last executing test programs:

2.015844308s ago: executing program 2 (id=2184):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
ptrace(0x10, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r2, 0x4)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000001000000280001801400040000000000000002000000ffffac1414aa060001000a0080000800060003"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000000000000002000000140001800500020001"], 0x28}, 0x1, 0x0, 0x0, 0x20044811}, 0x2000c094)

1.68841192s ago: executing program 0 (id=2178):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x42, 0x6, 0x8, 0x0, 0x1}, 0x48)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
fcntl$setlease(r1, 0x400, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r2}, 0x18)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r3 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11ff0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x8, 0x4, 0x80400, 0x200000002006, 0x7fc})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r4}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x8001, 0x0, r0}, 0x50)

1.63366471s ago: executing program 0 (id=2181):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x7, 0x4, 0x100, 0x6, 0x8}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x9, &(0x7f0000000180)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {}, {0x85, 0x0, 0x0, 0x1b}}, @call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r3}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1, 0x0, 0x1ff}, 0x18)

1.6210908s ago: executing program 0 (id=2182):
socket(0x200000000000011, 0x2, 0x0)
r0 = semget$private(0x0, 0x6, 0x0)
semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x7}], 0x1, 0x0)
semop(r0, &(0x7f00000000c0)=[{}], 0x1)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x63, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0xffffffff, 0xfd}, 0x40, 0x0, 0x800000, 0x6, 0x2, 0xcb, 0xffff, 0x0, 0x0, 0x0, 0x100000000c0}, 0x0, 0xfff7ffffffffffff, 0xffffffffffffffff, 0x1)
semctl$IPC_RMID(r0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000001000080000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r4}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
vmsplice(r2, &(0x7f00000013c0)=[{&(0x7f0000000080)='4', 0x1}, {&(0x7f0000000300)="a7", 0x1}, {&(0x7f0000000240)="9f", 0x1}, {&(0x7f0000000380)="3951ba100f9b6c67166a73de4c7843bb45aca68fd5d3b0c691d208e4a8a6db4dad223eff111bfe9e88b3be29d569766227a679c31b46775fa570c6729f2c8bfa409172fd8c7cd337f430ff079e000858b3a9fbff118e53caa445c8ea69af46d784b7aa3b5262ddf7441bf8f2ffa6d64d0d6ad49230081bc69e26cd3a08ae4eca1f4235d18f8b2b49667a7b9821a9d74c25427933a98ccff67e9d1920c90527595b01975d27d56c355e8ceb18387f79be5a5195a650b672255c5c3b049e6b5fb5", 0xc0}], 0x4, 0x1)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r5 = getpid()
perf_event_open(&(0x7f0000001100)={0x5, 0x80, 0x9, 0x8, 0xb, 0xfb, 0x0, 0x3c, 0xc002, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}, 0x18842, 0x0, 0x7fffffff, 0x2, 0x3cd, 0x3, 0x7, 0x0, 0x0, 0x0, 0x7}, r5, 0x0, 0xffffffffffffffff, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
futex(0x0, 0x6, 0x0, 0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x1022002, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x6}, 0x220}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000007c0)=ANY=[@ANYBLOB="5800000002060108000000bca3000000000000400500010006000000050005000200000005000400000000000900020073797a31000000000c000780080012400000000211000300686173683a69702c6d61726b"], 0x58}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000000906010200000000000000000200ffff200007800c00018008000140a2fd4ebc08000a400000000205000300020000000900020073797a310000000005000100"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
socket$nl_generic(0x10, 0x3, 0x10)

1.60769613s ago: executing program 4 (id=2185):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff8)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000000080)={r0, 0xf1, 0xc8}, &(0x7f00000000c0)={'enc=', 'pkcs1', ' hash=', {'xxhash64\x00'}}, &(0x7f0000000140)="2c54abce4ce5bcdac04218736f9a5f1b07e3377f238b6d3958f08960f16c27c3d63d5e972ef7108f067091c0c7d697748d5c1ac8945e0d6b4bbefa54389fb617f55a45634fb5f3dcf951168d9daf5bbdc2ae12d616058427565d7e5a2cb9cfa2bdda1a5fecdd00458e0f4953ca6fbdbfdd398a0dcc8e8021ba93897c543c090251faf6d687b08f60b35b41f4f4004ba30773229f80d460645a5abfb90d31b992751daa18179c848a1c459ec7426e8badf4a02378ab77aa8049bdc40c21a7e724b3cea9bbede88fd2bc340042598b7315a84415e7723fcaf66433c6ef35f7369b271672b0c9ecf0fb613dbe3f3a1e623c84", &(0x7f0000000240)=""/200)
keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f0000000340)={r0, 0x0, 0x6e}, &(0x7f0000000380)={'enc=', 'raw', ' hash=', {'blake2s-160-arm\x00'}}, &(0x7f0000000400), &(0x7f0000000440)="e53968e1f7dc12a731af801c54a4aa3772470056739de438004172bd0695151ddac02def442309925e9d2beb9e68f909dbd7facc11afca18d49a96faab35d30fb59ffc5a7b44afcd9b2542b8dc00035534b3dd3335182268a3e8b566c129d0ac4609230153f4913c6491c68c6b54")
keyctl$KEYCTL_PKEY_DECRYPT(0x1a, &(0x7f00000004c0)={r0, 0xfc, 0xbb}, &(0x7f0000000500)={'enc=', 'raw', ' hash=', {'sha256-ssse3\x00'}}, &(0x7f0000000580)="5dc518b0141b18e377401a936764739bab3b82d72a875d3211ddc612f934e1654d3b6a29ebfff5f52e7abc7316086df2629029a083923dfb1ec1470e836828b27d54e4492d99dec0c088c175d3fe19fa2d3829bbb73960e00775f4f7b7203c1d425bdef550110d1e2c0befff39edfae3ff4d8f775286636b29f9b2297e060280e5f84479fb4181f0835b8654ce1de362205a1b40c76571af3202b11abdc41e1ea7aa877883fdcb7332933ad56735c1c2f9249809803615c9535cfd086fd1489a9eb8339e71e140be970a2bf67f4c4b67625683b31f7c48bacea1f9f0d01105c1bddd1576cb51a2d0783d708620358a4d960a05379283f2c01b5412a2", &(0x7f0000000680)=""/187)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000000740)={r0, 0xba, 0x12}, &(0x7f0000000780)={'enc=', 'oaep', ' hash=', {'sha3-512-generic\x00'}}, &(0x7f0000000800)="9609c810d6ab6854b89a8f3575d9cab3288f8734d3eeb7240c8ecfa07525d04ae6ea7591c7a8452bafc4d138978e75f54bf2a71e39e9d75dadb8dd9f80989135b6339f0e78d3aaed1bcac3dabc6caa85ca8a8eeb85fcac2e602caa7c671a57a0107da7b538b40a1f3ed8bf800daa510597688a6ad41519c8d1f7d7ed524cf6b27a2a6642023e076228d8a80e54fe890accf2f21750410abffd2247abf530a5375de99d0eba3f7232c2aacdbb504717feadb3f485d5c7bf70342b", &(0x7f00000008c0)=""/18)
keyctl$update(0x2, r0, &(0x7f0000000900)="9c9bd4c991af525423fc9bd64890eb94", 0x10)
r1 = request_key(&(0x7f0000000940)='rxrpc\x00', &(0x7f0000000980)={'syz', 0x3}, &(0x7f00000009c0)='pkcs1', 0xfffffffffffffffd)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000000a00)={r1, 0x6a, 0xdf}, &(0x7f0000000a40)={'enc=', 'raw', ' hash=', {'wp256-generic\x00'}}, &(0x7f0000000ac0)="71ca3227d7a6fc537af23e8d8dc6b46d3f532fbad156c49e639de84f26568da6be670d3026ad038535b4782eb5cbb77ec33a120623d0477532b755dbe6f91a93317eb5c9fc39bceb2962ff24fac9e17970d5046b99ceeb70b13df7a6d18d927c4b502293ec8d655be457", &(0x7f0000000b40)=""/223)
keyctl$set_timeout(0xf, r0, 0x9)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000c40)={0x28, 0x0, 0x2710}, 0x10)
keyctl$instantiate_iov(0x14, r1, &(0x7f0000002080)=[{&(0x7f0000000c80)="2aee665315e6933fe571bb75a930ce0fb06f9b1cc823b19a1de252188438041caecf89a2eac672163f63166cc279b8c7925fcc4c915fcd9acdf43e42fbfdfb426cd85c2b2b9a2ddeb96019aab7dad303b47a6d918d1f2f50e67e6f38861df6f189575105c58a5d131a0e3f2b435d5a80a7a81397b2211a424ee61805e8c3c4027b4a693da0fa595083610fd628646ca1de", 0x91}, {&(0x7f0000000d40)="8feecec95a1c359a8db8e42a72868979e17ca57e25858933778894933a0563a8f34885e5b8d78a6633902598681138bbbc5511fecc525ddf5e2d5dae5e95ab641f5deec205b8186067975a8d21fb8be8a427f4915a300cd407d5b839e054cd31666e0ede68e246e6e2a764ddb079e66358c31ff22cc20c0b63370f46ca14c6c400cec432bf7e02f12cdccfdd878319893792e78b568a8cd8e20ec7f0a2aa7bb7021771ee7e59bab77c40206e004769eb8b691f4ea7784543d96388661781f225fd22711b310656cb25e2401505f282d0ba66c73ea4e5087a0478100d42ca621102e8d209094bb476882dfa693ae61a465a5ceed59395fe17b39c", 0xfa}, {&(0x7f0000000e40)="430ada71cc8a3a632b9904b2e79febceee62accf597f7e1bae40313664007415069de1d4437cf6f932aa3fe370b8b9a90744522ffcc204c8fdfe55069e01efcb90e9dfb810d0033c59df2394cb6db0dd19660128bdc18baa55df6eee0e56c29a522239ec2a5ca80988e6d78b8599f24ce7779d78dba0c63444c9400175d8e3927975202044ed81f151bcd6ecdda7e44b36ad94af707f0129664f9083a82820001b70a6ee93773ecd7669d209e71b2d06ae045bf7410a2e65195577a6c828f10f38f0683945fe52e5be9089ab01f4b2547ed4070c9062578d", 0xd8}, {&(0x7f0000000f40)}, {&(0x7f0000000f80)="f084a00f4af36c00e520f6fd8cb30994beddcb6c4dd875ff126c20b776f041f58dc80733aca627f6bcc9d1d8f915afdf2422346e36759fab439a7cd651de85ea54663b80efcbffa965fc8be6c64f2c5689cc670c626c32579705385dee9d3df06061bd9ff6734a3f10ebe103e718caa17c3a35cd89d9116053654b300887016c4b75ee14f5eff6861ca8dfef6c27d239c84823cc03b591a9822e93bc5d5f1f19d4f8af906be6fec1599ebeaafdd0260e41f4cb3532753242b9d34f311a04498b0679f69acdf29d3385ba41c6b727de354a1b8c0314cee224d26fd94a71a8c121fb81d3e06aca06207210ab00371f0aa5d86bf69c492c59382b14f2c9f4c1ba47bfc61a42d4d6d0c221d690dea7dccbd179749e2946dddaf7576faccfe09b7bf9366958836f6449647d6b26d734b610b0f6d431f3bf16c5759e340f15b15c9d15f6a5155a6c59e7bbdc4af148fb341e9bef47e80c3b56933e4d4b0406eb3e5f3a98542e780f4b3e3b60e2b9afe61b98a62b477c04f953621fd2a6e9f8b683d1147abf440f3f56644cc47eff50e2ef27ec3a3ad79ae44e6f74a2cae81125d127464fcee605a0463287a2b4d8d39fce18d9c3db3d02bf68a80289569c13b09bd116d9d1deaaed4245357e13b372c5e671fa6920dff7c28ab428ddda99b0b4c67ea0cf9c3ec5ef3e2b8b2e5b55b0d6f641b46ee2f97159466acd54b7daeb01acf7ed3851e016bc8d1ada2a7dd1c8b5d1689e93f574aff14555d2ec882520624f04ecd295e44518d95519c4ced87fd8c8b6a8ffe56db47bb06e78c997c09e7dfddf02bf2ec59a2c0515185b5cc499c0b3514f69757a1c66fcbb3e48c9c5f144ef260f20905633ffa757795e444890b9f4d31d1764c07b51844a50a7819a2f9f2711256e327a29aa20491ee9a37ee30d6662f536af2e7b84de01a7e74055512e68da7c5276bbc766e4f7d5712db1ae605227b112b6db4871d29eca8ddb12c670ddbe783b817a337509a7b9ed6a59832c7b3d4e500e9f6784fea2999bca43bcfac652bd6f5735d5e7b911d0d0bdca06d787ff46e9f368417b80e7adb9c217b310f51015ad1d7265585707c46b1361d7bc28ba39e20386128cefcfd3ae79aeebcdff5c6f18899041a28f78db8d2e4fdd4840854e075e98f913fafe27889d1949279aeab22ad3c6d87e81d0e1897497f7be88a3b76db6cb0fc6863d412c4d25b85a7afb111684b74ff336bfdd15d8a86dce10c1a083beba9d11da9faee80b13292c35ed0a8670e72fdf9ae8c7bcce59cee6b0d807faa0253a3f7096e852f8b93040aa7c599b4b099ad46b99def1d88951854d03c9c33b82f71df922452075339cedbf8dbf05402fea93b00efead468af8e20984eabfb7857387d7297960d7631007fe8fb70e951edebee84b67189b1a26ab22b38df847f21923562eb39bb9cef0d7ffcd4e15cff80988ad088a629295b78128cfd3f1ea1f32cd0159911b072712728d3e940bc0ad7455d2244ee662eb74d23ff9c590f88153cc56b756b526de04a3c6e154eb462488373e862d83dd4eef40694e589424441f1fe94f2599636098a4b675db094ecd889ce06167befd16db89c3198e078a33a9954809ab653af80abdd3fc93356703d27766f3647cc18bebf1e2ddedf0f42563e04e13b15e7d6dd7ccc5b39836c03a523f5488f144179179e392f9e6ce16686f978faae2a7b7cace40ac5c235a1a6e829f757281896906ed91c1dda523c6bb806edd00b68047762a20f32ff31d3ae13094d1f5121ddfbb70776af3c6663c10a3bdbf9032a76dec498e859e0604b40f59fe1b2b9fe04c672f43ffb0df04f01869db267795657458069540a10a546b1e953c74ba47fb758b548db0dc8ea3aa283273f86cc0192a1ee53a25fd691dc5cd690cdd268813802db68ba30dcb4854889f091fec40ef9a915ee5517ffc7607899c7726adba38fb3a1dc15eef57de90615a776cb40fe06de9e3dbe632311897ccd5380d2496d9b418414a422104f2ce6017cd768e7c02960bb285db9408c0b6cca3e4b1309c26f6752b5f6f7d214e01cf01d87c96b53e6ad0ebf3dea3106a86655ba6566cbfba4f2498de024cdfe215b77f5c3e235b8c9d9232227fcb63160bf69b1b56a5bd84d9165cdbf8fb2993437520a02ab9480ad60ffb1bf3c38f116fd7e40e579d820a31be7196924f614186ab2d5320604c1414e955efd0beb62034daac19ea2525dcf06c3b10192a60c2dadfa56c65ed1b1f5f8592521d67ea24c189e61bbe5f845b3351ca07edb2f5b110dff1bf3b90c141e17004b558f1229a405d104c11aa4ed285521287b42570e7953a569ed1b7c8c25f0dadabfff3fa178c04b62c9cbb9b72cbe1bb23d4acc32999ea982cf063dabdb8b8bb082c970d4a1657985653a3115a51854c1cd434292c05d6eb8c34d6c900878f19e1d54a87701b8a6ce23ae454b255465aae0c6daa9a9e2ffaa4b002d1fab25ae16bdb958247e6e72ee650a3a01d17888415006cbc573b6ed6e92e07043bf2b0e2218e9031e9cd95b475281bfe5f9c4ff38d15d992a57adf6e73b9394539d5ffff1df2b6aa7caf094aa2c5a1eab51b017a16cc75e27cdbb4488a1aa0a66c521a8c2f3f0c479ba30a737662770bfadbcffcfc45e3ce26346447a6abf007f1487ce050a6f3b6a9c069dd0debda710ea911b3046638f612b3aa3937c4a70fc22a8ce75228be7adb052b76ca5919b33d4db39b5d878e96a540be77ae985dd4c691b11be0203eca88f703f7755378775aea6e445e15f7df61d2b560b8429393acebaf6a9d9bd1aa31b6a24d123aee0fc43aa45078d12c2817d17501d8964ac4c19c392140e13e854266746708c946dc8612f4a4248ddf8851a8fdb5a574cda63628ca0e5faa082d7224de538819cb2dfab01e10519fafde33b9cf6e310bdd5a682f8743d2312543180ad686c5e079f4955e6ede016ad298bf332f6689c6212e87474d23fae2308bee7277d09f2fd8257f82aef5842a68a08a10c4aa9d30aa82e10ad7ebefc0d4f53efe19739f432efb38b0b913739f08353d55edbcfe6e37ef85f8fe0084c31c582aed5fc3235de984002e669c017d898154baab97dbb8743812c3e005b9c571b2572f26da360e1db808175bb9099316efda68e8c3320614b959cbef249c5037921fbfe3027263906618fffd371ec20bb83f6b0c401ec903b16ed2e84f4f6bcb44b41c88a29e9431bc90a2585cf6eca4681f2cffa0576ca303943fcefcd0bb9b2a9ea8415309488627f7bb74e7e394d3353249106b875fe3cbb489ca00e59c261ffabd25b1a8156090afaf8936503fdcbfe148057b36c8b174a6ef40dab997ed1a7ea76215b72d663e4610cb6223679e88c65d4960ffa63413173065d084155b526d20c53ad3b92e091e31fd6500c9527a701d6c8d2dd98967d038afd705294a84e5479f8f82a058ed0b867215cdfaa69934df36e9dec30356d61bbb95dc0dc525245e2e22f953c36e14e2c0dc4b9c9398e7bc77cc8626150e0185f8ab5ffd4abfaf4445f6ae0d7723636a7ef38ad4464a45c9f81bc719735391a5e65060dd3ce7be6be1d799377d40ff226d46d6dd0271847394373bfb68f84d42be397d34b62d5f222475f3d0e3fded03832d11c89afdfd5308fa969ddb3213a6261282b43e05ecd59623a5766ea70659da43d112c53df16fbffe48f3da222de9d0ca188ec51e2655b00d447ca438869b946468991f3ec37c5c078a84d39d66111f2b0c2c9411ada5b0d27acad42ec43640b76f34f38e0c3d8ff645b1149739a674d096250c6b8446a4326da6cd1fc63f16b142d8c109b814ad2955a4cfe03458aa6df7fd85940cabb0d519b6e983d9851040bf45ad5035e909cc53a4d6a579ebcdb09d2092d196002f1610b4224ebfbb986b4b683288159c004364e6fdfd1b616b02b6a72c7137a58d1b79b19e7382f742e8cee95e91a26a02bd900e709004df28260b489059a0ab4eca4558b4700fa9fbc8cc9323919548e5567b088a3cc8dc271f7d495ababce1557a5d2603f43111de44d48e6d7e71f915b5eda827dd79efa829af9d567a5a79125d9279af6ac48645c6b7bdf6e44a25f6087ae78039775597652003c4bee604cf655010acca59dbf802bfe062c75abd1138315d9689b88f3625539654ee4c31ee380ca642c446c2dcc40f72e4eeb38ac1dafa1f1a740f0619d0492ff340b11b2a6456bce215f000bbced496854cf2560caf7c4dca01b43e5695551b971b71fb23dd8681adf4d67650cd79ef9a02ef038d5cef9a1cf3866f929e9495ec18cfb42c83e3bcd308848e7738fc5c4161516e8f6bdf7d07748e3d8c1ef5930f83efd08dfc11537d8572c4bc73c39ee177151777d4f15b67b5f507545bc51753d2d5db3e9464f32ceda747d0b2f4c4939f84b4fc1d94d07a949a18613e2211752be953d1afed6ae92700e7357f07b10fdbeeeeb14e58fa71fdac83bfc2fb6eea56076e9ae9d85de56e3dfb82a82dba00c111efff65022b43bf717fed7bb7fde64e9cf1e1b6afa0059de292d2083719d3455e0b2f362be6c870ad178cf553d5900b44639705579f57a10fa46b8169696db6bc0d22b4e9295a49270f2cc7fa68a732f2a228877a507c8e37f4f6c6c949aaa45900f1698f9a19e69a4a46e7f3865b1f489336fb03bdb9e2329d20d576569fa42c7cdd8227b29c08602efb6f3582f14d0c0143a822c800e0fa9f7d4c63a3e3456cf99de0a0e7f9f6704074599455707777452e888813a926708e73a0c3f89f686fd61fa27b61f0474f124a87592135cb4411d075ce3243fc8bdc00302880a21795eb1061bd5efaed06280e40c7970ab0863cb9f7a60c6b81a6a84b8c561eff809eedc516f2629aae4b641b00f18775bca267695c8c062074d04fc4c209247b5748b1a6ce5fd77e7e8d8bbc82a68e932ebf7069c1b0db508df6f3dd43b24abadb313a6c12edd7d9cff6a6098b842d2754bb8b7373c495f3b3242011eba85d3001f003db59e510da351d6e1a4a5c1d37f6d54739fe0fd15f60a9770f565ad8740fa90a6d311a1e31c9e84b6d6a046a9650bf56e1343e0ac88d081bfdd005bbcfe3a318b0bff6ecc9b41f5134d367fbbf54408fd723614edbcf6cc10eee492e585f7b05a21e22a4062f95032c0736b0106e1d9c5a035f4e6975d6c64a47e39a828639d37db0f3d5a7d23918fbf6c3370492e823e822b53ae36db2c39cd1dfa80e20c8fe10aa520ec16189fa0411a3a9f1d55cdd8129091e5041f51b170fc48527f9719e84fe2d069aba8d328ee6d47e4f65aa1960943849fe7e65c20ac333b56a811c71bec1bc22d8fd10b5b6d9b19da0c14acc24446fd24616ca794f374685ef3943baf1769f07556533129bc8e98eacccf3d1ba8bfaeaaebcc7f076526330639502057e64e4d7420c77366c632bebe3b9724110c5d072c0406d53ccd7d47220525ee20bcb5d9853f09c34e3f839adeec286cc9f2a10737a01a91517fe1c129f185532f866be7b35761ab3a80174a44da0f2b100a5dbdc8639ccb6d8a35dd5553debfb1e82b6fc56caa4d23580c9d5e88e887c7c9f79f3b6a271b7645f9aa77c708c86038909ae3054ae271d30274f208666f68699befb3532effc9bc80a431261ab7b80fc8bfa66a0533fa27031fa506c0b42145231710225978e62b6677696e550bb7a1df2333705a77303d25a3e65f1bdd56865ce28a47fa55c420cf7b11e3faf10e217a70a81917be67941bfbb4291a0ad177e7cbf7c26b4f7d5a4ed65e5f47e99a0196278693b4883721de1f65e23", 0x1000}, {&(0x7f0000001f80)="2f403564380055791eade5c715f3de53fd9daa41b7e777df5105fbc6dcded255cf61514c7810ae208b5569aedfc56225843beaa8986fc45f741c540975608e3008381ddbdfee2a0a03d9e9b3f7ab60e31ac40da56f843a21dc0df3261594cd2f5c8c7e895fe6a1a23b3c99b98ba7383c738b43a8d5f3a68acc5a59fbbc0063aa65d8e57d9d15bc15665e7faf9c8b0815a93dc42bca351c04d1781bb22ffd057edf4bf4703c669e86860bb3818a3f89f30828d9433c3e938526ed6b087f0839dd2f58d5a1e9c8", 0xc6}], 0x6, r1)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000002100)={r1, 0xb6, 0xd}, &(0x7f0000002140)={'enc=', 'pkcs1', ' hash=', {'nhpoly1305-sse2\x00'}}, &(0x7f00000021c0)="e9867a1d303aec35f84b76ac92f53ec6e6b5b43025ac4485167a0a5842dea9223dca900ddf2dd86360f7cefe5246a5d24b777b95c42d8352193375eeb62e2bbc4ea711e11823c3d0e3c00c3037ae25d7f4340a96d049f5d7b6b67f8bab77091a0136a2b17fed206feaa77088e616c2a480e90c7adef315df7a2a52155a8d35eebda22638bb25b48d844d12c35112f54f2d4685f89f998cf5e06f2694c999dbe82a5b3f5747634ce6064452eb0ba4a7dffa7151eef8ca", &(0x7f0000002280)=""/13)
keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f00000022c0)={r0, 0x8b, 0x56}, 0x0, &(0x7f0000002300)="aef085c4fdf7810dbf61a7cd599e2a1b8734dba2bf140e9c1e505bf3420907bc286cfbde7bb4f4a2f21fcd6adc95050cc2e7de88294f10e5736d329befc52477673eb5a8c2792a1572792ac84a32f59d2dc5e79c989fb64f0327391752c1f64578ddb5883c1298bbf9461fb9231b4c87fd200c9a659e420124a1e4383c3551fd2afcabf698d9d230c326dd", &(0x7f00000023c0)=""/86)
keyctl$KEYCTL_PKEY_DECRYPT(0x1a, &(0x7f0000002440)={r1, 0xb7, 0xe6}, &(0x7f0000002480)={'enc=', 'pkcs1', ' hash=', {'sm3-ce\x00'}}, &(0x7f0000002500)="ae4fc5b453dc6a77604f646e00f6b43b51994f99d826eff3fb04f7b903a4ef77410e334b44b32aa78f793b1bb5d296058bb9c35ecf3b3589a2a317f1150924574e6ffadd42587fd4b455ef44970a20a27dcc9e368f9eb4164b7fc1fce86fd2df1f000386bbed4ac25ac19873bfa3cb0231a672fd2a348232a3eacc55cde3ed6c597814b36502a5b5b0d75ae9157fea424330b4b0a4b46f5b7f6f4d78c927dcf8af719bcc5c253f0c264cd2ede1377acd3920a403e073f7", &(0x7f00000025c0)=""/230)
r3 = signalfd(r2, &(0x7f00000026c0)={[0x5]}, 0x8)
ioctl$SIOCGETSGCNT(r3, 0x89e1, &(0x7f0000002700)={@loopback, @rand_addr=0x64010101})
getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000002740)={{{@in6=@loopback, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@broadcast}, 0x0, @in6=@dev}}, &(0x7f0000002840)=0xe8)
r5 = getgid()
keyctl$chown(0x4, r0, r4, r5)
openat$tun(0xffffffffffffff9c, &(0x7f0000002880), 0x101000, 0x0)
keyctl$KEYCTL_PKEY_DECRYPT(0x1a, &(0x7f00000028c0)={r0, 0xb0, 0xe6}, &(0x7f0000002900)={'enc=', 'pkcs1', ' hash=', {'blake2s-224-arm\x00'}}, &(0x7f0000002980)="90a724413aa0d643317e39b4a5c4614c7ebaa1e1d6bb3589c3c7b4ae294e89a61edc6c6c38c77a0c2620a0f4a14346b094c1e42b4cbe70f17b39bba08f9e3b89ddff279b2d0e2441e5f4eab1d235e07eb00e02a55090af5515e6db8727e533f74b3cf7d4449839fa9c53db8d05e66ef4228b966f4f8cbf854554d732a58f17baf4f7a07a00264f47ea1a16d5c31851a929f475fdcab0587f0d8385067c2aa56901d8f50555908db8ee7b2164c0a7591b", &(0x7f0000002a40)=""/230)
keyctl$get_security(0x11, r1, &(0x7f0000002b40)=""/50, 0x32)
fgetxattr(r2, &(0x7f0000002b80)=@random={'osx.', '**.}\x00'}, &(0x7f0000002bc0)=""/70, 0x46)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000002c40)='trusted\x00', &(0x7f0000002c80)=@chain={'key_or_keyring:', r0})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000002cc0), &(0x7f0000002d00)=0xc)
r6 = msgget$private(0x0, 0x0)
msgrcv(r6, &(0x7f0000002d40)={0x0, ""/228}, 0xec, 0x0, 0x3000)
msgctl$MSG_STAT(r6, 0xb, &(0x7f0000002e40)=""/247)
openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000002f40), 0x0, 0x0)

