last executing test programs:

2.780827773s ago: executing program 4 (id=1428):
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x10, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="1802000000000020010000008068c48600100003000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x100400, 0x0, 0x0, 0x41000, 0xa}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x51b4899901444f95, 0x82)
fcntl$notify(r1, 0x402, 0x3)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x3fffffffc}, 0x0, 0x0, 0x0, 0x3, 0xfff, 0x8001, 0xfff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
capset(&(0x7f0000000340)={0x19980330}, &(0x7f00000002c0)={0x200000, 0xc, 0x0, 0x2, 0x2})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002105000d40930000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c000100636f756e74657200100001800900"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x40000)
sendmsg$OSF_MSG_REMOVE(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000002240)=ANY=[@ANYBLOB], 0x12b4}, 0x1, 0x0, 0x0, 0x800}, 0x40)
bind$netlink(r2, &(0x7f00000001c0)={0x10, 0x0, 0x25dfdbfb, 0x20000}, 0xc)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc9ffe}]})
add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
ioctl$SG_IO(r3, 0x2285, &(0x7f00000000c0)={0x53, 0xfffffffffffffffe, 0x7, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000380)="0dd7f97978bd4f", 0x0, 0x3, 0x10001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000})
r6 = shmget(0x0, 0x2000, 0x2c000400, &(0x7f0000fae000/0x2000)=nil)
shmctl$IPC_RMID(r6, 0x0)
shmat(r6, &(0x7f0000ffb000/0x2000)=nil, 0x2000)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x141842, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
ftruncate(r8, 0x4)
copy_file_range(r8, 0x0, r7, 0x0, 0xffffffffa003e459, 0x700000000000000)

2.666735857s ago: executing program 4 (id=1429):
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0xc0041, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0)
ioctl$FS_IOC_GETFLAGS(r0, 0x5437, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000850000000800000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='sys_enter\x00', r6}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x446, &(0x7f0000000680)={[{@min_batch_time={'min_batch_time', 0x3d, 0x9}}, {@journal_dev={'journal_dev', 0x3d, 0x3}}, {@errors_continue}, {@noquota}, {@data_err_ignore}, {@noblock_validity}, {@delalloc}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@orlov}, {@user_xattr}, {@nodioread_nolock}, {@i_version}]}, 0x1, 0x553, &(0x7f0000001600)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000800)={{0x1, <r7=>0xffffffffffffffff}, &(0x7f0000000780), &(0x7f00000007c0)=r6}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x9, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000096000000000000000a00000043a95000ffffffff18480000fcffffff000000000000f0ff18430000080000000000000000000000850000008f00000095000000000000004c68b0ece8e965f60791c1fb220831087db097d972325e"], &(0x7f0000000200)='GPL\x00', 0x37be66e5, 0x5c, &(0x7f00000004c0)=""/92, 0x41100, 0x41, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000600)={0x5, 0xb, 0x8, 0x10000}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000840)=[r4, r7, r4, r4, r4], &(0x7f0000000880)=[{0x2, 0x5, 0x10, 0x2}]}, 0x94)
r8 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x42, 0x0)
fallocate(r8, 0x10, 0x6, 0x10001)
shmat(0x0, &(0x7f0000f62000/0x1000)=nil, 0x7000)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x6083, 0x3)
mbind(&(0x7f0000ff8000/0x8000)=nil, 0x8000, 0x8002, &(0x7f0000000180)=0x3ff, 0xc, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6tnl0\x00', <r9=>0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x18)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000000000)=0xf3e, 0x4)
sendto$packet(0xffffffffffffffff, &(0x7f0000000240)='V', 0x1, 0x0, &(0x7f0000000080)={0x11, 0x0, r9, 0x1, 0x0, 0x6, @dev}, 0x14)

2.310566823s ago: executing program 4 (id=1435):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
syz_emit_ethernet(0x80, &(0x7f0000000600)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd61bc4a06004a2f00fe8000000000000040000000000000bbff02000000000000000000000000378dcbdc88be00060001bf3f030b7d2701000800000086dd080088be000000031c0885100100000000007b40080022eb0000000223022309020000000000000300ebb41b0800655800000003e49123478281dac80b36d4d6d8defc2ba99cfb2e4fcc9d5d03e405f052"], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x4e4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r2}, 0x10)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
socket$netlink(0x10, 0x3, 0x14)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000200), 0x193800, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000240), 0x40900, 0x0)
r5 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x5ea3, 0x8, 0x8000, 0x400250}, &(0x7f0000000080)=<r6=>0x0, &(0x7f0000000400)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r9}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r10 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'lo\x00', <r11=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x4c, 0x24, 0xd0f, 0x3, 0x1000000, {0x60, 0x0, 0x0, r11, {0x0, 0x2}, {0xffff, 0xffff}, {0x4, 0xc}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x10, 0x3, 0x1, 0x3, 0x400, 0x8}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40001d4}, 0x0)
socket$kcm(0x29, 0x2, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x0, @fd=r4, 0x8006, &(0x7f0000000300)=""/210, 0xd2, 0x2, 0x1})
io_uring_enter(r5, 0x4be7, 0x4c3, 0x43, 0x0, 0x0)

2.227209667s ago: executing program 4 (id=1439):
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x10, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="1802000000000020010000008068c48600100003000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x100400, 0x0, 0x0, 0x41000, 0xa}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x51b4899901444f95, 0x82)
fcntl$notify(r1, 0x402, 0x3)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x3fffffffc}, 0x0, 0x0, 0x0, 0x3, 0xfff, 0x8001, 0xfff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
capset(&(0x7f0000000340)={0x19980330}, &(0x7f00000002c0)={0x200000, 0xc, 0x0, 0x2, 0x2})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002105000d40930000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c000100636f756e74657200100001800900"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x40000)
sendmsg$OSF_MSG_REMOVE(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000002240)=ANY=[@ANYBLOB], 0x12b4}, 0x1, 0x0, 0x0, 0x800}, 0x40)
bind$netlink(r2, &(0x7f00000001c0)={0x10, 0x0, 0x25dfdbfb, 0x20000}, 0xc)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc9ffe}]})
add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
ioctl$SG_IO(r3, 0x2285, &(0x7f00000000c0)={0x53, 0xfffffffffffffffe, 0x7, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000380)="0dd7f97978bd4f", 0x0, 0x3, 0x10001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000})
r6 = shmget(0x0, 0x2000, 0x2c000400, &(0x7f0000fae000/0x2000)=nil)
shmctl$IPC_RMID(r6, 0x0)
shmat(r6, &(0x7f0000ffb000/0x2000)=nil, 0x2000)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x141842, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
ftruncate(r8, 0x4)
copy_file_range(r8, 0x0, r7, 0x0, 0xffffffffa003e459, 0x700000000000000)

2.1481058s ago: executing program 4 (id=1442):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x249, &(0x7f0000000800)="$eJzs3T9oJFUcB/DvzO56JrfIqY0g/gER0UA4O8HmbBQO5DhEBBVORGyURIgJdomVjYXWKqlsgtgZLSVNsFEEq6gpYiNosDBYaLGyO4nEZDWaXXfizecDk5nJvDe/N+x8324zuwEa60KSS0laSWaSdJIUhxvcXS0X9ndXpzavJb3eEz8Vg3bVfuWg3/kkK0keSrJRFnmpnSytP7Pzy9Zj97252Ln3/fWnpyZ6kft2d7Yf33vvyhsfXX5w6YuvfrhS5FK6f7qu8SuG/K9dJLf8F8XOiKJd9wj4J66+9uHX/dzfmuSeQf47KVO9eG8t3LDRyQPv/lXft3/88vZJjhUYv16v038PXOkBjVMm6aYoZ5NU22U5O1t9hv+mNV2+PL/w6syL84tzL9Q9UwHj0k22H/3k3Mfnj+T/+1aVf+B/YPp03fr5f/Lq2rf97b3WmMcEnE13VKt+/meeW74/8g+NI//QXPIPzSX/0FzyD80l/9Bc8g/Xsc7fH5Z/aC75h+aSf2iuw/kHAJqld67uJ5CButQ9/wAAAAAAAAAAAAAAAAAAAMetTm1eO1gmVfOzd5LdR5K0h9VvDX6POLlx8Hf656Lf7A9F1W0kz9414glG9EHNT1/f9F299T+/s976y3PJyutJLrbbx++/Yv/+O72bTzjeeX7EAv9ScWT/4acmW/+o39bqrX95K/m0P/9cHDb/lLltsB4+/3RP/orlE73y64gnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGJ+DwAA//8NTG1W")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x101042, 0x0)
pwrite64(r2, &(0x7f00000001c0)='2', 0x1, 0xfecd)
connect$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x4e22, 0x0, @private1}, 0x1c)
r3 = socket$inet6(0xa, 0x5, 0x0)
connect$inet6(r3, &(0x7f0000000300)={0xa, 0x4e22, 0x2, @private1, 0x5}, 0x1c)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x89}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r5 = creat(&(0x7f00000000c0)='./file0\x00', 0xf4)
r6 = dup2(r5, r5)
ioctl$BLKTRACESETUP(r6, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200000a, 0x1, 0x8})
ioctl$BLKTRACESETUP(r6, 0x1276, 0x0)
socket$inet6(0xa, 0x5, 0x0)
socket$netlink(0x10, 0x3, 0x4)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r7, 0xc0c0583b, &(0x7f0000000e00)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{0x0, 0x0, 0xffc}, {0xffffffff, 0x80000000, 0x1, 0x0, 0x0, 0x200}]})
openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/consoles\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00'}, 0x10)

2.120445031s ago: executing program 2 (id=1444):
seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, &(0x7f0000000680)=0x7fff0000)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)=""/119, 0x77}], 0x1, 0x9, 0x5)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0)

1.988048897s ago: executing program 0 (id=1446):
r0 = shmat(0x0, &(0x7f0000f62000/0x1000)=nil, 0x7000)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYRESDEC=r0], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000003c0)='kmem_cache_free\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000280)=ANY=[@ANYRESDEC=r2], 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffffad}, 0x94)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r3}, 0x18) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
syz_open_dev$sg(&(0x7f0000000080), 0xffff0000, 0x40) (async)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid() (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$KDSKBMETA(0xffffffffffffffff, 0x4b63, 0x0)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x60100100, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000feffffffaa0033c769553a2d56a490d1a9757b653400"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x94)
openat$null(0xffffffffffffff9c, 0x0, 0x602600, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000001480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb236414920f108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4505f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19f470e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f256a02388eaec2babea15f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x3}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x101, 0xffffffff}, 0x10}, 0x94) (async)
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073797a32000000000800410073697700140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)

1.987798807s ago: executing program 1 (id=1447):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r1}, 0x38)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x7815, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, 0x0, 0x9)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000140)=ANY=[], 0x9)
bpf$PROG_LOAD(0x5, &(0x7f0000019200)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYRES16=r0, @ANYRES32=r1, @ANYRESHEX=r0], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5}, 0x100002, 0xfffffffffffffffc, 0xfffffffc, 0x0, 0x944, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = getpgrp(0x0)
r5 = syz_pidfd_open(r4, 0x0)
fsetxattr$trusted_overlay_nlink(r5, &(0x7f00000018c0), 0x0, 0x0, 0x3)

1.882071371s ago: executing program 1 (id=1448):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getresuid(0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x22c7, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='xdp_cpumap_enqueue\x00', r1, 0x0, 0x2}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, 0x0, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@newtfilter={0x70, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x8, 0xfff3}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x40, 0x2, [@TCA_BASIC_EMATCHES={0x3c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x9, 0x3, 0x401}, {0x9, 0x8, 0x8, 0x40}}}, @TCF_EM_CONTAINER={0x10, 0x2, 0x0, 0x0, {{0x4, 0x0, 0x800}, "e6"}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x7}}]}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x40090}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), 0x0, 0x1, r5}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', 0xffffffffffffffff, 0x0, 0x115}, 0x18)
r6 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0xdcb8, 0x10, 0x1, 0x89}, &(0x7f00000003c0)=<r7=>0x0, &(0x7f0000000200)=<r8=>0x0)
unshare(0x20060400)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x8, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000004040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x29e782})
io_uring_enter(r6, 0x3518, 0xaddf, 0x2, 0x0, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000078000000060a010400000000000700000000000000000b400000000050000480200001800e000100636f6e6e6c696d69740000000c00028008000140000000002c00018008000100636d70002000028008000140000000010c00038006000100efbb000008000240000000000900010073797a3000000000140000001100010000000000000000000000000a"], 0xec}}, 0x0)

1.587783484s ago: executing program 2 (id=1449):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x40ead000)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000003c0)='net/xfrm_stat\x00')
r3 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$KDFONTOP_SET(r3, 0x4b72, &(0x7f0000000040)={0x0, 0x4000000, 0x8, 0xd, 0x200, &(0x7f0000001500)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000a0000fdfd000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000005000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})
preadv(r2, &(0x7f00000000c0)=[{&(0x7f0000000200)=""/233, 0xe9}, {&(0x7f0000000000)=""/17, 0x11}, {&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000000080)=""/2, 0x2}], 0x4, 0xfff, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000024c0)=ANY=[@ANYBLOB="180000000000000000000000feffffff18110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000500000000b7030000000000008500000083000000bf0900000000000055090100513bb6a2a3f7a824ac000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f00000003c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0xffffffffffffff22}, 0x2e)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000240)={0x0, 0x600, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073797a32000000000800410073697700140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8040, 0x0)
ioctl$PPPIOCATTCHAN(r8, 0x40047438, &(0x7f0000001480)=0x3)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r7, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000180)={0x8, {{0xa, 0x4e21, 0xa3f, @mcast1, 0xbfd}}, {{0xa, 0x4e20, 0x5, @private0={0xfc, 0x0, '\x00', 0x1}, 0x40}}}, 0x108)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10)
getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000000180)=""/214, &(0x7f0000000080)=0xd6)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000340)={@fallback=r7, 0x0, 0x1, 0x6, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x0, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0]}, 0x40)

1.527069206s ago: executing program 1 (id=1450):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[], 0x48)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f0000000400)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r2}, 0x10)
pipe2$9p(&(0x7f0000001900)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = dup(r4)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [], 0x6b}})

1.405524631s ago: executing program 0 (id=1452):
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c232000, 0x3, 0x2})

1.387669222s ago: executing program 0 (id=1454):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[], 0x48)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f0000000400)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r2}, 0x10)
pipe2$9p(&(0x7f0000001900)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = dup(r4)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [], 0x6b}})

1.358458393s ago: executing program 1 (id=1455):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r2)
sendmsg$IEEE802154_ADD_IFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01022dbd7000ffdb652520e7000109001f0070687931000000000a0001007770616e33000000050020"], 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (fail_nth: 4)

1.272205927s ago: executing program 3 (id=1457):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x810000, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r2}, &(0x7f0000000000), 0x0}, 0x20)
r3 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f00000011c0), 0x2401, 0x0)
write$P9_RWALK(r3, 0x0, 0x30)

1.164269961s ago: executing program 1 (id=1458):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xdb, '\x00', 0x0, @tracing=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x15, 0x5, 0x0)
getsockopt(r3, 0x200000000114, 0x2710, &(0x7f000001eec0)=""/102400, &(0x7f0000000080)=0x19000)

1.030206727s ago: executing program 3 (id=1459):
seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, &(0x7f0000000680)=0x7fff0000)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)=""/119, 0x77}], 0x1, 0x9, 0x5)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0)

999.741818ms ago: executing program 0 (id=1460):
syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000004000000020000000000001103000000ffffffff000000000000000203000000020000000000000802000000000061"], 0x0, 0x44, 0x0, 0x0, 0xfffffffe}, 0x28) (async)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket(0x400000000010, 0x3, 0x0) (async)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56561, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0x7}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8c4}, 0x0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0) (async)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r6, {0x7, 0xfff1}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x400dc}, 0x4020080)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000001d00000000000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01) (async)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) (async)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r10}, 0x10)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB="48000000020101010000000000000000000000032c00170000060000000000040000000800000101000000000000000b0000000100000080000000ff0000000008001a4000000100"], 0x48}, 0x1, 0x0, 0x0, 0x4014}, 0x20004890) (async)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000035c0)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08ea", 0x35}], 0x1, 0x0, 0x0, 0x1f000801}, 0x240000c0) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) (async)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="1b00"/12], 0x50) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
semop(0x0, 0x0, 0x0) (async)
ioctl$SCSI_IOCTL_SEND_COMMAND(r8, 0x1, &(0x7f00000000c0)=ANY=[@ANYRES64=r8])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r7}, 0x10)

707.959161ms ago: executing program 0 (id=1461):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getresuid(0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x22c7, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='xdp_cpumap_enqueue\x00', r1, 0x0, 0x2}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, 0x0, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@newtfilter={0x70, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x8, 0xfff3}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x40, 0x2, [@TCA_BASIC_EMATCHES={0x3c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x9, 0x3, 0x401}, {0x9, 0x8, 0x8, 0x40}}}, @TCF_EM_CONTAINER={0x10, 0x2, 0x0, 0x0, {{0x4, 0x0, 0x800}, "e6"}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x7}}]}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x40090}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), 0x0, 0x1, r5}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', 0xffffffffffffffff, 0x0, 0x115}, 0x18)
r6 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0xdcb8, 0x10, 0x1, 0x89}, &(0x7f00000003c0)=<r7=>0x0, &(0x7f0000000200)=<r8=>0x0)
unshare(0x20060400)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x8, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000004040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x29e782})
io_uring_enter(r6, 0x3518, 0xaddf, 0x2, 0x0, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000078000000060a010400000000000700000000000000000b400000000050000480200001800e000100636f6e6e6c696d69740000000c00028008000140000000002c00018008000100636d70002000028008000140000000010c00038006000100efbb000008000240000000000900010073797a3000000000140000001100010000000000000000000000000a"], 0xec}}, 0x0)

656.896843ms ago: executing program 3 (id=1462):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000480)=0x7, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0xad, @empty, 0x9}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x2, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0xdc}, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r4)
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r5=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce8100033200fc08000000"], 0xfdef)

