, r3, {0x8, 0x7}, {}, {0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x10, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}]}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

4.124454111s ago: executing program 4 (id=818):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x1c, 0x1, 0x1, 0x5, 0x0, 0x0, {0x7}, [@CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4044841}, 0x10)

4.108953771s ago: executing program 4 (id=819):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmmsg$inet(r0, &(0x7f0000005380)=[{{0x0, 0x0, &(0x7f0000002c80)=[{&(0x7f0000000340)}], 0x1, &(0x7f0000002d00)=[@ip_tos_int={{0x14, 0x0, 0x1, 0xfff}}], 0x18}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{&(0x7f0000004e40)={0x2, 0x4e22, @local}, 0x10, &(0x7f0000005000)=[{&(0x7f0000004e80)="77b3463f8c779af63103bc4400da7540048bb2a1b72e5ba9d911d1605211c62676b89865c469dab631c8f35ba801f39c4f0fdbeeda285d305fc33564635bed161a1ad6377d28ec88582db796bddb0e34154b33ffa2595e8f0419eeace4a50ea77b6354e8c0ecaac3ddfc7bfe339407f7f9eb9b77c2765253559984213ed0c404a1b673f658bffe5c65111275d1744a0d14c893b92c4a87108425bd52519d15b155b3db058483d844573b4475e6340abdb769aee2e8bb3e8873f27cab1f", 0xbd}, {&(0x7f0000004f40)="d4827732ba81ea186c667682cd7249d55bb19e37527592cdc7fa0f819b1cc0cd8802ec7a143b79aa26869dcae2f422f58c89406a8390a27240fcdc6efc76f3df8befd3e40b328d4f165602110eb05b73ad1d68cca55ac8811ba49fb9de7cd139a145deabdab63d34fcae1e1e59f72b5f8870d9de577ef64d3fb9daf35f84b42b1e3276adef1ac86b5eb0cce15ca29198b0e9c8d935b51b0e0787c2af", 0x9c}], 0x2}}], 0x4, 0x20001081)

4.063791263s ago: executing program 4 (id=820):
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x10, 0x4, &(0x7f0000000180)=ANY=[], &(0x7f0000000100)='GPL\x00', 0xdc8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x10, 0x4, &(0x7f0000000180)=ANY=[], &(0x7f0000000100)='GPL\x00', 0xdc8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000100), 0x8) (async)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000100), 0x8)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$lock(r0, 0x24, &(0x7f00000000c0)={0x0, 0x4, 0x7ffffffffd})
io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x970, 0x1f480, 0x0, 0x399}) (async)
r1 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x970, 0x1f480, 0x0, 0x399})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x18000000000002a0, 0x33, 0x3d, 0x0, 0x0, 0x500, 0x60000000, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xfffffffffffffdce)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x4, @perf_bp={&(0x7f0000000100), 0x1}, 0x1000, 0x0, 0x80000000, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
writev(r2, &(0x7f0000000840)=[{&(0x7f0000000880)}, {0x0}], 0x2)
io_uring_enter(r1, 0x8ae, 0x6931, 0x17, 0x0, 0x0) (async)
io_uring_enter(r1, 0x8ae, 0x6931, 0x17, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_setup(0x3, &(0x7f0000000580)={0x0, 0x226f, 0x13500, 0x0, 0xeffffffd}, 0x0, 0x0, 0x0) (async)
syz_io_uring_setup(0x3, &(0x7f0000000580)={0x0, 0x226f, 0x13500, 0x0, 0xeffffffd}, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f00000002c0)={[{@test_dummy_encryption_v1}, {@usrjquota}, {@auto_da_alloc}, {@init_itable}, {@nodioread_nolock}, {@journal_checksum}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}]}, 0x1, 0x587, &(0x7f0000000940)="$eJzs3V9rW+UfAPDvSZv9//3WwRgqIgUvnMyla+ufCV7Max0O9H6WNiuj6TKadKx14HbhrmV4oTgQLwXx2svhG/DC1zBQYcgoeuFN5KQnWdombbqlaTSfD5zyPOec9Hm+ec7z5Dl5EhLA0BpP/+Qino+Iz5OI4xGRZMdGIzs4vn7e2uNbs+mWRK324R9J/bw03/hfjccdzTLPRcRPn0WcyW0tt7KyujBTKhWXsvxEdfH6RGVl9ezVxZn54nzx2tT09Pk3pqfefuvNnsX66qW/vvrgwUiWO3EviQtxLMu1xvEMbrdmxmM8e07ycWHTiZM9KGyQJG33/tD3erA7I1k/z0c6BhyPkazXA/99n0ZEDRhSya77/y/5vakJ0F+NeUDj3n7n++Dv+jAr6Z9H767fAG2Nf3T9vZE4FPn4Mo6sJRvujNL73bEelJ+W8eNv9++lW/TufQiAHd2+ExHnRke3jn9JNv49vXNdnLO5DOMf9M+DdP7zWrv5T645/0ltnv8cbdN3n8bO/T830oNiOkrnf++0nf82F63GRrLc/+pzvnxy5WqpmI5t/4+I05E/mOa3W885v/aw1ulY6/wv3dLyG3PBrB6/jx7c+Ji5merMs8Tc6tGdiBfazn+TZvsnbdo/fT4udVnGqeL9lzod2zn+vVX7NuKVtu3/ZEUr2X59cqJ+PUw0roqt/rx76udO5e93/Gn7H9k+/rGkdb22svsyvjn0dzGa68kbbYg/ur/+DyQf1dMHsn03Z6rVpcmIA8n7zf25xv6pJ49t5Bvnp/Gffnn78a/d9X84Ij7uMv67J79/sdOxQWj/ubbt37y73dT+HRONC2bLoYfvffJ1dqy2eSDsbvx7vZ46ne3pZvxrU8GkXRDP9OQBAAAAAADAgMlFxLFIcoVmOpcrFNY/33EyjuRK5Ur1zJXy8rW5qH9XdizyucZK9/GWz0NMZiuGjfzUpvx0RJyIiC9GDtfzhdlyaW6/gwcAAAAAAAAAAAAAAAAAAIABcbTD9/9Tv+7pLy8AA8FPfsPw2rH/9+KXnoCB5PUfhpf+D8Nrl/0/2at6AP3n9R+Gl/4Pw0v/h+HV0v8X9rMeQP95/QcAAAAAAAAAAAAAAAAAAAAAAAAAAICeunTxYrrV1h7fmk3zczdWlhfKN87OFSsLhcXl2cJseel6Yb5cni8VC7PlxZ3+X6lcvj45Fcs3J6rFSnWisrJ6ebG8fK16+erizHzxcjHfl6gAAAAAAAAAAAAAAAAAAADg36WysrowUyoVlyQknioxOhjV6CoRuYiWPQf3uz6DnNjvkQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnvgnAAD//64qL2Y=")
socket$kcm(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid() (async)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) (async)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000500)=@abs, 0x6e) (async)
connect$unix(r4, &(0x7f0000000500)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0xf241f1a146326c4, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.708679454s ago: executing program 0 (id=824):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)={0x5c, 0x9, 0x6, 0x801, 0x0, 0x0, {0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0xe1f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x88}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e22}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90)
r1 = shmget$private(0x0, 0x800000, 0x1, &(0x7f0000173000/0x800000)=nil)
shmat(r1, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xe)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)
shmctl$SHM_LOCK(r1, 0xb)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x17)
shmctl$SHM_UNLOCK(r1, 0xc)
signalfd4(r0, &(0x7f0000000000)={[0x4]}, 0x8, 0x0)
r2 = creat(&(0x7f0000000340)='./file0\x00', 0x28)
close(r2)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000000, 0x8031, 0xffffffffffffffff, 0x2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000500)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0xf241f1a146326c4, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x40f00, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = perf_event_open(&(0x7f00000012c0)={0x1, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xdfc, 0x9}, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r6)
socket$inet(0x2, 0x2, 0x1)
openat$uhid(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00'})
poll(0x0, 0x0, 0x81)

3.441058102s ago: executing program 0 (id=827):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_DEL_SEC_DEV(r0, 0x0, 0x24000800)
syz_genetlink_get_family_id$netlbl_unlabel(0x0, r0)
sendmsg$NLBL_UNLABEL_C_ACCEPT(r0, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=@base={0x5, 0x6, 0x8, 0x5, 0x40}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000004a0850000002d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r2}, 0xc)
socket$igmp6(0xa, 0x3, 0x2)
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./file0\x00', 0x800000, &(0x7f0000000240)=ANY=[@ANYRES16=0x0], 0x6, 0x2e6, &(0x7f0000000780)="$eJzs3cuKHFUYB/Cveqqr2wvpWbgSwQJduAqZbN1MFgmII4hhFtGFDiYBmR6EDIx4wdaVuPMFfAJBcOs7CCK4ENwIPoDuIgRKTl3Sl5SdMaRHTH6/Rc+ZOuc/9dU5NTO16dPvPHd0eL2Mm59/8luMx1kMdkcRt7PYjkF0Poslu18FAPB/druq4o+q0dP9y5drsuMN1gUAbM59/v+38vr1Whrx3dnVBgBsxtVrb756aW/v8htlOY4rR1+c7GcRkb42/ZduxnsxjRtxISZxJ6J+UBhG/bSQmleqqprlZbIdLx7NTvZT8ujtH5r466+l15TfiUls18fuPm3U+Vf2Lu+UjYX8LNXxZHv+3ZS/GJN45m54KX+xJx/7Rbz0wkL952MSP70b78c0rtdFzPOf7pTlzz9GfPxWKi/ls9nJ/qgeN1dtdSefpW+HZ7tOAAAAAAAAAAAAAAAAAAAAAAA8Ws63e+eMot6/Jx1q99/ZuhP1NjdlZ3t5f54mn0Wcqxvz/YFiUFXVrIqvu/11LpRlWWXN+Hk+j2fzdmNBAAAAAAAAAAAAAAAAAAAAeMwdf/jR4cF0euPWQ2m0b/KPUUT8dTXiQX/O7sKR52P94FF7zoPpdNA2l8fki0diqxuTRawtI/KI3q7vU/phzVjdeCJ+/bO365tve1Ppio7z6Osa3/+kw3jgUp+er8UHw2Yeewd3d9fhQdY/h6OiOzJOCxerC1dEfxnD1Zkv/qnU7lY83QUWvV2Tfz1RxVN1Y7ZmTGTrfi9e/r0pe+EqlsYU9az2xodtYyG+cm/0r8VKI8ZN/N6/FZndOgAAAAAAAAAAAAAAAAAAYKPm7/69t+9ctjY6qEabqwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAztL88/9P08iXw6dIFXHr+L+6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4ffwcAAP//IjRTsQ==")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r3, 0x0)
syz_usb_connect$cdc_ecm(0x6, 0x5e, &(0x7f0000000000)=ANY=[], 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xfc778000)
write(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0)

2.629876118s ago: executing program 1 (id=833):
socket$kcm(0x10, 0x2, 0x0)
mbind(&(0x7f0000bdf000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x2, 0x0)
openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f00000000c0)={0x385001, 0x107, 0xc}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000008c0)='./file1\x00', 0x1008490, &(0x7f0000000a40)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000001500)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x3, 0x1, 0x246, 0x8000000000000001, 0xfffffffffffffffa, 0xfffffffffffffffb, 0x10000000000000, 0x7fff, 0x9b})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000200)=@raw={'raw\x00', 0x3c1, 0x3, 0x308, 0x128, 0x1170, 0x1170, 0x128, 0x1170, 0x238, 0x1398, 0x1398, 0x238, 0x1398, 0x3, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @multicast2}, @private2={0xfc, 0x2, '\x00', 0x1}, [0xffffffff, 0xff000000], [0x0, 0x0, 0x0, 0xffffff00], 'veth0_vlan\x00', 'veth0_to_hsr\x00', {}, {}, 0x2e, 0x0, 0x0, 0x46}, 0x0, 0x108, 0x128, 0x0, {}, [@common=@inet=@socket2={{0x28}, 0x1}, @common=@unspec=@quota={{0x38}, {0x1, 0x0, 0x80000000, {0x9}}}]}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x2, 0x9, 0xf, 0xd18, 'syz0\x00', 'syz1\x00', {0x7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x368)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./bus\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x41, 0x2c8, &(0x7f0000000580)="$eJzs3M9rE1sUwPHzkrwmTWmTB48HT1APutFNaOPCpQZpQQwotSnqQpjaiYaMSZkJlYjYbMStf0dx6U5Q/4FuxI17d0UQ3HQhjnRm0k7atEk1v0q/Hyj3ZM493NtkWs4MZDbvvHpcLjqZolGTSEIlItKQLZH0dhT4KxgjXjwmYQ25OPH98+nbd+/dyOXzs/Oqc7mFS1lVnTr77smz1+c+1CYW30y9jctG+v7mt+yXjbGN/zd/LjwqOVpytFKtqaFL1WrNWLJMXS455YzqLcs0HFNLFce0W/JFq7qyUlejsjyZXLFNx1GjUteyWddaVWt2XY2HRqmimUxGJ5NygkVEYl1MK6zPzxu5A9NutKebQt+Ntzto27lG+2RhfQB7AgAAI+bw/t/v9Q/u//OL/niU/v+/zv2/CP1/nzRaXnXo/3FcXQ6f/badM5LB328r+n8AAAAAAAAAAAAAAAAAAAAAAI6DLddNua6b2h6DQ97ruIgkRMQN8kPeJvok/Pm7oZ8On/+VIW0XPRb64l5CxHq5Wlgt+KOfzxWlJJaYMi0p+eGdDwE/nruen51WT1reW2tB/dpqISrxZn1Tul39mX9m/Hptrf9bkuH1s5KSf9uvn21bPyYXzofqM5KSjw+kKpYse+f1bv3zGdVrN/N76se9eQfo5uEaAAAAAACMjIzu2Hf97uW9CQnZn/frQ/cHXNddO+z+wJ7r65ic4ioaAAAAAICBcOpPy4ZlmfZvBHER+YPy3geuKzL8bURlNN6N1uCqiIzANgYVJETEP6Lt5sQ6lH/dKe9qUbeLOTER2Q6iI/H+dA6G/Z8JAAAAQK/tNv1HKPr0oo87AgAAAAAAAAAAAAAAAAAAAAAAAAAAAADg5On2eWDN+ftSzcQh5aHlogP/BQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAR8isAAP//RZUcDw==")
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x4db, 0x20081, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, @perf_bp={0x0, 0x8}, 0x2, 0x0, 0x10ffe, 0x0, 0x2, 0x80000011, 0x1, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x64, 0x6, 0x0, 0x0, 0x0, 0x6, 0x8102, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc090, 0x2, @perf_bp={0x0, 0x3}, 0xd, 0x0, 0x11000, 0x7, 0x4, 0x6, 0x0, 0x0, 0x0, 0x0, 0xa7}, 0x0, 0xc, 0xffffffffffffffff, 0x9)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xc07, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0xfd], 0x0, [0x1, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x5c4, 0x8000, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20000000)

2.482032392s ago: executing program 2 (id=834):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x90040c, &(0x7f0000000680)={[{@errors_remount}, {@lazytime}, {@discard}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@mblk_io_submit}, {@sb={'sb', 0x3d, 0x100400000000000}}]}, 0x3, 0x439, &(0x7f0000002380)="$eJzs3MtvG0UYAPBv105LXyRU5dEHECiIikfSpKX0wAUEEgeQkOBQjiFJq1K3QU2QaFVBQKgcUSXuiCMSfwEnuCDghMQV7qhShXJp4WS09m5iO3aauE5c8O8nrTuzO9bM592xZ3a6CWBgjWYvScTuiPg9Iobr2eYCo/V/bi1dmf576cp0EtXqW38ltXI3l65MF0WL9+0qMuWI9LMkDrapd/7S5XNTlcrsxTw/vnD+/fH5S5efO3t+6szsmdkLkydPHj828cKJyed7EmcW180DH80d2v/aO9femD517d2fv02K+Fvi6JHRtQ4+Wa32uLr+2tOQTsp9bAgbUqp30xiq9f/hKMXKyRuOVz/ta+OATVWtVqsPdD68WAX+x5LodwuA/ih+6LP5b7Ft0dDjrnDjpfoEKIv7Vr7Vj5QjzcsMtcxve2k0Ik4t/vNVtsXm3IcAAGjyfTb+ebbd+C+NxvtC9+ZrKCMRcV9E7I2IExGxLyLuj6iVfTAiHtpg/a2LJKvHP+n1rgJbp2z892K+ttU8/itGfzFSynN7avEPJafPVmaP5p/JkRjanuUn1qjjh1d++6LTscbxX7Zl9Rdjwbwd18vbm98zM7UwdScxN7rxScSBcrv4k+WVgCQi9kfEgS7rOPv0N4c6Hbt9/GvowTpT9euIp+rnfzFa4i8ka69Pjt8Tldmj48VVsdovv159s1P9dxR/D2Tnf2fb6385/pGkcb12fuN1XP3j845zmm6v/23J2037PpxaWLg4EbEteb3e6JX9pYuTLeUmV8pn8R853L7/742VT+JgRGQX8cMR8UhEPJq3/bGIeDwiDq8R/08vP/Fe9/Fvriz+mQ2d/5XEtmjd0z5ROvfjd02Vjmwk/uz8H6+ljuR71vP9t552dXc1AwAAwH9PGhG7I0nHltNpOjZW/z/8+2JnWpmbX3jm9NwHF2bqzwiMxFBa3OkabrgfOpFP64v8ZEv+WH7f+MvSjlp+bHquMtPv4GHA7erQ/zN/lvrdOmDTdbeOlva8HcDW87wmDC79HwaX/g+Dq03/39GPdgBbr93v/8d9aAew9coNr/nfBAMGhPk/DC79HwaX/g8DaX5H3P4heQmJVYlI74pmSGxSot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xbwAAAP//1Xjmag==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000004f0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000cb00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$kcm(0x2, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r1}, 0x0, &(0x7f00000002c0)}, 0x20)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500), 0xc)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0xc}, 0x11c022, 0x101, 0x0, 0x0, 0x0, 0xfffffffd, 0x5, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x6, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000036690f620081e2f69500200c0000001800"/32], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10}, 0x2d)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x2802, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x40, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xfffffffd, {0x0, 0x0, 0x0, r4, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4000)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000005c0)=@newtfilter={0x70, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0xa, 0x4}, {0x0, 0x1}, {0x7, 0x5}}, [@filter_kind_options=@f_basic={{0xa}, {0x40, 0x2, [@TCA_BASIC_EMATCHES={0x3c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x201}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0x6, 0x1, 0xff82}, {0x0, 0x9, 0x78, 0x4, 0x6}}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x6, 0x7, 0x2}, {{0x4, 0x1, 0x1, 0x1}, {0x1}}}}]}]}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x20041090}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x2a, 0x4e21, @broadcast}, 0x10, 0x0}, 0x44060)
close(0xffffffffffffffff)
r5 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r5, 0x29, 0x14, 0x0, 0x14)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, 0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
close(0x3)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x3, 0x0, 0x7fff0006}]})
setuid(0xee00)
socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000280)={@local, 0x7ff, 0x0, 0x103, 0x1}, 0x20)

2.000874857s ago: executing program 0 (id=836):
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300))
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401f, 0x68180, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x6f, 0x1, @perf_bp={0x0, 0x1}, 0x400, 0x0, 0x7, 0x4, 0x6, 0x8001, 0x7fff}, 0x0, 0xff6fbfffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x100000a, 0x204031, 0xffffffffffffffff, 0xec776000)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000100)={0x18, 0x0, {0xfffd, @random="c0c13c2baeb6", 'macvlan1\x00'}}, 0x1e)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
bind$netlink(r2, 0x0, 0x0)
sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newlink={0x44, 0x10, 0x40d, 0x70bd2d, 0x1ffffffc, {0x0, 0x0, 0x0, 0x0, 0x60866}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x2}, @IFLA_BOND_XMIT_HASH_POLICY={0x5, 0xe, 0x4}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x200e3}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xb320a000)
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
sendmsg$IPSET_CMD_PROTOCOL(r3, &(0x7f0000000540)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={0x0}, 0x1, 0x0, 0x0, 0x48000}, 0x40840)
fcntl$lock(r3, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000680)=@o_path={&(0x7f00000001c0)='./file0\x00'}, 0x18)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r4, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x14)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
symlink(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='./file0\x00')

