last executing test programs:

1.303867294s ago: executing program 4 (id=890):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000005"], 0x48)
r0 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000180)=[@in6={0xa, 0x4e23, 0x9, @private0, 0x800}, @in={0x2, 0x4e20, @remote}], 0x1)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB='(\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=r2, @ANYBLOB], 0x28}}, 0x2000c058)
recvfrom$packet(r0, &(0x7f0000000080)=""/13, 0xd, 0x40000000, &(0x7f0000000180)={0x11, 0x19, 0x0, 0x1, 0x5, 0x6, @random="83ff458197f0"}, 0x14)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0x0, @none}, 0xe)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x23, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x104020, 0x7, 0x2, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
mount$9p_tcp(0x0, &(0x7f0000000680)='.\x00', &(0x7f00000006c0), 0x8010, &(0x7f0000000080)=ANY=[@ANYBLOB])
r6 = socket(0xa, 0x3, 0x3a)
setresuid(0xee01, 0x0, 0x0)
faccessat2(0xffffffffffffff9c, 0x0, 0x1, 0x100)
setsockopt$MRT6_ADD_MFC_PROXY(r6, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @mcast1, 0xfffffffe}, {0xa, 0x0, 0x0, @empty, 0x3}}, 0x5c)
listen(r5, 0xfffffbeb)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r7)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r8, &(0x7f0000000540)=""/51, 0x33)
getdents(r8, 0xfffffffffffffffd, 0x58)
r9 = epoll_create(0xff)
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r5, &(0x7f0000000000)={0xb0000001})
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001940)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0xfffffffd, 0x25dfdbfc, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{}, 0x97, 0x0, [{}, {}]}, [{}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xd}, {}, {0x448eade7}, {0x0, 0x0, 0x80000000}, {}, {}, {}, {0x0, 0x0, 0x4}, {}, {}, {0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x200000}, {0x0, 0x0, 0x82a5}, {0x0, 0x20000000, 0x0, 0xffffffff, 0x3}, {}, {}, {}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0xfffffffc, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x80000000}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0x9}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0xfffffffe}, {}, {0xd5}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x10}, {0x80000040}, {0x8eb9, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0x4, 0x0, 0x4, 0x0, 0x7ee}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {0x0, 0x0, 0x40000000}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x9}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0x3}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb}, {}, {0x0, 0x9, 0xfffffffc, 0x0, 0x0, 0xfbfffffd}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0x8000000}, {}, {0x4}, {}, {}, {}, {0x1000}, {0x3}, {0x0, 0x0, 0x0, 0x0, 0x212}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x20}, {}, {0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x4}, {}, {0x10000}, {}, {}, {}, {0x0, 0x0, 0x0, 0x6}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xb}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {0x3, 0x1}, {0x7}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x2}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0)

1.226484071s ago: executing program 4 (id=893):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
syz_io_uring_setup(0x16d2, 0x0, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e23, 0x3fe, @loopback}], 0x1c)
sendto$inet6(r2, &(0x7f0000000100)="b8", 0x1, 0x2000c851, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)

1.195904663s ago: executing program 4 (id=895):
r0 = perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000280)='./file1\x00', 0x808010, &(0x7f0000000640)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES32], 0x1, 0x2b8, &(0x7f00000006c0)="$eJzs3E9rE0EYx/HHpG3SlDYRRFBQH/Sil6WNL0CDtCAGhNoU9SBs7UZDYlJ2QyQiNhfx6usoHr0J6hvoRbx491YEwUsP4kr2T5u0aU3bpKnt9wNlZjPzy0zTtDxbyKzdf/usmHeMvFmVSFwlItKQdZFUsxc4FbQRrz8irRpybezXtwv3Hjy8k8lmp2dVZzJz19OqOnHp4/OX7y5/ro7Nv5/4EJPV1KO1n+nvq2dXz639mXtacLTgaLlSVVMXKpWquVCydLHgFKPBM1taKDuW3TaeL1WWlupqlhfHE0u25ThqlutatOparWjVrqv5xCyU1TAMHU/IyTbUxZzcyuysmdlx2I32dEfovVj75WinObadaXQezK30a18AAODo2r3+92v9nev/7Lzf9rL+N1RFLNOh/u+HRtvVP+p/HAu2nTETwe9vO+p/AAAAAAAAAAAAAAAAAAAAAAD+B+uum3RdNxm24VdMROIiEl4Pep/oj33+/G8MaLvosZYP7sVFSm9quVrOb/3xTF4KUhJLJiUpv733Q8Dvz9zOTk+qZzh4ymZ+uZaLemcTePlQqlP+4ukpP6/yqZmrBflhSbSun5aknOm8fnozHx6HsFzLjcjVKy15Q5Ly5bFUpCSL3vt6M/9qSvXW3eyW9Ue9eQAAAAAAHAeGbki13//6Zz8a3oS4bB/383v4/8CW++shOd/NEZUAAAAAAODAnPqLolkqWfY+OjEROUD8uHai0v7IqIgMfmM3ReRovD6H0omLiP+I7if+YyPeVcrtYs6QiAz8ZdlDZ9B/mQAAAAD0mlfrR5pF/x5CX1/3cUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJw83Z4HFs7fNhQO7BJvWS566N8gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcIT8DQAA//9F8hZE")
r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000000000)=""/48, 0x30)
ioctl$VFAT_IOCTL_READDIR_BOTH(r1, 0x82307201, 0x0)
fsetxattr(r0, &(0x7f0000000000)=@known='trusted.overlay.opaque\x00', &(0x7f0000000040)='{\x00', 0x2, 0x1)

1.064913934s ago: executing program 4 (id=898):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111670000000000851000000200000085000000b200000095000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x70)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000002c0)="4d17a21066539c6c0e21c44ad845279a8e6c656f70689dd4b14080434d887d3dfb50c2b474aafcaea8e524c4a8f9d49991bb2c9271f54f755969aad2aadf6050a314782a1d5925c646380daa0f5bcd63f3eda169b4fabfe5e473d3d9d397f77e", 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r3}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000000201010100000000000000000200000004000180180002801400018008000100b04c94a708000200ac1414aa140019"], 0x44}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0), 0x404080, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000200)='leases_conflict\x00', r5, 0x0, 0x6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
socket$nl_route(0x10, 0x3, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg$inet_sctp(r6, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x2a028}], 0x1, 0x0, 0x0, 0x804c040}, 0x0)

876.877369ms ago: executing program 1 (id=903):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000"], 0x48)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x12, 0x104, 0x8, 0xffffffff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x10000000}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x2}, 0x100106, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0x200000000000027e, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x85)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0xe}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
inotify_init()

625.845219ms ago: executing program 0 (id=906):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
syz_io_uring_setup(0x16d2, 0x0, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e23, 0x3fe, @loopback}], 0x1c)
sendto$inet6(r2, &(0x7f0000000100)="b8", 0x1, 0x2000c851, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)

594.988852ms ago: executing program 0 (id=908):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffd8, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00')
getdents64(r2, &(0x7f0000000000)=""/38, 0x26)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd70c575420819359, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = socket(0xa, 0x3, 0xfc)
setsockopt$inet6_opts(r4, 0x29, 0x39, &(0x7f0000000240)=ANY=[@ANYBLOB="611404"], 0xa8)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x8010, 0xffffffffffffffff, 0x8832a000)

594.451012ms ago: executing program 1 (id=909):
r0 = perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000280)='./file1\x00', 0x808010, &(0x7f0000000640)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES32], 0x1, 0x2b8, &(0x7f00000006c0)="$eJzs3E9rE0EYx/HHpG3SlDYRRFBQH/Sil6WNL0CDtCAGhNoU9SBs7UZDYlJ2QyQiNhfx6usoHr0J6hvoRbx491YEwUsP4kr2T5u0aU3bpKnt9wNlZjPzy0zTtDxbyKzdf/usmHeMvFmVSFwlItKQdZFUsxc4FbQRrz8irRpybezXtwv3Hjy8k8lmp2dVZzJz19OqOnHp4/OX7y5/ro7Nv5/4EJPV1KO1n+nvq2dXz639mXtacLTgaLlSVVMXKpWquVCydLHgFKPBM1taKDuW3TaeL1WWlupqlhfHE0u25ThqlutatOparWjVrqv5xCyU1TAMHU/IyTbUxZzcyuysmdlx2I32dEfovVj75WinObadaXQezK30a18AAODo2r3+92v9nev/7Lzf9rL+N1RFLNOh/u+HRtvVP+p/HAu2nTETwe9vO+p/AAAAAAAAAAAAAAAAAAAAAAD+B+uum3RdNxm24VdMROIiEl4Pep/oj33+/G8MaLvosZYP7sVFSm9quVrOb/3xTF4KUhJLJiUpv733Q8Dvz9zOTk+qZzh4ymZ+uZaLemcTePlQqlP+4ukpP6/yqZmrBflhSbSun5aknOm8fnozHx6HsFzLjcjVKy15Q5Ly5bFUpCSL3vt6M/9qSvXW3eyW9Ue9eQAAAAAAHAeGbki13//6Zz8a3oS4bB/383v4/8CW++shOd/NEZUAAAAAAODAnPqLolkqWfY+OjEROUD8uHai0v7IqIgMfmM3ReRovD6H0omLiP+I7if+YyPeVcrtYs6QiAz8ZdlDZ9B/mQAAAAD0mlfrR5pF/x5CX1/3cUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJw83Z4HFs7fNhQO7BJvWS566N8gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcIT8DQAA//9F8hZE")
r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000000000)=""/48, 0x30)
ioctl$VFAT_IOCTL_READDIR_BOTH(r1, 0x82307201, &(0x7f0000000f80)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
fsetxattr(r0, 0x0, &(0x7f0000000040)='{\x00', 0x2, 0x1)

550.868745ms ago: executing program 0 (id=910):
syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_pidfd_open(0x0, 0x0)
preadv(r1, &(0x7f0000000040)=[{&(0x7f0000000280)=""/111, 0x6f}], 0x1, 0x9, 0x40)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000240)={r0, 0xffffffffffffffff, 0x32, 0x0, @void}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r2}, &(0x7f00000008c0), &(0x7f0000000880)=r3}, 0x20)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
r4 = open(&(0x7f00000005c0)='./bus\x00', 0x167842, 0x19)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x1400, 0x0, 0x0)

539.942246ms ago: executing program 3 (id=912):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b70300000000b1098500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, @fallback=0x59, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0x4}, 0x18)
r4 = io_uring_setup(0x4d42, &(0x7f0000000240)={0x0, 0xcb6c, 0x40, 0x3, 0x12d})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r4, 0xb, &(0x7f0000000480), 0x0)

481.720011ms ago: executing program 3 (id=914):
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_buf(r0, 0x6, 0x1f, 0x0, &(0x7f00000001c0)=0x52)
r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
setsockopt$llc_int(r1, 0x10c, 0x3, &(0x7f00000000c0)=0xfffffffe, 0x4)

465.479112ms ago: executing program 4 (id=916):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r2, 0x800448f0, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r3, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, 0x0, 0x20004450)
getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000140)=[{0x20, 0x0, 0x0, 0xfffff038}, {0xb1, 0x0, 0x0, 0xfffff024}, {0x6}]}, 0x10)
sendmmsg(r5, &(0x7f0000001c00), 0x400000000000159, 0x40840)
madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x17)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000200)={0x2, &(0x7f0000000140)=[{0x48, 0xfd, 0x2, 0x100}, {0x6, 0x6, 0xe, 0x3}]}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x43}, 0x94)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
ustat(0x7e08, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)

461.731653ms ago: executing program 1 (id=917):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[])

412.200177ms ago: executing program 3 (id=918):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$usbmon(&(0x7f0000000040), 0x0, 0x8000)
syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x19, 0x0, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000000)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f00000002c0)=0x56, 0xffffffffffffffff, 0x0, 0x0, 0x1}}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = socket(0x28, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$vsock_stream(r2, 0x0, 0x0)
connect$vsock_stream(r2, &(0x7f0000000400)={0x28, 0x0, 0x2710, @host}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
socket$key(0xf, 0x3, 0x2)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=@getchain={0x44, 0x11, 0x1, 0x2000000, 0x3, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0x9, 0x8}, {0x3}}, [{0x8, 0xb, 0x3}, {0x8, 0xb, 0x8}, {0x8, 0xb, 0x5}, {0x8, 0xb, 0xffffff4d}]}, 0x44}, 0x1, 0x0, 0x0, 0x8d0}, 0x0)

410.342027ms ago: executing program 1 (id=919):
r0 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12', 0x2)
ftruncate(r0, 0xffff)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0800000004000000040000000900000008080100", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/24, @ANYRES32, @ANYBLOB="011ad9c7606a36e1f5e3cace8a90fbe1c552f4722c014cc44e62bbe3452d439cfb322b7830cc85bea0dde09ee7326ec9d336f5fc71628788ea0f2dd3e6f292bf2e3b7e69d4"], 0x50)
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0xfffffffd, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000000000000000181100", @ANYRES32=r3], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
bind$rds(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x25, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f0000000000)='tracefs\x00', 0xa1000, &(0x7f0000000300)='trans=rdma,')
sendmsg$rds(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$smc(0x0, 0xffffffffffffffff)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, 0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, r7)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r8, 0x0, 0x2000c800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfffffffffffffe3d)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x41, 0x2)