549.129707ms ago: executing program 3 (id=1463):
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc) (async)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="e0000002ac1414aa00"], 0x1c) (async)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x82800) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001540)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020816c2500000000e12020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000006fd6850000002d000000850000002300000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10) (async, rerun: 32)
fchmod(0xffffffffffffffff, 0x0) (async, rerun: 32)
r2 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x4011, &(0x7f0000000040)={[{@barrier_val={'barrier', 0x3d, 0x7}}, {@dioread_lock}, {@journal_checksum}, {@noblock_validity}, {@commit={'commit', 0x3d, 0x5a5f}}, {@dioread_nolock}]}, 0x0, 0x64a, &(0x7f0000000180)="$eJzs3c9vFG8ZAPBnZrfd/vjqFmJUPEijMZAoLS1giDGBXjwRgj9uniotBFkooTVaJLFN8GJiuHgw8eRB/C+UxKsnbx68eDIkxBgOYojsN7M7W7a73Xa77Xbp9vNJls7Muzvvs2SffWfefd+ZAE6s6eyfNOJMRDxKIspNZcXIC6frz3vzn6e3s0cS1er3/53E018kG837SvK/kxHxPCL+X65vOV1or3d1/cn9xUpl+XG+Prv24NHs6vqTC/ceLN5dvrv8cP6b81evXL5yde7igd5fFsFIvnzj2Y9/Wv7VzR/+4Xfvkrk//uNmEtfjfR5b9r5aX1s6UM3Z/9l0VOvebitII64ecN8fi/+WG5+TmlL2gUiKg4yI/Ugj4lqeI1+IchTiQ7KW45ffHWhwQF9Vk6i1UdNV4ORJomPRvbH8S6LdWF9jAo5C4zigcW6/03lwu7SfhyTAEXm9UO/oq+f+SEQ08r9Y7xuMsVrfwMSbpLmfp9avdrCeubqsjr/+5eaz7BEd+uGA/tjYbPRyt7b/SS03p6J+DjDxJt2W/wv5UUCa/07wvdYdd9l5Pt2yLv/h6GxsRsQX8/Z/NLrO/zTP3Ub+/6jH+nvM/096rA4AAAAAAACG2suFiPjGTuP/0q3xP6OF9vE/kxFx/RDq3/v3v/RVvpAcQnVAk9cLEd/ecfzv1hjfqUK+9pnaeICR5M69yvLFiPhsRJyPkVK2Ptey3+YRwhd+ffq3nepvHv+XPbL6G2MB8z29KraMJVpaXFs86PsGIl5vRnypNv73bL5l+/ifrP1Ptsb/fhh2k+X3oy7rOP21F7c6le2d/0C/VH8fcW7H9v/D4Xay+/U5ZmvHA7ONo4J2X/758z91ql/+w+Bk7f/E7vlfSpqv17O6v/2PRsSl9WK1U3mvx/+jyQ8Kjf1nfra4tvZ4LmI0udG+fX5/McOwauRDI1+y/D//1d37/7aO/5vycDwiNrqs8/PvJ//ZqUz7D4OT5f/S7u1/eXv7v/+F+RdTf+5U/62u2v/LtTb9fL5F/x80a78eR7cJOpBwAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCYSyPik0jSma3lNJ2ZiZiMiM/FRFpZWV37+p2Vnzxcitrdv6diJG3c6bdcX08a9/+falqfb1m/FBGnIuI3hfHa+sztlcrSoN88AAAAAAAAAAAAAAAAAAAAfCQma3P+q6XW+f+ZfxUGHR3Qd8X8r3yHk6fY8yurpUMNBDhyvec/cJxt7iv/R/oaC3D0Ouf/23fVmpbN3/lK32MCjkbX7f/fnO7DsOnx/N/PBTAE9P/BSdVln95Yv+MABkH7DwAAAAAAQ+XU2Zd/TyJi41vjtUdmNC8bH2hkQL+le5T7DoDhZQwvnFzFlUFHAAyKCf1AsrX0v9bJ/jWdR/8n/QkIAAAAAAAAAAAAAGhz7kzn+f/mBsBw23X+/14XBwCOtV3m/+80scflAmCIdL71h3l9MOyc4wN7tfbm/wMAAAAAAAAAAADAR2Dsyf3FSmX58er68Vu41tOrChExwOA3Fg+2n2ppUMGPRaei9/2pdCQiBv0ZO7SFLNkqleVqNWLvJzcuwTHAmPf+6ij1+asJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACo+zQAAP//2nUdUQ==")
r3 = openat(r2, &(0x7f00000000c0)='./file0\x00', 0x309440, 0x1b8)
mmap$perf(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, 0x80010, r3, 0xa) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r4}, 0x18) (async)
munmap(&(0x7f0000004000/0x2000)=nil, 0x2000) (async, rerun: 32)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401) (rerun: 32)
r6 = fcntl$dupfd(r5, 0x406, r5)
ioctl$USBDEVFS_SUBMITURB(r6, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x2, 0x3, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffcfffffa, 0x4031, 0xffffffffffffffff, 0x41d1000) (async)
madvise(&(0x7f00000bb000/0x1000)=nil, 0x1000, 0x1) (async, rerun: 64)
socket$inet6_tcp(0xa, 0x1, 0x0) (async, rerun: 64)
r7 = perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2000, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffff00000001, 0x1ff}, 0x0, 0x3, 0x0, 0x0, 0x8, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x11, r7, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002c80)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xd, &(0x7f0000000600)=ANY=[@ANYRES8, @ANYBLOB="c76f39ff5123e3ac6b65f127f2645dda88eeeb4b94106c00"/33, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b7040000000000008500000001"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x307, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x7, 0x0, 0x7, 0x4, 0x400008, 0x8000, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, r7, 0x3) (async)
socket$pppoe(0x18, 0x1, 0x0) (async)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000340)={0x18, 0x0, {0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, 'ip6gre0\x00'}}, 0x1e)

494.9773ms ago: executing program 3 (id=1464):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000240), 0x40900, 0x0)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x5ea3, 0x8, 0x8000, 0x400250}, &(0x7f0000000080)=<r2=>0x0, &(0x7f0000000400)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x0, @fd=r0, 0x8006, &(0x7f0000000300)=""/210, 0xd2, 0x2, 0x1})
io_uring_enter(r1, 0x4be7, 0x4c3, 0x43, 0x0, 0x0)

469.871161ms ago: executing program 2 (id=1465):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = memfd_create(&(0x7f00000005c0)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10`\xee\xa9\x8b\x06%\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xa96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xd9Jx\xaa\x8f~\xb94a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xd6m\xf7@]iNP\xf1\x1d\xab\x13\xce\x152s\xb8\x85\x98\x84\xbf\x8c\x80{\x16\t\xd6\x17P3\xe9\xebGKL\xd3\x88\xd2\rLG\x8e\xd6\xa72\xf4\x92\xeb&\xa5\xcc\x14FZN\x98%[p\x989\xf6\xf5\xb6\xedk\xe6\xb0\xa1\x8f\x90\xdb\xd6h)\x0f6\x88\x03P\x8ak\xf9\xc9\x82`\xa7Ku\x99\xab\xd4\xb2\xaa1\x99O\x8b\x99-\xe3', 0x1)
r2 = dup(r1)
writev(r2, &(0x7f0000000a40)=[{&(0x7f00000008c0)='#R', 0x2}], 0x1)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000480)=ANY=[], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r4, 0x10e, 0xc, &(0x7f0000000040)=0xe00000, 0x4)
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a0001970000ff7f0000000080"], 0x24}}, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x6, 0xfc, 0x0, 0x0, 0x0, 0x12524, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x1, @perf_bp={0x0, 0x3}, 0x0, 0xc8, 0x0, 0x1, 0x100000000000008, 0x0, 0x6, 0x0, 0x8, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000000f80)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r5, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102033200fe08000e40000200875a65969ff57bea000000000000000000000000ac1414aa"], 0xfdef)

469.386341ms ago: executing program 3 (id=1466):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001cc0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xe, &(0x7f0000000100)={[{@errors_remount}]}, 0x1, 0x51c, &(0x7f0000000900)="$eJzs3c9vW0kdAPCvnThJs+mmy+4BELBlWSioqvOj26jqhfaChKpKSBUnDm2UuFEUu47iVDShB/fYeyUqcYI/gRsHpJ44cOMGNy7lgFSgAjVIHIze80viJk7ibeI4iT8f6eW9mXH8nbE7M/ak9gTQty5GRD0ihiLifkSMZ/m57IibzSO53ds3T+Y23jyZy0WjcfefubQ8yYuW30l8kN3nyMc7ClrU1taXZsvl0kqWnlitLE/U1tavLOaznOmZqZnJ61evTR9ZWz+t/Pb1jxZv//T3v/vmqz/Vf/CLpFpjz86nZa3tOErNphdirCVvMCJudyNYjwxm/344fZLe9pWI+Czt/+MxkD6bAMBZ1miMR2O8NQ0AnHXJ+/+xyOWL2VrAWOTzxWJzDe+TGM2Xq7XVy+PVRw/nI13DuhCF/IPFcmkyWyu8EIVckp5Kr7fT0++kn5euRsRHEfF8+FxaXpyrlud7+cIHAPrYBzvm//8MN+d/AOCMG+l1BQCAY2f+B4D+Y/4HgP7zJeb/QR8PBICzwft/AOg/5n8A6D8Hzv9Pj6ceAMCx+MmdO8nR2Gh+//XmN3VfmS/VloqVR3PFuerKcnGhWl0ol4pzjcZB91euVpenvthK1tbW71Wqjx6u3luszC6U7pUK3WwMANCRjz59+Zdk0q/fOJce0bKXg7kazrZ8rysA9MxArysA9IyP80D/6uA9vmUAOOPabNH7jj3/i9ALm7/CaXXpa++3/m/dEE6/w/Rjawdwur3f+v8Pj7wewPGr97oCQM80Gjl7/gNAn/HHfaCDv//n6u0+/vuiWzUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk28sPXL5YroXeD35mS8WI85HxIUo5B4slkuTEfFhRPx5uDCcpKd6XWkA4JDyf89l+39dGv98bGfpUO6/w+k5In7+q7u/fDy7uroyleT/ayt/9UWWPz3UiwYAAK1u7s5qztPZueWN/Ns3T+Y2j+3cc12v4utbzc1Fk7gb2dEsGYzB9DwShYgY/XcuSzclr1cGjiB+/WlEfHW7/Y9bIoylayAjaWpn/CT2+S7E3378d8bPvxM/n5Yl50L6WHx8BHWBfvPyVnOczPpe0sWy/pePi+m5ff8fSUeow0vGv2Qs2dg1/uW3xr+BXfFzaZ+/uJXevyavv/jDj3dlNsabZU8jvj7YLn5uK36u/fhb+LzDNv71G9/6bK+yxq8jLrVt/+aO1JV0mJ1YrSxP1NbWryxWZhdKC6WH09MzUzOT169em55I16ibP//YLsY/blz+cK/4SftH94g/sn/747sdtv83/7v/s2/vE//732n//H+yT/xkTvxeh/FnR2+O7FWWxJ/fo/1tn/+1zdKIyx3Gf/W39fkObwoAHIPa2vrSbLlcWjngInmtedBtTvjFUES8x68PnojKd/Mi6hFHdYfpokTyQJ+Adrk4zEWvRyag27Y7fa9rAgAAAAAAAAAAAAAA7KW2tr403OVPa2XfI/Ss120FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg7Pl/AAAA//9j5co0")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
rt_sigpending(0x0, 0x0)

442.672492ms ago: executing program 0 (id=1467):
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0xc0041, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0)
ioctl$FS_IOC_GETFLAGS(r0, 0x5437, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000850000000800000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='sys_enter\x00', r6}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x446, &(0x7f0000000680)={[{@min_batch_time={'min_batch_time', 0x3d, 0x9}}, {@journal_dev={'journal_dev', 0x3d, 0x3}}, {@errors_continue}, {@noquota}, {@data_err_ignore}, {@noblock_validity}, {@delalloc}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@orlov}, {@user_xattr}, {@nodioread_nolock}, {@i_version}]}, 0x1, 0x553, &(0x7f0000001600)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000800)={{0x1, <r7=>0xffffffffffffffff}, &(0x7f0000000780), &(0x7f00000007c0)=r6}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x9, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000096000000000000000a00000043a95000ffffffff18480000fcffffff000000000000f0ff18430000080000000000000000000000850000008f00000095000000000000004c68b0ece8e965f60791c1fb220831087db097d972325e"], &(0x7f0000000200)='GPL\x00', 0x37be66e5, 0x5c, &(0x7f00000004c0)=""/92, 0x41100, 0x41, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000600)={0x5, 0xb, 0x8, 0x10000}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000840)=[r4, r7, r4, r4, r4], &(0x7f0000000880)=[{0x2, 0x5, 0x10, 0x2}]}, 0x94)
r8 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x42, 0x0)
fallocate(r8, 0x10, 0x6, 0x10001)
shmat(0x0, &(0x7f0000f62000/0x1000)=nil, 0x7000)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x6083, 0x3)
mbind(&(0x7f0000ff8000/0x8000)=nil, 0x8000, 0x8002, &(0x7f0000000180)=0x3ff, 0xc, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6tnl0\x00', <r9=>0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x18)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000000000)=0xf3e, 0x4)
sendto$packet(0xffffffffffffffff, &(0x7f0000000240)='V', 0x1, 0x0, &(0x7f0000000080)={0x11, 0x0, r9, 0x1, 0x0, 0x6, @dev}, 0x14)

388.712545ms ago: executing program 2 (id=1468):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000540)={0x214, 0x36, 0x200, 0x70bd26, 0x25dfdbfc, {0x7}, [@nested={0x155, 0x13d, 0x0, 0x1, [@generic="eba7129d531af0747d200300678a17810d990c69be2baa8ed58c8f55928c17629107b47914", @generic="298955b163a2f0a6f2443a8779bbe3cf0c1806aad1aa2816e04d082d359e3dd31e041b39e93cf37ff65ac47be9cd8114ee179e3be7ad74273541e7a2bfca7af13ff04c3892b13f411e2122803221d6eae4f5e3d4576b25b0d719e3fdacd126464ced5991c7b1f6de164513bcc765ee5f", @typed={0x8, 0xe5, 0x0, 0x0, @pid}, @typed={0xb1, 0xd5, 0x0, 0x0, @binary="a1b1048343b4c993629e04d0805021087b15f5d45362d4fbe9bf883e07e082b8c25dc07e425db1ac810ffe6b637b704567e0b5e80d9415252b911b8659d0915fbc2ca90dc23075cd46106335f593700269897f0dd0562b90370aa74ae72356d9f77297df0d8c992bbe8f24984a2a4f0fdb5ecd36edb637e32d83405f3710c480f36af9b50453553a52e2412aacdf5efc3dad99c12fc51a7f9f9df41426d6153f058df6d70354569ca6f91e318f"}]}, @typed={0x8, 0xa8, 0x0, 0x0, @fd=r2}, @nested={0x10, 0x83, 0x0, 0x1, [@typed={0xc, 0x6f, 0x0, 0x0, @u64=0x7}]}, @nested={0x90, 0x38, 0x0, 0x1, [@generic="1bbc2deb5525e186de2ab7df649dfc200c774ff643027100af7369d58509689e500145519d1e97505c0f9bf0298e6892c9cd2bedd52f28a1bac9b909d3fbf9e5580f1eb06b3d090ffb0cab399a7dc680d9f7c220cfc610f5965f8af54b351d048d7283cd90d58b11e0198f967145f7434d16fa484d7fb32cb70d437d67671cf3200ea0cd86eb6003", @nested={0x4, 0x88}]}]}, 0x214}, 0x1, 0x0, 0x0, 0x800}, 0x20044040)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x25, 0x18, @void}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r3, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000280)="b9ff03076804268c989e14f088a8", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

388.054134ms ago: executing program 2 (id=1469):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4fa}, 0x94)
r0 = syz_open_dev$sg(&(0x7f0000000280), 0x0, 0x22c43)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f00000000c0)=ANY=[]) (fail_nth: 4)

82.110487ms ago: executing program 1 (id=1470):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r0}, 0x4)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x101001)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x54a2)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x6, 0x11, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffff963}, [@call={0x85, 0x0, 0x0, 0x41}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xf)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x70}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe}, 0x82)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'geneve0\x00', <r3=>0x0})
sendto$packet(r2, &(0x7f0000000480)="3605bfa9b05d66571e583e7c88a8f90688a88f588c12", 0x16, 0x40080, &(0x7f0000000200)={0x11, 0x0, r3, 0x1, 0xfc, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x33}}, 0x14)
ioctl$TCFLSH(0xffffffffffffffff, 0x800455ca, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000100000007b8af8ff00000000bfa200000000000007140000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xffffffffffffffed)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r5}, 0x18)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r6}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r7}, 0x10)
alarm(0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r4}, &(0x7f0000000040), &(0x7f0000000280)=r5}, 0x20)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000006c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x18)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000081, &(0x7f0000000080)=ANY=[@ANYRES8=0x0, @ANYRES8, @ANYRES64, @ANYRES8], 0x0, 0x23e, &(0x7f0000000bc0)="$eJzs3c9qE1EUB+AzSdqmukgWrkRwQBeuStsnSJEKYldKFupCi21BklCwEGgVQ1c+gU/ic7jxDXwAoTtdFEYmSZsWUm0wf0r9vk0uzP3NOTe5Iau5eX2n1dja3ds5/PA9yuUkCrWoJUcR1ShEbiEAgOvmV5bFUdYzWrJUmFRPAMBkXfL3f3GKLQEAE/bs+Ysnaxsb60/TtBzR+tSuJ9F77V1f24m30YztWI5KHEdkp3rjR4831qOU5qpxv9Vp1/Nk69XX/v3XfkR08ytRierw/Eracybfadfn4ka/fi3Pr0Ylbg3Prw7JR30+Htw70/9SVOLbm9iNZmxFnh3kP66k6cPs88/3L/OO83zSadcXuvMGsuLUPxwAAAAAAAAAAAAAAAAAAAAAAK6tpTRN0yz7kmVZ1jl3/k7xuHt9KT1RPX8+Ty9/0flAnTPn6yznJZLe/EG+FLdLUZrl2gEAAAAAAAAAAAAAAAAAAOCq2Ns/aGw2m9vvxjo4eax//Hf+10EU+601k4gr0E93sJj3M51ad2PEWrURS0Rh/6Bxsrsam0n8JVWe0CbJhmy/4oWp+TFVn7853lUkETF3+mb+aXIh5sb8TQEAAAAAAAAAAAAAAAAAAKZs8NDvkIuHM2gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGZg8P//Iww6/fAlUzNeIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+B3wEAAP//bkR7Lg==")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r10 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r10, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x0, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)
getpid()

525.37µs ago: executing program 4 (id=1471):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/schedstat\x00', 0x0, 0x0)
pread64(r0, &(0x7f00000024c0)=""/209, 0xd1, 0x8)
syz_io_uring_setup(0x49a, &(0x7f0000000140)={0x0, 0x79af, 0x3380, 0x2, 0x40024e, 0x0, r0}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd_index=0x3, 0x6, 0x0, 0x0, 0x2, 0x1})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x18)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000480)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@map=0x1, r5, 0x2e, 0x0, 0xffffffffffffffff, @void, @value=0x0}, 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)=ANY=[], 0x20)
sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="300000001000010025bd7000f9dbdf2500000000", @ANYRES32=0x0, @ANYBLOB="158804000300000008001b000000000008000d0003"], 0x30}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x2, &(0x7f0000000140)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x1, 0xbf}, @exit], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x5417, 0x0, 0xffffffffffffffff, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x1}, 0x50)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000010000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x42, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000400)={'ip6gre0\x00', &(0x7f0000000380)={'syztnl2\x00', 0x0, 0x2f, 0xb, 0xb, 0x10001, 0x50, @private0, @private2={0xfc, 0x2, '\x00', 0x1}, 0x8007, 0x700, 0x8, 0x8001}})
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x100, 0x2000, 0x0, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
pipe2(&(0x7f0000001cc0), 0x80000)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r7}, 0x18)
r8 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x1, 0x8, 0xa0}, &(0x7f0000010080), &(0x7f0000000000))
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r8, 0x0, &(0x7f0000000140)=[{0x0}, {0x0}], 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r8, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20)

0s ago: executing program 2 (id=1472):
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x10, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="1802000000000020010000008068c48600100003000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x100400, 0x0, 0x0, 0x41000, 0xa}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x51b4899901444f95, 0x82)
fcntl$notify(r1, 0x402, 0x3)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x3fffffffc}, 0x0, 0x0, 0x0, 0x3, 0xfff, 0x8001, 0xfff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
capset(&(0x7f0000000340)={0x19980330}, &(0x7f00000002c0)={0x200000, 0xc, 0x0, 0x2, 0x2})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002105000d40930000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c000100636f756e74657200100001800900"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x40000)
sendmsg$OSF_MSG_REMOVE(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000002240)=ANY=[@ANYBLOB], 0x12b4}, 0x1, 0x0, 0x0, 0x800}, 0x40)
bind$netlink(r2, &(0x7f00000001c0)={0x10, 0x0, 0x25dfdbfb, 0x20000}, 0xc)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc9ffe}]})
add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
ioctl$SG_IO(r3, 0x2285, &(0x7f00000000c0)={0x53, 0xfffffffffffffffe, 0x7, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000380)="0dd7f97978bd4f", 0x0, 0x3, 0x10001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000})
r6 = shmget(0x0, 0x2000, 0x2c000400, &(0x7f0000fae000/0x2000)=nil)
shmctl$IPC_RMID(r6, 0x0)
shmat(r6, &(0x7f0000ffb000/0x2000)=nil, 0x2000)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x141842, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
ftruncate(r8, 0x4)
copy_file_range(r8, 0x0, r7, 0x0, 0xffffffffa003e459, 0x700000000000000)

kernel console output (not intermixed with test programs):