2.000533887s ago: executing program 2 (id=837):
syz_mount_image$iso9660(&(0x7f0000000380), &(0x7f00000000c0)='./file0\x00', 0x204818, &(0x7f0000000180), 0xff, 0x55a, &(0x7f0000000940)="$eJzs3V1v01gawPHHpV2irFShZYVQVeBQdqUileAkEBRx5XVO0gOJHdkOaq9QRVNUkcKKstK2Nyw37K40czv3zOV8iPlGaD7BaEa2k77QJJ6+0un8fxGcE/vY5zlu5KdO4xMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABiuTXbLlrSNF5nSY3m1gK/tfu0v/WBBXJ3XzGmXxEr/ie5nFxPF13/6+7qa/F/czKbPpuVXFzkZPvP1648vjo5Mdh+TMCH8v0R97S5tf1qpdfrvj2pQM6hG5dHr2toz4S+aTkNrUzoq2qlYt9frIeqbpo6XA4j3VJuoJ3ID9S8e1cVq9Wy0oVlv+M1ak5TDxY+uley7Yp6UmhrJwh97/6TQugummbTeI2kTbw6bvMofiE+NZGKtNNSam291y1nDSBuVPwtjUpZjUp2qVQslkrFysPqw0e2PXlggf0FOdDi5F60+H06wbM3cDwT/fwvTTHiSUeWRA19uFKTQHxpjVjfN8j/f7+vx/a7N/8Psvz13dUzkuT/m+mzm6Py/4hYzu6xKVuyLa9kRXrSk668HdbKGozq8Ps/2lZn92iIFk+MhOKLkZY4yRLVX6KkKhWpiC3PZVHqEoqSuhhpipZQliWUSHTyinIlEC2OROJLIErmxZW7oqQoValKWZRoKciy+NIRTxpSEyfZy5qsJ8e9LMoaeQzX5ErSqDhyGPnBT6grpTGjJf/j+E7mxA2cgF8G+R8AAAAAAFxYVvLue3z9PyU3klrdNLX9tcMCAAAAAAAnKPnL/2xcTMW1G2Jx/Q8AAAAAwEVjJffYWSKSl1tpbU2s5HYp3gQAAAAAAOCCSP7+fzMukjlQbom1M6cK1/8AAAAAAFwQ/8ucYz9sX7Z+/EmCYMr60F76m7WRzM3rbFxKt7v05R6j+ow13d9JUlTSYnLS1bNWLm20Mwnm536xlhWHtRuAsxPAfw4TwNVJ+UZup21ur6bl6mBN2ku+bpq64PrNx0VxnOmJSC9F/3q9/m9Jhv9/rzVt5WS91y28eNNbTWL5EO/lw0Z/AsUD8yiOieVdMt9Ccs/F0BFPJTdi9PvNW7K23uvae8c/kW4+sb/H99Nj+vwoc2mruf6Mt/n948/FfRYLo0bfj6J4zJF/lDtpmzvzd9JiSBSlrChKe6MYfiyOH0U5K4ryMaMAgK9lLSMLWXIg7x7hLHe07C6HzO4fZT5tMz+TnFgnZ4ac0e2sM7p9zOz2w4HvQBqVY+N+v/0iq36KN/g0st+wWbLiQ3jp3cY/5drm1va99Y2Vl92X3delUrliP7DthyWZSobRL8g9AIAh9n7HjjU0/w9a/Pxd2vBg7n6QcVX9l52PFBTkhbyRnqzKQnK3QfKJg6G/EeT3fAxhIeOqNZ+kyfQbXhbGXNX9KbnLYbDf0ti2+2Mon/4PAgCAMzSXkYet7G/hsxYyrrv35/LxV8e7bYtnfCQAAPjj0MFnKx/91woC035erFaLTrSoVeC7T1Vgag2tjBfpwF10vIZW7cCPfNdvxpVnpqZDFXbabT+IVN0PVNsPzVIyfaDqf/V7qFuOFxl38Da263uR40aqZkJXtTv/aJpwUQfJxmFbu6ZuXCcyvqdCvxO4uqBUqPWehqamvcjUTVz1VDswLSfIqWd+s9PSqqZDNzDtyE93OOjLeHU/aCW7LXzlYw0AwHmxubX9aqXX6749xcrQjnNnPlQAANCXkaUBAAAAAAAAAAAAAAAAAAAAAMA5cBb3/1G54JXBVNDnJR4qJ1DJPHW8P/WTE4BT9WsAAAD//3nnTbg=")
r0 = open(&(0x7f0000000140)='.\x00', 0x8000, 0x112)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300))
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x20)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000980)='./file0\x00', 0x0, 0x51)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0xdb, 0xa, 0xa, 0xfe00, 0x50, 0x71, 0x10, 0x1a}}, &(0x7f0000000480)='syzkaller\x00', 0x5}, 0x90)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0xb3d)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000080)={0x208, 0x0, 0x8000000, 0xf5, 0x80000})
socket$nl_generic(0x10, 0x3, 0x10)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

1.744188616s ago: executing program 2 (id=838):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioperm(0x7, 0x81, 0x2)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x401c2, 0x0)
ftruncate(r1, 0x4)
r2 = gettid()
timer_create(0x0, &(0x7f0000001640)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000600)={<r3=>0xffffffffffffffff})
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000440)={'bond_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x58, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x215}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_PROTOCOL={0x6, 0x5, 0x88a8}]}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_BROADCAST={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x15}}]}, 0x58}, 0x1, 0xba01}, 0x0)
ioctl$TIOCCONS(r1, 0x541d)
sendfile(r3, r1, 0x0, 0x578410eb)
sendfile(r3, r1, 0x0, 0x100000000)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c0000000706eeffffffffffffff0000010000070500010007000000"], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

1.617554339s ago: executing program 1 (id=839):
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4, @perf_bp={0x0, 0xb}, 0x102260, 0x10000, 0x0, 0x1, 0x4, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x2000000020000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x86)
fchdir(r1)
openat(0xffffffffffffff9c, &(0x7f0000001740)='.\x00', 0x515001, 0x488)

1.436953775s ago: executing program 1 (id=840):
close(0x3)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r0, &(0x7f0000003340)=[{{&(0x7f00000003c0)={0xa, 0x4e22, 0x3, @empty, 0x9}, 0x1c, &(0x7f0000001b00)}}, {{&(0x7f0000001bc0)={0xa, 0x4e20, 0x8, @loopback, 0x3}, 0x1c, &(0x7f00000021c0)=[{&(0x7f0000001c00)="1b", 0x1}], 0x1}}], 0x2, 0x40)
sendto$inet6(r0, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c)

1.436605875s ago: executing program 3 (id=841):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmmsg$inet(r0, &(0x7f0000005380)=[{{0x0, 0x0, &(0x7f0000002c80)=[{&(0x7f0000000340)}], 0x1, &(0x7f0000002d00)=[@ip_tos_int={{0x14, 0x0, 0x1, 0xfff}}], 0x18}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{&(0x7f0000004e40)={0x2, 0x4e22, @local}, 0x10, &(0x7f0000005000)=[{&(0x7f0000004e80)="77b3463f8c779af63103bc4400da7540048bb2a1b72e5ba9d911d1605211c62676b89865c469dab631c8f35ba801f39c4f0fdbeeda285d305fc33564635bed161a1ad6377d28ec88582db796bddb0e34154b33ffa2595e8f0419eeace4a50ea77b6354e8c0ecaac3ddfc7bfe339407f7f9eb9b77c2765253559984213ed0c404a1b673f658bffe5c65111275d1744a0d14c893b92c4a87108425bd52519d15b155b3db058483d844573b4475e6340abdb769aee2e8bb3e8873f27cab1f", 0xbd}, {&(0x7f0000004f40)="d4827732ba81ea186c667682cd7249d55bb19e37527592cdc7fa0f819b1cc0cd8802ec7a143b79aa26869dcae2f422f58c89406a8390a27240fcdc6efc76f3df8befd3e40b328d4f165602110eb05b73ad1d68cca55ac8811ba49fb9de7cd139a145deabdab63d34fcae1e1e59f72b5f8870d9de577ef64d3fb9daf35f84b42b1e3276adef1ac86b5eb0cce15ca29198b0e9c8d935b51b0e0787c2af", 0x9c}], 0x2}}], 0x4, 0x20001081)

1.429503366s ago: executing program 3 (id=842):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x40440, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5})
ioctl$TUNSETPERSIST(r0, 0x400454c9, 0x1)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x40000000000001)

1.369407177s ago: executing program 3 (id=843):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3c, 0x3c, 0x4, [@enum64={0x8, 0x4, 0x0, 0x13, 0x1, 0xc, [{0xd, 0x8, 0xf}, {0x9, 0x2, 0x9}, {0x7, 0x0, 0x400}, {0x9, 0x3, 0x7fffffff}]}]}, {0x0, [0x5f, 0x5f]}}, &(0x7f00000000c0)=""/107, 0x58, 0x6b, 0x1, 0x1000}, 0x28)
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000540)='./file0\x00', 0x204818, &(0x7f0000000380)={[{@map_acorn}, {@nojoliet}, {@map_acorn}, {@mode={'mode', 0x3d, 0x8000}}, {@utf8}, {@gid}]}, 0x1, 0x54a, &(0x7f0000000580)="$eJzs3V1v09YfwPGfS/snyl+qpjEhVBU4lE0qUglOAkERN/Ock/SAY0e2g9orVNEUVaQwUSatvWHcsE3aXgS73IvYO0J7CZtsJ32geQD6xKrvJ4JzYh/7/I4b+Se38bEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACx3JptFy3xjN9eUsO5tTBo7r7tbX1ggdzYV4zoV8RK/kkuJ5eyRZe+2l19MflvTmazd7OSS4qcbP//4hf3LkxO9LcfEfBH+eMT97S5tf10pdvtvDiqQD5Dl88r9e2Q49PQvokC03QaWpkoUNVKxb61WI9U3Xg6Wo5i3VRuqJ04CNW8e0MVq9Wy0oXloO03ao6n+wvv3izZdkXdL7S0E0aBf+t+IXIXjecZv5G2SVYnbe4mH8QHJlaxdppKra13O+VxA0gaFT+kUWlco5JdKhWLpVKxcqd6565tTx5YYL9HDrQ4ug8t/puO8OwNHM5EL/+LJ0Z8acuSqIEvV2oSSiDNIet7+vn/m1t6ZL97838/y1/aXT0jaf6/kr27Miz/D4nl5F6bsiXb8lRWpCtd6ciLU4/oZF8N0eKLkUgCMdIUJ12iekuUVKUiFbHlkSxKXSJRUhcjnmiJZFkiiUWnnyhXQtHiSCyBhKJkXly5IUqKUpWqlEWJloIsSyBt8aUhNXHSvazJenrcy6KsYTHuNCoOHUa+/7nrSGnEaMn/OLwjPX8Dh/FPP/8DAAAAAIAzy0p/+55c/0/J5bRWN562TzssAAAAAABwhNK//M8mxVRSuywW1/8AAAAAAJw1VnqPnSUiebma1dbESm+X4pcAAAAAAACcEenf/68kRToHylWxdqZL4fofAAAAAIAz4pexc+xHrfPWX39LGE5Zr1tLX1sb6dy8zsa5bLtz7+8xrs9Y072dpEUlKyYnXT1r5bJGO5NgvusVa+PisHYDcHYC+OljArgwKb/JtazNtdWsXO2vyXrJ142nC27g3SuK40xPxHop/uHZ+o+SDv9Xvzlt5WS92yk8ft5dTWN5nezl9UZvAsUD8yiOiOVlOt9Ces/FwBFPpTdi9PrNW7K23u3Ye8c/kW0+sb/HV9Mj+nwjc1mrud6Mt/n9488lfRYLw0bfi6J4yJG/ketZm+vz17NiQBSlcVGU9kYx+FgcPoryuCjKh4wCAE7L2pgsZMmBvPsJZ7lPy+7ykdn9jcxnbeZn0hPr5MyAM7o97oxuHzK7/XngGUjDcmzS7+/vZdW3yQZvh/YbeSUrOYTnXm58Lxc3t7Zvrm+sPOk86TwrlcoV+7Zt3ynJVDqMXkHuAQAMsPcZO9bA/D/2KTzW7TFX1V/ufKWgII/luXRlVRbSuw3SbxwM3Gt+z9cQFsZctebTNJk94WVhxFXd/9K7HPr7LY1suz+G8gn8JAAAODlzY/Lwh+T/hTHX3ftz+eir4/yep7UBAIDjocN3Vj7+2QpD03pUrFaLTryoVRi4D1Roag2tjB/r0F10/IZWrTCIAzfwkspDU9ORitqtVhDGqh6EqhVEZimdPlD1Hv0e6abjx8aNWp52Iq3cwI8dN1Y1E7mq1f7OM9GiDtONo5Z2Td24TmwCX0VBO3R1QalI6z0NTU37sambpOqrVmiaTphTDwOv3dSqpiM3NK04yHbY78v49SBsprstnPbBBgDgM7G5tf10pdvtvDjGysCOcyc+VAAA0DMiS58/lYAAAAAAAAAAAAAAAAAAAAAAAMABJ3H/H5UzXulPBf25xEPlCCpjTx2vjv3kBOBY/RsAAP//NNZPlg==")

1.27260117s ago: executing program 2 (id=844):
r0 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x8309}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0x850)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a88000000060a010400000000000000000a0000010900010073797a31000000005c000480580001800b0001007461726765740000480002802c0003009ac4200083f0afb9fdd672bad09dfb78c7699c74e82fa0c70000000000000000000000000000000008000240000000000e00010049444c4554494d45520000000900020073797a32"], 0xb0}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f00000001c0)=0x4)
fstat(r0, &(0x7f0000000440))
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x7ffa, 0x1, 0x8002, 0x5, 0x10000001, 0x8001, 0x1}, 0x1c)
mmap(&(0x7f0000001000/0x3000)=nil, 0x30000, 0x0, 0x11, r3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r6, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x1, 0x803, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=@newlink={0x4c, 0x10, 0x403, 0x58bd28, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90646, 0x20}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x1}, @IFLA_VLAN_PROTOCOL={0x6, 0x5, 0x88a8}]}}}, @IFLA_LINK={0x8, 0x5, r9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x600}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4408}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_TTL_INHERIT={0x5, 0xc, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
mremap(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000007000/0x1000)=nil)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r3, 0xc400941d, &(0x7f0000000b40)={0x0, 0x100000001, 0x9, 0x1})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00'})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)

1.2722278s ago: executing program 3 (id=845):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x40440, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r2 = syz_clone(0x1011, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$pokeuser(0x6, r2, 0x28, 0x5)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
r3 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f00000000c0)='illinois', 0x8)
sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, 0x0, 0x2000c800)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0x801, 0xfffffffd, 0x8000000, {0x0, 0x0, 0x0, 0x0, 0x0, 0x404a3}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4040000}, 0x5084)
sendto$inet(r1, &(0x7f0000000300)="89", 0x1, 0x4044880, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5})
ioctl$TUNSETPERSIST(r0, 0x400454c9, 0x1)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x40000000000001)

1.089063766s ago: executing program 2 (id=846):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="ea4f94d4fb57e996d59b7a5d8ce355fbebee750f2fbc06ae98942a0db26de1f8e381592f9648373a53be477843f72d15ac51f49701a66d3f8ba3aa20079237f066ff08c6db448799730a"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xf8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x6, 0xffffffff}, 0x8, 0x10, &(0x7f00000000c0), 0x10}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
fsetxattr$system_posix_acl(r1, &(0x7f0000000100)='system.posix_acl_access\x00', &(0x7f0000000380)={{}, {}, [], {0x4, 0x1}, [], {0x10, 0x7}, {0x20, 0x2}}, 0x24, 0x2)
accept4$packet(r1, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000480)=0x14, 0x800)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x3, @loopback={0x100000}, 0x6}, 0x1c)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfe33)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x200000000000000}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount$9p_rdma(&(0x7f00000013c0), &(0x7f0000000100)='.\x00', &(0x7f0000001440), 0x200800, &(0x7f0000000080)=ANY=[@ANYBLOB="7472616e73020000002c706f72743d3078303030303030304730303030346532302c72713d3078303030303030303000000000303030332c00"])
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x20, r2, 0x100, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @void, @void}}, [@NL80211_ATTR_MESH_ID={0xa}]}, 0x20}}, 0x10)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000380)={0xfffffff8, 0x0, 0x0, 'queue0\x00'})
ppoll(&(0x7f00000002c0)=[{r3, 0xc043}], 0x1, 0x0, 0x0, 0x0)
write$sndseq(r3, &(0x7f0000000000)=[{0x1e, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x1001a)

1.085042217s ago: executing program 0 (id=847):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000008061121c000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000300)={'gre0\x00', &(0x7f0000000240)={'syztnl1\x00', <r0=>0x0, 0x40, 0x8, 0x8, 0x9, {{0x1f, 0x4, 0x3, 0x31, 0x7c, 0x65, 0x0, 0x8, 0x4, 0x0, @broadcast, @multicast2, {[@rr={0x7, 0x13, 0xc1, [@multicast2, @remote, @multicast2, @broadcast]}, @noop, @lsrr={0x83, 0x7, 0x80, [@rand_addr=0x64010100]}, @noop, @generic={0x82, 0xf, "ef1c0b51555804c7acd903612c"}, @timestamp_addr={0x44, 0x3c, 0xdb, 0x1, 0x7, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x100}, {@rand_addr=0x64010100, 0x5}, {@remote, 0x4}, {@rand_addr=0x64010100}, {@rand_addr=0x64010100, 0xffffff80}, {@rand_addr=0x64010100, 0x6}, {@broadcast, 0xee}]}]}}}}})
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000440)={{0x1, <r2=>0xffffffffffffffff}, &(0x7f00000003c0), &(0x7f0000000400)='%pi6   \x00'}, 0x20)
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x2, &(0x7f00000000c0)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @call={0x85, 0x0, 0x0, 0x92}], &(0x7f0000000100)='GPL\x00', 0xfffffff9, 0xcc, &(0x7f0000000140)=""/204, 0x41000, 0x48, '\x00', r0, 0x0, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000380)={0x4, 0xb, 0x8, 0x8}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000480)=[r2], 0x0, 0x10, 0x81}, 0x94)

956.23742ms ago: executing program 0 (id=848):
syz_mount_image$iso9660(&(0x7f0000000380), &(0x7f00000000c0)='./file0\x00', 0x204818, &(0x7f0000000180), 0xff, 0x55a, &(0x7f0000000940)="$eJzs3V1v01gawPHHpV2irFShZYVQVeBQdqUileAkEBRx5XVO0gOJHdkOaq9QRVNUkcKKstK2Nyw37K40czv3zOV8iPlGaD7BaEa2k77QJJ6+0un8fxGcE/vY5zlu5KdO4xMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABiuTXbLlrSNF5nSY3m1gK/tfu0v/WBBXJ3XzGmXxEr/ie5nFxPF13/6+7qa/F/czKbPpuVXFzkZPvP1648vjo5Mdh+TMCH8v0R97S5tf1qpdfrvj2pQM6hG5dHr2toz4S+aTkNrUzoq2qlYt9frIeqbpo6XA4j3VJuoJ3ID9S8e1cVq9Wy0oVlv+M1ak5TDxY+uley7Yp6UmhrJwh97/6TQugummbTeI2kTbw6bvMofiE+NZGKtNNSam291y1nDSBuVPwtjUpZjUp2qVQslkrFysPqw0e2PXlggf0FOdDi5F60+H06wbM3cDwT/fwvTTHiSUeWRA19uFKTQHxpjVjfN8j/f7+vx/a7N/8Psvz13dUzkuT/m+mzm6Py/4hYzu6xKVuyLa9kRXrSk668HdbKGozq8Ps/2lZn92iIFk+MhOKLkZY4yRLVX6KkKhWpiC3PZVHqEoqSuhhpipZQliWUSHTyinIlEC2OROJLIErmxZW7oqQoValKWZRoKciy+NIRTxpSEyfZy5qsJ8e9LMoaeQzX5ErSqDhyGPnBT6grpTGjJf/j+E7mxA2cgF8G+R8AAAAAAFxYVvLue3z9PyU3klrdNLX9tcMCAAAAAAAnKPnL/2xcTMW1G2Jx/Q8AAAAAwEVjJffYWSKSl1tpbU2s5HYp3gQAAAAAAOCCSP7+fzMukjlQbom1M6cK1/8AAAAAAFwQ/8ucYz9sX7Z+/EmCYMr60F76m7WRzM3rbFxKt7v05R6j+ow13d9JUlTSYnLS1bNWLm20Mwnm536xlhWHtRuAsxPAfw4TwNVJ+UZup21ur6bl6mBN2ku+bpq64PrNx0VxnOmJSC9F/3q9/m9Jhv9/rzVt5WS91y28eNNbTWL5EO/lw0Z/AsUD8yiOieVdMt9Ccs/F0BFPJTdi9PvNW7K23uvae8c/kW4+sb/H99Nj+vwoc2mruf6Mt/n948/FfRYLo0bfj6J4zJF/lDtpmzvzd9JiSBSlrChKe6MYfiyOH0U5K4ryMaMAgK9lLSMLWXIg7x7hLHe07C6HzO4fZT5tMz+TnFgnZ4ac0e2sM7p9zOz2w4HvQBqVY+N+v/0iq36KN/g0st+wWbLiQ3jp3cY/5drm1va99Y2Vl92X3delUrliP7DthyWZSobRL8g9AIAh9n7HjjU0/w9a/Pxd2vBg7n6QcVX9l52PFBTkhbyRnqzKQnK3QfKJg6G/EeT3fAxhIeOqNZ+kyfQbXhbGXNX9KbnLYbDf0ti2+2Mon/4PAgCAMzSXkYet7G/hsxYyrrv35/LxV8e7bYtnfCQAAPjj0MFnKx/91woC035erFaLTrSoVeC7T1Vgag2tjBfpwF10vIZW7cCPfNdvxpVnpqZDFXbabT+IVN0PVNsPzVIyfaDqf/V7qFuOFxl38Da263uR40aqZkJXtTv/aJpwUQfJxmFbu6ZuXCcyvqdCvxO4uqBUqPWehqamvcjUTVz1VDswLSfIqWd+s9PSqqZDNzDtyE93OOjLeHU/aCW7LXzlYw0AwHmxubX9aqXX6749xcrQjnNnPlQAANCXkaUBAAAAAAAAAAAAAAAAAAAAAMA5cBb3/1G54JXBVNDnJR4qJ1DJPHW8P/WTE4BT9WsAAAD//3nnTbg=")
r0 = open(&(0x7f0000000140)='.\x00', 0x8000, 0x112)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300))
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x20)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000980)='./file0\x00', 0x0, 0x51)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0xdb, 0xa, 0xa, 0xfe00, 0x50, 0x71, 0x10, 0x1a}}, &(0x7f0000000480)='syzkaller\x00', 0x5}, 0x90)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0xb3d)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000080)={0x208, 0x0, 0x8000000, 0xf5, 0x80000})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