385.812138ms ago: executing program 3 (id=920):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000"], 0x48)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x12, 0x104, 0x8, 0xffffffff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x10000000}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x2}, 0x100106, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0x200000000000027e, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x85)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0xe}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
inotify_init()

348.782582ms ago: executing program 2 (id=921):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
syz_io_uring_setup(0x16d2, 0x0, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e23, 0x3fe, @loopback}], 0x1c)
sendto$inet6(r2, &(0x7f0000000100)="b8", 0x1, 0x2000c851, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)

347.613122ms ago: executing program 3 (id=922):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$sock_ifreq(0xffffffffffffffff, 0x8915, &(0x7f0000000040)={'veth0_vlan\x00', @ifru_ivalue=0x5})
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$IEEE802154_LIST_PHY(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r2, 0x100, 0x70bd25, 0x25dfdbfb, {}, ["", "", "", "", "", "", ""]}, 0x14}}, 0x40) (async, rerun: 64)
r3 = socket$can_raw(0x1d, 0x3, 0x1) (async, rerun: 64)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000001c0)={'vcan0\x00', <r4=>0x0})
sendmsg$can_raw(r3, &(0x7f0000000300)={&(0x7f0000000200)={0x1d, r4}, 0x10, &(0x7f00000002c0)={&(0x7f0000000240)=@canfd={{0x4}, 0x34, 0x1, 0x0, 0x0, "0eb1ab20c00682175a865fc2f0951cfa258fd89a6cdc6d20b80d4e5b1dfae432c51e34fc468f013b683753c64cfa5ea47b3571762c059626d749ff4bbfaa0a95"}, 0x48}, 0x1, 0x0, 0x0, 0x80d5}, 0x4000000)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000380)=<r5=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f00000003c0)=<r6=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x2c, 0x0, 0x400, 0x70bd29, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r6}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x810}, 0x8000) (async)
sendmsg(r3, &(0x7f0000000740)={&(0x7f00000004c0)=@x25, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000540)="b3e4ac892aeed4c2584b9b421218cf62c462d5757b8037776f892bc37c1edc178aafc952eabc874fefe0c755dcca5eabf52bcf9182a27c6ae10e7e002b3ec1060047788d51fe7489c32a40412405b06eb2e7599817c8206b4cc8822d170d67dd7bf866aa359d4dad", 0x68}], 0x1, &(0x7f0000000600)=[{0x40, 0x0, 0x1000, "4093035a16d63c759eda0e6e40536ed5dfa7086632fa59065801bce428b60dc586a02b928694936dcc7439"}, {0xf8, 0x113, 0x2, "a494ea0e51ee4ee8b96c9440a7d9afb8694f63c71ad1a81601c13d284d32dad9042c9a4503350cf1e8ac78fa1790d5da2f93a35dee074ca48488e205b15d6c3bd811785015ed80848953613be41ad2257d19de4c1bbc9c1405e5f9b16587045beebc573df89882133f2f444b1bbddd0177c56f3aa53bc4c5e7c628d2c1bb02368368a0d259dd9f7509e18619b84490a3c7855e8f2dcb2bd39b604f45eb2058cf941f0f0c9b75a97fb1354afaa523eabf2161c6f12ddfe2e9a7c874402b534b9a889d6d29ce101461d0c576e71a53aa6de7e220d19b6a551a5d21a927872304957f0e903b"}], 0x138}, 0x400c080)
r7 = syz_genetlink_get_family_id$nfc(&(0x7f00000007c0), r1)
sendmsg$NFC_CMD_LLC_GET_PARAMS(r1, &(0x7f00000008c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x80002084}, 0xc, &(0x7f0000000880)={&(0x7f0000000800)={0x58, r7, 0x4, 0x70bd27, 0x25dfdbfc, {}, [@NFC_ATTR_FIRMWARE_NAME={0xf, 0x14, 'veth0_vlan\x00'}, @NFC_ATTR_FIRMWARE_NAME={0xf, 0x14, 'veth0_vlan\x00'}, @NFC_ATTR_FIRMWARE_NAME={0x5, 0x14, '1'}, @NFC_ATTR_FIRMWARE_NAME={0x4}, @NFC_ATTR_FIRMWARE_NAME={0x12, 0x14, '/selinux/load\x00'}, @NFC_ATTR_FIRMWARE_NAME={0x4}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x0) (async)
r8 = accept4(r3, 0x0, &(0x7f0000000900), 0x80800) (async)
r9 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000980), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000b00)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000ac0)={&(0x7f00000009c0)={0xe8, r9, 0x2, 0x70bd29, 0x25dfdbfc, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x80, 0x8, 0x0, 0x1, [{0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3bd45f64}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x39}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x84}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7de6eee1}]}, {0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x32}]}, {0x4c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x77cb01c}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x13420ea5}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x11}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x4a}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x59918f57}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x16222ea2}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xc7}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6c857890}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x2c647a9}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x2c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x5}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x5}, {0x5}, {0x5}]}, @NLBL_CIPSOV4_A_MLSLVLLST={0x28, 0x8, 0x0, 0x1, [{0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x2}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x1467b5d8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x59447e01}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xc3}]}]}]}, 0xe8}, 0x1, 0x0, 0x0, 0x4}, 0x4041) (async)
r10 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x8, 0x11, 0xffffffffffffffff, 0x10000000) (async)
r11 = open$dir(&(0x7f0000000b40)='./file0\x00', 0x80000, 0x18c)
r12 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r10, &(0x7f0000000cc0)=@IORING_OP_STATX={0x15, 0x42, 0x0, r11, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, <r13=>0x0}, &(0x7f0000000c80)='./file0\x00', 0x100, 0x6000, 0x0, {0x0, r12}}) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r14 = syz_io_uring_setup(0x4b25, &(0x7f0000000d00)={0x0, 0x790e, 0x2000, 0x3, 0x321}, &(0x7f0000000d80), &(0x7f0000000dc0))
io_uring_register$IORING_UNREGISTER_NAPI(r14, 0x1c, &(0x7f0000000e00), 0x1)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000e80)={'wpan3\x00', <r15=>0x0})
sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r1, &(0x7f0000000f40)={&(0x7f0000000e40)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000f00)={&(0x7f0000000ec0)={0x40, r2, 0x20, 0x70bd2b, 0x25dfdbfd, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r15}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x7}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000080}, 0x4) (async)
setxattr$security_capability(&(0x7f0000000f80)='./file0\x00', &(0x7f0000000fc0), &(0x7f0000001000)=@v3={0x3000000, [{0xffffffc0, 0xa7}, {0x4}], r13}, 0x18, 0x1) (async)
socket$netlink(0x10, 0x3, 0x2)
syz_genetlink_get_family_id$SEG6(&(0x7f0000001040), r11) (async)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r8, 0x29, 0x20, &(0x7f0000001080)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x3, 0x0, 0x2, 0x2, 0x15a, 0xf}, &(0x7f00000010c0)=0x20)

343.207252ms ago: executing program 0 (id=923):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0xb, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xc}, [@printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xe63}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x56, &(0x7f0000000280)=""/86, 0x41000, 0x4e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000000300)={0x3, 0xe, 0x5, 0x3ff}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f00000004c0)={{0x1, 0x1, 0x18, <r1=>r0, {0x2}}, './file0\x00'})
bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000500)=r1, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='io_uring_register\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r3}, &(0x7f0000000000), &(0x7f00000005c0)=r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='io_uring_register\x00', r5}, 0x10)
r6 = syz_io_uring_setup(0x371d, &(0x7f0000000440)={0x0, 0x0, 0x1000, 0x7, 0xffffdf}, &(0x7f0000000380), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)

299.953876ms ago: executing program 1 (id=924):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b70300000000b1098500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, @fallback=0x59, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0x4}, 0x18)
r4 = io_uring_setup(0x4d42, &(0x7f0000000240)={0x0, 0xcb6c, 0x40, 0x3, 0x12d})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r4, 0xb, &(0x7f0000000480), 0x0)

298.845506ms ago: executing program 2 (id=925):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000340)={<r1=>r0})
recvmsg$kcm(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x10102)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000a40)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@norecovery}, {@resuid}, {@quota}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
write(r4, &(0x7f00000009c0)="3bf58d7d45d32c", 0x7)

297.755146ms ago: executing program 3 (id=926):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket(0x1e, 0x5, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f00000001c0)={0x3, &(0x7f0000000180)=[{0x5, 0x1, 0x8, 0x5405}, {0x4, 0x8, 0x7c, 0xc}, {0x9, 0x7, 0x4, 0x5}]})
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda)
r2 = socket(0x1e, 0x805, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f00000000c0)=@req3={0x80000000, 0x0, 0x2}, 0x1c)
r3 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r3, 0x29, 0xc8, &(0x7f0000000340), 0x4)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000700)={{0x2, 0x4e22, @loopback}, {0x6, @broadcast}, 0x10, {0x2, 0x4e21, @multicast1}, 'xfrm0\x00'})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000500)={'dummy0\x00', <r5=>0x0})
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000040)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r6}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file2\x00', 0x0, &(0x7f0000000780)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x8}}]}, 0x3, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrKpupOkcdvgQ1UQfSqoFZ+ENSaTEDLJLMmk3YTFpvgqCCJa8EWffBH8AwTpi+8iFOq7qChSs/qg0PbKnbnTTWZnkhRncpfk94Oz9557Zu73ncnOybkzN/cGcGE9GRHTETEWEc9ExFSxPS1K7HdK/rh7B3eX8pJElr30dhJJsa27r8vF8lrxtImI+MZXI76bPBh3e3dvfbHRqG8V9ZnWRvJOlu3dWNtYXK2v1jfn5+eeW3h+4ebC7FD6WY2IF77815/88JdfeeG3n33lT7f+Pv29PK3/Ztmr0dOPYep0vdJ+LbrGI2JrFMFKMt7uYcfNknMBAOB4+Xz/wxHxyfb8fyrG2rM5AAAA4DzJvjAZ7yQRGQAAAHBupRExGUlaK873nSzOWL0WER+Nq2mjud36zEpzZ3M5b4uoRiVdWWvUZ2Oife5ANSpJXp8rzrHt1p/tqc9HxKMR8eOpK+16banZWC77ww8AAAC4IK71HP//eypNa7Wicb/k5AAAAIDhqZadAAAAADByjv8BAADg/Ktmfe7Q9aB09JkAAAAAI/C1F1/MS9a9//Xyy7s7682XbyzXt9drGztLtaXm1u3aarO52r5m38ZJ+2s0m7c/F5s7d2Za9e3WzPbu3q2N5s5m69bakVtgAwAAAGfo0U+88cckIvY/f6VdcpeKtkpENnb4weNlZAiMygc6p+cvo8sDOHuHf79fKTEP4OyZ0sPFVSk7AaB0J/0B0MCTd34//FwAAIDRuP6xwd//v71SamrAiBXf/yenugAIcK6MlZ0AUJrO93/vZR1lZwOcpcpxMwAHBXDupcP5/v+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSVbWGvXZiPhQRLw1Vbmc1+faz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3s8HLiX/mWovI+KVn7300zuLrdbWXL79n+9vb71ebH+2jE8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNO9g7tL97Isyw7uLp1l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjh56XRMTYEOLvvxYRj/WLn+RpRbXI4kj8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK0+/uavZwbGfy3i8fH+4083fpLvr0/8p07Zx+98c29vUFv2i4jr/ca/5GismdbG7Znt3b0baxuLq/XV+ub8/NxzC88v3FyYnVlZa9SLf/vG+NHHf/Pe/dq7D/T/6jHjb7v/A17/p0/Z/3ffvHPwkc5qz08mKvHzLJt+qv/P/7F88en+8fP/E58qfg/k7flrmL7+rb7xn/jVH54YlFve/+UB/Z/o6f/lnv5Pn7L/z3z9+38+5UMBgDOwvbu3vtho1LesHF6J6kORxsO7ks87S08jiSTylbeONC2Wn1hn5dXiPbbY6L7bhrTn3xUHR6NMvqTxCAAAGJ37k/7elqSchAAAAAAAAAAAAAAAAAAAAOACOvEyYIOa0oi4v+XbPzjmamS9MffL6SoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLH+FwAA//8tudaU")
setsockopt$MRT6_ADD_MIF(r3, 0x29, 0xca, &(0x7f0000000040)={0x2, 0x0, 0x10, r5, 0x80000001}, 0xc)
setsockopt$MRT6_FLUSH(r3, 0x29, 0xd4, &(0x7f0000000080)=0x6, 0x4)
sendmsg$tipc(r2, &(0x7f0000000640)={&(0x7f0000000300)=@nameseq={0x1e, 0x1, 0x2, {0x43, 0x0, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0)