527][ T6444]  <TASK>
[   84.797553][ T6444]  __dump_stack+0x1d/0x30
[   84.797575][ T6444]  dump_stack_lvl+0xe8/0x140
[   84.797595][ T6444]  dump_stack+0x15/0x1b
[   84.797613][ T6444]  should_fail_ex+0x265/0x280
[   84.797645][ T6444]  should_failslab+0x8c/0xb0
[   84.797694][ T6444]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   84.797719][ T6444]  ? __alloc_skb+0x101/0x320
[   84.797772][ T6444]  __alloc_skb+0x101/0x320
[   84.797850][ T6444]  tipc_msg_build+0xbe/0x840
[   84.797878][ T6444]  ? tipc_node_xmit+0x18b/0x890
[   84.797909][ T6444]  __tipc_sendstream+0x663/0xb20
[   84.797990][ T6444]  ? __pfx_woken_wake_function+0x10/0x10
[   84.798126][ T6444]  tipc_sendstream+0x3e/0x60
[   84.798281][ T6444]  ? __pfx_tipc_sendstream+0x10/0x10
[   84.798310][ T6444]  __sock_sendmsg+0x145/0x180
[   84.798330][ T6444]  ____sys_sendmsg+0x345/0x4e0
[   84.798349][ T6444]  ___sys_sendmsg+0x17b/0x1d0
[   84.798381][ T6444]  __sys_sendmmsg+0x178/0x300
[   84.798463][ T6444]  __x64_sys_sendmmsg+0x57/0x70
[   84.798482][ T6444]  x64_sys_call+0x1c4a/0x3000
[   84.798548][ T6444]  do_syscall_64+0xd2/0x200
[   84.798571][ T6444]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   84.798599][ T6444]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   84.798678][ T6444]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.798695][ T6444] RIP: 0033:0x7ff9acd3f749
[   84.798708][ T6444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.798785][ T6444] RSP: 002b:00007ff9ab77e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   84.798805][ T6444] RAX: ffffffffffffffda RBX: 00007ff9acf96090 RCX: 00007ff9acd3f749
[   84.798861][ T6444] RDX: 0000000000000005 RSI: 0000200000000640 RDI: 0000000000000006
[   84.798871][ T6444] RBP: 00007ff9ab77e090 R08: 0000000000000000 R09: 0000000000000000
[   84.798881][ T6444] R10: 00000000200000d1 R11: 0000000000000246 R12: 0000000000000001
[   84.798892][ T6444] R13: 00007ff9acf96128 R14: 00007ff9acf96090 R15: 00007ffdfd99d018
[   84.798935][ T6444]  </TASK>
[   85.146200][ T6450] netlink: 100 bytes leftover after parsing attributes in process `syz.4.1015'.
[   85.189345][ T5405] Bluetooth: hci0: Frame reassembly failed (-84)
[   85.196921][ T6425] Bluetooth: hci0: Frame reassembly failed (-90)
[   85.209041][ T6425] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1006'.
[   85.359941][ T5375] Bluetooth: hci1: Frame reassembly failed (-84)
[   85.367488][ T6472] netlink: 'syz.4.1022': attribute type 1 has an invalid length.
[   85.375268][ T6472] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1022'.
[   85.505752][ T6482] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1025'.
[   85.543157][ T6486] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1026'.
[   85.592571][ T6489] FAULT_INJECTION: forcing a failure.
[   85.592571][ T6489] name failslab, interval 1, probability 0, space 0, times 0
[   85.605270][ T6489] CPU: 1 UID: 0 PID: 6489 Comm: syz.2.1028 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   85.605325][ T6489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   85.605337][ T6489] Call Trace:
[   85.605343][ T6489]  <TASK>
[   85.605350][ T6489]  __dump_stack+0x1d/0x30
[   85.605372][ T6489]  dump_stack_lvl+0xe8/0x140
[   85.605391][ T6489]  dump_stack+0x15/0x1b
[   85.605482][ T6489]  should_fail_ex+0x265/0x280
[   85.605513][ T6489]  ? nft_trans_table_add+0x36/0x190
[   85.605535][ T6489]  should_failslab+0x8c/0xb0
[   85.605570][ T6489]  __kmalloc_cache_noprof+0x4c/0x4a0
[   85.605601][ T6489]  nft_trans_table_add+0x36/0x190
[   85.605712][ T6489]  nf_tables_newtable+0x955/0xea0
[   85.605742][ T6489]  nfnetlink_rcv+0xbc9/0x16c0
[   85.605849][ T6489]  ? kmem_cache_free+0xe4/0x3d0
[   85.605898][ T6489]  netlink_unicast+0x5c0/0x690
[   85.605928][ T6489]  netlink_sendmsg+0x58b/0x6b0
[   85.606027][ T6489]  ? __pfx_netlink_sendmsg+0x10/0x10
[   85.606046][ T6489]  __sock_sendmsg+0x145/0x180
[   85.606070][ T6489]  ____sys_sendmsg+0x31e/0x4e0
[   85.606167][ T6489]  ___sys_sendmsg+0x17b/0x1d0
[   85.606197][ T6489]  __x64_sys_sendmsg+0xd4/0x160
[   85.606218][ T6489]  x64_sys_call+0x191e/0x3000
[   85.606240][ T6489]  do_syscall_64+0xd2/0x200
[   85.606318][ T6489]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   85.606351][ T6489]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   85.606492][ T6489]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.606513][ T6489] RIP: 0033:0x7f952eeaf749
[   85.606527][ T6489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.606544][ T6489] RSP: 002b:00007f952d917038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   85.606563][ T6489] RAX: ffffffffffffffda RBX: 00007f952f105fa0 RCX: 00007f952eeaf749
[   85.606575][ T6489] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000004
[   85.606651][ T6489] RBP: 00007f952d917090 R08: 0000000000000000 R09: 0000000000000000
[   85.606663][ T6489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   85.606675][ T6489] R13: 00007f952f106038 R14: 00007f952f105fa0 R15: 00007ffc1cb1e5a8
[   85.606693][ T6489]  </TASK>
[   85.838935][ T6491] FAULT_INJECTION: forcing a failure.
[   85.838935][ T6491] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   85.852102][ T6491] CPU: 1 UID: 0 PID: 6491 Comm: syz.2.1029 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   85.852125][ T6491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   85.852135][ T6491] Call Trace:
[   85.852141][ T6491]  <TASK>
[   85.852148][ T6491]  __dump_stack+0x1d/0x30
[   85.852169][ T6491]  dump_stack_lvl+0xe8/0x140
[   85.852268][ T6491]  dump_stack+0x15/0x1b
[   85.852282][ T6491]  should_fail_ex+0x265/0x280
[   85.852310][ T6491]  should_fail+0xb/0x20
[   85.852351][ T6491]  should_fail_usercopy+0x1a/0x20
[   85.852368][ T6491]  strncpy_from_user+0x25/0x230
[   85.852448][ T6491]  ? kmem_cache_alloc_noprof+0x242/0x480
[   85.852472][ T6491]  ? getname_flags+0x80/0x3b0
[   85.852498][ T6491]  getname_flags+0xae/0x3b0
[   85.852594][ T6491]  user_path_at+0x28/0x130
[   85.852610][ T6491]  user_statfs+0x4d/0x110
[   85.852637][ T6491]  __x64_sys_statfs+0x65/0xf0
[   85.852654][ T6491]  ? fput+0x8f/0xc0
[   85.852674][ T6491]  ? ksys_write+0x192/0x1a0
[   85.852723][ T6491]  x64_sys_call+0x2a07/0x3000
[   85.852912][ T6491]  do_syscall_64+0xd2/0x200
[   85.852929][ T6491]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   85.852993][ T6491]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   85.853060][ T6491]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.853116][ T6491] RIP: 0033:0x7f952eeaf749
[   85.853129][ T6491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.853148][ T6491] RSP: 002b:00007f952d917038 EFLAGS: 00000246 ORIG_RAX: 0000000000000089
[   85.853164][ T6491] RAX: ffffffffffffffda RBX: 00007f952f105fa0 RCX: 00007f952eeaf749
[   85.853174][ T6491] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   85.853184][ T6491] RBP: 00007f952d917090 R08: 0000000000000000 R09: 0000000000000000
[   85.853194][ T6491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   85.853239][ T6491] R13: 00007f952f106038 R14: 00007f952f105fa0 R15: 00007ffc1cb1e5a8
[   85.853254][ T6491]  </TASK>
[   86.147750][ T6504] FAULT_INJECTION: forcing a failure.
[   86.147750][ T6504] name failslab, interval 1, probability 0, space 0, times 0
[   86.160399][ T6504] CPU: 1 UID: 0 PID: 6504 Comm: syz.4.1033 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   86.160446][ T6504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   86.160458][ T6504] Call Trace:
[   86.160465][ T6504]  <TASK>
[   86.160473][ T6504]  __dump_stack+0x1d/0x30
[   86.160495][ T6504]  dump_stack_lvl+0xe8/0x140
[   86.160514][ T6504]  dump_stack+0x15/0x1b
[   86.160531][ T6504]  should_fail_ex+0x265/0x280
[   86.160637][ T6504]  ? __hw_addr_add_ex+0x162/0x440
[   86.160665][ T6504]  should_failslab+0x8c/0xb0
[   86.160698][ T6504]  __kmalloc_cache_noprof+0x4c/0x4a0
[   86.160767][ T6504]  __hw_addr_add_ex+0x162/0x440
[   86.160796][ T6504]  ? __pfx_wg_setup+0x10/0x10
[   86.160815][ T6504]  dev_addr_init+0xb1/0x120
[   86.160839][ T6504]  alloc_netdev_mqs+0x1ca/0xa50
[   86.160868][ T6504]  rtnl_create_link+0x239/0x710
[   86.160900][ T6504]  rtnl_newlink_create+0x14c/0x620
[   86.160991][ T6504]  ? security_capable+0x83/0x90
[   86.161020][ T6504]  ? netlink_ns_capable+0x86/0xa0
[   86.161059][ T6504]  rtnl_newlink+0xf29/0x12d0
[   86.161097][ T6504]  ? xas_load+0x413/0x430
[   86.161118][ T6504]  ? avc_has_perm_noaudit+0xe0/0x200
[   86.161135][ T6504]  ? __rcu_read_unlock+0x4f/0x70
[   86.161156][ T6504]  ? avc_has_perm_noaudit+0x1b1/0x200
[   86.161188][ T6504]  ? cred_has_capability+0x210/0x280
[   86.161220][ T6504]  ? selinux_capable+0x31/0x40
[   86.161308][ T6504]  ? security_capable+0x83/0x90
[   86.161339][ T6504]  ? ns_capable+0x7d/0xb0
[   86.161359][ T6504]  ? __pfx_rtnl_newlink+0x10/0x10
[   86.161377][ T6504]  rtnetlink_rcv_msg+0x5fe/0x6d0
[   86.161441][ T6504]  netlink_rcv_skb+0x123/0x220
[   86.161471][ T6504]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   86.161498][ T6504]  rtnetlink_rcv+0x1c/0x30
[   86.161517][ T6504]  netlink_unicast+0x5c0/0x690
[   86.161593][ T6504]  netlink_sendmsg+0x58b/0x6b0
[   86.161614][ T6504]  ? __pfx_netlink_sendmsg+0x10/0x10
[   86.161712][ T6504]  __sock_sendmsg+0x145/0x180
[   86.161868][ T6504]  ____sys_sendmsg+0x31e/0x4e0
[   86.161887][ T6504]  ___sys_sendmsg+0x17b/0x1d0
[   86.161910][ T6504]  __x64_sys_sendmsg+0xd4/0x160
[   86.161957][ T6504]  x64_sys_call+0x191e/0x3000
[   86.161977][ T6504]  do_syscall_64+0xd2/0x200
[   86.161993][ T6504]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   86.162018][ T6504]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   86.162063][ T6504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.162150][ T6504] RIP: 0033:0x7faab5e8f749
[   86.162162][ T6504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.162229][ T6504] RSP: 002b:00007faab489b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   86.162247][ T6504] RAX: ffffffffffffffda RBX: 00007faab60e6090 RCX: 00007faab5e8f749
[   86.162260][ T6504] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000004
[   86.162271][ T6504] RBP: 00007faab489b090 R08: 0000000000000000 R09: 0000000000000000
[   86.162282][ T6504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   86.162334][ T6504] R13: 00007faab60e6128 R14: 00007faab60e6090 R15: 00007ffcca177968
[   86.162352][ T6504]  </TASK>
[   86.707156][ T6508] loop4: detected capacity change from 0 to 2048
[   86.739190][ T6508] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #2: comm syz.4.1036: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 260(4), depth 0(0)
[   86.757575][ T6508] EXT4-fs (loop4): get root inode failed
[   86.763251][ T6508] EXT4-fs (loop4): mount failed
[   86.932848][ T6516] loop2: detected capacity change from 0 to 128
[   86.966693][ T6518] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=6518 comm=syz.2.1038
[   87.228287][ T6474] Bluetooth: hci0: command 0x1003 tx timeout
[   87.234427][ T3566] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   87.388980][ T4951] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   87.617054][ T6528] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.722445][ T6528] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.796525][ T6528] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.810326][ T6538] loop3: detected capacity change from 0 to 128
[   87.882702][ T6528] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.910378][ T6544] syz.3.1046: attempt to access beyond end of device
[   87.910378][ T6544] loop3: rw=2049, sector=145, nr_sectors = 8 limit=128
[   87.924043][ T6544] syz.3.1046: attempt to access beyond end of device
[   87.924043][ T6544] loop3: rw=2049, sector=161, nr_sectors = 8 limit=128
[   87.937998][ T6544] syz.3.1046: attempt to access beyond end of device
[   87.937998][ T6544] loop3: rw=2049, sector=177, nr_sectors = 8 limit=128
[   87.940543][ T6542] netlink: 'syz.1.1048': attribute type 1 has an invalid length.
[   87.952370][ T6544] syz.3.1046: attempt to access beyond end of device
[   87.952370][ T6544] loop3: rw=2049, sector=193, nr_sectors = 8 limit=128
[   87.973507][ T6544] syz.3.1046: attempt to access beyond end of device
[   87.973507][ T6544] loop3: rw=2049, sector=209, nr_sectors = 8 limit=128
[   87.987032][ T6544] syz.3.1046: attempt to access beyond end of device
[   87.987032][ T6544] loop3: rw=2049, sector=225, nr_sectors = 8 limit=128
[   88.005620][ T5382] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.036252][ T5382] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.058908][ T5382] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.078601][ T5382] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.105774][ T6544] syz.3.1046: attempt to access beyond end of device
[   88.105774][ T6544] loop3: rw=2049, sector=241, nr_sectors = 8 limit=128
[   88.124052][ T6555] FAULT_INJECTION: forcing a failure.
[   88.124052][ T6555] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   88.137208][ T6555] CPU: 0 UID: 0 PID: 6555 Comm: syz.2.1054 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   88.137236][ T6555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   88.137248][ T6555] Call Trace:
[   88.137254][ T6555]  <TASK>
[   88.137260][ T6555]  __dump_stack+0x1d/0x30
[   88.137278][ T6555]  dump_stack_lvl+0xe8/0x140
[   88.137372][ T6555]  dump_stack+0x15/0x1b
[   88.137389][ T6555]  should_fail_ex+0x265/0x280
[   88.137421][ T6555]  should_fail+0xb/0x20
[   88.137436][ T6555]  should_fail_usercopy+0x1a/0x20
[   88.137490][ T6555]  copy_folio_from_iter_atomic+0x278/0x11b0
[   88.137515][ T6555]  ? shmem_write_begin+0xa8/0x190
[   88.137531][ T6555]  ? shmem_write_begin+0xe1/0x190
[   88.137617][ T6555]  generic_perform_write+0x2c2/0x490
[   88.137638][ T6555]  shmem_file_write_iter+0xc5/0xf0
[   88.137659][ T6555]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   88.137679][ T6555]  vfs_write+0x52a/0x960
[   88.137772][ T6555]  ksys_write+0xda/0x1a0
[   88.137797][ T6555]  __x64_sys_write+0x40/0x50
[   88.137818][ T6555]  x64_sys_call+0x2802/0x3000
[   88.137840][ T6555]  do_syscall_64+0xd2/0x200
[   88.137907][ T6555]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   88.137930][ T6555]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   88.137957][ T6555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.138039][ T6555] RIP: 0033:0x7f952eeae1ff
[   88.138051][ T6555] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   88.138066][ T6555] RSP: 002b:00007f952d916d40 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   88.138198][ T6555] RAX: ffffffffffffffda RBX: 0000000000100000 RCX: 00007f952eeae1ff
[   88.138212][ T6555] RDX: 0000000000100000 RSI: 00007f95254f7000 RDI: 0000000000000007
[   88.138225][ T6555] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000599
[   88.138295][ T6555] R10: 0000200000000002 R11: 0000000000000293 R12: 0000000000000007
[   88.138343][ T6555] R13: 00007f952d916dec R14: 00007f952d916df0 R15: 00007f95254f7000
[   88.138363][ T6555]  </TASK>
[   88.355124][ T6544] syz.3.1046: attempt to access beyond end of device
[   88.355124][ T6544] loop3: rw=2049, sector=257, nr_sectors = 8 limit=128
[   88.368578][   T29] kauditd_printk_skb: 748 callbacks suppressed
[   88.368592][   T29] audit: type=1400 audit(1763790382.943:6730): avc:  denied  { ioctl } for  pid=6550 comm="syz.1.1052" path="/dev/ptp0" dev="devtmpfs" ino=245 ioctlcmd=0x3d0f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   88.399655][   T29] audit: type=1326 audit(1763790382.953:6731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6550 comm="syz.1.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7acd15f749 code=0x7ffc0000
[   88.423065][   T29] audit: type=1326 audit(1763790382.953:6732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6550 comm="syz.1.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7acd15f749 code=0x7ffc0000
[   88.446458][   T29] audit: type=1326 audit(1763790382.953:6733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6550 comm="syz.1.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f7acd15e1ff code=0x7ffc0000
[   88.469716][   T29] audit: type=1326 audit(1763790382.953:6734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6550 comm="syz.1.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7acd15f749 code=0x7ffc0000
[   88.493083][   T29] audit: type=1326 audit(1763790382.953:6735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6550 comm="syz.1.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7acd15f749 code=0x7ffc0000
[   88.519427][ T6544] syz.3.1046: attempt to access beyond end of device
[   88.519427][ T6544] loop3: rw=2049, sector=273, nr_sectors = 8 limit=128
[   88.526998][ T6555] loop2: detected capacity change from 0 to 2048
[   88.544569][ T6566] loop0: detected capacity change from 0 to 1024
[   88.551423][ T6566] EXT4-fs: Ignoring removed orlov option
[   88.557081][ T6566] EXT4-fs: Ignoring removed orlov option
[   88.563557][ T6544] syz.3.1046: attempt to access beyond end of device
[   88.563557][ T6544] loop3: rw=2049, sector=289, nr_sectors = 8 limit=128
[   88.582299][ T6566] EXT4-fs (loop0): unsupported inode size: 2048
[   88.588643][ T6566] EXT4-fs (loop0): blocksize: 1024
[   88.650574][ T6555] Alternate GPT is invalid, using primary GPT.
[   88.655885][ T6574] netlink: 'syz.0.1063': attribute type 1 has an invalid length.
[   88.656905][ T6555]  loop2: p2 p3 p7
[   88.699322][   T29] audit: type=1400 audit(1763790383.283:6736): avc:  denied  { ioctl } for  pid=6575 comm="syz.3.1062" path="socket:[15977]" dev="sockfs" ino=15977 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   88.732922][   T29] audit: type=1326 audit(1763790383.303:6737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6583 comm="syz.3.1066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb28915f749 code=0x7ffc0000
[   88.756475][   T29] audit: type=1326 audit(1763790383.303:6738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6583 comm="syz.3.1066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb28915df90 code=0x7ffc0000
[   88.780059][   T29] audit: type=1326 audit(1763790383.303:6739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6583 comm="syz.3.1066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb28915df90 code=0x7ffc0000
[   88.968119][ T6603] netlink: 'syz.3.1070': attribute type 10 has an invalid length.
[   88.989904][ T6604] loop4: detected capacity change from 0 to 128
[   89.021012][ T6598] bond0: (slave macvlan1): Releasing backup interface
[   89.048658][ T6604] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   89.083496][ T6609] loop0: detected capacity change from 0 to 1024
[   89.141182][ T6609] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   89.159313][ T6613] netlink: 'syz.3.1075': attribute type 1 has an invalid length.
[   89.169693][ T6604] ext4 filesystem being mounted at /227/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   89.205475][ T6609] ext4 filesystem being mounted at /209/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.226653][ T6609] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #15: comm syz.0.1074: lblock 0 mapped to illegal pblock 0 (length 6)
[   89.240133][ T6609] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117
[   89.252429][ T6609] EXT4-fs (loop0): This should not happen!! Data will be lost
[   89.252429][ T6609] 
[   89.277713][ T6617] random: crng reseeded on system resumption
[   89.330697][ T6616] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   89.344432][ T6609] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #15: block 7: comm syz.0.1074: lblock 7 mapped to illegal pblock 7 (length 9)