1.59370672s ago: executing program 1 (id=2186):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x40002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0, 0x1}, 0xc004, 0x10000, 0x0, 0x1, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000020000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
getpid()
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYRES8=r2, @ANYRES32=r2, @ANYBLOB, @ANYRES8=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x48}, 0x1, 0x0, 0x0, 0x24000800}, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb010018000000000000003e0900003e000000050000000000000000000003000000000200000001000000040000000100000008000012050000000c0000000000000b00000000100000000000000f020000006f6500000000300000c116c2199e5c2d22f9a05359af1668cdde8830cf14d243ae4e"], &(0x7f0000000000)=""/10, 0x18, 0xa, 0x1, 0x2}, 0x28)
setsockopt$inet_tcp_buf(r3, 0x6, 0x21, &(0x7f0000000280)="dc8daf8d760c0b8caa98fa19c6a35a18883775d272c579ff33a6effc0c49320f", 0x20)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
creat(&(0x7f00000000c0)='./bus\x00', 0x182)
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x88c02, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f00000004c0)={'ip6_vti0\x00', &(0x7f0000000740)={'syztnl1\x00', <r6=>0x0, 0x29, 0x0, 0x5, 0x2, 0x4e, @local, @loopback, 0x10, 0x10, 0x0, 0x4}})
r7 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r7, 0x89f0, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000000)={'tunl0\x00', r6, 0x8000, 0x700, 0x7, 0x8, {{0x5, 0x4, 0x3, 0x5, 0x14, 0x66, 0x0, 0x2, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x21}, @local}}}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)

1.452059071s ago: executing program 1 (id=2187):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000000c0)={[{@noinit_itable}]}, 0x1, 0x4bf, &(0x7f0000000540)="$eJzs3c9vG1kdAPDvTJImm81usrASPwRsWRYKqtZO3N1otaflAkKrlRArThzakLhRFDuOYqc0oYf0f0CiEif4EzggcUDqiTs3uCGkckAqUIEaJA5GM56kaWqnEU08Vfz5SE8zb57t73tt573pt41fACPrckTsRcSliLgREbPF9aQo8VGvZK97/OjO8v6jO8tJdLuf/iPJ27NrceQ9mVeLz5yKiB98N+LHybNx2zu760uNRn2rqFc7zc1qe2f3L2vNpdX6an2jVltcWJz/4Nr7tTMb61vNXz/8ztrHP/zdb7/84A973/pp1q2Zou3oOM5Sb+gTh3Ey4xHx8XkEK8FYMZ5LZXeE/0saEZ+JiLez+79bdm8AgGHodmejO3u0DgBcdGmeA0vSSpELmIk0rVR6Obw3YzpttNqdqzdb2xsrvVzZXEykN9ca9fkiVzgXE0lWX8jPn9Rrx+rXIuKNiPjZ5Ct5vbLcaqyU+eADACPs1WPr/78ne+s/AHDBTZXdAQBg6Kz/ADB6rP8AMHqs/wAweqz/ADB6rP8AMHqs/wAwUr7/ySdZ6e4X33+9cmtne711692Venu90txeriy3tjYrq63Wav6dPc3nfV6j1dpceC+2b1c79Xan2t7Zvd5sbW90ruff6329PjGUUQEAJ3njrft/SiJi78NX8hJH9nKwVsPFlpbdAaA0Y2V3ACjNeNkdAErj7/hAny16nzLwvwjdG/gWUwu85K58Qf4fRpX8P4wu+X8YXfL/MLq63cSe/wAwYuT4gXP4938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC48GbykqSVYi/wmUjTSiXitYiYi4nk5lqjPh8Rr0fEHycnJrP6QtmdBgBeUPq3pNj/68rsOzPHWy8l/5nMjxHxk198+vPbS53O1kJ2/Z+H1zv3iuu1EwPZahAASnKwTh+s4wceP7qzfFCG2Z+H3+5tLprF3S9Kr2U8xvPjVP7gMP2vpKj3ZM8rY2cQf+9uRHy+3/iTPDcyV+x8ejx+Fvu1ocZPn4qf5m29Y/Zr8dkz6AuMmvvZ/PNRv/svjcv5sf/9P5XPUC/uYP7bf2b+Sw/nv7EB89/l08Z47/ffG9h2N+KL4/3iJ4fxkwHx3zll/D9/6StvD2rr/jLiSvSPfzRWtdPcrLZ3dt9day6t1lfrG7Xa4sLi/AfX3q9V8xx19SBT/ay/f3j19ZPGPz0g/tRzxv/1U47/V/+98aOvnhD/m1/r//v/5gnxszXxG6eMvzT9m4Hbd2fxV/qPv3jP4PFfPWX8B3/dXTnlSwGAIWjv7K4vNRr1LSdDO8me3V6Cbjgp7ST7E3AWn/O5c+xq2TMTcN6e3PRl9wQAAAAAAAAAAAAAABhkGD/wVPYYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+FwAA//+vctdr")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000002dc0)={&(0x7f0000000480)={0x14, 0xf, 0xa, 0x3, 0x70bd28, 0x25dfdbff, {0x0, 0x0, 0x7}}, 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x20000000)
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000b00)={0x0, 0xd, 0x50, 0x0, 0x1, 0x80, 0xfffffffffffffffc, 0x0, 0x4})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000600)='./file1\x00', 0x101042, 0x103)
pwrite64(r1, &(0x7f0000000000)='2', 0x1, 0x4fed0)

1.417201252s ago: executing program 3 (id=2188):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x300400)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000180)={{0x1, 0x1}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r2, 0x54a2)
close(r2)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x80}, 0x4081)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x80)
r4 = socket(0x10, 0x80002, 0x0)
recvmmsg$unix(r4, &(0x7f0000000000)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
recvmmsg$unix(r3, &(0x7f00000001c0), 0x0, 0x40, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff)
setsockopt$MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, &(0x7f0000000280)={{0xa, 0x4e20, 0x3, @ipv4={'\x00', '\xff\xff', @empty}, 0x1ff}, {0xa, 0x4e20, 0x8, @dev={0xfe, 0x80, '\x00', 0xb}, 0x4}, 0xffffffffffffffff, {[0xac8, 0x3, 0x3, 0x5, 0x401, 0xad53, 0x1, 0x10000]}}, 0x5c)
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, &(0x7f0000000140)={r4})
open_by_handle_at(r3, &(0x7f0000000500)=ANY=[@ANYBLOB="4b000000b00010efc9afd1fda15963be044a2163bd99efee1263445d49"], 0x36f0516f)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000004c0)={r3, 0x20, &(0x7f0000000400)={&(0x7f0000001080)=""/4096, 0x1000, 0x0, &(0x7f0000000340)=""/192, 0xc0}}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x2000000000000232, &(0x7f0000000980)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r6, 0x0, 0x401}, 0x11)
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r7, {}, {}, {0x6}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x40d5}, 0x0)

1.386287272s ago: executing program 1 (id=2189):
pipe2(&(0x7f0000001cc0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x7, 0x4, 0x80, 0x1, 0x28, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2}, 0x50)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r3}, 0x10)
r4 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp_SCTP_CONTEXT(r4, 0x84, 0x83, &(0x7f0000000140), 0x8)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000068000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000212c0011800a0001006c696d69740000001c0002800c00024000000000000000030c0001400000000200000101480000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000001c0003800c00008008000340000000020c0000800800034000000002"], 0xf8}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@uname={'uname', 0x3d, '\xd0\xae\xde\xc1\xaa \xff\xd8\x1d\x1b\xf8\x93)!|\xb0X\xa3\x96\xed\xa2\xab@\xa2m\x93\xdd\b<\x00t\xdc\xabl\xab!\xae\x16\xc4\xcd\xf9{\xdc5_;A\xd2{eC\x014\\\xb3\xc4\xce\xc3yS2-\x01\xbe\xaarW\x96O\xd3\x0f\xe2\xd7/\x17\x1d\xa7.8\x9f8-\xea<\x8d\x91\x90j\xea\xd5\xd5\xae\xcc\xc0\x97\xef\x10\x92\xea\x98|+\x00\x00\x00\x00\x00\x00\x00\x00'}}]}})

1.158761433s ago: executing program 2 (id=2190):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x0, 0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x2, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000091108300000000009500", @ANYRESDEC=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={0x0, r1, 0x0, 0x100}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r2}, 0x18)
r3 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0xfffffcf4}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x106)
recvmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x100)

897.844894ms ago: executing program 1 (id=2191):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='projid_map\x00')
read$usbfs(r1, &(0x7f0000000000)=""/13, 0xd)
preadv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/219, 0xdb}], 0x1, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000003c0)='prq_report\x00', r1, 0x0, 0xffff}, 0x7c63565d6c24063)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x8000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x2}, 0x18)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$IP6T_SO_GET_INFO(r4, 0x29, 0x40, &(0x7f0000000040)={'mangle\x00', 0x0, [0xf6, 0x400000, 0x6, 0xffff, 0x1]}, &(0x7f0000000140)=0x54)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r5, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x9, 0x1000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r6)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x10, &(0x7f0000000280)=[@in={0x2, 0x4e24, @private=0xa010100}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r8=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)='F', 0x1}, {0x0, 0xe0}], 0x2, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b, r8}}], 0x20, 0x2400e044}, 0x0)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r5, 0x84, 0x7c, &(0x7f00000007c0)={r8, 0x800}, &(0x7f0000000800)=0x8)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r5, 0xc0189378, &(0x7f0000000240)={{0x1, 0x1, 0x18, r3, {r4}}, './file0\x00'})
r9 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000700000018120000", @ANYRES32=r9, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095000000000000001076a7b8d60f25419c93cb19ab0a9cda6f42beaeada992757cf22add34b8ad2891fbcf996b96b41f713aadf23ab7f1bd3d8b2ec4c0245db77a74f58314d0f9940c1c347141841792ccc5ead7410d72e2e1"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r11=>0x0})
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3400000011000100000000000000000007000000", @ANYRES32=r11, @ANYBLOB="000000000000000014001a80100005800c"], 0x34}}, 0x0)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYRES8=r1, @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r13, 0x0, 0x800000000006}, 0x18)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
r14 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
ioctl$SG_GET_VERSION_NUM(r14, 0x2284, &(0x7f0000000080))

782.019535ms ago: executing program 2 (id=2192):
r0 = socket(0x840000000002, 0x3, 0xff)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{&(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000080)="3f9a7fcafba260fb99c1b8a6c8e20f90eccedcc0d0fb5ff079b623a0534d4a2511eafae688f163f35d7d07058ec7a94545ff62a6a0aa39df3e486d3c", 0x3c}], 0x1, &(0x7f0000000300)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010101, @multicast1}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x4}}], 0x38}}], 0x1, 0x4004040)

706.120676ms ago: executing program 4 (id=2193):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x7, 0x4, 0x100, 0x6, 0x8}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x9, &(0x7f0000000180)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {}, {0x85, 0x0, 0x0, 0x1b}}, @call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r3}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1, 0x0, 0x1ff}, 0x18)

692.352836ms ago: executing program 2 (id=2194):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000200)='mmap_lock_acquire_returned\x00', r1}, 0x18)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)

643.649076ms ago: executing program 4 (id=2195):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000240)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x7, 0x0, 0x7ffc1ffb}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x200000, &(0x7f00000008c0)={[{@noblock_validity}, {}, {@acl}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@data_journal}, {@inlinecrypt}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x57a, &(0x7f0000001780)="$eJzs3d9rU+cbAPDnpK3WH9+vFUS2XQzBizmcqW33w8FAdzk2mbDdu9DGIk2NNKnYTlAv5s1uhgzGmDD2B+zeS9k/sL9CmIIMKdvFbjpOeo7GpmnaGE1dPh+Ivm9O2ue8ec/z9jk5CQlgYB1J/ylEvB4R3yURB5q2DUe2MbPy+Np0ektidfWLP5NIsvvy7Un2/76s81pE/PZNxPFCa9za0vJcqVIpL2T98fr85fHa0vKJi/Ol2fJs+dLk1NSp96YmP/zg/Z6N9e1zf//4+b1PTn17dOWHXx8evJ3EmdjfNLYehLjR3DkSR7LnZCTOrHvgRA+C7SRJv3eArgxleT4S6RpwIIayrAf++65HxCowoBL5DwMqrwPyc/senQe/Mh59vHYC1Dr+4bXXRmK0cW60dyV55swoPd8d60H8NMbdB0ncfXDndnR4HeJ6D+IB5G7cjIiTw8Ot61+SrX/dO9n84nEb62MM2t8f6Kd7af3zzkb1T+FJ/RMb1D/7NsjdbnTO/8LDHoRpK63/Ptqw/n2ydI0NZb3/NWq+keTCxUr5ZET8PyKOxcjutL/Z9ZxTK/dX221bq//u3M5vafy8Fsz24+Hw7md/ZqZULz3PmJs9uhnxxtP6N4mW9X+0Ueuun//0+Ti3xRiHy3febDR2tW7rPP5mva+AV3+JeGvD+X96RSvZ/PrkeON4GM+PilZ/3Tr8e7v42xt/76Xzv3fz8Y8lzddra9uP8fPoP+V227o9/nclXzba+SF1tVSvL0xE7Eo+a71/8unP5v388en4jx1dP/7my7gbH/97IuKrLY7/1qFbbR+6E+Z/Zlvzv/3G/U+//qld/K3N/7uN1rHsnq2sf3nw0Q47+DzPHQAAAAAAAOw0hYjYH0mh+KRdKBSLa+/vOBR7C5VqrX78QnXx0kw0Pis7FiOF/Er3gab3Q0xk74fN+5Pr+lMRcTAivh/a0+gXp6uVmX4PHgAAAAAAAAAAAAAAAAAAAHaIfW0+/5/6Y6jfewe8cL7yGwZXx/zvxTc9ATuSv/8wuOQ/DC75D4NL/sPgkv8wuOQ/DC75D4NL/gMAAAAAAAAAAAAAAAAAAAAAAAAAAEBPnTt7Nr2trjy+Np32Z64sLc5Vr5yYKdfmivOL08Xp6sLl4my1OlspF6er851+X6VavTwxGYtXx+vlWn28trR8fr66eKl+/uJ8abZ8vjzyUkYFAAAAAAAAAAAAAAAAAAAAr5ba0vJcqVIpL7zMRqEfQbtvnI4dsRtdN5JOs3w6Oxi6CjHc/wFqvIBGnxcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjybwAAAP//mPwx6Q==") (fail_nth: 4)

