last executing test programs:

3.254201889s ago: executing program 2 (id=838):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003b00)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000080)={0x43, 0x3, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_LEAVE(r3, 0x10f, 0x88)

3.130102252s ago: executing program 2 (id=839):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x109040)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000080)={0xe4, 0x80000000, 0x1, 'queue0\x00', 0x8})
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r1, 0x408c5333, &(0x7f0000000580)={0x0, 0x9e, 0x0, 'queue0\x00'})

3.015571263s ago: executing program 2 (id=841):
socket$nl_xfrm(0x10, 0x3, 0x6)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x20040, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x11e167, 0x0, 0xfffffffc, 0xb95b5ec032cc8e84}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003b00)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$tipc(0x1e, 0x5, 0x0)
r4 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000080)={0x43, 0x3, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_LEAVE(r4, 0x10f, 0x88)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0), 0xfc, 0x574, &(0x7f00000013c0)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUk4gWC3qvS7INJZtuyW5KEwu2B3vxIkUQsSB69+6x+A/4VxS0UKQEPXiJzGY2XZPZNNlumm3384Fp35uZzZvvvvm+fbOzywbQt8bSfwoRL0fEN0nESMu2wcg2jq3tt/Lw+nS6JLG6+ulfSSTZuub+Sfb/oazyUkT89lXEycLmdmtLy3OlSqW8kNXH6/NXxmtLy6cuzZdmy7Ply5NTU2fempp89523uxbr6+f/+f6Tux+e+fr4yne/3D9yO4mzcTjb1hrHE7jRWhmLsew5GYqzG3ac6EJjvSTZ6wOgIwNZng9FOgaMxECW9blWR57moQG77Ms0rYE+lch/6FPNeUDz2r5L18HPjAfvr10AbY5/cO29kRhuXBsdXEn+d2WUXu+OdqH9tI1f/7xzO12i3fsQ+7vQEMAGN25GxOnBwc3jX5KNf507vY19NrbRb68/sJfupvOfN/LmP4X1+U/kzH8O5eRuJx6f/4X7XWimrXT+917u/Hf9ptXoQFZ7oTHnG0ouXqqU07HtxYg4EUP70/pERHyQfxPk88LKvdV27bfO/9Ilbb85F8yO4/7ghvnfTKleevLI1zy4GfFK7vw3We//JKf/0+fj/DbbOFa+82q7bY+Pf3et/hTxWm7/P+rMZOv7k+ON82G8eVZs9vetY7+3a3+v40/7/+DW8Y8mrfdraztv48fhf8vttnV6/u9LPmuU92XrrpXq9YWJiH3Jx5vXTz56bLPe3D+N/8Txrce/vPP/QJrY24z/1tFbrbsO7yz+3ZXGP7Oj/t954d5HX/zQrv3t9f+bjdKJbM12xr/tHuCTPHcAAAAAAADQawoRcTiSQnG9XCgUi2uf7zgaBwuVaq1+8mJ18fJMNL4rOxpDhead7pGWz0NMZJ+HbdYnN9SnIuJIRHw7cKBRL05XKzN7HTwAAAAAAAAAAAAAAAAAAAD0iEMRw3nf/0/9MZD/mDargWfRFj/5DTzn2ud/tqUbv/QE9CSv/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0L/kP/Wsn+f/zuV08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg+nD93Ll1WVx5en07rM1eXFueqV0/NlGtzxfnF6eJ0deFKcbZana2Ui9PV+cf9vUq1emViMhavjdfLtfp4bWn5wnx18XL9wqX50mz5QnnoqUQFAAAAAAAAAAAAAAAAAAAAz5ba0vJcqVIpLygodFQY7I3D6MFCoTcOo8PCXo9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDIfwEAAP//wGE62g==")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0xa0000, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r5, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}})
unlink(&(0x7f0000000180)='./file1\x00')

2.115312651s ago: executing program 2 (id=861):
socket$netlink(0x10, 0x3, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x88000, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800"], 0x48)
r2 = syz_open_dev$vcsa(&(0x7f0000000000), 0xf69, 0x4040)
ioctl$TUNSETOFFLOAD(r2, 0x541b, 0xf0ff1f00000002)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff"], &(0x7f0000000300)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
mincore(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0500000003f01f0081000000ffff000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="786a45dcbafc264a00000000fcffffff000000000000000000000800000000000000000027f3efb597d47b291a9468aa0601f0a7d810943d5799ac54a9f5b2af0c5cc3a0152656c5f57b41ca2ca0fe431222947b02dd84e1e0a5aac9bcf875ac2abd5b82d2c2ff3b313f519c51d2ee8d40d697"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000818"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$vsock_stream(0x28, 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="09000000070000000000010003"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00'}, 0x18)
recvmsg(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=""/68, 0x44}], 0x1}, 0x4c2103a0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x32)
write(r5, &(0x7f00000001c0)="49bda8f11851b8436bebb25ac5f8202ffbcc3d0b6c01", 0x16)
sendfile(r5, r0, 0x0, 0x3ffff)
sendfile(r5, r0, 0x0, 0x7ffffffffffffffd)

1.646901058s ago: executing program 4 (id=870):
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
write$binfmt_register(r0, &(0x7f0000000580)={0x3a, 'syz0', 0x3a, 'E', 0x3a, 0xb, 0x3a, ' ', 0x3a, '\x835\tplb\x11\xcd\xb0\x84\x89\xa5\xf1\xdb\x05\xc4\x91\xe0\xd8/as0i\x17\xb5U\xb5\xa6\xdd\xeb\x83\'\x8c4\xaf\xc5\xae(\x03\xab\x85\x91%', 0x3a, './file0', 0x3a, [0x46]}, 0x55)

1.616214441s ago: executing program 4 (id=871):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f0000000180), 0x10)
close(0x3)
r5 = open(&(0x7f0000000300)='.\x00', 0x0, 0x2)
close_range(r5, 0xffffffffffffffff, 0x0)
r6 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000100)=@generic={&(0x7f00000000c0)='./file0\x00', 0x0, 0x18}, 0x18)
r7 = signalfd4(0xffffffffffffffff, &(0x7f0000000400)={[0xfffffffffffffff5]}, 0x8, 0x80000)
ppoll(&(0x7f0000000200)=[{r7, 0x8107}], 0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x11, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x9}, [@ldst={0x0, 0x3, 0x3, 0x8, 0x8, 0xfffffffffffffff4, 0xffffffffffffffff}, @alu={0x7, 0x1, 0x6, 0x2, 0x166adbf97f503edf, 0x40, 0x10}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xa4}}, @map_fd={0x18, 0x9, 0x1, 0x0, r0}, @map_fd={0x18, 0x6, 0x1, 0x0, r6}]}, &(0x7f0000000280)='syzkaller\x00', 0x4, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, 0x25, r7, 0x8, &(0x7f00000002c0)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000300)={0x2, 0xd, 0x80008, 0x6}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000340)=[r0, r0, r0], &(0x7f0000000380)=[{0x0, 0x3, 0xc, 0x4}, {0x4, 0x5, 0xe, 0x7}], 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ec0)={&(0x7f0000000040)='kfree\x00', r1, 0x0, 0xfffffffffffffff4}, 0x18)
r8 = socket(0x10, 0x3, 0x0)
process_mrelease(r7, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0xf1, &(0x7f0000000240)={&(0x7f0000000500)=@newqdisc={0x38, 0x24, 0x3fe3aa0262d8c583, 0x0, 0xf1ffffff, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_HH_FLOWS_LIMIT={0x4}]}}]}, 0x38}}, 0x0)

1.536380868s ago: executing program 3 (id=872):
process_vm_writev(0x0, &(0x7f0000000500)=[{0x0}, {0xffffffffffffffff}], 0x2, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x5, 0x0, 0x0, 0x0, 0x7, 0x8458, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x400, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYRES8=r0, @ANYRES32, @ANYRES16], 0x30}, 0x1, 0x0, 0x0, 0x20000}, 0x54)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0xff38}, 0x90)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0x1ffffffffffffffd}, 0x18)
r5 = socket(0x10, 0x2, 0x0)
sendto$inet6(r5, &(0x7f0000000000)="7800000018002507b9409b14ffff00000204be04020506050e0204094300080004000000040010000d0068d0bf46d32345653600648d0a0012000200000049935ade4a460c89b6ec0cff3959547f509058ba86c902000000004a32000400160005000a0000000000e000e218d1ddf66ed538f25232500000", 0x78, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2208c08, 0x0)
umount2(&(0x7f0000000280)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e24, @loopback}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000e00)={[{@grpquota}, {@sysvgroups}, {@grpjquota}, {@journal_checksum}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x4}}], [{@pcr={'pcr', 0x3d, 0x27}}, {@permit_directio}, {@uid_lt}]}, 0x0, 0x46b, &(0x7f0000000740)="$eJzs28tvVNUfAPDvvX0APx7tD/EBolaJSeOjpQWVhRuNJi4wmugCl7UdSMNADa2JECLFGNyYGBJdG5cm/gXujIlRVyZudW9IiLIBXdXcO/fCdJgpFKa9lfl8ktuec++ZOec793XuOTMB9KyR7E8SsS0ifouIoUZ2eYGRxr9rV85O/33l7HQSS0tv/Znk5a5eOTtdFi1ft7XIjKYR6cdJUcly86fPHJ+q12univz4won3xudPn3l29sTUsdqx2snJQ4cOHph44fnJ57oSZxbX1T0fzu3d/do7F1+fPnLx3Z++ydq7rdjeHEe3jGSB/7WUa932ZLcrq9j2pnTSX2FDWJW+iMh210B+/g9FX9zYeUPx6keVNg5YU9m9aVPnzYtLwD0siapbAFSjvNFnz7/lsk5djw3h8kuNB6As7mvF0tjSH2lRZqDl+babRiLiyOI/X2ZLrNE4BABAs0+nvzgcz7Tr/6XxQFO5HcUcynBE/D8idkbEfRGxKyLuj8jLPhgRD62y/tapoZv7P+mlOwrsNmX9vxeLua3l/b+y9xfDfUVuex7/QHJ0tl7bX3wmozGwKctPrFDHd6/8+lmnbc39v2zJ6i/7gkU7LvW3DNDNTC1M5Z3SLrh8PmJPf7v4k+szAUlE7I6IPat76x1lYvapr/d2KnTr+FfQhXmmpa+y8Baz+BejJf5SsvL85PjmqNf2j5dHxc1+/uXCm53qv6v4u+ByrfG/af+3FhlOmudr51dfx4XfP+n4THOHx386mLydzzMPFus+mFpYODURMZgczvPL1k/eeG2ZL8tnx//ovvbn/87iNVn8D0dEdhA/EhGPRsRjRdsfj4gnImLfCvH/+HLnbWX8kVa0/89HzLS9/l0//lv2/+oTfcd/+LZT/be3/w/mqdFiTX79u4V2zckuF60NvJvPDgAAAP4r0vw78Ek6dj2dpmNjje/w74r/pfW5+YWnj869f3Km8V354RhIy5GuoWI8tD5br00ki8U7NsZHJ4ux4nK89EAxbvx535Y8PzY9V5+pOHbodVs7nP+ZP/qqbh2wxra0XTs5uO4NASrQOo+eLs+ee2M9GwOsK7/Xht51i/M/Xa92AOvP/R96V7vz/1xL3lwA3Jvc/6F3Of+hR6XfV90CoELu/9CT7uZ3/WuY2LwxmlFNYqPulDwRUSbSDdEeiTVKVH1lAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA//+Afus0")
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r7, 0x0, 0x482, &(0x7f00000007c0)={0x84, @private=0xa010101, 0x15, 0x3, 'dh\x00', 0x1, 0x4, 0x8}, 0x2c)

1.535473578s ago: executing program 4 (id=873):
process_vm_writev(0x0, &(0x7f0000000500)=[{0x0}, {0xffffffffffffffff}], 0x2, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x5, 0x0, 0x0, 0x0, 0x7, 0x8458, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x400, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYRES8=r0, @ANYRES32, @ANYRES16], 0x30}, 0x1, 0x0, 0x0, 0x20000}, 0x54)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0xff38}, 0x90)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0x1ffffffffffffffd}, 0x18)
r5 = socket(0x10, 0x2, 0x0)
sendto$inet6(r5, &(0x7f0000000000)="7800000018002507b9409b14ffff00000204be04020506050e0204094300080004000000040010000d0068d0bf46d32345653600648d0a0012000200000049935ade4a460c89b6ec0cff3959547f509058ba86c902000000004a32000400160005000a0000000000e000e218d1ddf66ed538f25232500000", 0x78, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2208c08, 0x0)
umount2(&(0x7f0000000280)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e24, @loopback}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000e00)={[{@grpquota}, {@sysvgroups}, {@grpjquota}, {@journal_checksum}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x4}}], [{@pcr={'pcr', 0x3d, 0x27}}, {@permit_directio}, {@uid_lt}]}, 0x0, 0x46b, &(0x7f0000000740)="$eJzs28tvVNUfAPDvvX0APx7tD/EBolaJSeOjpQWVhRuNJi4wmugCl7UdSMNADa2JECLFGNyYGBJdG5cm/gXujIlRVyZudW9IiLIBXdXcO/fCdJgpFKa9lfl8ktuec++ZOec793XuOTMB9KyR7E8SsS0ifouIoUZ2eYGRxr9rV85O/33l7HQSS0tv/Znk5a5eOTtdFi1ft7XIjKYR6cdJUcly86fPHJ+q12univz4won3xudPn3l29sTUsdqx2snJQ4cOHph44fnJ57oSZxbX1T0fzu3d/do7F1+fPnLx3Z++ydq7rdjeHEe3jGSB/7WUa932ZLcrq9j2pnTSX2FDWJW+iMh210B+/g9FX9zYeUPx6keVNg5YU9m9aVPnzYtLwD0siapbAFSjvNFnz7/lsk5djw3h8kuNB6As7mvF0tjSH2lRZqDl+babRiLiyOI/X2ZLrNE4BABAs0+nvzgcz7Tr/6XxQFO5HcUcynBE/D8idkbEfRGxKyLuj8jLPhgRD62y/tapoZv7P+mlOwrsNmX9vxeLua3l/b+y9xfDfUVuex7/QHJ0tl7bX3wmozGwKctPrFDHd6/8+lmnbc39v2zJ6i/7gkU7LvW3DNDNTC1M5Z3SLrh8PmJPf7v4k+szAUlE7I6IPat76x1lYvapr/d2KnTr+FfQhXmmpa+y8Baz+BejJf5SsvL85PjmqNf2j5dHxc1+/uXCm53qv6v4u+ByrfG/af+3FhlOmudr51dfx4XfP+n4THOHx386mLydzzMPFus+mFpYODURMZgczvPL1k/eeG2ZL8tnx//ovvbn/87iNVn8D0dEdhA/EhGPRsRjRdsfj4gnImLfCvH/+HLnbWX8kVa0/89HzLS9/l0//lv2/+oTfcd/+LZT/be3/w/mqdFiTX79u4V2zckuF60NvJvPDgAAAP4r0vw78Ek6dj2dpmNjje/w74r/pfW5+YWnj869f3Km8V354RhIy5GuoWI8tD5br00ki8U7NsZHJ4ux4nK89EAxbvx535Y8PzY9V5+pOHbodVs7nP+ZP/qqbh2wxra0XTs5uO4NASrQOo+eLs+ee2M9GwOsK7/Xht51i/M/Xa92AOvP/R96V7vz/1xL3lwA3Jvc/6F3Of+hR6XfV90CoELu/9CT7uZ3/WuY2LwxmlFNYqPulDwRUSbSDdEeiTVKVH1lAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA//+Afus0")
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt(r6, 0x200000000114, 0x2716, &(0x7f0000019580)=""/102394, &(0x7f0000000040)=0x18ffa)

1.32035252s ago: executing program 2 (id=876):
socket$netlink(0x10, 0x3, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x88000, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800"], 0x48)
r2 = syz_open_dev$vcsa(&(0x7f0000000000), 0xf69, 0x4040)
ioctl$TUNSETOFFLOAD(r2, 0x541b, 0xf0ff1f00000002)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000"], &(0x7f0000000300)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
mincore(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0500000003f01f0081000000ffff000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="786a45dcbafc264a00000000fcffffff000000000000000000000800000000000000000027f3efb597d47b291a9468aa0601f0a7d810943d5799ac54a9f5b2af0c5cc3a0152656c5f57b41ca2ca0fe431222947b02dd84e1e0a5aac9bcf875ac2abd5b82d2c2ff3b313f519c51d2ee8d40d697"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000818"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$vsock_stream(0x28, 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="09000000070000000000010003"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00'}, 0x18)
recvmsg(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=""/68, 0x44}], 0x1}, 0x4c2103a0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x32)
write(r5, &(0x7f00000001c0)="49bda8f11851b8436bebb25ac5f8202ffbcc3d0b6c01", 0x16)
sendfile(r5, r0, 0x0, 0x3ffff)
sendfile(r5, r0, 0x0, 0x7ffffffffffffffd)

1.168827175s ago: executing program 3 (id=877):
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_version\x00', 0x2, 0x0)
r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x101201, 0x0)
ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000600)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x19, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18008000000000000000000000000000180100002020702500000000002020217b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b704000000000000000000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xb, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x4000002, 0x3032, 0xffffffffffffffff, 0x2a1cf000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000d00)=ANY=[], &(0x7f0000000740)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x60d1}, 0x94)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x100010, r3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r2}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000140)={'vxcan1\x00', <r5=>0x0})
r6 = getpgid(0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x5, 0x0, &(0x7f0000000180), &(0x7f0000000440)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41100, 0x42, '\x00', 0x0, @fallback=0x2d, r0, 0x8, &(0x7f00000005c0)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000800)={0x3, 0xd, 0x5, 0xffff}, 0x10, 0x0, r2, 0x0, &(0x7f00000008c0)=[r3, 0xffffffffffffffff, r0, r3, r0, 0xffffffffffffffff, r0, r3], &(0x7f0000000900), 0x10, 0x4}, 0x94)
bind$can_raw(r4, &(0x7f0000000000)={0x1d, r5}, 0x10)
tkill(r6, 0x2e)
setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000780)={{0xa, 0x4e22, 0x2, @private0, 0x9}, {0xa, 0x24, 0x9, @private0, 0xfffffff7}, 0xffffffffffffffff, {[0xf, 0x401, 0x2a4, 0x2, 0xfff, 0xa6, 0x7, 0x8a0e]}}, 0x5c)
bind$can_raw(r4, &(0x7f0000000080), 0x10)

1.040739577s ago: executing program 1 (id=879):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, 0x0, 0x20000000)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r1}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
setsockopt$MRT_ADD_VIF(0xffffffffffffffff, 0x0, 0xca, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x8, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000700000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000ccae265a428feefe6fe4b2acb4794c7905"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x18)
syslog(0x2, &(0x7f0000002ec0)=""/4096, 0x1000)

1.004040821s ago: executing program 0 (id=880):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008"], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
syz_io_uring_setup(0x1902, 0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000900)={'syztnl1\x00', 0x0})
sendmmsg$inet(r0, &(0x7f0000000940)=[{{&(0x7f0000000580)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1100000091c10faab1c1d9160100040000000000bed5100000000000000000000000070004001c000000000000000000000008004506b00bc4c9acfdad6205eb0ca1f4cf4b0cd0526c8f523f8b0c3b9178f74164", @ANYRES32=0x0, @ANYBLOB="ac141425ac1414bb00000000"], 0x48}}], 0x1, 0x881c)

981.605783ms ago: executing program 3 (id=881):
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
write$binfmt_register(r0, &(0x7f0000000580)={0x3a, 'syz0', 0x3a, 'E', 0x3a, 0xb, 0x3a, ' ', 0x3a, '\x835\tplb\x11\xcd\xb0\x84\x89\xa5\xf1\xdb\x05\xc4\x91\xe0\xd8/as0i\x17\xb5U\xb5\xa6\xdd\xeb\x83\'\x8c4\xaf\xc5\xae(\x03\xab\x85\x91%', 0x3a, './file0', 0x3a, [0x46]}, 0x55)