[   89.374126][ T6618] loop3: detected capacity change from 0 to 128
[   89.457199][ T6609] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 7 with max blocks 9 with error 117
[   89.469533][ T6609] EXT4-fs (loop0): This should not happen!! Data will be lost
[   89.469533][ T6609] 
[   89.511896][ T5383] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:40: bg 0: block 112: padding at end of block bitmap is not set
[   89.563517][ T5383] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 1 with error 117
[   89.575916][ T5383] EXT4-fs (loop0): This should not happen!! Data will be lost
[   89.575916][ T5383] 
[   89.676880][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   89.802571][ T6629] __nla_validate_parse: 13 callbacks suppressed
[   89.802587][ T6629] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1081'.
[   89.916650][ T6641] netlink: 'syz.2.1086': attribute type 1 has an invalid length.
[   89.924451][ T6641] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1086'.
[   89.948360][ T6643] netlink: 'syz.0.1085': attribute type 10 has an invalid length.
[   89.948865][ T6643] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1085'.
[   89.985218][ T6647] FAULT_INJECTION: forcing a failure.
[   89.985218][ T6647] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   89.985244][ T6647] CPU: 1 UID: 0 PID: 6647 Comm: syz.0.1088 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   89.985266][ T6647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   89.985276][ T6647] Call Trace:
[   89.985281][ T6647]  <TASK>
[   89.985286][ T6647]  __dump_stack+0x1d/0x30
[   89.985305][ T6647]  dump_stack_lvl+0xe8/0x140
[   89.985386][ T6647]  dump_stack+0x15/0x1b
[   89.985411][ T6647]  should_fail_ex+0x265/0x280
[   89.985494][ T6647]  should_fail_alloc_page+0xf2/0x100
[   89.985526][ T6647]  __alloc_frozen_pages_noprof+0xff/0x360
[   89.985570][ T6647]  alloc_pages_mpol+0xb3/0x260
[   89.985593][ T6647]  vma_alloc_folio_noprof+0x1aa/0x300
[   89.985618][ T6647]  handle_mm_fault+0xec2/0x2be0
[   89.985644][ T6647]  ? vma_start_read+0x141/0x1f0
[   89.985709][ T6647]  do_user_addr_fault+0x630/0x1080
[   89.985785][ T6647]  ? fpregs_assert_state_consistent+0xb4/0xe0
[   89.985818][ T6647]  exc_page_fault+0x62/0xa0
[   89.985907][ T6647]  asm_exc_page_fault+0x26/0x30
[   89.985927][ T6647] RIP: 0033:0x7ff9acc00943
[   89.985943][ T6647] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[   89.986025][ T6647] RSP: 002b:00007ff9ab79e4a0 EFLAGS: 00010202
[   89.986041][ T6647] RAX: 0000000000003000 RBX: 00007ff9ab79e540 RCX: 00007ff9a337f000
[   89.986055][ T6647] RDX: 00007ff9ab79e6e0 RSI: 000000000000006d RDI: 00007ff9ab79e5e0
[   89.986068][ T6647] RBP: 00000000000000ab R08: 0000000000000007 R09: 0000000000000040
[   89.986081][ T6647] R10: 0000000000000052 R11: 00007ff9ab79e540 R12: 0000000000000001
[   89.986131][ T6647] R13: 00007ff9acddfc40 R14: 0000000000000002 R15: 00007ff9ab79e5e0
[   89.986226][ T6647]  </TASK>
[   89.986235][ T6647] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   89.991978][ T6647] loop0: detected capacity change from 0 to 512
[   89.992437][ T6647] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   89.998889][ T6645] vhci_hcd: invalid port number 96
[   89.998898][ T6645] vhci_hcd: default hub control req: 2000 vfffc i0060 l7
[   90.009613][ T6647] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   90.009764][ T6647] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1088: bg 0: block 248: padding at end of block bitmap is not set
[   90.009921][ T6647] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1088: Failed to acquire dquot type 1
[   90.010368][ T6647] EXT4-fs (loop0): 1 truncate cleaned up
[   90.012062][ T6647] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[   90.427986][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[   90.490724][ T6662] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1090'.
[   90.560637][ T6666] bridge0: entered promiscuous mode
[   90.572517][ T6666] bridge0: port 3(macvtap1) entered blocking state
[   90.579175][ T6666] bridge0: port 3(macvtap1) entered disabled state
[   90.593281][ T6666] macvtap1: entered allmulticast mode
[   90.594362][ T3313] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   90.598722][ T6666] bridge0: entered allmulticast mode
[   90.614025][ T6666] macvtap1: left allmulticast mode
[   90.619199][ T6666] bridge0: left allmulticast mode
[   90.625438][ T6672] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1097'.
[   90.646021][ T6666] bridge0: left promiscuous mode
[   90.682689][ T6678] netlink: 'syz.0.1099': attribute type 10 has an invalid length.
[   90.690673][ T6674] loop3: detected capacity change from 0 to 512
[   90.691026][ T6678] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1099'.
[   90.725826][ T6674] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   90.744286][ T6674] EXT4-fs (loop3): invalid journal inode
[   90.764646][ T6674] EXT4-fs (loop3): can't get journal size
[   90.779891][ T6674] EXT4-fs (loop3): 1 truncate cleaned up
[   90.795941][ T6674] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   90.796374][ T6685] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.846903][ T6691] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1106'.
[   90.856989][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.869958][ T6685] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.892873][ T6693] SELinux:  Context system_u:object is not valid (left unmapped).
[   90.931791][ T6697] loop0: detected capacity change from 0 to 512
[   90.946688][ T6685] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.961805][ T6697] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.979683][ T6697] ext4 filesystem being mounted at /220/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   91.003938][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.032019][ T6685] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.049013][ T6701] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=6701 comm=syz.4.1109
[   91.103911][ T5383] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.114006][ T6709] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=59329 sclass=netlink_route_socket pid=6709 comm=syz.1.1113
[   91.127171][ T5383] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.135887][ T6709] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1113'.
[   91.145708][ T5370] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.158836][ T5370] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.200722][ T6715] loop0: detected capacity change from 0 to 164
[   91.201658][ T6716] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   91.222649][ T6720] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1117'.
[   91.236909][ T6715] FAULT_INJECTION: forcing a failure.
[   91.236909][ T6715] name failslab, interval 1, probability 0, space 0, times 0
[   91.249598][ T6715] CPU: 0 UID: 0 PID: 6715 Comm: syz.0.1115 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   91.249682][ T6715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   91.249709][ T6715] Call Trace:
[   91.249714][ T6715]  <TASK>
[   91.249719][ T6715]  __dump_stack+0x1d/0x30
[   91.249738][ T6715]  dump_stack_lvl+0xe8/0x140
[   91.249756][ T6715]  dump_stack+0x15/0x1b
[   91.249772][ T6715]  should_fail_ex+0x265/0x280
[   91.249821][ T6715]  ? alloc_bprm+0x5c/0x350
[   91.249841][ T6715]  should_failslab+0x8c/0xb0
[   91.249928][ T6715]  __kmalloc_cache_noprof+0x4c/0x4a0
[   91.249992][ T6715]  alloc_bprm+0x5c/0x350
[   91.250150][ T6715]  do_execveat_common+0x12e/0x750
[   91.250176][ T6715]  ? getname_flags+0x154/0x3b0
[   91.250272][ T6715]  __x64_sys_execveat+0x73/0x90
[   91.250296][ T6715]  x64_sys_call+0x1fec/0x3000
[   91.250315][ T6715]  do_syscall_64+0xd2/0x200
[   91.250408][ T6715]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   91.250433][ T6715]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   91.250464][ T6715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.250500][ T6715] RIP: 0033:0x7ff9acd3f749
[   91.250513][ T6715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.250528][ T6715] RSP: 002b:00007ff9ab79f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[   91.250564][ T6715] RAX: ffffffffffffffda RBX: 00007ff9acf95fa0 RCX: 00007ff9acd3f749
[   91.250575][ T6715] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[   91.250587][ T6715] RBP: 00007ff9ab79f090 R08: 0000000000001000 R09: 0000000000000000
[   91.250659][ T6715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.250671][ T6715] R13: 00007ff9acf96038 R14: 00007ff9acf95fa0 R15: 00007ffdfd99d018
[   91.250690][ T6715]  </TASK>
[   91.449544][ T6728] FAULT_INJECTION: forcing a failure.
[   91.449544][ T6728] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   91.462724][ T6728] CPU: 1 UID: 0 PID: 6728 Comm: syz.2.1121 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   91.462750][ T6728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   91.462763][ T6728] Call Trace:
[   91.462769][ T6728]  <TASK>
[   91.462777][ T6728]  __dump_stack+0x1d/0x30
[   91.462799][ T6728]  dump_stack_lvl+0xe8/0x140
[   91.462820][ T6728]  dump_stack+0x15/0x1b
[   91.462883][ T6728]  should_fail_ex+0x265/0x280
[   91.462917][ T6728]  should_fail+0xb/0x20
[   91.462933][ T6728]  should_fail_usercopy+0x1a/0x20
[   91.462954][ T6728]  _copy_to_user+0x20/0xa0
[   91.463014][ T6728]  simple_read_from_buffer+0xb5/0x130
[   91.463039][ T6728]  proc_fail_nth_read+0x10e/0x150
[   91.463066][ T6728]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   91.463090][ T6728]  vfs_read+0x1a8/0x770
[   91.463218][ T6728]  ? __rcu_read_unlock+0x4f/0x70
[   91.463282][ T6728]  ? __fget_files+0x184/0x1c0
[   91.463320][ T6728]  ksys_read+0xda/0x1a0
[   91.463346][ T6728]  __x64_sys_read+0x40/0x50
[   91.463431][ T6728]  x64_sys_call+0x27c0/0x3000
[   91.463453][ T6728]  do_syscall_64+0xd2/0x200
[   91.463475][ T6728]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   91.463503][ T6728]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   91.463568][ T6728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.463586][ T6728] RIP: 0033:0x7f952eeae15c
[   91.463601][ T6728] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   91.463675][ T6728] RSP: 002b:00007f952d917030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   91.463694][ T6728] RAX: ffffffffffffffda RBX: 00007f952f105fa0 RCX: 00007f952eeae15c
[   91.463708][ T6728] RDX: 000000000000000f RSI: 00007f952d9170a0 RDI: 0000000000000007
[   91.463721][ T6728] RBP: 00007f952d917090 R08: 0000000000000000 R09: 0000000000000000
[   91.463733][ T6728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.463745][ T6728] R13: 00007f952f106038 R14: 00007f952f105fa0 R15: 00007ffc1cb1e5a8
[   91.463764][ T6728]  </TASK>
[   91.697806][ T6735] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   91.705631][ T6736] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   91.716859][ T6734] loop0: detected capacity change from 0 to 512
[   91.773628][ T6743] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1123'.
[   91.793126][ T6734] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.1124: bg 0: block 5: invalid block bitmap
[   91.813561][ T6742] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.840437][ T6734] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6667: Corrupt filesystem
[   91.850187][ T6734] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.1124: invalid indirect mapped block 3 (level 2)
[   91.866103][ T6734] EXT4-fs (loop0): 2 truncates cleaned up
[   91.872548][ T6734] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.886099][ T6742] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.950800][ T6742] bond0: (slave netdevsim1): Releasing backup interface
[   91.973223][ T6742] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.978879][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.993523][ T6753] loop2: detected capacity change from 0 to 128
[   92.010815][ T6753] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   92.049520][ T6742] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.068407][ T6753] ext4 filesystem being mounted at /242/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   92.154186][ T5378] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.189420][ T5378] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.207859][ T5378] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.226642][ T5378] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.417760][ T6781] loop0: detected capacity change from 0 to 2048
[   92.491942][ T6781] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.517483][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.704221][ T6792] loop3: detected capacity change from 0 to 1024
[   92.710975][ T6792] EXT4-fs: Ignoring removed orlov option
[   92.716703][ T6792] EXT4-fs: Ignoring removed i_version option
[   92.758409][ T6760] loop4: detected capacity change from 0 to 2048
[   92.773329][ T6777] loop1: detected capacity change from 0 to 2048
[   92.794722][ T6792] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.832032][ T6777] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #2: comm syz.1.1138: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 260(4), depth 0(0)
[   92.889332][ T6777] EXT4-fs (loop1): get root inode failed
[   92.894983][ T6777] EXT4-fs (loop1): mount failed
[   92.928639][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.953004][ T6760] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #2: comm syz.4.1133: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 260(4), depth 0(0)
[   92.971854][ T3315] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   93.068959][ T6760] EXT4-fs (loop4): get root inode failed
[   93.074641][ T6760] EXT4-fs (loop4): mount failed
[   93.119993][ T6811] netlink: 'syz.3.1146': attribute type 10 has an invalid length.
[   93.260149][ T6809] loop2: detected capacity change from 0 to 1024
[   93.266949][ T6809] EXT4-fs: Ignoring removed bh option
[   93.288129][ T6809] EXT4-fs: inline encryption not supported
[   93.323580][ T6809] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   93.344452][ T6809] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[   93.360980][ T6825] openvswitch: netlink: Missing key (keys=40, expected=80)
[   93.377093][ T6809] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 2: comm syz.2.1145: lblock 2 mapped to illegal pblock 2 (length 1)
[   93.392096][   T29] kauditd_printk_skb: 706 callbacks suppressed
[   93.392108][   T29] audit: type=1326 audit(1763792965.994:7442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6824 comm="syz.3.1151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb28915f749 code=0x7ffc0000
[   93.398556][ T6831] loop3: detected capacity change from 0 to 164
[   93.427244][   T29] audit: type=1326 audit(1763792965.994:7443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6824 comm="syz.3.1151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb28915f749 code=0x7ffc0000
[   93.437465][ T6809] Quota error (device loop2): qtree_write_dquot: dquota write failed
[   93.451192][   T29] audit: type=1326 audit(1763792965.994:7444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6824 comm="syz.3.1151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb28915f749 code=0x7ffc0000
[   93.482719][   T29] audit: type=1326 audit(1763792965.994:7445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6824 comm="syz.3.1151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fb28915f749 code=0x7ffc0000
[   93.483285][ T6831] iso9660: Unknown parameter '„¶¥á}ŒGì’þ@qNÃS
[   93.483285][ T6831] ”Êq
[   93.483285][ T6831] Þ.ÇV#˜n۶ȯdjý™Ô])£©gå�ìÐÖü[ë¹�c›VïÓX¤'
[   93.506230][   T29] audit: type=1326 audit(1763792965.994:7446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6824 comm="syz.3.1151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb28915f749 code=0x7ffc0000
[   93.544373][   T29] audit: type=1326 audit(1763792965.994:7447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6824 comm="syz.3.1151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7fb28915f749 code=0x7ffc0000
[   93.567860][   T29] audit: type=1326 audit(1763792965.994:7448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6824 comm="syz.3.1151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb28915f749 code=0x7ffc0000
[   93.591393][   T29] audit: type=1326 audit(1763792965.994:7449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6824 comm="syz.3.1151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb28915f34b code=0x7ffc0000
[   93.614734][   T29] audit: type=1326 audit(1763792965.994:7450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6824 comm="syz.3.1151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb28915df90 code=0x7ffc0000
[   93.639882][ T6809] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 48: comm syz.2.1145: lblock 0 mapped to illegal pblock 48 (length 1)
[   93.673629][ T6809] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.1145: Failed to acquire dquot type 0
[   93.706628][ T6809] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem
[   93.734651][ T6809] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.1145: mark_inode_dirty error
[   93.748525][ T6809] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   93.759739][ T6809] EXT4-fs (loop2): 1 orphan inode deleted
[   93.769591][ T6809] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.785736][ T5370] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:27: lblock 1 mapped to illegal pblock 1 (length 1)
[   93.807077][ T5370] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:27: Failed to release dquot type 0
[   93.833155][ T6837] loop0: detected capacity change from 0 to 1024
[   93.858742][ T6809] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   93.868468][ T6837] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   93.881916][ T6837] ext4 filesystem being mounted at /237/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.892731][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.893472][ T6837] FAULT_INJECTION: forcing a failure.
[   93.893472][ T6837] name failslab, interval 1, probability 0, space 0, times 0
[   93.914392][ T6837] CPU: 0 UID: 0 PID: 6837 Comm: syz.0.1154 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   93.914417][ T6837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   93.914473][ T6837] Call Trace:
[   93.914480][ T6837]  <TASK>
[   93.914487][ T6837]  __dump_stack+0x1d/0x30
[   93.914510][ T6837]  dump_stack_lvl+0xe8/0x140
[   93.914530][ T6837]  dump_stack+0x15/0x1b
[   93.914546][ T6837]  should_fail_ex+0x265/0x280
[   93.914617][ T6837]  should_failslab+0x8c/0xb0
[   93.914668][ T6837]  kmem_cache_alloc_noprof+0x50/0x480
[   93.914697][ T6837]  ? __es_insert_extent+0x508/0xee0
[   93.914801][ T6837]  __es_insert_extent+0x508/0xee0
[   93.914828][ T6837]  ? __blk_flush_plug+0x262/0x2a0
[   93.914905][ T6837]  ext4_es_cache_extent+0x276/0x370
[   93.914934][ T6837]  ext4_find_extent+0x336/0x7a0
[   93.914964][ T6837]  ext4_ext_map_blocks+0x11f/0x38a0
[   93.914989][ T6837]  ? __account_obj_stock+0x211/0x350
[   93.915013][ T6837]  ? refill_obj_stock+0x1b6/0x2e0
[   93.915052][ T6837]  ? __account_obj_stock+0x211/0x350
[   93.915081][ T6837]  ? __rcu_read_unlock+0x4f/0x70
[   93.915114][ T6837]  ext4_map_query_blocks+0xa8/0x480
[   93.915146][ T6837]  ext4_da_get_block_prep+0x25b/0xbb0
[   93.915208][ T6837]  ? alloc_buffer_head+0x1c3/0x1f0
[   93.915312][ T6837]  ? folio_alloc_buffers+0x2e5/0x310
[   93.915364][ T6837]  ext4_block_write_begin+0x5e8/0xc00
[   93.915382][ T6837]  ? __pfx_ext4_da_get_block_prep+0x10/0x10
[   93.915398][ T6837]  ? __filemap_get_folio+0x466/0x650