597.439316ms ago: executing program 4 (id=2196):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0xffffffffffffff27)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r1}, 0x18)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0xfffffcf4}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x106)
recvmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x100)

596.133896ms ago: executing program 2 (id=2197):
setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
capset(0x0, 0x0)
syz_clone3(0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = io_uring_setup(0x1aea, &(0x7f00000002c0)={0x0, 0x6992, 0x8, 0x40002, 0xfc})
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
inotify_init1(0x80800)
ioctl$TIOCMIWAIT(r2, 0x545c, 0x0)
close_range(r1, 0xffffffffffffffff, 0x200000000000000)

452.610547ms ago: executing program 3 (id=2198):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet(0x2, 0x1, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
ptrace(0x10, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r2, 0x4)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000001000000280001801400040000000000000002000000ffffac1414aa060001000a0080000800060003"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000000000000002000000140001800500020001"], 0x28}, 0x1, 0x0, 0x0, 0x20044811}, 0x2000c094)

452.329367ms ago: executing program 4 (id=2199):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='GPL\x00')
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0xe, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x402000)
ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r1, 0xc0305302, &(0x7f00000002c0)={0x3, 0x73c959c5, 0x59, 0x7, 0x2, 0x3})
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x8, &(0x7f0000000000)=0xfffffffd, 0x4)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

419.647677ms ago: executing program 3 (id=2200):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
execve(&(0x7f0000000280)='./file0\x00', &(0x7f0000000700)={[&(0x7f00000002c0)='@!*^[\\\x00', &(0x7f0000000300)='#\x00', &(0x7f0000000380)='sched_switch\x00', &(0x7f00000003c0)='\x00', &(0x7f0000000400)='{\x00', &(0x7f0000000580)='\x19.*^:}\\D]:##&\xb6}}:({\x00', &(0x7f00000005c0)='\x00', &(0x7f0000000680)='\x00', &(0x7f00000006c0)='\x00']}, &(0x7f0000000840)={[&(0x7f0000000780)='^]]-@[\x00', &(0x7f00000007c0)=')\x00', &(0x7f0000000800)='\x00']})

398.148468ms ago: executing program 3 (id=2201):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
setfsgid(0x0) (fail_nth: 1)

364.504608ms ago: executing program 0 (id=2202):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0x115}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="01070000000000000000200000000400"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)

111.960849ms ago: executing program 4 (id=2203):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
unshare(0x2040400)
vmsplice(r0, &(0x7f00000004c0)=[{&(0x7f0000000500)='|', 0x1}], 0x1, 0x3)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x200000, &(0x7f0000000040)={[{@grpquota}]}, 0x1, 0xbac, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5nGdGaOSX8/eHPe97wn8zxPTmfOe2BOA3hqTWc/0ohDEXE2iZis708jYqjaG4nYrB13/+7l+awlUam8/VsSSUTcu3t5vvFaSX07Xh+MRMTN15L490etcVfXN5bnyuXSSn18dO38paOr6xuvLJ2fO1c6V7pwYvbVE7MnZ2e7WOvtS+998cwPbzx/9frHM29+fuC7JE7HRH2uuY5umY7prb9Js0JEzHU7WE4G6vU015kUckwIAICO0qY13H9jMgbi4eJtMr79MdfkAAAAgK6oDERUAAAAgH0ucf8PAAAA+1zjewD37l6eb7R8v5HQX3fORMRUrf7G8821mUJsVrcjMRgRY78n0fxYa1L7tSc2nUX6+vtS1qJHzyF3snklIv6/3flPqvVPVZ/ibq0/jYiZLsSffmS8l+o/3YX4edcPwNPpxpnahaz1+pdurX9im+tfYZtr127kff1rrP/ut6z/HtY/0Gb999YOYxx+8NLNdnPN6793P/l5IYufbZ+oqL/hzpWIw4Xt6k+26k/a1H92hzHG529fazeX1Z/V22j9rr9yPeJIdTXXWn9D0un/Jzq6uFQuzdR+bvP66yc7x28+/1nL4jfuBfohO/9jsbvzf2mHMab+9+uhdnOPrz/9ZSh5p9obqu/5cG5tbeVYxFDyeuv+451zaRzTeI2s/hef6/z+367+7DNhs/53yP71XKlvs/HVR2KOHzn+1e7r762s/oVdnv9Pdxjjy2+uvd9uLu/6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgb0oiYiCQtbvXTtFiMGI+I/8RYWr64uvby4sUPLixkcxFTMZguLpVLMxExWRsn2fhYtf9wfPyR8WxEHIyIzyZHq+Pi/MXyQt7FAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGU8IiYiSYsRkUbEH5NpWizmnRUAAADQdVN5JwAAAAD0nPt/AAAA2P9a7v8LfxmN9DMXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9qWDz964lUTE5qnRassM1ecGc80M6LV0Z4eN9ToPoP8G8k4AyE2hqV+pVCo5pgL0mXt8IHnM/EjbmeGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP9cLh27cSiJi89RotWWG6nODuWYG9FqadwJAbgY6TSaP3QHsYYW8EwBy4x4fqK3sH1RqWudH2v7m8BNHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDvmKi2JC1GRFrtp2mxGPGviJiKwWRxqVyaiYgDEfHT5OBwNj6Wd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB03er6xvJcuVxa0dHR6WJnNPoWa7T+Zm5zzHD7qQ6dnD+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIxer6xvJcuVxaWc07EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBvq+sby3Plcmmlh528awQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID9/BgAA///GyAmy")
syz_mount_image$vfat(&(0x7f0000000840), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xb9053, 0x0, 0x0, 0x0, &(0x7f00000008c0))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000700)=@raw={'raw\x00', 0x3c1, 0x3, 0x3d0, 0x210, 0x940c, 0x3002, 0x210, 0x2c0, 0x300, 0x3d8, 0x3d8, 0x300, 0x3d8, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x5, 0x0}, @private2, [0xff000000, 0xff000000, 0xff000000, 0xff000000], [0xff, 0xff000000, 0xffffffff, 0xff], 'veth1_to_team\x00', 'macsec0\x00', {}, {}, 0x62, 0x61, 0x0, 0x8}, 0x0, 0x1c8, 0x210, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x1ffffc, 0x0, 0x1, 0x0, 'syz1\x00'}}, @common=@unspec=@addrtype1={{0x28}, {0x2, 0x140, 0xc}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x1, 0x916, {0x7c7a1f6d}}}}, {{@ipv6={@mcast1, @remote, [0xff000000, 0x0, 0xffffffff, 0xffffffff], [0xffffff00, 0x0, 0xff000000, 0xffffff00], 'syzkaller0\x00', 'pimreg0\x00', {0xff}, {0xff}, 0x33, 0x9, 0x4, 0x10}, 0x0, 0xd0, 0xf0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x430)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x4)
pwrite64(r2, &(0x7f0000000140)='2', 0xff10, 0x8000c61)
lchown(&(0x7f0000000240)='./file0\x00', 0x0, 0xee01)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
symlink(&(0x7f0000000000)='.\x00', 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000004c0)='net/snmp\x00')
fchown(r4, 0x0, 0x0)
recvfrom$unix(r4, &(0x7f0000000140)=""/122, 0x7a, 0x20, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000003c0)=@newqdisc={0x24, 0x24, 0x1, 0x3, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0x2}, {0xffff, 0xffff}, {0xd, 0x6}}}, 0x24}, 0x1, 0x0, 0x0, 0x40004}, 0x8840)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="02000000000000000000000000000800"/28], 0x48)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xd, &(0x7f00000004c0)=ANY=[@ANYBLOB="18020000000000040000000000000000850000002000000018110000", @ANYRES32=r8, @ANYRES16=0x0], &(0x7f0000000680)='syzkaller\x00'}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0xb, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r9, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000200)={r2, r7, 0x25, 0xa, @val=@tcx={@void, @value=r4}}, 0x1c)
ioctl$SIOCSIFHWADDR(r5, 0x8923, &(0x7f0000000000)={'vlan0\x00', @local})

100.63097ms ago: executing program 2 (id=2204):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x6}, 0x18)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r3=>0x0})
bind$can_j1939(r2, &(0x7f0000000100)={0x1d, r3, 0x1, {0x0, 0xf0, 0x2}, 0x1}, 0x18)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r4, 0xffffffffffffffff, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000bc0)=ANY=[@ANYRES16, @ANYRES8, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x94)
accept$inet(r5, 0x0, &(0x7f0000000940))
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2060, 0x0)
fsetxattr$trusted_overlay_redirect(r7, &(0x7f0000000040), 0x0, 0x0, 0x0)
fremovexattr(r7, &(0x7f00000000c0)=@known='trusted.overlay.redirect\x00')
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
open(&(0x7f0000000040)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r8, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x3, 0x14, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cf6d61fd01335263bd9bffbcc2542ded71038259ea171ce1a320ef54ec32d71e14ef3dc177e9b48b009000", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x3]})
syz_mount_image$vfat(&(0x7f0000000840), &(0x7f0000000880)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xbd053, 0x0, 0x4, 0x0, &(0x7f00000008c0))
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r9}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000100), 0x1, 0x599, &(0x7f0000000540)="$eJzs3T9sG2UbAPDnznHTP/m+9JO+T/pAHSpAKlJVJ+kfKEztiqhUqQMSC0SOG1Vx4ipOoIkike4VogMC1KVsMDCCGBgQCyMrC4gZqaIRSE0HMHJ8TtPULk6I4xL/ftLZ73t39vO+d35e+053cgB962j9IY14KiIuJhHDG5YNRLbwaGO91ZWl4v2VpWIStdqlX5JIIuLeylKxuX6SPR+KiOWI+H9EfJOPOJ6uv+W+ZqG6sDg1Xi6XZrP6yNz01ZHqwuKJK9Pjk6XJ0sypF186c/b0mbGTYxube7+2sZbfWl9v/Hjz3RvfvXL75qefHVkuvj+exLkYypZt7MdOamyTfJzbNP90N4L1UNLrBrAtuSzP66n0vxiOXJb1rdQ2Dg6Du9I8oItqgxE1oE8l8h/6VPN3QP34tznt5u+PO+cbByD1uKsrS8V3ohl/oHFuIvavHZsc/DV56Mikfrx5eDcbyp60fD0iRgcGHv38J9nnb/tGd6KBdNXX5xs76tH9n66PP9Fi/Blqnjv9m5rj32o2/q22iJ9rM/5d7DDG76//9FHb+NcH4+mW8ZP1+EmL+GlEvNlh/FuvfXm23bLaxxHHonX8puTx54dHLl8pl0Ybjy1jfHXsyMvt+x9xsE38xjnb/WtfMxv7vy9rU9ph/7/49vNnlh8T//lnH7//W23/AxHxXofx/3Pvk1fbLbtzPblb/xWw1f2fRD5udxj/hXNHf8iKzhoCAAAAAAAAAMAOSteuZUvSwno5TQuFxj28/42DablSnTt+uTI/M9G45u1w5NPmlVbDjXpSr49l1+M26yc31U/lsoC5A2v1QrFSnuhx3wEAAAAAAAAAAAAAAAAAAOBJcWjT/f+/5dbu/9/8d9XAXtX+L7+BvU7+Q/96OP+TnrUD2H2+/6Fv1eQ/9C/5D/1L/kP/kv/Qv+Q/9C/5D/1L/gMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChPtXurywV6/WJgYX5qcpbJyZK1anC9HyxUKzMXi1MViqT5VKhWJn+q/dLKpWrozEzf21krlSdG6kuLL4xXZmfaf6naCnf9R4BAAAAAAAAAAAAAAAAAADAP8/Q2pSkhYh8o56mhULEvyLicBLJ5Svl0mhE/Dsivs/lB+v1sV43GgAAAAAAAAAAAAAAAAAAAPaY6sLi1Hi5XJrtXmEgC9XFEJ0XBrayckQs72wz6u+45Vflsw3Y4023Nwq5J+Nz+OQXejgoAQAAAAAAAAAAAAAAAABAn3pw02+nr/ijuw0CAAAAAAAAAAAAAAAAAACAvpT+nEREfTo2/NzQ5qX7ktXc2nNEvH3r0gfXxufmZsfq8++uz5/7MJt/shftBzrVzNM0Iup5DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxQXVicGi+XS7PbLAx2sE6v+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHX8GAAD//xLkz18=")
openat(0xffffffffffffff9c, 0x0, 0x101d81, 0x0)
r10 = inotify_init()
inotify_add_watch(r10, &(0x7f00000001c0)='.\x00', 0x4000423)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)

87.125999ms ago: executing program 3 (id=2205):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x7, 0x4, 0x100, 0x6, 0x8}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x9, &(0x7f0000000180)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {}, {0x85, 0x0, 0x0, 0x1b}}, @call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r3}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1, 0x0, 0x1ff}, 0x18)

86.636309ms ago: executing program 0 (id=2206):
r0 = fsopen(&(0x7f0000000080)='mqueue\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000001d40)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xaei\xb6\xb7\xc1Y\xd5YG\xf9\xc2\xf1\xa4\xdb$\xf6]\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\x03\x00\x00\x00\x00\x00\x00\x00\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^W\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B\xc5\x05\x9d\xd6\x02|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3q\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^\x00\x00\x00\x00\x00\x00\x00\x00\x00\xef\xcd\xd3\t\x01A\xd5\x81\xc1;9\xeez\xba\x00\x00\x00\xdc\x94\xff)\xa4\xe6\xfb]\x90bG\x11\b\x98#\xaa99ez|\x8b5\x92\xa5\xba\x96\xb3\xb26I\xbb\xdeb\x95?\xc0\x81', &(0x7f0000000200)='sockfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000040)='\x00', &(0x7f00000001c0)='dE\x00', 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x9}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x2, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002abd7000fcdbdf2501000000000000000b000000000600147379"], 0x28}, 0x1, 0x0, 0x0, 0x890}, 0x800)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000007c0)='\xd5@=\b\a:\x993\x00', &(0x7f0000000600)='dU|\xcbM\xe6\x91q\b', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
r4 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r4, 0xa, 0x13)
fcntl$setlease(r4, 0x400, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000032500000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000850000000f000000bf91000000000000b7020000002000008500000084000000b70000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r6}, 0x10)
rt_sigaction(0x11, 0x0, 0x0, 0x8, &(0x7f0000000240))
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
fcntl$setlease(r4, 0x400, 0x2)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000001ec0)='\\$#[\\/\x00\xd5\xd4^\xa7\xe4\xd4\x1f.yh\x18\xb8s\xe6\f\xaf*4\xe1\xa1e\x04%f\x8f\xde\x91\x04\xbb\xc8\x17\x15\xa4\xf0\x00\x15w\x00\x00\xed\xdd}\x00\x18\xf3\xde\n\xbe\x91\xc4\xc5\xe6\xd3o\xaau\xf34\t\x9d\x80rg\xbc\xee\x96p\x18\x9e(h\xeb\xd9\xde\xa6\xfc\x8e\xe3,\xae\xa8\xf0\x82y\x91\x1c{\x85 \xc7P\xa3\x9c\x06\xc1\xd3\x92\xcd\xcc\x17\xb2}\x13:\xbbh\"%;\b\x7f\x91\x8a\xa5Z\x92~<\xfe3\x19\xdcVJ\f\xd1\x89d\xf9N\xbd\x92\x86\xa2\xa8\xc0:\x1f\n\xc9\x8eUO\x8e\xea\x99\xe1\xbe%Y\x9eH#\xa4\x9d5\xa88m6\x89kE\xce\xc3\aBW\xec_\xea_\x81\xbe\x86~\x84F\xa9\xcd\xba\xfb\xd8\x8f\x01\x81~\x9c#\r\x87\xcf\x19\xb9\xbd \xcb\xff\x88io\xb0\xb1\xa0B\x8cI\x82+\xc4\xcf\xf4!+\x16v\xb6\x8a\xb7k}\x1d\xf2\x1c\x00\x8f\xd7\x84R\x12\xed){SM[\xe6g6\xfeF\x1dJ\x83', &(0x7f0000000380)='\xbd\x10\xe2\n\xc4\xa8\xa8?\a\x9e@O<\xf4s\x85~X\x85\xdc\x11\x04a\xf8\xa6f\x96nB\x02\x10+C$\f\xb3\xcc\xed\"M\xb6 V\xc5\x9a\x11o^\xda\xc8', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000240)='.]:&\x00', &(0x7f0000000140)='\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.35635ms ago: executing program 1 (id=2207):
r0 = socket(0x840000000002, 0x3, 0xff)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r2}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{&(0x7f00000007c0)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a90500040000746400009e150451160200000064c6", 0x15}, {&(0x7f0000000a80)="533500000000000001010000000000", 0xf}], 0x2}}, {{&(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000080)="3f9a7fcafba260fb99c1b8a6c8e20f90eccedcc0d0fb5ff079b623a0", 0x1c}], 0x1}}], 0x2, 0x4004040)

1.83912ms ago: executing program 3 (id=2208):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x88002, 0x0)
pipe(&(0x7f0000000500))
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x67, 0x52b, &(0x7f0000000a00)="$eJzs3V9rLGcZAPBnNrvHk3NymlS90IK12krOQc9u0tg2eFEriF4V1HpfY7IJIZtsyG7ak1BMDn4AQUQFr/TGG8EPIEjBGy9FKOi1oqKInuqFF9qR2Z1Nc5L913aTTZPfDybzvjPvzPO8G2Z2ZmeYCeDKeiIiXoiIt9I0vRMR0/n0Qj7EYXvI2r354LXlbEgiTV/6RxJJPq2zriQf38wXux4RX/tyxDeT03Ebe/sbS7VadSevV5qb25XG3v7d9c2ltepadWthYf7ZxecWn1mcG0k/b0XE81/8y/e/89MvPf/Lz7z6x5f/dvtbWVpT+fzj/XiHiv1mtrtean0WxxfYeZfBLqJiq4e5yW4tJk5NuX/GOQEA0F12jP/BiPhkRNyJ6ZjofzgLAAAAvA+ln5+K/yYRaXfXekwHAAAA3kcKrXtgk0I5vxdgKgqFcrl9D++H40ahVm80P71a391aad8rOxOlwup6rTqX3ys8E6Ukq8+3ym/Xnz5RX4iIRyPie9OTrXp5uV5bGfePHwAAAHBF3Dxx/v/v6fb5f8fBOJMDAAAARmdm3AkAAAAAZ27Y8/8bZ5wHAAAAcHZc/wcAAIBL7SsvvpgNaef91yuv7O1u1F+5u1JtbJQ3d5fLy/Wd7fJavb7Wembf5qD11er17c/G1u69SrPaaFYae9djs7671Xx5/aFXYAMAAADn6NGPv/77JCIOPzfZGjLXhlt0yGbARVU8KiX5uMtm/YdH2uM/n1NSwLmYGHcCwNgUx50AMDalcScAjF0yYH7Pm3d+k48/Mdp8AACA0Zv9aO/r/4W+Sx72nw1ceDZiuLpc/4erq3X9f9g7eR0swKVSGnQE0HebPxhxNsA4vOfr/wOl6TtKCAAAGLmp1pAUysVOvVAolyNutV4LUEpW12vVuYh4JCJ+N136QFafb7VMBp4zAAAAAAAAAAAAAAAAAAAAAAAAAABtaZpECgAAAFxqEYW/Jr9qP8t/dvqpqZO/D1xL/jMd+StCX/3RSz+4t9Rs7sxn0/95NL35w3z60+P4BQMAAACuhAEv8H9Y5zy9cx4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP05oPXljvDecb9+xciYqZb/GJcb42vRykibvwrieKx5ZKImBhB/Mnsz0e6xU+ytI5Cdos/OYL4h/f7xo/D/FPoFv/mCOLDVfZ6tv95odv2V4gnWuPu218x4qH6u9V7/xdH+7+JHtv/rSFjPPbGzys949+PeKx4Kv5BFqETP+kR/8kh43/j6/v7vealP46Y7fr9k3SaZHvIqDQ3tyuNvf2765tLa9W16tbCwvyzi88tPrM4V1ldr1Xzv11jfPdjv3irX/9v9Ig/M6D/T51a27WuMf73xr0HH2oXS93i336yS/xf/yRvcTp+If/u+1RezubPdsqH7fJxj//st4/36/9Kj/4P+v/f7rXSE+589dt/GrIpAHAOGnv7G0u1WnXn0hays/QhG2dHZxciZ4XzKRyMdIVpmqbZNvUe1pPERfhYWoVx75kAAIBRe/ugf9yZAAAAAAAAAAAAAAAAAAAAwNV1Ho8TOxnz8KiUjOIR2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/H/AAAA///s19ky")
r3 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
pipe(&(0x7f00000000c0))
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vcan0\x00'})
pwritev(r2, &(0x7f0000000100)=[{0x0, 0x72}, {&(0x7f0000000140)="de", 0x1}], 0x2, 0x0, 0x0)

1.4673ms ago: executing program 0 (id=2209):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
prctl$PR_SET_NAME(0xf, &(0x7f0000000180)='wg1\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff07}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x4)