914.92351ms ago: executing program 3 (id=882):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000"], 0x50)
bpf$TOKEN_CREATE(0x24, &(0x7f00000005c0)={0x0, r0}, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x8, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x5d6c}, 0x18)
r3 = syz_io_uring_setup(0x5c2, &(0x7f00000005c0)={0x0, 0x3, 0x0, 0x1}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000200)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000004c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x38, 0x3, r3, 0x0, 0x0, 0x0, 0x1, 0x1, {0x2}})
io_uring_enter(r3, 0x6e2, 0x600, 0x1, 0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r6, &(0x7f0000000b00)={0x0, 0x0, 0x0}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/18, @ANYRES32=r7, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x40000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x4000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000040)={0x0, 0x4000000, 0x8, 0xd, 0x200, &(0x7f0000000080)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000a0000fdfd000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000005000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000000)={'syzkaller0\x00', 0x2})
ioctl$TUNSETLINK(r8, 0x400454cd, 0x339)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r10, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x5, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40848c0}, 0x0)
sendmsg$NFQNL_MSG_VERDICT_BATCH(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000100)={0x14, 0x3, 0x3, 0x101}, 0x14}, 0x1, 0x0, 0x0, 0xc0000}, 0x4)

893.709451ms ago: executing program 0 (id=883):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x4}, 0x18)
prlimit64(0x0, 0xe, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0x60, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0xb76e}, 0x223, 0x1, 0xfffffffc, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x800, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200a}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000080), 0x205, 0x101301)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="02040509020000002dbd7000"], 0x10}, 0x1, 0x400000000000000}, 0x40000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000540)=@bpf_tracing={0x1a, 0x1, &(0x7f0000000080)=@raw=[@alu={0x0, 0x0, 0x8, 0x6, 0x6, 0xffffffffffffffff}], 0x0, 0x7, 0x0, 0x0, 0x41000, 0x30, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2a541, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000140)=[{0x0}, {0x0}], 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20)

892.883301ms ago: executing program 4 (id=884):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x20400, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001000)={0x17, 0xc, &(0x7f00000010c0)=ANY=[@ANYRESHEX=r0, @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2b, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000000c000000bca30000000000002403000020feffff620af8fff8ffffff71a4f8ff000000001f03000000000000e5000300000000002604fdffff02000014010000033800001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xf8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0x1}, 0x48)
r3 = socket$netlink(0x10, 0x3, 0x0)
connect$tipc(0xffffffffffffffff, &(0x7f0000000040)=@name={0x1e, 0x2, 0x1, {{}, 0x2}}, 0x10)
connect$tipc(0xffffffffffffffff, &(0x7f0000000000)=@id, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
unshare(0x2c020600)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000001280), 0xffffffffffffffff)
sendmsg$NFC_CMD_GET_SE(0xffffffffffffffff, &(0x7f0000001340)={&(0x7f0000001240)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000001300)={&(0x7f00000012c0)={0x14, r7, 0x100, 0x70bd2c, 0x25dfdbfe, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x2404a000}, 0x4)
sendmsg$TIPC_NL_MON_SET(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x18, r6, 0x400, 0x0, 0x25dfdbfe, {}, [@TIPC_NLA_MON={0x4}]}, 0x18}}, 0x200000c0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
splice(r9, 0x0, r8, 0xffffffffffffffff, 0x4, 0xd)
bpf$TOKEN_CREATE(0x24, &(0x7f0000001140)={0x0, r2}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000001180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000cb39982c19ea"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001380)={{r4}, &(0x7f0000000140), &(0x7f0000001400)='%pS    \x00'}, 0x20)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10)
connect$llc(0xffffffffffffffff, &(0x7f0000000180)={0x1a, 0x335, 0xa, 0x7, 0x1, 0x7}, 0x10)
close(0xffffffffffffffff)
ioctl$sock_proto_private(0xffffffffffffffff, 0x89e3, &(0x7f0000000f80)="8ccaaecac5d74d799a9fee4892884c913c7ae76601e3469b22a777524e517e432c24078c8488ec06ee21cebba6906f11d50592a77afe231b317c5b0c6af3f3e70264c3faf2a9d83e3a528f88839add9b71fd1b718e0b1953294ead49697cf666713c6966fb54484f67781427a7b7ea5f")
preadv(r0, &(0x7f0000000080)=[{&(0x7f0000001580)=""/13, 0xd}], 0x1, 0x0, 0xffff38db)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
close(r0)

760.243295ms ago: executing program 1 (id=885):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = dup(r0)
fsetxattr$security_selinux(r1, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)
ioctl$RTC_PIE_ON(r1, 0x7005)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
munlock(&(0x7f0000ffb000/0x1000)=nil, 0x1000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x2}, 0x18)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000001c0)='westwood', 0x8)
fspick(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x1)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0xfffffd9d)

736.969577ms ago: executing program 1 (id=886):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=r2, @ANYBLOB="000000000000000028001280090001007665746800000000180002801400010000000000", @ANYRES32=r2], 0x48}, 0x1, 0x0, 0x0, 0x48800}, 0x0) (fail_nth: 8)

623.568428ms ago: executing program 2 (id=887):
r0 = socket$igmp(0x2, 0x3, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000540)={'\x00', 0x7e, 0x7527, 0x5c8, 0x7fff, 0x9})
ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0)
ioctl$SG_BLKTRACESTART(r1, 0x1274, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1d, 0x2, &(0x7f0000000400)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa}], &(0x7f0000000440)='GPL\x00', 0x1, 0x37, &(0x7f0000000500)=""/55, 0x41000, 0x4, '\x00', 0x0, @lsm, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x6, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000005c0)=[0x1], 0x0, 0x10, 0xc8d}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', 0xffffffffffffffff, 0x0, 0xd9}, 0x18)
getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r4, 0x84, 0x16, &(0x7f0000000040)={0x3, [0x9, 0x1, 0xfffa]}, &(0x7f00000000c0)=0xa)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000002c0)={&(0x7f0000c8c000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00001bb000/0x4000)=nil, &(0x7f0000881000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000b69000/0x4000)=nil, &(0x7f00002ee000/0x3000)=nil, &(0x7f0000c3a000/0x3000)=nil, &(0x7f0000fde000/0x2000)=nil, &(0x7f0000000200)="9dd69d7d2a901e8efa47fdde87e5e7ff3ec57cd9c4198045973287713417f187fa49af297872990407e25cecd3983e27e173f00bf2bc4b97adab92814bd7590a8f0208611bfddca6663e393b8b50028abc6290973d5aa80ea58c905ae7e1c521b0557f80162e27e5d7743d9323651b8162fdb5d0fc180111e443fac8dc957eb5c7f6fef266848a6d1d8c4077241e1b43", 0x90, r2}, 0x68)
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@resuid}, {@nobh}]}, 0x1, 0x519, &(0x7f00000009c0)="$eJzs3cFvI1cZAPBvJvE2u5tiFxAqlSgVLcpWsHbS0DZCCMoFTpWA5b6ExImi2HEUO2UTVZCK/wAhgcSJExck/gCkqgfEGVWqBBfEAQECIdjCAQnoII/HJevYSaBJnI1/P+mt35sZz/e9ifw8M56dCWBiPRURL0XEVEQ8GxHlYnpalDjole5yb99/daVbksiyO39JIimm9dfVbU9HxM3ibTMR8ZUvRnw9ORq3vbe/udxo1HeKdq3T3K619/ZvbzSX1+vr9a3FxYUXll5cen5pPiu8p35W+pUffeGzr3/yG7+9+6db3+ym9ZkPRSkG+nGWel0v5duir7uNds4j2BhMFf0pjTsRAABOpbuP//6I+Fi+/1+OqXxvbsDUODIDAAAAzkr2udn4VxKRAQAAAFdWGhGzkaTV4lqA2UjTa8W5gQ/GjbTRanc+sdba3VrtzouoRCld22jU54trhStRSrrtheIa2377uYH2YkQ8FhHfLV/P29WVVmN1zOc+AAAAYFLcHDj+/3s5zesnG/L/BAAAAIDLqzKyAQAAAFwVDvkBAADg6hs8/n99THkAAAAA5+JLL7/cLVn/+derr+ztbrZeub1ab29Wm7sr1ZXWznZ1vdVaz+/Z1zxpfY1Wa/tTsbV7r9aptzu19t7+3WZrd6tzd+OBR2ADAAAAF+ixj77xqyQiDj59PS9R3AcQ4AG/H3cCwFmaGncCwNi4izdMrlK/cm28eQDjk5ww38U7AADw8Jv78NHf//unAkpjzQw4b671AYDJ4/d/mFwlVwDCREsj4n296iOjlhn5+/8vThslyyLeLB+e4vwiAABcrNm8JGm1OA6YjTStViMejUgrUUrWNhr1+eL44Jfl0iPd9kL+zuTEa4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAArrSI9I9Jfjf/iLnyM7OD5weuJf8oxx+Kxg/ufO/ecqezs9Cd/tf8WV7XIqLz/TulfPpzIx8fBgAAAJy15GDkrN5xevG6cKFZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAB3r7/6kq/XGTcP38+IirD4k/HTP46E6WIuPG3JKYPvS+JiKkziH/wWkQ8Pix+Eu9kWVYpshgW//o5x6/km2Z4/DQibp5BfJhkb3THn5eGff7SeCp/Hf75my7KezV6/EuLyI/n49yw8efRI2trDo3xxFs/qY2M/1rEE9PDx5/++JuMiP/0kbX9M8uyozG+9tX9/VHxsx9GzA39/kkeiFXrNLdr7b392xvN5fX6en1rcXHhhaUXl55fmq+tbTTqxb9DY3znIz9957j+3xgS/ze/7o2/x/X/mVErHfDvt+7d/0CvWhoW/9bTQ79/Z2JE/LT47vt4Ue/On+vXD3r1w5788ZtPHtf/1RHb/6S//61T9v/ZL3/7d6dcFAC4AO29/c3lRqO+c0xl5hTLPIyVn81cijT+x0r2rd5f7rLk8/9Wunur/53S79UlSOxQJbuwWFNxSbr8bmWswxIAAHAOfv7uTv+4MwEAAAAAAAAAAAAAAAAAAIDJdRG3ExuMeTCergIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOs/AQAA//9GB9/T")
ioctl$SIOCGETMIFCNT_IN6(r0, 0x89e0, &(0x7f0000000080)={0x1})

538.187477ms ago: executing program 3 (id=888):
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000440)={0x100000001, {{0xa, 0xce22, 0xffffffff, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000e0ff00000000000000bd0000000000000000001300e4ec010000000040000000000000000000000000000000000000013da51fd47aa2e2f70000000000000000000000000000000000000000000000000000000000000067ff0000000000000005"], 0x310)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}}, 0x108)
r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000000600)=""/128, 0x80}], 0x1, 0x111, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r2 = getpid()
syz_pidfd_open(r2, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
readv(r3, &(0x7f0000000080)=[{&(0x7f00000028c0)=""/4098, 0x1052}], 0x2)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x60500)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB], 0x50)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r5}, 0x10)
unshare(0xa000200)
semtimedop(0x0, &(0x7f0000000000)=[{0x2, 0x40, 0x1800}], 0x1, 0x0)
unshare(0x20060400)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r4, &(0x7f0000000140)=[{0x84, 0x77, 0x0, 0x0, @time={0xddda, 0x8}, {}, {}, @raw32}], 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r6, 0x0, 0x9}, 0x18)
r7 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r7, 0x29, 0x15, &(0x7f0000000100), 0x3d)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000001c0), 0x13f, 0x8}}, 0x20)
close(0xffffffffffffffff)

374.197793ms ago: executing program 3 (id=889):
socket$nl_xfrm(0x10, 0x3, 0x6)
openat(0xffffffffffffff9c, 0x0, 0x20040, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x11e167, 0x0, 0xfffffffc, 0xb95b5ec032cc8e84}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003b00)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10)
r6 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000080)={0x43, 0x3, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_LEAVE(r6, 0x10f, 0x88)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0), 0xfc, 0x574, &(0x7f00000013c0)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUk4gWC3qvS7INJZtuyW5KEwu2B3vxIkUQsSB69+6x+A/4VxS0UKQEPXiJzGY2XZPZNNlumm3384Fp35uZzZvvvvm+fbOzywbQt8bSfwoRL0fEN0nESMu2wcg2jq3tt/Lw+nS6JLG6+ulfSSTZuub+Sfb/oazyUkT89lXEycLmdmtLy3OlSqW8kNXH6/NXxmtLy6cuzZdmy7Ply5NTU2fempp89523uxbr6+f/+f6Tux+e+fr4yne/3D9yO4mzcTjb1hrHE7jRWhmLsew5GYqzG3ac6EJjvSTZ6wOgIwNZng9FOgaMxECW9blWR57moQG77Ms0rYE+lch/6FPNeUDz2r5L18HPjAfvr10AbY5/cO29kRhuXBsdXEn+d2WUXu+OdqH9tI1f/7xzO12i3fsQ+7vQEMAGN25GxOnBwc3jX5KNf507vY19NrbRb68/sJfupvOfN/LmP4X1+U/kzH8O5eRuJx6f/4X7XWimrXT+917u/Hf9ptXoQFZ7oTHnG0ouXqqU07HtxYg4EUP70/pERHyQfxPk88LKvdV27bfO/9Ilbb85F8yO4/7ghvnfTKleevLI1zy4GfFK7vw3We//JKf/0+fj/DbbOFa+82q7bY+Pf3et/hTxWm7/P+rMZOv7k+ON82G8eVZs9vetY7+3a3+v40/7/+DW8Y8mrfdraztv48fhf8vttnV6/u9LPmuU92XrrpXq9YWJiH3Jx5vXTz56bLPe3D+N/8Txrce/vPP/QJrY24z/1tFbrbsO7yz+3ZXGP7Oj/t954d5HX/zQrv3t9f+bjdKJbM12xr/tHuCTPHcAAAAAAADQawoRcTiSQnG9XCgUi2uf7zgaBwuVaq1+8mJ18fJMNL4rOxpDhead7pGWz0NMZJ+HbdYnN9SnIuJIRHw7cKBRL05XKzN7HTwAAAAAAAAAAAAAAAAAAAD0iEMRw3nf/0/9MZD/mDargWfRFj/5DTzn2ud/tqUbv/QE9CSv/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0L/kP/Wsn+f/zuV08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg+nD93Ll1WVx5en07rM1eXFueqV0/NlGtzxfnF6eJ0deFKcbZana2Ui9PV+cf9vUq1emViMhavjdfLtfp4bWn5wnx18XL9wqX50mz5QnnoqUQFAAAAAAAAAAAAAAAAAAAAz5ba0vJcqVIpLygodFQY7I3D6MFCoTcOo8PCXo9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDIfwEAAP//wGE62g==")
r7 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0xa0000, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r7, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}})
unlink(&(0x7f0000000180)='./file1\x00')

334.083237ms ago: executing program 0 (id=890):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003b00)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000080)={0x43, 0x3, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_LEAVE(r3, 0x10f, 0x88)

313.031359ms ago: executing program 0 (id=891):
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_version\x00', 0x2, 0x0)
r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x101201, 0x0)
ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000600)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x19, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18008000000000000000000000000000180100002020702500000000002020217b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b704000000000000000000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xb, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x4000002, 0x3032, 0xffffffffffffffff, 0x2a1cf000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000a80)='mm_page_free_batched\x00'}, 0x18)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x100010, r3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r2}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000140)={'vxcan1\x00', <r5=>0x0})
r6 = getpgid(0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x5, 0x0, &(0x7f0000000180), &(0x7f0000000440)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41100, 0x42, '\x00', 0x0, @fallback=0x2d, r0, 0x8, &(0x7f00000005c0)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000800)={0x3, 0xd, 0x5, 0xffff}, 0x10, 0x0, r2, 0x0, &(0x7f00000008c0)=[r3, 0xffffffffffffffff, r0, r3, r0, 0xffffffffffffffff, r0, r3], &(0x7f0000000900), 0x10, 0x4}, 0x94)
bind$can_raw(r4, &(0x7f0000000000)={0x1d, r5}, 0x10)
tkill(r6, 0x2e)
setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000780)={{0xa, 0x4e22, 0x2, @private0, 0x9}, {0xa, 0x24, 0x9, @private0, 0xfffffff7}, 0xffffffffffffffff, {[0xf, 0x401, 0x2a4, 0x2, 0xfff, 0xa6, 0x7, 0x8a0e]}}, 0x5c)
bind$can_raw(r4, &(0x7f0000000080), 0x10)

220.482548ms ago: executing program 4 (id=892):
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000440)={0x100000001, {{0xa, 0xce22, 0xffffffff, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000e0ff00000000000000bd0000000000000000001300e4ec010000000040000000000000000000000000000000000000013da51fd47aa2e2f70000000000000000000000000000000000000000000000000000000000000067ff0000000000000005"], 0x310)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}}, 0x108)
r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000000600)=""/128, 0x80}], 0x1, 0x111, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r2 = getpid()
syz_pidfd_open(r2, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
readv(r3, &(0x7f0000000080)=[{&(0x7f00000028c0)=""/4098, 0x1052}], 0x2)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x60500)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB], 0x50)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r5}, 0x10)
unshare(0xa000200)
semtimedop(0x0, &(0x7f0000000000)=[{0x2, 0x40, 0x1800}], 0x1, 0x0)
unshare(0x20060400)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r4, &(0x7f0000000140)=[{0x84, 0x77, 0x0, 0x0, @time={0xddda, 0x8}, {}, {}, @raw32}], 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r6, 0x29, 0x15, &(0x7f0000000100), 0x3d)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000001c0), 0x13f, 0x8}}, 0x20)
close(0xffffffffffffffff)

168.984133ms ago: executing program 1 (id=893):
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
write$binfmt_register(r0, &(0x7f0000000580)={0x3a, 'syz0', 0x3a, 'E', 0x3a, 0xb, 0x3a, ' ', 0x3a, '\x835\tplb\x11\xcd\xb0\x84\x89\xa5\xf1\xdb\x05\xc4\x91\xe0\xd8/as0i\x17\xb5U\xb5\xa6\xdd\xeb\x83\'\x8c4\xaf\xc5\xae(\x03\xab\x85\x91%', 0x3a, './file0', 0x3a, [0x46]}, 0x55)

159.856155ms ago: executing program 0 (id=894):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000040500000000184000000200000000001e0000eba300950000950000000004070000000000000f84d6240cd9d061e5178f5bf2ab03a0bd26240e878b2f3deef1c0d293bf056a452f2c6a6a656adc9faec0d7fe2289b65a7e8d1496a5d430b52984ab8fdeb09bdeee5808a2b36ff61513325d93c4998d703bea0b85240aa1ebeb4e6ccc4b619f75d89e16bbea9437dbc4a530dbd32a1b807d865d22abcddaf77b000b35844f1e"], &(0x7f0000000100)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x600}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x11, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000005000000000000000400000018110000", @ANYRES32, @ANYBLOB="00000000000000ffb602000014000002b7030000000000008500000083000000bf090000000000005509010000000000950001000000000018320000040000000000000000000000bf91000000000008b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x52, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
r2 = socket$inet6(0xa, 0x2, 0x2)
setsockopt$sock_linger(r2, 0x1, 0x3c, &(0x7f0000000040)={0x200000000000001}, 0x8)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000001440)=ANY=[], 0xc0)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x28, r7, 0xacf5e67dd0b583a1, 0x0, 0x0, {{0x5}, {@val={0x8}, @val={0xc, 0x99, {0x0, 0xffffffff}}}}}, 0x28}}, 0x0)
bind$inet(r3, &(0x7f0000000380)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000280)='htcp', 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
bpf$LINK_DETACH(0x22, &(0x7f00000003c0), 0x4)
recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
ioctl$PPPIOCUNBRIDGECHAN(0xffffffffffffffff, 0x7434)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
mount$9p_rdma(&(0x7f00000013c0), &(0x7f0000001400)='.\x00', &(0x7f0000001440), 0x800, &(0x7f00000000c0)=ANY=[@ANYBLOB="7472616e733d72646d612c706f72743d3078303030303030303030303030346532302c7469fdff6f75743d3078303030303030303030303030303030332c00"])