[   93.915425][ T6837]  ext4_da_write_begin+0x48f/0x6e0
[   93.915477][ T6837]  generic_perform_write+0x184/0x490
[   93.915503][ T6837]  ext4_buffered_write_iter+0x1ee/0x3c0
[   93.915524][ T6837]  ? ext4_file_write_iter+0xfe/0xf60
[   93.915546][ T6837]  ext4_file_write_iter+0x387/0xf60
[   93.915584][ T6837]  ? kstrtouint_from_user+0x9f/0xf0
[   93.915600][ T6837]  ? 0xffffffff81000000
[   93.915613][ T6837]  ? __rcu_read_unlock+0x4f/0x70
[   93.915638][ T6837]  ? avc_policy_seqno+0x15/0x30
[   93.915676][ T6837]  ? selinux_file_permission+0x1e4/0x320
[   93.915710][ T6837]  ? __pfx_ext4_file_write_iter+0x10/0x10
[   93.915780][ T6837]  vfs_write+0x52a/0x960
[   93.915868][ T6837]  __x64_sys_pwrite64+0xfd/0x150
[   93.915891][ T6837]  x64_sys_call+0xc4d/0x3000
[   93.915987][ T6837]  do_syscall_64+0xd2/0x200
[   93.916006][ T6837]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   93.916031][ T6837]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   93.916147][ T6837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.916169][ T6837] RIP: 0033:0x7ff9acd3f749
[   93.916184][ T6837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.916207][ T6837] RSP: 002b:00007ff9ab79f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[   93.916227][ T6837] RAX: ffffffffffffffda RBX: 00007ff9acf95fa0 RCX: 00007ff9acd3f749
[   93.916282][ T6837] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000004
[   93.916295][ T6837] RBP: 00007ff9ab79f090 R08: 0000000000000000 R09: 0000000000000000
[   93.916308][ T6837] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000001
[   93.916321][ T6837] R13: 00007ff9acf96038 R14: 00007ff9acf95fa0 R15: 00007ffdfd99d018
[   93.916340][ T6837]  </TASK>
[   94.277927][ T5370] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:27: bg 0: block 112: padding at end of block bitmap is not set
[   94.293026][ T5370] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 1 with error 117
[   94.305426][ T5370] EXT4-fs (loop0): This should not happen!! Data will be lost
[   94.305426][ T5370] 
[   94.323060][ T6841] loop2: detected capacity change from 0 to 1024
[   94.324337][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   94.358892][ T6841] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   94.386872][ T6846] netlink: 'syz.4.1158': attribute type 10 has an invalid length.
[   94.406138][ T6841] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   94.409692][ T6854] loop0: detected capacity change from 0 to 1024
[   94.433369][ T6855] loop1: detected capacity change from 0 to 1764
[   94.435952][ T6841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.461581][ T6855] ISOFS: Bad logical zone size 2051
[   94.464374][ T6854] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   94.514626][ T6854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.546720][ T6862] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.565154][ T6854] netlink: 'syz.0.1156': attribute type 12 has an invalid length.
[   94.607125][ T6862] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.636383][ T6854] x_tables: duplicate underflow at hook 1
[   94.667237][ T6862] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.711470][ T6874] loop0: detected capacity change from 0 to 512
[   94.719337][ T6862] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.733650][ T6874] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   94.747341][ T6874] ext4 filesystem being mounted at /240/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.883704][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.910078][ T6888] netlink: 'syz.4.1173': attribute type 10 has an invalid length.
[   94.920874][ T6888] __nla_validate_parse: 13 callbacks suppressed
[   94.920886][ T6888] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1173'.
[   94.953386][ T6892] FAULT_INJECTION: forcing a failure.
[   94.953386][ T6892] name failslab, interval 1, probability 0, space 0, times 0
[   94.966066][ T6892] CPU: 1 UID: 0 PID: 6892 Comm: syz.4.1175 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   94.966093][ T6892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   94.966167][ T6892] Call Trace:
[   94.966174][ T6892]  <TASK>
[   94.966182][ T6892]  __dump_stack+0x1d/0x30
[   94.966205][ T6892]  dump_stack_lvl+0xe8/0x140
[   94.966226][ T6892]  dump_stack+0x15/0x1b
[   94.966270][ T6892]  should_fail_ex+0x265/0x280
[   94.966302][ T6892]  should_failslab+0x8c/0xb0
[   94.966330][ T6892]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   94.966385][ T6892]  ? __alloc_skb+0x101/0x320
[   94.966414][ T6892]  __alloc_skb+0x101/0x320
[   94.966440][ T6892]  netlink_alloc_large_skb+0xbf/0xf0
[   94.966470][ T6892]  netlink_sendmsg+0x3cf/0x6b0
[   94.966488][ T6892]  ? __pfx_netlink_sendmsg+0x10/0x10
[   94.966516][ T6892]  __sock_sendmsg+0x145/0x180
[   94.966540][ T6892]  ____sys_sendmsg+0x31e/0x4e0
[   94.966563][ T6892]  ___sys_sendmsg+0x17b/0x1d0
[   94.966601][ T6892]  __x64_sys_sendmsg+0xd4/0x160
[   94.966623][ T6892]  x64_sys_call+0x191e/0x3000
[   94.966645][ T6892]  do_syscall_64+0xd2/0x200
[   94.966664][ T6892]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   94.966792][ T6892]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   94.966824][ T6892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.966846][ T6892] RIP: 0033:0x7faab5e8f749
[   94.966861][ T6892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.966877][ T6892] RSP: 002b:00007faab48ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   94.966945][ T6892] RAX: ffffffffffffffda RBX: 00007faab60e5fa0 RCX: 00007faab5e8f749
[   94.966958][ T6892] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000005
[   94.966969][ T6892] RBP: 00007faab48ef090 R08: 0000000000000000 R09: 0000000000000000
[   94.966980][ T6892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.966993][ T6892] R13: 00007faab60e6038 R14: 00007faab60e5fa0 R15: 00007ffcca177968
[   94.967017][ T6892]  </TASK>
[   95.168186][ T6894] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=6894 comm=syz.0.1174
[   95.246142][ T6902] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1179'.
[   95.263073][ T6904] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1180'.
[   95.278666][ T6904] 8021q: adding VLAN 0 to HW filter on device bond2
[   95.316453][ T6911] vlan2: entered allmulticast mode
[   95.371721][ T6921] loop3: detected capacity change from 0 to 128
[   95.537150][ T6932] FAULT_INJECTION: forcing a failure.
[   95.537150][ T6932] name failslab, interval 1, probability 0, space 0, times 0
[   95.549903][ T6932] CPU: 0 UID: 0 PID: 6932 Comm: syz.3.1191 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   95.549930][ T6932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   95.549941][ T6932] Call Trace:
[   95.549994][ T6932]  <TASK>
[   95.550000][ T6932]  __dump_stack+0x1d/0x30
[   95.550022][ T6932]  dump_stack_lvl+0xe8/0x140
[   95.550103][ T6932]  dump_stack+0x15/0x1b
[   95.550119][ T6932]  should_fail_ex+0x265/0x280
[   95.550224][ T6932]  ? audit_log_d_path+0x8d/0x150
[   95.550252][ T6932]  should_failslab+0x8c/0xb0
[   95.550275][ T6932]  __kmalloc_cache_noprof+0x4c/0x4a0
[   95.550362][ T6932]  audit_log_d_path+0x8d/0x150
[   95.550382][ T6932]  audit_log_d_path_exe+0x42/0x70
[   95.550488][ T6932]  audit_log_task+0x1e9/0x250
[   95.550515][ T6932]  audit_seccomp+0x61/0x100
[   95.550540][ T6932]  ? __seccomp_filter+0x82d/0x1250
[   95.550644][ T6932]  __seccomp_filter+0x83e/0x1250
[   95.550673][ T6932]  ? fdget+0x105/0x110
[   95.550708][ T6932]  ? do_mq_timedsend+0x1cc/0x6b0
[   95.550787][ T6932]  __secure_computing+0x82/0x150
[   95.550808][ T6932]  syscall_trace_enter+0xcf/0x1e0
[   95.550950][ T6932]  do_syscall_64+0xac/0x200
[   95.550973][ T6932]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   95.551000][ T6932]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   95.551060][ T6932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.551140][ T6932] RIP: 0033:0x7fb28915e15c
[   95.551156][ T6932] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   95.551172][ T6932] RSP: 002b:00007fb287bbf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   95.551191][ T6932] RAX: ffffffffffffffda RBX: 00007fb2893b5fa0 RCX: 00007fb28915e15c
[   95.551205][ T6932] RDX: 000000000000000f RSI: 00007fb287bbf0a0 RDI: 0000000000000005
[   95.551217][ T6932] RBP: 00007fb287bbf090 R08: 0000000000000000 R09: 0000000000000000
[   95.551230][ T6932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   95.551286][ T6932] R13: 00007fb2893b6038 R14: 00007fb2893b5fa0 R15: 00007ffc88cb9908
[   95.551303][ T6932]  </TASK>
[   95.866790][ T6938] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1192'.
[   95.885193][ T6937] loop3: detected capacity change from 0 to 512
[   95.921878][ T5378] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.934065][ T5378] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.962485][ T5378] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.982662][ T5378] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.007410][ T6937] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.020082][ T6937] ext4 filesystem being mounted at /202/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.040056][ T6937] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm gtp: iget: bad i_size value: 2533274857506816
[   96.054458][ T6937] netlink: 16 bytes leftover after parsing attributes in process `gtp'.
[   96.073278][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.103395][ T6949] FAULT_INJECTION: forcing a failure.
[   96.103395][ T6949] name failslab, interval 1, probability 0, space 0, times 0
[   96.116024][ T6949] CPU: 0 UID: 0 PID: 6949 Comm: syz.1.1194 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   96.116068][ T6949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   96.116081][ T6949] Call Trace:
[   96.116087][ T6949]  <TASK>
[   96.116094][ T6949]  __dump_stack+0x1d/0x30
[   96.116115][ T6949]  dump_stack_lvl+0xe8/0x140
[   96.116131][ T6949]  dump_stack+0x15/0x1b
[   96.116211][ T6949]  should_fail_ex+0x265/0x280
[   96.116367][ T6949]  ? tipc_nametbl_insert_publ+0x44/0x930
[   96.116398][ T6949]  should_failslab+0x8c/0xb0
[   96.116463][ T6949]  __kmalloc_cache_noprof+0x4c/0x4a0
[   96.116493][ T6949]  tipc_nametbl_insert_publ+0x44/0x930
[   96.116513][ T6949]  ? avc_has_perm+0xf7/0x180
[   96.116533][ T6949]  tipc_nametbl_publish+0x112/0x1c0
[   96.116681][ T6949]  tipc_sk_publish+0x121/0x200
[   96.116702][ T6949]  tipc_sk_bind+0x163/0x1b0
[   96.116719][ T6949]  tipc_bind+0x5e/0x190
[   96.116757][ T6949]  __sys_bind+0x1d1/0x2a0
[   96.116787][ T6949]  __x64_sys_bind+0x3f/0x50
[   96.116871][ T6949]  x64_sys_call+0x2b72/0x3000
[   96.116891][ T6949]  do_syscall_64+0xd2/0x200
[   96.116912][ T6949]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   96.116939][ T6949]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   96.117047][ T6949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.117069][ T6949] RIP: 0033:0x7f7acd15f749
[   96.117084][ T6949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.117102][ T6949] RSP: 002b:00007f7acbb85038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[   96.117160][ T6949] RAX: ffffffffffffffda RBX: 00007f7acd3b6180 RCX: 00007f7acd15f749
[   96.117170][ T6949] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 0000000000000003
[   96.117182][ T6949] RBP: 00007f7acbb85090 R08: 0000000000000000 R09: 0000000000000000
[   96.117251][ T6949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.117264][ T6949] R13: 00007f7acd3b6218 R14: 00007f7acd3b6180 R15: 00007fff6fca4728
[   96.117281][ T6949]  </TASK>
[   96.344168][ T6952] FAULT_INJECTION: forcing a failure.
[   96.344168][ T6952] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   96.357250][ T6952] CPU: 1 UID: 0 PID: 6952 Comm: syz.3.1198 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   96.357326][ T6952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   96.357338][ T6952] Call Trace:
[   96.357344][ T6952]  <TASK>
[   96.357373][ T6952]  __dump_stack+0x1d/0x30
[   96.357395][ T6952]  dump_stack_lvl+0xe8/0x140
[   96.357459][ T6952]  dump_stack+0x15/0x1b
[   96.357525][ T6952]  should_fail_ex+0x265/0x280
[   96.357557][ T6952]  should_fail+0xb/0x20
[   96.357629][ T6952]  should_fail_usercopy+0x1a/0x20
[   96.357649][ T6952]  _copy_from_user+0x1c/0xb0
[   96.357674][ T6952]  memdup_user+0x5e/0xd0
[   96.357709][ T6952]  strndup_user+0x68/0xb0
[   96.357747][ T6952]  bpf_uprobe_multi_link_attach+0x20b/0x900
[   96.357780][ T6952]  ? __rcu_read_unlock+0x4f/0x70
[   96.357806][ T6952]  ? __fget_files+0x184/0x1c0
[   96.357902][ T6952]  link_create+0x680/0x6e0
[   96.357925][ T6952]  __sys_bpf+0x628/0x7c0
[   96.358007][ T6952]  __x64_sys_bpf+0x41/0x50
[   96.358036][ T6952]  x64_sys_call+0x2aee/0x3000
[   96.358058][ T6952]  do_syscall_64+0xd2/0x200
[   96.358158][ T6952]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   96.358185][ T6952]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   96.358217][ T6952]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.358238][ T6952] RIP: 0033:0x7fb28915f749
[   96.358252][ T6952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.358275][ T6952] RSP: 002b:00007fb287bbf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   96.358295][ T6952] RAX: ffffffffffffffda RBX: 00007fb2893b5fa0 RCX: 00007fb28915f749
[   96.358307][ T6952] RDX: 0000000000000040 RSI: 00002000000012c0 RDI: 000000000000001c
[   96.358320][ T6952] RBP: 00007fb287bbf090 R08: 0000000000000000 R09: 0000000000000000
[   96.358344][ T6952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.358357][ T6952] R13: 00007fb2893b6038 R14: 00007fb2893b5fa0 R15: 00007ffc88cb9908
[   96.358393][ T6952]  </TASK>
[   96.621186][ T6963] loop0: detected capacity change from 0 to 128
[   96.665585][ T6970] netlink: 'syz.4.1205': attribute type 21 has an invalid length.
[   96.673534][ T6970] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1205'.
[   96.745991][ T6984] loop2: detected capacity change from 0 to 128
[   96.761147][ T6984] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   96.781626][ T6982] loop1: detected capacity change from 0 to 1024
[   96.864602][ T6982] EXT4-fs: Ignoring removed orlov option
[   96.870319][ T6982] EXT4-fs: Ignoring removed i_version option
[   96.899216][ T6984] ext4 filesystem being mounted at /247/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   97.191752][ T6982] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.269956][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.759889][ T7021] loop4: detected capacity change from 0 to 128
[   97.791704][ T3315] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   98.042851][ T7031] Falling back ldisc for ttyS3.
[   98.238504][ T7050] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   98.300924][ T7050] vhci_hcd: invalid port number 96
[   98.306097][ T7050] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[   98.393833][   T29] kauditd_printk_skb: 1145 callbacks suppressed
[   98.393847][   T29] audit: type=1326 audit(1763792970.998:8594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7055 comm="syz.0.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9acd3f749 code=0x7ffc0000
[   98.436325][ T7057] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1233'.
[   98.552857][   T29] audit: type=1326 audit(1763792971.028:8595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7052 comm="syz.3.1233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb28915f749 code=0x7ffc0000
[   98.576477][   T29] audit: type=1326 audit(1763792971.028:8596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7055 comm="syz.0.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9acd3f749 code=0x7ffc0000
[   98.599978][   T29] audit: type=1326 audit(1763792971.028:8597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7055 comm="syz.0.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff9acd3f749 code=0x7ffc0000
[   98.623356][   T29] audit: type=1326 audit(1763792971.028:8598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7055 comm="syz.0.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9acd3f749 code=0x7ffc0000
[   98.646719][   T29] audit: type=1326 audit(1763792971.028:8599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7055 comm="syz.0.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9acd3f749 code=0x7ffc0000
[   98.670169][   T29] audit: type=1326 audit(1763792971.028:8600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7055 comm="syz.0.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7ff9acd3f749 code=0x7ffc0000
[   98.693503][   T29] audit: type=1326 audit(1763792971.028:8601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7055 comm="syz.0.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9acd3f749 code=0x7ffc0000
[   98.716972][   T29] audit: type=1326 audit(1763792971.028:8602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7055 comm="syz.0.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9acd3f749 code=0x7ffc0000
[   98.740392][   T29] audit: type=1326 audit(1763792971.028:8603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7055 comm="syz.0.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff9acd3f749 code=0x7ffc0000
[   98.826067][ T7064] FAULT_INJECTION: forcing a failure.
[   98.826067][ T7064] name failslab, interval 1, probability 0, space 0, times 0
[   98.838724][ T7064] CPU: 0 UID: 0 PID: 7064 Comm: syz.4.1237 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   98.838750][ T7064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   98.838762][ T7064] Call Trace:
[   98.838768][ T7064]  <TASK>
[   98.838840][ T7064]  __dump_stack+0x1d/0x30
[   98.838862][ T7064]  dump_stack_lvl+0xe8/0x140
[   98.838881][ T7064]  dump_stack+0x15/0x1b
[   98.838898][ T7064]  should_fail_ex+0x265/0x280
[   98.838953][ T7064]  should_failslab+0x8c/0xb0
[   98.839041][ T7064]  kmem_cache_alloc_noprof+0x50/0x480
[   98.839088][ T7064]  ? skb_clone+0x151/0x1f0
[   98.839107][ T7064]  skb_clone+0x151/0x1f0
[   98.839182][ T7064]  __netlink_deliver_tap+0x2c9/0x500
[   98.839204][ T7064]  netlink_unicast+0x66b/0x690
[   98.839234][ T7064]  netlink_sendmsg+0x58b/0x6b0
[   98.839254][ T7064]  ? __pfx_netlink_sendmsg+0x10/0x10
[   98.839352][ T7064]  __sock_sendmsg+0x145/0x180
[   98.839375][ T7064]  ____sys_sendmsg+0x31e/0x4e0
[   98.839395][ T7064]  ___sys_sendmsg+0x17b/0x1d0
[   98.839424][ T7064]  __x64_sys_sendmsg+0xd4/0x160
[   98.839474][ T7064]  x64_sys_call+0x191e/0x3000
[   98.839495][ T7064]  do_syscall_64+0xd2/0x200
[   98.839515][ T7064]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   98.839541][ T7064]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   98.839647][ T7064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.839667][ T7064] RIP: 0033:0x7faab5e8f749
[   98.839682][ T7064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.839699][ T7064] RSP: 002b:00007faab48ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   98.839766][ T7064] RAX: ffffffffffffffda RBX: 00007faab60e5fa0 RCX: 00007faab5e8f749
[   98.839779][ T7064] RDX: 0000000000004800 RSI: 0000200000000300 RDI: 0000000000000003
[   98.839791][ T7064] RBP: 00007faab48ef090 R08: 0000000000000000 R09: 0000000000000000
[   98.839874][ T7064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   98.839885][ T7064] R13: 00007faab60e6038 R14: 00007faab60e5fa0 R15: 00007ffcca177968
[   98.839903][ T7064]  </TASK>
[   99.222801][ T7089] loop0: detected capacity change from 0 to 2048
[   99.278886][ T7089]  loop0: p2 p3 p7
[   99.344054][ T7095] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1248'.
[   99.506711][ T7100] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1250'.