0s ago: executing program 1 (id=2210):
setreuid(0x0, 0xee01)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket(0x840000000002, 0x3, 0xff)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{&(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000080)="3f9a7fcafba260fb99c1b8a6c8e20f90eccedcc0d0fb5ff079b623a0534d4a2511eafae688f163f35d7d07058ec7a94545ff62a6a0aa39df3e486d3c", 0x3c}], 0x1, &(0x7f0000000300)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010101, @multicast1}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x4}}], 0x38}}], 0x1, 0x4004040)

kernel console output (not intermixed with test programs):

sage: protocol=0 nlmsg_type=64 sclass=netlink_route_socket pid=6994 comm=syz.0.1130
[  137.655959][ T6994] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1130'.
[  137.710414][ T6996] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  137.730927][ T6993] loop3: detected capacity change from 0 to 164
[  137.756506][ T6993] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  137.788912][ T6993] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  137.801650][ T6993] Symlink component flag not implemented
[  137.807683][ T6993] Symlink component flag not implemented
[  137.814744][ T6993] Symlink component flag not implemented (7)
[  137.821214][ T6993] Symlink component flag not implemented (116)
[  137.923585][ T7003] netlink: 'syz.2.1135': attribute type 3 has an invalid length.
[  137.955517][ T7005] netlink: 'syz.2.1136': attribute type 3 has an invalid length.
[  138.072906][ T7012] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1139'.
[  138.131579][ T7016] FAULT_INJECTION: forcing a failure.
[  138.131579][ T7016] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  138.144851][ T7016] CPU: 1 UID: 0 PID: 7016 Comm: syz.2.1141 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  138.144888][ T7016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  138.144905][ T7016] Call Trace:
[  138.144913][ T7016]  <TASK>
[  138.144923][ T7016]  __dump_stack+0x1d/0x30
[  138.144946][ T7016]  dump_stack_lvl+0xe8/0x140
[  138.145048][ T7016]  dump_stack+0x15/0x1b
[  138.145072][ T7016]  should_fail_ex+0x265/0x280
[  138.145098][ T7016]  should_fail+0xb/0x20
[  138.145120][ T7016]  should_fail_usercopy+0x1a/0x20
[  138.145148][ T7016]  _copy_from_user+0x1c/0xb0
[  138.145181][ T7016]  ___sys_sendmsg+0xc1/0x1d0
[  138.145317][ T7016]  __x64_sys_sendmsg+0xd4/0x160
[  138.145341][ T7016]  x64_sys_call+0x191e/0x3000
[  138.145365][ T7016]  do_syscall_64+0xd2/0x200
[  138.145434][ T7016]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  138.145503][ T7016]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  138.145539][ T7016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.145567][ T7016] RIP: 0033:0x7f328241efc9
[  138.145586][ T7016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.145618][ T7016] RSP: 002b:00007f3280e87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  138.145643][ T7016] RAX: ffffffffffffffda RBX: 00007f3282675fa0 RCX: 00007f328241efc9
[  138.145660][ T7016] RDX: 0000000004044890 RSI: 00002000000002c0 RDI: 0000000000000003
[  138.145675][ T7016] RBP: 00007f3280e87090 R08: 0000000000000000 R09: 0000000000000000
[  138.145687][ T7016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  138.145699][ T7016] R13: 00007f3282676038 R14: 00007f3282675fa0 R15: 00007fffdca728f8
[  138.145717][ T7016]  </TASK>
[  138.545425][ T7029] lo speed is unknown, defaulting to 1000
[  138.666091][ T7032] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.673372][ T7032] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.720108][ T7032] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  138.731013][ T7032] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  138.819514][ T3381] lo speed is unknown, defaulting to 1000
[  138.825447][ T3381] syz2: Port: 1 Link DOWN
[  138.830327][   T12] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  138.843189][ T7029] lo speed is unknown, defaulting to 1000
[  138.849204][   T12] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  138.865434][   T12] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  138.932315][ T6781] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  139.016045][ T7050] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1154'.
[  139.030619][ T7052] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1155'.
[  139.071588][ T7052] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1155'.
[  139.094872][ T7052] FAULT_INJECTION: forcing a failure.
[  139.094872][ T7052] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  139.108060][ T7052] CPU: 1 UID: 0 PID: 7052 Comm: syz.3.1155 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  139.108089][ T7052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  139.108146][ T7052] Call Trace:
[  139.108155][ T7052]  <TASK>
[  139.108165][ T7052]  __dump_stack+0x1d/0x30
[  139.108194][ T7052]  dump_stack_lvl+0xe8/0x140
[  139.108214][ T7052]  dump_stack+0x15/0x1b
[  139.108297][ T7052]  should_fail_ex+0x265/0x280
[  139.108316][ T7052]  should_fail+0xb/0x20
[  139.108415][ T7052]  should_fail_usercopy+0x1a/0x20
[  139.108438][ T7052]  _copy_to_user+0x20/0xa0
[  139.108463][ T7052]  simple_read_from_buffer+0xb5/0x130
[  139.108489][ T7052]  proc_fail_nth_read+0x10e/0x150
[  139.108531][ T7052]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  139.108620][ T7052]  vfs_read+0x1a8/0x770
[  139.108643][ T7052]  ? __rcu_read_unlock+0x4f/0x70
[  139.108807][ T7052]  ? __fget_files+0x184/0x1c0
[  139.108847][ T7052]  ksys_read+0xda/0x1a0
[  139.108881][ T7052]  __x64_sys_read+0x40/0x50
[  139.108915][ T7052]  x64_sys_call+0x27c0/0x3000
[  139.109012][ T7052]  do_syscall_64+0xd2/0x200
[  139.109031][ T7052]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  139.109067][ T7052]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  139.109156][ T7052]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.109177][ T7052] RIP: 0033:0x7f8b9910d9dc
[  139.109192][ T7052] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  139.109219][ T7052] RSP: 002b:00007f8b97b77030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  139.109292][ T7052] RAX: ffffffffffffffda RBX: 00007f8b99365fa0 RCX: 00007f8b9910d9dc
[  139.109304][ T7052] RDX: 000000000000000f RSI: 00007f8b97b770a0 RDI: 000000000000000b
[  139.109321][ T7052] RBP: 00007f8b97b77090 R08: 0000000000000000 R09: 0000000000000000
[  139.109337][ T7052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.109353][ T7052] R13: 00007f8b99366038 R14: 00007f8b99365fa0 R15: 00007fff53026b28
[  139.109378][ T7052]  </TASK>
[  139.466269][   T29] kauditd_printk_skb: 316 callbacks suppressed
[  139.466287][   T29] audit: type=1326 audit(1762006530.008:3336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7063 comm="syz.1.1159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8793f3efc9 code=0x7ffc0000
[  139.499269][ T7066] sd 0:0:1:0: device reset
[  139.506300][   T29] audit: type=1326 audit(1762006530.008:3337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7063 comm="syz.1.1159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f8793f3efc9 code=0x7ffc0000
[  139.529775][   T29] audit: type=1326 audit(1762006530.008:3338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7063 comm="syz.1.1159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8793f3efc9 code=0x7ffc0000
[  139.553592][   T29] audit: type=1326 audit(1762006530.008:3339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7063 comm="syz.1.1159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8793f3efc9 code=0x7ffc0000
[  139.577255][   T29] audit: type=1326 audit(1762006530.008:3340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7063 comm="syz.1.1159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f8793f3efc9 code=0x7ffc0000
[  139.600736][   T29] audit: type=1326 audit(1762006530.008:3341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7063 comm="syz.1.1159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8793f3efc9 code=0x7ffc0000
[  139.624514][   T29] audit: type=1326 audit(1762006530.008:3342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7063 comm="syz.1.1159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8793f3efc9 code=0x7ffc0000
[  139.747404][ T7075] sd 0:0:1:0: device reset
[  139.807265][   T29] audit: type=1326 audit(1762006530.338:3343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7079 comm="syz.2.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328241efc9 code=0x7ffc0000
[  139.826222][ T7080] loop1: detected capacity change from 0 to 512
[  139.830972][   T29] audit: type=1326 audit(1762006530.338:3344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7079 comm="syz.2.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328241efc9 code=0x7ffc0000
[  139.860729][   T29] audit: type=1326 audit(1762006530.338:3345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7079 comm="syz.2.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f328241efc9 code=0x7ffc0000
[  139.885065][ T7080] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c098, mo2=0002]
[  139.893872][ T7080] System zones: 1-2, 4-12, 8-8
[  139.935256][ T7080] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1165: invalid indirect mapped block 256 (level 2)
[  139.982863][ T7080] EXT4-fs (loop1): 2 truncates cleaned up
[  139.990709][ T7080] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.058980][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.286173][ T7122] validate_nla: 11 callbacks suppressed
[  141.286191][ T7122] netlink: 'syz.1.1180': attribute type 3 has an invalid length.
[  141.335453][ T7126] sd 0:0:1:0: device reset
[  141.436983][ T7132] FAULT_INJECTION: forcing a failure.
[  141.436983][ T7132] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.450279][ T7132] CPU: 1 UID: 0 PID: 7132 Comm: syz.1.1184 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  141.450314][ T7132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  141.450388][ T7132] Call Trace:
[  141.450395][ T7132]  <TASK>
[  141.450402][ T7132]  __dump_stack+0x1d/0x30
[  141.450429][ T7132]  dump_stack_lvl+0xe8/0x140
[  141.450450][ T7132]  dump_stack+0x15/0x1b
[  141.450474][ T7132]  should_fail_ex+0x265/0x280
[  141.450561][ T7132]  should_fail+0xb/0x20
[  141.450581][ T7132]  should_fail_usercopy+0x1a/0x20
[  141.450608][ T7132]  _copy_from_user+0x1c/0xb0
[  141.450640][ T7132]  ___sys_recvmsg+0xaa/0x370
[  141.450721][ T7132]  ? 0xffffffff81000000
[  141.450738][ T7132]  ? __rcu_read_unlock+0x4f/0x70
[  141.450774][ T7132]  __x64_sys_recvmsg+0xd1/0x160
[  141.450818][ T7132]  x64_sys_call+0x2b46/0x3000
[  141.450848][ T7132]  do_syscall_64+0xd2/0x200
[  141.450940][ T7132]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  141.450977][ T7132]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  141.451015][ T7132]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.451043][ T7132] RIP: 0033:0x7f8793f3efc9
[  141.451119][ T7132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.451143][ T7132] RSP: 002b:00007f87929a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  141.451168][ T7132] RAX: ffffffffffffffda RBX: 00007f8794195fa0 RCX: 00007f8793f3efc9
[  141.451182][ T7132] RDX: 0000000000000002 RSI: 0000200000000480 RDI: 0000000000000005
[  141.451199][ T7132] RBP: 00007f87929a7090 R08: 0000000000000000 R09: 0000000000000000
[  141.451215][ T7132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  141.451231][ T7132] R13: 00007f8794196038 R14: 00007f8794195fa0 R15: 00007ffe81956168
[  141.451255][ T7132]  </TASK>
[  141.785008][ T7142] xt_connbytes: Forcing CT accounting to be enabled
[  141.904950][ T7152] netlink: 'syz.1.1191': attribute type 12 has an invalid length.
[  142.197807][ T7162] netlink: 'syz.3.1194': attribute type 12 has an invalid length.
[  142.226578][ T7160] sd 0:0:1:0: device reset
[  142.457923][ T7169] sd 0:0:1:0: device reset
[  142.513837][ T7169] __nla_validate_parse: 6 callbacks suppressed
[  142.513866][ T7169] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1197'.
[  142.524018][ T7173] netlink: 'syz.4.1198': attribute type 12 has an invalid length.
[  142.584958][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.598586][ T7177] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1201'.
[  142.654378][ T7183] loop0: detected capacity change from 0 to 512
[  142.760369][ T7195] sd 0:0:1:0: device reset
[  142.775077][ T7199] netlink: 'syz.4.1208': attribute type 12 has an invalid length.
[  142.784975][ T7196] FAULT_INJECTION: forcing a failure.
[  142.784975][ T7196] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  142.798128][ T7196] CPU: 0 UID: 0 PID: 7196 Comm: syz.1.1206 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  142.798184][ T7196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  142.798198][ T7196] Call Trace:
[  142.798207][ T7196]  <TASK>
[  142.798215][ T7196]  __dump_stack+0x1d/0x30
[  142.798241][ T7196]  dump_stack_lvl+0xe8/0x140
[  142.798265][ T7196]  dump_stack+0x15/0x1b
[  142.798284][ T7196]  should_fail_ex+0x265/0x280
[  142.798307][ T7196]  should_fail+0xb/0x20
[  142.798376][ T7196]  should_fail_usercopy+0x1a/0x20
[  142.798400][ T7196]  _copy_from_user+0x1c/0xb0
[  142.798532][ T7196]  ___sys_sendmsg+0xc1/0x1d0
[  142.798619][ T7196]  __x64_sys_sendmsg+0xd4/0x160
[  142.798643][ T7196]  x64_sys_call+0x191e/0x3000
[  142.798668][ T7196]  do_syscall_64+0xd2/0x200
[  142.798739][ T7196]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  142.798771][ T7196]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  142.798805][ T7196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.798885][ T7196] RIP: 0033:0x7f8793f3efc9
[  142.798902][ T7196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.798922][ T7196] RSP: 002b:00007f87929a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  142.798957][ T7196] RAX: ffffffffffffffda RBX: 00007f8794195fa0 RCX: 00007f8793f3efc9
[  142.798971][ T7196] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  142.798984][ T7196] RBP: 00007f87929a7090 R08: 0000000000000000 R09: 0000000000000000
[  142.798998][ T7196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  142.799015][ T7196] R13: 00007f8794196038 R14: 00007f8794195fa0 R15: 00007ffe81956168
[  142.799037][ T7196]  </TASK>
[  142.807328][ T7183] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.985427][ T7183] ext4 filesystem being mounted at /178/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  143.000380][ T7203] sd 0:0:1:0: device reset
[  143.038217][ T7203] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1210'.
[  143.136157][ T7212] netlink: 'syz.1.1213': attribute type 12 has an invalid length.
[  143.188387][ T7217] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #2: comm syz.0.1211: corrupted inode contents
[  143.218332][ T7216] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=7216 comm=syz.0.1211
[  143.230891][ T7216] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=60 sclass=netlink_route_socket pid=7216 comm=syz.0.1211
[  143.243402][ T7216] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=64 sclass=netlink_route_socket pid=7216 comm=syz.0.1211
[  143.397758][ T7225] FAULT_INJECTION: forcing a failure.
[  143.397758][ T7225] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  143.410903][ T7225] CPU: 0 UID: 0 PID: 7225 Comm: syz.2.1218 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  143.411001][ T7225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  143.411094][ T7225] Call Trace:
[  143.411103][ T7225]  <TASK>
[  143.411141][ T7225]  __dump_stack+0x1d/0x30
[  143.411196][ T7225]  dump_stack_lvl+0xe8/0x140
[  143.411220][ T7225]  dump_stack+0x15/0x1b
[  143.411243][ T7225]  should_fail_ex+0x265/0x280
[  143.411327][ T7225]  should_fail+0xb/0x20
[  143.411368][ T7225]  should_fail_usercopy+0x1a/0x20
[  143.411394][ T7225]  _copy_from_user+0x1c/0xb0
[  143.411428][ T7225]  ___sys_sendmsg+0xc1/0x1d0
[  143.411484][ T7225]  __x64_sys_sendmsg+0xd4/0x160
[  143.411547][ T7225]  x64_sys_call+0x191e/0x3000
[  143.411571][ T7225]  do_syscall_64+0xd2/0x200
[  143.411644][ T7225]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  143.411673][ T7225]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  143.411708][ T7225]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.411730][ T7225] RIP: 0033:0x7f328241efc9
[  143.411747][ T7225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.411765][ T7225] RSP: 002b:00007f3280e87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  143.411788][ T7225] RAX: ffffffffffffffda RBX: 00007f3282675fa0 RCX: 00007f328241efc9
[  143.411869][ T7225] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000006
[  143.411881][ T7225] RBP: 00007f3280e87090 R08: 0000000000000000 R09: 0000000000000000
[  143.411894][ T7225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  143.411906][ T7225] R13: 00007f3282676038 R14: 00007f3282675fa0 R15: 00007fffdca728f8
[  143.411932][ T7225]  </TASK>
[  143.570006][ T7216] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1211'.
[  143.619365][ T7217] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #2: comm syz.0.1211: mark_inode_dirty error
[  143.635326][ T7216] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  143.654409][ T7228] loop1: detected capacity change from 0 to 512
[  143.661255][ T7228] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  143.782840][ T7217] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #2: comm syz.0.1211: corrupted inode contents
[  143.800412][ T7228] EXT4-fs (loop1): 1 truncate cleaned up
[  143.800871][ T7228] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.830764][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.868901][ T7217] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.1211: mark_inode_dirty error
[  143.954524][ T7244] netlink: 'syz.3.1222': attribute type 12 has an invalid length.
[  144.125700][ T7252] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1226'.
[  144.974882][   T29] kauditd_printk_skb: 187 callbacks suppressed
[  144.974901][   T29] audit: type=1326 audit(1762006535.478:3533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7262 comm="syz.1.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8793f3efc9 code=0x7ffc0000
[  144.994438][ T7266] netlink: 'syz.2.1228': attribute type 12 has an invalid length.
[  145.004595][   T29] audit: type=1326 audit(1762006535.488:3534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7262 comm="syz.1.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8793f3efc9 code=0x7ffc0000
[  145.035910][   T29] audit: type=1326 audit(1762006535.488:3535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7262 comm="syz.1.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8793f3efc9 code=0x7ffc0000
[  145.059395][   T29] audit: type=1326 audit(1762006535.488:3536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7262 comm="syz.1.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f8793f3efc9 code=0x7ffc0000
[  145.082772][   T29] audit: type=1326 audit(1762006535.488:3537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7262 comm="syz.1.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8793f3efc9 code=0x7ffc0000
[  145.106184][   T29] audit: type=1326 audit(1762006535.488:3538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7262 comm="syz.1.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8793f3efc9 code=0x7ffc0000
[  145.129645][   T29] audit: type=1326 audit(1762006535.488:3539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7262 comm="syz.1.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8793f3efc9 code=0x7ffc0000
[  145.229109][   T29] audit: type=1326 audit(1762006535.528:3541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7265 comm="syz.2.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328241efc9 code=0x7ffc0000
[  145.252681][   T29] audit: type=1326 audit(1762006535.528:3542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7265 comm="syz.2.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328241efc9 code=0x7ffc0000
[  145.276109][   T29] audit: type=1326 audit(1762006535.488:3540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7262 comm="syz.1.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8793f3efc9 code=0x7ffc0000
[  145.309587][ T7276] netlink: 'syz.3.1233': attribute type 3 has an invalid length.
[  145.323985][ T7276] netlink: 'syz.3.1233': attribute type 1 has an invalid length.
[  146.901853][ T7295] netlink: 65039 bytes leftover after parsing attributes in process `syz.3.1233'.
[  147.850415][ T7343] netlink: 'syz.3.1252': attribute type 12 has an invalid length.
[  148.309899][ T7352] netlink: 'syz.1.1256': attribute type 3 has an invalid length.
[  148.481403][ T7355] netlink: 'syz.4.1255': attribute type 3 has an invalid length.
[  148.513040][ T7359] netlink: 'syz.2.1259': attribute type 12 has an invalid length.
[  148.565471][ T7365] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1262'.
[  148.594869][ T7367] netlink: 'syz.4.1264': attribute type 12 has an invalid length.
[  148.609514][ T7369] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1263'.
[  148.636651][ T7373] netlink: 'syz.2.1266': attribute type 3 has an invalid length.
[  148.686008][ T7379] sd 0:0:1:0: device reset
[  148.762956][ T7385] netlink: 'syz.1.1272': attribute type 12 has an invalid length.
[  148.980451][ T7400] netlink: 'syz.3.1278': attribute type 3 has an invalid length.
[  149.045713][ T7404] netlink: 'syz.1.1279': attribute type 12 has an invalid length.
[  149.105927][ T7408] sd 0:0:1:0: device reset
[  149.133106][ T7402] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1280'.
[  149.309173][ T7406] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  149.394701][ T7414] sd 0:0:1:0: device reset
[  149.465833][ T7406] netdevsim netdevsim2: Direct firmware load for ./file0/file1 failed with error -2
[  149.495885][ T7419] netlink: 'syz.3.1285': attribute type 12 has an invalid length.
[  149.763378][ T7421] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1286'.
[  149.775582][ T7421] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1286'.
[  149.920890][ T7383] Set syz1 is full, maxelem 65536 reached
[  149.937110][ T7430] loop2: detected capacity change from 0 to 2048
[  149.968576][ T7432] sd 0:0:1:0: device reset
[  149.977566][ T7430] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.989921][ T7430] ext4 filesystem being mounted at /328/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  150.006132][   T29] kauditd_printk_skb: 198 callbacks suppressed
[  150.006213][   T29] audit: type=1400 audit(1762006540.548:3741): avc:  denied  { write } for  pid=7429 comm="syz.2.1290" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  150.012471][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.035285][ T7440] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1291'.
[  150.083540][ T7442] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1295'.
[  150.112565][ T7445] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1290: bg 0: block 345: padding at end of block bitmap is not set
[  150.162253][   T29] audit: type=1326 audit(1762006540.688:3742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7447 comm="syz.3.1296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b9910efc9 code=0x7ffc0000
[  150.167028][ T7445] EXT4-fs (loop2): Remounting filesystem read-only