150.129435ms ago: executing program 1 (id=895):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, 0x0, 0x20000000)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r1}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
setsockopt$MRT_ADD_VIF(0xffffffffffffffff, 0x0, 0xca, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x8, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000700000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000ccae265a428feefe6fe4b2acb4794c7905"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x18)
syslog(0x2, &(0x7f0000002ec0)=""/4096, 0x1000)

123.680948ms ago: executing program 4 (id=896):
process_vm_writev(0x0, &(0x7f0000000500)=[{0x0}, {0xffffffffffffffff}], 0x2, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x5, 0x0, 0x0, 0x0, 0x7, 0x8458, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x400, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYRES8=r0, @ANYRES32, @ANYRES16], 0x30}, 0x1, 0x0, 0x0, 0x20000}, 0x54)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0xff38}, 0x90)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0x1ffffffffffffffd}, 0x18)
r5 = socket(0x10, 0x2, 0x0)
sendto$inet6(r5, &(0x7f0000000000)="7800000018002507b9409b14ffff00000204be04020506050e0204094300080004000000040010000d0068d0bf46d32345653600648d0a0012000200000049935ade4a460c89b6ec0cff3959547f509058ba86c902000000004a32000400160005000a0000000000e000e218d1ddf66ed538f25232500000", 0x78, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2208c08, 0x0)
umount2(&(0x7f0000000280)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e24, @loopback}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000e00)={[{@grpquota}, {@sysvgroups}, {@grpjquota}, {@journal_checksum}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x4}}], [{@pcr={'pcr', 0x3d, 0x27}}, {@permit_directio}, {@uid_lt}]}, 0x0, 0x46b, &(0x7f0000000740)="$eJzs28tvVNUfAPDvvX0APx7tD/EBolaJSeOjpQWVhRuNJi4wmugCl7UdSMNADa2JECLFGNyYGBJdG5cm/gXujIlRVyZudW9IiLIBXdXcO/fCdJgpFKa9lfl8ktuec++ZOec793XuOTMB9KyR7E8SsS0ifouIoUZ2eYGRxr9rV85O/33l7HQSS0tv/Znk5a5eOTtdFi1ft7XIjKYR6cdJUcly86fPHJ+q12univz4won3xudPn3l29sTUsdqx2snJQ4cOHph44fnJ57oSZxbX1T0fzu3d/do7F1+fPnLx3Z++ydq7rdjeHEe3jGSB/7WUa932ZLcrq9j2pnTSX2FDWJW+iMh210B+/g9FX9zYeUPx6keVNg5YU9m9aVPnzYtLwD0siapbAFSjvNFnz7/lsk5djw3h8kuNB6As7mvF0tjSH2lRZqDl+babRiLiyOI/X2ZLrNE4BABAs0+nvzgcz7Tr/6XxQFO5HcUcynBE/D8idkbEfRGxKyLuj8jLPhgRD62y/tapoZv7P+mlOwrsNmX9vxeLua3l/b+y9xfDfUVuex7/QHJ0tl7bX3wmozGwKctPrFDHd6/8+lmnbc39v2zJ6i/7gkU7LvW3DNDNTC1M5Z3SLrh8PmJPf7v4k+szAUlE7I6IPat76x1lYvapr/d2KnTr+FfQhXmmpa+y8Baz+BejJf5SsvL85PjmqNf2j5dHxc1+/uXCm53qv6v4u+ByrfG/af+3FhlOmudr51dfx4XfP+n4THOHx386mLydzzMPFus+mFpYODURMZgczvPL1k/eeG2ZL8tnx//ovvbn/87iNVn8D0dEdhA/EhGPRsRjRdsfj4gnImLfCvH/+HLnbWX8kVa0/89HzLS9/l0//lv2/+oTfcd/+LZT/be3/w/mqdFiTX79u4V2zckuF60NvJvPDgAAAP4r0vw78Ek6dj2dpmNjje/w74r/pfW5+YWnj869f3Km8V354RhIy5GuoWI8tD5br00ki8U7NsZHJ4ux4nK89EAxbvx535Y8PzY9V5+pOHbodVs7nP+ZP/qqbh2wxra0XTs5uO4NASrQOo+eLs+ee2M9GwOsK7/Xht51i/M/Xa92AOvP/R96V7vz/1xL3lwA3Jvc/6F3Of+hR6XfV90CoELu/9CT7uZ3/WuY2LwxmlFNYqPulDwRUSbSDdEeiTVKVH1lAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA//+Afus0")
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f00000007c0)={0x84, @private=0xa010101, 0x15, 0x3, 'dh\x00', 0x1, 0x4, 0x8}, 0x2c)
getsockopt(r6, 0x200000000114, 0x2716, &(0x7f0000019580)=""/102394, &(0x7f0000000040)=0x18ffa)

77.730633ms ago: executing program 1 (id=897):
socket$netlink(0x10, 0x3, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x88000, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800"], 0x48)
r2 = syz_open_dev$vcsa(&(0x7f0000000000), 0xf69, 0x4040)
ioctl$TUNSETOFFLOAD(r2, 0x541b, 0xf0ff1f00000002)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000000000070200"], &(0x7f0000000300)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
mincore(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0500000003f01f0081000000ffff000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="786a45dcbafc264a00000000fcffffff000000000000000000000800000000000000000027f3efb597d47b291a9468aa0601f0a7d810943d5799ac54a9f5b2af0c5cc3a0152656c5f57b41ca2ca0fe431222947b02dd84e1e0a5aac9bcf875ac2abd5b82d2c2ff3b313f519c51d2ee8d40d697"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000818"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$vsock_stream(0x28, 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="09000000070000000000010003"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00'}, 0x18)
recvmsg(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=""/68, 0x44}], 0x1}, 0x4c2103a0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x32)
write(r5, &(0x7f00000001c0)="49bda8f11851b8436bebb25ac5f8202ffbcc3d0b6c01", 0x16)
sendfile(r5, r0, 0x0, 0x3ffff)
sendfile(r5, r0, 0x0, 0x7ffffffffffffffd)

0s ago: executing program 0 (id=898):
process_vm_writev(0x0, &(0x7f0000000500)=[{0x0}, {0xffffffffffffffff}], 0x2, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x5, 0x0, 0x0, 0x0, 0x7, 0x8458, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x400, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYRES8=r0, @ANYRES32, @ANYRES16], 0x30}, 0x1, 0x0, 0x0, 0x20000}, 0x54)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0xff38}, 0x90)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0x1ffffffffffffffd}, 0x18)
r5 = socket(0x10, 0x2, 0x0)
sendto$inet6(r5, &(0x7f0000000000)="7800000018002507b9409b14ffff00000204be04020506050e0204094300080004000000040010000d0068d0bf46d32345653600648d0a0012000200000049935ade4a460c89b6ec0cff3959547f509058ba86c902000000004a32000400160005000a0000000000e000e218d1ddf66ed538f25232500000", 0x78, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2208c08, 0x0)
umount2(&(0x7f0000000280)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e24, @loopback}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000e00)={[{@grpquota}, {@sysvgroups}, {@grpjquota}, {@journal_checksum}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x4}}], [{@pcr={'pcr', 0x3d, 0x27}}, {@permit_directio}, {@uid_lt}]}, 0x0, 0x46b, &(0x7f0000000740)="$eJzs28tvVNUfAPDvvX0APx7tD/EBolaJSeOjpQWVhRuNJi4wmugCl7UdSMNADa2JECLFGNyYGBJdG5cm/gXujIlRVyZudW9IiLIBXdXcO/fCdJgpFKa9lfl8ktuec++ZOec793XuOTMB9KyR7E8SsS0ifouIoUZ2eYGRxr9rV85O/33l7HQSS0tv/Znk5a5eOTtdFi1ft7XIjKYR6cdJUcly86fPHJ+q12univz4won3xudPn3l29sTUsdqx2snJQ4cOHph44fnJ57oSZxbX1T0fzu3d/do7F1+fPnLx3Z++ydq7rdjeHEe3jGSB/7WUa932ZLcrq9j2pnTSX2FDWJW+iMh210B+/g9FX9zYeUPx6keVNg5YU9m9aVPnzYtLwD0siapbAFSjvNFnz7/lsk5djw3h8kuNB6As7mvF0tjSH2lRZqDl+babRiLiyOI/X2ZLrNE4BABAs0+nvzgcz7Tr/6XxQFO5HcUcynBE/D8idkbEfRGxKyLuj8jLPhgRD62y/tapoZv7P+mlOwrsNmX9vxeLua3l/b+y9xfDfUVuex7/QHJ0tl7bX3wmozGwKctPrFDHd6/8+lmnbc39v2zJ6i/7gkU7LvW3DNDNTC1M5Z3SLrh8PmJPf7v4k+szAUlE7I6IPat76x1lYvapr/d2KnTr+FfQhXmmpa+y8Baz+BejJf5SsvL85PjmqNf2j5dHxc1+/uXCm53qv6v4u+ByrfG/af+3FhlOmudr51dfx4XfP+n4THOHx386mLydzzMPFus+mFpYODURMZgczvPL1k/eeG2ZL8tnx//ovvbn/87iNVn8D0dEdhA/EhGPRsRjRdsfj4gnImLfCvH/+HLnbWX8kVa0/89HzLS9/l0//lv2/+oTfcd/+LZT/be3/w/mqdFiTX79u4V2zckuF60NvJvPDgAAAP4r0vw78Ek6dj2dpmNjje/w74r/pfW5+YWnj869f3Km8V354RhIy5GuoWI8tD5br00ki8U7NsZHJ4ux4nK89EAxbvx535Y8PzY9V5+pOHbodVs7nP+ZP/qqbh2wxra0XTs5uO4NASrQOo+eLs+ee2M9GwOsK7/Xht51i/M/Xa92AOvP/R96V7vz/1xL3lwA3Jvc/6F3Of+hR6XfV90CoELu/9CT7uZ3/WuY2LwxmlFNYqPulDwRUSbSDdEeiTVKVH1lAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA//+Afus0")
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f00000007c0)={0x84, @private=0xa010101, 0x15, 0x3, 'dh\x00', 0x1, 0x4, 0x8}, 0x2c)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0)

kernel console output (not intermixed with test programs):