874.543183ms ago: executing program 0 (id=849):
socket$kcm(0x10, 0x2, 0x0)
mbind(&(0x7f0000bdf000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x2, 0x0)
openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f00000000c0)={0x385001, 0x107, 0xc}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000008c0)='./file1\x00', 0x1008490, &(0x7f0000000a40)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000001500)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x3, 0x1, 0x246, 0x8000000000000001, 0xfffffffffffffffa, 0xfffffffffffffffb, 0x10000000000000, 0x7fff, 0x9b})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000200)=@raw={'raw\x00', 0x3c1, 0x3, 0x308, 0x128, 0x1170, 0x1170, 0x128, 0x1170, 0x238, 0x1398, 0x1398, 0x238, 0x1398, 0x3, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @multicast2}, @private2={0xfc, 0x2, '\x00', 0x1}, [0xffffffff, 0xff000000], [0x0, 0x0, 0x0, 0xffffff00], 'veth0_vlan\x00', 'veth0_to_hsr\x00', {}, {}, 0x2e, 0x0, 0x0, 0x46}, 0x0, 0x108, 0x128, 0x0, {}, [@common=@inet=@socket2={{0x28}, 0x1}, @common=@unspec=@quota={{0x38}, {0x1, 0x0, 0x80000000, {0x9}}}]}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x2, 0x9, 0xf, 0xd18, 'syz0\x00', 'syz1\x00', {0x7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x368)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./bus\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x41, 0x2c8, &(0x7f0000000580)="$eJzs3M9rE1sUwPHzkrwmTWmTB48HT1APutFNaOPCpQZpQQwotSnqQpjaiYaMSZkJlYjYbMStf0dx6U5Q/4FuxI17d0UQ3HQhjnRm0k7atEk1v0q/Hyj3ZM493NtkWs4MZDbvvHpcLjqZolGTSEIlItKQLZH0dhT4KxgjXjwmYQ25OPH98+nbd+/dyOXzs/Oqc7mFS1lVnTr77smz1+c+1CYW30y9jctG+v7mt+yXjbGN/zd/LjwqOVpytFKtqaFL1WrNWLJMXS455YzqLcs0HFNLFce0W/JFq7qyUlejsjyZXLFNx1GjUteyWddaVWt2XY2HRqmimUxGJ5NygkVEYl1MK6zPzxu5A9NutKebQt+Ntzto27lG+2RhfQB7AgAAI+bw/t/v9Q/u//OL/niU/v+/zv2/CP1/nzRaXnXo/3FcXQ6f/badM5LB328r+n8AAAAAAAAAAAAAAAAAAAAAAI6DLddNua6b2h6DQ97ruIgkRMQN8kPeJvok/Pm7oZ8On/+VIW0XPRb64l5CxHq5Wlgt+KOfzxWlJJaYMi0p+eGdDwE/nruen51WT1reW2tB/dpqISrxZn1Tul39mX9m/Hptrf9bkuH1s5KSf9uvn21bPyYXzofqM5KSjw+kKpYse+f1bv3zGdVrN/N76se9eQfo5uEaAAAAAACMjIzu2Hf97uW9CQnZn/frQ/cHXNddO+z+wJ7r65ic4ioaAAAAAICBcOpPy4ZlmfZvBHER+YPy3geuKzL8bURlNN6N1uCqiIzANgYVJETEP6Lt5sQ6lH/dKe9qUbeLOTER2Q6iI/H+dA6G/Z8JAAAAQK/tNv1HKPr0oo87AgAAAAAAAAAAAAAAAAAAAAAAAAAAAADg5On2eWDN+ftSzcQh5aHlogP/BQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAR8isAAP//RZUcDw==")
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x4db, 0x20081, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, @perf_bp={0x0, 0x8}, 0x2, 0x0, 0x10ffe, 0x0, 0x2, 0x80000011, 0x1, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x64, 0x6, 0x0, 0x0, 0x0, 0x6, 0x8102, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc090, 0x2, @perf_bp={0x0, 0x3}, 0xd, 0x0, 0x11000, 0x7, 0x4, 0x6, 0x0, 0x0, 0x0, 0x0, 0xa7}, 0x0, 0xc, 0xffffffffffffffff, 0x9)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xc07, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0xfd], 0x0, [0x1, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x5c4, 0x8000, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20000000)

404.903407ms ago: executing program 1 (id=850):
r0 = memfd_create(&(0x7f0000000500)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x1c\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\x83\x11\v}k+\xeb\xc3\xc0O\xae\xd2\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\"\x9cc\x10d\xee\xa9\x8b\x06\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb901nEy\x82\x83\x80\xd3O\x00|hP\x00\x00\x00\x00\x00\x00\x00\x05\x86\xfe\xd9\xa5\xc6\nSy\xa3N\xba-]\'q\xc6\xfb\x02\x9a\xa9Z\xa8\x80Bx\xbd74\xcf\"\xa5\xea$\x95\xfd\x06T\xef\x89\xe4j\x06\xdc\x15\xe7\xc3\xb5H\xf7\xdc\xee\x182\xab\xe2?\"\xbewm\x9d\xd8x\xd92\xeeS/\xd2\xcd[\x9dcO1\xcb\x12lZ$\xa7\x9d\xf8b\xf6}\xc5``\xfe0\x8a\'v-\x99`?\x97\x8c\xdd\xd6\xfa\xa2\x06>\xf3\xe2uI\xe65C\xdb\x84\xe6eU\xe8RK\xd6=s\xcd\x9d\x1f#3\xc5\x16\xd0\xbbD\xc5\xde\xc8/\v\xa5W\xbep\x87\x15\x10\xcdm\xa7\x93\x01\x1c,9V8\xdc\xfd\xb7\xc0\xfc\x04\x00p\xad\x12\xb2\xbf\xfbFZ\x1a\f\x99\x05\xe4\x1eP\xed\x87\x89\xbeo\xfbv\xb6\x8a\xee\xf6Oc8\xaf\x11[\xc3\x98w-\xf0\xb2z\xc7\xaf;\x92\xad4\x1b\x92L\x97<\xbdh\x80\xf2\xc0\xd0n)K\xf2#Ncp\xe4\xb4\xfb\x94\x18\xc2-TWA\x13\xfe\xea\xad\v\xc4\xa5\x02\xf9\xed]\xf4\\\x01\xab\xdc\xf0m\xcb\x9a\xb6\xcdP\x93\xf2\xc3\x96\xf2\xc0\xd6-x\xd5\xd6\xc7\x9d\xa5\x1f\xd2t\xd7\x8f}b\x9749\xd4a7\x18\xe0\x91KV7[\xb8\x8dL\xc8\xc8\x8f>sbE\xf5\xa7\xdb|\xb0m\x16c\x84\r\"\xf2\x92s\xeb\xaf\x1c\x00\xf4\x8dL\xa5\x10\x89FB\xfb8\xf9\x9d\xcbm\x1c\x91\xe9fd$5\xdc\xad\xec\xef\x90\xd9\xefX\xd2m\x9e\xec\x94w\xb3\xf9\xd9\x0eu-z\x81\xbb\xa6\xc0\x00\xa1\xd9\xcbI\xda\xa3\b\x9e@\xb8\xc8k\xdeQ/\xb8X\x9c\xff4Np~\xc4\xc1_\x1c#zX\a\xd41\x1c\x7fH\x91\xd9k\x05\x1f\n\b\b\x88\xd6\xcf4i\xa0B\xe7\x9c\x9c\xe6\xcax\xca\xa1E#6\xe9\xf31W\xd0\x1bY3/\x00I#\xfa\xb0\f\xd5!\x9fR[\x0e\xdb`\xdb\x82M\'k\x16(\xfa\xc2\xec\x96e\\Q\xe9\x19\xe1u\x86\xcb\xc3\xb0\xb8\x19\xb9l\x1fk!R\xb1P\x8b\xda\xffE\x89\x97\n\x17m\xd10\x1a\xe7Qz\xd8\bi\x8dRw+\xa1^N\xaf\x1b\x1dg\x8f$\xbe\x93\x8d\x8b\xfd\r\xee<\x84\x95\x82)TH\xcac9\x98\x13WW@;\xb4\xd5\x0f\xa1\xb3xX(\x80\xe8\x89\xed e.\xe04\xba\x9c=\xc6\x04\f\xbf\x06\xce5\xf99GD8@\xd2\r\xd0\xdf@\xe3\xbe\"qq#]\x86W\tA\xa7\x91\x85\xae\x9c\x8dO\xa6\xa3\xf9i\x83\xc5\xa8C\x164\xef\xa4\\\a\xaa%\x94!3k]\xd5\xbe', 0x1)
r1 = dup(r0)
r2 = memfd_create(&(0x7f0000002600)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\"\x9cc\x10d\xee\xa9\x8b\x06\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb90a\xa9\xb2\x04\x1d\xa1\xce\x8b\x19\xea\xef\xe3\x00\x00\x00\x00\x00x\xdd\x02', 0x0)
copy_file_range(r2, 0x0, r1, 0x0, 0x7, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f00000000c0)={'ip6gre0\x00', @random="45650d6eb332"})
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="180000003d000b08d25a80648c7494f90324fc600b000240", 0x18}], 0x1}, 0x0)
gettid()
ioctl$VFAT_IOCTL_READDIR_SHORT(r3, 0x82307202, &(0x7f0000000800)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000180)='./file1\x00', 0x1210888, &(0x7f00000005c0)=ANY=[], 0x4a, 0x2e4, &(0x7f0000000340)="$eJzs3c+LG1UcAPDv7GYn4w/IHgRBhA7Yg6fi9iZeskgL4p4se6gedLEtyCYILSz4A2NPXr148OBfIAhe/C968T8QvIngzQqFkTeZbCbtNE2kqbT7+Vz2u+99v/Pem7zNJgt5+9Gr4+NrZdy4/eVvURRZbA1jGHez2I2tmPk6Fgy/DQDgaXa3quKvamqduiwiis1NCwDYoNV+//fm4c9PZFoAwAZdufr+u/sHB5feK6KIy+NvTg7TO/v0ddq/fyM+iVFcjzdiEPci6tcJzRv/FF+uqmrSK5PdOD+enBymyvGHd5rr7/8ZUdfvxSB2T8vqVxt1/TsHl/bq8rLfqp+keTzfjD9M9RdjEC+dFi/UX5zWl+36OMzj9dda878Qg/j14/g0RnGtnsS8/qu9sny7+u7vLz5I00v12eTksJ/y/pj/jaPaftKPDQAAAAAAAAAAAAAAAAAAAAAAz64L5ezwnfJcnB+npub8ne17eZPTpOzOq1L/NMpmTa3zgZJJFT9MjxTcWRhvfr5PL17ptQ8WBAAAAAAAAAAAAAAAAAAAgLPr1mefHx+NRtdvPpZgdhpALyL+uRLxX68zbLWci+XJ/WbMo9FoqwkXcu7k7ZbYnuVkEUunkRbxmG7Lo4LninTLOrp+/CktcJ0LFq2WN7sXuPOodV3tL9kbL68yjdnuOj7Kusfqx6ylaDbJ93nEac52dN2NriB/WFcV7e2Xlvziko2Ud3YN1n4o8xfqYPLQnH7XFm0Fb/0+7W9asrjvhyiv72rn6DtN0Cq/b2+stJ+jmJY/+FyR1ad19DfwLAQAAAAAAAAAAAAAAAAAAMTCZ7zTd78sdt6ehzsPlm5VPgoMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwDNi/v//1wgmTfEKyXncvPU/LxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAz4N8AAAD//6eKSmo=")
r4 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r4, r4, 0x0, 0x800000009)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='setgroups\x00')
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
close_range(r5, 0xffffffffffffffff, 0x0)

302.601791ms ago: executing program 3 (id=851):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x6, 0x4, 0x8, 0xc}, 0x50)
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x2c, 0x1, 0x0, 0x0, 0x0, 0x9, 0xf40d9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0}, 0x204, 0x0, 0x43a1bd76, 0x6, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200c}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000c3707bf4000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
lsetxattr$trusted_overlay_redirect(0x0, &(0x7f0000000100), &(0x7f0000000140)='./file0\x00', 0x8, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000bf080000000000007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

91.413567ms ago: executing program 1 (id=852):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmmsg$inet(r0, &(0x7f0000005380)=[{{0x0, 0x0, &(0x7f0000002c80)=[{&(0x7f0000000340)="117bad8d0ed50aa02c5ac087265309ee42460ddb674e1c63805e706248813f074d2852fad89669cd57a2c7b88ac9e1c725e3b30335b12f38ea51011d7a34460966cafe87a90a69171c07cf1dc63ccd2c46d5be080e92199386", 0x59}], 0x1, &(0x7f0000002d00)=[@ip_tos_int={{0x14, 0x0, 0x1, 0xfff}}], 0x18}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{&(0x7f0000004e40)={0x2, 0x4e22, @local}, 0x10, &(0x7f0000005000)=[{&(0x7f0000004e80)="77b3463f8c779af63103bc4400da7540048bb2a1b72e5ba9d911d1605211c62676b89865c469dab631c8f35ba801f39c4f0fdbeeda285d305fc33564635bed161a1ad6377d28ec88582db796bddb0e34154b33ffa2595e8f0419eeace4a50ea77b6354e8c0ecaac3ddfc7bfe339407f7f9eb9b77c2765253559984213ed0c404a1b673f658bffe5c65111275d1744a0d14c893b92c4a87108425bd52519d15b155b3db058483d844573b4475e6340abdb769aee2e8bb3e8873f27cab1f", 0xbd}, {&(0x7f0000004f40)="d4827732ba81ea186c667682cd7249d55bb19e37527592cdc7fa0f819b1cc0cd8802ec7a143b79aa26869dcae2f422f58c89406a8390a27240fcdc6efc76f3df8befd3e40b328d4f165602110eb05b73ad1d68cca55ac8811ba49fb9de7cd139a145deabdab63d34fcae1e1e59f72b5f8870d9de577ef64d3fb9daf35f84b42b1e3276adef1ac86b5eb0cce15ca29198b0e9c8d935b51b0e0787c2af", 0x9c}], 0x2}}], 0x4, 0x20001081)

25.026119ms ago: executing program 2 (id=853):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="1802000001000000000000000000000085000000a000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffefb702000008000000b7030000e2d40000850000007b00000095"], &(0x7f0000000680)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="0000000000000200000051229dc9", 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

24.103419ms ago: executing program 3 (id=854):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x410, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x13, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000fe1f702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000017000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r0, 0x0, 0xe, 0x0, &(0x7f00000000c0)="e0b9545dd30a2131677b2d0bfa91", 0x0, 0x27cb, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x3, @perf_bp={0x0, 0x9}, 0x6000, 0x4292, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$getownex(r1, 0x10, &(0x7f0000000480))
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0)
ioctl$PTP_SYS_OFFSET_PRECISE(r2, 0xc0403d08, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8001}, 0x844)
socket$pppoe(0x18, 0x1, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x670, 0x5, 0x350, 0x408, 0x408, 0xffffffff, 0x190, 0x408, 0x4f8, 0x4f8, 0xffffffff, 0x4f8, 0x4f8, 0x5, 0x0, {[{{@ip={@empty, @dev={0xac, 0x14, 0x14, 0x26}, 0xff000000, 0xff000000, 'vcan0\x00', 'rose0\x00', {}, {0xff}, 0xc, 0x2, 0xc}, 0x0, 0x70, 0xa8, 0x48}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x18, @remote, @rand_addr=0x64010102, @gre_key=0x4, @port=0x4e21}}}}, {{@ip={@loopback, @initdev={0xac, 0x1e, 0xe4, 0x0}, 0xffffffff, 0xff000000, 'team_slave_1\x00', 'veth0_to_hsr\x00', {0xff}, {}, 0x11, 0x0, 0x42}, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@ip={@multicast2, @broadcast, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_vlan\x00'}, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @random="5bdef0470748", 0x1, 0xb, [0x23, 0x3c, 0x2f, 0x7, 0x1a, 0xb, 0x33, 0x3e, 0xf, 0x10, 0x7, 0x25, 0x39, 0x3a, 0x1e, 0x2e], 0x1, 0x7, 0x5}}}, {{@uncond, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @rand_addr, @initdev={0xac, 0x1e, 0x1, 0x0}, @icmp_id, @gre_key=0x2}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3b0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
setsockopt$sock_timeval(r4, 0x1, 0x42, &(0x7f0000000340)={0x0, 0x2710}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r5}, &(0x7f00000006c0), &(0x7f0000000700)=r4}, 0x20)
recvmsg$unix(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000002380)=[{&(0x7f0000002480)=""/195, 0xc3}], 0x1}, 0x2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
r6 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, 0x0, 0x0)
setsockopt$inet6_int(r6, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4)
sendmmsg(r6, &(0x7f00000000c0)=[{{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x7080000, @ipv4={'\x00', '\xff\xff', @remote}, 0x8, 0x1}, 0x80, 0x0, 0x0, &(0x7f0000001580)=ANY=[@ANYBLOB="120000000000000029000000", @ANYRES64=r6], 0x108}}], 0x1, 0x20000014)
ptrace$setregs(0xd, r3, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
ptrace$getregset(0x4205, r3, 0x2, &(0x7f0000000080)={&(0x7f0000000000)=""/120, 0x78})
ptrace$getregset(0x4204, r3, 0x2, &(0x7f0000000740)={0x0})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))

0s ago: executing program 1 (id=855):
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0x100c404, &(0x7f0000000480)={[{@fat=@umask={'umask', 0x3d, 0x7}}, {@fat=@usefree}, {@dots}, {@fat=@uid={'uid', 0x3d, 0xee00}}, {@dots}, {@fat=@check_strict}, {@fat=@nfs_stale_rw}, {@fat=@check_normal}, {@dots}, {@dots}, {@dots}, {@nodots}, {@nodots}, {@fat=@debug}, {@fat=@quiet}, {@nodots}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x3}}, {@dots}, {@fat=@flush}, {@dots}, {@dots}, {@dots}, {@dots}, {@fat=@debug}, {@nodots}, {}]}, 0x1, 0x1f5, &(0x7f0000000600)="$eJzs3cFqE1EUANCbmCYTcdGdIAgjLnRV1C+oSAUxIFSy0J2gK7NqN6mb9jP8Bf/LD5CuspEncSadmKYxBDKj7Tmb3pn7Xt+7M2SSTW5SFL7f/RpZ1or2fuzHpBW70Y6ZswAArpNJSvEjFZreCwBQjzXe/3/WvCUAYMvevnv/+vlgcHCY51nE+dl4OB4Wf4v8y1eDgyf5b7vVrPPxeHjrIv80X/zsMM3vxO0y/6yYn1+kuxEx7Mbjh0V+mnvxZpD/Ob8XH7dcOwAAAAAAAAAAAAAAAAAAAAAANOV+5DNL+/vs7S3m+2W+OJrrD7TQv6cT9zrlYdUeKJ3WURQAAAAAAAAAAAAAAAAAAAD8Z45Pvnz+MBp9OqqCXkTMn+ksGXN10Cr/8VqDmw/asdn0flnmBou2yku03QL7y2/uOkF0/pW7s2mQ17BWf+XlTWkaLH8VzNpiXDm9GxGrV390uOnmJyml0bcHR8cnkVYOrp4RvVqfSAAAAAAAAAAAAAAAAAAAcHPNfev7kqyJDQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAA6rf/58Gl8+sDE4j4k78dfBsrZ3IGq0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA6+tXAAAA//85ziI4")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800002, &(0x7f0000000000)={[{@noblock_validity}, {@dioread_nolock}, {@errors_remount}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x22}, 0x84, 0x464, &(0x7f0000000ac0)="$eJzs3MtvG8UfAPDvbpr219cvoZRHH0CgICIeSZMW6IELCKRekJDgUI4hTavStEFNkGgV0RShckT9C4AjEn8BJ7gg4ATiCneEVKFcCBzQorV3U+PYwU7sOsWfj7TxzO6sd77eHXt2xk4AfWsk/5NE7ImInyJiKCIG6guMVB9Wlhen/1henE4iy177Lcl3i9+XF6fLoknxuLvIjKYR6QdJHGpw3PnLV85Pzc7OXCry4wsX3h6fv3zl6XMXps7OnJ25OHnixPFjE889O/lMR+Lcm9f14Htzhw+cfOPGK9Onbrz57ed5ffcU22vjqBre9DFHYmT1Nan32KaffWvZW5NOtvWwIrQlb+v56RqstP+hGIhbJ28oXn6/p5UDuirLsmzHmrWrPYClDPgPS6LXNQB6o/ygz+9/y+U2dj967uYL1RugPO6VYqlu2RZpUWaw7v62k0Yi4tTSnx/nSzQchwAA6Kwv8/7PU436f2ncW1Pu/8Xc0HBE3BUR+yLi7ojYHxH3RFTK3hcR97d5/JG6/Nr+zw87NxRYi/L+3/PF3NY/+39l7y+GB4rc3kr8g8mZc7MzR4vXZDQGd+T5iXWO8dVLP37UbFtt/y9fVgZjuuwLFvX4dVvdAN3pqYWpzcRc6+a1yhjg1bXxJ6szAUlEHIiIgxt4/vx6OffEZ4ebbV8T//JiXfzr6MA8U/ZpxOPV878UdfGXkvXnJ8f/F7MzR8fLq2Kt776//mqz428q/g7Iz/+uhtf/avzDSe187Xz7x7j+84dN72n+Pf7G1//25PVKenux7t2phYVLExHbk6W16ydv7Vvmy/J5/KNHGrf/fRF/fVLsdygi8ov4gYh4MCIeKur+cEQ8EhFH1on/mxcffWvj8XdXHv/pts5/+4mB819/0ez4rZ3/45XUaLGmlfe/Viu4mdcOAAAA7hRp5TvwSTq2mk7TsbHqd/j3x650dm5+4ckzc+9cPF39rvxwDKblSNdQzXjoRDHWV+Yn6/LHKuPGWZZlOyv5sem52W7NqQOt2d2k/ed+Geh17YCua2serdkv2oA7kt9rQv/S/qF/af/Qv7R/6F+N2v/ViJV1d7rWteoAt5HPf+hf2j/0L+0f+pf2D31pM7/rXy+x72Rrhct/QNilatwBiYGtUY22E5FuiWpsLJFujWpUEzsiotXCV29bS+nxGxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECH/B0AAP//tNHo8Q==")
ftruncate(r0, 0x4000)

kernel console output (not intermixed with test programs):