297.275226ms ago: executing program 4 (id=927):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111670000000000851000000200000085000000b200000095000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x70)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000002c0)="4d17a21066539c6c0e21c44ad845279a8e6c656f70689dd4b14080434d887d3dfb50c2b474aafcaea8e524c4a8f9d49991bb2c9271f54f755969aad2aadf6050a314782a1d5925c646380daa0f5bcd63f3eda169b4fabfe5e473d3d9d397f77e", 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r3}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000000201010100000000000000000200000004000180180002801400018008000100b04c94a708000200ac1414aa140019"], 0x44}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0), 0x404080, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000200)='leases_conflict\x00', r5, 0x0, 0x6}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x800, 0x55007}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_DEFAULT_PVID={0x6, 0x27, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x44040)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg$inet_sctp(r6, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x2a028}], 0x1, 0x0, 0x0, 0x804c040}, 0x0)

269.563478ms ago: executing program 2 (id=928):
r0 = perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000280)='./file1\x00', 0x808010, &(0x7f0000000640)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES32], 0x1, 0x2b8, &(0x7f00000006c0)="$eJzs3E9rE0EYx/HHpG3SlDYRRFBQH/Sil6WNL0CDtCAGhNoU9SBs7UZDYlJ2QyQiNhfx6usoHr0J6hvoRbx491YEwUsP4kr2T5u0aU3bpKnt9wNlZjPzy0zTtDxbyKzdf/usmHeMvFmVSFwlItKQdZFUsxc4FbQRrz8irRpybezXtwv3Hjy8k8lmp2dVZzJz19OqOnHp4/OX7y5/ro7Nv5/4EJPV1KO1n+nvq2dXz639mXtacLTgaLlSVVMXKpWquVCydLHgFKPBM1taKDuW3TaeL1WWlupqlhfHE0u25ThqlutatOparWjVrqv5xCyU1TAMHU/IyTbUxZzcyuysmdlx2I32dEfovVj75WinObadaXQezK30a18AAODo2r3+92v9nev/7Lzf9rL+N1RFLNOh/u+HRtvVP+p/HAu2nTETwe9vO+p/AAAAAAAAAAAAAAAAAAAAAAD+B+uum3RdNxm24VdMROIiEl4Pep/oj33+/G8MaLvosZYP7sVFSm9quVrOb/3xTF4KUhJLJiUpv733Q8Dvz9zOTk+qZzh4ymZ+uZaLemcTePlQqlP+4ukpP6/yqZmrBflhSbSun5aknOm8fnozHx6HsFzLjcjVKy15Q5Ly5bFUpCSL3vt6M/9qSvXW3eyW9Ue9eQAAAAAAHAeGbki13//6Zz8a3oS4bB/383v4/8CW++shOd/NEZUAAAAAAODAnPqLolkqWfY+OjEROUD8uHai0v7IqIgMfmM3ReRovD6H0omLiP+I7if+YyPeVcrtYs6QiAz8ZdlDZ9B/mQAAAAD0mlfrR5pF/x5CX1/3cUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJw83Z4HFs7fNhQO7BJvWS566N8gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcIT8DQAA//9F8hZE")
r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000000000)=""/48, 0x30)
ioctl$VFAT_IOCTL_READDIR_BOTH(r1, 0x82307201, &(0x7f0000000f80)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
fsetxattr(r0, 0x0, &(0x7f0000000040)='{\x00', 0x2, 0x1)

217.249923ms ago: executing program 0 (id=929):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[])

216.758682ms ago: executing program 1 (id=930):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x200000000000011, 0x2, 0xe6)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x20, &(0x7f0000000540)={&(0x7f0000000340)=ANY=[@ANYBLOB="48000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32=r3], 0x48}}, 0x0)

216.263122ms ago: executing program 2 (id=931):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$usbmon(&(0x7f0000000040), 0x0, 0x8000)
syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x19, 0x0, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000000)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f00000002c0)=0x56, 0xffffffffffffffff, 0x0, 0x0, 0x1}}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = socket(0x28, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$vsock_stream(r2, 0x0, 0x0)
connect$vsock_stream(r2, &(0x7f0000000400)={0x28, 0x0, 0x2710, @host}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
socket$key(0xf, 0x3, 0x2)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=@getchain={0x44, 0x11, 0x1, 0x2000000, 0x3, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0x9, 0x8}, {0x3}}, [{0x8, 0xb, 0x3}, {0x8, 0xb, 0x8}, {0x8, 0xb, 0x5}, {0x8, 0xb, 0xffffff4d}]}, 0x44}, 0x1, 0x0, 0x0, 0x8d0}, 0x0)

208.759773ms ago: executing program 0 (id=932):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000400000000000000000000850000005000000085000000d000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xbfb}, 0x18)
r1 = gettid()
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0xc, 0x4, 0x4, 0x8, 0x1014}, 0x50)
rt_sigqueueinfo(r1, 0x21, &(0x7f0000000040))
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000680)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4c}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x46b, &(0x7f0000000740)="$eJzs28tvVNUfAPDvvX0APx7tD/EBolaJSeOjpQWVhRuNJi4wmugCl7UdSMNADa2JECLFGNyYGBJdG5cm/gXujIlRVyZudW9IiLIBXdXcO/fCdJgpFKa9lfl8ktuec++ZOec793XuOTMB9KyR7E8SsS0ifouIoUZ2eYGRxr9rV85O/33l7HQSS0tv/Znk5a5eOTtdFi1ft7XIjKYR6cdJUcly86fPHJ+q12univz4won3xudPn3l29sTUsdqx2snJQ4cOHph44fnJ57oSZxbX1T0fzu3d/do7F1+fPnLx3Z++ydq7rdjeHEe3jGSB/7WUa932ZLcrq9j2pnTSX2FDWJW+iMh210B+/g9FX9zYeUPx6keVNg5YU9m9aVPnzYtLwD0siapbAFSjvNFnz7/lsk5djw3h8kuNB6As7mvF0tjSH2lRZqDl+babRiLiyOI/X2ZLrNE4BABAs0+nvzgcz7Tr/6XxQFO5HcUcynBE/D8idkbEfRGxKyLuj8jLPhgRD62y/tapoZv7P+mlOwrsNmX9vxeLua3l/b+y9xfDfUVuex7/QHJ0tl7bX3wmozGwKctPrFDHd6/8+lmnbc39v2zJ6i/7gkU7LvW3DNDNTC1M5Z3SLrh8PmJPf7v4k+szAUlE7I6IPat76x1lYvapr/d2KnTr+FfQhXmmpa+y8Baz+BejJf5SsvL85PjmqNf2j5dHxc1+/uXCm53qv6v4u+ByrfG/af+3FhlOmudr51dfx4XfP+n4THOHx386mLydzzMPFus+mFpYODURMZgczvPL1k/eeG2ZL8tnx//ovvbn/87iNVn8D0dEdhA/EhGPRsRjRdsfj4gnImLfCvH/+HLnbWX8kVa0/89HzLS9/l0//lv2/+oTfcd/+LZT/be3/w/mqdFiTX79u4V2zckuF60NvJvPDgAAAP4r0vw78Ek6dj2dpmNjje/w74r/pfW5+YWnj869f3Km8V354RhIy5GuoWI8tD5br00ki8U7NsZHJ4ux4nK89EAxbvx535Y8PzY9V5+pOHbodVs7nP+ZP/qqbh2wxra0XTs5uO4NASrQOo+eLs+ee2M9GwOsK7/Xht51i/M/Xa92AOvP/R96V7vz/1xL3lwA3Jvc/6F3Of+hR6XfV90CoELu/9CT7uZ3/WuY2LwxmlFNYqPulDwRUSbSDdEeiTVKVH1lAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA//+Afus0")
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x0, 0x0, 0x0, 0x9, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2)
r4 = getpid()
sched_rr_get_interval(r4, &(0x7f0000000500))

37.078527ms ago: executing program 2 (id=933):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000"], 0x48)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x12, 0x104, 0x8, 0xffffffff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x10000000}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x2}, 0x100106, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0x200000000000027e, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x85)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0xe}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
inotify_init()

0s ago: executing program 2 (id=934):
syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_pidfd_open(0x0, 0x0)
preadv(r1, &(0x7f0000000040)=[{&(0x7f0000000280)=""/111, 0x6f}], 0x1, 0x9, 0x40)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000240)={r0, 0xffffffffffffffff, 0x32, 0x0, @void}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r2}, &(0x7f00000008c0), &(0x7f0000000880)=r3}, 0x20)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
r4 = open(&(0x7f00000005c0)='./bus\x00', 0x167842, 0x19)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x1400, 0x0, 0x0)

0s ago: executing program 0 (id=935):
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000000)='.//\x00\x00\x00')
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000))
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r0}, 0x38) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000019200)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0a000000040400000800000008a5ca9e056585c3d51783312f3f11de9b8f11752f3eae1412d26669940f63b8a52d1a34caa3a76a876380d069c12864df864c1a792e3756201cd6843d18dce690e241808c990c82503d25f31ee3c0ae0c6379243409e38f07b906343ed8e7d14dd181c1eecffdddf44438530218480d9d52d5dac5498d527b73a035c4bd495dfdae3be67dfe941ad8a8452c5126b257f44d68d5d3f2de0b64646697cebdd202dfc9a8e11afef73f87c7be8a8b155dd686989c68ad884f4069e4449b678544ec915a4e2caccd3e76f11ff3f55171eace96bf54822764e8b3c8bf5f6f9c65aee7834db37d406a47379f7a62a21c45fecf"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) (async, rerun: 32)
r4 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32)
msgctl$IPC_SET(0x0, 0x1, 0x0) (async)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000003c0)={{0x1, 0x1, 0x18, <r5=>r4, {0x0, 0xee01}}, './file0\x00'}) (async)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18}, './file0\x00'}) (async)
creat(&(0x7f00000000c0)='./file0\x00', 0x9c) (async, rerun: 32)
stat(&(0x7f0000000200)='./file0\x00', 0x0) (async, rerun: 32)
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f0000ffffffffff"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0) (async)
ioctl$LOOP_SET_BLOCK_SIZE(r5, 0x4c09, 0x1)
getegid()
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, 0x0, 0x94, 0x1)
stat(0x0, 0x0) (async)
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) (async)
lstat(0x0, 0x0) (async)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r7=>0x0}, 0x0)
setregid(r7, r7) (async)
stat(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580))
setxattr$system_posix_acl(0x0, 0x0, 0x0, 0x74, 0x1) (async)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r4, 0x0, 0x40000)
io_uring_setup(0x7cac, &(0x7f00000000c0)={0x0, 0x753a, 0x8, 0x2, 0x1ff})

kernel console output (not intermixed with test programs):