equested (1)
[   45.149219][ T4016] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   45.159694][ T4016] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   45.204520][ T4025] netlink: 32 bytes leftover after parsing attributes in process `syz.0.175'.
[   45.219530][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.306956][ T4034] vhci_hcd: invalid port number 254
[   45.375907][    C0] hrtimer: interrupt took 36874 ns
[   45.612593][ T4054] netlink: 64 bytes leftover after parsing attributes in process `syz.1.184'.
[   45.711015][ T4060] syzkaller0: entered promiscuous mode
[   45.716547][ T4060] syzkaller0: entered allmulticast mode
[   45.762205][ T4064] loop1: detected capacity change from 0 to 512
[   45.791616][ T4064] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   45.814035][ T4064] EXT4-fs (loop1): 1 truncate cleaned up
[   45.830303][ T4064] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.872718][ T4067] loop4: detected capacity change from 0 to 1024
[   45.903691][ T4067] EXT4-fs: dax option not supported
[   45.955328][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.034855][ T4072] vhci_hcd: invalid port number 254
[   46.085973][ T4080] netlink: 68 bytes leftover after parsing attributes in process `syz.1.194'.
[   46.163466][ T4091] loop2: detected capacity change from 0 to 128
[   46.299285][ T4098] loop4: detected capacity change from 0 to 512
[   46.321364][ T4098] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   46.391952][ T4098] EXT4-fs (loop4): 1 truncate cleaned up
[   46.400797][ T4098] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.434044][ T4103] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.569887][ T4103] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.588859][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.739261][ T4103] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.849643][ T4094] syz.2.199: attempt to access beyond end of device
[   46.849643][ T4094] loop2: rw=2049, sector=128, nr_sectors = 1 limit=128
[   46.863019][ T4094] Buffer I/O error on dev loop2, logical block 128, lost async page write
[   46.991082][ T4103] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   47.055562][ T4091] syz.2.199: attempt to access beyond end of device
[   47.055562][ T4091] loop2: rw=2049, sector=128, nr_sectors = 1 limit=128
[   47.069098][ T4091] Buffer I/O error on dev loop2, logical block 128, lost async page write
[   47.179741][   T37] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.188325][   T37] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.209384][ T4116] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   47.226502][   T37] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.267763][   T37] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.284381][ T4116] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   47.378175][ T4116] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   47.460202][ T4116] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   47.543720][ T2616] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.565848][ T2616] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.588346][ T2616] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.617295][ T2616] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.667092][ T4131] vhci_hcd: invalid port number 254
[   47.706625][ T4136] loop0: detected capacity change from 0 to 512
[   47.734237][ T4139] netlink: 'syz.1.215': attribute type 21 has an invalid length.
[   47.737500][ T4136] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   47.764141][ T4136] EXT4-fs (loop0): 1 truncate cleaned up
[   47.775634][ T4139] capability: warning: `syz.1.215' uses deprecated v2 capabilities in a way that may be insecure
[   47.787669][   T29] kauditd_printk_skb: 407 callbacks suppressed
[   47.787684][   T29] audit: type=1326 audit(1761005768.589:1355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4138 comm="syz.1.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f8d7662efc9 code=0x7ffc0000
[   47.817277][   T29] audit: type=1326 audit(1761005768.589:1356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4138 comm="syz.1.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7662efc9 code=0x7ffc0000
[   47.840604][   T29] audit: type=1326 audit(1761005768.589:1357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4138 comm="syz.1.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7662efc9 code=0x7ffc0000
[   47.863913][   T29] audit: type=1326 audit(1761005768.589:1358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4138 comm="syz.1.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7662efc9 code=0x7ffc0000
[   47.887322][   T29] audit: type=1326 audit(1761005768.589:1359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4138 comm="syz.1.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f8d7662efc9 code=0x7ffc0000
[   47.916405][ T4136] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.930147][   T29] audit: type=1326 audit(1761005768.759:1360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4138 comm="syz.1.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7662efc9 code=0x7ffc0000
[   47.953662][   T29] audit: type=1326 audit(1761005768.759:1361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4138 comm="syz.1.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f8d7662f003 code=0x7ffc0000
[   47.976886][   T29] audit: type=1326 audit(1761005768.759:1362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4138 comm="syz.1.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f8d7662f087 code=0x7ffc0000
[   48.000177][   T29] audit: type=1326 audit(1761005768.759:1363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4138 comm="syz.1.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f8d765e644d code=0x7ffc0000
[   48.023402][   T29] audit: type=1326 audit(1761005768.759:1364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4138 comm="syz.1.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f8d76663709 code=0x7ffc0000
[   48.087492][ T4145] FAULT_INJECTION: forcing a failure.
[   48.087492][ T4145] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   48.100587][ T4145] CPU: 0 UID: 0 PID: 4145 Comm: syz.4.217 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   48.100612][ T4145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   48.100623][ T4145] Call Trace:
[   48.100628][ T4145]  <TASK>
[   48.100634][ T4145]  __dump_stack+0x1d/0x30
[   48.100755][ T4145]  dump_stack_lvl+0xe8/0x140
[   48.100860][ T4145]  dump_stack+0x15/0x1b
[   48.100906][ T4145]  should_fail_ex+0x265/0x280
[   48.100936][ T4145]  should_fail+0xb/0x20
[   48.100959][ T4145]  should_fail_usercopy+0x1a/0x20
[   48.100993][ T4145]  _copy_from_user+0x1c/0xb0
[   48.101039][ T4145]  ___sys_sendmsg+0xc1/0x1d0
[   48.101090][ T4145]  __x64_sys_sendmsg+0xd4/0x160
[   48.101148][ T4145]  x64_sys_call+0x191e/0x3000
[   48.101183][ T4145]  do_syscall_64+0xd2/0x200
[   48.101244][ T4145]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   48.101268][ T4145]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   48.101364][ T4145]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.101388][ T4145] RIP: 0033:0x7efe20f8efc9
[   48.101404][ T4145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.101421][ T4145] RSP: 002b:00007efe1f9f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   48.101481][ T4145] RAX: ffffffffffffffda RBX: 00007efe211e5fa0 RCX: 00007efe20f8efc9
[   48.101494][ T4145] RDX: 00000000000008d0 RSI: 0000200000000500 RDI: 0000000000000003
[   48.101508][ T4145] RBP: 00007efe1f9f7090 R08: 0000000000000000 R09: 0000000000000000
[   48.101581][ T4145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.101595][ T4145] R13: 00007efe211e6038 R14: 00007efe211e5fa0 R15: 00007ffea0f9a7e8
[   48.101670][ T4145]  </TASK>
[   48.338256][ T4149] SELinux:  Context system_u:object_r:ld_so_t:s0 is not valid (left unmapped).
[   48.429473][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.644779][ T4180] ieee802154 phy0 wpan0: encryption failed: -22
[   48.668150][ T4180] netlink: 'syz.0.226': attribute type 21 has an invalid length.
[   48.676029][ T4180] netlink: 128 bytes leftover after parsing attributes in process `syz.0.226'.
[   48.693783][ T4180] netlink: 'syz.0.226': attribute type 4 has an invalid length.
[   48.701483][ T4180] netlink: 'syz.0.226': attribute type 5 has an invalid length.
[   48.709234][ T4180] netlink: 3 bytes leftover after parsing attributes in process `syz.0.226'.
[   48.740847][ T4182] netlink: 24 bytes leftover after parsing attributes in process `syz.3.227'.
[   48.761397][ T4182] IPVS: Error connecting to the multicast addr
[   48.968560][ T4196] loop3: detected capacity change from 0 to 512
[   48.978916][ T4196] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   48.999086][ T4196] EXT4-fs (loop3): 1 truncate cleaned up
[   49.016218][ T4199] vhci_hcd: invalid port number 254
[   49.021731][ T4196] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.034881][ T4203] loop4: detected capacity change from 0 to 128
[   49.098700][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.151805][ T4211] Zero length message leads to an empty skb
[   49.251956][ T4221] netlink: 24 bytes leftover after parsing attributes in process `syz.1.241'.
[   49.261090][ T4221] IPVS: Error connecting to the multicast addr
[   49.295706][ T4224] loop3: detected capacity change from 0 to 512
[   49.306731][ T4224] EXT4-fs: Ignoring removed nobh option
[   49.326510][ T4224] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.242: iget: bad i_size value: 38620345925642
[   49.356233][ T4224] EXT4-fs (loop3): Remounting filesystem read-only
[   49.366297][ T4224] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.370246][ T4203] syz.4.235: attempt to access beyond end of device
[   49.370246][ T4203] loop4: rw=2049, sector=128, nr_sectors = 1 limit=128
[   49.392183][ T4203] Buffer I/O error on dev loop4, logical block 128, lost async page write
[   49.403319][ T4224] veth0: entered promiscuous mode
[   49.414259][ T4224] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4224 comm=syz.3.242
[   49.426943][ T4224] netlink: 4 bytes leftover after parsing attributes in process `syz.3.242'.
[   49.436356][ T4209] syz.4.235: attempt to access beyond end of device
[   49.436356][ T4209] loop4: rw=2049, sector=128, nr_sectors = 1 limit=128
[   49.449698][ T4209] Buffer I/O error on dev loop4, logical block 128, lost async page write
[   49.526777][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.553102][ T4239] binfmt_misc: register: failed to install interpreter file ./file0
[   49.565445][ T4237] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   49.604101][ T4245] capability: warning: `syz.1.251' uses 32-bit capabilities (legacy support in use)
[   49.630005][ T4245] loop1: detected capacity change from 0 to 512
[   49.660005][ T4247] vhci_hcd: invalid port number 254
[   49.683734][ T4252] netlink: 24 bytes leftover after parsing attributes in process `syz.0.254'.
[   49.704388][ T4252] IPVS: Error during creation of socket; terminating
[   49.770309][ T4266] netlink: 8 bytes leftover after parsing attributes in process `syz.4.259'.
[   49.784231][ T4268] binfmt_misc: register: failed to install interpreter file ./file0
[   49.810565][ T4271] FAULT_INJECTION: forcing a failure.
[   49.810565][ T4271] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   49.823710][ T4271] CPU: 1 UID: 0 PID: 4271 Comm: gtp Not tainted syzkaller #0 PREEMPT(voluntary) 
[   49.823733][ T4271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   49.823743][ T4271] Call Trace:
[   49.823749][ T4271]  <TASK>
[   49.823757][ T4271]  __dump_stack+0x1d/0x30
[   49.823787][ T4271]  dump_stack_lvl+0xe8/0x140
[   49.823850][ T4271]  dump_stack+0x15/0x1b
[   49.823877][ T4271]  should_fail_ex+0x265/0x280
[   49.823906][ T4271]  should_fail+0xb/0x20
[   49.823940][ T4271]  should_fail_usercopy+0x1a/0x20
[   49.823970][ T4271]  _copy_to_user+0x20/0xa0
[   49.823990][ T4271]  simple_read_from_buffer+0xb5/0x130
[   49.824093][ T4271]  proc_fail_nth_read+0x10e/0x150
[   49.824122][ T4271]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   49.824149][ T4271]  vfs_read+0x1a8/0x770
[   49.824185][ T4271]  ? __rcu_read_unlock+0x4f/0x70
[   49.824228][ T4271]  ? __fget_files+0x184/0x1c0
[   49.824254][ T4271]  ksys_read+0xda/0x1a0
[   49.824276][ T4271]  __x64_sys_read+0x40/0x50
[   49.824324][ T4271]  x64_sys_call+0x27c0/0x3000
[   49.824353][ T4271]  do_syscall_64+0xd2/0x200
[   49.824379][ T4271]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   49.824419][ T4271]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   49.824449][ T4271]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.824576][ T4271] RIP: 0033:0x7efe20f8d9dc
[   49.824592][ T4271] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   49.824681][ T4271] RSP: 002b:00007efe1f9f7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   49.824697][ T4271] RAX: ffffffffffffffda RBX: 00007efe211e5fa0 RCX: 00007efe20f8d9dc
[   49.824708][ T4271] RDX: 000000000000000f RSI: 00007efe1f9f70a0 RDI: 0000000000000003
[   49.824762][ T4271] RBP: 00007efe1f9f7090 R08: 0000000000000000 R09: 0000000000000000
[   49.824777][ T4271] R10: 0000200000000d80 R11: 0000000000000246 R12: 0000000000000001
[   49.824791][ T4271] R13: 00007efe211e6038 R14: 00007efe211e5fa0 R15: 00007ffea0f9a7e8
[   49.824873][ T4271]  </TASK>
[   50.304279][ T4295] FAULT_INJECTION: forcing a failure.
[   50.304279][ T4295] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   50.317578][ T4295] CPU: 0 UID: 0 PID: 4295 Comm: syz.3.270 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   50.317646][ T4295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   50.317659][ T4295] Call Trace:
[   50.317665][ T4295]  <TASK>
[   50.317673][ T4295]  __dump_stack+0x1d/0x30
[   50.317700][ T4295]  dump_stack_lvl+0xe8/0x140
[   50.317725][ T4295]  dump_stack+0x15/0x1b
[   50.317747][ T4295]  should_fail_ex+0x265/0x280
[   50.317822][ T4295]  should_fail_alloc_page+0xf2/0x100
[   50.317851][ T4295]  __alloc_frozen_pages_noprof+0xff/0x360
[   50.317880][ T4295]  alloc_pages_mpol+0xb3/0x260
[   50.317924][ T4295]  vma_alloc_folio_noprof+0x1aa/0x300
[   50.317960][ T4295]  do_wp_page+0xf60/0x2510
[   50.317990][ T4295]  ? __rcu_read_lock+0x37/0x50
[   50.318079][ T4295]  handle_mm_fault+0x77d/0x2be0
[   50.318116][ T4295]  ? __rcu_read_unlock+0x4f/0x70
[   50.318199][ T4295]  ? mt_find+0x208/0x320
[   50.318244][ T4295]  do_user_addr_fault+0x3fe/0x1080
[   50.318329][ T4295]  exc_page_fault+0x62/0xa0
[   50.318355][ T4295]  asm_exc_page_fault+0x26/0x30
[   50.318425][ T4295] RIP: 0010:rep_movs_alternative+0x4a/0x90
[   50.318477][ T4295] Code: cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 ff f8 01 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[   50.318497][ T4295] RSP: 0018:ffffc90000e43d70 EFLAGS: 00050206
[   50.318516][ T4295] RAX: ffff88811a9e6da0 RBX: 000000000000b161 RCX: 000000000000a8a1
[   50.318531][ T4295] RDX: 0000000000000000 RSI: ffff88812c0208c0 RDI: 0000200000002000
[   50.318545][ T4295] RBP: ffffc90011211000 R08: 00000000000004c0 R09: 0000000000000000
[   50.318558][ T4295] R10: 000188812c020000 R11: 000188812c02b160 R12: 000020000000c8a1
[   50.318572][ T4295] R13: 00007ffffffff000 R14: 0000200000001740 R15: ffff88812c020000
[   50.318614][ T4295]  _copy_to_user+0x7c/0xa0
[   50.318637][ T4295]  map_lookup_and_delete_elem+0x52d/0x5d0
[   50.318673][ T4295]  __sys_bpf+0x58f/0x7c0
[   50.318737][ T4295]  __x64_sys_bpf+0x41/0x50
[   50.318763][ T4295]  x64_sys_call+0x2aee/0x3000
[   50.318820][ T4295]  do_syscall_64+0xd2/0x200
[   50.318850][ T4295]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   50.318872][ T4295]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   50.318902][ T4295]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.318985][ T4295] RIP: 0033:0x7f6cd382efc9
[   50.319001][ T4295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.319070][ T4295] RSP: 002b:00007f6cd2297038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   50.319090][ T4295] RAX: ffffffffffffffda RBX: 00007f6cd3a85fa0 RCX: 00007f6cd382efc9
[   50.319104][ T4295] RDX: 0000000000000020 RSI: 0000200000000200 RDI: 0000000000000015
[   50.319117][ T4295] RBP: 00007f6cd2297090 R08: 0000000000000000 R09: 0000000000000000
[   50.319146][ T4295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   50.319159][ T4295] R13: 00007f6cd3a86038 R14: 00007f6cd3a85fa0 R15: 00007ffc9254cf78
[   50.319195][ T4295]  </TASK>
[   50.328222][ T4294] Failed to initialize the IGMP autojoin socket (err -2)
[   50.689130][ T4300] netlink: 8 bytes leftover after parsing attributes in process `syz.0.272'.
[   50.731302][ T4305] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.805070][ T4305] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.825914][ T4308] vhci_hcd: invalid port number 254
[   50.867050][ T4305] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.931850][ T4305] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.977372][ T4325] loop0: detected capacity change from 0 to 512
[   51.000612][ T4325] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   51.009637][ T3491] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   51.042032][ T3491] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   51.060560][ T3491] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   51.072434][ T4325] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   51.095412][ T3491] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   51.103685][ T4325] ext4 filesystem being mounted at /61/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.158502][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   51.193848][ T4331] netlink: 2 bytes leftover after parsing attributes in process `syz.0.282'.
[   51.266417][ T4327] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=4327 comm=syz.2.281
[   51.687123][ T4350] vhci_hcd: invalid port number 254
[   51.768873][ T4356] vhci_hcd: invalid port number 254
[   51.889581][ T4361] loop0: detected capacity change from 0 to 128
[   52.182721][ T4374] loop2: detected capacity change from 0 to 512
[   52.191115][ T4374] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   52.243034][ T4374] EXT4-fs (loop2): 1 truncate cleaned up
[   52.263922][ T4374] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.332245][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.387644][ T4380] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.401350][ T4381] loop3: detected capacity change from 0 to 1024
[   52.433191][ T4381] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.453061][ T4380] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.487928][ T4364] syz.0.292: attempt to access beyond end of device
[   52.487928][ T4364] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128
[   52.501360][ T4364] Buffer I/O error on dev loop0, logical block 128, lost async page write
[   52.513115][ T4381] EXT4-fs (loop3): shut down requested (1)
[   52.519574][ T4381] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   52.529429][ T4381] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   52.538499][ T4361] syz.0.292: attempt to access beyond end of device
[   52.538499][ T4361] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128
[   52.551868][ T4361] Buffer I/O error on dev loop0, logical block 128, lost async page write
[   52.563857][ T4380] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.592477][ T4361] syz.0.292: attempt to access beyond end of device
[   52.592477][ T4361] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128
[   52.605892][ T4361] Buffer I/O error on dev loop0, logical block 128, lost async page write
[   52.656806][ T4380] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.735570][ T2616] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   52.748666][ T2616] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   52.772824][ T2616] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   52.782462][ T2616] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   52.808652][ T4387] loop0: detected capacity change from 0 to 128
[   53.011086][ T4396] loop4: detected capacity change from 0 to 1024
[   53.027265][ T4395] vhci_hcd: invalid port number 254
[   53.027638][ T4396] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.052430][ T4396] EXT4-fs (loop4): shut down requested (1)
[   53.069349][ T4396] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=15
[   53.098219][ T4396] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=15
[   53.107473][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.185437][ T4387] syz.0.301: attempt to access beyond end of device
[   53.185437][ T4387] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128
[   53.198955][ T4387] Buffer I/O error on dev loop0, logical block 128, lost async page write
[   53.246413][ T4387] syz.0.301: attempt to access beyond end of device
[   53.246413][ T4387] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128
[   53.259837][ T4387] Buffer I/O error on dev loop0, logical block 128, lost async page write
[   53.335720][ T4412] netlink: 664 bytes leftover after parsing attributes in process `syz.2.309'.
[   53.357397][ T4412] loop2: detected capacity change from 0 to 512
[   53.376864][ T4412] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c01c, mo2=0002]
[   53.386052][ T4412] System zones: 1-3, 19-19, 35-38
[   53.399494][ T4412] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.426333][ T4412] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.436160][   T29] kauditd_printk_skb: 375 callbacks suppressed
[   53.436175][   T29] audit: type=1326 audit(1761005774.249:1740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4415 comm="syz.0.310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   53.466250][   T29] audit: type=1326 audit(1761005774.249:1741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4415 comm="syz.0.310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   53.511865][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.523514][   T29] audit: type=1326 audit(1761005774.309:1742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4415 comm="syz.0.310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   53.546933][   T29] audit: type=1326 audit(1761005774.309:1743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4415 comm="syz.0.310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   53.570320][   T29] audit: type=1326 audit(1761005774.309:1744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4415 comm="syz.0.310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   53.593649][   T29] audit: type=1326 audit(1761005774.309:1745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4415 comm="syz.0.310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   53.617084][   T29] audit: type=1326 audit(1761005774.309:1746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4415 comm="syz.0.310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   53.640498][   T29] audit: type=1326 audit(1761005774.309:1747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4415 comm="syz.0.310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   53.663808][   T29] audit: type=1326 audit(1761005774.309:1748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4415 comm="syz.0.310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   53.687159][   T29] audit: type=1326 audit(1761005774.309:1749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4415 comm="syz.0.310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   53.810410][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.007618][ T4436] loop2: detected capacity change from 0 to 1024
[   54.048504][ T4436] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.097972][ T4436] EXT4-fs (loop2): shut down requested (1)