 84.627747][ T5055] loop4: detected capacity change from 0 to 256
[   84.831791][ T5057] sctp: [Deprecated]: syz.3.440 (pid 5057) Use of struct sctp_assoc_value in delayed_ack socket option.
[   84.831791][ T5057] Use struct sctp_sack_info instead
[   85.140624][ T5057] loop3: detected capacity change from 0 to 512
[   85.328002][ T5066] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[   85.370529][ T5057] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #16: comm syz.3.440: corrupted inode contents
[   85.382984][ T5057] fserror_report: 5 callbacks suppressed
[   85.383009][ T5057] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[   85.390686][ T5057] EXT4-fs error (device loop3): ext4_dirty_inode:6587: inode #16: comm syz.3.440: mark_inode_dirty error
[   85.400124][    C0] EXT4-fs (loop3): error count since last fsck: 1
[   85.400247][    C0] EXT4-fs (loop3): initial error at time 1779254443: ext4_do_update_inode:5690: inode 16
[   85.400333][    C0] EXT4-fs (loop3): last error at time 1779254443: ext4_do_update_inode:5690: inode 16
[   85.439719][ T5057] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[   85.444883][ T5057] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #16: comm syz.3.440: corrupted inode contents
[   85.466784][ T5057] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[   85.468244][ T5057] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #16: comm syz.3.440: mark_inode_dirty error
[   85.490111][ T5057] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[   85.491566][ T5057] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #16: comm syz.3.440: corrupted inode contents
[   85.515585][ T5057] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[   85.517911][ T5057] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem
[   85.538061][ T5057] loop3: lost filesystem error report for type 5 error -117
[   85.540160][ T5057] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #16: comm syz.3.440: corrupted inode contents
[   85.576236][ T5057] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[   85.577464][ T5057] EXT4-fs error (device loop3): ext4_truncate:4690: inode #16: comm syz.3.440: mark_inode_dirty error
[   85.608937][ T5057] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[   85.609259][ T5057] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem
[   85.627278][ T5057] loop3: lost filesystem error report for type 5 error -117
[   85.629206][ T5057] EXT4-fs (loop3): 1 truncate cleaned up
[   85.642658][ T5057] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.655180][ T5057] ext4 filesystem being mounted at /102/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.703129][ T3823] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   85.720793][ T3823] EXT4-fs error (device loop3): ext4_release_dquot:7070: comm kworker/u8:8: Failed to release dquot type 1
[   85.752771][ T5083] netlink: 'syz.0.450': attribute type 4 has an invalid length.
[   85.826166][ T5057] syz.3.440 (5057) used greatest stack depth: 9472 bytes left
[   85.828184][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.839741][ T5081] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=14385 sclass=netlink_route_socket pid=5081 comm=syz.2.449
[   85.928721][ T5080] loop4: detected capacity change from 0 to 256
[   85.944134][ T5090] loop3: detected capacity change from 0 to 512
[   85.955341][ T5090] ext4: Unknown parameter 'dont_measure'
[   85.983695][ T5081] hub 8-0:1.0: USB hub found
[   85.999282][ T5081] hub 8-0:1.0: 8 ports detected
[   86.129633][ T5096] loop2: detected capacity change from 0 to 1024
[   86.179231][ T5096] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.248868][ T5101] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2051 sclass=netlink_route_socket pid=5101 comm=syz.1.455
[   86.322983][ T5103] bond7: option arp_interval: mode dependency failed, not supported in mode balance-tlb(5)
[   86.333793][ T5103] bond7 (unregistering): Released all slaves
[   87.010909][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.085144][ T5118] loop0: detected capacity change from 0 to 128
[   87.974497][ T5133] netlink: 4 bytes leftover after parsing attributes in process `syz.1.467'.
[   89.110618][ T5144] netlink: 12 bytes leftover after parsing attributes in process `syz.1.467'.
[   89.259661][ T5143] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   90.549253][ T5159] loop3: detected capacity change from 0 to 128
[   90.561862][ T5157] loop4: detected capacity change from 0 to 1024
[   90.826163][ T5151] loop2: detected capacity change from 0 to 512
[   91.172488][ T5159] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   91.180858][ T5151] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2810: inode #11: comm syz.2.462: corrupted xattr block 95: invalid header
[   91.195322][ T5151] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[   91.195856][ T5157] EXT4-fs: test_dummy_encryption option not supported
[   91.214451][ T5151] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.462: bg 0: block 7: invalid block bitmap
[   91.226737][ T5151] loop2: lost filesystem error report for type 5 error -117
[   91.227101][ T5151] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6679: Corrupt filesystem
[   91.243111][ T5151] loop2: lost filesystem error report for type 5 error -117
[   91.243430][ T5151] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2972: inode #11: comm syz.2.462: corrupted xattr block 95: invalid header
[   91.264312][ T5151] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[   91.264583][ T5151] EXT4-fs warning (device loop2): ext4_evict_inode:287: xattr delete (err -117)
[   91.282994][    C0] EXT4-fs (loop2): error count since last fsck: 4
[   91.283101][    C0] EXT4-fs (loop2): initial error at time 1779254448: ext4_expand_extra_isize_ea:2810: inode 11
[   91.283384][    C0] EXT4-fs (loop2): last error at time 1779254448: ext4_xattr_delete_inode:2972: inode 11
[   91.338021][ T5151] EXT4-fs (loop2): 1 orphan inode deleted
[   91.344500][ T5151] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.451981][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.466117][ T5166] netlink: 'syz.3.476': attribute type 29 has an invalid length.
[   91.487243][ T5144] syz.1.467 (5144) used greatest stack depth: 9408 bytes left
[   91.604102][   T28] kauditd_printk_skb: 6 callbacks suppressed
[   91.604127][   T28] audit: type=1326 audit(1779254449.279:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5174 comm="syz.2.478" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1d5cce59 code=0x7ffc0000
[   91.639825][ T5175] netlink: 8 bytes leftover after parsing attributes in process `syz.2.478'.
[   91.655893][ T5175] netlink: 32 bytes leftover after parsing attributes in process `syz.2.478'.
[   91.666199][ T5175] netlink: 32 bytes leftover after parsing attributes in process `syz.2.478'.
[   91.675795][   T28] audit: type=1326 audit(1779254449.319:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5174 comm="syz.2.478" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1d5cce59 code=0x7ffc0000
[   91.775172][ T5175] netlink: 21 bytes leftover after parsing attributes in process `syz.2.478'.
[   91.797034][   T28] audit: type=1326 audit(1779254449.319:992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5174 comm="syz.2.478" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1d5cce59 code=0x7ffc0000
[   91.797067][   T28] audit: type=1326 audit(1779254449.319:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5174 comm="syz.2.478" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1d5cce59 code=0x7ffc0000
[   91.797102][   T28] audit: type=1326 audit(1779254449.319:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5174 comm="syz.2.478" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1d5cce59 code=0x7ffc0000
[   91.797192][   T28] audit: type=1326 audit(1779254449.319:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5174 comm="syz.2.478" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9f1d5cce59 code=0x7ffc0000
[   91.797229][   T28] audit: type=1326 audit(1779254449.319:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5174 comm="syz.2.478" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1d5cce59 code=0x7ffc0000
[   91.797335][   T28] audit: type=1326 audit(1779254449.319:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5174 comm="syz.2.478" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1d5cce59 code=0x7ffc0000
[   91.797367][   T28] audit: type=1326 audit(1779254449.319:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5174 comm="syz.2.478" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1d5cce59 code=0x7ffc0000
[   91.797419][   T28] audit: type=1326 audit(1779254449.319:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5174 comm="syz.2.478" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f9f1d5cce59 code=0x7ffc0000
[   91.837087][ T5170] loop4: detected capacity change from 0 to 512
[   91.837757][ T5170] EXT4-fs: Ignoring removed orlov option
[   91.837991][ T5170] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   91.849280][ T5170] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.473: invalid indirect mapped block 32768 (level 2)
[   91.849323][ T5170] loop4: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[   91.849718][ T5170] EXT4-fs (loop4): 1 orphan inode deleted
[   91.849740][ T5170] EXT4-fs (loop4): 1 truncate cleaned up
[   91.850923][ T5170] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.978608][ T5195] loop0: detected capacity change from 0 to 2048
[   91.979159][ T5195] EXT4-fs: Ignoring removed nomblk_io_submit option
[   91.979202][ T5195] EXT4-fs: quotafile must be on filesystem root
[   92.082076][ T5199] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[   92.566872][ T5215] loop3: detected capacity change from 0 to 1024
[   92.608083][ T5215] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.793388][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.024104][ T5226] macvlan2: entered allmulticast mode
[   93.044897][ T5226] batadv0: entered allmulticast mode
[   93.057702][ T5226] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   93.075101][ T5226] batadv0: left allmulticast mode
[   93.255429][ T5232] FAULT_INJECTION: forcing a failure.
[   93.255429][ T5232] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   93.309123][ T5232] CPU: 0 UID: 0 PID: 5232 Comm: syz.1.496 Not tainted syzkaller #0 PREEMPT(full) 
[   93.309156][ T5232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[   93.309229][ T5232] Call Trace:
[   93.309237][ T5232]  <TASK>
[   93.309246][ T5232]  __dump_stack+0x1d/0x30
[   93.309278][ T5232]  dump_stack_lvl+0x95/0xd0
[   93.309323][ T5232]  dump_stack+0x15/0x1b
[   93.309348][ T5232]  should_fail_ex+0x263/0x280
[   93.309379][ T5232]  should_fail_alloc_page+0xf2/0x100
[   93.309420][ T5232]  __alloc_frozen_pages_noprof+0x108/0x350
[   93.309455][ T5232]  alloc_pages_mpol+0xb3/0x260
[   93.309488][ T5232]  vma_alloc_folio_noprof+0x1a9/0x2f0
[   93.309523][ T5232]  handle_mm_fault+0x1040/0x2e70
[   93.309575][ T5232]  do_user_addr_fault+0x3fd/0x1050
[   93.309620][ T5232]  exc_page_fault+0x62/0xa0
[   93.309650][ T5232]  asm_exc_page_fault+0x26/0x30
[   93.309707][ T5232] RIP: 0010:__se_sys_waitid+0x1fd/0x2d0
[   93.309756][ T5232] Code: 0f 84 81 00 00 00 48 bb 00 f0 ff ff ff 7f 00 00 48 89 df 4c 89 fe e8 c2 d5 1f 00 4c 39 fb 0f 82 94 00 00 00 0f 01 cb 0f ae e8 <41> 89 2f 41 c7 47 04 00 00 00 00 48 8d 7c 24 1c e8 1e 8c 3d 00 8b
[   93.309775][ T5232] RSP: 0018:ffffc9001127fd80 EFLAGS: 00050212
[   93.309795][ T5232] RAX: ffffffff81395f8e RBX: 00007ffffffff000 RCX: ffff88810200b300
[   93.309870][ T5232] RDX: 0000000000000000 RSI: 0000200000002ff9 RDI: 00007ffffffff000
[   93.309886][ T5232] RBP: 0000000000000000 R08: 0001c9001127fd3f R09: 0000000000000000
[   93.309902][ T5232] R10: ffffc9001127fe30 R11: 0001c9001127fe30 R12: ffffffffffffffea
[   93.310012][ T5232] R13: 0000000000000000 R14: ffffffffffffffea R15: 0000200000002ff9
[   93.310033][ T5232]  ? __se_sys_waitid+0x1ee/0x2d0
[   93.310097][ T5232]  __x64_sys_waitid+0x67/0x80
[   93.310181][ T5232]  x64_sys_call+0x28b2/0x3020
[   93.310215][ T5232]  do_syscall_64+0x12c/0x3b0
[   93.310253][ T5232]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.310281][ T5232] RIP: 0033:0x7f3f3be7ce59
[   93.310365][ T5232] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   93.310388][ T5232] RSP: 002b:00007f3f3a8cf028 EFLAGS: 00000246 ORIG_RAX: 00000000000000f7
[   93.310410][ T5232] RAX: ffffffffffffffda RBX: 00007f3f3c0f5fa0 RCX: 00007f3f3be7ce59
[   93.310424][ T5232] RDX: 0000200000002ff9 RSI: 0000000000000000 RDI: 0000000000000000
[   93.310438][ T5232] RBP: 00007f3f3a8cf090 R08: 0000000000000000 R09: 0000000000000000
[   93.310499][ T5232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.310514][ T5232] R13: 00007f3f3c0f6038 R14: 00007f3f3c0f5fa0 R15: 00007fff8fc1d398
[   93.310539][ T5232]  </TASK>
[   93.392272][ T5227] syzkaller0: entered promiscuous mode
[   93.613746][ T5227] syzkaller0: entered allmulticast mode
[   93.646197][ T5236] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   93.663330][ T5238] netlink: 'syz.1.498': attribute type 10 has an invalid length.
[   93.684801][ T5238] netlink: 40 bytes leftover after parsing attributes in process `syz.1.498'.
[   94.178702][ T5246] netlink: 8 bytes leftover after parsing attributes in process `syz.0.502'.
[   94.327848][ T5253] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   94.593441][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.650611][ T5258] loop4: detected capacity change from 0 to 2048
[   94.669020][ T5258] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.945989][ T5267] loop1: detected capacity change from 0 to 1024
[   95.013044][ T5267] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.026301][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.091335][ T5273] loop3: detected capacity change from 0 to 128
[   95.125443][ T5273] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   95.201566][ T5277] loop4: detected capacity change from 0 to 8192
[   95.203111][ T5273] ext4 filesystem being mounted at /119/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   95.224486][ T5277] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   95.281744][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.299260][ T3303] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   95.340970][ T5285] loop1: detected capacity change from 0 to 128
[   95.488369][ T5285] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   95.548220][ T5285] ext4 filesystem being mounted at /84/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   95.565472][ T5296] netlink: 12 bytes leftover after parsing attributes in process `syz.3.516'.
[   95.590147][ T5296] netlink: 32 bytes leftover after parsing attributes in process `syz.3.516'.
[   95.608184][ T5298] loop4: detected capacity change from 0 to 1024
[   95.615688][ T3302] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   95.637353][ T5296] netlink: 32 bytes leftover after parsing attributes in process `syz.3.516'.
[   95.653753][ T5298] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.703540][ T5298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.758920][ T5298] netlink: 28 bytes leftover after parsing attributes in process `syz.4.517'.
[   95.773637][ T5308] SELinux: syz.1.520 (5308) wrote to checkreqprot. This is no longer supported.
[   96.421317][ T5324] loop0: detected capacity change from 0 to 128
[   96.432807][ T5319] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   96.557428][ T5331] FAULT_INJECTION: forcing a failure.
[   96.557428][ T5331] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   96.629083][ T5331] CPU: 0 UID: 0 PID: 5331 Comm: syz.3.524 Not tainted syzkaller #0 PREEMPT(full) 
[   96.629119][ T5331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[   96.629136][ T5331] Call Trace:
[   96.629186][ T5331]  <TASK>
[   96.629213][ T5331]  __dump_stack+0x1d/0x30
[   96.629245][ T5331]  dump_stack_lvl+0x95/0xd0
[   96.629272][ T5331]  dump_stack+0x15/0x1b
[   96.629347][ T5331]  should_fail_ex+0x263/0x280
[   96.629380][ T5331]  should_fail+0xb/0x20
[   96.629414][ T5331]  should_fail_usercopy+0x1a/0x20
[   96.629447][ T5331]  _copy_to_user+0x20/0xa0
[   96.629491][ T5331]  simple_read_from_buffer+0xb5/0x130
[   96.629619][ T5331]  proc_fail_nth_read+0x10e/0x150
[   96.629649][ T5331]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   96.629686][ T5331]  vfs_read+0x1ab/0x7f0
[   96.629721][ T5331]  ? __rcu_read_unlock+0x4e/0x70
[   96.629800][ T5331]  ? __fget_files+0x184/0x1c0
[   96.629824][ T5331]  ? mutex_lock+0x57/0x90
[   96.629854][ T5331]  ksys_read+0xdc/0x1a0
[   96.629940][ T5331]  __x64_sys_read+0x40/0x50
[   96.629970][ T5331]  x64_sys_call+0x2886/0x3020
[   96.630002][ T5331]  do_syscall_64+0x12c/0x3b0
[   96.630106][ T5331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.630129][ T5331] RIP: 0033:0x7f87701fd68e
[   96.630145][ T5331] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[   96.630164][ T5331] RSP: 002b:00007f876ec96fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   96.630217][ T5331] RAX: ffffffffffffffda RBX: 00007f876ec976c0 RCX: 00007f87701fd68e
[   96.630245][ T5331] RDX: 000000000000000f RSI: 00007f876ec970a0 RDI: 0000000000000004
[   96.630258][ T5331] RBP: 00007f876ec97090 R08: 0000000000000000 R09: 0000000000000000
[   96.630274][ T5331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.630290][ T5331] R13: 00007f87704b6038 R14: 00007f87704b5fa0 R15: 00007ffe795e97f8
[   96.630347][ T5331]  </TASK>
[   96.865215][ T5340] netlink: 'syz.4.526': attribute type 58 has an invalid length.
[   96.936824][   T28] kauditd_printk_skb: 117 callbacks suppressed
[   96.936850][   T28] audit: type=1400 audit(1779254454.620:1117): avc:  denied  { create } for  pid=5341 comm="syz.1.527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[   96.966702][ T5344] loop4: detected capacity change from 0 to 128
[   96.973719][ T5344] EXT4-fs (loop4): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[   96.984197][ T5340] __nla_validate_parse: 1 callbacks suppressed
[   96.984216][ T5340] netlink: 152 bytes leftover after parsing attributes in process `syz.4.526'.
[   97.014891][ T3291] udevd[3291]: incorrect ext4 checksum on /dev/loop4
[   97.039217][ T3291] udevd[3291]: incorrect ext4 checksum on /dev/loop4
[   97.143482][ T5350] loop1: detected capacity change from 0 to 512
[   97.155150][ T5350] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   97.213861][ T5354] FAULT_INJECTION: forcing a failure.
[   97.213861][ T5354] name failslab, interval 1, probability 0, space 0, times 0
[   97.284515][ T5354] CPU: 0 UID: 0 PID: 5354 Comm: syz.3.531 Not tainted syzkaller #0 PREEMPT(full) 
[   97.284546][ T5354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[   97.284560][ T5354] Call Trace:
[   97.284567][ T5354]  <TASK>
[   97.284576][ T5354]  __dump_stack+0x1d/0x30
[   97.284607][ T5354]  dump_stack_lvl+0x95/0xd0
[   97.284658][ T5354]  dump_stack+0x15/0x1b
[   97.284677][ T5354]  should_fail_ex+0x263/0x280
[   97.284710][ T5354]  ? rtnl_newlink+0x5c/0x1400
[   97.284743][ T5354]  should_failslab+0x8c/0xb0
[   97.284828][ T5354]  __kmalloc_cache_noprof+0x5f/0x400
[   97.284939][ T5354]  ? __pfx_rtnl_newlink+0x10/0x10
[   97.284969][ T5354]  rtnl_newlink+0x5c/0x1400
[   97.285013][ T5354]  ? xas_load+0x413/0x430
[   97.285102][ T5354]  ? try_charge_memcg+0x206/0xa10
[   97.285131][ T5354]  ? xas_load+0x413/0x430
[   97.285158][ T5354]  ? __rcu_read_unlock+0x4e/0x70
[   97.285219][ T5354]  ? xa_load+0xb1/0xe0
[   97.285259][ T5354]  ? memcg_list_lru_alloc+0xd0/0x4f0
[   97.285309][ T5354]  ? __rcu_read_unlock+0x4e/0x70
[   97.285329][ T5354]  ? avc_has_perm_noaudit+0xab/0x130
[   97.285363][ T5354]  ? cred_has_capability+0x224/0x2a0
[   97.285525][ T5354]  ? selinux_capable+0x31/0x40
[   97.285599][ T5354]  ? security_capable+0x7b/0x90
[   97.285634][ T5354]  ? ns_capable+0x7c/0xb0
[   97.285667][ T5354]  ? __pfx_rtnl_newlink+0x10/0x10
[   97.285828][ T5354]  rtnetlink_rcv_msg+0x64b/0x720
[   97.285867][ T5354]  ? avc_has_perm_noaudit+0xab/0x130
[   97.285967][ T5354]  netlink_rcv_skb+0x123/0x220
[   97.286044][ T5354]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   97.286090][ T5354]  rtnetlink_rcv+0x1c/0x30
[   97.286188][ T5354]  netlink_unicast+0x5a8/0x680
[   97.286289][ T5354]  netlink_sendmsg+0x5c8/0x6f0
[   97.286325][ T5354]  ? __pfx_netlink_sendmsg+0x10/0x10
[   97.286386][ T5354]  ____sys_sendmsg+0x563/0x5b0
[   97.286423][ T5354]  ___sys_sendmsg+0x195/0x1e0
[   97.286466][ T5354]  __x64_sys_sendmsg+0xd4/0x160
[   97.286546][ T5354]  x64_sys_call+0x194c/0x3020
[   97.286571][ T5354]  do_syscall_64+0x12c/0x3b0
[   97.286602][ T5354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.286683][ T5354] RIP: 0033:0x7f877023ce59
[   97.286699][ T5354] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   97.286718][ T5354] RSP: 002b:00007f876ec97028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   97.286738][ T5354] RAX: ffffffffffffffda RBX: 00007f87704b5fa0 RCX: 00007f877023ce59
[   97.286752][ T5354] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[   97.286827][ T5354] RBP: 00007f876ec97090 R08: 0000000000000000 R09: 0000000000000000
[   97.286865][ T5354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.286891][ T5354] R13: 00007f87704b6038 R14: 00007f87704b5fa0 R15: 00007ffe795e97f8
[   97.286917][ T5354]  </TASK>
[   97.365069][ T5359] netlink: 'syz.4.532': attribute type 1 has an invalid length.
[   97.386855][ T5359] 8021q: adding VLAN 0 to HW filter on device bond5
[   97.391586][ T5358] EXT4-fs: Ignoring removed nomblk_io_submit option
[   97.463465][ T5359] bond5: (slave geneve2): making interface the new active one
[   97.682120][ T5359] bond5: (slave geneve2): Enslaving as an active interface with an up link
[   97.698134][ T5358] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.745311][   T28] audit: type=1400 audit(1779254455.420:1118): avc:  denied  { write } for  pid=5357 comm="syz.3.533" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   97.791048][  T357] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.816658][  T357] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.862177][  T357] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.906895][  T357] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.082133][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.234305][ T5378] set_capacity_and_notify: 1 callbacks suppressed
[   98.234403][ T5378] loop0: detected capacity change from 0 to 512
[   98.247819][ T5378] EXT4-fs: Ignoring removed i_version option