[   99.717230][ T7091] loop3: detected capacity change from 0 to 2048
[   99.745068][ T7091] /dev/loop3: Can't open blockdev
[  100.016090][ T7108] FAULT_INJECTION: forcing a failure.
[  100.016090][ T7108] name failslab, interval 1, probability 0, space 0, times 0
[  100.028790][ T7108] CPU: 1 UID: 0 PID: 7108 Comm: syz.1.1254 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  100.028815][ T7108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  100.028826][ T7108] Call Trace:
[  100.028832][ T7108]  <TASK>
[  100.028838][ T7108]  __dump_stack+0x1d/0x30
[  100.028859][ T7108]  dump_stack_lvl+0xe8/0x140
[  100.028937][ T7108]  dump_stack+0x15/0x1b
[  100.028952][ T7108]  should_fail_ex+0x265/0x280
[  100.028982][ T7108]  ? pkcs7_parse_message+0xa2/0x350
[  100.029010][ T7108]  should_failslab+0x8c/0xb0
[  100.029087][ T7108]  __kmalloc_cache_noprof+0x4c/0x4a0
[  100.029118][ T7108]  pkcs7_parse_message+0xa2/0x350
[  100.029145][ T7108]  verify_pkcs7_signature+0x30/0x90
[  100.029173][ T7108]  bpf_verify_pkcs7_signature+0xcc/0xf0
[  100.029201][ T7108]  bpf_prog_verify_signature+0x209/0x250
[  100.029228][ T7108]  bpf_prog_load+0x8fa/0x1100
[  100.029269][ T7108]  ? security_bpf+0x2b/0x90
[  100.029364][ T7108]  __sys_bpf+0x469/0x7c0
[  100.029388][ T7108]  __x64_sys_bpf+0x41/0x50
[  100.029412][ T7108]  x64_sys_call+0x2aee/0x3000
[  100.029441][ T7108]  do_syscall_64+0xd2/0x200
[  100.029459][ T7108]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  100.029549][ T7108]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  100.029576][ T7108]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.029634][ T7108] RIP: 0033:0x7f7acd15f749
[  100.029648][ T7108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.029664][ T7108] RSP: 002b:00007f7acbbc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  100.029682][ T7108] RAX: ffffffffffffffda RBX: 00007f7acd3b5fa0 RCX: 00007f7acd15f749
[  100.029722][ T7108] RDX: 00000000000000af RSI: 00002000000000c0 RDI: 0000000000000005
[  100.029734][ T7108] RBP: 00007f7acbbc7090 R08: 0000000000000000 R09: 0000000000000000
[  100.029745][ T7108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  100.029757][ T7108] R13: 00007f7acd3b6038 R14: 00007f7acd3b5fa0 R15: 00007fff6fca4728
[  100.029774][ T7108]  </TASK>
[  100.394730][ T7122] netlink: 'syz.1.1259': attribute type 10 has an invalid length.
[  100.427544][ T7119] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1259'.
[  100.499497][ T7126] netlink: 100 bytes leftover after parsing attributes in process `syz.4.1261'.
[  100.534399][ T7129] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1262'.
[  100.601231][ T7133] FAULT_INJECTION: forcing a failure.
[  100.601231][ T7133] name failslab, interval 1, probability 0, space 0, times 0
[  100.614001][ T7133] CPU: 1 UID: 0 PID: 7133 Comm: syz.4.1264 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  100.614023][ T7133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  100.614033][ T7133] Call Trace:
[  100.614037][ T7133]  <TASK>
[  100.614043][ T7133]  __dump_stack+0x1d/0x30
[  100.614078][ T7133]  dump_stack_lvl+0xe8/0x140
[  100.614095][ T7133]  dump_stack+0x15/0x1b
[  100.614108][ T7133]  should_fail_ex+0x265/0x280
[  100.614134][ T7133]  should_failslab+0x8c/0xb0
[  100.614156][ T7133]  kmem_cache_alloc_noprof+0x50/0x480
[  100.614233][ T7133]  ? skb_clone+0x151/0x1f0
[  100.614325][ T7133]  skb_clone+0x151/0x1f0
[  100.614339][ T7133]  __netlink_deliver_tap+0x2c9/0x500
[  100.614358][ T7133]  netlink_unicast+0x66b/0x690
[  100.614382][ T7133]  netlink_sendmsg+0x58b/0x6b0
[  100.614399][ T7133]  ? __pfx_netlink_sendmsg+0x10/0x10
[  100.614480][ T7133]  __sock_sendmsg+0x145/0x180
[  100.614522][ T7133]  ____sys_sendmsg+0x31e/0x4e0
[  100.614538][ T7133]  ___sys_sendmsg+0x17b/0x1d0
[  100.614598][ T7133]  __x64_sys_sendmsg+0xd4/0x160
[  100.614617][ T7133]  x64_sys_call+0x191e/0x3000
[  100.614638][ T7133]  do_syscall_64+0xd2/0x200
[  100.614654][ T7133]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  100.614676][ T7133]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  100.614825][ T7133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.614890][ T7133] RIP: 0033:0x7faab5e8f749
[  100.614902][ T7133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.614916][ T7133] RSP: 002b:00007faab48ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  100.614931][ T7133] RAX: ffffffffffffffda RBX: 00007faab60e5fa0 RCX: 00007faab5e8f749
[  100.614941][ T7133] RDX: 0000000000040000 RSI: 0000200000000340 RDI: 0000000000000003
[  100.614950][ T7133] RBP: 00007faab48ef090 R08: 0000000000000000 R09: 0000000000000000
[  100.614959][ T7133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.615039][ T7133] R13: 00007faab60e6038 R14: 00007faab60e5fa0 R15: 00007ffcca177968
[  100.615055][ T7133]  </TASK>
[  100.855362][ T7144] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1268'.
[  100.904657][ T7138] loop1: detected capacity change from 0 to 2048
[  101.003279][ T7138] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #2: comm syz.1.1262: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 260(4), depth 0(0)
[  101.029602][ T7157] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  101.084360][ T7162] loop2: detected capacity change from 0 to 1024
[  101.111102][ T7138] EXT4-fs (loop1): get root inode failed
[  101.116802][ T7138] EXT4-fs (loop1): mount failed
[  101.132914][ T7162] EXT4-fs: Ignoring removed orlov option
[  101.138618][ T7162] EXT4-fs: Ignoring removed i_version option
[  101.195809][ T7162] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.398916][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.463065][ T7174] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7174 comm=syz.2.1276
[  101.476380][ T7174] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1276'.
[  101.583359][ T7174] loop2: detected capacity change from 0 to 2048
[  101.618671][ T7174] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.633462][ T7174] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #12: comm syz.2.1276: corrupted in-inode xattr: e_name out of bounds
[  101.663382][ T7174] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #12: comm syz.2.1276: corrupted in-inode xattr: e_name out of bounds
[  101.710479][ T7181] loop3: detected capacity change from 0 to 128
[  101.718470][ T7181] FAT-fs (loop3): bogus logical sector size 8
[  101.724601][ T7181] FAT-fs (loop3): Can't find a valid FAT filesystem
[  101.748276][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.803202][ T7181] FAULT_INJECTION: forcing a failure.
[  101.803202][ T7181] name failslab, interval 1, probability 0, space 0, times 0
[  101.816005][ T7181] CPU: 1 UID: 0 PID: 7181 Comm: syz.3.1279 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  101.816041][ T7181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  101.816054][ T7181] Call Trace:
[  101.816059][ T7181]  <TASK>
[  101.816065][ T7181]  __dump_stack+0x1d/0x30
[  101.816084][ T7181]  dump_stack_lvl+0xe8/0x140
[  101.816123][ T7181]  dump_stack+0x15/0x1b
[  101.816140][ T7181]  should_fail_ex+0x265/0x280
[  101.816172][ T7181]  should_failslab+0x8c/0xb0
[  101.816272][ T7181]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  101.816355][ T7181]  ? __alloc_skb+0x101/0x320
[  101.816382][ T7181]  __alloc_skb+0x101/0x320
[  101.816409][ T7181]  netlink_alloc_large_skb+0xbf/0xf0
[  101.816545][ T7181]  netlink_sendmsg+0x3cf/0x6b0
[  101.816567][ T7181]  ? __pfx_netlink_sendmsg+0x10/0x10
[  101.816586][ T7181]  __sock_sendmsg+0x145/0x180
[  101.816711][ T7181]  sock_write_iter+0x1a7/0x1f0
[  101.816739][ T7181]  do_iter_readv_writev+0x4a1/0x540
[  101.816785][ T7181]  vfs_writev+0x2df/0x8b0
[  101.816823][ T7181]  do_writev+0xe7/0x210
[  101.816922][ T7181]  __x64_sys_writev+0x45/0x50
[  101.816945][ T7181]  x64_sys_call+0x1e9a/0x3000
[  101.816963][ T7181]  do_syscall_64+0xd2/0x200
[  101.816980][ T7181]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  101.817137][ T7181]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  101.817169][ T7181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.817185][ T7181] RIP: 0033:0x7fb28915f749
[  101.817198][ T7181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.817291][ T7181] RSP: 002b:00007fb287bbf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  101.817309][ T7181] RAX: ffffffffffffffda RBX: 00007fb2893b5fa0 RCX: 00007fb28915f749
[  101.817321][ T7181] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000006
[  101.817333][ T7181] RBP: 00007fb287bbf090 R08: 0000000000000000 R09: 0000000000000000
[  101.817345][ T7181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.817355][ T7181] R13: 00007fb2893b6038 R14: 00007fb2893b5fa0 R15: 00007ffc88cb9908
[  101.817371][ T7181]  </TASK>
[  102.040919][ T7186] netlink: 'syz.4.1282': attribute type 1 has an invalid length.
[  102.048650][ T7186] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1282'.
[  102.074112][ T7187] loop2: detected capacity change from 0 to 128
[  102.082975][ T7189] loop3: detected capacity change from 0 to 128
[  102.091630][ T7187] FAT-fs (loop2): bogus logical sector size 8
[  102.097716][ T7187] FAT-fs (loop2): Can't find a valid FAT filesystem
[  102.105494][ T7189] FAT-fs (loop3): bogus logical sector size 8
[  102.111750][ T7189] FAT-fs (loop3): Can't find a valid FAT filesystem
[  102.125022][ T7189] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1283'.
[  102.137893][ T7189] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1283'.
[  102.152696][ T7189] 0ªX¹¦À: renamed from caif0
[  102.154617][ T7187] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1280'.
[  102.168200][ T7189] 0ªX¹¦À: entered allmulticast mode
[  102.173516][ T7189] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  102.189684][ T7187] 1ªX¹¦À: renamed from 
60ªX¹¦À
[  102.196129][ T7187] A link change request failed with some changes committed already. Interface 
61ªX¹¦À may have been left with an inconsistent configuration, please check.
[  102.241831][ T7195] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  102.344358][ T7204] loop0: detected capacity change from 0 to 256
[  102.354946][ T7199] loop2: detected capacity change from 0 to 1024
[  102.467980][ T7199] EXT4-fs: Ignoring removed orlov option
[  102.473768][ T7199] EXT4-fs: Ignoring removed i_version option
[  102.838626][ T7222] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  102.952448][ T7224] FAULT_INJECTION: forcing a failure.
[  102.952448][ T7224] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  102.962165][ T7199] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.965561][ T7224] CPU: 1 UID: 0 PID: 7224 Comm: syz.4.1294 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  102.965588][ T7224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  102.965599][ T7224] Call Trace:
[  102.965646][ T7224]  <TASK>
[  102.965653][ T7224]  __dump_stack+0x1d/0x30
[  102.965674][ T7224]  dump_stack_lvl+0xe8/0x140
[  102.965693][ T7224]  dump_stack+0x15/0x1b
[  102.965710][ T7224]  should_fail_ex+0x265/0x280
[  102.965784][ T7224]  should_fail+0xb/0x20
[  102.965799][ T7224]  should_fail_usercopy+0x1a/0x20
[  102.965869][ T7224]  _copy_from_iter+0xd2/0xe80
[  102.965889][ T7224]  ? __build_skb_around+0x1ab/0x200
[  102.966011][ T7224]  ? __alloc_skb+0x223/0x320
[  102.966039][ T7224]  netlink_sendmsg+0x471/0x6b0
[  102.966060][ T7224]  ? __pfx_netlink_sendmsg+0x10/0x10
[  102.966079][ T7224]  __sock_sendmsg+0x145/0x180
[  102.966177][ T7224]  ____sys_sendmsg+0x31e/0x4e0
[  102.966198][ T7224]  ___sys_sendmsg+0x17b/0x1d0
[  102.966302][ T7224]  __x64_sys_sendmsg+0xd4/0x160
[  102.966324][ T7224]  x64_sys_call+0x191e/0x3000
[  102.966353][ T7224]  do_syscall_64+0xd2/0x200
[  102.966378][ T7224]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  102.966404][ T7224]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  102.966456][ T7224]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.966476][ T7224] RIP: 0033:0x7faab5e8f749
[  102.966490][ T7224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.966543][ T7224] RSP: 002b:00007faab48ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  102.966561][ T7224] RAX: ffffffffffffffda RBX: 00007faab60e5fa0 RCX: 00007faab5e8f749
[  102.966573][ T7224] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  102.966634][ T7224] RBP: 00007faab48ef090 R08: 0000000000000000 R09: 0000000000000000
[  102.966646][ T7224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.966657][ T7224] R13: 00007faab60e6038 R14: 00007faab60e5fa0 R15: 00007ffcca177968
[  102.966675][ T7224]  </TASK>
[  103.060960][ T7227] vhci_hcd: invalid port number 9
[  103.174286][ T7232] syz_tun: entered allmulticast mode
[  103.198285][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.264743][ T7237] loop2: detected capacity change from 0 to 164
[  103.274307][ T7231] syz_tun: left allmulticast mode
[  103.300284][ T7237] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  103.387452][ T7241] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7241 comm=syz.3.1301
[  103.400549][   T29] kauditd_printk_skb: 446 callbacks suppressed
[  103.400583][   T29] audit: type=1326 audit(1763792976.013:9050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7242 comm="syz.2.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f952eeaf749 code=0x7ffc0000
[  103.447074][   T29] audit: type=1326 audit(1763792976.013:9051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7242 comm="syz.2.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f952eeaf749 code=0x7ffc0000
[  103.470799][   T29] audit: type=1326 audit(1763792976.043:9052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7242 comm="syz.2.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f952eeaf749 code=0x7ffc0000
[  103.494185][   T29] audit: type=1326 audit(1763792976.043:9053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7242 comm="syz.2.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f952eeaf749 code=0x7ffc0000
[  103.517567][   T29] audit: type=1326 audit(1763792976.043:9054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7242 comm="syz.2.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f952eeaf749 code=0x7ffc0000
[  103.541107][   T29] audit: type=1326 audit(1763792976.043:9055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7242 comm="syz.2.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f952eeaf749 code=0x7ffc0000
[  103.564568][   T29] audit: type=1326 audit(1763792976.043:9056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7242 comm="syz.2.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f952eeaf749 code=0x7ffc0000
[  103.588273][   T29] audit: type=1326 audit(1763792976.043:9057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7242 comm="syz.2.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f952eeaf749 code=0x7ffc0000
[  103.611734][   T29] audit: type=1326 audit(1763792976.043:9058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7242 comm="syz.2.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f952eeaf749 code=0x7ffc0000
[  103.635196][   T29] audit: type=1326 audit(1763792976.043:9059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7242 comm="syz.2.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f952eeaf749 code=0x7ffc0000
[  103.697876][ T7254] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1305'.
[  103.746551][ T7262] loop1: detected capacity change from 0 to 1024
[  103.753691][ T7262] EXT4-fs: Ignoring removed orlov option
[  103.765237][ T7262] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.283959][ T7279] loop3: detected capacity change from 0 to 2048
[  104.347269][ T7279]  loop3: p1 < > p4
[  104.420569][ T7279] loop3: p4 size 8388608 extends beyond EOD, truncated
[  104.524468][ T7285] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.574165][ T7293] netlink: 'syz.3.1319': attribute type 1 has an invalid length.
[  104.583820][ T7285] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.651694][ T7293] 8021q: adding VLAN 0 to HW filter on device bond4
[  104.735323][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.750885][ T7285] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.761101][ T7296] FAULT_INJECTION: forcing a failure.
[  104.761101][ T7296] name failslab, interval 1, probability 0, space 0, times 0
[  104.773848][ T7296] CPU: 1 UID: 0 PID: 7296 Comm: syz.4.1321 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  104.773903][ T7296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  104.773966][ T7296] Call Trace:
[  104.773974][ T7296]  <TASK>
[  104.774032][ T7296]  __dump_stack+0x1d/0x30
[  104.774135][ T7296]  dump_stack_lvl+0xe8/0x140
[  104.774155][ T7296]  dump_stack+0x15/0x1b
[  104.774171][ T7296]  should_fail_ex+0x265/0x280
[  104.774200][ T7296]  ? p9_client_create+0x59/0xbc0
[  104.774277][ T7296]  should_failslab+0x8c/0xb0
[  104.774316][ T7296]  __kmalloc_cache_noprof+0x4c/0x4a0
[  104.774346][ T7296]  p9_client_create+0x59/0xbc0
[  104.774372][ T7296]  ? should_failslab+0x8c/0xb0
[  104.774511][ T7296]  ? __kmalloc_node_track_caller_noprof+0x399/0x580
[  104.774536][ T7296]  ? v9fs_session_init+0x78/0xde0
[  104.774567][ T7296]  v9fs_session_init+0xf7/0xde0
[  104.774664][ T7296]  ? avc_has_perm_noaudit+0x1b1/0x200
[  104.774680][ T7296]  ? should_fail_ex+0xdb/0x280
[  104.774730][ T7296]  ? v9fs_mount+0x51/0x5c0
[  104.774747][ T7296]  ? should_failslab+0x8c/0xb0
[  104.774834][ T7296]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  104.774912][ T7296]  v9fs_mount+0x67/0x5c0
[  104.774928][ T7296]  ? selinux_capable+0x31/0x40
[  104.774945][ T7296]  ? __pfx_v9fs_mount+0x10/0x10
[  104.775041][ T7296]  legacy_get_tree+0x78/0xd0
[  104.775062][ T7296]  vfs_get_tree+0x57/0x1d0
[  104.775100][ T7296]  do_new_mount+0x24d/0x660
[  104.775192][ T7296]  ? security_capable+0x83/0x90
[  104.775224][ T7296]  path_mount+0x4a5/0xb70
[  104.775247][ T7296]  ? user_path_at+0x109/0x130
[  104.775272][ T7296]  __se_sys_mount+0x28c/0x2e0
[  104.775291][ T7296]  ? fput+0x8f/0xc0
[  104.775328][ T7296]  __x64_sys_mount+0x67/0x80
[  104.775351][ T7296]  x64_sys_call+0x2b51/0x3000
[  104.775464][ T7296]  do_syscall_64+0xd2/0x200
[  104.775475][ T7296]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  104.775548][ T7296]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  104.775639][ T7296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.775723][ T7296] RIP: 0033:0x7faab5e8f749
[  104.775786][ T7296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.775795][ T7296] RSP: 002b:00007faab48ef038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  104.775806][ T7296] RAX: ffffffffffffffda RBX: 00007faab60e5fa0 RCX: 00007faab5e8f749
[  104.775814][ T7296] RDX: 0000200000000040 RSI: 0000200000000000 RDI: 0000000000000000
[  104.775820][ T7296] RBP: 00007faab48ef090 R08: 0000200000000140 R09: 0000000000000000
[  104.775827][ T7296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  104.775853][ T7296] R13: 00007faab60e6038 R14: 00007faab60e5fa0 R15: 00007ffcca177968
[  104.775882][ T7296]  </TASK>
[  105.087643][ T7285] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.106537][ T7302] netlink: 'syz.4.1323': attribute type 1 has an invalid length.
[  105.154731][ T5410] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.165694][ T5410] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.176042][ T5410] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.189549][ T5410] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.246070][ T7304] Falling back ldisc for ttyS3.
[  105.308328][ T7323] loop3: detected capacity change from 0 to 128
[  105.318354][ T7321] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7321 comm=syz.0.1331