[   54.111749][ T4442] vhci_hcd: invalid port number 254
[   54.156634][ T4436] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[   54.185985][ T4436] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[   54.261967][ T4451] FAULT_INJECTION: forcing a failure.
[   54.261967][ T4451] name failslab, interval 1, probability 0, space 0, times 0
[   54.274665][ T4451] CPU: 0 UID: 0 PID: 4451 Comm: syz.1.321 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   54.274692][ T4451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   54.274704][ T4451] Call Trace:
[   54.274709][ T4451]  <TASK>
[   54.274794][ T4451]  __dump_stack+0x1d/0x30
[   54.274829][ T4451]  dump_stack_lvl+0xe8/0x140
[   54.274861][ T4451]  dump_stack+0x15/0x1b
[   54.274910][ T4451]  should_fail_ex+0x265/0x280
[   54.274998][ T4451]  should_failslab+0x8c/0xb0
[   54.275024][ T4451]  __kmalloc_noprof+0xa5/0x570
[   54.275048][ T4451]  ? security_prepare_creds+0x52/0x120
[   54.275097][ T4451]  security_prepare_creds+0x52/0x120
[   54.275125][ T4451]  prepare_creds+0x34a/0x4c0
[   54.275166][ T4451]  copy_creds+0x8f/0x3f0
[   54.275236][ T4451]  copy_process+0x658/0x2000
[   54.275255][ T4451]  ? kstrtouint+0x76/0xc0
[   54.275312][ T4451]  ? __rcu_read_unlock+0x4f/0x70
[   54.275357][ T4451]  kernel_clone+0x16c/0x5c0
[   54.275383][ T4451]  ? vfs_write+0x7e8/0x960
[   54.275407][ T4451]  __x64_sys_clone+0xe6/0x120
[   54.275509][ T4451]  x64_sys_call+0x119c/0x3000
[   54.275541][ T4451]  do_syscall_64+0xd2/0x200
[   54.275575][ T4451]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   54.275608][ T4451]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   54.275715][ T4451]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.275738][ T4451] RIP: 0033:0x7f8d7662efc9
[   54.275756][ T4451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.275781][ T4451] RSP: 002b:00007f8d7508efe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   54.275802][ T4451] RAX: ffffffffffffffda RBX: 00007f8d76885fa0 RCX: 00007f8d7662efc9
[   54.275833][ T4451] RDX: 0000000000000000 RSI: 0000000000009000 RDI: 0000000004021400
[   54.275906][ T4451] RBP: 00007f8d7508f090 R08: 0000000000000000 R09: 0000000000000000
[   54.275922][ T4451] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[   54.275936][ T4451] R13: 00007f8d76886038 R14: 00007f8d76885fa0 R15: 00007fff6fb37658
[   54.275958][ T4451]  </TASK>
[   54.722273][ T4464] netlink: 64 bytes leftover after parsing attributes in process `syz.0.324'.
[   54.736411][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.749845][ T4465] loop4: detected capacity change from 0 to 1024
[   54.783495][ T4465] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.806555][ T4465] EXT4-fs (loop4): shut down requested (1)
[   54.820438][ T4465] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=15
[   54.849838][ T4465] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=15
[   54.879263][ T4475] netlink: 664 bytes leftover after parsing attributes in process `syz.2.330'.
[   54.976258][ T4432] syz.3.317 (4432) used greatest stack depth: 7240 bytes left
[   55.008821][ T4480] loop3: detected capacity change from 0 to 4096
[   55.030930][ T4480] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.055746][ T4480] EXT4-fs (loop3): shut down requested (1)
[   55.062163][ T4480] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[   55.071229][ T4480] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[   55.082556][ T4480] netlink: 12 bytes leftover after parsing attributes in process `syz.3.332'.
[   55.103459][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.149582][ T4484] vhci_hcd: invalid port number 254
[   55.492367][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.668553][ T4502] netlink: 64 bytes leftover after parsing attributes in process `syz.1.340'.
[   55.712453][ T4506] loop0: detected capacity change from 0 to 512
[   55.813700][ T4506] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   55.838672][ T4506] EXT4-fs (loop0): 1 truncate cleaned up
[   55.859698][ T4506] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.299362][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.382027][ T4530] vhci_hcd: invalid port number 254
[   56.476090][ T4537] SELinux:  Context system_u:object is not valid (left unmapped).
[   56.597564][ T4542] binfmt_misc: register: failed to install interpreter file ./file0
[   56.931114][ T4555] netlink: 64 bytes leftover after parsing attributes in process `syz.3.358'.
[   56.972134][ T4557] loop3: detected capacity change from 0 to 512
[   56.979297][ T4557] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   57.001026][ T4557] EXT4-fs (loop3): 1 truncate cleaned up
[   57.007687][ T4557] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.056227][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.344169][ T4572] loop0: detected capacity change from 0 to 32768
[   57.353570][ T4570] loop1: detected capacity change from 0 to 32768
[   57.396285][ T4107]  loop1: p1 p2 p3 < p5 p6 >
[   57.396407][ T3302]  loop0: p1 p2 p3 < p5 p6 >
[   57.401739][ T4107] loop1: p2 size 16775168 extends beyond EOD, truncated
[   57.407825][ T3302] loop0: p2 size 16775168 extends beyond EOD, truncated
[   57.413509][ T4107] loop1: p5 start 4294970168 is beyond EOD, truncated
[   57.421112][ T3302] loop0: p5 start 4294970168 is beyond EOD, truncated
[   57.438599][ T4570]  loop1: p1 p2 p3 < p5 p6 >
[   57.445687][ T4570] loop1: p2 size 16775168 extends beyond EOD, truncated
[   57.446663][ T4572]  loop0: p1 p2 p3 < p5 p6 >
[   57.453875][ T4570] loop1: p5 start 4294970168 is beyond EOD, truncated
[   57.458755][ T4572] loop0: p2 size 16775168 extends beyond EOD, truncated
[   57.472736][ T4572] loop0: p5 start 4294970168 is beyond EOD, truncated
[   57.480782][ T4570] FAULT_INJECTION: forcing a failure.
[   57.480782][ T4570] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   57.493881][ T4570] CPU: 1 UID: 0 PID: 4570 Comm: syz.1.364 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   57.493912][ T4570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   57.493999][ T4570] Call Trace:
[   57.494005][ T4570]  <TASK>
[   57.494024][ T4570]  __dump_stack+0x1d/0x30
[   57.494059][ T4570]  dump_stack_lvl+0xe8/0x140
[   57.494092][ T4570]  dump_stack+0x15/0x1b
[   57.494199][ T4570]  should_fail_ex+0x265/0x280
[   57.494236][ T4570]  should_fail+0xb/0x20
[   57.494267][ T4570]  should_fail_usercopy+0x1a/0x20
[   57.494372][ T4570]  _copy_from_user+0x1c/0xb0
[   57.494397][ T4570]  ___sys_sendmsg+0xc1/0x1d0
[   57.494447][ T4570]  __x64_sys_sendmsg+0xd4/0x160
[   57.494537][ T4570]  x64_sys_call+0x191e/0x3000
[   57.494697][ T4570]  do_syscall_64+0xd2/0x200
[   57.494723][ T4570]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   57.494742][ T4570]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   57.494773][ T4570]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.494921][ T4570] RIP: 0033:0x7f8d7662efc9
[   57.494933][ T4570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.494953][ T4570] RSP: 002b:00007f8d7508f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   57.494973][ T4570] RAX: ffffffffffffffda RBX: 00007f8d76885fa0 RCX: 00007f8d7662efc9
[   57.494984][ T4570] RDX: 0000000004000000 RSI: 0000200000000280 RDI: 0000000000000008
[   57.494994][ T4570] RBP: 00007f8d7508f090 R08: 0000000000000000 R09: 0000000000000000
[   57.495077][ T4570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.495091][ T4570] R13: 00007f8d76886038 R14: 00007f8d76885fa0 R15: 00007fff6fb37658
[   57.495142][ T4570]  </TASK>
[   57.833462][ T4584] netlink: 24 bytes leftover after parsing attributes in process `syz.2.368'.
[   57.853317][ T4584] IPVS: Error during creation of socket; terminating
[   57.919281][ T4589] Failed to initialize the IGMP autojoin socket (err -2)
[   57.943457][ T4592] binfmt_misc: register: failed to install interpreter file ./file0
[   57.960342][ T4593] loop2: detected capacity change from 0 to 512
[   57.979901][ T4107] udevd[4107]: inotify_add_watch(7, /dev/loop1p6, 10) failed: No such file or directory
[   57.980179][ T3302] udevd[3302]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   58.003715][ T4578] udevd[4578]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   58.005934][ T4593] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   58.014253][ T4575] udevd[4575]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[   58.086437][ T4593] EXT4-fs (loop2): 1 truncate cleaned up
[   58.104856][ T3302] udevd[3302]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[   58.106167][ T4575] udevd[4575]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[   58.137259][ T4107] udevd[4107]: inotify_add_watch(7, /dev/loop0p6, 10) failed: No such file or directory
[   58.150891][ T4576] udevd[4576]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[   58.163237][ T4593] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.191614][ T4601] netlink: 64 bytes leftover after parsing attributes in process `syz.3.376'.
[   58.228168][ T4578] udevd[4578]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   58.288143][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.457780][ T4620] netlink: 64 bytes leftover after parsing attributes in process `syz.1.393'.
[   58.487192][   T29] kauditd_printk_skb: 1004 callbacks suppressed
[   58.487209][   T29] audit: type=1400 audit(1761005779.309:2752): avc:  denied  { create } for  pid=4609 comm="syz.3.381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   58.544017][   T29] audit: type=1400 audit(1761005779.309:2753): avc:  denied  { create } for  pid=4624 comm="syz.1.385" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   58.564188][   T29] audit: type=1400 audit(1761005779.339:2754): avc:  denied  { ioctl } for  pid=4609 comm="syz.3.381" path="socket:[9321]" dev="sockfs" ino=9321 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   58.588631][   T29] audit: type=1326 audit(1761005779.339:2755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4609 comm="syz.3.381" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6cd382efc9 code=0x0
[   58.625907][   T29] audit: type=1400 audit(1761005779.439:2756): avc:  denied  { bind } for  pid=4609 comm="syz.3.381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   58.661329][   T29] audit: type=1326 audit(1761005779.479:2757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4621 comm="syz.4.384" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7efe20f8efc9 code=0x0
[   58.692903][   T29] audit: type=1400 audit(1761005779.509:2758): avc:  denied  { create } for  pid=4624 comm="syz.1.385" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   58.702565][ T4626] loop1: detected capacity change from 0 to 1024
[   58.712370][   T29] audit: type=1400 audit(1761005779.509:2759): avc:  denied  { setopt } for  pid=4624 comm="syz.1.385" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   58.727527][ T4633] loop0: detected capacity change from 0 to 128
[   58.752394][   T29] audit: type=1400 audit(1761005779.549:2760): avc:  denied  { read } for  pid=4631 comm="syz.0.389" name="ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   58.775362][   T29] audit: type=1400 audit(1761005779.549:2761): avc:  denied  { open } for  pid=4631 comm="syz.0.389" path="/dev/ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   58.806732][ T4637] loop2: detected capacity change from 0 to 512
[   58.813808][ T4637] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   58.816182][ T4626] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   58.837225][ T4637] EXT4-fs (loop2): 1 truncate cleaned up
[   58.843572][ T4626] EXT4-fs (loop1): shut down requested (1)
[   58.851181][ T4626] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=15
[   58.851673][ T4637] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.900899][ T4626] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=15
[   58.910916][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.942827][ T4645] loop2: detected capacity change from 0 to 128
[   59.052257][ T4641] syz.0.389: attempt to access beyond end of device
[   59.052257][ T4641] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128
[   59.065659][ T4641] Buffer I/O error on dev loop0, logical block 128, lost async page write
[   59.074858][ T4641] syz.0.389: attempt to access beyond end of device
[   59.074858][ T4641] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128
[   59.088308][ T4641] Buffer I/O error on dev loop0, logical block 128, lost async page write
[   59.167988][ T4648] netlink: 8 bytes leftover after parsing attributes in process `syz.0.394'.
[   59.230188][ T4645] syz.2.392: attempt to access beyond end of device
[   59.230188][ T4645] loop2: rw=2049, sector=128, nr_sectors = 1 limit=128
[   59.244146][ T4645] Buffer I/O error on dev loop2, logical block 128, lost async page write
[   59.266189][ T4645] syz.2.392: attempt to access beyond end of device
[   59.266189][ T4645] loop2: rw=2049, sector=128, nr_sectors = 1 limit=128
[   59.279588][ T4645] Buffer I/O error on dev loop2, logical block 128, lost async page write
[   59.351610][ T4659] FAULT_INJECTION: forcing a failure.
[   59.351610][ T4659] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   59.364738][ T4659] CPU: 0 UID: 0 PID: 4659 Comm: syz.4.399 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   59.364766][ T4659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   59.364780][ T4659] Call Trace:
[   59.364787][ T4659]  <TASK>
[   59.364795][ T4659]  __dump_stack+0x1d/0x30
[   59.364866][ T4659]  dump_stack_lvl+0xe8/0x140
[   59.364930][ T4659]  dump_stack+0x15/0x1b
[   59.365022][ T4659]  should_fail_ex+0x265/0x280
[   59.365139][ T4659]  should_fail+0xb/0x20
[   59.365166][ T4659]  should_fail_usercopy+0x1a/0x20
[   59.365202][ T4659]  strncpy_from_user+0x25/0x230
[   59.365228][ T4659]  __x64_sys_lgetxattr+0xa5/0x140
[   59.365320][ T4659]  x64_sys_call+0x2fb3/0x3000
[   59.365351][ T4659]  do_syscall_64+0xd2/0x200
[   59.365383][ T4659]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   59.365407][ T4659]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   59.365450][ T4659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.365543][ T4659] RIP: 0033:0x7efe20f8efc9
[   59.365559][ T4659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.365574][ T4659] RSP: 002b:00007efe1f9f7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c0
[   59.365590][ T4659] RAX: ffffffffffffffda RBX: 00007efe211e5fa0 RCX: 00007efe20f8efc9
[   59.365601][ T4659] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000000
[   59.365611][ T4659] RBP: 00007efe1f9f7090 R08: 0000000000000000 R09: 0000000000000000
[   59.365622][ T4659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.365635][ T4659] R13: 00007efe211e6038 R14: 00007efe211e5fa0 R15: 00007ffea0f9a7e8
[   59.365697][ T4659]  </TASK>
[   59.614583][ T4664] loop3: detected capacity change from 0 to 1024
[   59.625136][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.646611][ T4664] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.665304][ T4664] EXT4-fs (loop3): shut down requested (1)
[   59.676193][ T4664] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   59.685158][ T4664] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   59.721248][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.756859][ T4671] vhci_hcd: invalid port number 254
[   59.850192][ T4674] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[   59.856890][ T4674] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   59.864414][ T4674] vhci_hcd vhci_hcd.0: Device attached
[   59.901036][ T4676] vhci_hcd: connection closed
[   59.901256][ T2616] vhci_hcd: stop threads
[   59.910416][ T2616] vhci_hcd: release socket
[   59.914899][ T2616] vhci_hcd: disconnect device
[   59.950047][ T4683] netlink: 8 bytes leftover after parsing attributes in process `syz.1.405'.
[   59.975154][ T4689] loop3: detected capacity change from 0 to 1024
[   59.997509][ T4689] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   60.030186][ T4689] EXT4-fs (loop3): shut down requested (1)
[   60.037566][ T4689] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   60.046876][ T4689] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   60.050750][ T4697] netlink: 64 bytes leftover after parsing attributes in process `syz.1.409'.
[   60.080647][ T4701] binfmt_misc: register: failed to install interpreter file ./file0
[   60.402223][ T4710] loop0: detected capacity change from 0 to 1024
[   60.420305][ T4710] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   60.433455][ T4710] EXT4-fs (loop0): shut down requested (1)
[   60.439933][ T4710] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   60.448909][ T4710] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   60.468756][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.523392][ T4718] netlink: 8 bytes leftover after parsing attributes in process `syz.0.418'.
[   60.645126][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.700126][ T4732] netlink: 64 bytes leftover after parsing attributes in process `syz.3.423'.
[   60.988764][ T4744] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[   60.995313][ T4744] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   61.002933][ T4744] vhci_hcd vhci_hcd.0: Device attached
[   61.086278][ T4745] vhci_hcd: connection closed
[   61.086665][ T3491] vhci_hcd: stop threads
[   61.095645][ T3491] vhci_hcd: release socket
[   61.100124][ T3491] vhci_hcd: disconnect device
[   61.133727][ T4756] binfmt_misc: register: failed to install interpreter file ./file0
[   61.231071][ T4762] Failed to initialize the IGMP autojoin socket (err -2)
[   61.483969][ T4770] loop2: detected capacity change from 0 to 1024
[   61.534644][ T3401] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x4
[   61.542451][ T3401] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x2
[   61.555042][ T4776] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   61.575789][ T3401] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x3
[   61.576436][ T4770] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   61.595654][ T3401] hid-generic 0000:3000000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   61.610266][ T4770] EXT4-fs (loop2): shut down requested (1)
[   61.618719][ T4770] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[   61.628303][ T4770] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[   61.653865][ T4783] loop4: detected capacity change from 0 to 512
[   61.660774][ T4783] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   61.673341][ T4783] EXT4-fs (loop4): 1 truncate cleaned up
[   61.680273][ T4783] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   61.685339][ T4781] fido_id[4781]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   61.772051][ T4793] binfmt_misc: register: failed to install interpreter file ./file0
[   61.780332][ T4791] loop3: detected capacity change from 0 to 1024
[   61.803093][ T4791] EXT4-fs (loop3): shut down requested (1)
[   61.809841][ T4791] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   61.818874][ T4791] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   61.906804][ T4802] vhci_hcd: invalid port number 254
[   62.317414][ T4823] binfmt_misc: register: failed to install interpreter file ./file0
[   62.501013][ T4830] loop0: detected capacity change from 0 to 1024
[   62.531007][ T4830] EXT4-fs (loop0): shut down requested (1)
[   62.546346][ T4830] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   62.565385][ T4830] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   62.672903][ T4838] binfmt_misc: register: failed to install interpreter file ./file0
[   62.876549][ T4842] vhci_hcd: invalid port number 254
[   62.981110][ T4851] loop2: detected capacity change from 0 to 1024
[   63.001315][ T4851] EXT4-fs (loop2): shut down requested (1)
[   63.012967][ T4855] loop3: detected capacity change from 0 to 512
[   63.020556][ T4851] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[   63.031145][ T4855] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   63.051917][ T4851] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[   63.072279][ T4855] EXT4-fs (loop3): 1 truncate cleaned up
[   63.103435][ T4861] loop1: detected capacity change from 0 to 512
[   63.111543][ T4861] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   63.129388][ T4861] EXT4-fs (loop1): 1 truncate cleaned up
[   63.234095][ T4871] netlink: 'syz.1.472': attribute type 27 has an invalid length.
[   63.247620][ T4872] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   63.330609][ T4881] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   63.347430][ T4881] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   63.348751][ T4871] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   63.366422][ T4871] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   63.395919][ T4881] 
@0Ù: renamed from bond_slave_1 (while UP)
[   63.413584][ T4168] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   63.424655][ T4168] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   63.434773][ T4168] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   63.443378][ T4168] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   63.476415][ T4885] vhci_hcd: invalid port number 254
[   63.529068][   T29] kauditd_printk_skb: 398 callbacks suppressed
[   63.529084][   T29] audit: type=1326 audit(1761005784.349:3160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4888 comm="syz.3.478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cd382efc9 code=0x7ffc0000
[   63.560719][   T29] audit: type=1326 audit(1761005784.349:3161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4888 comm="syz.3.478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7f6cd382efc9 code=0x7ffc0000
[   63.584194][   T29] audit: type=1326 audit(1761005784.349:3162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4888 comm="syz.3.478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cd382efc9 code=0x7ffc0000
[   63.607562][   T29] audit: type=1326 audit(1761005784.349:3163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4888 comm="syz.3.478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f6cd382efc9 code=0x7ffc0000
[   63.631018][   T29] audit: type=1326 audit(1761005784.349:3164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4888 comm="syz.3.478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cd382efc9 code=0x7ffc0000
[   63.654485][   T29] audit: type=1326 audit(1761005784.349:3165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4888 comm="syz.3.478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6cd382efc9 code=0x7ffc0000
[   63.677857][   T29] audit: type=1326 audit(1761005784.349:3166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4888 comm="syz.3.478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cd382efc9 code=0x7ffc0000
[   63.701237][   T29] audit: type=1326 audit(1761005784.349:3167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4888 comm="syz.3.478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6cd382efc9 code=0x7ffc0000
[   63.725407][   T29] audit: type=1326 audit(1761005784.349:3168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4888 comm="syz.3.478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cd382efc9 code=0x7ffc0000
[   63.749319][   T29] audit: type=1326 audit(1761005784.349:3169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4888 comm="syz.3.478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6cd382efc9 code=0x7ffc0000
[   63.884212][ T4897] loop2: detected capacity change from 0 to 512
[   63.891297][ T4899] netlink: 24 bytes leftover after parsing attributes in process `syz.1.482'.
[   63.900661][ T4899] IPVS: Error during creation of socket; terminating
[   63.908674][ T4897] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   63.940453][ T4897] EXT4-fs (loop2): 1 truncate cleaned up