[   98.319636][ T5378] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.332364][ T5378] ext4 filesystem being mounted at /109/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.346864][   T28] audit: type=1400 audit(1779254456.030:1119): avc:  denied  { write } for  pid=5370 comm="syz.0.535" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   98.393387][ T5378] netlink: 12 bytes leftover after parsing attributes in process `syz.0.535'.
[   98.411710][ T5379] netlink: 'syz.4.536': attribute type 1 has an invalid length.
[   98.747967][   T28] audit: type=1400 audit(1779254456.070:1120): avc:  denied  { append } for  pid=5370 comm="syz.0.535" path="/109/file1/cpu.stat" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   98.771475][   T28] audit: type=1400 audit(1779254456.320:1121): avc:  denied  { create } for  pid=5375 comm="syz.4.536" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[   99.209851][ T5388] loop1: detected capacity change from 0 to 512
[   99.213892][ T5388] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[   99.281904][ T5388] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   99.281989][ T5388] EXT4-fs (loop1): orphan cleanup on readonly fs
[   99.282198][ T5388] Quota error (device loop1): v2_read_file_info: Block with free entry 4294967071 out of range (1, 6).
[   99.282244][ T5388] EXT4-fs warning (device loop1): ext4_enable_quotas:7269: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   99.282301][ T5388] EXT4-fs (loop1): Cannot turn on quotas: error -117
[   99.286267][ T5388] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.534: bg 0: block 15: invalid block bitmap
[   99.286421][ T5388] loop1: lost filesystem error report for type 5 error -117
[   99.296564][    C0] EXT4-fs (loop1): error count since last fsck: 1
[   99.296624][    C0] EXT4-fs (loop1): initial error at time 1779254456: ext4_validate_block_bitmap:432
[   99.296785][    C0] EXT4-fs (loop1): last error at time 1779254456: ext4_validate_block_bitmap:432
[   99.480648][ T5396] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   99.585400][ T5402] FAULT_INJECTION: forcing a failure.
[   99.585400][ T5402] name failslab, interval 1, probability 0, space 0, times 0
[   99.585436][ T5402] CPU: 1 UID: 0 PID: 5402 Comm: syz.4.540 Not tainted syzkaller #0 PREEMPT(full) 
[   99.585479][ T5402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[   99.585492][ T5402] Call Trace:
[   99.585498][ T5402]  <TASK>
[   99.585508][ T5402]  __dump_stack+0x1d/0x30
[   99.585538][ T5402]  dump_stack_lvl+0x95/0xd0
[   99.585565][ T5402]  dump_stack+0x15/0x1b
[   99.585654][ T5402]  should_fail_ex+0x263/0x280
[   99.585728][ T5402]  ? call_usermodehelper_setup+0x72/0x190
[   99.585774][ T5402]  should_failslab+0x8c/0xb0
[   99.585870][ T5402]  ? __pfx_free_modprobe_argv+0x10/0x10
[   99.585903][ T5402]  __kmalloc_cache_noprof+0x5f/0x400
[   99.585951][ T5402]  ? __pfx_free_modprobe_argv+0x10/0x10
[   99.586050][ T5402]  call_usermodehelper_setup+0x72/0x190
[   99.586157][ T5402]  __request_module+0x264/0x3c0
[   99.586189][ T5402]  ? capable+0x7b/0xb0
[   99.586286][ T5402]  dev_load+0x61/0xc0
[   99.586319][ T5402]  dev_ioctl+0x4fe/0x960
[   99.586356][ T5402]  sock_do_ioctl+0x1aa/0x230
[   99.586409][ T5402]  sock_ioctl+0x41b/0x610
[   99.586436][ T5402]  ? mutex_lock+0x57/0x90
[   99.586541][ T5402]  ? __pfx_sock_ioctl+0x10/0x10
[   99.586571][ T5402]  __se_sys_ioctl+0xce/0x140
[   99.586601][ T5402]  __x64_sys_ioctl+0x43/0x50
[   99.586697][ T5402]  x64_sys_call+0x1563/0x3020
[   99.586722][ T5402]  do_syscall_64+0x12c/0x3b0
[   99.586853][ T5402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.586882][ T5402] RIP: 0033:0x7f56c6a1ce59
[   99.586902][ T5402] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   99.586924][ T5402] RSP: 002b:00007f56c546f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   99.586999][ T5402] RAX: ffffffffffffffda RBX: 00007f56c6c95fa0 RCX: 00007f56c6a1ce59
[   99.587014][ T5402] RDX: 00002000000000c0 RSI: 0000000000008933 RDI: 0000000000000003
[   99.587059][ T5402] RBP: 00007f56c546f090 R08: 0000000000000000 R09: 0000000000000000
[   99.587137][ T5402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.587152][ T5402] R13: 00007f56c6c96038 R14: 00007f56c6c95fa0 R15: 00007ffc6c91a548
[   99.587172][ T5402]  </TASK>
[   99.766430][ T5388] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6679: Corrupt filesystem
[   99.766498][ T5388] loop1: lost filesystem error report for type 5 error -117
[   99.766815][ T5388] EXT4-fs warning (device loop1): ext4_evict_inode:195: inode #16: comm syz.1.534: data will be lost
[   99.766950][ T5388] EXT4-fs (loop1): 1 truncate cleaned up
[   99.772523][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.943453][ T5388] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  100.227666][ T5414] loop0: detected capacity change from 0 to 512
[  100.242387][ T5414] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  100.263261][ T5411] loop4: detected capacity change from 0 to 1024
[  100.350903][ T5411] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.384927][ T5419] netlink: 'syz.0.547': attribute type 1 has an invalid length.
[  100.398064][   T28] audit: type=1400 audit(1779254458.080:1122): avc:  denied  { write } for  pid=5410 comm="syz.4.543" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  100.444087][   T28] audit: type=1400 audit(1779254458.080:1123): avc:  denied  { create } for  pid=5410 comm="syz.4.543" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  100.464172][   T28] audit: type=1400 audit(1779254458.110:1124): avc:  denied  { write } for  pid=5410 comm="syz.4.543" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  100.486064][   T28] audit: type=1400 audit(1779254458.110:1125): avc:  denied  { write } for  pid=5410 comm="syz.4.543" name="bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  100.572849][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.596374][ T5419] 8021q: adding VLAN 0 to HW filter on device bond4
[  100.760180][ T5420] bond4: (slave geneve2): making interface the new active one
[  100.787551][ T5420] bond4: (slave geneve2): Enslaving as an active interface with an up link
[  100.827860][ T5436] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  100.933901][ T5443] loop3: detected capacity change from 0 to 512
[  100.975650][ T5443] EXT4-fs: Ignoring removed nobh option
[  100.981744][ T5443] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  101.004763][ T5443] EXT4-fs (loop3): 1 truncate cleaned up
[  101.024514][ T5443] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.077060][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.098063][ T5452] loop3: detected capacity change from 0 to 128
[  101.196489][ T5459] loop3: detected capacity change from 0 to 4096
[  101.209137][ T5459] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.227164][ T5459] netlink: 8 bytes leftover after parsing attributes in process `syz.3.557'.
[  101.236632][ T5459] netlink: 'syz.3.557': attribute type 30 has an invalid length.
[  101.244640][ T5459] netlink: 12 bytes leftover after parsing attributes in process `syz.3.557'.
[  101.287764][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.335896][ T5462] syzkaller0: entered promiscuous mode
[  101.341553][ T5462] syzkaller0: entered allmulticast mode
[  101.692877][ T5471] loop4: detected capacity change from 0 to 4096
[  101.727351][ T5471] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.751253][ T5473] loop3: detected capacity change from 0 to 4096
[  101.783950][ T5473] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.819486][ T5477] netlink: 'syz.0.563': attribute type 1 has an invalid length.
[  101.839512][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.858957][ T5477] 8021q: adding VLAN 0 to HW filter on device bond5
[  101.925909][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.950766][ T5481] Cannot find map_set index 33 as target
[  102.212261][ T5491] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  102.268973][ T5494] netlink: 4 bytes leftover after parsing attributes in process `syz.3.567'.
[  102.532726][ T5501] netlink: 12 bytes leftover after parsing attributes in process `syz.3.567'.
[  103.238622][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.309813][ T5510] syzkaller0: entered promiscuous mode
[  103.324535][   T28] kauditd_printk_skb: 9 callbacks suppressed
[  103.324570][   T28] audit: type=1400 audit(1779254461.000:1135): avc:  denied  { setopt } for  pid=5511 comm="syz.0.573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  103.353769][ T5510] syzkaller0: entered allmulticast mode
[  103.366559][ T5512] netem: change failed
[  103.428824][ T5515] loop0: detected capacity change from 0 to 512
[  103.451343][ T5515] EXT4-fs: Ignoring removed mblk_io_submit option
[  103.516583][ T5515] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13
[  103.525618][ T5515] EXT4-fs error (device loop0): ext4_clear_blocks:876: inode #13: comm syz.0.574: attempt to clear invalid blocks 2 len 1
[  103.538873][ T5515] loop0: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  103.543579][    C1] EXT4-fs (loop0): error count since last fsck: 1
[  103.559224][    C1] EXT4-fs (loop0): initial error at time 1779254461: ext4_clear_blocks:876: inode 13
[  103.568765][    C1] EXT4-fs (loop0): last error at time 1779254461: ext4_clear_blocks:876: inode 13
[  103.637807][ T5515] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  103.660882][ T5515] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.574: invalid indirect mapped block 1819239214 (level 0)
[  103.714089][ T5515] loop0: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  103.715388][ T5515] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.574: invalid indirect mapped block 1819239214 (level 1)
[  103.740314][ T5521] loop1: detected capacity change from 0 to 128
[  103.768484][ T5515] loop0: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  103.769047][ T5515] EXT4-fs (loop0): 1 truncate cleaned up
[  103.792186][ T5515] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.806881][ T5515] EXT4-fs (loop0): Quota file not on filesystem root. Journaled quota will not work
[  103.817026][   T28] audit: type=1400 audit(1779254461.500:1136): avc:  denied  { quotaon } for  pid=5514 comm="syz.0.574" name="file0" dev="loop0" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  103.861705][   T28] audit: type=1400 audit(1779254461.520:1137): avc:  denied  { create } for  pid=5514 comm="syz.0.574" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  103.914880][   T28] audit: type=1400 audit(1779254461.520:1138): avc:  denied  { create } for  pid=5514 comm="syz.0.574" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  103.948200][ T5522] loop2: detected capacity change from 0 to 764
[  103.958255][ T5522] rock: directory entry would overflow storage
[  103.964473][ T5522] rock: sig=0x4654, size=5, remaining=4
[  103.974801][ T5522] syz.2.576 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  104.126740][ T5530] netlink: 'syz.2.579': attribute type 1 has an invalid length.
[  104.179253][ T5530] 8021q: adding VLAN 0 to HW filter on device bond6
[  104.241410][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.339387][ T5542] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  104.418442][ T5544] loop0: detected capacity change from 0 to 1024
[  104.426254][ T5550] syzkaller0: entered promiscuous mode
[  104.431875][ T5550] syzkaller0: entered allmulticast mode
[  104.435059][ T5546] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -22741, delta: 1
[  104.438571][   T28] audit: type=1400 audit(1779254462.110:1139): avc:  denied  { execute } for  pid=5543 comm="syz.2.582" path="/118/file0" dev="tmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  104.456031][ T5544] EXT4-fs: Ignoring removed bh option
[  104.480955][ T5550] loop3: detected capacity change from 0 to 512
[  104.489129][ T5546] ref_ctr increment failed for inode: 0x286 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff8881035f6540
[  104.493630][ T5550] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  104.515489][ T5550] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.584: bg 0: block 288: padding at end of block bitmap is not set
[  104.529950][ T5552] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -22741, delta: -1
[  104.539173][ T5552] ref_ctr decrement failed for inode: 0x286 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff8881035f6540
[  104.551080][ T5550] loop3: lost filesystem error report for type 5 error -117
[  104.552063][ T5544] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.553923][    C0] EXT4-fs (loop3): error count since last fsck: 1
[  104.561534][ T5552] uprobe: syz.2.582:5552 failed to unregister, leaking uprobe
[  104.571664][    C0] EXT4-fs (loop3): initial error at time 1779254462: ext4_validate_block_bitmap:441
[  104.595318][    C0] EXT4-fs (loop3): last error at time 1779254462: ext4_validate_block_bitmap:441
[  104.605156][ T5550] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6679: Corrupt filesystem
[  104.614461][ T5550] loop3: lost filesystem error report for type 5 error -117
[  104.616753][ T5550] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.584: attempt to clear invalid blocks 1024 len 1
[  104.639861][   T28] audit: type=1400 audit(1779254462.290:1140): avc:  denied  { write } for  pid=5539 comm="syz.0.581" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  104.647054][ T5550] loop3: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  104.679232][ T5550] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.584: invalid indirect mapped block 1819239214 (level 0)
[  104.702492][ T5550] loop3: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  104.703242][ T5550] EXT4-fs (loop3): 1 truncate cleaned up
[  104.704134][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.724499][ T5550] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.870121][ T5559] loop0: detected capacity change from 0 to 512
[  104.876820][ T5559] msdos: Unknown parameter 'xœìÝÁjAð/mÚnz±gñ°àÅSQß HqAˆä 'ÕK+Bz‰žr÷|_Ç›o൧ÞVì.¦nÓ%Íhö÷ƒ°óg˜™f’7÷Þ}8}W~ÿY–G7bç±ÛQéÔÏ­‹z7.›'
[  104.945056][ T5561] loop0: detected capacity change from 0 to 128
[  104.951662][ T5561] vfat: Unknown parameter '‹¿rÑP'Ëj‚‡ª&3j*'çð§Q4ój}¸*çætÏîSìªû'
[  105.057094][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.189623][ T5571] FAULT_INJECTION: forcing a failure.
[  105.189623][ T5571] name failslab, interval 1, probability 0, space 0, times 0
[  105.236545][ T5571] CPU: 1 UID: 0 PID: 5571 Comm: syz.4.590 Not tainted syzkaller #0 PREEMPT(full) 
[  105.236581][ T5571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  105.236671][ T5571] Call Trace:
[  105.236685][ T5571]  <TASK>
[  105.236693][ T5571]  __dump_stack+0x1d/0x30
[  105.236723][ T5571]  dump_stack_lvl+0x95/0xd0
[  105.236752][ T5571]  dump_stack+0x15/0x1b
[  105.236827][ T5571]  should_fail_ex+0x263/0x280
[  105.236857][ T5571]  should_failslab+0x8c/0xb0
[  105.236899][ T5571]  __kmalloc_noprof+0xb8/0x4d0
[  105.236963][ T5571]  ? tcf_idr_create+0x41/0x4a0
[  105.237014][ T5571]  tcf_idr_create+0x41/0x4a0
[  105.237057][ T5571]  ? tcf_idr_check_alloc+0x24e/0x2e0
[  105.237161][ T5571]  tcf_mpls_init+0x36c/0xbb0
[  105.237211][ T5571]  ? __pfx_tcf_mpls_init+0x10/0x10
[  105.237254][ T5571]  tcf_action_init_1+0x395/0x4d0
[  105.237375][ T5571]  tcf_action_init+0x29c/0x700
[  105.237507][ T5571]  tc_ctl_action+0x29b/0x830
[  105.237582][ T5571]  ? __pfx_tc_ctl_action+0x10/0x10
[  105.237604][ T5571]  rtnetlink_rcv_msg+0x6a7/0x720
[  105.237645][ T5571]  ? avc_has_perm_noaudit+0xab/0x130
[  105.237696][ T5571]  netlink_rcv_skb+0x123/0x220
[  105.237800][ T5571]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  105.237848][ T5571]  rtnetlink_rcv+0x1c/0x30
[  105.237884][ T5571]  netlink_unicast+0x5a8/0x680
[  105.237960][ T5571]  netlink_sendmsg+0x5c8/0x6f0
[  105.238002][ T5571]  ? __pfx_netlink_sendmsg+0x10/0x10
[  105.238104][ T5571]  ____sys_sendmsg+0x563/0x5b0
[  105.238174][ T5571]  ___sys_sendmsg+0x195/0x1e0
[  105.238225][ T5571]  __x64_sys_sendmsg+0xd4/0x160
[  105.238333][ T5571]  x64_sys_call+0x194c/0x3020
[  105.238414][ T5571]  do_syscall_64+0x12c/0x3b0
[  105.238457][ T5571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.238526][ T5571] RIP: 0033:0x7f56c6a1ce59
[  105.238547][ T5571] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  105.238567][ T5571] RSP: 002b:00007f56c546f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  105.238594][ T5571] RAX: ffffffffffffffda RBX: 00007f56c6c95fa0 RCX: 00007f56c6a1ce59
[  105.238683][ T5571] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  105.238697][ T5571] RBP: 00007f56c546f090 R08: 0000000000000000 R09: 0000000000000000
[  105.238711][ T5571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  105.238726][ T5571] R13: 00007f56c6c96038 R14: 00007f56c6c95fa0 R15: 00007ffc6c91a548
[  105.238777][ T5571]  </TASK>
[  105.570716][ T5581] netlink: 'syz.3.593': attribute type 1 has an invalid length.
[  105.638989][ T5581] 8021q: adding VLAN 0 to HW filter on device bond8
[  105.761100][   T28] audit: type=1400 audit(1779254463.441:1141): avc:  denied  { audit_write } for  pid=5594 comm="syz.4.598" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  105.792975][   T28] audit: type=1107 audit(1779254463.441:1142): pid=5594 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='œB›éµŸðåZƒº´^%P‰´q¯“É°Q@#ï8âý|°@}7[Æ)Ñ»ä†x]–Àlì“éHÔë6”Rh�Úœï>ÝÙ@ø¡í˯oƒ››3
ŒëßðŠ]ÒKca&Ƙê91nvñ:fôœ}ÖI&7ò�·§àex
hƒß°“JÈ&ɺ�âZÑË_S‘þ`ê¦	M®A*Ñ°S²™„}»¹
[  105.792975][   T28] SbŽ«ê¥ùÇÖXPød¿]“žhoéo°êõP™ŒqX�QI'
[  105.863213][ T5595] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  105.894191][ T5606] loop2: detected capacity change from 0 to 256
[  105.913466][   T28] audit: type=1400 audit(1779254463.581:1143): avc:  denied  { connect } for  pid=5605 comm="syz.2.601" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  106.088955][ T5614] xt_NFQUEUE: number of total queues is 0
[  106.140149][ T5620] loop3: detected capacity change from 0 to 512
[  106.151256][   T28] audit: type=1400 audit(1779254463.831:1144): avc:  denied  { getopt } for  pid=5619 comm="syz.1.607" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  106.173770][ T5620] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  106.203893][ T5623] FAULT_INJECTION: forcing a failure.
[  106.203893][ T5623] name failslab, interval 1, probability 0, space 0, times 0
[  106.216978][ T5620] netlink: 12 bytes leftover after parsing attributes in process `syz.3.608'.
[  106.225990][ T5623] CPU: 0 UID: 0 PID: 5623 Comm: syz.1.609 Not tainted syzkaller #0 PREEMPT(full) 
[  106.226024][ T5623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  106.226041][ T5623] Call Trace:
[  106.226050][ T5623]  <TASK>
[  106.226061][ T5623]  __dump_stack+0x1d/0x30
[  106.226100][ T5623]  dump_stack_lvl+0x95/0xd0
[  106.226133][ T5623]  dump_stack+0x15/0x1b
[  106.226217][ T5623]  should_fail_ex+0x263/0x280
[  106.226286][ T5623]  should_failslab+0x8c/0xb0
[  106.226329][ T5623]  kmem_cache_alloc_lru_noprof+0x6c/0x400
[  106.226409][ T5623]  ? __d_alloc+0x37/0x340
[  106.226451][ T5623]  ? vsnprintf+0x7ee/0x860
[  106.226472][ T5623]  __d_alloc+0x37/0x340
[  106.226501][ T5623]  ? __pfx_proc_self_get_link+0x10/0x10
[  106.226539][ T5623]  d_alloc_parallel+0x54/0xce0
[  106.226616][ T5623]  ? lockref_get_not_dead+0x120/0x1c0
[  106.226661][ T5623]  ? __rcu_read_unlock+0x4e/0x70
[  106.226685][ T5623]  ? try_to_unlazy+0x39d/0x580
[  106.226799][ T5623]  __lookup_slow+0x96/0x260
[  106.226834][ T5623]  lookup_slow+0x3c/0x60
[  106.226864][ T5623]  link_path_walk+0x946/0xe30
[  106.226978][ T5623]  path_openat+0x1c6/0x2050
[  106.227078][ T5623]  ? _parse_integer_limit+0x170/0x190
[  106.227141][ T5623]  ? kstrtouint+0x76/0xc0
[  106.227166][ T5623]  do_file_open+0x16c/0x290
[  106.227197][ T5623]  ? __pfx_kfree_link+0x10/0x10
[  106.227234][ T5623]  do_sys_openat2+0x94/0x130
[  106.227267][ T5623]  __x64_sys_openat+0xf2/0x120
[  106.227362][ T5623]  x64_sys_call+0x1e39/0x3020
[  106.227396][ T5623]  do_syscall_64+0x12c/0x3b0
[  106.227536][ T5623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.227558][ T5623] RIP: 0033:0x7f3f3be3d68e
[  106.227579][ T5623] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  106.227605][ T5623] RSP: 002b:00007f3f3a8cef18 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  106.227632][ T5623] RAX: ffffffffffffffda RBX: 00007f3f3a8cf6c0 RCX: 00007f3f3be3d68e
[  106.227651][ T5623] RDX: 0000000000000000 RSI: 00007f3f3bf124aa RDI: ffffffffffffff9c
[  106.227713][ T5623] RBP: 00007f3f3a8cf090 R08: 0000000000000000 R09: 0000000000000000
[  106.227730][ T5623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.227743][ T5623] R13: 00007f3f3c0f6038 R14: 00007f3f3c0f5fa0 R15: 00007fff8fc1d398
[  106.227809][ T5623]  </TASK>
[  106.477762][ T5627] netlink: 32 bytes leftover after parsing attributes in process `syz.1.610'.
[  106.492395][ T5628] SELinux:  Context system_u:object_r:auditctl_exec_t:s0 is not valid (left unmapped).
[  106.659973][ T5636] netlink: 12 bytes leftover after parsing attributes in process `syz.3.612'.
[  106.700397][ T5637] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.709078][ T5637] 8021q: adding VLAN 0 to HW filter on device team0
[  106.720007][ T5637] 8021q: adding VLAN 0 to HW filter on device batadv0
[  106.911698][ T5637] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  106.922139][ T5637] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  106.935226][ T5637] veth1_vlan: left promiscuous mode
[  106.941477][ T5637] veth0_vlan: left promiscuous mode
[  106.947204][ T5637] veth0_vlan: entered promiscuous mode
[  106.956965][ T5637] veth1_vlan: entered promiscuous mode
[  106.966813][ T5637] veth0_macvtap: left promiscuous mode
[  106.973338][ T5637] veth0_macvtap: entered promiscuous mode
[  106.982330][ T5637] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  106.991408][ T5637] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  107.000317][ T5637] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  107.009392][ T5637] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  107.018810][ T5637] 8021q: adding VLAN 0 to HW filter on device bond1
[  107.027850][ T5637] 8021q: adding VLAN 0 to HW filter on device bond2
[  107.037131][ T5637] 8021q: adding VLAN 0 to HW filter on device bond3
[  107.046859][ T5637] 8021q: adding VLAN 0 to HW filter on device bond4
[  107.058381][ T5637] 8021q: adding VLAN 0 to HW filter on device bond6
[  107.067335][ T5637] 8021q: adding VLAN 0 to HW filter on device bond7
[  107.176993][ T5647] netlink: 'syz.0.616': attribute type 1 has an invalid length.
[  107.241147][ T5647] 8021q: adding VLAN 0 to HW filter on device bond7