[  150.185787][   T29] audit: type=1326 audit(1762006540.688:3743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7447 comm="syz.3.1296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8b9910efc9 code=0x7ffc0000
[  150.215963][   T29] audit: type=1326 audit(1762006540.688:3744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7447 comm="syz.3.1296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b9910efc9 code=0x7ffc0000
[  150.217054][ T6713] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[  150.239944][   T29] audit: type=1326 audit(1762006540.688:3745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7447 comm="syz.3.1296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b9910efc9 code=0x7ffc0000
[  150.277027][   T29] audit: type=1326 audit(1762006540.688:3746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7447 comm="syz.3.1296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8b9910efc9 code=0x7ffc0000
[  150.300530][   T29] audit: type=1326 audit(1762006540.688:3747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7447 comm="syz.3.1296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b9910efc9 code=0x7ffc0000
[  150.302658][ T7453] sd 0:0:1:0: device reset
[  150.324016][   T29] audit: type=1326 audit(1762006540.688:3748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7447 comm="syz.3.1296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b9910efc9 code=0x7ffc0000
[  150.351852][   T29] audit: type=1326 audit(1762006540.688:3749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7447 comm="syz.3.1296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8b9910efc9 code=0x7ffc0000
[  150.375492][   T29] audit: type=1326 audit(1762006540.688:3750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7447 comm="syz.3.1296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b9910efc9 code=0x7ffc0000
[  150.577976][ T7473] sd 0:0:1:0: device reset
[  150.600672][ T7473] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1307'.
[  150.693704][ T7484] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1311'.
[  150.750465][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.775313][ T7491] loop2: detected capacity change from 0 to 512
[  150.788247][ T7491] EXT4-fs warning (device loop2): ext4_xattr_inode_get:560: inode #11: comm syz.2.1314: EA inode hash validation failed
[  150.801383][ T7491] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #15: comm syz.2.1314: corrupted inode contents
[  150.815568][ T7491] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #15: comm syz.2.1314: mark_inode_dirty error
[  150.844001][ T7491] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #15: comm syz.2.1314: corrupted inode contents
[  150.874534][ T7491] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2996: inode #15: comm syz.2.1314: mark_inode_dirty error
[  150.905468][ T7491] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2999: inode #15: comm syz.2.1314: mark inode dirty (error -117)
[  150.918785][ T7491] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[  150.929161][ T7491] EXT4-fs (loop2): 1 orphan inode deleted
[  150.938125][ T7491] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  150.966955][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.980361][ T7509] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1323'.
[  151.024011][ T7515] loop0: detected capacity change from 0 to 512
[  151.044354][ T7515] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.057185][ T7515] ext4 filesystem being mounted at /187/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  151.083985][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.114676][ T7524] loop0: detected capacity change from 0 to 764
[  151.253728][ T7532] loop0: detected capacity change from 0 to 128
[  151.264408][ T7532] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  151.280113][ T7532] ext4 filesystem being mounted at /190/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  151.319259][ T7532] siw: device registration error -23
[  151.383325][ T3315] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  151.449855][ T7553] loop0: detected capacity change from 0 to 2048
[  151.474221][ T7553] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.486819][ T7553] ext4 filesystem being mounted at /192/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  151.548825][ T7553] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.771500][ T7567] syz.0.1343 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  152.130512][ T7583] sd 0:0:1:0: device reset
[  152.250749][ T7583] hsr_slave_0: left promiscuous mode
[  152.545121][ T7608] sd 0:0:1:0: device reset
[  152.676567][ T7554] Set syz1 is full, maxelem 65536 reached
[  152.930173][ T7633] loop1: detected capacity change from 0 to 128
[  152.937691][ T7633] FAT-fs (loop1): bogus number of reserved sectors
[  152.944259][ T7633] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  152.953605][ T7633] FAT-fs (loop1): Can't find a valid FAT filesystem
[  152.987903][ T7637] validate_nla: 25 callbacks suppressed
[  152.987919][ T7637] netlink: 'syz.2.1370': attribute type 3 has an invalid length.
[  153.021556][ T7643] FAULT_INJECTION: forcing a failure.
[  153.021556][ T7643] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.034712][ T7643] CPU: 1 UID: 0 PID: 7643 Comm: syz.2.1372 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  153.034802][ T7643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  153.034815][ T7643] Call Trace:
[  153.034822][ T7643]  <TASK>
[  153.034831][ T7643]  __dump_stack+0x1d/0x30
[  153.034861][ T7643]  dump_stack_lvl+0xe8/0x140
[  153.034889][ T7643]  dump_stack+0x15/0x1b
[  153.034909][ T7643]  should_fail_ex+0x265/0x280
[  153.034998][ T7643]  should_fail+0xb/0x20
[  153.035021][ T7643]  should_fail_usercopy+0x1a/0x20
[  153.035043][ T7643]  _copy_from_user+0x1c/0xb0
[  153.035069][ T7643]  ___sys_sendmsg+0xc1/0x1d0
[  153.035180][ T7643]  __x64_sys_sendmsg+0xd4/0x160
[  153.035211][ T7643]  x64_sys_call+0x191e/0x3000
[  153.035288][ T7643]  do_syscall_64+0xd2/0x200
[  153.035312][ T7643]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  153.035350][ T7643]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  153.035392][ T7643]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.035417][ T7643] RIP: 0033:0x7f328241efc9
[  153.035436][ T7643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.035460][ T7643] RSP: 002b:00007f3280e87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  153.035527][ T7643] RAX: ffffffffffffffda RBX: 00007f3282675fa0 RCX: 00007f328241efc9
[  153.035544][ T7643] RDX: 0000000020000000 RSI: 0000200000000080 RDI: 0000000000000003
[  153.035560][ T7643] RBP: 00007f3280e87090 R08: 0000000000000000 R09: 0000000000000000
[  153.035627][ T7643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  153.035644][ T7643] R13: 00007f3282676038 R14: 00007f3282675fa0 R15: 00007fffdca728f8
[  153.035665][ T7643]  </TASK>
[  153.366276][ T7653] netlink: 'syz.4.1378': attribute type 12 has an invalid length.
[  153.370406][ T7655] netlink: 'syz.3.1377': attribute type 3 has an invalid length.
[  153.458148][ T7665] loop3: detected capacity change from 0 to 512
[  153.480191][ T7665] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  153.490349][ T7665] EXT4-fs (loop3): orphan cleanup on readonly fs
[  153.497129][ T7665] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  153.516266][ T7665] EXT4-fs (loop3): Remounting filesystem read-only
[  153.529794][ T7665] EXT4-fs (loop3): 1 truncate cleaned up
[  153.536252][ T7665] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  153.552099][ T7665] bridge_slave_0: left allmulticast mode
[  153.557871][ T7665] bridge_slave_0: left promiscuous mode
[  153.563682][ T7665] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.571797][ T7665] bridge_slave_1: left allmulticast mode
[  153.577581][ T7665] bridge_slave_1: left promiscuous mode
[  153.583399][ T7665] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.592938][ T7665] bond0: (slave bond_slave_0): Releasing backup interface
[  153.601613][ T7665] bond0: (slave bond_slave_1): Releasing backup interface
[  153.610101][ T7683] netlink: 'syz.3.1383': attribute type 10 has an invalid length.
[  153.618094][ T7683] __nla_validate_parse: 9 callbacks suppressed
[  153.618113][ T7683] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1383'.
[  153.633742][ T7665] team0: Port device team_slave_0 removed
[  153.642721][ T7665] team0: Port device team_slave_1 removed
[  153.648678][ T7665] batman_adv: batadv0: Removing interface: batadv_slave_0
[  153.656580][ T7665] batman_adv: batadv0: Removing interface: batadv_slave_1
[  153.664622][ T7665] bond1: (slave veth3): Releasing active interface
[  153.674085][ T7683] veth1_vlan: left promiscuous mode
[  153.682340][ T7683] batman_adv: batadv0: Adding interface: veth1_vlan
[  153.688982][ T7683] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  153.719052][ T7687] loop0: detected capacity change from 0 to 128
[  153.723756][ T7683] batman_adv: batadv0: Interface activated: veth1_vlan
[  153.790624][ T7691] netlink: 'syz.0.1392': attribute type 3 has an invalid length.
[  153.803711][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.831666][ T7693] loop3: detected capacity change from 0 to 512
[  153.849771][ T7693] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  153.858102][ T7693] EXT4-fs (loop3): orphan cleanup on readonly fs
[  153.866556][ T7693] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.1393: corrupted inode contents
[  153.879745][ T7693] EXT4-fs (loop3): Remounting filesystem read-only
[  153.886456][ T7693] EXT4-fs (loop3): 1 truncate cleaned up
[  153.892330][ T6713] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  153.902926][ T6713] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  153.915853][ T6713] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  153.926827][ T7693] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  153.944395][ T7698] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1394'.
[  153.953369][ T7698] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1394'.
[  154.502008][ T7714] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1401'.
[  154.662927][ T7682] Set syz1 is full, maxelem 65536 reached
[  154.700279][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.703311][ T7722] batman_adv: batadv0: Interface deactivated: veth1_vlan
[  154.717812][ T7722] batman_adv: batadv0: Removing interface: veth1_vlan
[  154.735968][ T7726] netlink: 'syz.3.1405': attribute type 12 has an invalid length.
[  154.806320][ T7736] loop0: detected capacity change from 0 to 512
[  154.820879][ T7728] loop2: detected capacity change from 0 to 1024
[  154.831539][ T7739] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1411'.
[  154.836325][ T7728] EXT4-fs: Ignoring removed orlov option
[  154.846321][ T7728] EXT4-fs: inline encryption not supported
[  154.853394][ T7736] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.853608][ T7728] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (52289!=20869)
[  154.875872][ T7728] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  154.886496][ T7736] ext4 filesystem being mounted at /210/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.888688][ T7728] EXT4-fs (loop2): invalid journal inode
[  154.902727][ T7728] EXT4-fs (loop2): can't get journal size
[  154.910114][ T7728] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  154.927267][ T7745] netlink: 'syz.3.1412': attribute type 12 has an invalid length.
[  154.948814][ T7747] netlink: 'syz.4.1413': attribute type 3 has an invalid length.
[  154.988568][ T7751] sd 0:0:1:0: device reset
[  155.007178][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.038238][ T7754] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1415'.
[  155.047248][ T7754] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1415'.
[  155.146302][ T7767] netlink: 'syz.2.1421': attribute type 12 has an invalid length.
[  155.230324][   T29] kauditd_printk_skb: 390 callbacks suppressed
[  155.230374][   T29] audit: type=1326 audit(1762006545.768:4135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7772 comm="syz.2.1424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328241efc9 code=0x7ffc0000
[  155.245118][ T7773] netlink: 'syz.2.1424': attribute type 12 has an invalid length.
[  155.268316][   T29] audit: type=1326 audit(1762006545.788:4136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7772 comm="syz.2.1424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f328241efc9 code=0x7ffc0000
[  155.268366][   T29] audit: type=1326 audit(1762006545.788:4137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7772 comm="syz.2.1424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328241efc9 code=0x7ffc0000
[  155.268412][   T29] audit: type=1326 audit(1762006545.788:4138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7772 comm="syz.2.1424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328241efc9 code=0x7ffc0000
[  155.268445][   T29] audit: type=1326 audit(1762006545.788:4139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7772 comm="syz.2.1424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f328241efc9 code=0x7ffc0000
[  155.268478][   T29] audit: type=1326 audit(1762006545.788:4140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7772 comm="syz.2.1424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328241efc9 code=0x7ffc0000
[  155.268519][   T29] audit: type=1326 audit(1762006545.788:4141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7772 comm="syz.2.1424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328241efc9 code=0x7ffc0000
[  155.268586][   T29] audit: type=1326 audit(1762006545.788:4142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7772 comm="syz.2.1424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f328241efc9 code=0x7ffc0000
[  155.432825][   T29] audit: type=1326 audit(1762006545.788:4143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7772 comm="syz.2.1424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328241efc9 code=0x7ffc0000
[  155.456314][   T29] audit: type=1326 audit(1762006545.788:4144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7772 comm="syz.2.1424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f328241efc9 code=0x7ffc0000
[  155.543951][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.776149][ T7796] loop1: detected capacity change from 0 to 512
[  155.783071][ T7796] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  155.916605][ T7816] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1440'.
[  156.055262][ T7842] pimreg: entered allmulticast mode
[  156.064772][ T7846] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1446'.
[  156.073795][ T7846] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1446'.
[  156.104667][ T7841] unsupported nla_type 52263
[  156.110862][ T7840] pimreg: left allmulticast mode
[  156.141077][ T7855] hsr_slave_0: left promiscuous mode
[  156.224112][ T7865] loop1: detected capacity change from 0 to 512
[  156.234626][ T7865] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  156.248106][ T7865] ext4 filesystem being mounted at /288/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  156.374698][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.445979][ T7889] loop3: detected capacity change from 0 to 512
[  156.461696][ T7889] EXT4-fs (loop3): filesystem is read-only
[  156.468355][ T7889] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  156.481468][ T7889] EXT4-fs (loop3): filesystem is read-only
[  156.487462][ T7889] EXT4-fs (loop3): orphan cleanup on readonly fs
[  156.494393][ T7889] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #16: comm syz.3.1469: iget: bad i_size value: -504403158265486552
[  156.507856][ T7889] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1469: couldn't read orphan inode 16 (err -117)
[  156.520539][ T7889] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  156.536908][ T7889] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.556036][ T7948] 9pnet_fd: Insufficient options for proto=fd
[  158.096480][ T7920] Set syz1 is full, maxelem 65536 reached
[  158.134160][ T7963] loop1: detected capacity change from 0 to 128
[  158.141259][ T7963] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  158.153805][ T7963] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  158.190509][ T6776] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  158.516755][ T7974] validate_nla: 10 callbacks suppressed
[  158.516771][ T7974] netlink: 'syz.0.1496': attribute type 3 has an invalid length.
[  158.717991][ T7956] Set syz1 is full, maxelem 65536 reached
[  158.852637][ T7999] loop1: detected capacity change from 0 to 512
[  158.863763][ T7999] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.876730][ T7999] ext4 filesystem being mounted at /298/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  158.953359][ T8011] netlink: 'syz.2.1506': attribute type 3 has an invalid length.
[  158.955122][ T8010] netlink: 'syz.4.1508': attribute type 12 has an invalid length.
[  158.988129][ T8007] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=8007 comm=syz.1.1503
[  159.000752][ T8007] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=60 sclass=netlink_route_socket pid=8007 comm=syz.1.1503
[  159.013475][ T8007] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=64 sclass=netlink_route_socket pid=8007 comm=syz.1.1503
[  159.026633][ T8007] __nla_validate_parse: 8 callbacks suppressed
[  159.026650][ T8007] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1503'.
[  159.030136][ T8016] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1507'.
[  159.050957][ T8016] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1507'.
[  159.068690][ T8012] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.1503: corrupted inode contents
[  159.091658][ T8012] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #2: comm syz.1.1503: mark_inode_dirty error
[  159.106472][ T8007] 8021q: adding VLAN 0 to HW filter on device bond0
[  159.114739][ T8007] 8021q: adding VLAN 0 to HW filter on device team0
[  159.130596][ T8022] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1511'.
[  159.139834][ T8007] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  159.157753][ T8012] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.1503: corrupted inode contents
[  159.169878][ T8017] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1509'.
[  159.170059][ T8012] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.1503: mark_inode_dirty error
[  159.178911][ T8017] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1509'.
[  159.287323][ T8029] loop2: detected capacity change from 0 to 128
[  159.302892][ T8029] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  159.372572][ T8029] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  159.416559][ T6713] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  159.470282][ T8032] siw: device registration error -23
[  159.603136][ T8038] batman_adv: batadv0: Interface deactivated: veth1_vlan
[  159.610717][ T8038] batman_adv: batadv0: Removing interface: veth1_vlan
[  159.683775][ T8044] netlink: 'syz.3.1520': attribute type 3 has an invalid length.
[  159.720938][ T8048] loop3: detected capacity change from 0 to 512
[  159.733952][ T8048] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.746640][ T8048] ext4 filesystem being mounted at /307/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  159.884932][ T8054] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=8054 comm=syz.3.1522
[  159.897492][ T8054] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=60 sclass=netlink_route_socket pid=8054 comm=syz.3.1522
[  159.910068][ T8054] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=64 sclass=netlink_route_socket pid=8054 comm=syz.3.1522
[  159.942275][ T8054] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1522'.
[  159.954050][ T8061] netlink: 'syz.0.1526': attribute type 12 has an invalid length.
[  160.001999][ T8054] 8021q: adding VLAN 0 to HW filter on device bond0
[  160.019091][ T8054] 8021q: adding VLAN 0 to HW filter on device team0
[  160.033695][ T8054] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  160.049178][ T6930] lo speed is unknown, defaulting to 1000
[  160.054987][ T6930] syz2: Port: 1 Link ACTIVE
[  160.133821][ T8066] netlink: 'syz.2.1527': attribute type 12 has an invalid length.
[  160.272113][ T8075] netlink: 'syz.2.1532': attribute type 3 has an invalid length.
[  160.358364][ T8080] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1534'.
[  160.368009][   T29] kauditd_printk_skb: 135 callbacks suppressed
[  160.368024][   T29] audit: type=1326 audit(1762006550.898:4280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8077 comm="syz.2.1533" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f328241efc9 code=0x0
[  160.624101][ T8081] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1533'.
[  160.633066][ T8081] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1533'.
[  160.744946][   T29] audit: type=1326 audit(1762006551.288:4281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8090 comm="syz.4.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d887efc9 code=0x7ffc0000
[  160.768490][   T29] audit: type=1326 audit(1762006551.288:4282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8090 comm="syz.4.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f89d887efc9 code=0x7ffc0000
[  160.844527][   T29] audit: type=1326 audit(1762006551.338:4283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8090 comm="syz.4.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d887efc9 code=0x7ffc0000
[  160.868217][   T29] audit: type=1326 audit(1762006551.338:4284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8090 comm="syz.4.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=197 compat=0 ip=0x7f89d887efc9 code=0x7ffc0000
[  160.891867][   T29] audit: type=1326 audit(1762006551.338:4285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8090 comm="syz.4.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d887efc9 code=0x7ffc0000
[  160.915412][   T29] audit: type=1326 audit(1762006551.338:4286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8090 comm="syz.4.1538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d887efc9 code=0x7ffc0000
[  160.916650][ T8095] netlink: 'syz.0.1536': attribute type 3 has an invalid length.
[  161.108492][ T8104] netlink: 'syz.0.1543': attribute type 3 has an invalid length.
[  161.294135][ T8112] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8112 comm=syz.0.1546
[  161.306780][ T8112] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8112 comm=syz.0.1546
[  161.333220][ T8112] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  161.421968][ T8115] netlink: 'syz.0.1547': attribute type 12 has an invalid length.
[  161.545189][   T29] audit: type=1326 audit(1762006552.088:4287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8118 comm="syz.0.1549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5416d7efc9 code=0x7ffc0000
[  161.568672][   T29] audit: type=1326 audit(1762006552.088:4288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8118 comm="syz.0.1549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5416d7efc9 code=0x7ffc0000
[  161.612344][   T29] audit: type=1326 audit(1762006552.138:4289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8118 comm="syz.0.1549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f5416d7efc9 code=0x7ffc0000