bject_r:user_tmpfs_t tclass=file permissive=1
[   48.822788][   T29] audit: type=1326 audit(1756517797.018:1420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4181 comm="syz.4.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7f70e7c9ebe9 code=0x7ffc0000
[   48.846170][   T29] audit: type=1326 audit(1756517797.018:1421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4181 comm="syz.4.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70e7c9ebe9 code=0x7ffc0000
[   48.869834][   T29] audit: type=1326 audit(1756517797.018:1422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4181 comm="syz.4.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70e7c9ebe9 code=0x7ffc0000
[   48.893237][   T29] audit: type=1326 audit(1756517797.018:1423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4181 comm="syz.4.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f70e7c9ebe9 code=0x7ffc0000
[   48.916722][   T29] audit: type=1400 audit(1756517797.018:1424): avc:  denied  { write } for  pid=4181 comm="syz.4.219" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   48.936308][   T29] audit: type=1326 audit(1756517797.018:1425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4181 comm="syz.4.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70e7c9ebe9 code=0x7ffc0000
[   48.959648][   T29] audit: type=1326 audit(1756517797.018:1426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4181 comm="syz.4.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f70e7c9ebe9 code=0x7ffc0000
[   48.983567][   T29] audit: type=1326 audit(1756517797.018:1427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4181 comm="syz.4.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70e7c9ebe9 code=0x7ffc0000
[   49.007144][   T29] audit: type=1326 audit(1756517797.018:1428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4181 comm="syz.4.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f70e7c9ebe9 code=0x7ffc0000
[   49.172207][ T4210] netlink: 36 bytes leftover after parsing attributes in process `syz.4.228'.
[   49.190828][ T4210] bridge_slave_1: left allmulticast mode
[   49.196518][ T4210] bridge_slave_1: left promiscuous mode
[   49.202381][ T4210] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.255287][ T4210] bridge_slave_0: left allmulticast mode
[   49.261501][ T4210] bridge_slave_0: left promiscuous mode
[   49.267202][ T4210] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.414268][ T4230] FAULT_INJECTION: forcing a failure.
[   49.414268][ T4230] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   49.427436][ T4230] CPU: 1 UID: 0 PID: 4230 Comm: syz.0.231 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   49.427462][ T4230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   49.427474][ T4230] Call Trace:
[   49.427480][ T4230]  <TASK>
[   49.427487][ T4230]  __dump_stack+0x1d/0x30
[   49.427509][ T4230]  dump_stack_lvl+0xe8/0x140
[   49.427537][ T4230]  dump_stack+0x15/0x1b
[   49.427556][ T4230]  should_fail_ex+0x265/0x280
[   49.427581][ T4230]  should_fail+0xb/0x20
[   49.427601][ T4230]  should_fail_usercopy+0x1a/0x20
[   49.427676][ T4230]  _copy_to_user+0x20/0xa0
[   49.427711][ T4230]  simple_read_from_buffer+0xb5/0x130
[   49.427736][ T4230]  proc_fail_nth_read+0x10e/0x150
[   49.427766][ T4230]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   49.427790][ T4230]  vfs_read+0x1a8/0x770
[   49.427884][ T4230]  ? __rcu_read_unlock+0x4f/0x70
[   49.427927][ T4230]  ? __fget_files+0x184/0x1c0
[   49.428034][ T4230]  ksys_read+0xda/0x1a0
[   49.428056][ T4230]  __x64_sys_read+0x40/0x50
[   49.428094][ T4230]  x64_sys_call+0x27bc/0x2ff0
[   49.428114][ T4230]  do_syscall_64+0xd2/0x200
[   49.428192][ T4230]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   49.428215][ T4230]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   49.428243][ T4230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.428343][ T4230] RIP: 0033:0x7f0ba5ded5fc
[   49.428358][ T4230] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   49.428379][ T4230] RSP: 002b:00007f0ba482e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   49.428397][ T4230] RAX: ffffffffffffffda RBX: 00007f0ba6026090 RCX: 00007f0ba5ded5fc
[   49.428409][ T4230] RDX: 000000000000000f RSI: 00007f0ba482e0a0 RDI: 0000000000000003
[   49.428421][ T4230] RBP: 00007f0ba482e090 R08: 0000000000000000 R09: 0000000000000000
[   49.428436][ T4230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.428475][ T4230] R13: 00007f0ba6026128 R14: 00007f0ba6026090 R15: 00007ffe39811538
[   49.428499][ T4230]  </TASK>
[   49.779435][ T4262] netlink: 20 bytes leftover after parsing attributes in process `syz.1.240'.
[   49.788462][ T4262] netlink: 16 bytes leftover after parsing attributes in process `syz.1.240'.
[   50.069868][ T4296] netlink: 8 bytes leftover after parsing attributes in process `syz.4.249'.
[   50.091485][ T4296] loop4: detected capacity change from 0 to 2048
[   50.349702][ T4296]  loop4: unable to read partition table
[   50.355881][ T4296] loop4: partition table beyond EOD, truncated
[   50.362153][ T4296] loop_reread_partitions: partition scan of loop4 () failed (rc=-5)
[   50.570704][ T4305] infiniband syz1: set active
[   50.575537][ T4305] infiniband syz1: added syz_tun
[   50.662632][ T4305] RDS/IB: syz1: added
[   50.672527][ T4305] smc: adding ib device syz1 with port count 1
[   50.689434][ T4305] smc:    ib device syz1 port 1 has pnetid 
[   50.946059][ T4313] FAULT_INJECTION: forcing a failure.
[   50.946059][ T4313] name failslab, interval 1, probability 0, space 0, times 0
[   50.958775][ T4313] CPU: 1 UID: 0 PID: 4313 Comm: syz.0.254 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   50.958821][ T4313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   50.958836][ T4313] Call Trace:
[   50.958845][ T4313]  <TASK>
[   50.958855][ T4313]  __dump_stack+0x1d/0x30
[   50.958879][ T4313]  dump_stack_lvl+0xe8/0x140
[   50.958897][ T4313]  dump_stack+0x15/0x1b
[   50.958975][ T4313]  should_fail_ex+0x265/0x280
[   50.958997][ T4313]  should_failslab+0x8c/0xb0
[   50.959021][ T4313]  kmem_cache_alloc_noprof+0x50/0x310
[   50.959047][ T4313]  ? alloc_empty_file+0x76/0x200
[   50.959155][ T4313]  alloc_empty_file+0x76/0x200
[   50.959187][ T4313]  path_openat+0x68/0x2170
[   50.959209][ T4313]  ? try_charge_memcg+0x200/0x9e0
[   50.959236][ T4313]  ? css_rstat_updated+0xb7/0x240
[   50.959318][ T4313]  ? css_rstat_updated+0xb7/0x240
[   50.959408][ T4313]  ? mod_memcg_lruvec_state+0x1fc/0x2c0
[   50.959443][ T4313]  ? css_rstat_updated+0xb7/0x240
[   50.959482][ T4313]  do_filp_open+0x109/0x230
[   50.959511][ T4313]  do_sys_openat2+0xa6/0x110
[   50.959546][ T4313]  __x64_sys_openat+0xf2/0x120
[   50.959588][ T4313]  x64_sys_call+0x2e9c/0x2ff0
[   50.959641][ T4313]  do_syscall_64+0xd2/0x200
[   50.959752][ T4313]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   50.959776][ T4313]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   50.959885][ T4313]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.959968][ T4313] RIP: 0033:0x7f0ba5ded550
[   50.959983][ T4313] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[   50.960041][ T4313] RSP: 002b:00007f0ba484cef0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[   50.960059][ T4313] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f0ba5ded550
[   50.960071][ T4313] RDX: 0000000000000002 RSI: 00007f0ba5e71af4 RDI: 00000000ffffff9c
[   50.960082][ T4313] RBP: 00007f0ba5e71af4 R08: 0000000000000000 R09: 0000000000000000
[   50.960094][ T4313] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[   50.960107][ T4313] R13: 0000000000000071 R14: 0000200000000580 R15: 00007ffe39811538
[   50.960127][ T4313]  </TASK>
[   51.704176][ T4321] netlink: 36 bytes leftover after parsing attributes in process `syz.0.257'.
[   51.713318][ T4321] bridge_slave_1: left allmulticast mode
[   51.719173][ T4321] bridge_slave_1: left promiscuous mode
[   51.724902][ T4321] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.755305][ T4321] bridge_slave_0: left allmulticast mode
[   51.761089][ T4321] bridge_slave_0: left promiscuous mode
[   51.766858][ T4321] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.782951][ T4328] FAULT_INJECTION: forcing a failure.
[   51.782951][ T4328] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   51.796255][ T4328] CPU: 1 UID: 0 PID: 4328 Comm: syz.3.261 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   51.796315][ T4328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   51.796327][ T4328] Call Trace:
[   51.796335][ T4328]  <TASK>
[   51.796343][ T4328]  __dump_stack+0x1d/0x30
[   51.796364][ T4328]  dump_stack_lvl+0xe8/0x140
[   51.796382][ T4328]  dump_stack+0x15/0x1b
[   51.796408][ T4328]  should_fail_ex+0x265/0x280
[   51.796434][ T4328]  should_fail+0xb/0x20
[   51.796456][ T4328]  should_fail_usercopy+0x1a/0x20
[   51.796483][ T4328]  _copy_from_user+0x1c/0xb0
[   51.796516][ T4328]  ___sys_sendmsg+0xc1/0x1d0
[   51.796581][ T4328]  __x64_sys_sendmsg+0xd4/0x160
[   51.796649][ T4328]  x64_sys_call+0x191e/0x2ff0
[   51.796677][ T4328]  do_syscall_64+0xd2/0x200
[   51.796712][ T4328]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   51.796743][ T4328]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   51.796849][ T4328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.796877][ T4328] RIP: 0033:0x7f7b1f10ebe9
[   51.796895][ T4328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.796917][ T4328] RSP: 002b:00007f7b1db6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   51.797013][ T4328] RAX: ffffffffffffffda RBX: 00007f7b1f345fa0 RCX: 00007f7b1f10ebe9
[   51.797027][ T4328] RDX: 0000000020000000 RSI: 0000200000000e00 RDI: 0000000000000008
[   51.797038][ T4328] RBP: 00007f7b1db6f090 R08: 0000000000000000 R09: 0000000000000000
[   51.797051][ T4328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   51.797066][ T4328] R13: 00007f7b1f346038 R14: 00007f7b1f345fa0 R15: 00007fff9cc89378
[   51.797091][ T4328]  </TASK>
[   52.008535][ T4331] netlink: 8 bytes leftover after parsing attributes in process `syz.1.262'.
[   52.018393][ T4329] netlink: 'syz.2.260': attribute type 3 has an invalid length.
[   52.026999][ T4329] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=4329 comm=syz.2.260
[   52.114521][ T4343] FAULT_INJECTION: forcing a failure.
[   52.114521][ T4343] name failslab, interval 1, probability 0, space 0, times 0
[   52.127277][ T4343] CPU: 1 UID: 0 PID: 4343 Comm: +}[@ Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.127316][ T4343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   52.127332][ T4343] Call Trace:
[   52.127346][ T4343]  <TASK>
[   52.127354][ T4343]  __dump_stack+0x1d/0x30
[   52.127374][ T4343]  dump_stack_lvl+0xe8/0x140
[   52.127447][ T4343]  dump_stack+0x15/0x1b
[   52.127468][ T4343]  should_fail_ex+0x265/0x280
[   52.127494][ T4343]  should_failslab+0x8c/0xb0
[   52.127525][ T4343]  kmem_cache_alloc_noprof+0x50/0x310
[   52.127559][ T4343]  ? getname_flags+0x80/0x3b0
[   52.127669][ T4343]  getname_flags+0x80/0x3b0
[   52.127696][ T4343]  do_sys_openat2+0x60/0x110
[   52.127758][ T4343]  __x64_sys_openat+0xf2/0x120
[   52.127790][ T4343]  x64_sys_call+0x2e9c/0x2ff0
[   52.127814][ T4343]  do_syscall_64+0xd2/0x200
[   52.127877][ T4343]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   52.127903][ T4343]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   52.127936][ T4343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.127963][ T4343] RIP: 0033:0x7f0ba5deebe9
[   52.127982][ T4343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.128044][ T4343] RSP: 002b:00007f0ba484f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   52.128061][ T4343] RAX: ffffffffffffffda RBX: 00007f0ba6025fa0 RCX: 00007f0ba5deebe9
[   52.128130][ T4343] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[   52.128142][ T4343] RBP: 00007f0ba484f090 R08: 0000000000000000 R09: 0000000000000000
[   52.128156][ T4343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.128171][ T4343] R13: 00007f0ba6026038 R14: 00007f0ba6025fa0 R15: 00007ffe39811538
[   52.128202][ T4343]  </TASK>
[   52.388755][ T4360] netlink: 28 bytes leftover after parsing attributes in process `syz.0.274'.
[   52.397821][ T4360] netlink: 28 bytes leftover after parsing attributes in process `syz.0.274'.
[   52.444782][ T4368] FAULT_INJECTION: forcing a failure.
[   52.444782][ T4368] name failslab, interval 1, probability 0, space 0, times 0
[   52.457536][ T4368] CPU: 0 UID: 0 PID: 4368 Comm: syz.1.278 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.457564][ T4368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   52.457577][ T4368] Call Trace:
[   52.457584][ T4368]  <TASK>
[   52.457592][ T4368]  __dump_stack+0x1d/0x30
[   52.457621][ T4368]  dump_stack_lvl+0xe8/0x140
[   52.457641][ T4368]  dump_stack+0x15/0x1b
[   52.457658][ T4368]  should_fail_ex+0x265/0x280
[   52.457683][ T4368]  should_failslab+0x8c/0xb0
[   52.457708][ T4368]  kmem_cache_alloc_noprof+0x50/0x310
[   52.457736][ T4368]  ? getname_flags+0x80/0x3b0
[   52.457765][ T4368]  getname_flags+0x80/0x3b0
[   52.457793][ T4368]  do_sys_openat2+0x60/0x110
[   52.457877][ T4368]  __x64_sys_open+0xe6/0x110
[   52.457909][ T4368]  x64_sys_call+0x1457/0x2ff0
[   52.457931][ T4368]  do_syscall_64+0xd2/0x200
[   52.458040][ T4368]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   52.458064][ T4368]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   52.458121][ T4368]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.458143][ T4368] RIP: 0033:0x7efdcb8eebe9