[  107.427006][ T5666] loop0: detected capacity change from 0 to 128
[  107.463480][ T5666] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  107.479450][ T5666] ext4 filesystem being mounted at /125/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  107.536540][ T5673] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  107.555961][  T405] ip6_tunnel: syztnl1 xmit: Local address not yet configured!
[  107.563704][  T405] ip6_tunnel: syztnl1 xmit: Local address not yet configured!
[  107.589289][ T3575] ip6_tunnel: syztnl1 xmit: Local address not yet configured!
[  107.617561][ T5685] syzkaller0: entered promiscuous mode
[  107.623132][ T5685] syzkaller0: entered allmulticast mode
[  107.730698][ T3297] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  107.852252][ T5692] FAULT_INJECTION: forcing a failure.
[  107.852252][ T5692] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  107.880404][ T5692] CPU: 1 UID: 0 PID: 5692 Comm: syz.3.632 Not tainted syzkaller #0 PREEMPT(full) 
[  107.880456][ T5692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  107.880472][ T5692] Call Trace:
[  107.880479][ T5692]  <TASK>
[  107.880487][ T5692]  __dump_stack+0x1d/0x30
[  107.880518][ T5692]  dump_stack_lvl+0x95/0xd0
[  107.880576][ T5692]  dump_stack+0x15/0x1b
[  107.880595][ T5692]  should_fail_ex+0x263/0x280
[  107.880628][ T5692]  should_fail+0xb/0x20
[  107.880662][ T5692]  should_fail_usercopy+0x1a/0x20
[  107.880725][ T5692]  _copy_from_iter+0xcf/0xea0
[  107.880765][ T5692]  ? __alloc_skb+0x4f6/0x690
[  107.880791][ T5692]  ? __alloc_skb+0x200/0x690
[  107.880846][ T5692]  netlink_sendmsg+0x4ae/0x6f0
[  107.880938][ T5692]  ? __pfx_netlink_sendmsg+0x10/0x10
[  107.880977][ T5692]  ____sys_sendmsg+0x563/0x5b0
[  107.881013][ T5692]  ___sys_sendmsg+0x195/0x1e0
[  107.881058][ T5692]  __x64_sys_sendmsg+0xd4/0x160
[  107.881167][ T5692]  x64_sys_call+0x194c/0x3020
[  107.881199][ T5692]  do_syscall_64+0x12c/0x3b0
[  107.881284][ T5692]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.881315][ T5692] RIP: 0033:0x7f877023ce59
[  107.881332][ T5692] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  107.881353][ T5692] RSP: 002b:00007f876ec97028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  107.881415][ T5692] RAX: ffffffffffffffda RBX: 00007f87704b5fa0 RCX: 00007f877023ce59
[  107.881434][ T5692] RDX: 0000000000000000 RSI: 00002000000037c0 RDI: 0000000000000003
[  107.881522][ T5692] RBP: 00007f876ec97090 R08: 0000000000000000 R09: 0000000000000000
[  107.881538][ T5692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.881555][ T5692] R13: 00007f87704b6038 R14: 00007f87704b5fa0 R15: 00007ffe795e97f8
[  107.881597][ T5692]  </TASK>
[  107.897842][ T5693] netlink: 'syz.2.631': attribute type 27 has an invalid length.
[  108.081800][ T5699] netlink: 'syz.3.633': attribute type 1 has an invalid length.
[  108.191842][ T5695] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.198994][ T5695] bridge0: port 2(bridge_slave_1) entered forwarding state
[  108.206542][ T5695] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.213679][ T5695] bridge0: port 1(bridge_slave_0) entered forwarding state
[  108.225466][ T5695] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.235814][ T5695] 8021q: adding VLAN 0 to HW filter on device team0
[  108.413079][ T3412] ip6_tunnel: syztnl1 xmit: Local address not yet configured!
[  108.435165][ T3412] ip6_tunnel: syztnl1 xmit: Local address not yet configured!
[  108.442980][ T5695] veth1_vlan: entered allmulticast mode
[  108.502606][ T5695] bond3: left allmulticast mode
[  108.510268][ T5695] ip6gretap0: entered promiscuous mode
[  108.520316][ T5695] hsr1: left promiscuous mode
[  108.525203][ T5695] hsr1: left allmulticast mode
[  108.530078][ T5695] macvlan0: left allmulticast mode
[  108.535272][ T5695] veth1_vlan: left allmulticast mode
[  108.540862][ T5695] dummy0: left allmulticast mode
[  108.549769][ T5695] 8021q: adding VLAN 0 to HW filter on device bond4
[  108.560360][ T5695] 8021q: adding VLAN 0 to HW filter on device bond5
[  108.620388][ T5693] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.627696][ T5693] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.665199][ T5693] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  108.676000][ T5693] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  108.728002][ T5699] 8021q: adding VLAN 0 to HW filter on device bond9
[  108.745841][  T357] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  108.754845][  T357] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  108.763784][  T357] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  108.772985][  T357] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  108.801152][ T5718] set_capacity_and_notify: 1 callbacks suppressed
[  108.801207][ T5718] loop2: detected capacity change from 0 to 256
[  108.814965][ T5718] vfat: Deprecated parameter 'posix'
[  108.820395][ T5718] FAT-fs: "posix" option is obsolete, not supported now
[  108.837165][ T5718] FAT-fs (loop2): codepage cp775 not found
[  108.879389][ T5724] netlink: 12 bytes leftover after parsing attributes in process `syz.3.637'.
[  108.890393][ T5724] netlink: 32 bytes leftover after parsing attributes in process `syz.3.637'.
[  108.899658][ T5724] netlink: 32 bytes leftover after parsing attributes in process `syz.3.637'.
[  108.916082][ T5724] netlink: 28 bytes leftover after parsing attributes in process `syz.3.637'.
[  108.945655][   T28] kauditd_printk_skb: 21 callbacks suppressed
[  108.945673][   T28] audit: type=1400 audit(1779254466.631:1166): avc:  denied  { mount } for  pid=5727 comm="syz.0.638" name="/" dev="autofs" ino=11845 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  109.019945][ T5736] loop0: detected capacity change from 0 to 164
[  109.247254][ T5748] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  109.358644][ T5755] loop1: detected capacity change from 0 to 2048
[  109.375991][ T5755] msdos: Unknown parameter 'Â '
[  109.394596][ T5755] capability: warning: `syz.1.647' uses deprecated v2 capabilities in a way that may be insecure
[  109.498544][ T5758] netlink: 'syz.1.648': attribute type 1 has an invalid length.
[  109.534759][ T5758] 8021q: adding VLAN 0 to HW filter on device bond10
[  109.671708][ T5764] netlink: 12 bytes leftover after parsing attributes in process `syz.1.649'.
[  109.701879][ T5765] loop3: detected capacity change from 0 to 164
[  109.715486][ T5764] netlink: 28 bytes leftover after parsing attributes in process `syz.1.649'.
[  109.735913][ T5765] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  109.800666][ T5746] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  109.836694][ T5746] Symlink component flag not implemented
[  109.863774][ T5765] netlink: 'syz.3.642': attribute type 1 has an invalid length.
[  109.878186][ T5746] Symlink component flag not implemented
[  109.903246][ T5746] Symlink component flag not implemented (7)
[  109.909663][ T5746] Symlink component flag not implemented (116)
[  109.919845][ T5765] bond10: (slave geneve3): making interface the new active one
[  109.928254][ T5765] bond10: (slave geneve3): Enslaving as an active interface with an up link
[  109.928320][  T223] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  109.928356][  T223] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  109.928416][  T223] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  109.928447][  T223] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  109.930189][ T5746] netlink: 28 bytes leftover after parsing attributes in process `syz.3.642'.
[  109.931360][ T5746] 8021q: adding VLAN 0 to HW filter on device bond10
[  110.591039][ T5793] loop0: detected capacity change from 0 to 2048
[  110.690957][ T5793] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.379055][ T5803] loop3: detected capacity change from 0 to 128
[  111.410969][ T5806] netlink: 'syz.2.659': attribute type 1 has an invalid length.
[  111.418730][   T28] audit: type=1400 audit(1779254469.081:1167): avc:  denied  { create } for  pid=5802 comm="syz.3.658" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=x25_socket permissive=1
[  111.452688][    C0] ip6_tunnel: syztnl1 xmit: Local address not yet configured!
[  111.783928][ T5798] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  111.835077][ T5815] netlink: 32 bytes leftover after parsing attributes in process `syz.1.661'.
[  111.844178][ T5815] FAULT_INJECTION: forcing a failure.
[  111.844178][ T5815] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  111.857713][ T5815] CPU: 1 UID: 0 PID: 5815 Comm: syz.1.661 Not tainted syzkaller #0 PREEMPT(full) 
[  111.857740][ T5815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  111.857753][ T5815] Call Trace:
[  111.857760][ T5815]  <TASK>
[  111.857770][ T5815]  __dump_stack+0x1d/0x30
[  111.857801][ T5815]  dump_stack_lvl+0x95/0xd0
[  111.857880][ T5815]  dump_stack+0x15/0x1b
[  111.857910][ T5815]  should_fail_ex+0x263/0x280
[  111.857948][ T5815]  should_fail+0xb/0x20
[  111.857977][ T5815]  should_fail_usercopy+0x1a/0x20
[  111.858008][ T5815]  _copy_to_user+0x20/0xa0
[  111.858083][ T5815]  simple_read_from_buffer+0xb5/0x130
[  111.858252][ T5815]  proc_fail_nth_read+0x10e/0x150
[  111.858330][ T5815]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  111.858364][ T5815]  vfs_read+0x1ab/0x7f0
[  111.858393][ T5815]  ? __rcu_read_unlock+0x4e/0x70
[  111.858414][ T5815]  ? __fget_files+0x184/0x1c0
[  111.858442][ T5815]  ? mutex_lock+0x57/0x90
[  111.858523][ T5815]  ksys_read+0xdc/0x1a0
[  111.858591][ T5815]  __x64_sys_read+0x40/0x50
[  111.858620][ T5815]  x64_sys_call+0x2886/0x3020
[  111.858688][ T5815]  do_syscall_64+0x12c/0x3b0
[  111.858728][ T5815]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.858754][ T5815] RIP: 0033:0x7f3f3be3d68e
[  111.858775][ T5815] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  111.858799][ T5815] RSP: 002b:00007f3f3a8cefe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  111.858849][ T5815] RAX: ffffffffffffffda RBX: 00007f3f3a8cf6c0 RCX: 00007f3f3be3d68e
[  111.858863][ T5815] RDX: 000000000000000f RSI: 00007f3f3a8cf0a0 RDI: 0000000000000004
[  111.858877][ T5815] RBP: 00007f3f3a8cf090 R08: 0000000000000000 R09: 0000000000000000
[  111.858894][ T5815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.858911][ T5815] R13: 00007f3f3c0f6038 R14: 00007f3f3c0f5fa0 R15: 00007fff8fc1d398
[  111.858932][ T5815]  </TASK>
[  112.077760][   T28] audit: type=1400 audit(1779254469.761:1168): avc:  denied  { nlmsg_write } for  pid=5816 comm="syz.1.662" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  112.151299][ T5806] 8021q: adding VLAN 0 to HW filter on device bond7
[  112.210308][ T5825] loop4: detected capacity change from 0 to 512
[  112.245850][ T5825] EXT4-fs (loop4): failed to initialize system zone (-117)
[  112.265974][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.298392][ T5825] EXT4-fs (loop4): mount failed
[  112.383141][   T28] audit: type=1400 audit(1779254470.061:1169): avc:  denied  { listen } for  pid=5836 comm="syz.2.668" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  112.427390][   T28] audit: type=1400 audit(1779254470.061:1170): avc:  denied  { accept } for  pid=5836 comm="syz.2.668" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  112.455075][   T28] audit: type=1400 audit(1779254470.141:1171): avc:  denied  { write } for  pid=5824 comm="syz.4.664" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  112.505090][ T5837] loop2: detected capacity change from 0 to 1024
[  112.516869][ T5840] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  112.533866][ T5837] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (38034!=20869)
[  112.544997][ T5837] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040e11d, mo2=0002]
[  112.553191][ T5837] System zones: 0-1, 2-3, 5-36, 22-22, 98-101, 102-102
[  112.560728][ T5837] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  112.574671][ T5837] tipc: Started in network mode
[  112.579598][ T5837] tipc: Node identity e6ce09d4cc44, cluster identity 4711
[  112.586781][ T5837] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  112.604608][ T5837] syzkaller0: entered promiscuous mode
[  112.610141][ T5837] syzkaller0: entered allmulticast mode
[  112.617199][ T5837] tipc: Resetting bearer <eth:syzkaller0>
[  112.643885][ T5836] tipc: Resetting bearer <eth:syzkaller0>
[  112.665672][ T5836] tipc: Disabling bearer <eth:syzkaller0>
[  112.744331][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.011971][ T5858] loop2: detected capacity change from 0 to 8192
[  113.190005][ T5858]  loop2: p2 p3
[  113.206113][ T5858] loop2: p3 start 117440512 is beyond EOD, truncated
[  113.258744][   T28] audit: type=1400 audit(1779254470.941:1172): avc:  denied  { getopt } for  pid=5865 comm="syz.2.678" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  113.302858][ T5395] udevd[5395]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  113.312925][ T5864] netlink: 'syz.1.677': attribute type 1 has an invalid length.
[  113.353779][ T5876] netlink: 56 bytes leftover after parsing attributes in process `syz.2.680'.
[  113.362736][ T5864] 8021q: adding VLAN 0 to HW filter on device bond11
[  113.371567][ T5876] netlink: 8 bytes leftover after parsing attributes in process `syz.2.680'.
[  113.441318][ T5884] FAULT_INJECTION: forcing a failure.
[  113.441318][ T5884] name failslab, interval 1, probability 0, space 0, times 0
[  113.478083][ T5884] CPU: 1 UID: 0 PID: 5884 Comm: syz.0.683 Not tainted syzkaller #0 PREEMPT(full) 
[  113.478147][ T5884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  113.478160][ T5884] Call Trace:
[  113.478168][ T5884]  <TASK>
[  113.478176][ T5884]  __dump_stack+0x1d/0x30
[  113.478245][ T5884]  dump_stack_lvl+0x95/0xd0
[  113.478266][ T5884]  dump_stack+0x15/0x1b
[  113.478291][ T5884]  should_fail_ex+0x263/0x280
[  113.478329][ T5884]  should_failslab+0x8c/0xb0
[  113.478380][ T5884]  kmem_cache_alloc_noprof+0x66/0x3f0
[  113.478424][ T5884]  ? skb_clone+0x151/0x1f0
[  113.478458][ T5884]  skb_clone+0x151/0x1f0
[  113.478529][ T5884]  pfkey_sendmsg+0x2cc/0x9b0
[  113.478579][ T5884]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  113.478617][ T5884]  ____sys_sendmsg+0x563/0x5b0
[  113.478654][ T5884]  ___sys_sendmsg+0x195/0x1e0
[  113.478771][ T5884]  __x64_sys_sendmsg+0xd4/0x160
[  113.478809][ T5884]  x64_sys_call+0x194c/0x3020
[  113.478876][ T5884]  do_syscall_64+0x12c/0x3b0
[  113.478915][ T5884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.478998][ T5884] RIP: 0033:0x7f40a66ece59
[  113.479099][ T5884] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  113.479200][ T5884] RSP: 002b:00007f40a513f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  113.479226][ T5884] RAX: ffffffffffffffda RBX: 00007f40a6965fa0 RCX: 00007f40a66ece59
[  113.479244][ T5884] RDX: 0000000020008000 RSI: 0000200000000040 RDI: 0000000000000003
[  113.479259][ T5884] RBP: 00007f40a513f090 R08: 0000000000000000 R09: 0000000000000000
[  113.479319][ T5884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.479336][ T5884] R13: 00007f40a6966038 R14: 00007f40a6965fa0 R15: 00007ffe1fffa908
[  113.479361][ T5884]  </TASK>
[  113.660685][   T28] audit: type=1400 audit(1779254471.342:1173): avc:  denied  { accept } for  pid=5887 comm="syz.3.684" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  113.727371][ T5897] nfs: Unknown parameter '€'
[  113.732103][   T28] audit: type=1400 audit(1779254471.412:1174): avc:  denied  { mounton } for  pid=5896 comm="syz.3.688" path="/syzcgroup/net/syz3/cgroup.procs" dev="cgroup" ino=61 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[  113.806635][ T5902] sg_write: data in/out 28672/136 bytes for SCSI command 0x0-- guessing data in;
[  113.806635][ T5902]    program syz.4.689 not setting count and/or reply_len properly
[  113.808307][   T28] audit: type=1400 audit(1779254471.492:1175): avc:  denied  { append } for  pid=5901 comm="syz.4.689" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  113.850475][ T5903] loop0: detected capacity change from 0 to 136
[  113.861689][ T5902] loop4: detected capacity change from 0 to 512
[  113.872095][ T5902] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  113.890149][ T5903] Attempt to read inode for relocated directory
[  113.910834][ T5902] EXT4-fs error (device loop4): ext4_acquire_dquot:7034: comm syz.4.689: Failed to acquire dquot type 1
[  113.925096][ T5895] syz.0.686: attempt to access beyond end of device
[  113.925096][ T5895] loop0: rw=524288, sector=335544428, nr_sectors = 4 limit=136
[  113.975851][ T5902] loop4: lost filesystem error report for type 5 error -117
[  113.976755][ T5895] syz.0.686: attempt to access beyond end of device
[  113.976755][ T5895] loop0: rw=0, sector=335544428, nr_sectors = 4 limit=136
[  113.981568][ T5902] EXT4-fs (loop4): 1 truncate cleaned up
[  113.997837][ T5903] syz.0.686: attempt to access beyond end of device
[  113.997837][ T5903] loop0: rw=0, sector=335544428, nr_sectors = 4 limit=136
[  114.005764][ T5902] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  114.029392][ T5895] syz.0.686: attempt to access beyond end of device
[  114.029392][ T5895] loop0: rw=0, sector=335544428, nr_sectors = 4 limit=136
[  114.043358][ T5903] syz.0.686: attempt to access beyond end of device
[  114.043358][ T5903] loop0: rw=0, sector=335544428, nr_sectors = 4 limit=136
[  114.057006][ T5903] syz.0.686: attempt to access beyond end of device
[  114.057006][ T5903] loop0: rw=0, sector=335544428, nr_sectors = 4 limit=136
[  114.070635][ T5903] syz.0.686: attempt to access beyond end of device
[  114.070635][ T5903] loop0: rw=0, sector=335544428, nr_sectors = 4 limit=136
[  114.102656][ T5917] syz.0.686: attempt to access beyond end of device
[  114.102656][ T5917] loop0: rw=0, sector=335544428, nr_sectors = 4 limit=136
[  114.120987][ T5917] syz.0.686: attempt to access beyond end of device
[  114.120987][ T5917] loop0: rw=0, sector=335544428, nr_sectors = 4 limit=136
[  114.135114][ T5917] syz.0.686: attempt to access beyond end of device
[  114.135114][ T5917] loop0: rw=0, sector=335544428, nr_sectors = 4 limit=136
[  114.162692][   T28] kauditd_printk_skb: 2 callbacks suppressed
[  114.162709][   T28] audit: type=1400 audit(1779254471.852:1176): avc:  denied  { listen } for  pid=5901 comm="syz.4.689" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  114.197868][   T28] audit: type=1400 audit(1779254471.852:1177): avc:  denied  { bind } for  pid=5901 comm="syz.4.689" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  114.336915][   T28] audit: type=1400 audit(1779254472.012:1178): avc:  denied  { read } for  pid=5915 comm="syz.3.692" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  114.454745][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  114.514068][ T5933] netlink: 'syz.0.693': attribute type 4 has an invalid length.
[  114.530930][ T5932] loop4: detected capacity change from 0 to 512
[  114.560883][ T5932] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  114.574435][   T28] audit: type=1326 audit(1779254472.252:1179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5930 comm="syz.1.696" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f3be7ce59 code=0x7ffc0000
[  114.614192][ T5932] EXT4-fs (loop4): orphan cleanup on readonly fs
[  114.625696][ T5932] EXT4-fs (loop4): 1 truncate cleaned up
[  114.631598][ T5929] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  114.647995][ T5932] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  114.652588][   T28] audit: type=1326 audit(1779254472.252:1180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5930 comm="syz.1.696" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f3be7ce59 code=0x7ffc0000
[  114.689878][   T28] audit: type=1326 audit(1779254472.252:1181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5930 comm="syz.1.696" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f3be7ce59 code=0x7ffc0000
[  114.716096][   T28] audit: type=1326 audit(1779254472.252:1182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5930 comm="syz.1.696" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3f3be7ce59 code=0x7ffc0000
[  114.746289][   T28] audit: type=1326 audit(1779254472.252:1183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5930 comm="syz.1.696" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f3be7ce59 code=0x7ffc0000
[  114.771771][   T28] audit: type=1326 audit(1779254472.252:1184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5930 comm="syz.1.696" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f3be7ce59 code=0x7ffc0000
[  114.797250][   T28] audit: type=1326 audit(1779254472.252:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5930 comm="syz.1.696" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f3be7ce59 code=0x7ffc0000
[  114.808634][ T5941] syzkaller0: entered promiscuous mode
[  114.856751][ T5941] syzkaller0: entered allmulticast mode
[  114.924116][ T5944] netlink: 'syz.1.697': attribute type 1 has an invalid length.
[  114.969527][ T5944] 8021q: adding VLAN 0 to HW filter on device bond12
[  115.148023][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.369955][ T5921] syz.0.693 (5921) used greatest stack depth: 9272 bytes left
[  115.422543][ T5961] loop0: detected capacity change from 0 to 512
[  115.444151][ T5961] EXT4-fs error (device loop0): mb_free_blocks:2049: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  115.462138][    C0] EXT4-fs (loop0): error count since last fsck: 1
[  115.468619][    C0] EXT4-fs (loop0): initial error at time 1779254473: mb_free_blocks:2049: inode 11: block 64
[  115.478881][    C0] EXT4-fs (loop0): last error at time 1779254473: mb_free_blocks:2049: inode 11: block 64
[  115.483337][ T5961] EXT4-fs error (device loop0): ext4_do_update_inode:5690: inode #11: comm syz.0.702: corrupted inode contents
[  115.605371][ T5961] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  115.606674][ T5961] EXT4-fs error (device loop0): ext4_dirty_inode:6587: inode #11: comm syz.0.702: mark_inode_dirty error
[  115.661749][ T5961] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  115.661977][ T5961] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.702: invalid indirect mapped block 1 (level 1)
[  115.693739][ T5961] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  115.694265][ T5961] EXT4-fs error (device loop0): ext4_do_update_inode:5690: inode #11: comm syz.0.702: corrupted inode contents
[  115.743649][ T5966] loop2: detected capacity change from 0 to 512
[  115.839629][ T5966] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.852439][ T5966] ext4 filesystem being mounted at /146/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.975522][ T5961] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  115.976669][ T5961] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem
[  116.015680][ T5961] loop0: lost filesystem error report for type 5 error -117
[  116.016067][ T5961] EXT4-fs error (device loop0): ext4_do_update_inode:5690: inode #11: comm syz.0.702: corrupted inode contents
[  116.339850][ T5961] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  116.383028][ T5974] loop1: detected capacity change from 0 to 164
[  116.522303][   T23] ip6_tunnel: syztnl1 xmit: Local address not yet configured!
[  116.562059][   T23] ip6_tunnel: syztnl1 xmit: Local address not yet configured!
[  116.657722][ T5961] EXT4-fs error (device loop0): ext4_truncate:4690: inode #11: comm syz.0.702: mark_inode_dirty error
[  116.684911][ T5961] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  116.685069][ T5961] EXT4-fs error (device loop0) in ext4_process_orphan:345: Corrupt filesystem
[  116.715366][ T5961] loop0: lost filesystem error report for type 5 error -117
[  116.718302][ T5961] EXT4-fs (loop0): 1 truncate cleaned up
[  116.737177][ T5961] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.813651][ T5961] __nla_validate_parse: 1 callbacks suppressed
[  116.813682][ T5961] netlink: 20 bytes leftover after parsing attributes in process `syz.0.702'.
[  116.943963][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.984916][ T5986] loop1: detected capacity change from 0 to 512
[  117.044138][ T5986] EXT4-fs error (device loop1): mb_free_blocks:2049: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  117.069222][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.086105][ T5986] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #11: comm syz.1.708: corrupted inode contents
[  117.097948][    C1] EXT4-fs (loop1): error count since last fsck: 1
[  117.097977][    C1] EXT4-fs (loop1): initial error at time 1779254474: mb_free_blocks:2049: inode 11: block 64
[  117.098024][    C1] EXT4-fs (loop1): last error at time 1779254474: mb_free_blocks:2049: inode 11: block 64
[  117.144200][ T5988] loop4: detected capacity change from 0 to 512
[  117.412448][ T5986] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  117.413554][ T5986] EXT4-fs error (device loop1): ext4_dirty_inode:6587: inode #11: comm syz.1.708: mark_inode_dirty error
[  117.532697][ T5993] netlink: 71 bytes leftover after parsing attributes in process `syz.2.710'.
[  117.551871][ T5986] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  117.552248][ T5986] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.708: invalid indirect mapped block 1 (level 1)
[  117.601333][ T5986] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  117.632300][ T5988] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.654084][ T5988] ext4 filesystem being mounted at /125/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.739535][ T5999] netlink: 'syz.0.709': attribute type 1 has an invalid length.
[  117.772317][ T5986] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #11: comm syz.1.708: corrupted inode contents
[  117.813295][ T5986] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  117.813480][ T5986] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[  117.834350][ T5999] 8021q: adding VLAN 0 to HW filter on device bond10
[  117.852159][ T5986] loop1: lost filesystem error report for type 5 error -117
[  117.852359][ T5986] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #11: comm syz.1.708: corrupted inode contents
[  117.898185][ T5986] EXT4-fs error (device loop1): ext4_truncate:4690: inode #11: comm syz.1.708: mark_inode_dirty error
[  117.932267][ T5986] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem
[  117.941257][ T5986] loop1: lost filesystem error report for type 5 error -117
[  117.942818][ T5986] EXT4-fs (loop1): 1 truncate cleaned up
[  117.956912][ T5986] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.976328][ T5986] netlink: 20 bytes leftover after parsing attributes in process `syz.1.708'.
[  118.066981][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.120315][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.143949][ T6018] netlink: 12 bytes leftover after parsing attributes in process `syz.2.714'.
[  118.410324][ T6035] loop3: detected capacity change from 0 to 164
[  118.521141][ T6025] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  118.538303][ T6018] syzkaller0: entered promiscuous mode
[  118.543860][ T6018] syzkaller0: entered allmulticast mode
[  118.607761][ T6037] loop0: detected capacity change from 0 to 512
[  118.655183][ T6037] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.667903][ T6037] ext4 filesystem being mounted at /141/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.155396][ T6041] netlink: 20 bytes leftover after parsing attributes in process `syz.3.719'.
[  119.182905][ T6043] loop1: detected capacity change from 0 to 128
[  119.325287][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.379739][   T28] kauditd_printk_skb: 5341 callbacks suppressed
[  119.379820][   T28] audit: type=1326 audit(1779254477.062:6527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6042 comm="syz.1.720" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f3be7ce59 code=0x7ffc0000
[  119.426065][ T6061] loop0: detected capacity change from 0 to 128
[  119.427157][   T28] audit: type=1326 audit(1779254477.102:6529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6042 comm="syz.1.720" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f3be7ce59 code=0x7ffc0000
[  119.468631][ T6062] loop2: detected capacity change from 0 to 2048
[  119.484839][   T28] audit: type=1326 audit(1779254477.102:6530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6042 comm="syz.1.720" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f3be7ce59 code=0x7ffc0000
[  119.532043][   T28] audit: type=1326 audit(1779254477.102:6528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6042 comm="syz.1.720" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f3be7ce59 code=0x7ffc0000
[  119.603089][   T28] audit: type=1326 audit(1779254477.102:6531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6042 comm="syz.1.720" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f3f3be7bcc7 code=0x7ffc0000
[  119.657441][ T6072] netlink: 'syz.1.727': attribute type 1 has an invalid length.
[  119.698653][ T6072] 8021q: adding VLAN 0 to HW filter on device bond13
[  119.776255][ T6080] loop3: detected capacity change from 0 to 164
[  119.781449][   T28] audit: type=1326 audit(1779254477.112:6532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6042 comm="syz.1.720" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f3be7ce59 code=0x7ffc0000
[  119.837575][   T28] audit: type=1326 audit(1779254477.112:6534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6042 comm="syz.1.720" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f3be7ce59 code=0x7ffc0000
[  119.920375][   T28] audit: type=1326 audit(1779254477.112:6535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6042 comm="syz.1.720" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f3be7ce59 code=0x7ffc0000
[  119.994240][   T28] audit: type=1326 audit(1779254477.112:6533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6042 comm="syz.1.720" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f3be7ce59 code=0x7ffc0000
[  120.028843][ T6101] FAULT_INJECTION: forcing a failure.
[  120.028843][ T6101] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  120.062812][ T6101] CPU: 1 UID: 0 PID: 6101 Comm: syz.3.732 Not tainted syzkaller #0 PREEMPT(full) 
[  120.062844][ T6101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  120.062931][ T6101] Call Trace:
[  120.062943][ T6101]  <TASK>
[  120.062953][ T6101]  __dump_stack+0x1d/0x30
[  120.062984][ T6101]  dump_stack_lvl+0x95/0xd0
[  120.063012][ T6101]  dump_stack+0x15/0x1b
[  120.063094][ T6101]  should_fail_ex+0x263/0x280
[  120.063132][ T6101]  should_fail_alloc_page+0xf2/0x100
[  120.063169][ T6101]  __alloc_frozen_pages_noprof+0x108/0x350
[  120.063241][ T6101]  alloc_pages_mpol+0xb3/0x260
[  120.063267][ T6101]  ? __pfx_anon_pipe_write+0x1/0x10
[  120.063353][ T6101]  alloc_pages_noprof+0x8f/0x140
[  120.063379][ T6101]  anon_pipe_write+0x69c/0xb20
[  120.063438][ T6101]  ? __pfx_anon_pipe_write+0x1/0x10
[  120.063480][ T6101]  ? __pfx_anon_pipe_write+0x10/0x10
[  120.063515][ T6101]  vfs_write+0x5a6/0x9f0
[  120.063596][ T6101]  ksys_write+0xdc/0x1a0
[  120.063628][ T6101]  __x64_sys_write+0x40/0x50
[  120.063659][ T6101]  x64_sys_call+0x27e1/0x3020
[  120.063753][ T6101]  do_syscall_64+0x12c/0x3b0
[  120.063787][ T6101]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.063835][ T6101] RIP: 0033:0x7f877023ce59
[  120.063853][ T6101] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  120.063885][ T6101] RSP: 002b:00007f876ec97028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  120.063939][ T6101] RAX: ffffffffffffffda RBX: 00007f87704b5fa0 RCX: 00007f877023ce59
[  120.063953][ T6101] RDX: 0000000000011000 RSI: 0000200000000340 RDI: 0000000000000005
[  120.063967][ T6101] RBP: 00007f876ec97090 R08: 0000000000000000 R09: 0000000000000000
[  120.063980][ T6101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.064030][ T6101] R13: 00007f87704b6038 R14: 00007f87704b5fa0 R15: 00007ffe795e97f8
[  120.064078][ T6101]  </TASK>
[  120.070381][   T28] audit: type=1326 audit(1779254477.112:6536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6042 comm="syz.1.720" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7f3f3be7ce59 code=0x7ffc0000
[  120.093431][    C0] ip6_tunnel: syztnl1 xmit: Local address not yet configured!
[  120.304097][ T6103] netlink: 20 bytes leftover after parsing attributes in process `syz.1.733'.
[  120.408439][ T6113] loop4: detected capacity change from 0 to 512
[  120.489067][ T6113] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.501880][ T6113] ext4 filesystem being mounted at /130/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  120.865122][ T6121] loop2: detected capacity change from 0 to 512
[  120.893769][ T6121] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.974716][ T6121] ext4 filesystem being mounted at /153/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.073736][ T6126] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  121.124048][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.254773][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.272459][ T6145] netlink: 4 bytes leftover after parsing attributes in process `syz.4.741'.
[  121.434469][ T6145] loop4: detected capacity change from 0 to 256
[  121.454281][ T6148] loop2: detected capacity change from 0 to 164
[  121.524867][ T6145] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  121.556016][ T6145] FAT-fs (loop4): Filesystem has been set read-only
[  121.626142][ T6151] netlink: 'syz.1.743': attribute type 1 has an invalid length.
[  121.716097][ T6157] loop2: detected capacity change from 0 to 1764
[  121.722633][ T6151] 8021q: adding VLAN 0 to HW filter on device bond14
[  121.921554][ T6169] netlink: 20 bytes leftover after parsing attributes in process `syz.1.748'.
[  122.381902][ T6185] loop1: detected capacity change from 0 to 512
[  122.417809][ T6185] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.430550][ T6185] ext4 filesystem being mounted at /133/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.669637][ T6190] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  122.876205][ T6194] netlink: 16 bytes leftover after parsing attributes in process `syz.0.752'.
[  122.960179][ T6194] bond12: up delay (10) is not a multiple of miimon (7), value rounded to 7 ms
[  122.977528][ T6194] bond12 (unregistering): Released all slaves
[  123.002677][ T6199] netlink: 4 bytes leftover after parsing attributes in process `syz.2.754'.
[  123.112313][ T6203] EXT4-fs: inline encryption not supported
[  123.121892][ T6203] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  123.166760][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.185769][ T6199] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  123.197153][ T6199] FAT-fs (loop2): Filesystem has been set read-only
[  123.271214][ T6207] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  123.288089][ T6212] EXT4-fs error (device loop2): mb_free_blocks:2049: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  123.318750][ T6212] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #11: comm syz.2.759: corrupted inode contents
[  123.330624][    C1] EXT4-fs (loop2): error count since last fsck: 1
[  123.330648][    C1] EXT4-fs (loop2): initial error at time 1779254480: mb_free_blocks:2049: inode 11: block 64
[  123.330683][    C1] EXT4-fs (loop2): last error at time 1779254480: mb_free_blocks:2049: inode 11: block 64
[  123.391259][ T6212] fserror_report: 2 callbacks suppressed
[  123.391277][ T6212] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  123.397232][ T6212] EXT4-fs error (device loop2): ext4_dirty_inode:6587: inode #11: comm syz.2.759: mark_inode_dirty error
[  123.431214][ T6212] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  123.431546][ T6212] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.759: invalid indirect mapped block 1 (level 1)
[  123.471181][ T6212] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  123.471422][ T6212] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #11: comm syz.2.759: corrupted inode contents
[  123.521221][ T6212] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  123.595987][ T6212] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem
[  123.637654][ T6212] loop2: lost filesystem error report for type 5 error -117
[  123.638033][ T6212] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #11: comm syz.2.759: corrupted inode contents
[  123.657779][ T6212] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  123.658217][ T6212] EXT4-fs error (device loop2): ext4_truncate:4690: inode #11: comm syz.2.759: mark_inode_dirty error
[  123.679617][ T6212] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  123.680434][ T6212] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem
[  123.699403][ T6212] loop2: lost filesystem error report for type 5 error -117
[  123.699629][ T6212] EXT4-fs (loop2): 1 truncate cleaned up
[  123.715172][ T6212] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.739270][ T6212] netlink: 20 bytes leftover after parsing attributes in process `syz.2.759'.
[  123.788289][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.870243][ T6228] netlink: 16 bytes leftover after parsing attributes in process `syz.2.764'.
[  123.900302][ T6228] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=5123 sclass=netlink_audit_socket pid=6228 comm=syz.2.764
[  124.196951][ T6234] set_capacity_and_notify: 6 callbacks suppressed
[  124.196993][ T6234] loop1: detected capacity change from 0 to 512
[  124.201000][ T6231] FAULT_INJECTION: forcing a failure.
[  124.201000][ T6231] name failslab, interval 1, probability 0, space 0, times 0
[  124.241122][ T6231] CPU: 0 UID: 0 PID: 6231 Comm: syz.2.765 Not tainted syzkaller #0 PREEMPT(full) 
[  124.241150][ T6231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  124.241163][ T6231] Call Trace:
[  124.241171][ T6231]  <TASK>
[  124.241181][ T6231]  __dump_stack+0x1d/0x30
[  124.241291][ T6231]  dump_stack_lvl+0x95/0xd0
[  124.241318][ T6231]  dump_stack+0x15/0x1b
[  124.241344][ T6231]  should_fail_ex+0x263/0x280
[  124.241381][ T6231]  should_failslab+0x8c/0xb0
[  124.241452][ T6231]  kmem_cache_alloc_noprof+0x66/0x3f0
[  124.241498][ T6231]  ? security_inode_alloc+0x37/0x100
[  124.241608][ T6231]  security_inode_alloc+0x37/0x100
[  124.241642][ T6231]  inode_init_always_gfp+0x4a0/0x4e0
[  124.241681][ T6231]  ? __pfx_hugetlbfs_alloc_inode+0x10/0x10
[  124.241762][ T6231]  alloc_inode+0x58/0x170
[  124.241822][ T6231]  new_inode+0x1d/0xe0
[  124.241848][ T6231]  hugetlbfs_get_inode+0x7b/0x330
[  124.241921][ T6231]  hugetlb_file_setup+0x192/0x3d0
[  124.241950][ T6231]  memfd_alloc_file+0x70/0x300
[  124.241979][ T6231]  __se_sys_memfd_create+0x2e1/0x3b0
[  124.242068][ T6231]  __x64_sys_memfd_create+0x31/0x40
[  124.242115][ T6231]  x64_sys_call+0x1f22/0x3020
[  124.242143][ T6231]  do_syscall_64+0x12c/0x3b0
[  124.242327][ T6231]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.242350][ T6231] RIP: 0033:0x7f9f1d5cce59
[  124.242367][ T6231] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  124.242437][ T6231] RSP: 002b:00007f9f1c01f028 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  124.242511][ T6231] RAX: ffffffffffffffda RBX: 00007f9f1d845fa0 RCX: 00007f9f1d5cce59
[  124.242527][ T6231] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000200000000840
[  124.242540][ T6231] RBP: 00007f9f1c01f090 R08: 0000000000000000 R09: 0000000000000000
[  124.242555][ T6231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  124.242613][ T6231] R13: 00007f9f1d846038 R14: 00007f9f1d845fa0 R15: 00007ffe283700f8
[  124.242690][ T6231]  </TASK>
[  124.247959][ T6234] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  124.498321][ T6234] EXT4-fs (loop1): ea_inode feature is not supported for Hurd
[  124.663362][ T6241] loop2: detected capacity change from 0 to 512
[  124.735902][ T6241] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  124.748734][ T6241] ext4 filesystem being mounted at /161/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.015474][ T6245] loop4: detected capacity change from 0 to 1024
[  125.256461][   T28] kauditd_printk_skb: 44 callbacks suppressed
[  125.256479][   T28] audit: type=1400 audit(1779254482.893:6581): avc:  denied  { setattr } for  pid=6247 comm="syz.1.769" name="PACKET" dev="sockfs" ino=13711 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  125.364794][ T6253] netlink: 4 bytes leftover after parsing attributes in process `syz.4.770'.
[  125.381117][ T6253] loop4: detected capacity change from 0 to 256
[  125.422889][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.432973][ T6253] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  125.455785][ T6253] FAT-fs (loop4): Filesystem has been set read-only
[  125.465736][ T6255] loop0: detected capacity change from 0 to 164
[  125.521165][ T6259] loop1: detected capacity change from 0 to 512
[  125.537134][ T6259] EXT4-fs error (device loop1): mb_free_blocks:2049: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  125.554296][ T6261] loop2: detected capacity change from 0 to 512
[  125.570891][    C1] EXT4-fs (loop1): error count since last fsck: 1
[  125.577375][    C1] EXT4-fs (loop1): initial error at time 1779254483: mb_free_blocks:2049: inode 11: block 64
[  125.587607][    C1] EXT4-fs (loop1): last error at time 1779254483: mb_free_blocks:2049: inode 11: block 64
[  125.601597][ T6259] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #11: comm syz.1.773: corrupted inode contents
[  125.613428][ T6261] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  125.624044][ T6259] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  125.626651][ T6259] EXT4-fs error (device loop1): ext4_dirty_inode:6587: inode #11: comm syz.1.773: mark_inode_dirty error
[  125.655872][ T6261] EXT4-fs error (device loop2): ext4_iget_extra_inode:5128: inode #15: comm syz.2.774: corrupted in-inode xattr: e_value out of bounds
[  125.670938][ T6261] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  125.671173][ T6261] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.774: couldn't read orphan inode 15 (err -117)
[  125.692146][    C0] EXT4-fs (loop2): error count since last fsck: 1
[  125.692173][    C0] EXT4-fs (loop2): initial error at time 1779254483: ext4_iget_extra_inode:5128: inode 15
[  125.692204][    C0] EXT4-fs (loop2): last error at time 1779254483: ext4_iget_extra_inode:5128: inode 15
[  125.761081][ T6259] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  125.761548][ T6261] loop2: lost filesystem error report for type 5 error -117
[  125.771062][ T6259] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.773: invalid indirect mapped block 1 (level 1)
[  125.795431][ T6261] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  125.821627][ T6259] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  125.821868][ T6259] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #11: comm syz.1.773: corrupted inode contents
[  125.852982][ T6269] PF_CAN: dropped non conform CAN skbuff: dev type 65534, len 40
[  125.853729][ T6261] netlink: 'syz.2.774': attribute type 1 has an invalid length.
[  125.869738][ T6264] loop4: detected capacity change from 0 to 8192
[  125.876624][ T6259] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[  125.887187][   T28] audit: type=1400 audit(1779254483.573:6582): avc:  denied  { mounton } for  pid=6268 comm="syz.3.777" path="/file0" dev="hugetlbfs" ino=13040 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=dir permissive=1
[  125.904084][ T6261] 8021q: adding VLAN 0 to HW filter on device bond9
[  125.911736][ T6259] loop1: lost filesystem error report for type 5 error -117
[  125.920817][ T6259] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #11: comm syz.1.773: corrupted inode contents
[  125.944266][ T6271] netlink: 'syz.0.778': attribute type 49 has an invalid length.
[  125.959230][ T6261] EXT4-fs error (device loop2): ext4_iget_extra_inode:5128: inode #15: comm syz.2.774: corrupted in-inode xattr: e_value out of bounds
[  125.961947][ T6259] EXT4-fs error (device loop1): ext4_truncate:4690: inode #11: comm syz.1.773: mark_inode_dirty error
[  125.984612][   T28] audit: type=1400 audit(1779254483.603:6583): avc:  denied  { mount } for  pid=6268 comm="syz.3.777" name="/" dev="rpc_pipefs" ino=13041 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  126.008711][ T6264]  loop4: p1 < > p2 p4 < p5 >
[  126.013797][ T6259] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem
[  126.029068][ T6261] EXT4-fs error (device loop2): ext4_iget_extra_inode:5128: inode #15: comm syz.2.774: corrupted in-inode xattr: e_value out of bounds
[  126.045291][ T6264] loop4: partition table partially beyond EOD, truncated
[  126.054686][ T6259] loop1: lost filesystem error report for type 5 error -117
[  126.055350][ T6259] EXT4-fs (loop1): 1 truncate cleaned up
[  126.072705][   T28] audit: type=1400 audit(1779254483.633:6584): avc:  denied  { setopt } for  pid=6263 comm="syz.4.775" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  126.092675][   T28] audit: type=1400 audit(1779254483.643:6585): avc:  denied  { open } for  pid=6270 comm="syz.0.778" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  126.093565][ T6259] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.112143][   T28] audit: type=1400 audit(1779254483.643:6586): avc:  denied  { kernel } for  pid=6270 comm="syz.0.778" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  126.133399][ T6264] loop4: p1 start 134217728 is beyond EOD, truncated