[   64.015255][ T4907] loop1: detected capacity change from 0 to 1024
[   64.045852][ T4909] binfmt_misc: register: failed to install interpreter file ./file0
[   64.079956][ T4907] EXT4-fs (loop1): shut down requested (1)
[   64.104552][ T4907] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=15
[   64.115299][ T4907] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=15
[   64.130812][ T4917] vhci_hcd: invalid port number 254
[   64.216886][ T4928] netlink: 28 bytes leftover after parsing attributes in process `syz.2.493'.
[   64.229390][ T4928] loop2: detected capacity change from 0 to 512
[   64.236175][ T4929] loop4: detected capacity change from 0 to 1024
[   64.236473][ T4928] ext4: Unknown parameter 'smackfsroot'
[   64.261408][ T4929] EXT4-fs (loop4): shut down requested (1)
[   64.284370][ T4929] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=15
[   64.302458][ T4929] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=15
[   64.804984][ T4941] FAULT_INJECTION: forcing a failure.
[   64.804984][ T4941] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   64.818141][ T4941] CPU: 1 UID: 0 PID: 4941 Comm: syz.1.497 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   64.818171][ T4941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   64.818185][ T4941] Call Trace:
[   64.818191][ T4941]  <TASK>
[   64.818245][ T4941]  __dump_stack+0x1d/0x30
[   64.818272][ T4941]  dump_stack_lvl+0xe8/0x140
[   64.818372][ T4941]  dump_stack+0x15/0x1b
[   64.818434][ T4941]  should_fail_ex+0x265/0x280
[   64.818460][ T4941]  should_fail+0xb/0x20
[   64.818491][ T4941]  should_fail_usercopy+0x1a/0x20
[   64.818530][ T4941]  _copy_to_user+0x20/0xa0
[   64.818547][ T4941]  simple_read_from_buffer+0xb5/0x130
[   64.818603][ T4941]  proc_fail_nth_read+0x10e/0x150
[   64.818624][ T4941]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   64.818713][ T4941]  vfs_read+0x1a8/0x770
[   64.818790][ T4941]  ? __rcu_read_unlock+0x4f/0x70
[   64.818820][ T4941]  ? __fget_files+0x184/0x1c0
[   64.818840][ T4941]  ksys_read+0xda/0x1a0
[   64.818888][ T4941]  __x64_sys_read+0x40/0x50
[   64.818905][ T4941]  x64_sys_call+0x27c0/0x3000
[   64.818930][ T4941]  do_syscall_64+0xd2/0x200
[   64.818955][ T4941]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   64.819050][ T4941]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   64.819071][ T4941]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.819153][ T4941] RIP: 0033:0x7f8d7662d9dc
[   64.819169][ T4941] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   64.819185][ T4941] RSP: 002b:00007f8d7508f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   64.819205][ T4941] RAX: ffffffffffffffda RBX: 00007f8d76885fa0 RCX: 00007f8d7662d9dc
[   64.819291][ T4941] RDX: 000000000000000f RSI: 00007f8d7508f0a0 RDI: 0000000000000006
[   64.819301][ T4941] RBP: 00007f8d7508f090 R08: 0000000000000000 R09: 0000000000000000
[   64.819366][ T4941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   64.819376][ T4941] R13: 00007f8d76886038 R14: 00007f8d76885fa0 R15: 00007fff6fb37658
[   64.819391][ T4941]  </TASK>
[   65.111715][ T4950] loop4: detected capacity change from 0 to 512
[   65.118834][ T4950] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   65.135656][ T4950] EXT4-fs (loop4): 1 truncate cleaned up
[   65.308878][ T4966] binfmt_misc: register: failed to install interpreter file ./file0
[   65.563777][ T4981] loop0: detected capacity change from 0 to 1024
[   65.607199][ T4981] EXT4-fs (loop0): shut down requested (1)
[   65.637031][ T4981] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   65.645854][ T4981] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   65.666670][ T4988] loop2: detected capacity change from 0 to 512
[   65.674256][ T4972] netlink: 16 bytes leftover after parsing attributes in process `syz.1.510'.
[   65.684491][ T4988] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   65.702688][ T4990] netlink: 24 bytes leftover after parsing attributes in process `syz.3.517'.
[   65.717004][ T4988] EXT4-fs (loop2): 1 truncate cleaned up
[   65.729440][ T4990] IPVS: Error during creation of socket; terminating
[   65.750990][ T4972] loop1: detected capacity change from 0 to 512
[   65.764778][ T4972] ext4: Unknown parameter 'pcr'
[   65.867193][ T5000] binfmt_misc: register: failed to install interpreter file ./file0
[   65.946496][ T5005] vhci_hcd: invalid port number 254
[   66.065238][ T5022] vhci_hcd: invalid port number 254
[   66.130580][ T5028] netlink: 24 bytes leftover after parsing attributes in process `syz.2.530'.
[   66.143709][ T5028] IPVS: Error during creation of socket; terminating
[   66.195429][ T5033] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5033 comm=syz.1.532
[   66.293460][ T5036] netlink: 'syz.3.533': attribute type 4 has an invalid length.
[   66.301331][ T5036] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.533'.
[   66.352832][ T5039] binfmt_misc: register: failed to install interpreter file ./file0
[   66.516502][ T5052] vhci_hcd: invalid port number 254
[   66.569764][ T5063] loop1: detected capacity change from 0 to 512
[   66.578608][ T5063] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   66.604206][ T5063] EXT4-fs (loop1): 1 truncate cleaned up
[   66.722373][ T5067] loop2: detected capacity change from 0 to 1024
[   66.756245][ T5067] EXT4-fs (loop2): shut down requested (1)
[   66.772910][ T5075] loop3: detected capacity change from 0 to 1024
[   66.785073][ T5067] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[   66.796835][ T5067] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[   66.801790][ T5075] EXT4-fs (loop3): shut down requested (1)
[   66.813483][ T5075] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   66.822468][ T5075] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   66.905586][ T5089] FAULT_INJECTION: forcing a failure.
[   66.905586][ T5089] name failslab, interval 1, probability 0, space 0, times 0
[   66.918272][ T5089] CPU: 1 UID: 0 PID: 5089 Comm: syz.3.554 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   66.918364][ T5089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   66.918378][ T5089] Call Trace:
[   66.918424][ T5089]  <TASK>
[   66.918431][ T5089]  __dump_stack+0x1d/0x30
[   66.918461][ T5089]  dump_stack_lvl+0xe8/0x140
[   66.918489][ T5089]  dump_stack+0x15/0x1b
[   66.918584][ T5089]  should_fail_ex+0x265/0x280
[   66.918683][ T5089]  should_failslab+0x8c/0xb0
[   66.918706][ T5089]  kmem_cache_alloc_noprof+0x50/0x480
[   66.918728][ T5089]  ? audit_log_start+0x342/0x720
[   66.918778][ T5089]  audit_log_start+0x342/0x720
[   66.918808][ T5089]  ? kstrtouint+0x76/0xc0
[   66.918917][ T5089]  audit_seccomp+0x48/0x100
[   66.918988][ T5089]  ? __seccomp_filter+0x82d/0x1250
[   66.919009][ T5089]  __seccomp_filter+0x83e/0x1250
[   66.919118][ T5089]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   66.919143][ T5089]  ? vfs_write+0x7e8/0x960
[   66.919168][ T5089]  __secure_computing+0x82/0x150
[   66.919189][ T5089]  syscall_trace_enter+0xcf/0x1e0
[   66.919251][ T5089]  do_syscall_64+0xac/0x200
[   66.919351][ T5089]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   66.919372][ T5089]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   66.919401][ T5089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.919492][ T5089] RIP: 0033:0x7f6cd382efc9
[   66.919508][ T5089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.919526][ T5089] RSP: 002b:00007f6cd2297038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c0
[   66.919549][ T5089] RAX: ffffffffffffffda RBX: 00007f6cd3a85fa0 RCX: 00007f6cd382efc9
[   66.919562][ T5089] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000000
[   66.919574][ T5089] RBP: 00007f6cd2297090 R08: 0000000000000000 R09: 0000000000000000
[   66.919586][ T5089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.919598][ T5089] R13: 00007f6cd3a86038 R14: 00007f6cd3a85fa0 R15: 00007ffc9254cf78
[   66.919635][ T5089]  </TASK>
[   67.149460][ T5091] loop3: detected capacity change from 0 to 512
[   67.162157][ T5091] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   67.173914][ T5091] EXT4-fs (loop3): 1 truncate cleaned up
[   67.265104][ T5097] netlink: 24 bytes leftover after parsing attributes in process `syz.1.558'.
[   67.287869][ T5097] IPVS: Error during creation of socket; terminating
[   67.385528][ T5113] loop3: detected capacity change from 0 to 128
[   67.387917][ T5112] loop0: detected capacity change from 0 to 1024
[   67.412622][ T5112] EXT4-fs (loop0): shut down requested (1)
[   67.418812][ T5112] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   67.427771][ T5112] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   67.512064][ T5119] binfmt_misc: register: failed to install interpreter file ./file0
[   67.676719][ T5131] loop2: detected capacity change from 0 to 512
[   67.687788][ T5127] syzkaller0: entered promiscuous mode
[   67.693318][ T5127] syzkaller0: entered allmulticast mode
[   67.713864][ T5131] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   67.761283][ T5131] EXT4-fs (loop2): 1 truncate cleaned up
[   67.853462][ T5113] syz.3.566: attempt to access beyond end of device
[   67.853462][ T5113] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[   67.866824][ T5113] Buffer I/O error on dev loop3, logical block 128, lost async page write
[   67.902638][ T5120] syz.3.566: attempt to access beyond end of device
[   67.902638][ T5120] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[   67.916073][ T5120] Buffer I/O error on dev loop3, logical block 128, lost async page write
[   67.949219][ T5139] netlink: 24 bytes leftover after parsing attributes in process `syz.4.573'.
[   67.968650][ T5139] IPVS: Error during creation of socket; terminating
[   68.076146][ T5147] loop3: detected capacity change from 0 to 1024
[   68.098412][ T5147] EXT4-fs (loop3): shut down requested (1)
[   68.106035][ T5147] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   68.114897][ T5147] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   68.241566][ T5160] loop3: detected capacity change from 0 to 512
[   68.257415][ T5160] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   68.296867][ T5160] EXT4-fs (loop3): 1 truncate cleaned up
[   68.364325][ T5163] loop0: detected capacity change from 0 to 1024
[   68.423064][ T5166] loop3: detected capacity change from 0 to 128
[   68.429779][ T5163] EXT4-fs (loop0): shut down requested (1)
[   68.442103][ T5163] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   68.452455][ T5163] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   68.468394][ T5166] /dev/loop3: Can't open blockdev
[   68.538448][ T5171] loop3: detected capacity change from 0 to 128
[   68.551713][ T5175] FAULT_INJECTION: forcing a failure.
[   68.551713][ T5175] name failslab, interval 1, probability 0, space 0, times 0
[   68.564454][ T5175] CPU: 1 UID: 0 PID: 5175 Comm: syz.1.584 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   68.564647][ T5175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   68.564658][ T5175] Call Trace:
[   68.564663][ T5175]  <TASK>
[   68.564669][ T5175]  __dump_stack+0x1d/0x30
[   68.564849][ T5175]  dump_stack_lvl+0xe8/0x140
[   68.564961][ T5175]  dump_stack+0x15/0x1b
[   68.564991][ T5175]  should_fail_ex+0x265/0x280
[   68.565086][ T5175]  should_failslab+0x8c/0xb0
[   68.565106][ T5175]  __kmalloc_noprof+0xa5/0x570
[   68.565126][ T5175]  ? bpf_test_init+0x86/0x140
[   68.565194][ T5175]  bpf_test_init+0x86/0x140
[   68.565218][ T5175]  bpf_prog_test_run_xdp+0x305/0x970
[   68.565288][ T5175]  ? kstrtouint+0x31/0xc0
[   68.565370][ T5175]  ? __rcu_read_unlock+0x4f/0x70
[   68.565407][ T5175]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   68.565442][ T5175]  bpf_prog_test_run+0x22a/0x390
[   68.565510][ T5175]  __sys_bpf+0x4c0/0x7c0
[   68.565565][ T5175]  __x64_sys_bpf+0x41/0x50
[   68.565668][ T5175]  x64_sys_call+0x2aee/0x3000
[   68.565698][ T5175]  do_syscall_64+0xd2/0x200
[   68.565741][ T5175]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   68.565761][ T5175]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   68.565787][ T5175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.565808][ T5175] RIP: 0033:0x7f8d7662efc9
[   68.565822][ T5175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.565851][ T5175] RSP: 002b:00007f8d7508f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   68.565876][ T5175] RAX: ffffffffffffffda RBX: 00007f8d76885fa0 RCX: 00007f8d7662efc9
[   68.565888][ T5175] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[   68.565902][ T5175] RBP: 00007f8d7508f090 R08: 0000000000000000 R09: 0000000000000000
[   68.565915][ T5175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.565929][ T5175] R13: 00007f8d76886038 R14: 00007f8d76885fa0 R15: 00007fff6fb37658
[   68.565947][ T5175]  </TASK>
[   68.569537][ T5177] binfmt_misc: register: failed to install interpreter file ./file0
[   68.685685][   T29] kauditd_printk_skb: 551 callbacks suppressed
[   68.685704][   T29] audit: type=1326 audit(1761005789.499:3719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5179 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7662efc9 code=0x7ffc0000
[   68.803875][   T29] audit: type=1326 audit(1761005789.589:3720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5179 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7f8d7662efc9 code=0x7ffc0000
[   68.827478][   T29] audit: type=1326 audit(1761005789.589:3721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5179 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7662efc9 code=0x7ffc0000
[   68.850917][   T29] audit: type=1326 audit(1761005789.589:3722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5179 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7662efc9 code=0x7ffc0000
[   68.874318][   T29] audit: type=1326 audit(1761005789.589:3723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5179 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f8d7662efc9 code=0x7ffc0000
[   68.897655][   T29] audit: type=1326 audit(1761005789.589:3724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5179 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7662efc9 code=0x7ffc0000
[   68.921075][   T29] audit: type=1326 audit(1761005789.589:3725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5179 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7662efc9 code=0x7ffc0000
[   68.944490][   T29] audit: type=1326 audit(1761005789.589:3726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5179 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f8d7662efc9 code=0x7ffc0000
[   68.967831][   T29] audit: type=1326 audit(1761005789.589:3727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5179 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d7662efc9 code=0x7ffc0000
[   68.991181][   T29] audit: type=1326 audit(1761005789.589:3728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5179 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7f8d7662efc9 code=0x7ffc0000
[   69.084222][ T5189] loop0: detected capacity change from 0 to 1024
[   69.099371][ T5189] EXT4-fs (loop0): shut down requested (1)
[   69.105899][ T5189] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   69.114888][ T5189] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   69.152213][ T5171] syz.3.585: attempt to access beyond end of device
[   69.152213][ T5171] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[   69.165615][ T5171] Buffer I/O error on dev loop3, logical block 128, lost async page write
[   69.206247][ T5178] syz.3.585: attempt to access beyond end of device
[   69.206247][ T5178] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[   69.219726][ T5178] Buffer I/O error on dev loop3, logical block 128, lost async page write
[   69.246454][ T5178] syz.3.585: attempt to access beyond end of device
[   69.246454][ T5178] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[   69.259904][ T5178] Buffer I/O error on dev loop3, logical block 128, lost async page write
[   69.342115][ T5208] binfmt_misc: register: failed to install interpreter file ./file0
[   69.511174][ T5220] netlink: 8 bytes leftover after parsing attributes in process `syz.1.602'.
[   69.682030][ T5223] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[   69.690778][ T5223] ref_ctr increment failed for inode: 0x326 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88811b380000
[   69.858015][ T5236] loop0: detected capacity change from 0 to 128
[   69.892946][ T5238] netlink: 'syz.1.611': attribute type 11 has an invalid length.
[   69.938252][ T5238] Failed to initialize the IGMP autojoin socket (err -2)
[   70.054484][ T5251] loop1: detected capacity change from 0 to 1024
[   70.063347][ T5252] netlink: 8 bytes leftover after parsing attributes in process `syz.4.614'.
[   70.083910][ T5251] EXT4-fs mount: 44 callbacks suppressed
[   70.083925][ T5251] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.102545][ T5251] EXT4-fs (loop1): shut down requested (1)
[   70.108952][ T5251] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=15
[   70.117802][ T5251] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=15
[   70.147122][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.244135][ T5259] loop1: detected capacity change from 0 to 2048
[   70.269004][ T5259] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.284797][ T5236] syz.0.610: attempt to access beyond end of device
[   70.284797][ T5236] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128
[   70.298171][ T5236] Buffer I/O error on dev loop0, logical block 128, lost async page write
[   70.298317][ T5259] ext4 filesystem being mounted at /153/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   70.371457][ T5236] syz.0.610: attempt to access beyond end of device
[   70.371457][ T5236] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128
[   70.384838][ T5236] Buffer I/O error on dev loop0, logical block 128, lost async page write
[   70.455255][ T5266] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.617: bg 0: block 345: padding at end of block bitmap is not set
[   70.492937][ T5266] EXT4-fs (loop1): Remounting filesystem read-only
[   70.556347][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.599603][ T5281] loop0: detected capacity change from 0 to 512
[   70.608207][ T5281] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   70.630751][ T5281] EXT4-fs (loop0): 1 truncate cleaned up
[   70.640130][ T5281] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.711341][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.800083][ T5292] netlink: 'syz.4.630': attribute type 21 has an invalid length.
[   70.858221][ T5296] binfmt_misc: register: failed to install interpreter file ./file0
[   70.881245][ T5298] loop4: detected capacity change from 0 to 128
[   70.914567][ T5300] loop0: detected capacity change from 0 to 1024
[   70.928210][ T5307] binfmt_misc: register: failed to install interpreter file ./file0
[   70.998850][ T5300] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.031583][ T5300] EXT4-fs (loop0): shut down requested (1)
[   71.043092][ T5300] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   71.065203][ T5300] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   71.113046][ T5324] loop3: detected capacity change from 0 to 1024
[   71.128171][ T5324] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.141344][ T5324] EXT4-fs (loop3): shut down requested (1)
[   71.147652][ T5324] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   71.156515][ T5324] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   71.178876][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.219374][ T5328] binfmt_misc: register: failed to install interpreter file ./file0
[   71.259100][ T5330] netlink: 132 bytes leftover after parsing attributes in process `syz.1.645'.
[   71.315083][ T5332] loop3: detected capacity change from 0 to 164
[   71.345271][ T5332] Unable to read rock-ridge attributes
[   71.375386][ T5332] Failed to initialize the IGMP autojoin socket (err -2)
[   71.438354][ T5318] syz.4.633: attempt to access beyond end of device
[   71.438354][ T5318] loop4: rw=2049, sector=128, nr_sectors = 1 limit=128
[   71.451797][ T5318] Buffer I/O error on dev loop4, logical block 128, lost async page write
[   71.469429][ T5298] syz.4.633: attempt to access beyond end of device
[   71.469429][ T5298] loop4: rw=2049, sector=128, nr_sectors = 1 limit=128
[   71.482884][ T5298] Buffer I/O error on dev loop4, logical block 128, lost async page write
[   71.495447][ T5343] netlink: 16 bytes leftover after parsing attributes in process `syz.2.649'.
[   71.605541][ T5359] binfmt_misc: register: failed to install interpreter file ./file0
[   71.624560][ T5360] netlink: 8 bytes leftover after parsing attributes in process `syz.1.654'.
[   71.651383][ T5362] netlink: 16 bytes leftover after parsing attributes in process `syz.4.652'.
[   71.696828][ T5365] vhci_hcd: invalid port number 254
[   71.753702][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.778566][ T5376] loop3: detected capacity change from 0 to 512
[   71.785231][ T5378] loop1: detected capacity change from 0 to 1024
[   71.793929][ T5376] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   71.822935][ T5376] EXT4-fs (loop3): 1 truncate cleaned up
[   71.827324][ T5380] loop7: detected capacity change from 0 to 16384
[   71.838650][ T5376] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.885170][ T5378] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.947591][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.983122][ T5393] netlink: 24 bytes leftover after parsing attributes in process `syz.4.667'.
[   71.995722][ T5393] IPVS: Error during creation of socket; terminating
[   72.002820][ T5386] loop7: detected capacity change from 16384 to 0
[   72.009418][    C1] I/O error, dev loop7, sector 6016 op 0x0:(READ) flags 0x80700 phys_seg 30 prio class 2
[   72.081921][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.176076][ T5405] netlink: 8 bytes leftover after parsing attributes in process `syz.0.673'.
[   72.311427][ T5418] loop1: detected capacity change from 0 to 1024
[   72.317795][ T5417] vhci_hcd: invalid port number 254
[   72.339679][ T5418] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.369823][ T5418] EXT4-fs (loop1): shut down requested (1)
[   72.383459][ T5418] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=15
[   72.405845][ T5418] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=15
[   72.435453][ T5415] netlink: 16 bytes leftover after parsing attributes in process `syz.3.675'.
[   72.512692][ T5429] loop0: detected capacity change from 0 to 1024
[   72.527487][ T5429] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.540583][ T5429] EXT4-fs (loop0): shut down requested (1)
[   72.547127][ T5429] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   72.555966][ T5429] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   72.577183][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.596877][ T5440] FAULT_INJECTION: forcing a failure.
[   72.596877][ T5440] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   72.610057][ T5440] CPU: 1 UID: 0 PID: 5440 Comm: syz.0.682 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   72.610100][ T5440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   72.610184][ T5440] Call Trace:
[   72.610189][ T5440]  <TASK>
[   72.610195][ T5440]  __dump_stack+0x1d/0x30
[   72.610223][ T5440]  dump_stack_lvl+0xe8/0x140
[   72.610248][ T5440]  dump_stack+0x15/0x1b
[   72.610328][ T5440]  should_fail_ex+0x265/0x280
[   72.610370][ T5440]  should_fail+0xb/0x20
[   72.610430][ T5440]  should_fail_usercopy+0x1a/0x20
[   72.610457][ T5440]  _copy_from_iter+0xd2/0xe80
[   72.610472][ T5440]  ? __build_skb_around+0x1ab/0x200