[  105.330807][ T7321] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=7321 comm=syz.0.1331
[  105.557242][ T7344] __nla_validate_parse: 4 callbacks suppressed
[  105.557255][ T7344] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1340'.
[  105.630026][ T5370] bio_check_eod: 54 callbacks suppressed
[  105.630040][ T5370] kworker/u8:27: attempt to access beyond end of device
[  105.630040][ T5370] loop3: rw=1, sector=153, nr_sectors = 8 limit=128
[  105.659433][ T5370] kworker/u8:27: attempt to access beyond end of device
[  105.659433][ T5370] loop3: rw=1, sector=169, nr_sectors = 8 limit=128
[  105.673090][ T5370] kworker/u8:27: attempt to access beyond end of device
[  105.673090][ T5370] loop3: rw=1, sector=185, nr_sectors = 8 limit=128
[  105.687141][ T5370] kworker/u8:27: attempt to access beyond end of device
[  105.687141][ T5370] loop3: rw=1, sector=201, nr_sectors = 8 limit=128
[  105.701123][ T5370] kworker/u8:27: attempt to access beyond end of device
[  105.701123][ T5370] loop3: rw=1, sector=217, nr_sectors = 8 limit=128
[  105.715007][ T5370] kworker/u8:27: attempt to access beyond end of device
[  105.715007][ T5370] loop3: rw=1, sector=233, nr_sectors = 8 limit=128
[  105.729097][ T5370] kworker/u8:27: attempt to access beyond end of device
[  105.729097][ T5370] loop3: rw=1, sector=249, nr_sectors = 8 limit=128
[  105.742977][ T5370] kworker/u8:27: attempt to access beyond end of device
[  105.742977][ T5370] loop3: rw=1, sector=265, nr_sectors = 8 limit=128
[  105.758408][ T5370] kworker/u8:27: attempt to access beyond end of device
[  105.758408][ T5370] loop3: rw=1, sector=281, nr_sectors = 8 limit=128
[  105.772231][ T5370] kworker/u8:27: attempt to access beyond end of device
[  105.772231][ T5370] loop3: rw=1, sector=297, nr_sectors = 8 limit=128
[  105.925900][ T3615] hid_parser_main: 8 callbacks suppressed
[  105.925918][ T3615] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x4
[  105.939446][ T3615] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x2
[  105.948396][ T3615] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x3
[  105.957000][ T3615] hid-generic 0000:3000000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  105.991649][ T7358] fido_id[7358]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  106.030877][ T7363] loop4: detected capacity change from 0 to 1024
[  106.056165][ T7363] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  106.080188][ T7363] ext4 filesystem being mounted at /284/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.083426][ T7370] loop3: detected capacity change from 0 to 512
[  106.126800][ T7370] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.158548][ T7370] ext4 filesystem being mounted at /235/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.182979][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.285834][ T7378] loop1: detected capacity change from 0 to 128
[  106.364404][ T7386] FAULT_INJECTION: forcing a failure.
[  106.364404][ T7386] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  106.371818][ T7382] loop3: detected capacity change from 0 to 512
[  106.377573][ T7386] CPU: 0 UID: 0 PID: 7386 Comm: syz.0.1355 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  106.377671][ T7386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  106.377713][ T7386] Call Trace:
[  106.377719][ T7386]  <TASK>
[  106.377726][ T7386]  __dump_stack+0x1d/0x30
[  106.377747][ T7386]  dump_stack_lvl+0xe8/0x140
[  106.377766][ T7386]  dump_stack+0x15/0x1b
[  106.377783][ T7386]  should_fail_ex+0x265/0x280
[  106.377852][ T7386]  should_fail+0xb/0x20
[  106.377926][ T7386]  should_fail_usercopy+0x1a/0x20
[  106.377946][ T7386]  _copy_to_user+0x20/0xa0
[  106.377970][ T7386]  simple_read_from_buffer+0xb5/0x130
[  106.377995][ T7386]  proc_fail_nth_read+0x10e/0x150
[  106.378028][ T7386]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  106.378056][ T7386]  vfs_read+0x1a8/0x770
[  106.378150][ T7386]  ? __rcu_read_unlock+0x4f/0x70
[  106.378251][ T7386]  ? __fget_files+0x184/0x1c0
[  106.378278][ T7386]  ksys_read+0xda/0x1a0
[  106.378302][ T7386]  __x64_sys_read+0x40/0x50
[  106.378328][ T7386]  x64_sys_call+0x27c0/0x3000
[  106.378348][ T7386]  do_syscall_64+0xd2/0x200
[  106.378368][ T7386]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  106.378467][ T7386]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  106.378512][ T7386]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.378533][ T7386] RIP: 0033:0x7ff9acd3e15c
[  106.378547][ T7386] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  106.378585][ T7386] RSP: 002b:00007ff9ab79f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  106.378645][ T7386] RAX: ffffffffffffffda RBX: 00007ff9acf95fa0 RCX: 00007ff9acd3e15c
[  106.378657][ T7386] RDX: 000000000000000f RSI: 00007ff9ab79f0a0 RDI: 0000000000000006
[  106.378668][ T7386] RBP: 00007ff9ab79f090 R08: 0000000000000000 R09: 0000000000000000
[  106.378680][ T7386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.378691][ T7386] R13: 00007ff9acf96038 R14: 00007ff9acf95fa0 R15: 00007ffdfd99d018
[  106.378710][ T7386]  </TASK>
[  106.590127][ T7382] journal_path: Non-blockdev passed as './file0'
[  106.596509][ T7382] EXT4-fs: error: could not find journal device path
[  106.628191][ T7392] loop1: detected capacity change from 0 to 1024
[  106.637335][ T7392] EXT4-fs: Ignoring removed orlov option
[  106.649055][ T7392] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.760468][ T7399] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  106.767722][ T7399] IPv6: NLM_F_CREATE should be set when creating new route
[  106.774926][ T7399] IPv6: NLM_F_CREATE should be set when creating new route
[  106.782108][ T7399] IPv6: NLM_F_CREATE should be set when creating new route
[  106.861147][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.881952][ T5382] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:39: bg 0: block 112: padding at end of block bitmap is not set
[  106.906249][ T5382] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 1 with error 117
[  106.910496][ T7405] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1363'.
[  106.918753][ T5382] EXT4-fs (loop4): This should not happen!! Data will be lost
[  106.918753][ T5382] 
[  106.927707][ T7405] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1363'.
[  106.954226][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  106.963314][ T7405] loop2: detected capacity change from 0 to 2048
[  107.017884][ T3665]  loop2: p2 p3 p7
[  107.080992][ T7405]  loop2: p2 p3 p7
[  107.142497][ T7418] FAULT_INJECTION: forcing a failure.
[  107.142497][ T7418] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  107.155604][ T7418] CPU: 1 UID: 0 PID: 7418 Comm: syz.2.1367 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  107.155631][ T7418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  107.155643][ T7418] Call Trace:
[  107.155650][ T7418]  <TASK>
[  107.155657][ T7418]  __dump_stack+0x1d/0x30
[  107.155729][ T7418]  dump_stack_lvl+0xe8/0x140
[  107.155745][ T7418]  dump_stack+0x15/0x1b
[  107.155760][ T7418]  should_fail_ex+0x265/0x280
[  107.155789][ T7418]  should_fail+0xb/0x20
[  107.155806][ T7418]  should_fail_usercopy+0x1a/0x20
[  107.155860][ T7418]  _copy_from_user+0x1c/0xb0
[  107.155974][ T7418]  memdup_user+0x5e/0xd0
[  107.155999][ T7418]  strndup_user+0x68/0xb0
[  107.156025][ T7418]  bpf_uprobe_multi_link_attach+0x20b/0x900
[  107.156059][ T7418]  ? __rcu_read_unlock+0x4f/0x70
[  107.156127][ T7418]  ? __fget_files+0x184/0x1c0
[  107.156150][ T7418]  link_create+0x680/0x6e0
[  107.156169][ T7418]  __sys_bpf+0x628/0x7c0
[  107.156191][ T7418]  __x64_sys_bpf+0x41/0x50
[  107.156288][ T7418]  x64_sys_call+0x2aee/0x3000
[  107.156306][ T7418]  do_syscall_64+0xd2/0x200
[  107.156325][ T7418]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  107.156347][ T7418]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  107.156380][ T7418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.156400][ T7418] RIP: 0033:0x7f952eeaf749
[  107.156517][ T7418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.156532][ T7418] RSP: 002b:00007f952d917038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  107.156547][ T7418] RAX: ffffffffffffffda RBX: 00007f952f105fa0 RCX: 00007f952eeaf749
[  107.156558][ T7418] RDX: 0000000000000040 RSI: 00002000000012c0 RDI: 000000000000001c
[  107.156569][ T7418] RBP: 00007f952d917090 R08: 0000000000000000 R09: 0000000000000000
[  107.156581][ T7418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.156593][ T7418] R13: 00007f952f106038 R14: 00007f952f105fa0 R15: 00007ffc1cb1e5a8
[  107.156612][ T7418]  </TASK>
[  107.384544][ T4782] udevd[4782]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  107.396882][ T3665] udevd[3665]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  107.410242][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory
[  107.455039][ T4782] udevd[4782]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  107.466387][ T3665] udevd[3665]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  107.488986][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory
[  107.511965][ T7425] loop2: detected capacity change from 0 to 2048
[  107.565167][ T7431] loop0: detected capacity change from 0 to 1024
[  107.571858][ T7431] EXT4-fs: Ignoring removed orlov option
[  107.577659][ T7431] EXT4-fs: Ignoring removed i_version option
[  107.586498][ T7425]  loop2: p1 < > p4
[  107.591100][ T7425] loop2: p4 size 8388608 extends beyond EOD, truncated
[  107.607878][ T3665] udevd[3665]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  107.608051][ T4782] udevd[4782]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  107.625593][ T7431] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.629208][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory
[  107.663024][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.752002][ T7443] loop2: detected capacity change from 0 to 1024
[  107.759394][ T7443] EXT4-fs: Ignoring removed orlov option
[  107.768833][ T7443] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.872188][ T7450] FAULT_INJECTION: forcing a failure.
[  107.872188][ T7450] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  107.885321][ T7450] CPU: 1 UID: 0 PID: 7450 Comm: syz.3.1377 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  107.885397][ T7450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  107.885408][ T7450] Call Trace:
[  107.885414][ T7450]  <TASK>
[  107.885420][ T7450]  __dump_stack+0x1d/0x30
[  107.885439][ T7450]  dump_stack_lvl+0xe8/0x140
[  107.885458][ T7450]  dump_stack+0x15/0x1b
[  107.885474][ T7450]  should_fail_ex+0x265/0x280
[  107.885545][ T7450]  should_fail+0xb/0x20
[  107.885612][ T7450]  should_fail_usercopy+0x1a/0x20
[  107.885632][ T7450]  _copy_from_user+0x1c/0xb0
[  107.885651][ T7450]  kstrtouint_from_user+0x69/0xf0
[  107.885667][ T7450]  ? 0xffffffff81000000
[  107.885722][ T7450]  ? selinux_file_permission+0x1e4/0x320
[  107.885765][ T7450]  proc_fail_nth_write+0x50/0x160
[  107.885791][ T7450]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  107.885896][ T7450]  vfs_write+0x269/0x960
[  107.885918][ T7450]  ? vfs_read+0x4e6/0x770
[  107.885936][ T7450]  ? __rcu_read_unlock+0x4f/0x70
[  107.885957][ T7450]  ? __fget_files+0x184/0x1c0
[  107.886000][ T7450]  ksys_write+0xda/0x1a0
[  107.886023][ T7450]  __x64_sys_write+0x40/0x50
[  107.886046][ T7450]  x64_sys_call+0x2802/0x3000
[  107.886108][ T7450]  do_syscall_64+0xd2/0x200
[  107.886129][ T7450]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  107.886183][ T7450]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  107.886309][ T7450]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.886331][ T7450] RIP: 0033:0x7fb28915e1ff
[  107.886346][ T7450] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  107.886363][ T7450] RSP: 002b:00007fb287bbf030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  107.886378][ T7450] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb28915e1ff
[  107.886389][ T7450] RDX: 0000000000000001 RSI: 00007fb287bbf0a0 RDI: 0000000000000004
[  107.886398][ T7450] RBP: 00007fb287bbf090 R08: 0000000000000000 R09: 0000000000000000
[  107.886416][ T7450] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  107.886427][ T7450] R13: 00007fb2893b6038 R14: 00007fb2893b5fa0 R15: 00007ffc88cb9908
[  107.886446][ T7450]  </TASK>
[  107.893171][ T7454] xt_CT: You must specify a L4 protocol and not use inversions on it
[  107.944029][ T7456] FAULT_INJECTION: forcing a failure.
[  107.944029][ T7456] name failslab, interval 1, probability 0, space 0, times 0
[  108.010919][ T7461] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1378'.
[  108.013273][ T7456] CPU: 0 UID: 0 PID: 7456 Comm: syz.3.1379 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  108.013299][ T7456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  108.013308][ T7456] Call Trace:
[  108.013314][ T7456]  <TASK>
[  108.013354][ T7456]  __dump_stack+0x1d/0x30
[  108.013390][ T7456]  dump_stack_lvl+0xe8/0x140
[  108.013560][ T7456]  dump_stack+0x15/0x1b
[  108.013577][ T7456]  should_fail_ex+0x265/0x280
[  108.013608][ T7456]  should_failslab+0x8c/0xb0
[  108.013690][ T7456]  __kmalloc_noprof+0xa5/0x570
[  108.013738][ T7456]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[  108.013767][ T7456]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[  108.013794][ T7456]  genl_family_rcv_msg_doit+0x48/0x1b0
[  108.013822][ T7456]  ? selinux_capable+0x31/0x40
[  108.013844][ T7456]  ? security_capable+0x83/0x90
[  108.013873][ T7456]  ? ns_capable+0x7d/0xb0
[  108.013895][ T7456]  genl_rcv_msg+0x422/0x460
[  108.013918][ T7456]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  108.013956][ T7456]  ? __pfx_nl802154_del_llsec_seclevel+0x10/0x10
[  108.013981][ T7456]  ? __pfx_nl802154_post_doit+0x10/0x10
[  108.014024][ T7456]  netlink_rcv_skb+0x123/0x220
[  108.014144][ T7456]  ? __pfx_genl_rcv_msg+0x10/0x10
[  108.014171][ T7456]  genl_rcv+0x28/0x40
[  108.014191][ T7456]  netlink_unicast+0x5c0/0x690
[  108.014295][ T7456]  netlink_sendmsg+0x58b/0x6b0
[  108.014316][ T7456]  ? __pfx_netlink_sendmsg+0x10/0x10
[  108.014334][ T7456]  __sock_sendmsg+0x145/0x180
[  108.014501][ T7456]  ____sys_sendmsg+0x31e/0x4e0
[  108.014521][ T7456]  ___sys_sendmsg+0x17b/0x1d0
[  108.014602][ T7456]  __x64_sys_sendmsg+0xd4/0x160
[  108.014623][ T7456]  x64_sys_call+0x191e/0x3000
[  108.014644][ T7456]  do_syscall_64+0xd2/0x200
[  108.014664][ T7456]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  108.014756][ T7456]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  108.014851][ T7456]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.014871][ T7456] RIP: 0033:0x7fb28915f749
[  108.014932][ T7456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.014948][ T7456] RSP: 002b:00007fb287bbf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  108.014966][ T7456] RAX: ffffffffffffffda RBX: 00007fb2893b5fa0 RCX: 00007fb28915f749
[  108.015038][ T7456] RDX: 0000000000004000 RSI: 0000200000000500 RDI: 0000000000000004
[  108.015050][ T7456] RBP: 00007fb287bbf090 R08: 0000000000000000 R09: 0000000000000000
[  108.015061][ T7456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  108.015073][ T7456] R13: 00007fb2893b6038 R14: 00007fb2893b5fa0 R15: 00007ffc88cb9908
[  108.015090][ T7456]  </TASK>
[  108.136696][ T7463] loop3: detected capacity change from 0 to 1024
[  108.405538][ T7463] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  108.406087][   T29] kauditd_printk_skb: 1046 callbacks suppressed
[  108.406098][   T29] audit: type=1326 audit(1763792981.018:10104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7451 comm="syz.1.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f7acd15f749 code=0x7ffc0000
[  108.428485][ T7463] ext4 filesystem being mounted at /244/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.453349][   T29] audit: type=1326 audit(1763792981.068:10105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7451 comm="syz.1.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f7acd15f749 code=0x7ffc0000
[  108.481632][   T29] audit: type=1400 audit(1763792981.078:10106): avc:  denied  { map } for  pid=7462 comm="syz.3.1381" path="/244/file1/file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  108.504795][   T29] audit: type=1400 audit(1763792981.078:10107): avc:  denied  { execute } for  pid=7462 comm="syz.3.1381" path="/244/file1/file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  108.546826][ T7463] FAULT_INJECTION: forcing a failure.
[  108.546826][ T7463] name failslab, interval 1, probability 0, space 0, times 0
[  108.559595][ T7463] CPU: 0 UID: 0 PID: 7463 Comm: syz.3.1381 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  108.559623][ T7463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  108.559636][ T7463] Call Trace:
[  108.559642][ T7463]  <TASK>
[  108.559650][ T7463]  __dump_stack+0x1d/0x30
[  108.559699][ T7463]  dump_stack_lvl+0xe8/0x140
[  108.559763][ T7463]  dump_stack+0x15/0x1b
[  108.559780][ T7463]  should_fail_ex+0x265/0x280
[  108.559812][ T7463]  should_failslab+0x8c/0xb0
[  108.559903][ T7463]  __kmalloc_noprof+0xa5/0x570
[  108.560002][ T7463]  ? ext4_find_extent+0x16b/0x7a0
[  108.560041][ T7463]  ext4_find_extent+0x16b/0x7a0
[  108.560067][ T7463]  ext4_ext_map_blocks+0x11f/0x38a0
[  108.560089][ T7463]  ? folios_put_refs+0x291/0x2d0
[  108.560108][ T7463]  ? __folio_batch_release+0x8c/0xb0
[  108.560129][ T7463]  ? mpage_prepare_extent_to_map+0xbb2/0xc00
[  108.560157][ T7463]  ? ext4_es_lookup_extent+0x352/0x4f0
[  108.560197][ T7463]  ext4_map_blocks+0x5ee/0xd00
[  108.560229][ T7463]  ext4_do_writepages+0xef6/0x2750
[  108.560303][ T7463]  ? ext4_ext_map_blocks+0x26eb/0x38a0
[  108.560330][ T7463]  ? mas_wr_store_entry+0x1198/0x2750
[  108.560346][ T7463]  ? css_rstat_updated+0x71/0x240
[  108.560404][ T7463]  ? should_fail_ex+0x30/0x280
[  108.560460][ T7463]  ? should_failslab+0x8c/0xb0
[  108.560481][ T7463]  ? kmem_cache_alloc_noprof+0x242/0x480
[  108.560505][ T7463]  ext4_writepages+0x176/0x300
[  108.560566][ T7463]  ? __pfx_ext4_writepages+0x10/0x10
[  108.560588][ T7463]  do_writepages+0x1c6/0x310
[  108.560635][ T7463]  ? should_failslab+0x8c/0xb0
[  108.560658][ T7463]  ? _raw_spin_unlock+0x26/0x50
[  108.560678][ T7463]  ? wbc_attach_and_unlock_inode+0x91/0x2b0
[  108.560789][ T7463]  filemap_write_and_wait_range+0x144/0x340
[  108.560817][ T7463]  ? xas_load+0x413/0x430
[  108.560888][ T7463]  filemap_invalidate_pages+0xa4/0x1a0
[  108.560920][ T7463]  ? __iomap_dio_rw+0x14b/0x1240
[  108.560944][ T7463]  ? should_failslab+0x8c/0xb0
[  108.561043][ T7463]  kiocb_invalidate_pages+0x6e/0x80
[  108.561109][ T7463]  __iomap_dio_rw+0x5d1/0x1240
[  108.561142][ T7463]  ? ext4_journal_check_start+0x11a/0x1b0
[  108.561163][ T7463]  iomap_dio_rw+0x40/0x90
[  108.561185][ T7463]  ext4_file_write_iter+0xb3a/0xf60
[  108.561335][ T7463]  do_iter_readv_writev+0x4a1/0x540
[  108.561362][ T7463]  vfs_writev+0x2df/0x8b0
[  108.561419][ T7463]  ? mutex_lock+0xd/0x30
[  108.561448][ T7463]  do_writev+0xe7/0x210
[  108.561475][ T7463]  __x64_sys_writev+0x45/0x50
[  108.561574][ T7463]  x64_sys_call+0x1e9a/0x3000
[  108.561596][ T7463]  do_syscall_64+0xd2/0x200
[  108.561615][ T7463]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  108.561642][ T7463]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  108.561714][ T7463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.561735][ T7463] RIP: 0033:0x7fb28915f749
[  108.561749][ T7463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.561763][ T7463] RSP: 002b:00007fb287bbf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  108.561794][ T7463] RAX: ffffffffffffffda RBX: 00007fb2893b5fa0 RCX: 00007fb28915f749