[  126.159051][   T28] audit: type=1400 audit(1779254483.643:6587): avc:  denied  { write } for  pid=6260 comm="syz.2.774" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  126.171066][ T6264] loop4: p2 size 591360 extends beyond EOD, 
[  126.186471][ T6271] ip6gretap0: entered promiscuous mode
[  126.204251][ T6264] truncated
[  126.205172][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.216832][   T28] audit: type=1400 audit(1779254483.713:6588): avc:  denied  { write } for  pid=6270 comm="syz.0.778" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  126.240927][ T6271] ip6gretap0: entered allmulticast mode
[  126.246965][ T6264] loop4: p5 size 591360 extends beyond EOD, truncated
[  126.268135][   T28] audit: type=1400 audit(1779254483.713:6589): avc:  denied  { write } for  pid=6260 comm="syz.2.774" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  126.288807][ T6259] netlink: 20 bytes leftover after parsing attributes in process `syz.1.773'.
[  126.301878][   T28] audit: type=1400 audit(1779254483.903:6590): avc:  denied  { create } for  pid=6258 comm="syz.1.773" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  126.343512][ T6280] netlink: 'syz.2.779': attribute type 25 has an invalid length.
[  126.351318][ T6280] netlink: 4 bytes leftover after parsing attributes in process `syz.2.779'.
[  126.391321][ T6280] netlink: 'syz.2.779': attribute type 25 has an invalid length.
[  126.399472][ T6280] netlink: 4 bytes leftover after parsing attributes in process `syz.2.779'.
[  126.409726][   T36] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  126.419989][   T36] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  126.429111][   T36] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  126.442487][   T36] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  126.470909][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.507634][ T6288] netlink: 'syz.3.780': attribute type 1 has an invalid length.
[  126.567247][ T6288] 8021q: adding VLAN 0 to HW filter on device bond11
[  126.786698][ T6303] loop2: detected capacity change from 0 to 512
[  126.894392][ T6303] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.907082][ T6303] ext4 filesystem being mounted at /165/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.347651][ T6324] netlink: 80 bytes leftover after parsing attributes in process `syz.3.783'.
[  127.365960][ T6324] netlink: 8 bytes leftover after parsing attributes in process `syz.3.783'.
[  127.421725][ T6330] netlink: 4 bytes leftover after parsing attributes in process `syz.3.785'.
[  127.454526][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.495888][ T6336] loop2: detected capacity change from 0 to 164
[  127.533554][ T6330] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  127.543701][ T6330] FAT-fs (loop3): Filesystem has been set read-only
[  127.915436][ T6346] FAULT_INJECTION: forcing a failure.
[  127.915436][ T6346] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  127.936893][ T6346] CPU: 1 UID: 0 PID: 6346 Comm: syz.1.790 Not tainted syzkaller #0 PREEMPT(full) 
[  127.936922][ T6346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  127.936935][ T6346] Call Trace:
[  127.936942][ T6346]  <TASK>
[  127.937027][ T6346]  __dump_stack+0x1d/0x30
[  127.937058][ T6346]  dump_stack_lvl+0x95/0xd0
[  127.937098][ T6346]  dump_stack+0x15/0x1b
[  127.937171][ T6346]  should_fail_ex+0x263/0x280
[  127.937201][ T6346]  should_fail+0xb/0x20
[  127.937227][ T6346]  should_fail_usercopy+0x1a/0x20
[  127.937262][ T6346]  _copy_to_user+0x20/0xa0
[  127.937359][ T6346]  simple_read_from_buffer+0xb5/0x130
[  127.937420][ T6346]  proc_fail_nth_read+0x10e/0x150
[  127.937504][ T6346]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  127.937535][ T6346]  vfs_read+0x1ab/0x7f0
[  127.937562][ T6346]  ? ktime_get+0x212/0x240
[  127.937625][ T6346]  ? __rcu_read_unlock+0x4e/0x70
[  127.937681][ T6346]  ? __fget_files+0x184/0x1c0
[  127.937706][ T6346]  ? mutex_lock+0x57/0x90
[  127.937736][ T6346]  ksys_read+0xdc/0x1a0
[  127.937823][ T6346]  __x64_sys_read+0x40/0x50
[  127.937860][ T6346]  x64_sys_call+0x2886/0x3020
[  127.937937][ T6346]  do_syscall_64+0x12c/0x3b0
[  127.937969][ T6346]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.937995][ T6346] RIP: 0033:0x7f3f3be3d68e
[  127.938016][ T6346] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  127.938113][ T6346] RSP: 002b:00007f3f3a8cefe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  127.938140][ T6346] RAX: ffffffffffffffda RBX: 00007f3f3a8cf6c0 RCX: 00007f3f3be3d68e
[  127.938218][ T6346] RDX: 000000000000000f RSI: 00007f3f3a8cf0a0 RDI: 0000000000000006
[  127.938235][ T6346] RBP: 00007f3f3a8cf090 R08: 0000000000000000 R09: 0000000000000000
[  127.938253][ T6346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.938269][ T6346] R13: 00007f3f3c0f6038 R14: 00007f3f3c0f5fa0 R15: 00007fff8fc1d398
[  127.938295][ T6346]  </TASK>
[  128.148741][ T6349] netlink: 8 bytes leftover after parsing attributes in process `syz.0.792'.
[  128.166369][ T6350] EXT4-fs error (device loop3): mb_free_blocks:2049: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  128.185101][ T6349] macsec1: entered promiscuous mode
[  128.190579][    C0] EXT4-fs (loop3): error count since last fsck: 1
[  128.197056][    C0] EXT4-fs (loop3): initial error at time 1779254485: mb_free_blocks:2049: inode 11: block 64
[  128.207327][    C0] EXT4-fs (loop3): last error at time 1779254485: mb_free_blocks:2049: inode 11: block 64
[  128.218660][ T6349] batadv_slave_1: entered promiscuous mode
[  128.224816][ T6349] macsec1: entered allmulticast mode
[  128.230218][ T6349] batadv_slave_1: entered allmulticast mode
[  128.237402][ T6350] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #11: comm syz.3.791: corrupted inode contents
[  128.249531][ T6349] batadv_slave_1: left allmulticast mode
[  128.255223][ T6349] batadv_slave_1: left promiscuous mode
[  128.260238][ T6350] EXT4-fs error (device loop3): ext4_dirty_inode:6587: inode #11: comm syz.3.791: mark_inode_dirty error
[  128.280874][ T6350] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.791: invalid indirect mapped block 1 (level 1)
[  128.303212][ T6350] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #11: comm syz.3.791: corrupted inode contents
[  128.315451][ T6350] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem
[  128.325941][ T6359] SELinux:  Context system_u:object is not valid (left unmapped).
[  128.336202][ T6350] loop3: lost filesystem error report for type 5 error -117
[  128.336433][ T6350] EXT4-fs error (device loop3): ext4_do_update_inode:5690: inode #11: comm syz.3.791: corrupted inode contents
[  128.362061][ T6350] EXT4-fs error (device loop3): ext4_truncate:4690: inode #11: comm syz.3.791: mark_inode_dirty error
[  128.373380][ T6350] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem
[  128.376629][ T6358] msdos: Bad value for 'fmask'
[  128.382828][ T6350] loop3: lost filesystem error report for type 5 error -117
[  128.387416][ T6350] EXT4-fs (loop3): 1 truncate cleaned up
[  128.401210][ T6350] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.445414][ T6350] netlink: 20 bytes leftover after parsing attributes in process `syz.3.791'.
[  128.516717][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.626353][ T6371] FAULT_INJECTION: forcing a failure.
[  128.626353][ T6371] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  128.646858][ T6371] CPU: 1 UID: 0 PID: 6371 Comm: syz.3.797 Not tainted syzkaller #0 PREEMPT(full) 
[  128.646887][ T6371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  128.646901][ T6371] Call Trace:
[  128.646908][ T6371]  <TASK>
[  128.646956][ T6371]  __dump_stack+0x1d/0x30
[  128.646985][ T6371]  dump_stack_lvl+0x95/0xd0
[  128.647080][ T6371]  dump_stack+0x15/0x1b
[  128.647111][ T6371]  should_fail_ex+0x263/0x280
[  128.647168][ T6371]  should_fail+0xb/0x20
[  128.647275][ T6371]  should_fail_usercopy+0x1a/0x20
[  128.647315][ T6371]  _copy_to_user+0x20/0xa0
[  128.647388][ T6371]  simple_read_from_buffer+0xb5/0x130
[  128.647498][ T6371]  proc_fail_nth_read+0x10e/0x150
[  128.647550][ T6371]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  128.647613][ T6371]  vfs_read+0x1ab/0x7f0
[  128.647645][ T6371]  ? __rcu_read_unlock+0x4e/0x70
[  128.647694][ T6371]  ? __fget_files+0x184/0x1c0
[  128.647747][ T6371]  ? mutex_lock+0x57/0x90
[  128.647779][ T6371]  ksys_read+0xdc/0x1a0
[  128.647817][ T6371]  __x64_sys_read+0x40/0x50
[  128.647853][ T6371]  x64_sys_call+0x2886/0x3020
[  128.647906][ T6371]  do_syscall_64+0x12c/0x3b0
[  128.647949][ T6371]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.647978][ T6371] RIP: 0033:0x7f87701fd68e
[  128.648047][ T6371] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  128.648072][ T6371] RSP: 002b:00007f876ec75fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  128.648097][ T6371] RAX: ffffffffffffffda RBX: 00007f876ec766c0 RCX: 00007f87701fd68e
[  128.648117][ T6371] RDX: 000000000000000f RSI: 00007f876ec760a0 RDI: 0000000000000003
[  128.648148][ T6371] RBP: 00007f876ec76090 R08: 0000000000000000 R09: 0000000000000000
[  128.648166][ T6371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  128.648183][ T6371] R13: 00007f87704b6128 R14: 00007f87704b6090 R15: 00007ffe795e97f8
[  128.648223][ T6371]  </TASK>
[  129.087337][ T6375] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.100120][ T6375] ext4 filesystem being mounted at /159/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  129.254679][ T6385] netlink: 4 bytes leftover after parsing attributes in process `syz.3.800'.
[  129.283880][ T6385] set_capacity_and_notify: 5 callbacks suppressed
[  129.283921][ T6385] loop3: detected capacity change from 0 to 256
[  129.316381][ T6385] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  129.326670][ T6385] FAT-fs (loop3): Filesystem has been set read-only
[  129.471258][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.517379][ T6391] loop3: detected capacity change from 0 to 256
[  129.546272][ T6394] netlink: 'syz.0.804': attribute type 1 has an invalid length.
[  129.548436][ T6391] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  129.579770][ T6392] loop1: detected capacity change from 0 to 512
[  129.586842][ T6394] 8021q: adding VLAN 0 to HW filter on device bond12
[  129.603236][ T6392] EXT4-fs: test_dummy_encryption option not supported
[  129.625281][ T6391] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  129.644342][ T6392] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  129.771711][ T6403] loop0: detected capacity change from 0 to 128
[  129.783879][ T6403] ext4: Unknown parameter 'mask'
[  129.796028][ T5395] udevd[5395]: incorrect ext4 checksum on /dev/loop0
[  129.881225][ T6406] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  130.218109][ T6416] loop3: detected capacity change from 0 to 512
[  130.234980][ T6416] ext4: Unknown parameter 'dont_measure'
[  130.253090][ T6418] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  130.276258][ T6418] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  130.339820][ T6421] loop1: detected capacity change from 0 to 164
[  130.487969][   T28] kauditd_printk_skb: 212 callbacks suppressed
[  130.487998][   T28] audit: type=1400 audit(1779254488.174:6803): avc:  denied  { tracepoint } for  pid=6422 comm="syz.1.812" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  130.516098][ T6424] netlink: 292 bytes leftover after parsing attributes in process `syz.1.812'.
[  131.962970][ T6432] loop3: detected capacity change from 0 to 512
[  132.733667][ T6432] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.746379][ T6432] ext4 filesystem being mounted at /190/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  132.878644][ T6444] netlink: 'syz.0.816': attribute type 1 has an invalid length.
[  132.935669][ T6444] 8021q: adding VLAN 0 to HW filter on device bond14
[  133.031189][ T6458] loop4: detected capacity change from 0 to 1024
[  133.052969][ T6458] EXT4-fs: test_dummy_encryption option not supported
[  133.171654][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.286625][ T6468] loop3: detected capacity change from 0 to 164
[  133.376698][   T28] audit: type=1400 audit(1779254491.064:6804): avc:  denied  { cpu } for  pid=6471 comm="syz.1.825" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  133.473107][ T6475] syzkaller0: entered promiscuous mode
[  133.478669][ T6475] syzkaller0: entered allmulticast mode
[  133.534402][ T6475] tipc: Started in network mode
[  133.539379][ T6475] tipc: Node identity b6e745c8a779, cluster identity 4711
[  133.546695][ T6475] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  133.670615][ T6479] loop0: detected capacity change from 0 to 256
[  133.720101][ T6479] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  133.737970][ T6479] FAT-fs (loop0): Filesystem has been set read-only
[  133.833361][ T6479] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  133.842695][ T6483] bridge1: entered promiscuous mode
[  133.844362][ T6479] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  133.850899][ T6483] bridge1: entered allmulticast mode
[  133.860596][ T6479] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  133.886281][ T6485] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  133.917410][ T6479] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  133.927588][ T6479] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  133.950054][ T6485] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  133.960225][ T6485] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  133.978902][ T6479] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  133.998779][ T6491] netlink: 'syz.2.831': attribute type 1 has an invalid length.
[  134.061922][ T6495] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  134.080991][ T6495] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  134.100526][ T6495] FAULT_INJECTION: forcing a failure.
[  134.100526][ T6495] name failslab, interval 1, probability 0, space 0, times 0
[  134.115247][ T6491] 8021q: adding VLAN 0 to HW filter on device bond10
[  134.147560][ T6495] CPU: 1 UID: 0 PID: 6495 Comm: syz.1.832 Not tainted syzkaller #0 PREEMPT(full) 
[  134.147597][ T6495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  134.147615][ T6495] Call Trace:
[  134.147624][ T6495]  <TASK>
[  134.147634][ T6495]  __dump_stack+0x1d/0x30
[  134.147665][ T6495]  dump_stack_lvl+0x95/0xd0
[  134.147757][ T6495]  dump_stack+0x15/0x1b
[  134.147781][ T6495]  should_fail_ex+0x263/0x280
[  134.147819][ T6495]  ? fat_parse_long+0x62/0x430
[  134.147897][ T6495]  should_failslab+0x8c/0xb0
[  134.147940][ T6495]  __kmalloc_cache_noprof+0x5f/0x400
[  134.148036][ T6495]  fat_parse_long+0x62/0x430
[  134.148076][ T6495]  fat_search_long+0x1cc/0x9b0
[  134.148148][ T6495]  ? avc_has_perm+0x101/0x190
[  134.148196][ T6495]  vfat_lookup+0xd4/0x2e0
[  134.148240][ T6495]  ? __pfx_vfat_lookup+0x10/0x10
[  134.148308][ T6495]  path_openat+0xbf0/0x2050
[  134.148364][ T6495]  do_file_open+0x16c/0x290
[  134.148477][ T6495]  do_sys_openat2+0x94/0x130
[  134.148506][ T6495]  __x64_sys_open+0xe6/0x110
[  134.148592][ T6495]  x64_sys_call+0x14b9/0x3020
[  134.148623][ T6495]  do_syscall_64+0x12c/0x3b0
[  134.148662][ T6495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.148756][ T6495] RIP: 0033:0x7f3f3be7ce59
[  134.148772][ T6495] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  134.148795][ T6495] RSP: 002b:00007f3f3a8cf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  134.148820][ T6495] RAX: ffffffffffffffda RBX: 00007f3f3c0f5fa0 RCX: 00007f3f3be7ce59
[  134.148841][ T6495] RDX: 0000000000000100 RSI: 000000000010d243 RDI: 0000200000000040
[  134.148858][ T6495] RBP: 00007f3f3a8cf090 R08: 0000000000000000 R09: 0000000000000000
[  134.148875][ T6495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  134.148890][ T6495] R13: 00007f3f3c0f6038 R14: 00007f3f3c0f5fa0 R15: 00007fff8fc1d398
[  134.148909][ T6495]  </TASK>
[  134.471626][ T6474] tipc: Resetting bearer <eth:syzkaller0>
[  134.478917][ T6474] tipc: Disabling bearer <eth:syzkaller0>
[  134.576399][ T6504] set_capacity_and_notify: 1 callbacks suppressed
[  134.576421][ T6504] loop2: detected capacity change from 0 to 512
[  134.674919][ T6505] loop1: detected capacity change from 0 to 512
[  134.817655][   T28] audit: type=1400 audit(1779254492.504:6805): avc:  denied  { write } for  pid=6506 comm="syz.3.835" path="socket:[14416]" dev="sockfs" ino=14416 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  134.958935][ T6509] netlink: 20 bytes leftover after parsing attributes in process `syz.3.835'.
[  135.075992][   T28] audit: type=1400 audit(1779254492.554:6806): avc:  denied  { setopt } for  pid=6506 comm="syz.3.835" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  135.098637][ T6513] loop2: detected capacity change from 0 to 164
[  135.169697][ T6505] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.182483][ T6505] ext4 filesystem being mounted at /148/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  135.234595][ T6519] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  135.305919][ T6509] loop3: detected capacity change from 0 to 512
[  135.339661][ T6509] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  135.349260][ T6509] EXT4-fs (loop3): ea_inode feature is not supported for Hurd
[  135.413161][ T6522] vlan4: entered allmulticast mode
[  135.422746][ T6522] bond_slave_0: entered allmulticast mode
[  135.435183][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.482976][   T28] audit: type=1400 audit(1779254493.124:6807): avc:  denied  { mount } for  pid=6524 comm="syz.1.839" name="/" dev="ramfs" ino=14078 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  135.648358][ T6531] tun0: tun_chr_ioctl cmd 1074025675
[  135.653717][ T6531] tun0: persist enabled
[  135.658298][ T6531] tun0: tun_chr_ioctl cmd 1074025675
[  135.663651][ T6531] tun0: persist enabled
[  135.685474][ T6533] loop3: detected capacity change from 0 to 164
[  135.692862][ T6533] isofs_fill_super: root inode is not a directory. Corrupted media?
[  135.772211][ T6535] netlink: 'syz.2.844': attribute type 1 has an invalid length.
[  135.793456][ T6535] 8021q: adding VLAN 0 to HW filter on device bond11
[  135.867124][  T405] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  135.876202][  T405] netdevsim netdevsim3 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  135.885199][  T405] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  135.896972][  T405] netdevsim netdevsim3 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  135.907294][  T405] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  135.916705][  T405] netdevsim netdevsim3 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  135.925989][  T405] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  135.935165][  T405] netdevsim netdevsim3 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  135.973408][   T28] audit: type=1400 audit(1779254493.634:6808): avc:  denied  { read } for  pid=6546 comm="syz.0.847" name="uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  136.004241][ T6548] tun1: tun_chr_ioctl cmd 1074025675
[  136.011168][ T6548] tun1: persist enabled
[  136.015508][ T6548] tun1: tun_chr_ioctl cmd 1074025675
[  136.022558][   T28] audit: type=1400 audit(1779254493.634:6809): avc:  denied  { open } for  pid=6546 comm="syz.0.847" path="/dev/uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  136.023168][ T6545] 9pnet_virtio: no channels available for device 127.0.0.1
[  136.053417][ T6548] tun1: persist enabled
[  136.123347][    C0] ip6_tunnel: syztnl1 xmit: Local address not yet configured!
[  136.134412][ T6551] loop0: detected capacity change from 0 to 164
[  136.419319][ T6556] loop0: detected capacity change from 0 to 512
[  136.446964][ T6556] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.459834][ T6556] ext4 filesystem being mounted at /171/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.684385][ T6562] netlink: 4 bytes leftover after parsing attributes in process `syz.1.850'.
[  136.725255][ T6562] loop1: detected capacity change from 0 to 256
[  136.751019][   T28] audit: type=1400 audit(1779254494.424:6810): avc:  denied  { sys_module } for  pid=6552 comm="syz.0.849" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  136.822259][ T6562] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  136.833081][ T6562] FAT-fs (loop1): Filesystem has been set read-only
[  137.083762][ T6573] loop1: detected capacity change from 0 to 256
[  137.224508][ T6574] ==================================================================
[  137.232676][ T6574] BUG: KCSAN: data-race in copy_mm / mmap_write_unlock
[  137.239570][ T6574] 
[  137.241944][ T6574] read-write to 0xffff8881035f52c8 of 4 bytes by task 6571 on cpu 0:
[  137.250045][ T6574]  mmap_write_unlock+0x70/0xc0
[  137.254870][ T6574]  __se_sys_mbind+0xc54/0xdd0
[  137.259601][ T6574]  __x64_sys_mbind+0x78/0x90
[  137.264229][ T6574]  x64_sys_call+0x2b72/0x3020
[  137.268957][ T6574]  do_syscall_64+0x12c/0x3b0
[  137.273603][ T6574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.279539][ T6574] 
[  137.281898][ T6574] read to 0xffff8881035f5100 of 1664 bytes by task 6574 on cpu 1:
[  137.289743][ T6574]  copy_mm+0xe1/0x370
[  137.293771][ T6574]  copy_process+0x1087/0x2370
[  137.298486][ T6574]  kernel_clone+0x1a5/0x5e0
[  137.303020][ T6574]  __x64_sys_clone+0x143/0x180
[  137.307834][ T6574]  x64_sys_call+0x1222/0x3020
[  137.312561][ T6574]  do_syscall_64+0x12c/0x3b0
[  137.317202][ T6574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.323157][ T6574] 
[  137.325517][ T6574] Reported by Kernel Concurrency Sanitizer on:
[  137.331708][ T6574] CPU: 1 UID: 0 PID: 6574 Comm: syz.3.854 Not tainted syzkaller #0 PREEMPT(full) 
[  137.340958][ T6574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  137.351033][ T6574] ==================================================================
[  137.889272][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.315908][   T28] audit: type=1400 audit(1779254496.004:6811): avc:  denied  { write } for  pid=6577 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  138.348917][   T28] audit: type=1400 audit(1779254496.035:6812): avc:  denied  { write } for  pid=6588 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  138.659966][   T28] audit: type=1400 audit(1779254496.355:6813): avc:  denied  { write } for  pid=6592 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  138.693018][   T28] audit: type=1400 audit(1779254496.385:6814): avc:  denied  { write } for  pid=6603 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1