[   72.610506][ T5440]  ? __alloc_skb+0x223/0x320
[   72.610529][ T5440]  netlink_sendmsg+0x471/0x6b0
[   72.610579][ T5440]  ? __pfx_netlink_sendmsg+0x10/0x10
[   72.610633][ T5440]  __sock_sendmsg+0x145/0x180
[   72.610651][ T5440]  ____sys_sendmsg+0x31e/0x4e0
[   72.610678][ T5440]  ___sys_sendmsg+0x17b/0x1d0
[   72.610783][ T5440]  __x64_sys_sendmsg+0xd4/0x160
[   72.610812][ T5440]  x64_sys_call+0x191e/0x3000
[   72.610838][ T5440]  do_syscall_64+0xd2/0x200
[   72.610862][ T5440]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   72.610880][ T5440]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   72.610912][ T5440]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.610929][ T5440] RIP: 0033:0x7f3a113cefc9
[   72.610941][ T5440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.610969][ T5440] RSP: 002b:00007f3a0fe2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   72.611006][ T5440] RAX: ffffffffffffffda RBX: 00007f3a11625fa0 RCX: 00007f3a113cefc9
[   72.611017][ T5440] RDX: 0000000000000018 RSI: 0000200000000540 RDI: 0000000000000008
[   72.611027][ T5440] RBP: 00007f3a0fe2f090 R08: 0000000000000000 R09: 0000000000000000
[   72.611037][ T5440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   72.611047][ T5440] R13: 00007f3a11626038 R14: 00007f3a11625fa0 R15: 00007fff5c634b78
[   72.611064][ T5440]  </TASK>
[   72.894841][ T5450] binfmt_misc: register: failed to install interpreter file ./file0
[   73.025362][ T5457] loop2: detected capacity change from 0 to 128
[   73.072991][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.403669][ T5476] netlink: 8 bytes leftover after parsing attributes in process `syz.0.696'.
[   73.409570][ T5457] syz.2.690: attempt to access beyond end of device
[   73.409570][ T5457] loop2: rw=2049, sector=128, nr_sectors = 1 limit=128
[   73.425783][ T5457] Buffer I/O error on dev loop2, logical block 128, lost async page write
[   73.449294][ T5458] syz.2.690: attempt to access beyond end of device
[   73.449294][ T5458] loop2: rw=2049, sector=128, nr_sectors = 1 limit=128
[   73.462748][ T5458] Buffer I/O error on dev loop2, logical block 128, lost async page write
[   73.463375][ T5458] syz.2.690: attempt to access beyond end of device
[   73.463375][ T5458] loop2: rw=2049, sector=128, nr_sectors = 1 limit=128
[   73.463399][ T5458] Buffer I/O error on dev loop2, logical block 128, lost async page write
[   73.541261][ T5478] loop1: detected capacity change from 0 to 1024
[   73.567011][ T5478] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.580841][ T5478] EXT4-fs (loop1): shut down requested (1)
[   73.587582][ T5478] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=15
[   73.596493][ T5478] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=15
[   73.611861][ T5480] syzkaller0: entered allmulticast mode
[   73.625947][ T5484] syzkaller0: entered promiscuous mode
[   73.640222][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.657324][ T5480] syzkaller0 (unregistering): left allmulticast mode
[   73.664057][ T5480] syzkaller0 (unregistering): left promiscuous mode
[   73.753357][   T29] kauditd_printk_skb: 724 callbacks suppressed
[   73.753387][   T29] audit: type=1326 audit(1761005794.569:4453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5494 comm="syz.0.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   73.794857][ T5500] netlink: 16 bytes leftover after parsing attributes in process `syz.3.702'.
[   73.809820][   T29] audit: type=1326 audit(1761005794.569:4454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5494 comm="syz.0.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   73.833102][   T29] audit: type=1326 audit(1761005794.569:4455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5494 comm="syz.0.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   73.856461][   T29] audit: type=1326 audit(1761005794.569:4456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5494 comm="syz.0.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   73.879796][   T29] audit: type=1326 audit(1761005794.569:4457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5494 comm="syz.0.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   73.903231][   T29] audit: type=1326 audit(1761005794.569:4458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5494 comm="syz.0.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   73.910331][ T5505] binfmt_misc: register: failed to install interpreter file ./file0
[   73.926700][   T29] audit: type=1326 audit(1761005794.569:4459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5494 comm="syz.0.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   73.958199][ T5500] loop3: detected capacity change from 0 to 512
[   73.958245][   T29] audit: type=1326 audit(1761005794.569:4460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5494 comm="syz.0.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   73.975654][ T5500] ext4: Unknown parameter 'pcr'
[   73.987670][   T29] audit: type=1326 audit(1761005794.569:4461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5494 comm="syz.0.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   73.987712][   T29] audit: type=1326 audit(1761005794.569:4462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5494 comm="syz.0.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   74.248343][ T5516] FAULT_INJECTION: forcing a failure.
[   74.248343][ T5516] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   74.261634][ T5516] CPU: 0 UID: 0 PID: 5516 Comm: syz.4.711 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   74.261662][ T5516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   74.261752][ T5516] Call Trace:
[   74.261759][ T5516]  <TASK>
[   74.261767][ T5516]  __dump_stack+0x1d/0x30
[   74.261844][ T5516]  dump_stack_lvl+0xe8/0x140
[   74.261898][ T5516]  dump_stack+0x15/0x1b
[   74.261929][ T5516]  should_fail_ex+0x265/0x280
[   74.261974][ T5516]  should_fail_alloc_page+0xf2/0x100
[   74.262002][ T5516]  __alloc_frozen_pages_noprof+0xff/0x360
[   74.262124][ T5516]  alloc_pages_mpol+0xb3/0x260
[   74.262153][ T5516]  alloc_pages_noprof+0x90/0x130
[   74.262182][ T5516]  alloc_skb_with_frags+0x193/0x470
[   74.262214][ T5516]  sock_alloc_send_pskb+0x430/0x4e0
[   74.262259][ T5516]  tun_get_user+0x9b3/0x26e0
[   74.262385][ T5516]  ? ref_tracker_alloc+0x1f2/0x2f0
[   74.262423][ T5516]  ? selinux_file_permission+0x1e4/0x320
[   74.262447][ T5516]  tun_chr_write_iter+0x15e/0x210
[   74.262473][ T5516]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   74.262577][ T5516]  vfs_write+0x52a/0x960
[   74.262605][ T5516]  ksys_write+0xda/0x1a0
[   74.262622][ T5516]  __x64_sys_write+0x40/0x50
[   74.262639][ T5516]  x64_sys_call+0x2802/0x3000
[   74.262670][ T5516]  do_syscall_64+0xd2/0x200
[   74.262756][ T5516]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   74.262780][ T5516]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   74.262810][ T5516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.262834][ T5516] RIP: 0033:0x7efe20f8efc9
[   74.262906][ T5516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.262923][ T5516] RSP: 002b:00007efe1f9f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   74.262945][ T5516] RAX: ffffffffffffffda RBX: 00007efe211e5fa0 RCX: 00007efe20f8efc9
[   74.262998][ T5516] RDX: 0000000000000ffe RSI: 00002000000000c0 RDI: 0000000000000003
[   74.263012][ T5516] RBP: 00007efe1f9f7090 R08: 0000000000000000 R09: 0000000000000000
[   74.263023][ T5516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.263037][ T5516] R13: 00007efe211e6038 R14: 00007efe211e5fa0 R15: 00007ffea0f9a7e8
[   74.263128][ T5516]  </TASK>
[   74.485789][ T5518] FAULT_INJECTION: forcing a failure.
[   74.485789][ T5518] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   74.498896][ T5518] CPU: 1 UID: 0 PID: 5518 Comm: syz.3.712 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   74.498956][ T5518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   74.498972][ T5518] Call Trace:
[   74.498980][ T5518]  <TASK>
[   74.498988][ T5518]  __dump_stack+0x1d/0x30
[   74.499026][ T5518]  dump_stack_lvl+0xe8/0x140
[   74.499138][ T5518]  dump_stack+0x15/0x1b
[   74.499170][ T5518]  should_fail_ex+0x265/0x280
[   74.499248][ T5518]  should_fail+0xb/0x20
[   74.499278][ T5518]  should_fail_usercopy+0x1a/0x20
[   74.499309][ T5518]  _copy_to_user+0x20/0xa0
[   74.499336][ T5518]  simple_read_from_buffer+0xb5/0x130
[   74.499444][ T5518]  proc_fail_nth_read+0x10e/0x150
[   74.499539][ T5518]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   74.499569][ T5518]  vfs_read+0x1a8/0x770
[   74.499628][ T5518]  ? __rcu_read_unlock+0x4f/0x70
[   74.499665][ T5518]  ? __fget_files+0x184/0x1c0
[   74.499692][ T5518]  ksys_read+0xda/0x1a0
[   74.499716][ T5518]  __x64_sys_read+0x40/0x50
[   74.499739][ T5518]  x64_sys_call+0x27c0/0x3000
[   74.499870][ T5518]  do_syscall_64+0xd2/0x200
[   74.499908][ T5518]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   74.499934][ T5518]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   74.499974][ T5518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.499999][ T5518] RIP: 0033:0x7f6cd382d9dc
[   74.500016][ T5518] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   74.500110][ T5518] RSP: 002b:00007f6cd2297030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   74.500140][ T5518] RAX: ffffffffffffffda RBX: 00007f6cd3a85fa0 RCX: 00007f6cd382d9dc
[   74.500152][ T5518] RDX: 000000000000000f RSI: 00007f6cd22970a0 RDI: 0000000000000005
[   74.500165][ T5518] RBP: 00007f6cd2297090 R08: 0000000000000000 R09: 0000000000000000
[   74.500180][ T5518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.500195][ T5518] R13: 00007f6cd3a86038 R14: 00007f6cd3a85fa0 R15: 00007ffc9254cf78
[   74.500232][ T5518]  </TASK>
[   74.733612][ T5524] loop2: detected capacity change from 0 to 512
[   74.745951][ T5524] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   74.772476][ T5525] loop0: detected capacity change from 0 to 1024
[   74.788924][ T5524] EXT4-fs (loop2): 1 truncate cleaned up
[   74.807130][ T5525] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.808070][ T5524] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.821178][ T5525] EXT4-fs (loop0): shut down requested (1)
[   74.847267][ T5525] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   74.856163][ T5525] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   74.882297][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.884223][ T5534] binfmt_misc: register: failed to install interpreter file ./file0
[   74.905409][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.116111][ T5546] netlink: 16 bytes leftover after parsing attributes in process `syz.1.717'.
[   75.142009][ T5546] loop1: detected capacity change from 0 to 512
[   75.158042][ T5546] ext4: Unknown parameter 'pcr'
[   75.215491][ T5551] loop3: detected capacity change from 0 to 1024
[   75.251780][ T5553] bond0: (slave dummy0): Releasing backup interface
[   75.262981][ T5551] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.291908][ T5559] netlink: 'syz.0.724': attribute type 10 has an invalid length.
[   75.293092][ T5551] EXT4-fs (loop3): shut down requested (1)
[   75.307098][ T5553] bridge_slave_0: left allmulticast mode
[   75.311743][ T5551] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   75.312753][ T5553] bridge_slave_0: left promiscuous mode
[   75.327302][ T5553] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.334722][ T5551] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   75.345402][ T5553] bridge_slave_1: left allmulticast mode
[   75.351126][ T5553] bridge_slave_1: left promiscuous mode
[   75.356813][ T5553] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.384534][ T5553] bond0: (slave bond_slave_0): Releasing backup interface
[   75.408275][ T5553] bond0: (slave 
c
@0Ù): Releasing backup interface
[   75.428322][ T5553] team0: Port device team_slave_0 removed
[   75.450109][ T5553] team0: Port device team_slave_1 removed
[   75.467023][ T5553] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   75.474564][ T5553] batman_adv: batadv0: Removing interface: batadv_slave_0
[   75.496607][ T5553] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   75.504023][ T5553] batman_adv: batadv0: Removing interface: batadv_slave_1
[   75.513519][ T5553] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   75.530855][ T5559] batman_adv: batadv0: Adding interface: veth1_vlan
[   75.537548][ T5559] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   75.564768][ T5559] batman_adv: batadv0: Interface activated: veth1_vlan
[   75.620395][ T5569] loop4: detected capacity change from 0 to 128
[   75.655718][ T5573] loop0: detected capacity change from 0 to 512
[   75.664455][ T5573] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   75.689921][ T5573] EXT4-fs (loop0): 1 truncate cleaned up
[   75.697385][ T5573] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.769514][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.836457][ T5584] vhci_hcd: invalid port number 254
[   75.879416][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.060963][ T5601] loop3: detected capacity change from 0 to 128
[   76.069836][ T5600] loop0: detected capacity change from 0 to 1024
[   76.088473][ T5600] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.101598][ T5600] EXT4-fs (loop0): shut down requested (1)
[   76.113403][ T5600] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   76.122449][ T5600] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   76.142157][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.209922][ T5612] loop2: detected capacity change from 0 to 512
[   76.218826][ T5612] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   76.233878][ T5612] EXT4-fs (loop2): 1 truncate cleaned up
[   76.251316][ T5612] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.301329][ T5620] loop0: detected capacity change from 0 to 128
[   76.339691][ T5622] binfmt_misc: register: failed to install interpreter file ./file0
[   76.373748][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.407364][ T5624] vhci_hcd: invalid port number 254
[   76.478534][ T5628] loop2: detected capacity change from 0 to 164
[   76.505491][ T5628] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   76.531304][ T5601] syz.3.741: attempt to access beyond end of device
[   76.531304][ T5601] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[   76.544720][ T5601] Buffer I/O error on dev loop3, logical block 128, lost async page write
[   76.554048][ T5606] syz.3.741: attempt to access beyond end of device
[   76.554048][ T5606] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[   76.567540][ T5606] Buffer I/O error on dev loop3, logical block 128, lost async page write
[   76.579528][ T5606] syz.3.741: attempt to access beyond end of device
[   76.579528][ T5606] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[   76.592955][ T5606] Buffer I/O error on dev loop3, logical block 128, lost async page write
[   76.657610][ T5642] __nla_validate_parse: 2 callbacks suppressed
[   76.657623][ T5642] netlink: 140 bytes leftover after parsing attributes in process `syz.1.757'.
[   76.694559][ T5638] netlink: 16 bytes leftover after parsing attributes in process `syz.4.755'.
[   76.749253][ T5638] loop4: detected capacity change from 0 to 512
[   76.758666][ T5638] ext4: Unknown parameter 'pcr'
[   76.943647][ T5629] syz.0.748: attempt to access beyond end of device
[   76.943647][ T5629] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128
[   76.944853][ T5653] netlink: 16 bytes leftover after parsing attributes in process `syz.1.760'.
[   76.957102][ T5629] Buffer I/O error on dev loop0, logical block 128, lost async page write
[   76.975951][ T5629] syz.0.748: attempt to access beyond end of device
[   76.975951][ T5629] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128
[   76.976926][ T5652] loop2: detected capacity change from 0 to 1024
[   76.989423][ T5629] Buffer I/O error on dev loop0, logical block 128, lost async page write
[   77.015857][ T5655] loop3: detected capacity change from 0 to 512
[   77.028043][ T5656] loop1: detected capacity change from 0 to 512
[   77.045080][ T5656] ext4: Unknown parameter 'pcr'
[   77.056263][ T5655] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   77.083700][ T5652] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.084235][ T5663] netlink: 24 bytes leftover after parsing attributes in process `syz.4.765'.
[   77.108039][ T5665] binfmt_misc: register: failed to install interpreter file ./file0
[   77.122237][ T5663] IPVS: Error during creation of socket; terminating
[   77.129936][ T5655] EXT4-fs (loop3): 1 truncate cleaned up
[   77.149446][ T5652] EXT4-fs (loop2): shut down requested (1)
[   77.149707][ T5655] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.169915][ T5652] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[   77.179448][ T5652] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[   77.272743][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.410881][ T5680] loop1: detected capacity change from 0 to 164
[   77.431178][ T5680] Unable to read rock-ridge attributes
[   77.442871][ T5680] Failed to initialize the IGMP autojoin socket (err -2)
[   77.485722][ T5683] loop4: detected capacity change from 0 to 1024
[   77.522325][ T5683] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.537471][ T5683] EXT4-fs (loop4): shut down requested (1)
[   77.543985][ T5683] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=15
[   77.570692][ T5683] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=15
[   77.579909][ T5694] loop1: detected capacity change from 0 to 128
[   77.639578][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.643076][ T5698] binfmt_misc: register: failed to install interpreter file ./file0
[   77.769441][ T5711] loop2: detected capacity change from 0 to 164
[   77.779694][ T5711] Unable to read rock-ridge attributes
[   77.813158][ T5711] Failed to initialize the IGMP autojoin socket (err -2)
[   77.959819][ T5720] netlink: 8 bytes leftover after parsing attributes in process `syz.2.786'.
[   78.027411][ T5699] syz.1.775: attempt to access beyond end of device
[   78.027411][ T5699] loop1: rw=2049, sector=128, nr_sectors = 1 limit=128
[   78.040795][ T5699] Buffer I/O error on dev loop1, logical block 128, lost async page write
[   78.061784][ T5694] syz.1.775: attempt to access beyond end of device
[   78.061784][ T5694] loop1: rw=2049, sector=128, nr_sectors = 1 limit=128
[   78.075161][ T5694] Buffer I/O error on dev loop1, logical block 128, lost async page write
[   78.164869][ T5737] FAULT_INJECTION: forcing a failure.
[   78.164869][ T5737] name failslab, interval 1, probability 0, space 0, times 0
[   78.177658][ T5737] CPU: 1 UID: 0 PID: 5737 Comm: syz.1.792 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   78.177688][ T5737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   78.177707][ T5737] Call Trace:
[   78.177715][ T5737]  <TASK>
[   78.177723][ T5737]  __dump_stack+0x1d/0x30
[   78.177815][ T5737]  dump_stack_lvl+0xe8/0x140
[   78.177843][ T5737]  dump_stack+0x15/0x1b
[   78.177873][ T5737]  should_fail_ex+0x265/0x280
[   78.177910][ T5737]  ? alloc_fdtable+0x8c/0x1d0
[   78.178009][ T5737]  should_failslab+0x8c/0xb0
[   78.178034][ T5737]  __kmalloc_cache_noprof+0x4c/0x4a0
[   78.178065][ T5737]  alloc_fdtable+0x8c/0x1d0
[   78.178105][ T5737]  dup_fd+0x4c7/0x540
[   78.178167][ T5737]  copy_files+0x98/0xf0
[   78.178188][ T5737]  copy_process+0xc5b/0x2000
[   78.178213][ T5737]  kernel_clone+0x16c/0x5c0
[   78.178236][ T5737]  ? vfs_write+0x7e8/0x960
[   78.178352][ T5737]  __x64_sys_clone+0xe6/0x120
[   78.178414][ T5737]  x64_sys_call+0x119c/0x3000
[   78.178452][ T5737]  do_syscall_64+0xd2/0x200
[   78.178480][ T5737]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   78.178535][ T5737]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   78.178633][ T5737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.178715][ T5737] RIP: 0033:0x7f8d7662efc9
[   78.178733][ T5737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.178815][ T5737] RSP: 002b:00007f8d7508efe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   78.178837][ T5737] RAX: ffffffffffffffda RBX: 00007f8d76885fa0 RCX: 00007f8d7662efc9
[   78.178853][ T5737] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
[   78.178867][ T5737] RBP: 00007f8d7508f090 R08: 0000000000000000 R09: 0000000000000000
[   78.178949][ T5737] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[   78.178960][ T5737] R13: 00007f8d76886038 R14: 00007f8d76885fa0 R15: 00007fff6fb37658
[   78.178977][ T5737]  </TASK>
[   78.424484][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.467357][ T5745] netlink: 8 bytes leftover after parsing attributes in process `syz.2.798'.
[   78.498616][ T5738] loop3: detected capacity change from 0 to 1024
[   78.527575][ T5751] loop2: detected capacity change from 0 to 1024
[   78.535460][ T5749] netlink: 16 bytes leftover after parsing attributes in process `syz.0.794'.
[   78.551556][ T5751] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.564596][ T5751] EXT4-fs (loop2): shut down requested (1)
[   78.570992][ T5751] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[   78.579838][ T5751] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[   78.599394][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.599523][ T5738] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.629001][ T5740] loop0: detected capacity change from 0 to 512
[   78.649239][ T5738] EXT4-fs (loop3): shut down requested (1)
[   78.667034][ T5738] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   78.677465][ T5740] ext4: Unknown parameter 'pcr'
[   78.688106][ T5738] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   78.758098][ T5763] netlink: 140 bytes leftover after parsing attributes in process `syz.0.801'.
[   78.803309][ T5767] loop4: detected capacity change from 0 to 128
[   78.851834][ T5771] loop0: detected capacity change from 0 to 164
[   78.860118][ T5775] binfmt_misc: register: failed to install interpreter file ./file0
[   78.882188][ T5771] Unable to read rock-ridge attributes
[   78.889049][   T29] kauditd_printk_skb: 453 callbacks suppressed
[   78.889061][   T29] audit: type=1400 audit(1761005799.709:4914): avc:  denied  { bind } for  pid=5772 comm="syz.2.807" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   78.931345][   T29] audit: type=1326 audit(1761005799.739:4915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5772 comm="syz.2.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69f154efc9 code=0x7ffc0000
[   78.942792][ T5771] Failed to initialize the IGMP autojoin socket (err -2)
[   78.954802][   T29] audit: type=1326 audit(1761005799.739:4916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5772 comm="syz.2.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69f154efc9 code=0x7ffc0000
[   78.985106][   T29] audit: type=1326 audit(1761005799.739:4917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5772 comm="syz.2.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f69f154efc9 code=0x7ffc0000
[   79.008412][   T29] audit: type=1326 audit(1761005799.749:4918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5779 comm="syz.2.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f69f1581885 code=0x7ffc0000
[   79.065913][   T29] audit: type=1400 audit(1761005799.789:4919): avc:  denied  { read } for  pid=5781 comm="syz.1.808" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   79.089065][   T29] audit: type=1400 audit(1761005799.789:4920): avc:  denied  { open } for  pid=5781 comm="syz.1.808" path="/dev/input/event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   79.113096][   T29] audit: type=1326 audit(1761005799.809:4921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5783 comm="syz.2.809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69f154efc9 code=0x7ffc0000