[   52.458158][ T4368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.458236][ T4368] RSP: 002b:00007efdca34f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[   52.458281][ T4368] RAX: ffffffffffffffda RBX: 00007efdcbb25fa0 RCX: 00007efdcb8eebe9
[   52.458294][ T4368] RDX: 0000000000000080 RSI: 0000000000143142 RDI: 0000200000000040
[   52.458306][ T4368] RBP: 00007efdca34f090 R08: 0000000000000000 R09: 0000000000000000
[   52.458318][ T4368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.458330][ T4368] R13: 00007efdcbb26038 R14: 00007efdcbb25fa0 R15: 00007ffc560d6358
[   52.458357][ T4368]  </TASK>
[   52.666555][ T4381] FAULT_INJECTION: forcing a failure.
[   52.666555][ T4381] name failslab, interval 1, probability 0, space 0, times 0
[   52.679439][ T4381] CPU: 1 UID: 0 PID: 4381 Comm: syz.1.281 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.679483][ T4381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   52.679499][ T4381] Call Trace:
[   52.679508][ T4381]  <TASK>
[   52.679519][ T4381]  __dump_stack+0x1d/0x30
[   52.679546][ T4381]  dump_stack_lvl+0xe8/0x140
[   52.679631][ T4381]  dump_stack+0x15/0x1b
[   52.679653][ T4381]  should_fail_ex+0x265/0x280
[   52.679679][ T4381]  should_failslab+0x8c/0xb0
[   52.679825][ T4381]  kmem_cache_alloc_node_noprof+0x57/0x320
[   52.679864][ T4381]  ? __alloc_skb+0x101/0x320
[   52.679889][ T4381]  __alloc_skb+0x101/0x320
[   52.679926][ T4381]  netlink_alloc_large_skb+0xba/0xf0
[   52.680020][ T4381]  netlink_sendmsg+0x3cf/0x6b0
[   52.680052][ T4381]  ? __pfx_netlink_sendmsg+0x10/0x10
[   52.680082][ T4381]  __sock_sendmsg+0x145/0x180
[   52.680120][ T4381]  ____sys_sendmsg+0x31e/0x4e0
[   52.680176][ T4381]  ___sys_sendmsg+0x17b/0x1d0
[   52.680220][ T4381]  __x64_sys_sendmsg+0xd4/0x160
[   52.680252][ T4381]  x64_sys_call+0x191e/0x2ff0
[   52.680275][ T4381]  do_syscall_64+0xd2/0x200
[   52.680440][ T4381]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   52.680480][ T4381]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   52.680513][ T4381]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.680537][ T4381] RIP: 0033:0x7efdcb8eebe9
[   52.680554][ T4381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.680617][ T4381] RSP: 002b:00007efdca34f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   52.680640][ T4381] RAX: ffffffffffffffda RBX: 00007efdcbb25fa0 RCX: 00007efdcb8eebe9
[   52.680655][ T4381] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[   52.680670][ T4381] RBP: 00007efdca34f090 R08: 0000000000000000 R09: 0000000000000000
[   52.680684][ T4381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.680699][ T4381] R13: 00007efdcbb26038 R14: 00007efdcbb25fa0 R15: 00007ffc560d6358
[   52.680754][ T4381]  </TASK>
[   52.900047][ T4383] loop0: detected capacity change from 0 to 512
[   52.907205][ T4383] journal_path: Non-blockdev passed as './bus'
[   52.913442][ T4383] EXT4-fs: error: could not find journal device path
[   52.983602][ T4393] FAULT_INJECTION: forcing a failure.
[   52.983602][ T4393] name failslab, interval 1, probability 0, space 0, times 0
[   52.996521][ T4393] CPU: 0 UID: 0 PID: 4393 Comm: syz.4.286 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.996580][ T4393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   52.996594][ T4393] Call Trace:
[   52.996644][ T4393]  <TASK>
[   52.996653][ T4393]  __dump_stack+0x1d/0x30
[   52.996677][ T4393]  dump_stack_lvl+0xe8/0x140
[   52.996698][ T4393]  dump_stack+0x15/0x1b
[   52.996716][ T4393]  should_fail_ex+0x265/0x280
[   52.996738][ T4393]  should_failslab+0x8c/0xb0
[   52.996764][ T4393]  kmem_cache_alloc_noprof+0x50/0x310
[   52.996805][ T4393]  ? audit_log_start+0x365/0x6c0
[   52.996838][ T4393]  audit_log_start+0x365/0x6c0
[   52.996873][ T4393]  audit_seccomp+0x48/0x100
[   52.996906][ T4393]  ? __seccomp_filter+0x68c/0x10d0
[   52.996929][ T4393]  __seccomp_filter+0x69d/0x10d0
[   52.996953][ T4393]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   52.997034][ T4393]  ? vfs_write+0x7e8/0x960
[   52.997056][ T4393]  ? __rcu_read_unlock+0x4f/0x70
[   52.997145][ T4393]  ? __fget_files+0x184/0x1c0
[   52.997173][ T4393]  __secure_computing+0x82/0x150
[   52.997196][ T4393]  syscall_trace_enter+0xcf/0x1e0
[   52.997382][ T4393]  do_syscall_64+0xac/0x200
[   52.997472][ T4393]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   52.997642][ T4393]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   52.997678][ T4393]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.997703][ T4393] RIP: 0033:0x7f70e7c9ebe9
[   52.997721][ T4393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.997740][ T4393] RSP: 002b:00007f70e66ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000013d
[   52.997835][ T4393] RAX: ffffffffffffffda RBX: 00007f70e7ed5fa0 RCX: 00007f70e7c9ebe9
[   52.997850][ T4393] RDX: 00002000000000c0 RSI: 0000000000000000 RDI: 0000000000000001
[   52.997863][ T4393] RBP: 00007f70e66ff090 R08: 0000000000000000 R09: 0000000000000000
[   52.997876][ T4393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.997943][ T4393] R13: 00007f70e7ed6038 R14: 00007f70e7ed5fa0 R15: 00007ffed68f34c8
[   52.997965][ T4393]  </TASK>
[   53.239586][ T4391] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.311951][ T4410] loop4: detected capacity change from 0 to 512
[   53.332593][ T4391] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.381057][ T4414] netlink: 8 bytes leftover after parsing attributes in process `syz.4.295'.
[   53.394480][ T4391] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.422892][ T4412] netlink: 28 bytes leftover after parsing attributes in process `syz.0.294'.
[   53.431940][ T4412] netlink: 28 bytes leftover after parsing attributes in process `syz.0.294'.
[   53.479342][ T4391] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.483403][ T4420] netlink: 36 bytes leftover after parsing attributes in process `syz.4.297'.
[   53.501878][ T4424] netlink: 'syz.0.298': attribute type 3 has an invalid length.
[   53.513676][ T4424] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=4424 comm=syz.0.298
[   53.529627][ T4426] FAULT_INJECTION: forcing a failure.
[   53.529627][ T4426] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   53.542821][ T4426] CPU: 1 UID: 0 PID: 4426 Comm: syz.4.299 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   53.542850][ T4426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   53.542863][ T4426] Call Trace:
[   53.542896][ T4426]  <TASK>
[   53.542904][ T4426]  __dump_stack+0x1d/0x30
[   53.542925][ T4426]  dump_stack_lvl+0xe8/0x140
[   53.542944][ T4426]  dump_stack+0x15/0x1b
[   53.543000][ T4426]  should_fail_ex+0x265/0x280
[   53.543021][ T4426]  should_fail+0xb/0x20
[   53.543093][ T4426]  should_fail_usercopy+0x1a/0x20
[   53.543115][ T4426]  _copy_from_user+0x1c/0xb0
[   53.543153][ T4426]  sg_new_write+0x71a/0x890
[   53.543195][ T4426]  ? do_vfs_ioctl+0x866/0xe10
[   53.543251][ T4426]  sg_ioctl+0xb81/0x1360
[   53.543350][ T4426]  ? __pfx_sg_ioctl+0x10/0x10
[   53.543379][ T4426]  __se_sys_ioctl+0xce/0x140
[   53.543398][ T4426]  __x64_sys_ioctl+0x43/0x50
[   53.543431][ T4426]  x64_sys_call+0x1816/0x2ff0
[   53.543484][ T4426]  do_syscall_64+0xd2/0x200
[   53.543513][ T4426]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   53.543537][ T4426]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   53.543564][ T4426]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.543585][ T4426] RIP: 0033:0x7f70e7c9ebe9
[   53.543614][ T4426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.543659][ T4426] RSP: 002b:00007f70e66ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   53.543720][ T4426] RAX: ffffffffffffffda RBX: 00007f70e7ed5fa0 RCX: 00007f70e7c9ebe9
[   53.543732][ T4426] RDX: 0000200000000040 RSI: 0000000000002285 RDI: 0000000000000003
[   53.543744][ T4426] RBP: 00007f70e66ff090 R08: 0000000000000000 R09: 0000000000000000
[   53.543756][ T4426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.543791][ T4426] R13: 00007f70e7ed6038 R14: 00007f70e7ed5fa0 R15: 00007ffed68f34c8
[   53.543810][ T4426]  </TASK>
[   53.746900][ T3593] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   53.761729][ T3562] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   53.774666][ T4430] FAULT_INJECTION: forcing a failure.
[   53.774666][ T4430] name failslab, interval 1, probability 0, space 0, times 0
[   53.784823][ T3562] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   53.787431][ T4430] CPU: 1 UID: 0 PID: 4430 Comm: syz.4.301 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   53.787466][ T4430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   53.787484][ T4430] Call Trace:
[   53.787493][ T4430]  <TASK>
[   53.787506][ T4430]  __dump_stack+0x1d/0x30
[   53.787534][ T4430]  dump_stack_lvl+0xe8/0x140
[   53.787560][ T4430]  dump_stack+0x15/0x1b
[   53.787582][ T4430]  should_fail_ex+0x265/0x280
[   53.787612][ T4430]  should_failslab+0x8c/0xb0
[   53.787644][ T4430]  kmem_cache_alloc_noprof+0x50/0x310
[   53.787682][ T4430]  ? vm_area_dup+0x33/0x2c0
[   53.787723][ T4430]  vm_area_dup+0x33/0x2c0
[   53.787764][ T4430]  __split_vma+0xe9/0x650
[   53.787805][ T4430]  vma_modify+0x3f2/0xc80
[   53.787839][ T4430]  vma_modify_flags+0x101/0x130
[   53.787878][ T4430]  mprotect_fixup+0x2cc/0x570
[   53.787915][ T4430]  do_mprotect_pkey+0x6d6/0x980
[   53.787950][ T4430]  ? bpf_trace_run2+0xf5/0x1c0
[   53.787992][ T4430]  __x64_sys_mprotect+0x48/0x60
[   53.788024][ T4430]  x64_sys_call+0x274e/0x2ff0
[   53.788053][ T4430]  do_syscall_64+0xd2/0x200
[   53.788088][ T4430]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   53.788110][ T4430]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   53.788141][ T4430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.788180][ T4430] RIP: 0033:0x7f70e7c9ebe9
[   53.788200][ T4430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.788223][ T4430] RSP: 002b:00007f70e66ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000000a
[   53.788248][ T4430] RAX: ffffffffffffffda RBX: 00007f70e7ed5fa0 RCX: 00007f70e7c9ebe9
[   53.788265][ T4430] RDX: 0000000000000001 RSI: 000000000000f000 RDI: 0000200000000000
[   53.788282][ T4430] RBP: 00007f70e66ff090 R08: 0000000000000000 R09: 0000000000000000
[   53.788298][ T4430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.788313][ T4430] R13: 00007f70e7ed6038 R14: 00007f70e7ed5fa0 R15: 00007ffed68f34c8
[   53.788339][ T4430]  </TASK>
[   53.891586][ T4433] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[   53.910853][ T4434] loop0: detected capacity change from 0 to 2048
[   53.970455][ T3562] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   53.976167][ T4434] EXT4-fs: dax option not supported
[   54.020678][   T29] kauditd_printk_skb: 329 callbacks suppressed
[   54.020698][   T29] audit: type=1326 audit(1756517802.198:1756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4436 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70e7c9ebe9 code=0x7ffc0000
[   54.095794][ T4434] SELinux:  Context system_u:object_r:mouse_device_t:s0 is not valid (left unmapped).
[   54.147778][   T29] audit: type=1400 audit(1756517802.298:1757): avc:  denied  { relabelfrom } for  pid=4431 comm="syz.0.302" name="NETLINK" dev="sockfs" ino=8276 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[   54.164754][ T4434] audit: audit_backlog=65 > audit_backlog_limit=64
[   54.171756][   T29] audit: type=1400 audit(1756517802.348:1758): avc:  denied  { relabelto } for  pid=4431 comm="syz.0.302" name="NETLINK" dev="sockfs" ino=8276 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=netlink_audit_socket permissive=1 trawcon="system_u:object_r:mouse_device_t:s0"
[   54.178223][ T4434] audit: audit_lost=3 audit_rate_limit=0 audit_backlog_limit=64
[   54.206491][   T29] audit: type=1400 audit(1756517802.358:1759): avc:  denied  { setopt } for  pid=4435 comm="syz.1.303" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   54.214156][ T4434] audit: backlog limit exceeded
[   54.216355][ T4439] audit: audit_backlog=65 > audit_backlog_limit=64
[   54.238462][   T29] audit: type=1326 audit(1756517802.368:1760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4407 comm="syz.3.292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b1f10ebe9 code=0x7fc00000
[   54.238502][   T29] audit: type=1326 audit(1756517802.368:1761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4407 comm="syz.3.292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7b1f10ebe9 code=0x7fc00000
[   54.318226][ T4445] loop3: detected capacity change from 0 to 1024
[   54.325132][ T4448] netlink: 12 bytes leftover after parsing attributes in process `syz.4.307'.
[   54.346424][ T4448] 8021q: adding VLAN 0 to HW filter on device bond2
[   54.358548][ T4445] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.377660][ T4448] bond2 (unregistering): Released all slaves
[   54.419885][ T4445] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.306: Allocating blocks 449-513 which overlap fs metadata
[   54.422136][ T4462] 8021q: adding VLAN 0 to HW filter on device bond2
[   54.442522][ T4462] FAULT_INJECTION: forcing a failure.
[   54.442522][ T4462] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   54.455757][ T4462] CPU: 1 UID: 0 PID: 4462 Comm: syz.0.309 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   54.455789][ T4462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   54.455804][ T4462] Call Trace:
[   54.455813][ T4462]  <TASK>
[   54.455822][ T4462]  __dump_stack+0x1d/0x30
[   54.455848][ T4462]  dump_stack_lvl+0xe8/0x140
[   54.455869][ T4462]  dump_stack+0x15/0x1b
[   54.455885][ T4462]  should_fail_ex+0x265/0x280
[   54.455981][ T4462]  should_fail+0xb/0x20