[  162.250145][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.273106][ T8152] loop1: detected capacity change from 0 to 128
[  162.282374][ T8152] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  162.296234][ T8152] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  162.388176][ T6781] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  162.412837][ T8162] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  162.577713][ T8184] tipc: Started in network mode
[  162.582699][ T8184] tipc: Node identity e6eb0f46689f, cluster identity 4711
[  162.589888][ T8184] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  162.600215][ T8184] syzkaller0: entered promiscuous mode
[  162.605872][ T8184] syzkaller0: entered allmulticast mode
[  162.627011][ T8184] tipc: Resetting bearer <eth:syzkaller0>
[  162.635502][ T8183] tipc: Resetting bearer <eth:syzkaller0>
[  162.676414][ T8183] tipc: Disabling bearer <eth:syzkaller0>
[  163.060380][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.148906][ T8246] sd 0:0:1:0: device reset
[  163.213172][ T8238] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8238 comm=syz.2.1601
[  163.360411][ T8259] loop0: detected capacity change from 0 to 1024
[  163.367725][ T8259] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  163.465303][ T8266] loop2: detected capacity change from 0 to 512
[  163.503274][ T8267] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  163.521883][ T8267] loop0: detected capacity change from 0 to 512
[  163.532139][ T8267] EXT4-fs (loop0): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  163.545406][ T8266] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.561139][ T8266] ext4 filesystem being mounted at /395/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  163.672835][ T8276] validate_nla: 8 callbacks suppressed
[  163.672855][ T8276] netlink: 'syz.1.1614': attribute type 12 has an invalid length.
[  163.696301][ T8278] loop3: detected capacity change from 0 to 512
[  163.714895][ T8280] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=8280 comm=syz.2.1613
[  163.732334][ T8278] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  163.763356][ T8284] sd 0:0:1:0: device reset
[  163.763551][ T8214] Set syz1 is full, maxelem 65536 reached
[  163.770049][ T8267] EXT4-fs error (device loop0): ext4_quota_enable:7132: comm syz.0.1609: Bad quota inum: 2, type: 1
[  163.783100][ T8267] EXT4-fs warning (device loop0): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=2). Please run e2fsck to fix.
[  163.839634][ T8280] 8021q: adding VLAN 0 to HW filter on device bond0
[  163.864802][ T3315] EXT4-fs (loop0): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  163.874559][ T8280] 8021q: adding VLAN 0 to HW filter on device team0
[  163.904390][ T8280] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  163.994641][ T8305] FAULT_INJECTION: forcing a failure.
[  163.994641][ T8305] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.007845][ T8305] CPU: 0 UID: 0 PID: 8305 Comm: syz.0.1627 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  164.007890][ T8305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  164.007907][ T8305] Call Trace:
[  164.007914][ T8305]  <TASK>
[  164.007923][ T8305]  __dump_stack+0x1d/0x30
[  164.007952][ T8305]  dump_stack_lvl+0xe8/0x140
[  164.007975][ T8305]  dump_stack+0x15/0x1b
[  164.007992][ T8305]  should_fail_ex+0x265/0x280
[  164.008019][ T8305]  should_fail+0xb/0x20
[  164.008041][ T8305]  should_fail_usercopy+0x1a/0x20
[  164.008069][ T8305]  _copy_from_user+0x1c/0xb0
[  164.008101][ T8305]  ___sys_sendmsg+0xc1/0x1d0
[  164.008274][ T8305]  __x64_sys_sendmsg+0xd4/0x160
[  164.008299][ T8305]  x64_sys_call+0x191e/0x3000
[  164.008329][ T8305]  do_syscall_64+0xd2/0x200
[  164.008354][ T8305]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  164.008427][ T8305]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  164.008525][ T8305]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.008553][ T8305] RIP: 0033:0x7f5416d7efc9
[  164.008622][ T8305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.008646][ T8305] RSP: 002b:00007f54157e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  164.008671][ T8305] RAX: ffffffffffffffda RBX: 00007f5416fd5fa0 RCX: 00007f5416d7efc9
[  164.008723][ T8305] RDX: 0000000020000000 RSI: 0000200000000080 RDI: 0000000000000003
[  164.008735][ T8305] RBP: 00007f54157e7090 R08: 0000000000000000 R09: 0000000000000000
[  164.008826][ T8305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.008842][ T8305] R13: 00007f5416fd6038 R14: 00007f5416fd5fa0 R15: 00007ffc7c480cf8
[  164.008866][ T8305]  </TASK>
[  164.233020][ T8310] netlink: 'syz.1.1628': attribute type 10 has an invalid length.
[  164.241010][ T8310] __nla_validate_parse: 8 callbacks suppressed
[  164.241096][ T8310] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1628'.
[  164.312060][ T8322] netlink: 'syz.1.1633': attribute type 3 has an invalid length.
[  164.465754][ T8341] loop3: detected capacity change from 0 to 128
[  164.527483][ T8343] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1641'.
[  164.642695][ T8341] syz.3.1640: attempt to access beyond end of device
[  164.642695][ T8341] loop3: rw=2049, sector=185, nr_sectors = 16 limit=128
[  164.657189][ T8341] syz.3.1640: attempt to access beyond end of device
[  164.657189][ T8341] loop3: rw=2049, sector=209, nr_sectors = 8 limit=128
[  164.671056][ T8341] syz.3.1640: attempt to access beyond end of device
[  164.671056][ T8341] loop3: rw=2049, sector=225, nr_sectors = 8 limit=128
[  164.685044][ T8341] syz.3.1640: attempt to access beyond end of device
[  164.685044][ T8341] loop3: rw=2049, sector=241, nr_sectors = 8 limit=128
[  164.698818][ T8341] syz.3.1640: attempt to access beyond end of device
[  164.698818][ T8341] loop3: rw=2049, sector=257, nr_sectors = 8 limit=128
[  164.712795][ T8341] syz.3.1640: attempt to access beyond end of device
[  164.712795][ T8341] loop3: rw=2049, sector=273, nr_sectors = 8 limit=128
[  164.726559][ T8341] syz.3.1640: attempt to access beyond end of device
[  164.726559][ T8341] loop3: rw=2049, sector=289, nr_sectors = 8 limit=128
[  164.740305][ T8341] syz.3.1640: attempt to access beyond end of device
[  164.740305][ T8341] loop3: rw=2049, sector=305, nr_sectors = 8 limit=128
[  164.765192][ T8341] syz.3.1640: attempt to access beyond end of device
[  164.765192][ T8341] loop3: rw=2049, sector=321, nr_sectors = 8 limit=128
[  164.779012][ T8341] syz.3.1640: attempt to access beyond end of device
[  164.779012][ T8341] loop3: rw=2049, sector=337, nr_sectors = 8 limit=128
[  164.845389][ T8359] loop1: detected capacity change from 0 to 512
[  164.874229][ T8359] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  164.892872][ T8359] EXT4-fs (loop1): orphan cleanup on readonly fs
[  164.901782][ T8359] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.1645: corrupted inode contents
[  164.920700][ T8359] EXT4-fs (loop1): Remounting filesystem read-only
[  164.941836][ T8359] EXT4-fs (loop1): 1 truncate cleaned up
[  164.947903][ T6781] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  164.958518][ T6781] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  164.973467][ T8365] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1649'.
[  164.983320][ T6781] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  165.035717][ T8359] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  165.082845][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.161049][ T8376] netlink: 'syz.3.1654': attribute type 12 has an invalid length.
[  165.212718][ T8382] SELinux:  policydb version 0 does not match my version range 15-35
[  165.225814][ T8384] sd 0:0:1:0: device reset
[  165.230663][ T8382] SELinux: failed to load policy
[  165.364046][ T8397] vlan3: entered allmulticast mode
[  165.388069][   T29] kauditd_printk_skb: 123 callbacks suppressed
[  165.388089][   T29] audit: type=1400 audit(1762006555.928:4407): avc:  denied  { watch_reads } for  pid=8385 comm="syz.3.1659" path="/328/file0" dev="tmpfs" ino=1748 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  165.447537][ T8380] loop1: detected capacity change from 0 to 32768
[  165.486870][   T29] audit: type=1326 audit(1762006556.028:4408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8379 comm="syz.1.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8793f3efc9 code=0x7ffc0000
[  165.510457][   T29] audit: type=1326 audit(1762006556.028:4409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8379 comm="syz.1.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8793f3efc9 code=0x7ffc0000
[  165.534412][   T29] audit: type=1326 audit(1762006556.028:4410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8379 comm="syz.1.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8793f3efc9 code=0x7ffc0000
[  165.568347][ T8405] bridge1: entered allmulticast mode
[  165.583530][ T8407] netlink: 'syz.0.1666': attribute type 12 has an invalid length.
[  165.595058][ T8404] bridge1: left allmulticast mode
[  165.609633][   T29] audit: type=1326 audit(1762006556.098:4411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8379 comm="syz.1.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f8793f3efc9 code=0x7ffc0000
[  165.633151][   T29] audit: type=1326 audit(1762006556.098:4412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8379 comm="syz.1.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8793f3efc9 code=0x7ffc0000
[  165.656856][   T29] audit: type=1326 audit(1762006556.098:4413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8403 comm="syz.1.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f8793f71885 code=0x7ffc0000
[  165.680421][   T29] audit: type=1326 audit(1762006556.098:4414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8379 comm="syz.1.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8793f3efc9 code=0x7ffc0000
[  165.703972][   T29] audit: type=1326 audit(1762006556.108:4415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8379 comm="syz.1.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f8793f3dc2a code=0x7ffc0000
[  165.727308][   T29] audit: type=1326 audit(1762006556.108:4416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8379 comm="syz.1.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f8793f71885 code=0x7ffc0000
[  165.755267][ T8413] sd 0:0:1:0: device reset
[  166.083827][ T8429] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1674'.
[  166.092845][ T8429] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1674'.
[  166.299487][ T8440] netlink: 'syz.0.1678': attribute type 3 has an invalid length.
[  166.374572][ T8444] sd 0:0:1:0: device reset
[  166.393196][ T8446] wireguard0: entered promiscuous mode
[  166.398733][ T8446] wireguard0: entered allmulticast mode
[  166.503690][ T8457] netlink: 'syz.1.1685': attribute type 12 has an invalid length.
[  166.692593][ T8471] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1690'.
[  166.872733][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.894197][ T8473] netlink: 'syz.4.1692': attribute type 3 has an invalid length.
[  166.953590][ T8477] sd 0:0:1:0: device reset
[  167.059480][ T8482] netlink: 'syz.2.1691': attribute type 3 has an invalid length.
[  167.073472][ T8483] netlink: 'syz.4.1696': attribute type 12 has an invalid length.
[  167.427798][ T8454] Set syz1 is full, maxelem 65536 reached
[  167.525026][ T8520] loop3: detected capacity change from 0 to 512
[  167.537732][ T8520] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  167.555394][ T8520] EXT4-fs (loop3): mount failed
[  167.566749][ T8520] netlink: 296 bytes leftover after parsing attributes in process `syz.3.1712'.
[  167.571439][ T8527] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1714'.
[  167.586828][ T8520] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1712'.
[  167.649667][ T8540] selinux_netlink_send: 2 callbacks suppressed
[  167.649681][ T8540] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=3122 sclass=netlink_xfrm_socket pid=8540 comm=syz.3.1719
[  167.716509][ T8547] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1718'.
[  168.006813][ T8592] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  168.015397][ T8592] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  168.031556][ T8592] ip6gretap1: entered allmulticast mode
[  168.186411][ T8619] sd 0:0:1:0: device reset
[  168.257529][ T8631] loop1: detected capacity change from 0 to 1024
[  168.264205][ T8631] EXT4-fs: Ignoring removed orlov option
[  168.272502][ T8631] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.298104][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.564635][ T8669] bridge0: entered promiscuous mode
[  168.569976][ T8669] macsec1: entered allmulticast mode
[  168.575404][ T8669] bridge0: entered allmulticast mode
[  168.582747][ T8669] bridge0: port 3(macsec1) entered blocking state
[  168.589299][ T8669] bridge0: port 3(macsec1) entered disabled state
[  168.597123][ T8669] bridge0: left allmulticast mode
[  168.602232][ T8669] bridge0: left promiscuous mode
[  168.684732][ T8682] validate_nla: 9 callbacks suppressed
[  168.684754][ T8682] netlink: 'syz.3.1776': attribute type 3 has an invalid length.
[  168.691844][ T8684] netlink: 'syz.2.1777': attribute type 12 has an invalid length.
[  168.740358][ T8690] netlink: 'syz.3.1779': attribute type 12 has an invalid length.
[  168.764305][ T8696] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  168.773108][ T8696] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  168.823982][ T8705] netlink: 'syz.3.1787': attribute type 12 has an invalid length.
[  168.831121][ T8707] sd 0:0:1:0: device reset
[  168.864010][ T8711] netlink: 'syz.0.1790': attribute type 3 has an invalid length.
[  168.919056][ T8720] netlink: 'syz.3.1795': attribute type 12 has an invalid length.
[  168.955884][ T8725] loop0: detected capacity change from 0 to 512
[  168.974201][ T8725] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.986841][ T8725] ext4 filesystem being mounted at /283/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  168.997964][ T8725] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.062553][ T8731] SELinux:  Context system_u:object_r:systemd_systemctl_exec_t:s0 is not valid (left unmapped).
[  169.096863][ T8733] netlink: 'syz.0.1799': attribute type 12 has an invalid length.
[  169.167261][ T8738] netlink: 'syz.4.1802': attribute type 3 has an invalid length.
[  169.372829][ T8746] loop2: detected capacity change from 0 to 512
[  169.381037][ T8746] EXT4-fs (loop2): orphan cleanup on readonly fs
[  169.388007][ T8746] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.1805: bad orphan inode 13
[  169.399753][ T8746] ext4_test_bit(bit=12, block=18) = 1
[  169.405270][ T8746] is_bad_inode(inode)=0
[  169.409502][ T8746] NEXT_ORPHAN(inode)=2130706432
[  169.414531][ T8746] max_ino=32
[  169.417819][ T8746] i_nlink=1
[  169.422389][ T8746] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  169.601421][ T8761] netlink: 'syz.1.1811': attribute type 12 has an invalid length.
[  169.611504][ T8746] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  169.722535][ T8746] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  169.745924][ T8769] netlink: 'syz.0.1814': attribute type 3 has an invalid length.
[  169.802553][ T8746] EXT4-fs error (device loop2): ext4_lookup:1791: inode #2: comm syz.2.1805: deleted inode referenced: 12
[  169.829289][ T8727] Set syz1 is full, maxelem 65536 reached
[  169.856212][ T8772] __nla_validate_parse: 9 callbacks suppressed
[  169.856231][ T8772] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1815'.
[  170.083643][ T8783] hub 2-0:1.0: USB hub found
[  170.088402][ T8783] hub 2-0:1.0: 8 ports detected
[  170.100985][ T8799] loop0: detected capacity change from 0 to 512
[  170.118313][ T8799] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.131089][ T8799] ext4 filesystem being mounted at /291/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  170.233705][ T8808] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1829'.
[  170.264600][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.351636][ T8819] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1832'.
[  170.369568][ T8824] 9pnet_fd: Insufficient options for proto=fd
[  170.413436][ T8814] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=8814 comm=syz.0.1825
[  170.413476][ T8814] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=60 sclass=netlink_route_socket pid=8814 comm=syz.0.1825
[  170.413506][ T8814] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=64 sclass=netlink_route_socket pid=8814 comm=syz.0.1825
[  170.413691][ T8814] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1825'.
[  170.427749][ T8829] sd 0:0:1:0: device reset
[  170.466541][   T29] kauditd_printk_skb: 119 callbacks suppressed
[  170.466558][   T29] audit: type=1400 audit(1762006561.008:4533): avc:  denied  { bind } for  pid=8832 comm="syz.1.1839" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  170.468956][   T29] audit: type=1326 audit(1762006561.008:4534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8832 comm="syz.1.1839" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8793f3efc9 code=0x0
[  170.488081][ T8814] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  170.497665][ T8838] FAULT_INJECTION: forcing a failure.
[  170.497665][ T8838] name failslab, interval 1, probability 0, space 0, times 0
[  170.497701][ T8838] CPU: 1 UID: 0 PID: 8838 Comm: syz.2.1841 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  170.497753][ T8838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  170.497770][ T8838] Call Trace:
[  170.497777][ T8838]  <TASK>
[  170.497786][ T8838]  __dump_stack+0x1d/0x30
[  170.497815][ T8838]  dump_stack_lvl+0xe8/0x140
[  170.497842][ T8838]  dump_stack+0x15/0x1b
[  170.497908][ T8838]  should_fail_ex+0x265/0x280
[  170.497934][ T8838]  should_failslab+0x8c/0xb0
[  170.498018][ T8838]  kmem_cache_alloc_noprof+0x50/0x480
[  170.498051][ T8838]  ? skb_clone+0x151/0x1f0
[  170.498084][ T8838]  skb_clone+0x151/0x1f0
[  170.498108][ T8838]  __netlink_deliver_tap+0x2c9/0x500
[  170.498158][ T8838]  netlink_unicast+0x66b/0x690
[  170.498231][ T8838]  netlink_sendmsg+0x58b/0x6b0
[  170.498259][ T8838]  ? __pfx_netlink_sendmsg+0x10/0x10
[  170.498289][ T8838]  __sock_sendmsg+0x145/0x180
[  170.498322][ T8838]  ____sys_sendmsg+0x31e/0x4e0
[  170.498380][ T8838]  ___sys_sendmsg+0x17b/0x1d0
[  170.498473][ T8838]  __x64_sys_sendmsg+0xd4/0x160
[  170.498502][ T8838]  x64_sys_call+0x191e/0x3000
[  170.498538][ T8838]  do_syscall_64+0xd2/0x200
[  170.498575][ T8838]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  170.498611][ T8838]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  170.498650][ T8838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.498705][ T8838] RIP: 0033:0x7f328241efc9
[  170.498725][ T8838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.498747][ T8838] RSP: 002b:00007f3280e87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  170.498772][ T8838] RAX: ffffffffffffffda RBX: 00007f3282675fa0 RCX: 00007f328241efc9
[  170.498787][ T8838] RDX: 0000000000000084 RSI: 0000200000000580 RDI: 0000000000000006
[  170.498825][ T8838] RBP: 00007f3280e87090 R08: 0000000000000000 R09: 0000000000000000
[  170.498838][ T8838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.498850][ T8838] R13: 00007f3282676038 R14: 00007f3282675fa0 R15: 00007fffdca728f8
[  170.498914][ T8838]  </TASK>
[  170.622875][ T8805] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #2: comm syz.0.1825: corrupted inode contents
[  170.646170][   T29] audit: type=1400 audit(1762006561.158:4535): avc:  denied  { write } for  pid=8847 comm="syz.3.1845" name="rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  170.647886][ T8805] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #2: comm syz.0.1825: mark_inode_dirty error
[  170.692685][ T8805] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #2: comm syz.0.1825: corrupted inode contents
[  170.787981][ T8848] loop3: detected capacity change from 0 to 4096
[  170.823121][ T8805] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.1825: mark_inode_dirty error
[  171.003647][ T8848] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.044832][   T29] audit: type=1326 audit(1762006561.588:4536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8863 comm="syz.4.1850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d887efc9 code=0x7ffc0000
[  171.079757][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.126563][   T29] audit: type=1326 audit(1762006561.618:4537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8863 comm="syz.4.1850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f89d887efc9 code=0x7ffc0000
[  171.150129][   T29] audit: type=1326 audit(1762006561.638:4538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8863 comm="syz.4.1850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d887efc9 code=0x7ffc0000
[  171.173641][   T29] audit: type=1326 audit(1762006561.638:4539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8863 comm="syz.4.1850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d887efc9 code=0x7ffc0000
[  171.197169][   T29] audit: type=1326 audit(1762006561.638:4540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8863 comm="syz.4.1850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=197 compat=0 ip=0x7f89d887efc9 code=0x7ffc0000
[  171.220599][   T29] audit: type=1326 audit(1762006561.638:4541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8863 comm="syz.4.1850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d887efc9 code=0x7ffc0000
[  171.244198][   T29] audit: type=1326 audit(1762006561.638:4542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8863 comm="syz.4.1850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d887efc9 code=0x7ffc0000
[  171.386647][ T8886] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1859'.
[  171.532349][ T8889] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1858'.
[  171.702880][ T8905] loop2: detected capacity change from 0 to 128
[  171.709473][ T8905] vfat: Unknown parameter 'Check'
[  171.822744][ T8918] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1873'.
[  171.972593][ T8937] loop1: detected capacity change from 0 to 512
[  172.003894][ T8937] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.055055][ T8937] ext4 filesystem being mounted at /363/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  172.126629][ T8951] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1887'.
[  172.149019][ T8937] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1881'.
[  172.237906][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.283887][ T8973] FAULT_INJECTION: forcing a failure.
[  172.283887][ T8973] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  172.297076][ T8973] CPU: 1 UID: 0 PID: 8973 Comm: syz.3.1896 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  172.297128][ T8973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  172.297163][ T8973] Call Trace:
[  172.297171][ T8973]  <TASK>
[  172.297261][ T8973]  __dump_stack+0x1d/0x30
[  172.297287][ T8973]  dump_stack_lvl+0xe8/0x140
[  172.297312][ T8973]  dump_stack+0x15/0x1b
[  172.297348][ T8973]  should_fail_ex+0x265/0x280
[  172.297384][ T8973]  should_fail+0xb/0x20
[  172.297477][ T8973]  should_fail_usercopy+0x1a/0x20
[  172.297503][ T8973]  _copy_to_user+0x20/0xa0