[  108.561804][ T7463] RDX: 0000000000000001 RSI: 0000200000000140 RDI: 0000000000000005
[  108.561884][ T7463] RBP: 00007fb287bbf090 R08: 0000000000000000 R09: 0000000000000000
[  108.561956][ T7463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  108.561967][ T7463] R13: 00007fb2893b6038 R14: 00007fb2893b5fa0 R15: 00007ffc88cb9908
[  108.561985][ T7463]  </TASK>
[  108.564592][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.590097][   T29] audit: type=1400 audit(1763792981.198:10108): avc:  denied  { setopt } for  pid=7467 comm="syz.0.1382" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  108.598513][ T7468] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1382'.
[  108.662910][ T7463] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: comm syz.3.1381: lblock 0 mapped to illegal pblock 0 (length 6)
[  108.671358][ T7474] netlink: 'syz.0.1382': attribute type 1 has an invalid length.
[  108.673863][   T29] audit: type=1400 audit(1763792981.278:10109): avc:  denied  { connect } for  pid=7467 comm="syz.0.1382" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  108.678700][ T7474] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1382'.
[  108.683870][ T7463] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117
[  108.704069][ T7470] loop2: detected capacity change from 0 to 1024
[  108.708519][ T7463] EXT4-fs (loop3): This should not happen!! Data will be lost
[  108.708519][ T7463] 
[  108.709860][ T7463] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 7: comm syz.3.1381: lblock 7 mapped to illegal pblock 7 (length 9)
[  108.714136][ T7470] EXT4-fs: Ignoring removed orlov option
[  108.732480][ T7463] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 7 with max blocks 9 with error 117
[  108.734368][ T7470] EXT4-fs: Ignoring removed i_version option
[  108.739748][ T7463] EXT4-fs (loop3): This should not happen!! Data will be lost
[  108.739748][ T7463] 
[  108.825727][   T29] audit: type=1326 audit(1763792981.388:10110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7475 comm="syz.1.1384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7acd15f749 code=0x7ffc0000
[  108.878784][ T7479] netlink: 'syz.1.1385': attribute type 10 has an invalid length.
[  108.880947][   T29] audit: type=1326 audit(1763792981.388:10111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7475 comm="syz.1.1384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7acd15f749 code=0x7ffc0000
[  108.952360][ T7483] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1385'.
[  108.958231][   T29] audit: type=1326 audit(1763792981.388:10112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7475 comm="syz.1.1384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7acd15f749 code=0x7ffc0000
[  108.980449][ T7470] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.987740][   T29] audit: type=1326 audit(1763792981.388:10113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7475 comm="syz.1.1384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7acd15f749 code=0x7ffc0000
[  109.186074][ T5410] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:64: bg 0: block 112: padding at end of block bitmap is not set
[  109.201449][ T5410] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 1 with error 117
[  109.213852][ T5410] EXT4-fs (loop3): This should not happen!! Data will be lost
[  109.213852][ T5410] 
[  109.232688][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  109.253326][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.272725][ T7494] loop4: detected capacity change from 0 to 164
[  109.293914][ T7494] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  109.318630][ T7494] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  109.331583][ T7500] loop3: detected capacity change from 0 to 128
[  109.338158][ T7494] Symlink component flag not implemented
[  109.343811][ T7494] Symlink component flag not implemented
[  109.354042][ T7494] Symlink component flag not implemented (7)
[  109.360045][ T7494] Symlink component flag not implemented (116)
[  109.374277][ T7500] Buffer I/O error on dev loop3, logical block 79, lost async page write
[  109.383270][ T7500] Buffer I/O error on dev loop3, logical block 80, lost async page write
[  109.392401][ T7500] Buffer I/O error on dev loop3, logical block 83, lost async page write
[  109.400926][ T7500] Buffer I/O error on dev loop3, logical block 84, lost async page write
[  109.409893][ T7500] Buffer I/O error on dev loop3, logical block 95, lost async page write
[  109.418415][ T7500] Buffer I/O error on dev loop3, logical block 96, lost async page write
[  109.439166][ T7500] Buffer I/O error on dev loop3, logical block 99, lost async page write
[  109.451279][ T7500] Buffer I/O error on dev loop3, logical block 100, lost async page write
[  109.460861][ T7500] Buffer I/O error on dev loop3, logical block 111, lost async page write
[  109.485592][ T7500] Buffer I/O error on dev loop3, logical block 112, lost async page write
[  109.524129][ T7513] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1397'.
[  109.583285][ T7517] loop4: detected capacity change from 0 to 1024
[  109.595081][ T7517] EXT4-fs: Ignoring removed orlov option
[  109.600842][ T7517] EXT4-fs: Ignoring removed i_version option
[  109.639206][ T7517] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.698752][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.794054][ T7545] loop1: detected capacity change from 0 to 128
[  109.801296][ T7541] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1407'.
[  109.846276][ T7550] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1410'.
[  109.864619][ T7545] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  109.877439][ T7545] ext4 filesystem being mounted at /278/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  110.039284][ T7562] loop2: detected capacity change from 0 to 1024
[  110.060475][ T7562] EXT4-fs: Ignoring removed orlov option
[  110.066257][ T7562] EXT4-fs: Ignoring removed i_version option
[  110.113558][ T7562] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.197748][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.037829][ T7609] loop4: detected capacity change from 0 to 1024
[  111.070159][ T7609] EXT4-fs: Ignoring removed orlov option
[  111.075921][ T7609] EXT4-fs: Ignoring removed i_version option
[  111.134088][ T3311] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  111.201914][ T7609] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.228482][ T7620] __nla_validate_parse: 1 callbacks suppressed
[  111.228535][ T7620] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1433'.
[  111.258315][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.284059][ T7624] process 'syz.1.1436' launched '/dev/fd/14' with NULL argv: empty string added
[  111.322545][ T7628] netlink: 'syz.2.1437': attribute type 1 has an invalid length.
[  111.330353][ T7628] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1437'.
[  111.381756][ T7636] loop1: detected capacity change from 0 to 128
[  111.410236][ T7631] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1438'.
[  111.562785][ T7650] loop4: detected capacity change from 0 to 128
[  111.713896][ T7650] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  111.818502][ T7650] ext4 filesystem being mounted at /299/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  111.851338][ T7661] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1448'.
[  112.226083][ T7679] FAULT_INJECTION: forcing a failure.
[  112.226083][ T7679] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  112.239232][ T7679] CPU: 1 UID: 0 PID: 7679 Comm: syz.1.1455 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  112.239257][ T7679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  112.239266][ T7679] Call Trace:
[  112.239271][ T7679]  <TASK>
[  112.239277][ T7679]  __dump_stack+0x1d/0x30
[  112.239295][ T7679]  dump_stack_lvl+0xe8/0x140
[  112.239311][ T7679]  dump_stack+0x15/0x1b
[  112.239347][ T7679]  should_fail_ex+0x265/0x280
[  112.239378][ T7679]  should_fail+0xb/0x20
[  112.239392][ T7679]  should_fail_usercopy+0x1a/0x20
[  112.239446][ T7679]  _copy_from_iter+0xd2/0xe80
[  112.239466][ T7679]  ? __build_skb_around+0x1ab/0x200
[  112.239496][ T7679]  ? __alloc_skb+0x223/0x320
[  112.239525][ T7679]  netlink_sendmsg+0x471/0x6b0
[  112.239548][ T7679]  ? __pfx_netlink_sendmsg+0x10/0x10
[  112.239644][ T7679]  __sock_sendmsg+0x145/0x180
[  112.239666][ T7679]  ____sys_sendmsg+0x31e/0x4e0
[  112.239688][ T7679]  ___sys_sendmsg+0x17b/0x1d0
[  112.239719][ T7679]  __x64_sys_sendmsg+0xd4/0x160
[  112.239803][ T7679]  x64_sys_call+0x191e/0x3000
[  112.239821][ T7679]  do_syscall_64+0xd2/0x200
[  112.239838][ T7679]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  112.239878][ T7679]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  112.239910][ T7679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.239936][ T7679] RIP: 0033:0x7f7acd15f749
[  112.239970][ T7679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.239987][ T7679] RSP: 002b:00007f7acbbc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  112.240007][ T7679] RAX: ffffffffffffffda RBX: 00007f7acd3b5fa0 RCX: 00007f7acd15f749
[  112.240020][ T7679] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000007
[  112.240083][ T7679] RBP: 00007f7acbbc7090 R08: 0000000000000000 R09: 0000000000000000
[  112.240095][ T7679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  112.240106][ T7679] R13: 00007f7acd3b6038 R14: 00007f7acd3b5fa0 R15: 00007fff6fca4728
[  112.240123][ T7679]  </TASK>
[  112.271712][   T10] kernel read not supported for file /vga_arbiter (pid: 10 comm: kworker/0:1)
[  112.528849][ T7665] lo speed is unknown, defaulting to 1000
[  112.546437][ T7665] lo speed is unknown, defaulting to 1000
[  112.552430][ T7665] lo speed is unknown, defaulting to 1000
[  112.558453][ T7665] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  112.566219][ T7665] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  112.710645][ T7665] lo speed is unknown, defaulting to 1000
[  112.747173][ T7665] lo speed is unknown, defaulting to 1000
[  112.785164][ T7665] lo speed is unknown, defaulting to 1000
[  112.815431][ T7665] lo speed is unknown, defaulting to 1000
[  112.891464][ T7665] lo speed is unknown, defaulting to 1000
[  112.980934][ T7700] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1461'.
[  113.114128][ T7711] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1465'.
[  113.128902][ T7713] loop3: detected capacity change from 0 to 512
[  113.146186][ T7713] EXT4-fs error (device loop3): ext4_init_orphan_info:581: comm syz.3.1466: inode #0: comm syz.3.1466: iget: illegal inode #
[  113.197108][ T7715] loop0: detected capacity change from 0 to 1024
[  113.203690][ T7713] EXT4-fs (loop3): Remounting filesystem read-only
[  113.210271][ T7713] EXT4-fs (loop3): get orphan inode failed
[  113.217819][ T7713] EXT4-fs (loop3): mount failed
[  113.223196][ T7715] EXT4-fs: Ignoring removed orlov option
[  113.229028][ T7715] EXT4-fs: Ignoring removed i_version option
[  113.243378][ T7715] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.244492][ T7724] program syz.2.1469 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  113.269594][ T7724] FAULT_INJECTION: forcing a failure.
[  113.269594][ T7724] name failslab, interval 1, probability 0, space 0, times 0
[  113.282288][ T7724] CPU: 0 UID: 0 PID: 7724 Comm: syz.2.1469 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  113.282367][ T7724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  113.282376][ T7724] Call Trace:
[  113.282395][ T7724]  <TASK>
[  113.282401][ T7724]  __dump_stack+0x1d/0x30
[  113.282420][ T7724]  dump_stack_lvl+0xe8/0x140
[  113.282436][ T7724]  dump_stack+0x15/0x1b
[  113.282470][ T7724]  should_fail_ex+0x265/0x280
[  113.282504][ T7724]  should_failslab+0x8c/0xb0
[  113.282533][ T7724]  __kmalloc_noprof+0xa5/0x570
[  113.282633][ T7724]  ? bio_kmalloc+0x41/0x50
[  113.282671][ T7724]  bio_kmalloc+0x41/0x50
[  113.282699][ T7724]  blk_rq_map_kern+0x223/0x5c0
[  113.282721][ T7724]  scsi_ioctl+0x12c0/0x14d0
[  113.282739][ T7724]  ? avc_has_perm+0xf7/0x180
[  113.282786][ T7724]  ? file_has_perm+0x35c/0x3a0
[  113.282828][ T7724]  ? do_vfs_ioctl+0x866/0xe10
[  113.282847][ T7724]  sg_ioctl+0xdf6/0x1360
[  113.282873][ T7724]  ? __pfx_sg_ioctl+0x10/0x10
[  113.282917][ T7724]  __se_sys_ioctl+0xce/0x140
[  113.282934][ T7724]  __x64_sys_ioctl+0x43/0x50
[  113.282954][ T7724]  x64_sys_call+0x1816/0x3000
[  113.283052][ T7724]  do_syscall_64+0xd2/0x200
[  113.283124][ T7724]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  113.283172][ T7724]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  113.283279][ T7724]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.283296][ T7724] RIP: 0033:0x7f952eeaf749
[  113.283309][ T7724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.283363][ T7724] RSP: 002b:00007f952d917038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  113.283382][ T7724] RAX: ffffffffffffffda RBX: 00007f952f105fa0 RCX: 00007f952eeaf749
[  113.283453][ T7724] RDX: 00002000000000c0 RSI: 0000000000000001 RDI: 0000000000000003
[  113.283463][ T7724] RBP: 00007f952d917090 R08: 0000000000000000 R09: 0000000000000000
[  113.283473][ T7724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.283483][ T7724] R13: 00007f952f106038 R14: 00007f952f105fa0 R15: 00007ffc1cb1e5a8
[  113.283498][ T7724]  </TASK>
[  113.505815][   T29] kauditd_printk_skb: 638 callbacks suppressed
[  113.505828][   T29] audit: type=1326 audit(1763792986.123:10752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7712 comm="syz.3.1466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb28915f749 code=0x7ffc0000
[  113.535672][   T29] audit: type=1326 audit(1763792986.123:10753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7712 comm="syz.3.1466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7fb28915f749 code=0x7ffc0000
[  113.559133][   T29] audit: type=1326 audit(1763792986.123:10754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7712 comm="syz.3.1466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb28915f749 code=0x7ffc0000
[  113.582897][   T29] audit: type=1326 audit(1763792986.123:10755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7712 comm="syz.3.1466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7fb28915f749 code=0x7ffc0000
[  113.606529][   T29] audit: type=1326 audit(1763792986.123:10756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7712 comm="syz.3.1466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb28915f749 code=0x7ffc0000
[  113.630140][   T29] audit: type=1326 audit(1763792986.123:10757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7712 comm="syz.3.1466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb28915f749 code=0x7ffc0000
[  113.655880][ T3313] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  113.656738][ T7728] loop1: detected capacity change from 0 to 256
[  113.686520][ T4782] ==================================================================
[  113.694587][ T4782] BUG: KCSAN: data-race in set_nlink / set_nlink
[  113.700918][ T4782] 
[  113.703236][ T4782] read to 0xffff88810710bd28 of 4 bytes by task 3003 on cpu 0:
[  113.710767][ T4782]  set_nlink+0x29/0xb0
[  113.714826][ T4782]  kernfs_iop_permission+0x1e2/0x220
[  113.720099][ T4782]  inode_permission+0x1ca/0x310
[  113.724938][ T4782]  link_path_walk+0x162/0x900
[  113.729603][ T4782]  path_lookupat+0x63/0x2a0
[  113.734096][ T4782]  filename_lookup+0x147/0x340
[  113.738851][ T4782]  vfs_statx+0x9d/0x390
[  113.742993][ T4782]  vfs_fstatat+0x115/0x170
[  113.747421][ T4782]  __se_sys_newfstatat+0x55/0x260
[  113.752438][ T4782]  __x64_sys_newfstatat+0x55/0x70
[  113.757453][ T4782]  x64_sys_call+0x135a/0x3000
[  113.762116][ T4782]  do_syscall_64+0xd2/0x200
[  113.766636][ T4782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.772522][ T4782] 
[  113.774839][ T4782] write to 0xffff88810710bd28 of 4 bytes by task 4782 on cpu 1:
[  113.782452][ T4782]  set_nlink+0x99/0xb0
[  113.786595][ T4782]  kernfs_iop_permission+0x1e2/0x220
[  113.791867][ T4782]  inode_permission+0x1ca/0x310
[  113.796710][ T4782]  link_path_walk+0x162/0x900
[  113.801375][ T4782]  path_openat+0x1de/0x2170
[  113.805862][ T4782]  do_filp_open+0x109/0x230
[  113.810354][ T4782]  do_sys_openat2+0xa6/0x110
[  113.814927][ T4782]  __x64_sys_openat+0xf2/0x120
[  113.819674][ T4782]  x64_sys_call+0x2eab/0x3000
[  113.824334][ T4782]  do_syscall_64+0xd2/0x200
[  113.828820][ T4782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.834697][ T4782] 
[  113.836999][ T4782] value changed: 0x00000009 -> 0x00000008
[  113.842953][ T4782] 
[  113.845255][ T4782] Reported by Kernel Concurrency Sanitizer on:
[  113.851381][ T4782] CPU: 1 UID: 0 PID: 4782 Comm: udevd Not tainted syzkaller #0 PREEMPT(voluntary) 
[  113.860819][ T4782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  113.870859][ T4782] ==================================================================
[  113.880436][ T7728] FAT-fs (loop1): bogus number of FAT sectors
[  113.886508][ T7728] FAT-fs (loop1): Can't find a valid FAT filesystem
[  113.893356][   T29] audit: type=1326 audit(1763792986.293:10758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7729 comm="syz.2.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f952eeaf749 code=0x7ffc0000
[  113.905896][ T7736] loop3: detected capacity change from 0 to 1024
[  113.916959][   T29] audit: type=1326 audit(1763792986.313:10759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7729 comm="syz.2.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f952eeaf749 code=0x7ffc0000
[  113.946731][   T29] audit: type=1326 audit(1763792986.313:10760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7729 comm="syz.2.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f952eeaf749 code=0x7ffc0000
[  113.970185][   T29] audit: type=1326 audit(1763792986.323:10761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7729 comm="syz.2.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f952eeaf749 code=0x7ffc0000
[  114.006285][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.043904][ T7736] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.1473: Failed to acquire dquot type 0
[  114.055863][ T7736] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  114.070373][ T7734] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  114.090479][ T7736] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #13: comm syz.3.1473: corrupted inode contents
[  114.107618][ T7736] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #13: comm syz.3.1473: mark_inode_dirty error
[  114.119313][ T7736] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #13: comm syz.3.1473: corrupted inode contents
[  114.131512][ T7736] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #13: comm syz.3.1473: mark_inode_dirty error
[  114.143462][ T7736] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #13: comm syz.3.1473: corrupted inode contents
[  114.156507][ T7736] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem
[  114.165223][ T7736] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #13: comm syz.3.1473: corrupted inode contents
[  114.177270][ T7736] EXT4-fs error (device loop3): ext4_truncate:4637: inode #13: comm syz.3.1473: mark_inode_dirty error
[  114.188685][ T7736] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem
[  114.198071][ T7736] EXT4-fs (loop3): 1 truncate cleaned up
[  114.203987][ T7736] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.224311][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.