[   54.456053][ T4462]  should_fail_usercopy+0x1a/0x20
[   54.456079][ T4462]  _copy_from_user+0x1c/0xb0
[   54.456114][ T4462]  ___sys_sendmsg+0xc1/0x1d0
[   54.456149][ T4462]  __x64_sys_sendmsg+0xd4/0x160
[   54.456203][ T4462]  x64_sys_call+0x191e/0x2ff0
[   54.456316][ T4462]  do_syscall_64+0xd2/0x200
[   54.456345][ T4462]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   54.456385][ T4462]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   54.456418][ T4462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.456473][ T4462] RIP: 0033:0x7f0ba5deebe9
[   54.456488][ T4462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.456509][ T4462] RSP: 002b:00007f0ba484f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   54.456532][ T4462] RAX: ffffffffffffffda RBX: 00007f0ba6025fa0 RCX: 00007f0ba5deebe9
[   54.456604][ T4462] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[   54.456618][ T4462] RBP: 00007f0ba484f090 R08: 0000000000000000 R09: 0000000000000000
[   54.456633][ T4462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.456647][ T4462] R13: 00007f0ba6026038 R14: 00007f0ba6025fa0 R15: 00007ffe39811538
[   54.456667][ T4462]  </TASK>
[   54.662601][ T4444] EXT4-fs (loop3): pa ffff888107a9d070: logic 48, phys. 177, len 21
[   54.670826][ T4444] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[   54.696486][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.771079][ T4487] FAULT_INJECTION: forcing a failure.
[   54.771079][ T4487] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   54.774392][    C0] hrtimer: interrupt took 86584 ns
[   54.784406][ T4487] CPU: 1 UID: 0 PID: 4487 Comm: syz.3.318 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   54.784482][ T4487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   54.784568][ T4487] Call Trace:
[   54.784577][ T4487]  <TASK>
[   54.784589][ T4487]  __dump_stack+0x1d/0x30
[   54.784636][ T4487]  dump_stack_lvl+0xe8/0x140
[   54.784663][ T4487]  dump_stack+0x15/0x1b
[   54.784685][ T4487]  should_fail_ex+0x265/0x280
[   54.784715][ T4487]  should_fail+0xb/0x20
[   54.784739][ T4487]  should_fail_usercopy+0x1a/0x20
[   54.784821][ T4487]  _copy_from_iter+0xd2/0xe80
[   54.784856][ T4487]  ? __build_skb_around+0x1a0/0x200
[   54.784903][ T4487]  ? __alloc_skb+0x223/0x320
[   54.784931][ T4487]  netlink_sendmsg+0x471/0x6b0
[   54.785031][ T4487]  ? __pfx_netlink_sendmsg+0x10/0x10
[   54.785062][ T4487]  __sock_sendmsg+0x145/0x180
[   54.785164][ T4487]  ____sys_sendmsg+0x31e/0x4e0
[   54.785275][ T4487]  ___sys_sendmsg+0x17b/0x1d0
[   54.785335][ T4487]  __x64_sys_sendmsg+0xd4/0x160
[   54.785373][ T4487]  x64_sys_call+0x191e/0x2ff0
[   54.785444][ T4487]  do_syscall_64+0xd2/0x200
[   54.785555][ T4487]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   54.785589][ T4487]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   54.785625][ T4487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.785654][ T4487] RIP: 0033:0x7f7b1f10ebe9
[   54.785736][ T4487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.785760][ T4487] RSP: 002b:00007f7b1db6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   54.785786][ T4487] RAX: ffffffffffffffda RBX: 00007f7b1f345fa0 RCX: 00007f7b1f10ebe9
[   54.785804][ T4487] RDX: 000000000000c000 RSI: 0000200000000080 RDI: 0000000000000003
[   54.785821][ T4487] RBP: 00007f7b1db6f090 R08: 0000000000000000 R09: 0000000000000000
[   54.785839][ T4487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.785907][ T4487] R13: 00007f7b1f346038 R14: 00007f7b1f345fa0 R15: 00007fff9cc89378
[   54.785935][ T4487]  </TASK>
[   54.818864][ T4492] loop3: detected capacity change from 0 to 512
[   55.055009][ T4485] lo speed is unknown, defaulting to 1000
[   55.139843][ T4505] loop1: detected capacity change from 0 to 512
[   55.284535][ T4510] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[   55.392595][ T4517] FAULT_INJECTION: forcing a failure.
[   55.392595][ T4517] name failslab, interval 1, probability 0, space 0, times 0
[   55.405420][ T4517] CPU: 1 UID: 0 PID: 4517 Comm: syz.3.331 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   55.405456][ T4517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   55.405469][ T4517] Call Trace:
[   55.405474][ T4517]  <TASK>
[   55.405481][ T4517]  __dump_stack+0x1d/0x30
[   55.405506][ T4517]  dump_stack_lvl+0xe8/0x140
[   55.405529][ T4517]  dump_stack+0x15/0x1b
[   55.405549][ T4517]  should_fail_ex+0x265/0x280
[   55.405576][ T4517]  should_failslab+0x8c/0xb0
[   55.405607][ T4517]  kmem_cache_alloc_noprof+0x50/0x310
[   55.405639][ T4517]  ? vm_area_dup+0x33/0x2c0
[   55.405673][ T4517]  vm_area_dup+0x33/0x2c0
[   55.405710][ T4517]  __split_vma+0xe9/0x650
[   55.405744][ T4517]  ? do_user_addr_fault+0xdaf/0x1090
[   55.405789][ T4517]  vma_modify+0x3f2/0xc80
[   55.405819][ T4517]  vma_modify_flags+0x101/0x130
[   55.405874][ T4517]  mprotect_fixup+0x2cc/0x570
[   55.405910][ T4517]  do_mprotect_pkey+0x6d6/0x980
[   55.405942][ T4517]  ? bpf_trace_run2+0xf5/0x1c0
[   55.405985][ T4517]  __x64_sys_mprotect+0x48/0x60
[   55.406010][ T4517]  x64_sys_call+0x274e/0x2ff0
[   55.406035][ T4517]  do_syscall_64+0xd2/0x200
[   55.406074][ T4517]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   55.406099][ T4517]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   55.406133][ T4517]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.406154][ T4517] RIP: 0033:0x7f7b1f10ebe9
[   55.406172][ T4517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.406194][ T4517] RSP: 002b:00007f7b1db6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000000a
[   55.406217][ T4517] RAX: ffffffffffffffda RBX: 00007f7b1f345fa0 RCX: 00007f7b1f10ebe9
[   55.406237][ T4517] RDX: 0000000000000001 RSI: 000000000000f000 RDI: 0000200000000000
[   55.406250][ T4517] RBP: 00007f7b1db6f090 R08: 0000000000000000 R09: 0000000000000000
[   55.406265][ T4517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.406279][ T4517] R13: 00007f7b1f346038 R14: 00007f7b1f345fa0 R15: 00007fff9cc89378
[   55.406304][ T4517]  </TASK>
[   55.719531][ T4525] netlink: 'syz.2.336': attribute type 3 has an invalid length.
[   55.727727][ T4525] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=4525 comm=syz.2.336
[   55.818884][ T3411] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=3411 comm=kworker/0:3
[   55.948630][ T3411] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=3411 comm=kworker/0:3
[   55.963493][ T4553] 9pnet: p9_errstr2errno: server reported unknown error 1844674407370
[   56.020640][ T4557] __nla_validate_parse: 2 callbacks suppressed
[   56.020658][ T4557] netlink: 12 bytes leftover after parsing attributes in process `syz.2.348'.
[   56.107987][ T4557] netlink: 12 bytes leftover after parsing attributes in process `syz.2.348'.
[   56.168517][ T4559] loop3: detected capacity change from 0 to 512
[   56.175641][ T4559] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   56.189135][ T4559] EXT4-fs (loop3): 1 truncate cleaned up
[   56.196182][ T4559] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.225389][ T4559] netlink: 12 bytes leftover after parsing attributes in process `syz.3.349'.
[   56.225705][ T4557] lo speed is unknown, defaulting to 1000
[   56.234417][ T4559] netlink: 'syz.3.349': attribute type 14 has an invalid length.
[   56.250235][ T3562] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   56.252593][ T4559] netlink: 12 bytes leftover after parsing attributes in process `syz.3.349'.
[   56.268085][ T4559] netlink: 'syz.3.349': attribute type 14 has an invalid length.
[   56.456451][ T3562] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   56.479841][ T3562] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   56.490965][ T3562] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   56.693516][   T36] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=36 comm=kworker/1:1
[   56.765272][ T4568] netlink: 'syz.1.351': attribute type 3 has an invalid length.
[   56.773836][ T4568] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=4568 comm=syz.1.351
[   57.013957][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.096646][ T4587] loop1: detected capacity change from 0 to 512
[   57.157344][ T4599] FAULT_INJECTION: forcing a failure.
[   57.157344][ T4599] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   57.170672][ T4599] CPU: 1 UID: 0 PID: 4599 Comm: syz.3.362 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   57.170705][ T4599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   57.170784][ T4599] Call Trace:
[   57.170793][ T4599]  <TASK>
[   57.170803][ T4599]  __dump_stack+0x1d/0x30
[   57.170830][ T4599]  dump_stack_lvl+0xe8/0x140
[   57.170854][ T4599]  dump_stack+0x15/0x1b
[   57.170876][ T4599]  should_fail_ex+0x265/0x280
[   57.170903][ T4599]  should_fail+0xb/0x20
[   57.170981][ T4599]  should_fail_usercopy+0x1a/0x20
[   57.171020][ T4599]  _copy_to_user+0x20/0xa0
[   57.171048][ T4599]  simple_read_from_buffer+0xb5/0x130
[   57.171114][ T4599]  proc_fail_nth_read+0x10e/0x150
[   57.171150][ T4599]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   57.171192][ T4599]  vfs_read+0x1a8/0x770
[   57.171218][ T4599]  ? __rcu_read_unlock+0x4f/0x70
[   57.171240][ T4599]  ? __fget_files+0x184/0x1c0
[   57.171266][ T4599]  ksys_read+0xda/0x1a0
[   57.171342][ T4599]  __x64_sys_read+0x40/0x50
[   57.171364][ T4599]  x64_sys_call+0x27bc/0x2ff0
[   57.171386][ T4599]  do_syscall_64+0xd2/0x200
[   57.171413][ T4599]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   57.171460][ T4599]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   57.171491][ T4599]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.171549][ T4599] RIP: 0033:0x7f7b1f10d5fc
[   57.171566][ T4599] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   57.171587][ T4599] RSP: 002b:00007f7b1db6f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   57.171658][ T4599] RAX: ffffffffffffffda RBX: 00007f7b1f345fa0 RCX: 00007f7b1f10d5fc
[   57.171670][ T4599] RDX: 000000000000000f RSI: 00007f7b1db6f0a0 RDI: 0000000000000006
[   57.171682][ T4599] RBP: 00007f7b1db6f090 R08: 0000000000000000 R09: 0000000000000000
[   57.171695][ T4599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.171722][ T4599] R13: 00007f7b1f346038 R14: 00007f7b1f345fa0 R15: 00007fff9cc89378
[   57.171741][ T4599]  </TASK>
[   57.177446][ T4601] netlink: 'syz.1.363': attribute type 3 has an invalid length.
[   57.227953][ T4604] netlink: 12 bytes leftover after parsing attributes in process `syz.3.364'.
[   57.232828][ T4601] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=4601 comm=syz.1.363
[   57.250947][ T4604] netlink: 256 bytes leftover after parsing attributes in process `syz.3.364'.
[   57.337454][ T4608] netlink: 12 bytes leftover after parsing attributes in process `syz.3.364'.
[   57.355765][ T4611] process 'syz.1.366' launched '/dev/fd/6' with NULL argv: empty string added
[   57.454948][ T4613] lo speed is unknown, defaulting to 1000
[   57.675332][ T4637] FAULT_INJECTION: forcing a failure.
[   57.675332][ T4637] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   57.688670][ T4637] CPU: 1 UID: 0 PID: 4637 Comm: syz.0.373 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   57.688700][ T4637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   57.688716][ T4637] Call Trace:
[   57.688723][ T4637]  <TASK>
[   57.688733][ T4637]  __dump_stack+0x1d/0x30
[   57.688764][ T4637]  dump_stack_lvl+0xe8/0x140
[   57.688788][ T4637]  dump_stack+0x15/0x1b
[   57.688809][ T4637]  should_fail_ex+0x265/0x280
[   57.688833][ T4637]  should_fail+0xb/0x20
[   57.688851][ T4637]  should_fail_usercopy+0x1a/0x20
[   57.688877][ T4637]  _copy_from_user+0x1c/0xb0
[   57.688957][ T4637]  sg_new_write+0x71a/0x890
[   57.689006][ T4637]  ? do_vfs_ioctl+0x866/0xe10
[   57.689047][ T4637]  sg_ioctl+0xb81/0x1360
[   57.689119][ T4637]  ? __pfx_sg_ioctl+0x10/0x10
[   57.689278][ T4637]  __se_sys_ioctl+0xce/0x140
[   57.689298][ T4637]  __x64_sys_ioctl+0x43/0x50
[   57.689332][ T4637]  x64_sys_call+0x1816/0x2ff0
[   57.689353][ T4637]  do_syscall_64+0xd2/0x200
[   57.689502][ T4637]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   57.689598][ T4637]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   57.689631][ T4637]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.689717][ T4637] RIP: 0033:0x7f0ba5deebe9
[   57.689736][ T4637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.689758][ T4637] RSP: 002b:00007f0ba484f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   57.689781][ T4637] RAX: ffffffffffffffda RBX: 00007f0ba6025fa0 RCX: 00007f0ba5deebe9
[   57.689796][ T4637] RDX: 0000200000000040 RSI: 0000000000002285 RDI: 0000000000000004
[   57.689809][ T4637] RBP: 00007f0ba484f090 R08: 0000000000000000 R09: 0000000000000000
[   57.689820][ T4637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.689831][ T4637] R13: 00007f0ba6026038 R14: 00007f0ba6025fa0 R15: 00007ffe39811538
[   57.689851][ T4637]  </TASK>
[   57.922689][ T4641] netlink: 'syz.1.375': attribute type 3 has an invalid length.
[   57.930853][ T4641] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=4641 comm=syz.1.375
[   57.994365][ T4644] netlink: 36 bytes leftover after parsing attributes in process `syz.4.376'.
[   58.062750][ T4653] loop1: detected capacity change from 0 to 128
[   58.076173][ T4656] loop0: detected capacity change from 0 to 1024
[   58.119702][ T4661] wireguard0: entered promiscuous mode
[   58.125227][ T4661] wireguard0: entered allmulticast mode
[   58.132000][ T4656] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   58.145879][ T4668] FAULT_INJECTION: forcing a failure.