[  172.297607][ T8973]  simple_read_from_buffer+0xb5/0x130
[  172.297639][ T8973]  proc_fail_nth_read+0x10e/0x150
[  172.297690][ T8973]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  172.297732][ T8973]  vfs_read+0x1a8/0x770
[  172.297763][ T8973]  ? __rcu_read_unlock+0x4f/0x70
[  172.297803][ T8973]  ? __fget_files+0x184/0x1c0
[  172.297885][ T8973]  ksys_read+0xda/0x1a0
[  172.297919][ T8973]  __x64_sys_read+0x40/0x50
[  172.298055][ T8973]  x64_sys_call+0x27c0/0x3000
[  172.298088][ T8973]  do_syscall_64+0xd2/0x200
[  172.298108][ T8973]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  172.298150][ T8973]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  172.298190][ T8973]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.298219][ T8973] RIP: 0033:0x7f8b9910d9dc
[  172.298239][ T8973] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  172.298261][ T8973] RSP: 002b:00007f8b97b77030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  172.298344][ T8973] RAX: ffffffffffffffda RBX: 00007f8b99365fa0 RCX: 00007f8b9910d9dc
[  172.298361][ T8973] RDX: 000000000000000f RSI: 00007f8b97b770a0 RDI: 0000000000000004
[  172.298377][ T8973] RBP: 00007f8b97b77090 R08: 0000000000000000 R09: 0000000000000000
[  172.298391][ T8973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  172.298402][ T8973] R13: 00007f8b99366038 R14: 00007f8b99365fa0 R15: 00007fff53026b28
[  172.298466][ T8973]  </TASK>
[  172.612315][ T8986] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1901'.
[  172.991596][ T9006] IPv6: NLM_F_CREATE should be specified when creating new route
[  173.253115][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.367962][ T9031] loop0: detected capacity change from 0 to 512
[  173.375752][ T9031] EXT4-fs (loop0): orphan cleanup on readonly fs
[  173.382820][ T9031] EXT4-fs error (device loop0): ext4_orphan_get:1418: comm syz.0.1918: bad orphan inode 13
[  173.393281][ T9031] ext4_test_bit(bit=12, block=18) = 1
[  173.398952][ T9031] is_bad_inode(inode)=0
[  173.403213][ T9031] NEXT_ORPHAN(inode)=2130706432
[  173.408069][ T9031] max_ino=32
[  173.411268][ T9031] i_nlink=1
[  173.415306][ T9031] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  173.431512][ T9032] FAULT_INJECTION: forcing a failure.
[  173.431512][ T9032] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  173.444913][ T9032] CPU: 0 UID: 0 PID: 9032 Comm: +}[@ Not tainted syzkaller #0 PREEMPT(voluntary) 
[  173.444947][ T9032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  173.444963][ T9032] Call Trace:
[  173.444972][ T9032]  <TASK>
[  173.444982][ T9032]  __dump_stack+0x1d/0x30
[  173.445011][ T9032]  dump_stack_lvl+0xe8/0x140
[  173.445169][ T9032]  dump_stack+0x15/0x1b
[  173.445215][ T9032]  should_fail_ex+0x265/0x280
[  173.445236][ T9032]  should_fail_alloc_page+0xf2/0x100
[  173.445338][ T9032]  __alloc_frozen_pages_noprof+0xff/0x360
[  173.445430][ T9032]  alloc_pages_mpol+0xb3/0x260
[  173.445454][ T9032]  vma_alloc_folio_noprof+0x1aa/0x300
[  173.445480][ T9032]  do_wp_page+0xf60/0x2510
[  173.445506][ T9032]  ? __rcu_read_lock+0x37/0x50
[  173.445596][ T9032]  ? css_rstat_updated+0xb7/0x240
[  173.445616][ T9032]  ? __rcu_read_lock+0x37/0x50
[  173.445646][ T9032]  handle_mm_fault+0x77d/0x2be0
[  173.445674][ T9032]  ? vma_start_read+0x141/0x1f0
[  173.445714][ T9032]  do_user_addr_fault+0x630/0x1080
[  173.445787][ T9032]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  173.445824][ T9032]  exc_page_fault+0x62/0xa0
[  173.445858][ T9032]  asm_exc_page_fault+0x26/0x30
[  173.445966][ T9032] RIP: 0033:0x7f8b98fd0c03
[  173.445983][ T9032] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  173.446063][ T9032] RSP: 002b:00007f8b97b554a0 EFLAGS: 00010202
[  173.446080][ T9032] RAX: 0000000000000400 RBX: 00007f8b97b55540 RCX: 00007f8b8f736000
[  173.446095][ T9032] RDX: 00007f8b97b556e0 RSI: 0000000000000011 RDI: 00007f8b97b555e0
[  173.446108][ T9032] RBP: 00000000000000f9 R08: 0000000000000009 R09: 00000000000001c3
[  173.446161][ T9032] R10: 00000000000001d2 R11: 00007f8b97b55540 R12: 0000000000000001
[  173.446174][ T9032] R13: 00007f8b991adc40 R14: 0000000000000020 R15: 00007f8b97b555e0
[  173.446196][ T9032]  </TASK>
[  173.446266][ T9032] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  173.599403][ T9048] loop1: detected capacity change from 0 to 512
[  173.608015][ T9032] loop3: detected capacity change from 0 to 512
[  173.616799][ T9031] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  173.676622][ T9048] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.685942][ T9045] EXT4-fs error (device loop0): ext4_lookup:1791: inode #2: comm syz.0.1918: deleted inode referenced: 12
[  173.689812][ T9032] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.717642][ T9048] ext4 filesystem being mounted at /370/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  173.728363][ T9032] ext4 filesystem being mounted at /387/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  173.738922][ T9060] validate_nla: 8 callbacks suppressed
[  173.738939][ T9060] netlink: 'syz.4.1926': attribute type 12 has an invalid length.
[  173.756171][ T9059] bridge0: port 1(gretap0) entered blocking state
[  173.762882][ T9059] bridge0: port 1(gretap0) entered disabled state
[  173.771999][ T9059] gretap0: entered allmulticast mode
[  173.778565][ T9031] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  173.788460][ T9059] gretap0: entered promiscuous mode
[  173.794227][ T9059] bridge0: port 1(gretap0) entered blocking state
[  173.800694][ T9059] bridge0: port 1(gretap0) entered forwarding state
[  173.827197][ T9065] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.1923: corrupted inode contents
[  173.853231][ T9065] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #2: comm syz.1.1923: mark_inode_dirty error
[  173.854406][ T9065] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.1923: corrupted inode contents
[  173.855106][ T9065] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.1923: mark_inode_dirty error
[  173.906970][ T9074] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=9074 comm=syz.1.1923
[  173.907024][ T9074] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=60 sclass=netlink_route_socket pid=9074 comm=syz.1.1923
[  173.907075][ T9074] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=64 sclass=netlink_route_socket pid=9074 comm=syz.1.1923
[  173.985698][ T9074] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  174.091320][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.219485][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.258895][ T9094] netlink: 'syz.0.1937': attribute type 12 has an invalid length.
[  174.318609][ T9097] loop0: detected capacity change from 0 to 128
[  174.366483][ T9099] ------------[ cut here ]------------
[  174.372021][ T9099] verifier bug: REG INVARIANTS VIOLATION (false_reg1): range bounds violation u64=[0xfffffffefffff630, 0xffffffff00000000] s64=[0xfffffffefffff630, 0xffffffff00000000] u32=[0x30, 0x8000050] s32=[0x30, 0x0] var_off=(0xfffffffe00000030, 0x10fffffc0)
[  174.396021][ T9099] WARNING: CPU: 0 PID: 9099 at kernel/bpf/verifier.c:2721 reg_bounds_sanity_check+0x673/0x680
[  174.406390][ T9099] Modules linked in:
[  174.410302][ T9099] CPU: 0 UID: 0 PID: 9099 Comm: syz.3.1939 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  174.420096][ T9099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  174.430222][ T9099] RIP: 0010:reg_bounds_sanity_check+0x673/0x680
[  174.436614][ T9099] Code: 7c 24 18 41 ff 74 24 20 55 41 56 4d 89 ee 53 48 8b 5c 24 30 ff 74 24 40 ff 74 24 50 ff 74 24 30 e8 c2 f7 ba ff 48 83 c4 38 90 <0f> 0b 90 90 e9 02 fb ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90
[  174.456436][ T9099] RSP: 0018:ffffc9000fea3408 EFLAGS: 00010282
[  174.462639][ T9099] RAX: cb82c5bdde19c900 RBX: ffff88811950d990 RCX: ffff888120c8a100
[  174.470639][ T9099] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[  174.478665][ T9099] RBP: fffffffe00000030 R08: 0001c9000fea3257 R09: 0000000000000000
[  174.486915][ T9099] R10: 00000000ffffffff R11: 0000000000000000 R12: ffff88811950d950
[  174.494988][ T9099] R13: ffff888120bd0000 R14: ffff888120bd0000 R15: ffff88811950d988
[  174.495007][ T9099] FS:  00007f8b97b776c0(0000) GS:ffff8882aee13000(0000) knlGS:0000000000000000
[  174.495032][ T9099] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  174.495049][ T9099] CR2: 000020000034d000 CR3: 000000011b6aa000 CR4: 00000000003506f0
[  174.495069][ T9099] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  174.495085][ T9099] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  174.495100][ T9099] Call Trace:
[  174.495112][ T9099]  <TASK>
[  174.495126][ T9099]  reg_set_min_max+0x215/0x260
[  174.495155][ T9099]  check_cond_jmp_op+0x1370/0x19e0
[  174.495215][ T9099]  do_check+0x3363/0x8460
[  174.495335][ T9099]  do_check_common+0xc5e/0x12b0
[  174.495366][ T9099]  bpf_check+0xaaae/0xd9d0
[  174.495403][ T9099]  ? __alloc_frozen_pages_noprof+0x188/0x360
[  174.495551][ T9099]  ? __vmap_pages_range_noflush+0xbc4/0xcf0
[  174.495612][ T9099]  ? sysvec_apic_timer_interrupt+0x44/0x80
[  174.495700][ T9099]  ? css_rstat_updated+0xb7/0x240
[  174.495724][ T9099]  ? __rcu_read_unlock+0x4f/0x70
[  174.495757][ T9099]  ? __perf_event_task_sched_in+0xa5b/0xac0
[  174.495875][ T9099]  ? xfd_validate_state+0x45/0xf0
[  174.495944][ T9099]  ? save_fpregs_to_fpstate+0x100/0x160
[  174.496058][ T9099]  ? finish_task_switch+0xad/0x2b0
[  174.496096][ T9099]  ? __schedule+0x6b9/0xb30
[  174.496121][ T9099]  ? should_fail_ex+0x30/0x280
[  174.496141][ T9099]  ? should_failslab+0x8c/0xb0
[  174.496195][ T9099]  ? __kmalloc_noprof+0x2a2/0x570
[  174.496225][ T9099]  ? security_bpf_prog_load+0x60/0x140
[  174.496254][ T9099]  ? selinux_bpf_prog_load+0xad/0xd0
[  174.496390][ T9099]  ? security_bpf_prog_load+0x9e/0x140
[  174.496427][ T9099]  bpf_prog_load+0xf6e/0x1100
[  174.496463][ T9099]  ? security_bpf+0x2b/0x90
[  174.496572][ T9099]  __sys_bpf+0x469/0x7c0
[  174.496590][ T9100] loop3: detected capacity change from 0 to 128
[  174.496682][ T9099]  __x64_sys_bpf+0x41/0x50
[  174.496751][ T9099]  x64_sys_call+0x2aee/0x3000
[  174.496776][ T9099]  do_syscall_64+0xd2/0x200
[  174.496803][ T9099]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  174.496835][ T9099]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  174.496873][ T9099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.496895][ T9099] RIP: 0033:0x7f8b9910efc9
[  174.496982][ T9099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.497006][ T9099] RSP: 002b:00007f8b97b77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  174.497031][ T9099] RAX: ffffffffffffffda RBX: 00007f8b99365fa0 RCX: 00007f8b9910efc9
[  174.497099][ T9099] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005
[  174.497112][ T9099] RBP: 00007f8b99191f91 R08: 0000000000000000 R09: 0000000000000000
[  174.497127][ T9099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  174.497144][ T9099] R13: 00007f8b99366038 R14: 00007f8b99365fa0 R15: 00007fff53026b28
[  174.497182][ T9099]  </TASK>
[  174.497189][ T9099] ---[ end trace 0000000000000000 ]---
[  174.498692][ T9100] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  174.498768][ T9100] FAT-fs (loop3): Filesystem has been set read-only
[  174.498783][ T9100] bio_check_eod: 97 callbacks suppressed
[  174.498808][ T9100] syz.3.1939: attempt to access beyond end of device
[  174.498808][ T9100] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  174.498844][ T9100] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  174.498863][ T9100] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  174.499028][ T9100] syz.3.1939: attempt to access beyond end of device
[  174.499028][ T9100] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  174.499080][ T9100] syz.3.1939: attempt to access beyond end of device
[  174.499080][ T9100] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  174.499205][ T9100] syz.3.1939: attempt to access beyond end of device
[  174.499205][ T9100] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  174.499250][ T9100] syz.3.1939: attempt to access beyond end of device
[  174.499250][ T9100] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  174.499393][ T9100] syz.3.1939: attempt to access beyond end of device
[  174.499393][ T9100] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  174.499432][ T9100] syz.3.1939: attempt to access beyond end of device
[  174.499432][ T9100] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  174.499537][ T9100] syz.3.1939: attempt to access beyond end of device
[  174.499537][ T9100] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  174.499594][ T9100] syz.3.1939: attempt to access beyond end of device
[  174.499594][ T9100] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  174.499632][ T9100] syz.3.1939: attempt to access beyond end of device
[  174.499632][ T9100] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  174.807103][ T9118] netlink: 'syz.4.1945': attribute type 21 has an invalid length.
[  174.857569][ T9125] netlink: 'syz.3.1948': attribute type 12 has an invalid length.
[  174.901115][ T9130] __nla_validate_parse: 9 callbacks suppressed
[  174.901136][ T9130] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1950'.
[  175.241663][ T9151] FAULT_INJECTION: forcing a failure.
[  175.241663][ T9151] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  175.241703][ T9151] CPU: 1 UID: 0 PID: 9151 Comm: syz.0.1958 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  175.241741][ T9151] Tainted: [W]=WARN
[  175.241747][ T9151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  175.241818][ T9151] Call Trace:
[  175.241826][ T9151]  <TASK>
[  175.241834][ T9151]  __dump_stack+0x1d/0x30
[  175.241863][ T9151]  dump_stack_lvl+0xe8/0x140
[  175.241890][ T9151]  dump_stack+0x15/0x1b
[  175.241913][ T9151]  should_fail_ex+0x265/0x280
[  175.241970][ T9151]  should_fail+0xb/0x20
[  175.241990][ T9151]  should_fail_usercopy+0x1a/0x20
[  175.242011][ T9151]  _copy_from_user+0x1c/0xb0
[  175.242036][ T9151]  ___sys_sendmsg+0xc1/0x1d0
[  175.242095][ T9151]  __x64_sys_sendmsg+0xd4/0x160
[  175.242167][ T9151]  x64_sys_call+0x191e/0x3000
[  175.242196][ T9151]  do_syscall_64+0xd2/0x200
[  175.242220][ T9151]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  175.242257][ T9151]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  175.242374][ T9151]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.242471][ T9151] RIP: 0033:0x7f5416d7efc9
[  175.242488][ T9151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  175.242509][ T9151] RSP: 002b:00007f54157e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  175.242532][ T9151] RAX: ffffffffffffffda RBX: 00007f5416fd5fa0 RCX: 00007f5416d7efc9
[  175.242547][ T9151] RDX: 0000000004000c00 RSI: 0000200000000180 RDI: 0000000000000006
[  175.242641][ T9151] RBP: 00007f54157e7090 R08: 0000000000000000 R09: 0000000000000000
[  175.242656][ T9151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  175.242672][ T9151] R13: 00007f5416fd6038 R14: 00007f5416fd5fa0 R15: 00007ffc7c480cf8
[  175.242695][ T9151]  </TASK>
[  175.295403][ T9154] netlink: 'syz.0.1959': attribute type 12 has an invalid length.
[  175.486903][ T9161] loop0: detected capacity change from 0 to 2048
[  175.556152][ T9163] loop2: detected capacity change from 0 to 2048
[  175.635017][ T9163] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.647713][ T9161] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.654675][ T9165] FAULT_INJECTION: forcing a failure.
[  175.654675][ T9165] name failslab, interval 1, probability 0, space 0, times 0
[  175.659926][ T9161] ext4 filesystem being mounted at /302/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  175.672565][ T9165] CPU: 0 UID: 0 PID: 9165 Comm: syz.3.1964 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  175.672658][ T9165] Tainted: [W]=WARN
[  175.672668][ T9165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  175.672686][ T9165] Call Trace:
[  175.672696][ T9165]  <TASK>
[  175.672709][ T9165]  __dump_stack+0x1d/0x30
[  175.672742][ T9165]  dump_stack_lvl+0xe8/0x140
[  175.672833][ T9165]  dump_stack+0x15/0x1b
[  175.672859][ T9165]  should_fail_ex+0x265/0x280
[  175.672888][ T9165]  should_failslab+0x8c/0xb0
[  175.672973][ T9165]  kmem_cache_alloc_noprof+0x50/0x480
[  175.673013][ T9165]  ? __anon_vma_prepare+0xcd/0x2f0
[  175.673068][ T9165]  __anon_vma_prepare+0xcd/0x2f0
[  175.673096][ T9165]  __vmf_anon_prepare+0x91/0x100
[  175.673128][ T9165]  hugetlb_fault+0x770/0x1b50
[  175.673175][ T9165]  handle_mm_fault+0x1861/0x2be0
[  175.673242][ T9165]  ? down_read+0x77/0xe0
[  175.673289][ T9165]  __get_user_pages+0x102a/0x1ed0
[  175.673336][ T9165]  __gup_longterm_locked+0x8ef/0xe60
[  175.673395][ T9165]  ? exc_page_fault+0x62/0xa0
[  175.673440][ T9165]  ? process_vm_rw+0x27c/0x960
[  175.673483][ T9165]  pin_user_pages_remote+0x7e/0xb0
[  175.673558][ T9165]  process_vm_rw+0x484/0x960
[  175.673675][ T9165]  __x64_sys_process_vm_readv+0x78/0x90
[  175.673719][ T9165]  x64_sys_call+0x1874/0x3000
[  175.673751][ T9165]  do_syscall_64+0xd2/0x200
[  175.673778][ T9165]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  175.673949][ T9165]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  175.674038][ T9165]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.674071][ T9165] RIP: 0033:0x7f8b9910efc9
[  175.674093][ T9165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  175.674144][ T9165] RSP: 002b:00007f8b97b77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[  175.674171][ T9165] RAX: ffffffffffffffda RBX: 00007f8b99365fa0 RCX: 00007f8b9910efc9
[  175.674190][ T9165] RDX: 0000000000000002 RSI: 0000200000008400 RDI: 000000000000041d
[  175.674208][ T9165] RBP: 00007f8b97b77090 R08: 0000000000000286 R09: 0000000000000000
[  175.674280][ T9165] R10: 0000200000008640 R11: 0000000000000246 R12: 0000000000000001
[  175.674298][ T9165] R13: 00007f8b99366038 R14: 00007f8b99365fa0 R15: 00007fff53026b28
[  175.674325][ T9165]  </TASK>
[  175.792495][ T9163] ext4 filesystem being mounted at /454/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  175.891358][ T9172] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1965'.
[  175.911658][ T9163] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1963'.
[  176.012905][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.042524][ T9187] netlink: 'syz.3.1970': attribute type 12 has an invalid length.
[  176.170304][ T9192] SELinux: ebitmap: truncated map
[  176.176333][ T9192] SELinux: failed to load policy
[  176.181834][ T9197] netlink: 'syz.2.1974': attribute type 3 has an invalid length.
[  176.207535][ T9199] netlink: 'syz.3.1975': attribute type 12 has an invalid length.
[  176.238658][   T29] kauditd_printk_skb: 197 callbacks suppressed
[  176.238675][   T29] audit: type=1326 audit(1762006566.778:4740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9200 comm="syz.2.1976" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f328241efc9 code=0x0
[  176.315250][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.378669][ T9206] loop3: detected capacity change from 0 to 8192
[  176.413077][   T36] hid_parser_main: 32 callbacks suppressed
[  176.413153][   T36] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x4
[  176.417818][ T9214] netlink: 'syz.0.1981': attribute type 12 has an invalid length.
[  176.419046][   T36] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x2
[  176.449283][ T9216] 9pnet_fd: Insufficient options for proto=fd
[  176.462258][   T36] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x3
[  176.482344][   T36] hid-generic 0000:3000000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  176.517590][   T29] audit: type=1326 audit(1762006567.058:4741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9221 comm="syz.0.1985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5416d7efc9 code=0x7ffc0000
[  176.558689][ T9222] lo speed is unknown, defaulting to 1000
[  176.569165][   T29] audit: type=1326 audit(1762006567.088:4742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9221 comm="syz.0.1985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5416d7d810 code=0x7ffc0000
[  176.592798][   T29] audit: type=1326 audit(1762006567.088:4743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9221 comm="syz.0.1985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f5416d807f7 code=0x7ffc0000
[  176.616300][   T29] audit: type=1326 audit(1762006567.088:4744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9221 comm="syz.0.1985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5416d7efc9 code=0x7ffc0000
[  176.639819][   T29] audit: type=1326 audit(1762006567.088:4745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9221 comm="syz.0.1985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f5416d807f7 code=0x7ffc0000
[  176.644943][ T9225] hub 9-0:1.0: USB hub found
[  176.663483][   T29] audit: type=1326 audit(1762006567.088:4746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9221 comm="syz.0.1985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5416d7dc2a code=0x7ffc0000
[  176.663523][   T29] audit: type=1326 audit(1762006567.088:4747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9221 comm="syz.0.1985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5416d7efc9 code=0x7ffc0000
[  176.688518][ T9225] hub 9-0:1.0: 8 ports detected
[  176.691669][   T29] audit: type=1326 audit(1762006567.088:4748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9221 comm="syz.0.1985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f5416d80e5c code=0x7ffc0000
[  176.737964][ T9222] lo speed is unknown, defaulting to 1000
[  176.743261][   T29] audit: type=1326 audit(1762006567.088:4749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9221 comm="syz.0.1985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f5416d80d94 code=0x7ffc0000
[  176.820475][ T9230] netlink: 'syz.3.1987': attribute type 12 has an invalid length.
[  176.866928][ T9237] loop0: detected capacity change from 0 to 128
[  176.878614][ T9237] FAT-fs (loop0): bogus number of directory entries (390)
[  176.885900][ T9237] FAT-fs (loop0): Can't find a valid FAT filesystem
[  176.950906][ T9242] 9pnet_fd: Insufficient options for proto=fd
[  177.105459][   T36] lo speed is unknown, defaulting to 1000
[  177.111314][   T36] syz2: Port: 1 Link DOWN
[  177.256420][ T9271] 9pnet_fd: Insufficient options for proto=fd
[  177.300643][ T9275] loop3: detected capacity change from 0 to 128
[  177.551288][ T9289] loop0: detected capacity change from 0 to 1024
[  177.563845][ T9289] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  177.835783][ T9289] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=55 sclass=netlink_route_socket pid=9289 comm=syz.0.2012
[  177.856454][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.150042][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.514775][ T9333] loop0: detected capacity change from 0 to 128
[  178.662487][ T9340] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=55 sclass=netlink_route_socket pid=9340 comm=syz.4.2028
[  178.714637][ T9288] Set syz1 is full, maxelem 65536 reached
[  178.934912][ T9348] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.968895][ T9347] loop2: detected capacity change from 0 to 512
[  178.975694][ T9347] EXT4-fs: Ignoring removed nomblk_io_submit option