[   79.136420][   T29] audit: type=1326 audit(1761005799.809:4922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5783 comm="syz.2.809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69f154efc9 code=0x7ffc0000
[   79.159839][   T29] audit: type=1326 audit(1761005799.809:4923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5783 comm="syz.2.809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7f69f154efc9 code=0x7ffc0000
[   79.184492][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.250207][ T5794] netlink: 8 bytes leftover after parsing attributes in process `syz.2.810'.
[   79.312953][ T5778] bio_check_eod: 1 callbacks suppressed
[   79.313039][ T5778] syz.4.803: attempt to access beyond end of device
[   79.313039][ T5778] loop4: rw=2049, sector=128, nr_sectors = 1 limit=128
[   79.332015][ T5778] buffer_io_error: 1 callbacks suppressed
[   79.332029][ T5778] Buffer I/O error on dev loop4, logical block 128, lost async page write
[   79.346954][ T5795] netlink: 16 bytes leftover after parsing attributes in process `syz.0.812'.
[   79.360330][ T5767] syz.4.803: attempt to access beyond end of device
[   79.360330][ T5767] loop4: rw=2049, sector=128, nr_sectors = 1 limit=128
[   79.373812][ T5767] Buffer I/O error on dev loop4, logical block 128, lost async page write
[   79.425041][ T5792] loop0: detected capacity change from 0 to 512
[   79.445824][ T5792] ext4: Unknown parameter 'pcr'
[   79.547122][ T5808] binfmt_misc: register: failed to install interpreter file ./file0
[   79.578109][ T5811] FAULT_INJECTION: forcing a failure.
[   79.578109][ T5811] name failslab, interval 1, probability 0, space 0, times 0
[   79.590865][ T5811] CPU: 1 UID: 0 PID: 5811 Comm: syz.2.819 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   79.590912][ T5811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   79.590925][ T5811] Call Trace:
[   79.590932][ T5811]  <TASK>
[   79.590940][ T5811]  __dump_stack+0x1d/0x30
[   79.590975][ T5811]  dump_stack_lvl+0xe8/0x140
[   79.591006][ T5811]  dump_stack+0x15/0x1b
[   79.591086][ T5811]  should_fail_ex+0x265/0x280
[   79.591115][ T5811]  ? alloc_fdtable+0x8c/0x1d0
[   79.591218][ T5811]  should_failslab+0x8c/0xb0
[   79.591241][ T5811]  __kmalloc_cache_noprof+0x4c/0x4a0
[   79.591271][ T5811]  alloc_fdtable+0x8c/0x1d0
[   79.591308][ T5811]  dup_fd+0x4c7/0x540
[   79.591406][ T5811]  copy_files+0x98/0xf0
[   79.591570][ T5811]  copy_process+0xc5b/0x2000
[   79.591603][ T5811]  kernel_clone+0x16c/0x5c0
[   79.591657][ T5811]  ? vfs_write+0x7e8/0x960
[   79.591681][ T5811]  __x64_sys_clone+0xe6/0x120
[   79.591714][ T5811]  x64_sys_call+0x119c/0x3000
[   79.591743][ T5811]  do_syscall_64+0xd2/0x200
[   79.591787][ T5811]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   79.591812][ T5811]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   79.591851][ T5811]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.591871][ T5811] RIP: 0033:0x7f69f154efc9
[   79.591887][ T5811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.591945][ T5811] RSP: 002b:00007f69effaefe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   79.592001][ T5811] RAX: ffffffffffffffda RBX: 00007f69f17a5fa0 RCX: 00007f69f154efc9
[   79.592013][ T5811] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006a000000
[   79.592026][ T5811] RBP: 00007f69effaf090 R08: 0000000000000000 R09: 0000000000000000
[   79.592041][ T5811] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[   79.592055][ T5811] R13: 00007f69f17a6038 R14: 00007f69f17a5fa0 R15: 00007ffcce387f18
[   79.592077][ T5811]  </TASK>
[   80.008195][ T5825] loop3: detected capacity change from 0 to 1024
[   80.046386][ T5825] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.091939][ T5828] loop1: detected capacity change from 0 to 512
[   80.102464][ T5825] EXT4-fs (loop3): shut down requested (1)
[   80.112091][ T5825] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   80.121365][ T5828] ext4: Unknown parameter 'pcr'
[   80.131904][ T5825] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   80.237298][ T5852] loop0: detected capacity change from 0 to 128
[   80.364462][ T5857] loop0: detected capacity change from 0 to 512
[   80.385915][ T5857] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.406173][ T5857] ext4 filesystem being mounted at /165/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.425642][ T5860] loop4: detected capacity change from 0 to 1024
[   80.447524][ T5852] FAULT_INJECTION: forcing a failure.
[   80.447524][ T5852] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   80.461696][ T5852] CPU: 1 UID: 0 PID: 5852 Comm: syz.0.833 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   80.461844][ T5852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   80.461860][ T5852] Call Trace:
[   80.461866][ T5852]  <TASK>
[   80.461872][ T5852]  __dump_stack+0x1d/0x30
[   80.461974][ T5852]  dump_stack_lvl+0xe8/0x140
[   80.462034][ T5852]  dump_stack+0x15/0x1b
[   80.462063][ T5852]  should_fail_ex+0x265/0x280
[   80.462091][ T5852]  should_fail_alloc_page+0xf2/0x100
[   80.462167][ T5852]  __alloc_frozen_pages_noprof+0xff/0x360
[   80.462243][ T5852]  ? alloc_pages_mpol+0x55/0x260
[   80.462352][ T5852]  alloc_pages_mpol+0xb3/0x260
[   80.462377][ T5852]  folio_alloc_noprof+0x97/0x150
[   80.462481][ T5852]  filemap_alloc_folio_noprof+0x66/0x210
[   80.462551][ T5852]  __filemap_get_folio+0x28f/0x650
[   80.462578][ T5852]  ext4_da_write_begin+0x3ac/0x6e0
[   80.462605][ T5852]  generic_perform_write+0x184/0x490
[   80.462746][ T5852]  ext4_buffered_write_iter+0x1ee/0x3c0
[   80.462773][ T5852]  ? ext4_file_write_iter+0xfe/0xf60
[   80.462800][ T5852]  ext4_file_write_iter+0x387/0xf60
[   80.462828][ T5852]  ? avc_policy_seqno+0x15/0x30
[   80.462873][ T5852]  ? selinux_file_permission+0x1e4/0x320
[   80.462898][ T5852]  ? __pfx_ext4_file_write_iter+0x10/0x10
[   80.462925][ T5852]  vfs_write+0x52a/0x960
[   80.462946][ T5852]  __x64_sys_pwrite64+0xfd/0x150
[   80.462965][ T5852]  x64_sys_call+0xc4d/0x3000
[   80.462994][ T5852]  do_syscall_64+0xd2/0x200
[   80.463069][ T5852]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   80.463141][ T5852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.463160][ T5852] RIP: 0033:0x7f3a113cefc9
[   80.463173][ T5852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.463218][ T5852] RSP: 002b:00007f3a0fe2f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[   80.463250][ T5852] RAX: ffffffffffffffda RBX: 00007f3a11625fa0 RCX: 00007f3a113cefc9
[   80.463336][ T5852] RDX: 000000000000fdef RSI: 0000200000000140 RDI: 0000000000000007
[   80.463388][ T5852] RBP: 00007f3a0fe2f090 R08: 0000000000000000 R09: 0000000000000000
[   80.463471][ T5852] R10: 0000000000000e7c R11: 0000000000000246 R12: 0000000000000001
[   80.463483][ T5852] R13: 00007f3a11626038 R14: 00007f3a11625fa0 R15: 00007fff5c634b78
[   80.463501][ T5852]  </TASK>
[   80.467586][ T5860] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.711545][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.723416][ T5860] EXT4-fs (loop4): shut down requested (1)
[   80.751974][ T5873] loop0: detected capacity change from 0 to 512
[   80.767661][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.778740][ T5873] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   80.782402][ T5876] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=15
[   80.798000][ T5876] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=15
[   80.805078][ T5873] EXT4-fs (loop0): 1 truncate cleaned up
[   80.843473][ T5873] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.872620][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.938910][ T5886] binfmt_misc: register: failed to install interpreter file ./file0
[   81.061107][ T5884] loop2: detected capacity change from 0 to 1024
[   81.090306][ T5894] loop0: detected capacity change from 0 to 512
[   81.119754][ T5884] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.132892][ T5894] ext4: Unknown parameter 'pcr'
[   81.165119][ T5884] EXT4-fs (loop2): shut down requested (1)
[   81.177368][ T5884] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[   81.186181][ T5884] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[   81.227912][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.279700][ T5915] loop4: detected capacity change from 0 to 128
[   81.294174][ T5917] loop0: detected capacity change from 0 to 128
[   81.472395][ T5921] loop1: detected capacity change from 0 to 512
[   81.480244][ T5921] ext4: Unknown parameter 'pcr'
[   81.577488][ T5931] binfmt_misc: register: failed to install interpreter file ./file0
[   81.655786][ T5925] syz.0.855: attempt to access beyond end of device
[   81.655786][ T5925] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128
[   81.669162][ T5925] Buffer I/O error on dev loop0, logical block 128, lost async page write
[   81.678595][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.699367][ T5917] syz.0.855: attempt to access beyond end of device
[   81.699367][ T5917] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128
[   81.712821][ T5917] Buffer I/O error on dev loop0, logical block 128, lost async page write
[   81.822242][ T5942] loop2: detected capacity change from 0 to 128
[   81.845743][ T5933] __nla_validate_parse: 6 callbacks suppressed
[   81.845760][ T5933] netlink: 8 bytes leftover after parsing attributes in process `syz.3.860'.
[   81.912776][ T5948] loop1: detected capacity change from 0 to 1024
[   81.945831][ T5948] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.982842][ T5956] netlink: 16 bytes leftover after parsing attributes in process `syz.4.866'.
[   82.002267][ T5948] EXT4-fs (loop1): shut down requested (1)
[   82.036158][ T5948] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=15
[   82.048944][ T5948] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=15
[   82.061307][ T5947] loop4: detected capacity change from 0 to 512
[   82.072182][ T5947] ext4: Unknown parameter 'pcr'
[   82.104220][ T5960] netlink: 8 bytes leftover after parsing attributes in process `syz.3.869'.
[   82.145784][ T5966] binfmt_misc: register: failed to install interpreter file ./file0
[   82.250480][ T5952] syz.2.861: attempt to access beyond end of device
[   82.250480][ T5952] loop2: rw=2049, sector=128, nr_sectors = 1 limit=128
[   82.264085][ T5952] Buffer I/O error on dev loop2, logical block 128, lost async page write
[   82.276218][ T5942] syz.2.861: attempt to access beyond end of device
[   82.276218][ T5942] loop2: rw=2049, sector=128, nr_sectors = 1 limit=128
[   82.289657][ T5942] Buffer I/O error on dev loop2, logical block 128, lost async page write
[   82.329885][ T5980] loop0: detected capacity change from 0 to 2048
[   82.350206][ T5980] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.381535][ T5975] netlink: 16 bytes leftover after parsing attributes in process `syz.3.872'.
[   82.423825][ T5978] netlink: 16 bytes leftover after parsing attributes in process `syz.4.873'.
[   82.471826][ T5971] loop3: detected capacity change from 0 to 512
[   82.488582][ T5987] loop2: detected capacity change from 0 to 128
[   82.496170][ T5974] loop4: detected capacity change from 0 to 512
[   82.503346][ T5971] ext4: Unknown parameter 'pcr'
[   82.520050][ T5974] ext4: Unknown parameter 'pcr'
[   82.603743][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.687016][ T5992] loop0: detected capacity change from 0 to 1024
[   82.702509][ T5992] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.715514][ T5992] EXT4-fs (loop0): shut down requested (1)
[   82.724011][ T5992] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   82.732903][ T5992] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[   82.747521][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.763517][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.815085][ T5997] binfmt_misc: register: failed to install interpreter file ./file0
[   82.969765][ T6004] netlink: 8 bytes leftover after parsing attributes in process `syz.3.882'.
[   82.971636][ T5988] syz.2.876: attempt to access beyond end of device
[   82.971636][ T5988] loop2: rw=2049, sector=128, nr_sectors = 1 limit=128
[   82.991920][ T5988] Buffer I/O error on dev loop2, logical block 128, lost async page write
[   83.014762][ T5987] syz.2.876: attempt to access beyond end of device
[   83.014762][ T5987] loop2: rw=2049, sector=128, nr_sectors = 1 limit=128
[   83.028090][ T5987] Buffer I/O error on dev loop2, logical block 128, lost async page write
[   83.054140][ T6015] FAULT_INJECTION: forcing a failure.
[   83.054140][ T6015] name failslab, interval 1, probability 0, space 0, times 0
[   83.067105][ T6015] CPU: 1 UID: 0 PID: 6015 Comm: syz.1.886 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   83.067134][ T6015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   83.067177][ T6015] Call Trace:
[   83.067184][ T6015]  <TASK>
[   83.067193][ T6015]  __dump_stack+0x1d/0x30
[   83.067229][ T6015]  dump_stack_lvl+0xe8/0x140
[   83.067267][ T6015]  dump_stack+0x15/0x1b
[   83.067293][ T6015]  should_fail_ex+0x265/0x280
[   83.067394][ T6015]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[   83.067468][ T6015]  should_failslab+0x8c/0xb0
[   83.067550][ T6015]  kmem_cache_alloc_lru_noprof+0x55/0x490
[   83.067571][ T6015]  ? debugfs_alloc_inode+0x34/0x40
[   83.067687][ T6015]  ? lookup_noperm+0xc9/0x180
[   83.067718][ T6015]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[   83.067752][ T6015]  debugfs_alloc_inode+0x34/0x40
[   83.067777][ T6015]  alloc_inode+0x40/0x170
[   83.067931][ T6015]  new_inode+0x1d/0xe0
[   83.067953][ T6015]  __debugfs_create_file+0x109/0x330
[   83.067986][ T6015]  debugfs_create_file_full+0x3f/0x60
[   83.068040][ T6015]  ? __pfx_veth_setup+0x10/0x10
[   83.068080][ T6015]  ref_tracker_dir_debugfs+0x100/0x1e0
[   83.068124][ T6015]  alloc_netdev_mqs+0x1a7/0xa50
[   83.068224][ T6015]  rtnl_create_link+0x239/0x710
[   83.068283][ T6015]  rtnl_newlink_create+0x14c/0x620
[   83.068310][ T6015]  ? security_capable+0x83/0x90
[   83.068340][ T6015]  ? netlink_ns_capable+0x86/0xa0
[   83.068443][ T6015]  rtnl_newlink+0xf29/0x12d0
[   83.068503][ T6015]  ? __pfx_rtnl_newlink+0x10/0x10
[   83.068530][ T6015]  rtnetlink_rcv_msg+0x5fe/0x6d0
[   83.068669][ T6015]  ? avc_has_perm_noaudit+0x1b1/0x200
[   83.068703][ T6015]  netlink_rcv_skb+0x123/0x220
[   83.068728][ T6015]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   83.068842][ T6015]  rtnetlink_rcv+0x1c/0x30
[   83.068943][ T6015]  netlink_unicast+0x5c0/0x690
[   83.068975][ T6015]  netlink_sendmsg+0x58b/0x6b0
[   83.069007][ T6015]  ? __pfx_netlink_sendmsg+0x10/0x10
[   83.069040][ T6015]  __sock_sendmsg+0x145/0x180
[   83.069058][ T6015]  ____sys_sendmsg+0x31e/0x4e0
[   83.069136][ T6015]  ___sys_sendmsg+0x17b/0x1d0
[   83.069239][ T6015]  __x64_sys_sendmsg+0xd4/0x160
[   83.069268][ T6015]  x64_sys_call+0x191e/0x3000
[   83.069343][ T6015]  do_syscall_64+0xd2/0x200
[   83.069377][ T6015]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   83.069461][ T6015]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   83.069634][ T6015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.069658][ T6015] RIP: 0033:0x7f8d7662efc9
[   83.069675][ T6015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.069690][ T6015] RSP: 002b:00007f8d7508f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   83.069710][ T6015] RAX: ffffffffffffffda RBX: 00007f8d76885fa0 RCX: 00007f8d7662efc9
[   83.069725][ T6015] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000005
[   83.069736][ T6015] RBP: 00007f8d7508f090 R08: 0000000000000000 R09: 0000000000000000
[   83.069780][ T6015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.069790][ T6015] R13: 00007f8d76886038 R14: 00007f8d76885fa0 R15: 00007fff6fb37658
[   83.069809][ T6015]  </TASK>
[   83.069817][ T6015] debugfs: out of free dentries, can not create file 'netdev@ffff88811a87d558'
[   83.584280][ T6031] binfmt_misc: register: failed to install interpreter file ./file0
[   83.606510][ T6027] loop3: detected capacity change from 0 to 1024
[   83.634850][ T6027] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.650574][ T6027] EXT4-fs (loop3): shut down requested (1)
[   83.660721][ T6027] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   83.677941][ T6027] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[   83.710166][ T6020] loop2: detected capacity change from 0 to 512
[   83.717861][ T6020] EXT4-fs: Ignoring removed nobh option
[   83.726428][ T6046] loop1: detected capacity change from 0 to 128
[   83.744121][ T6020] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #3: comm syz.2.887: corrupted inode contents
[   83.787995][ T6020] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #3: comm syz.2.887: mark_inode_dirty error
[   83.813088][ T6042] netlink: 16 bytes leftover after parsing attributes in process `syz.4.896'.
[   83.827483][ T6052] ==================================================================
[   83.835591][ T6052] BUG: KCSAN: data-race in xas_find_marked / xas_set_mark
[   83.842731][ T6052] 
[   83.845066][ T6052] write to 0xffff88811a4d3814 of 4 bytes by task 6046 on cpu 1:
[   83.852707][ T6052]  xas_set_mark+0x12b/0x140
[   83.857228][ T6052]  __folio_start_writeback+0x155/0x390
[   83.862709][ T6052]  __block_write_full_folio+0x53a/0x8f0
[   83.868264][ T6052]  block_write_full_folio+0x2c2/0x2e0
[   83.873647][ T6052]  mpage_writepages+0x6cf/0x1250
[   83.878595][ T6052]  fat_writepages+0x24/0x30
[   83.883104][ T6052]  do_writepages+0x1c6/0x310
[   83.887708][ T6052]  file_write_and_wait_range+0x156/0x2c0
[   83.893340][ T6052]  __generic_file_fsync+0x46/0x140
[   83.898461][ T6052]  fat_file_fsync+0x49/0x100
[   83.903067][ T6052]  vfs_fsync_range+0x10d/0x130
[   83.907831][ T6052]  generic_file_write_iter+0x1b8/0x2f0
[   83.913309][ T6052]  iter_file_splice_write+0x666/0xa60
[   83.918698][ T6052]  direct_splice_actor+0x156/0x2a0
[   83.923824][ T6052]  splice_direct_to_actor+0x312/0x680
[   83.929224][ T6052]  do_splice_direct+0xda/0x150
[   83.934000][ T6052]  do_sendfile+0x380/0x650
[   83.938419][ T6052]  __x64_sys_sendfile64+0x105/0x150
[   83.943623][ T6052]  x64_sys_call+0x2bb4/0x3000
[   83.948312][ T6052]  do_syscall_64+0xd2/0x200
[   83.952824][ T6052]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.958715][ T6052] 
[   83.961033][ T6052] read to 0xffff88811a4d3814 of 4 bytes by task 6052 on cpu 0:
[   83.968578][ T6052]  xas_find_marked+0x5dc/0x620
[   83.973354][ T6052]  find_get_entry+0x5d/0x380
[   83.977965][ T6052]  filemap_get_folios_tag+0x92/0x210
[   83.983272][ T6052]  filemap_fdatawait_range+0x88/0x1d0
[   83.988646][ T6052]  __writeback_single_inode+0xdb/0x7c0
[   83.994130][ T6052]  writeback_single_inode+0x16d/0x3f0
[   83.999507][ T6052]  sync_inode_metadata+0x5b/0x90
[   84.004448][ T6052]  __generic_file_fsync+0xf8/0x140
[   84.009566][ T6052]  fat_file_fsync+0x49/0x100
[   84.014166][ T6052]  vfs_fsync_range+0x10d/0x130
[   84.018929][ T6052]  generic_file_write_iter+0x1b8/0x2f0
[   84.024398][ T6052]  iter_file_splice_write+0x666/0xa60
[   84.029780][ T6052]  direct_splice_actor+0x156/0x2a0
[   84.034903][ T6052]  splice_direct_to_actor+0x312/0x680
[   84.040290][ T6052]  do_splice_direct+0xda/0x150
[   84.045065][ T6052]  do_sendfile+0x380/0x650
[   84.049486][ T6052]  __x64_sys_sendfile64+0x105/0x150
[   84.054690][ T6052]  x64_sys_call+0x2bb4/0x3000
[   84.059374][ T6052]  do_syscall_64+0xd2/0x200
[   84.063899][ T6052]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.069796][ T6052] 
[   84.072116][ T6052] value changed: 0x0a000021 -> 0x00000021
[   84.077825][ T6052] 
[   84.080158][ T6052] Reported by Kernel Concurrency Sanitizer on:
[   84.086326][ T6052] CPU: 0 UID: 0 PID: 6052 Comm: syz.1.897 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   84.095958][ T6052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   84.106022][ T6052] ==================================================================
[   84.117502][   T29] kauditd_printk_skb: 407 callbacks suppressed
[   84.117582][   T29] audit: type=1326 audit(1761005804.658:5331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6049 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   84.131013][ T6053] netlink: 16 bytes leftover after parsing attributes in process `syz.0.898'.
[   84.147082][   T29] audit: type=1326 audit(1761005804.658:5332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6049 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   84.179225][   T29] audit: type=1326 audit(1761005804.668:5333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6049 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   84.202634][   T29] audit: type=1326 audit(1761005804.668:5334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6049 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   84.247780][ T6020] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #3: comm syz.2.887: corrupted inode contents
[   84.259711][   T29] audit: type=1326 audit(1761005804.938:5335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6049 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   84.260863][ T6020] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.887: mark_inode_dirty error
[   84.283049][   T29] audit: type=1326 audit(1761005804.938:5336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6049 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   84.283121][   T29] audit: type=1326 audit(1761005804.948:5337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6049 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   84.340762][   T29] audit: type=1326 audit(1761005804.948:5338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6049 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   84.340895][ T6056] loop4: detected capacity change from 0 to 512
[   84.364100][   T29] audit: type=1326 audit(1761005804.948:5339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6049 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   84.370901][ T6056] ext4: Unknown parameter 'pcr'
[   84.393623][   T29] audit: type=1326 audit(1761005804.948:5340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6049 comm="syz.0.898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f3a113cefc9 code=0x7ffc0000
[   84.427172][ T6051] loop0: detected capacity change from 0 to 512
[   84.432737][ T6020] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.887: Failed to acquire dquot type 0
[   84.444572][ T6051] ext4: Unknown parameter 'pcr'
[   84.457686][ T6020] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.887: corrupted inode contents
[   84.495143][ T6020] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #16: comm syz.2.887: mark_inode_dirty error
[   84.507693][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.518024][ T6020] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.887: corrupted inode contents
[   84.530788][ T6020] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.887: mark_inode_dirty error
[   84.567163][ T6020] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.887: corrupted inode contents
[   84.586758][ T6020] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem
[   84.595711][ T6020] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.887: corrupted inode contents
[   84.611499][ T6020] EXT4-fs error (device loop2): ext4_truncate:4637: inode #16: comm syz.2.887: mark_inode_dirty error
[   84.622825][ T6020] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem
[   84.632132][ T6020] EXT4-fs (loop2): 1 truncate cleaned up
[   84.638259][ T6020] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.651456][ T6020] ext4 filesystem being mounted at /156/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.662733][ T6020] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.