[   58.145879][ T4668] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   58.159486][ T4668] CPU: 0 UID: 0 PID: 4668 Comm: syz.4.384 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   58.159569][ T4668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   58.159628][ T4668] Call Trace:
[   58.159635][ T4668]  <TASK>
[   58.159643][ T4668]  __dump_stack+0x1d/0x30
[   58.159668][ T4668]  dump_stack_lvl+0xe8/0x140
[   58.159693][ T4668]  dump_stack+0x15/0x1b
[   58.159713][ T4668]  should_fail_ex+0x265/0x280
[   58.159820][ T4668]  should_fail+0xb/0x20
[   58.159840][ T4668]  should_fail_usercopy+0x1a/0x20
[   58.159861][ T4668]  _copy_from_user+0x1c/0xb0
[   58.159891][ T4668]  ___sys_sendmsg+0xc1/0x1d0
[   58.159995][ T4668]  __x64_sys_sendmsg+0xd4/0x160
[   58.160029][ T4668]  x64_sys_call+0x191e/0x2ff0
[   58.160057][ T4668]  do_syscall_64+0xd2/0x200
[   58.160102][ T4668]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   58.160130][ T4668]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   58.160182][ T4668]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.160207][ T4668] RIP: 0033:0x7f70e7c9ebe9
[   58.160226][ T4668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.160277][ T4668] RSP: 002b:00007f70e66ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   58.160299][ T4668] RAX: ffffffffffffffda RBX: 00007f70e7ed5fa0 RCX: 00007f70e7c9ebe9
[   58.160315][ T4668] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000006
[   58.160327][ T4668] RBP: 00007f70e66ff090 R08: 0000000000000000 R09: 0000000000000000
[   58.160388][ T4668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.160403][ T4668] R13: 00007f70e7ed6038 R14: 00007f70e7ed5fa0 R15: 00007ffed68f34c8
[   58.160473][ T4668]  </TASK>
[   58.395935][ T4656] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   58.447606][ T4680] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4680 comm=syz.2.387
[   58.465188][    T9] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=9 comm=kworker/0:0
[   58.534847][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.634061][ T4696] loop4: detected capacity change from 0 to 512
[   58.653125][ T4698] netlink: 36 bytes leftover after parsing attributes in process `syz.2.396'.
[   58.667852][ T4696] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   58.694588][ T4696] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.393: bg 0: block 4: invalid block bitmap
[   58.720396][ T4696] EXT4-fs (loop4): Remounting filesystem read-only
[   58.758207][ T4696] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   58.819008][ T4696] EXT4-fs (loop4): 1 truncate cleaned up
[   58.830387][ T4696] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   59.018979][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.042325][   T29] kauditd_printk_skb: 407 callbacks suppressed
[   59.042342][   T29] audit: type=1326 audit(1756517807.248:2152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4722 comm="syz.2.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fec89fe5ba7 code=0x7ffc0000
[   59.072031][   T29] audit: type=1326 audit(1756517807.248:2153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4722 comm="syz.2.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fec89f8adb9 code=0x7ffc0000
[   59.095384][   T29] audit: type=1326 audit(1756517807.248:2154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4722 comm="syz.2.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fec89fe5ba7 code=0x7ffc0000
[   59.119248][   T29] audit: type=1326 audit(1756517807.248:2155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4722 comm="syz.2.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fec89f8adb9 code=0x7ffc0000
[   59.142641][   T29] audit: type=1326 audit(1756517807.248:2156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4722 comm="syz.2.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec89feebe9 code=0x7ffc0000
[   59.166066][   T29] audit: type=1326 audit(1756517807.248:2157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4722 comm="syz.2.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec89feebe9 code=0x7ffc0000
[   59.214957][ T4721] loop3: detected capacity change from 0 to 512
[   59.247025][   T29] audit: type=1326 audit(1756517807.338:2158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4722 comm="syz.2.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7fec89feebe9 code=0x7ffc0000
[   59.270724][   T29] audit: type=1326 audit(1756517807.338:2159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4722 comm="syz.2.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec89feebe9 code=0x7ffc0000
[   59.294131][   T29] audit: type=1326 audit(1756517807.338:2160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4722 comm="syz.2.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec89feebe9 code=0x7ffc0000
[   59.317594][   T29] audit: type=1326 audit(1756517807.338:2161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4722 comm="syz.2.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fec89feebe9 code=0x7ffc0000
[   59.385954][ T4731] netlink: 'syz.2.407': attribute type 3 has an invalid length.
[   59.408537][ T4731] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=4731 comm=syz.2.407
[   59.454440][ T4736] loop4: detected capacity change from 0 to 1024
[   59.470036][ T4738] netlink: 36 bytes leftover after parsing attributes in process `syz.1.410'.
[   59.479152][ T4738] bridge_slave_1: left allmulticast mode
[   59.484924][ T4738] bridge_slave_1: left promiscuous mode
[   59.490669][ T4738] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.513275][ T4736] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.536020][ T4738] bridge_slave_0: left allmulticast mode
[   59.541902][ T4738] bridge_slave_0: left promiscuous mode
[   59.547825][ T4738] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.586384][ T4736] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   59.623191][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.661662][ T4760] loop4: detected capacity change from 0 to 1024
[   59.703215][ T4760] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.777040][ T4760] FAULT_INJECTION: forcing a failure.
[   59.777040][ T4760] name failslab, interval 1, probability 0, space 0, times 0
[   59.789835][ T4760] CPU: 0 UID: 0 PID: 4760 Comm: syz.4.414 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   59.789919][ T4760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   59.789934][ T4760] Call Trace:
[   59.789943][ T4760]  <TASK>
[   59.789952][ T4760]  __dump_stack+0x1d/0x30
[   59.789984][ T4760]  dump_stack_lvl+0xe8/0x140
[   59.790006][ T4760]  dump_stack+0x15/0x1b
[   59.790026][ T4760]  should_fail_ex+0x265/0x280
[   59.790051][ T4760]  should_failslab+0x8c/0xb0
[   59.790081][ T4760]  __kmalloc_noprof+0xa5/0x3e0
[   59.790129][ T4760]  ? ext4_find_extent+0x16b/0x7a0
[   59.790200][ T4760]  ext4_find_extent+0x16b/0x7a0
[   59.790229][ T4760]  ext4_ext_map_blocks+0x11f/0x38a0
[   59.790259][ T4760]  ? filemap_get_entry+0x34b/0x390
[   59.790333][ T4760]  ext4_map_blocks+0x5ee/0xd00
[   59.790361][ T4760]  ? folio_mark_accessed+0x240/0x3d0
[   59.790399][ T4760]  ext4_iomap_begin+0x88d/0xe00
[   59.790457][ T4760]  ? __pfx_ext4_iomap_begin+0x10/0x10
[   59.790487][ T4760]  iomap_iter+0x332/0x730
[   59.790564][ T4760]  ? should_failslab+0x8c/0xb0
[   59.790589][ T4760]  __iomap_dio_rw+0x708/0x1250
[   59.790680][ T4760]  ? ext4_journal_check_start+0x11a/0x1b0
[   59.790709][ T4760]  iomap_dio_rw+0x40/0x90
[   59.790815][ T4760]  ext4_file_write_iter+0xad9/0xf00
[   59.790886][ T4760]  do_iter_readv_writev+0x499/0x540
[   59.790921][ T4760]  vfs_writev+0x2df/0x8b0
[   59.790968][ T4760]  __se_sys_pwritev2+0xfc/0x1c0
[   59.791054][ T4760]  __x64_sys_pwritev2+0x67/0x80
[   59.791082][ T4760]  x64_sys_call+0x2c55/0x2ff0
[   59.791108][ T4760]  do_syscall_64+0xd2/0x200
[   59.791149][ T4760]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   59.791178][ T4760]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   59.791216][ T4760]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.791242][ T4760] RIP: 0033:0x7f70e7c9ebe9
[   59.791260][ T4760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.791281][ T4760] RSP: 002b:00007f70e66ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   59.791371][ T4760] RAX: ffffffffffffffda RBX: 00007f70e7ed5fa0 RCX: 00007f70e7c9ebe9
[   59.791386][ T4760] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000007
[   59.791400][ T4760] RBP: 00007f70e66ff090 R08: 0000000000000000 R09: 0000000000000000
[   59.791414][ T4760] R10: 0000000000001400 R11: 0000000000000246 R12: 0000000000000001
[   59.791428][ T4760] R13: 00007f70e7ed6038 R14: 00007f70e7ed5fa0 R15: 00007ffed68f34c8
[   59.791446][ T4760]  </TASK>
[   60.099042][ T4780] netlink: 'syz.0.423': attribute type 1 has an invalid length.
[   60.127196][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.137241][ T4780] 8021q: adding VLAN 0 to HW filter on device bond3
[   60.192462][ T4780] bond3 (unregistering): Released all slaves
[   60.221681][ T4785] IPv6: NLM_F_CREATE should be specified when creating new route
[   60.365584][ T4804] lo speed is unknown, defaulting to 1000
[   60.456149][ T3411] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=3411 comm=kworker/0:3
[   60.596046][ T4831] FAULT_INJECTION: forcing a failure.
[   60.596046][ T4831] name failslab, interval 1, probability 0, space 0, times 0
[   60.608857][ T4831] CPU: 0 UID: 0 PID: 4831 Comm: syz.1.444 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.608893][ T4831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   60.608908][ T4831] Call Trace:
[   60.608918][ T4831]  <TASK>
[   60.608926][ T4831]  __dump_stack+0x1d/0x30
[   60.608954][ T4831]  dump_stack_lvl+0xe8/0x140
[   60.608978][ T4831]  dump_stack+0x15/0x1b
[   60.609085][ T4831]  should_fail_ex+0x265/0x280
[   60.609111][ T4831]  should_failslab+0x8c/0xb0
[   60.609206][ T4831]  __kmalloc_noprof+0xa5/0x3e0
[   60.609241][ T4831]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[   60.609492][ T4831]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[   60.609595][ T4831]  genl_family_rcv_msg_doit+0x48/0x1b0
[   60.609704][ T4831]  ? selinux_capable+0x31/0x40
[   60.609757][ T4831]  ? security_capable+0x83/0x90
[   60.609860][ T4831]  ? ns_capable+0x7d/0xb0
[   60.609886][ T4831]  genl_rcv_msg+0x422/0x460
[   60.609983][ T4831]  ? __pfx_nl80211_pre_doit+0x10/0x10
[   60.610027][ T4831]  ? __pfx_nl80211_set_wiphy+0x10/0x10
[   60.610142][ T4831]  ? __pfx_nl80211_post_doit+0x10/0x10
[   60.610184][ T4831]  netlink_rcv_skb+0x123/0x220
[   60.610209][ T4831]  ? __pfx_genl_rcv_msg+0x10/0x10
[   60.610252][ T4831]  genl_rcv+0x28/0x40
[   60.610316][ T4831]  netlink_unicast+0x5bd/0x690
[   60.610343][ T4831]  netlink_sendmsg+0x58b/0x6b0
[   60.610374][ T4831]  ? __pfx_netlink_sendmsg+0x10/0x10
[   60.610402][ T4831]  __sock_sendmsg+0x145/0x180
[   60.610479][ T4831]  ____sys_sendmsg+0x31e/0x4e0
[   60.610510][ T4831]  ___sys_sendmsg+0x17b/0x1d0
[   60.610547][ T4831]  __x64_sys_sendmsg+0xd4/0x160
[   60.610642][ T4831]  x64_sys_call+0x191e/0x2ff0
[   60.610663][ T4831]  do_syscall_64+0xd2/0x200
[   60.610697][ T4831]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   60.610742][ T4831]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   60.610775][ T4831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.610802][ T4831] RIP: 0033:0x7efdcb8eebe9
[   60.610912][ T4831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.610933][ T4831] RSP: 002b:00007efdca34f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   60.610956][ T4831] RAX: ffffffffffffffda RBX: 00007efdcbb25fa0 RCX: 00007efdcb8eebe9
[   60.611032][ T4831] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000008
[   60.611048][ T4831] RBP: 00007efdca34f090 R08: 0000000000000000 R09: 0000000000000000
[   60.611063][ T4831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.611103][ T4831] R13: 00007efdcbb26038 R14: 00007efdcbb25fa0 R15: 00007ffc560d6358
[   60.611128][ T4831]  </TASK>
[   60.615962][ T4836] program syz.3.446 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   61.089840][ T4865] 9pnet_fd: Insufficient options for proto=fd
[   61.097225][ T4862] pimreg: entered allmulticast mode
[   61.121817][ T4862] lo speed is unknown, defaulting to 1000
[   61.192166][ T4875] netlink: 'syz.3.458': attribute type 3 has an invalid length.
[   61.200604][ T4875] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=4875 comm=syz.3.458
[   61.302517][ T4889] loop4: detected capacity change from 0 to 512
[   61.309647][ T4889] EXT4-fs: Ignoring removed oldalloc option
[   61.320360][ T4877] __nla_validate_parse: 5 callbacks suppressed
[   61.320384][ T4877] netlink: 12 bytes leftover after parsing attributes in process `syz.0.459'.
[   61.321474][ T4887] 9pnet_fd: Insufficient options for proto=fd
[   61.365851][ T4889] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.463: Parent and EA inode have the same ino 15
[   61.383672][ T4893] loop0: detected capacity change from 0 to 164
[   61.414972][ T4889] EXT4-fs (loop4): 1 orphan inode deleted
[   61.421933][ T4889] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   61.445395][ T4901] loop3: detected capacity change from 0 to 128
[   61.452182][ T4901] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   61.466720][ T4893] rock: directory entry would overflow storage
[   61.472994][ T4893] rock: sig=0x66, size=4, remaining=3
[   61.478516][ T4901] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   61.500830][ T4889] netlink: 12 bytes leftover after parsing attributes in process `syz.4.463'.