[  178.982969][ T9347] EXT4-fs: Ignoring removed oldalloc option
[  178.992389][ T9347] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm +\{]: Parent and EA inode have the same ino 15
[  179.005634][ T9347] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm +\{]: Parent and EA inode have the same ino 15
[  179.020283][ T9347] EXT4-fs (loop2): 1 orphan inode deleted
[  179.026706][ T9347] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  179.128775][ T9348] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.419881][ T9348] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.460275][ T9365] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2036'.
[  179.533548][ T9348] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.593934][ T9329] Set syz1 is full, maxelem 65536 reached
[  179.639015][ T9376] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2039'.
[  179.660072][ T6775] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  179.678072][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.690473][ T9381] validate_nla: 4 callbacks suppressed
[  179.690501][ T9381] netlink: 'syz.3.2043': attribute type 12 has an invalid length.
[  179.715913][ T6775] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  179.734038][ T6775] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  179.737838][ T9384] loop3: detected capacity change from 0 to 1024
[  179.744577][ T9387] netlink: 'syz.4.2044': attribute type 12 has an invalid length.
[  179.757046][ T9384] EXT4-fs: Ignoring removed orlov option
[  179.765534][ T9384] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.778591][ T9384] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.793404][ T9394] siw: device registration error -23
[  180.154615][ T9416] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2053'.
[  180.188742][ T9414] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=51 sclass=netlink_route_socket pid=9414 comm=syz.4.2052
[  180.274913][ T9427] netlink: 'syz.4.2056': attribute type 3 has an invalid length.
[  180.351413][ T9431] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2058'.
[  180.754487][ T9454] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  180.763376][ T9454] ref_ctr increment failed for inode: 0x7dd offset: 0x4 ref_ctr_offset: 0x2 of mm: 0xffff88810005d640
[  180.786799][ T9455] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2065'.
[  180.914870][ T9461] netlink: 'syz.4.2067': attribute type 3 has an invalid length.
[  180.995378][ T9465] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2069'.
[  181.054830][ T9469] netlink: 'syz.4.2070': attribute type 12 has an invalid length.
[  181.130292][ T9344] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.234013][ T9344] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.279223][ T9419] Set syz1 is full, maxelem 65536 reached
[  181.305240][ T9491] netlink: 'syz.3.2078': attribute type 3 has an invalid length.
[  181.325803][ T9344] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.386911][ T9498] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2081'.
[  181.409397][ T9505] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2083'.
[  181.456058][   T29] kauditd_printk_skb: 3386 callbacks suppressed
[  181.456077][   T29] audit: type=1400 audit(1762006571.998:8136): avc:  denied  { name_bind } for  pid=9509 comm="syz.4.2085" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  181.489403][   T29] audit: type=1400 audit(1762006571.998:8137): avc:  denied  { create } for  pid=9509 comm="syz.4.2085" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  181.671325][   T29] audit: type=1400 audit(1762006572.208:8138): avc:  denied  { mount } for  pid=9515 comm="syz.1.2086" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  181.711492][ T9516] vhci_hcd: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub
[  181.742203][ T9516] Timeout policy `syz1' can only be used by L3 protocol number 35092
[  181.750690][   T29] audit: type=1400 audit(1762006572.268:8139): avc:  denied  { bind } for  pid=9515 comm="syz.1.2086" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  181.771306][   T29] audit: type=1400 audit(1762006572.288:8140): avc:  denied  { read } for  pid=9517 comm="syz.3.2087" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  181.867285][ T9521] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2087'.
[  181.897711][ T6776] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  181.906260][ T6776] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  181.979606][ T6776] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  181.988298][ T6776] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  182.362070][ T9531] netlink: 'syz.4.2091': attribute type 3 has an invalid length.
[  182.382208][ T9529] loop2: detected capacity change from 0 to 4096
[  182.395939][ T9529] EXT4-fs: Ignoring removed nomblk_io_submit option
[  182.443036][ T9529] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  182.616848][   T29] audit: type=1400 audit(1762006572.998:8141): avc:  denied  { add_name } for  pid=9528 comm="syz.2.2090" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  182.637916][   T29] audit: type=1400 audit(1762006572.998:8142): avc:  denied  { create } for  pid=9528 comm="syz.2.2090" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  182.658276][   T29] audit: type=1400 audit(1762006572.998:8143): avc:  denied  { read write } for  pid=9528 comm="syz.2.2090" name="file2" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  182.681196][   T29] audit: type=1400 audit(1762006572.998:8144): avc:  denied  { open } for  pid=9528 comm="syz.2.2090" path="/473/file0/file2" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  182.704337][   T29] audit: type=1326 audit(1762006573.108:8145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9528 comm="syz.2.2090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f328241efc9 code=0x7ffc0000
[  182.749127][ T9543] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2094'.
[  182.848683][ T9547] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2095'.
[  183.014145][ T9559] Illegal XDP return value 256 on prog  (id 1505) dev syz_tun, expect packet loss!
[  183.043389][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.100928][ T9526] Set syz1 is full, maxelem 65536 reached
[  183.110288][ T9566] netlink: 'syz.2.2102': attribute type 3 has an invalid length.
[  183.150308][ T9570] loop1: detected capacity change from 0 to 512
[  183.165062][ T9572] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2105'.
[  183.190507][ T9569] No such timeout policy "syz1"
[  183.193884][ T9570] EXT4-fs: Ignoring removed nobh option
[  183.233109][ T9570] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #3: comm syz.1.2113: corrupted inode contents
[  183.267127][ T9570] EXT4-fs (loop1): Remounting filesystem read-only
[  183.274943][ T9570] EXT4-fs (loop1): 1 truncate cleaned up
[  183.278050][ T9587] netlink: 'syz.2.2110': attribute type 12 has an invalid length.
[  183.283206][ T9570] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.301102][ T9570] ext4 filesystem being mounted at /381/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  183.329798][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.365808][ T9595] netlink: 'syz.3.2116': attribute type 3 has an invalid length.
[  183.509767][ T9621] capability: warning: `syz.1.2124' uses 32-bit capabilities (legacy support in use)
[  183.587986][ T9623] lo speed is unknown, defaulting to 1000
[  183.597355][ T9624] 9pnet_fd: Insufficient options for proto=fd
[  183.638790][ T9623] lo speed is unknown, defaulting to 1000
[  183.762418][ T9623] SELinux: security_context_str_to_sid () failed with errno=-22
[  183.812265][   T12] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  183.834451][   T12] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  183.852986][   T12] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  183.870268][   T12] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  183.923499][ T9646] SELinux: security_context_str_to_sid () failed with errno=-22
[  183.970136][ T9656] loop0: detected capacity change from 0 to 512
[  183.977122][ T9656] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  184.474193][ T9697] loop1: detected capacity change from 0 to 512
[  184.483556][ T9697] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  184.502827][ T9697] EXT4-fs (loop1): invalid journal inode
[  184.516095][ T9697] EXT4-fs (loop1): can't get journal size
[  184.542249][ T9697] EXT4-fs (loop1): 1 truncate cleaned up
[  184.548639][ T9697] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  184.561907][ T9697] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.626787][ T9703] loop1: detected capacity change from 0 to 512
[  184.641339][ T9703] EXT4-fs: Ignoring removed nomblk_io_submit option
[  184.648252][ T9703] EXT4-fs: Ignoring removed oldalloc option
[  184.710357][ T9707] loop3: detected capacity change from 0 to 4096
[  184.720081][ T9708] siw: device registration error -23
[  184.726707][ T9707] EXT4-fs: Ignoring removed nomblk_io_submit option
[  184.736529][ T9703] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm +\{]: Parent and EA inode have the same ino 15
[  184.756446][ T9703] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm +\{]: Parent and EA inode have the same ino 15
[  184.764814][ T9707] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.769085][ T9703] EXT4-fs (loop1): 1 orphan inode deleted
[  184.788372][ T9703] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  184.849617][ T9712] loop2: detected capacity change from 0 to 4096
[  184.872218][ T9712] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.872640][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.935294][ T9712] xt_addrtype: both incoming and outgoing interface limitation cannot be selected
[  184.963714][ T9712] ªªªªªª: renamed from vlan0
[  185.016691][ T9718] loop1: detected capacity change from 0 to 512
[  185.065100][ T9718] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.104264][ T9648] Set syz1 is full, maxelem 65536 reached
[  185.119761][ T9718] ext4 filesystem being mounted at /387/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  185.169891][ T9718] SELinux:  Context c is not valid (left unmapped).
[  185.183108][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.204003][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.248875][ T9734] __nla_validate_parse: 5 callbacks suppressed
[  185.248935][ T9734] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2161'.
[  185.260285][ T9738] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2159'.
[  185.297923][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.324724][ T9745] loop3: detected capacity change from 0 to 512
[  185.331425][ T9745] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  185.340652][ T9745] EXT4-fs (loop3): invalid journal inode
[  185.346528][ T9745] EXT4-fs (loop3): can't get journal size
[  185.353051][ T9745] EXT4-fs (loop3): 1 truncate cleaned up
[  185.359217][ T9745] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  185.372963][ T9745] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.525120][ T9764] team0: No ports can be present during mode change
[  185.531983][ T9764] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2171'.
[  185.564001][ T9764] team0 (unregistering): Port device team_slave_0 removed
[  185.592645][ T9764] team0 (unregistering): Port device team_slave_1 removed
[  185.628854][ T9768] loop1: detected capacity change from 0 to 1024
[  185.635452][ T9764] team0 (unregistering): Port device bridge2 removed
[  185.646839][ T9768] EXT4-fs: quotafile must be on filesystem root
[  185.664940][ T9768] loop1: detected capacity change from 0 to 2048
[  185.703737][ T9768] Alternate GPT is invalid, using primary GPT.
[  185.710156][ T9768]  loop1: p1 p2 p3
[  185.738516][ T9775] loop3: detected capacity change from 0 to 1024
[  185.745377][ T9775] EXT4-fs: inline encryption not supported
[  185.765346][ T9775] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.796911][ T9781] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2184'.
[  185.805866][ T9781] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2184'.
[  185.831842][ T9775] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2175'.
[  185.843804][ T9775] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2175'.
[  185.852837][ T9775] netlink: 312 bytes leftover after parsing attributes in process `syz.3.2175'.
[  185.861941][ T9775] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2175'.
[  185.886334][ T9775] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.2175: Allocating blocks 497-513 which overlap fs metadata
[  185.993021][ T9775] EXT4-fs (loop3): Remounting filesystem read-only
[  186.003467][ T9775] EXT4-fs (loop3): pa ffff888106e54460: logic 272, phys. 449, len 4
[  186.063108][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.222805][ T9814] loop1: detected capacity change from 0 to 512
[  186.234075][ T9814] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.247221][ T9814] ext4 filesystem being mounted at /396/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  186.261520][ T9814] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  186.276530][ T9814] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[  186.289111][ T9814] EXT4-fs (loop1): This should not happen!! Data will be lost
[  186.289111][ T9814] 
[  186.298809][ T9814] EXT4-fs (loop1): Total free blocks count 0
[  186.304918][ T9814] EXT4-fs (loop1): Free/Dirty block details
[  186.310873][ T9814] EXT4-fs (loop1): free_blocks=65280
[  186.316246][ T9814] EXT4-fs (loop1): dirty_blocks=1
[  186.321290][ T9814] EXT4-fs (loop1): Block reservation details
[  186.327441][ T9814] EXT4-fs (loop1): i_reserved_data_blocks=1
[  186.367127][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.405497][ T9820] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2188'.
[  186.851591][   T29] kauditd_printk_skb: 265 callbacks suppressed
[  186.851610][   T29] audit: type=1400 audit(1762006577.388:8409): avc:  denied  { getopt } for  pid=9827 comm="syz.1.2191" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  186.904887][ T9829] sd 0:0:1:0: device reset
[  186.992107][   T29] audit: type=1400 audit(1762006577.528:8410): avc:  denied  { setopt } for  pid=9830 comm="syz.2.2192" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  187.062327][   T29] audit: type=1326 audit(1762006577.608:8411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9836 comm="syz.4.2195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d887efc9 code=0x7ffc0000
[  187.098446][   T29] audit: type=1326 audit(1762006577.608:8412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9836 comm="syz.4.2195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d887efc9 code=0x7ffc0000
[  187.122188][   T29] audit: type=1326 audit(1762006577.608:8413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9836 comm="syz.4.2195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f89d887efc9 code=0x7ffc0000
[  187.145752][   T29] audit: type=1326 audit(1762006577.608:8414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9836 comm="syz.4.2195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d887efc9 code=0x7ffc0000
[  187.169196][   T29] audit: type=1326 audit(1762006577.608:8415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9836 comm="syz.4.2195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f89d887efc9 code=0x7ffc0000
[  187.192816][   T29] audit: type=1326 audit(1762006577.628:8416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9836 comm="syz.4.2195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d887efc9 code=0x7ffc0000
[  187.216291][   T29] audit: type=1326 audit(1762006577.628:8417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9836 comm="syz.4.2195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d887efc9 code=0x7ffc0000
[  187.239876][   T29] audit: type=1326 audit(1762006577.628:8418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9836 comm="syz.4.2195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f89d887d810 code=0x7ffc0000
[  187.336746][ T9802] Set syz1 is full, maxelem 65536 reached
[  187.377250][ T9854] FAULT_INJECTION: forcing a failure.
[  187.377250][ T9854] name failslab, interval 1, probability 0, space 0, times 0
[  187.389992][ T9854] CPU: 0 UID: 0 PID: 9854 Comm: syz.3.2201 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  187.390026][ T9854] Tainted: [W]=WARN
[  187.390032][ T9854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  187.390045][ T9854] Call Trace:
[  187.390119][ T9854]  <TASK>
[  187.390129][ T9854]  __dump_stack+0x1d/0x30
[  187.390157][ T9854]  dump_stack_lvl+0xe8/0x140
[  187.390182][ T9854]  dump_stack+0x15/0x1b
[  187.390205][ T9854]  should_fail_ex+0x265/0x280
[  187.390261][ T9854]  should_failslab+0x8c/0xb0
[  187.390298][ T9854]  kmem_cache_alloc_noprof+0x50/0x480
[  187.390387][ T9854]  ? audit_log_start+0x342/0x720
[  187.390416][ T9854]  audit_log_start+0x342/0x720
[  187.390443][ T9854]  ? kstrtouint+0x76/0xc0
[  187.390485][ T9854]  audit_seccomp+0x48/0x100
[  187.390609][ T9854]  ? __seccomp_filter+0x82d/0x1250
[  187.390678][ T9854]  __seccomp_filter+0x83e/0x1250
[  187.390722][ T9854]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  187.390763][ T9854]  ? vfs_write+0x7e8/0x960
[  187.390866][ T9854]  ? __rcu_read_unlock+0x4f/0x70
[  187.390899][ T9854]  ? __fget_files+0x184/0x1c0
[  187.390999][ T9854]  __secure_computing+0x82/0x150
[  187.391068][ T9854]  syscall_trace_enter+0xcf/0x1e0
[  187.391156][ T9854]  do_syscall_64+0xac/0x200
[  187.391175][ T9854]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  187.391211][ T9854]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  187.391254][ T9854]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.391284][ T9854] RIP: 0033:0x7f8b9910efc9
[  187.391303][ T9854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.391326][ T9854] RSP: 002b:00007f8b97b77038 EFLAGS: 00000246 ORIG_RAX: 000000000000007b
[  187.391359][ T9854] RAX: ffffffffffffffda RBX: 00007f8b99365fa0 RCX: 00007f8b9910efc9
[  187.391375][ T9854] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  187.391390][ T9854] RBP: 00007f8b97b77090 R08: 0000000000000000 R09: 0000000000000000
[  187.391421][ T9854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.391435][ T9854] R13: 00007f8b99366038 R14: 00007f8b99365fa0 R15: 00007fff53026b28
[  187.391458][ T9854]  </TASK>
[  187.650063][ T9860] loop2: detected capacity change from 0 to 128
[  187.669551][ T9860] EXT4-fs: Ignoring removed nobh option
[  187.695549][ T9860] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  187.711715][ T9860] ext4 filesystem being mounted at /495/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  187.735297][ T9868] loop3: detected capacity change from 0 to 512
[  187.744245][ T9860] ==================================================================
[  187.752379][ T9860] BUG: KCSAN: data-race in find_get_block_common / has_bh_in_lru
[  187.760149][ T9860] 
[  187.762477][ T9860] read-write to 0xffff888237d26fd0 of 8 bytes by task 9868 on cpu 1:
[  187.770553][ T9860]  find_get_block_common+0x4f0/0x960
[  187.775863][ T9860]  bdev_getblk+0x30d/0x3b0
[  187.780321][ T9860]  ext4_sb_breadahead_unmovable+0x45/0x180
[  187.786177][ T9860]  ext4_group_desc_init+0x5cc/0x1580
[  187.791476][ T9860]  ext4_fill_super+0x1f48/0x3810
[  187.796426][ T9860]  get_tree_bdev_flags+0x291/0x300
[  187.801551][ T9860]  get_tree_bdev+0x1f/0x30
[  187.805989][ T9860]  ext4_get_tree+0x1c/0x30
[  187.810414][ T9860]  vfs_get_tree+0x57/0x1d0
[  187.814845][ T9860]  do_new_mount+0x24d/0x660
[  187.819360][ T9860]  path_mount+0x4a5/0xb70
[  187.823699][ T9860]  __se_sys_mount+0x28c/0x2e0
[  187.828391][ T9860]  __x64_sys_mount+0x67/0x80
[  187.832998][ T9860]  x64_sys_call+0x2b51/0x3000
[  187.837718][ T9860]  do_syscall_64+0xd2/0x200
[  187.842228][ T9860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.848134][ T9860] 
[  187.850460][ T9860] read to 0xffff888237d26fd0 of 8 bytes by task 9860 on cpu 0:
[  187.858003][ T9860]  has_bh_in_lru+0x35/0x1f0
[  187.862527][ T9860]  smp_call_function_many_cond+0x2a9/0xc60
[  187.868353][ T9860]  on_each_cpu_cond_mask+0x3c/0x80
[  187.873477][ T9860]  invalidate_bh_lrus+0x2a/0x30
[  187.878345][ T9860]  invalidate_bdev+0x42/0x70
[  187.882940][ T9860]  loop_set_status+0x133/0x6a0
[  187.887726][ T9860]  lo_ioctl+0x671/0x12b0
[  187.891991][ T9860]  blkdev_ioctl+0x356/0x440
[  187.896505][ T9860]  __se_sys_ioctl+0xce/0x140
[  187.901103][ T9860]  __x64_sys_ioctl+0x43/0x50
[  187.905705][ T9860]  x64_sys_call+0x1816/0x3000
[  187.910456][ T9860]  do_syscall_64+0xd2/0x200
[  187.914968][ T9860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.920876][ T9860] 
[  187.923203][ T9860] value changed: 0xffff888119cb9958 -> 0xffff888119cb99c0
[  187.930312][ T9860] 
[  187.932638][ T9860] Reported by Kernel Concurrency Sanitizer on:
[  187.938792][ T9860] CPU: 0 UID: 0 PID: 9860 Comm: syz.2.2204 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  187.950178][ T9860] Tainted: [W]=WARN
[  187.953999][ T9860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  187.964065][ T9860] ==================================================================
[  187.985900][ T9868] EXT4-fs (loop3): orphan cleanup on readonly fs
[  187.992867][ T9858] xt_addrtype: both incoming and outgoing interface limitation cannot be selected
[  188.003104][ T9868] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.2208: bad orphan inode 13
[  188.013575][ T9868] ext4_test_bit(bit=12, block=18) = 1
[  188.019010][ T9868] is_bad_inode(inode)=0
[  188.023217][ T9868] NEXT_ORPHAN(inode)=2130706432
[  188.028099][ T9868] max_ino=32
[  188.031311][ T9868] i_nlink=1
[  188.034756][ T9860] loop2: detected capacity change from 128 to 0
[  188.042731][ T9868] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  188.052373][ T3323] EXT4-fs warning (device loop2): htree_dirblock_to_tree:1051: inode #2: lblock 0: comm syz-executor: error -5 reading directory block
[  188.070978][ T9868] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  188.081237][   T12] EXT4-fs error (device loop2): __ext4_get_inode_loc_noinmem:4955: inode #12: block 36: comm kworker/u8:0: unable to read itable block
[  188.082107][ T9858] ªªªªªª: renamed from vlan0 (while UP)
[  188.095393][   T12] Buffer I/O error on dev loop2, logical block 1, lost sync page write
[  188.102532][ T9868] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  188.109203][   T12] EXT4-fs (loop2): I/O error while writing superblock
[  188.125377][ T3323] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  188.135669][ T3323] Buffer I/O error on dev loop2, logical block 1, lost sync page write
[  188.144925][ T3323] EXT4-fs (loop2): I/O error while writing superblock
[  188.161736][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.173865][ T6775] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.233518][ T6775] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.293737][ T6775] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.353423][ T6775] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.428549][ T6775] gretap0: left allmulticast mode
[  190.433669][ T6775] gretap0: left promiscuous mode
[  190.438777][ T6775] bridge0: port 1(gretap0) entered disabled state
[  190.554232][ T6775] bond0 (unregistering): Released all slaves