[   61.506199][ T4893] rock: directory entry would overflow storage
[   61.516155][ T4893] rock: sig=0x66, size=4, remaining=3
[   61.544017][ T4893] iso9660: Corrupted directory entry in block 4 of inode 1792
[   61.558041][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.574788][ T1036] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=1036 comm=kworker/1:2
[   61.606288][ T3411] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=3411 comm=kworker/0:3
[   61.710554][ T4926] netlink: 12 bytes leftover after parsing attributes in process `syz.2.477'.
[   61.809536][ T4934] 9pnet_fd: Insufficient options for proto=fd
[   61.819312][ T4937] loop4: detected capacity change from 0 to 512
[   61.841471][ T4939] loop1: detected capacity change from 0 to 1024
[   61.848989][ T4939] EXT4-fs: Ignoring removed nomblk_io_submit option
[   61.849416][ T4935] netlink: 12 bytes leftover after parsing attributes in process `syz.2.481'.
[   61.866441][ T4937] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   61.876890][ T4937] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   61.885111][ T4937] EXT4-fs (loop4): orphan cleanup on readonly fs
[   61.892415][ T4937] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.482: Invalid block bitmap block 0 in block_group 0
[   61.908909][ T4937] EXT4-fs (loop4): Remounting filesystem read-only
[   61.916302][ T4937] EXT4-fs (loop4): 1 orphan inode deleted
[   61.916704][ T4939] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   61.934737][ T4937] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   61.985829][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.049845][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.065096][ T4952] loop3: detected capacity change from 0 to 512
[   62.072194][ T4952] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   62.085178][ T4953] netlink: 'syz.4.486': attribute type 1 has an invalid length.
[   62.097685][ T4952] EXT4-fs (loop3): 1 truncate cleaned up
[   62.106089][ T4952] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.125302][ T4953] 8021q: adding VLAN 0 to HW filter on device bond2
[   62.139787][ T4956] loop1: detected capacity change from 0 to 512
[   62.146705][ T4958] netlink: 4 bytes leftover after parsing attributes in process `syz.4.486'.
[   62.150672][ T4956] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   62.168953][ T4958] bond2 (unregistering): Released all slaves
[   62.195735][ T4956] EXT4-fs (loop1): 1 truncate cleaned up
[   62.209355][ T4956] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.256886][ T4956] netlink: 12 bytes leftover after parsing attributes in process `syz.1.488'.
[   62.265934][ T4956] netlink: 'syz.1.488': attribute type 14 has an invalid length.
[   62.302938][ T3567] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   62.315429][ T4956] netlink: 12 bytes leftover after parsing attributes in process `syz.1.488'.
[   62.324383][ T4956] netlink: 'syz.1.488': attribute type 14 has an invalid length.
[   62.336119][ T3567] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   62.344453][ T3567] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   62.352743][ T3567] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   62.507271][ T4963] loop0: detected capacity change from 0 to 512
[   62.514049][ T4963] journal_path: Non-blockdev passed as './bus'
[   62.520322][ T4963] EXT4-fs: error: could not find journal device path
[   62.605756][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.652615][ T3411] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   62.669636][ T3411] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   62.884977][ T4980] loop4: detected capacity change from 0 to 512
[   62.913279][ T4980] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   62.944534][ T4980] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   62.958803][ T4980] EXT4-fs (loop4): orphan cleanup on readonly fs
[   62.966995][ T4980] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.498: Invalid block bitmap block 0 in block_group 0
[   62.980771][ T4980] EXT4-fs (loop4): Remounting filesystem read-only
[   62.993471][ T4980] EXT4-fs (loop4): 1 orphan inode deleted
[   63.012632][ T4980] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   63.064714][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.080109][ T4977] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.497'.
[   63.101444][ T4977] netlink: 14 bytes leftover after parsing attributes in process `syz.2.497'.
[   63.114544][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.127807][ T4977] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   63.142917][ T4977] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   63.156366][ T4977] bond0 (unregistering): Released all slaves
[   63.169624][ T4995] loop3: detected capacity change from 0 to 1024
[   63.177881][ T4995] EXT4-fs: Ignoring removed nomblk_io_submit option
[   63.187604][ T3411] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=3411 comm=kworker/0:3
[   63.213335][ T4995] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   63.254139][ T5002] loop4: detected capacity change from 0 to 512
[   63.269512][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.279852][ T5004] loop1: detected capacity change from 0 to 512
[   63.287183][ T5004] journal_path: Non-blockdev passed as './bus'
[   63.293402][ T5004] EXT4-fs: error: could not find journal device path
[   63.330562][ T5010] loop4: detected capacity change from 0 to 512
[   63.345571][ T5012] loop1: detected capacity change from 0 to 512
[   63.354384][ T5012] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   63.364569][ T5010] 9pnet_fd: Insufficient options for proto=fd
[   63.387887][ T5012] EXT4-fs (loop1): 1 truncate cleaned up
[   63.393965][ T5012] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   63.443413][ T5018] netlink: 12 bytes leftover after parsing attributes in process `syz.2.510'.
[   63.452486][ T5018] netlink: 'syz.2.510': attribute type 14 has an invalid length.
[   63.551140][ T5018] netlink: 'syz.2.510': attribute type 14 has an invalid length.
[   63.567904][ T3576] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   63.587818][ T3535] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   63.607664][ T3538] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   63.627869][ T3557] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   63.760338][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.799420][ T1036] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=1036 comm=kworker/1:2
[   64.007021][ T5038] netlink: 'syz.0.518': attribute type 3 has an invalid length.
[   64.042083][ T5038] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=5038 comm=syz.0.518
[   64.137129][ T5026] lo speed is unknown, defaulting to 1000
[   64.306655][   T29] kauditd_printk_skb: 692 callbacks suppressed
[   64.306670][   T29] audit: type=1326 audit(1756517812.508:2848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5054 comm="syz.0.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ba5deebe9 code=0x7ffc0000
[   64.377690][   T29] audit: type=1326 audit(1756517812.558:2849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5054 comm="syz.0.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ba5deebe9 code=0x7ffc0000
[   64.401249][   T29] audit: type=1326 audit(1756517812.558:2850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5054 comm="syz.0.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ba5deebe9 code=0x7ffc0000
[   64.424699][   T29] audit: type=1326 audit(1756517812.558:2851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5054 comm="syz.0.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f0ba5deebe9 code=0x7ffc0000
[   64.448062][   T29] audit: type=1326 audit(1756517812.558:2852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5054 comm="syz.0.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ba5deebe9 code=0x7ffc0000
[   64.471448][   T29] audit: type=1326 audit(1756517812.558:2853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5054 comm="syz.0.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ba5deebe9 code=0x7ffc0000
[   64.494801][   T29] audit: type=1326 audit(1756517812.558:2854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5054 comm="syz.0.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ba5deebe9 code=0x7ffc0000
[   64.518392][   T29] audit: type=1326 audit(1756517812.558:2855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5054 comm="syz.0.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ba5deebe9 code=0x7ffc0000
[   64.541925][   T29] audit: type=1326 audit(1756517812.558:2856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5054 comm="syz.0.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ba5deebe9 code=0x7ffc0000
[   64.565363][   T29] audit: type=1326 audit(1756517812.558:2857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5054 comm="syz.0.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ba5deebe9 code=0x7ffc0000
[   64.604042][ T5061] loop0: detected capacity change from 0 to 512
[   64.698868][ T5075] loop1: detected capacity change from 0 to 128
[   64.705694][ T5075] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   64.739902][ T5075] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   64.762466][ T5079] loop3: detected capacity change from 0 to 1024
[   64.812829][ T5079] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   64.874571][ T5079] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   65.020464][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.579257][ T5105] loop1: detected capacity change from 0 to 512
[   65.649752][ T5099] 9pnet_fd: Insufficient options for proto=fd
[   65.741690][ T5120] loop3: detected capacity change from 0 to 512
[   65.757133][ T5121] loop4: detected capacity change from 0 to 512
[   65.765370][ T5121] journal_path: Non-blockdev passed as './bus'
[   65.771731][ T5121] EXT4-fs: error: could not find journal device path
[   65.915659][ T5133] netlink: 'syz.3.551': attribute type 3 has an invalid length.
[   65.962250][ T5142] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=5142 comm=syz.3.551
[   66.008692][ T5141] loop0: detected capacity change from 0 to 512
[   66.049295][ T5141] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   66.091500][ T5141] EXT4-fs (loop0): 1 truncate cleaned up
[   66.108974][ T5141] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.210112][ T5170] loop4: detected capacity change from 0 to 128
[   66.235840][ T5170] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   66.248811][ T5170] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   66.303040][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.331911][ T5179] $Hÿ: renamed from bond0 (while UP)
[   66.341899][ T5179] $Hÿ: entered promiscuous mode
[   66.347002][ T5179] bond_slave_0: entered promiscuous mode
[   66.352832][ T5179] bond_slave_1: entered promiscuous mode
[   66.374890][ T5183] loop0: detected capacity change from 0 to 512
[   66.383442][ T5183] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   66.395687][ T5183] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   66.413604][ T5183] EXT4-fs (loop0): orphan cleanup on readonly fs
[   66.421753][ T5183] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.568: Invalid block bitmap block 0 in block_group 0
[   66.439439][ T5183] EXT4-fs (loop0): Remounting filesystem read-only
[   66.446320][ T5183] EXT4-fs (loop0): 1 orphan inode deleted
[   66.453935][ T5183] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   66.624013][ T5182] lo speed is unknown, defaulting to 1000
[   66.631864][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.665023][ T5208] loop1: detected capacity change from 0 to 128
[   66.704104][ T5208] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   66.721904][ T5208] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   66.745562][ T5221] loop0: detected capacity change from 0 to 512
[   66.759093][ T5221] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   66.780823][ T5221] EXT4-fs (loop0): 1 truncate cleaned up
[   66.793915][ T5221] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.899591][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.932809][ T5232] loop1: detected capacity change from 0 to 1024
[   66.965121][ T5237] __nla_validate_parse: 3 callbacks suppressed
[   66.965217][ T5237] netlink: 96 bytes leftover after parsing attributes in process `syz.4.587'.
[   66.989551][ T5232] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.014898][ T5240] netlink: 36 bytes leftover after parsing attributes in process `syz.0.585'.
[   67.035993][ T5232] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   67.069907][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.194304][ T5264] loop0: detected capacity change from 0 to 512
[   67.224579][ T5264] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   67.268845][ T5264] EXT4-fs (loop0): 1 truncate cleaned up
[   67.274941][ T5264] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.323639][ T5276] tipc: Started in network mode
[   67.328652][ T5276] tipc: Node identity 82ca01d76147, cluster identity 4711
[   67.335970][ T5276] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   67.363726][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.409569][ T5282] syzkaller0: entered promiscuous mode
[   67.415179][ T5282] syzkaller0: entered allmulticast mode
[   67.487596][ T5288] FAULT_INJECTION: forcing a failure.
[   67.487596][ T5288] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   67.494119][ T5289] netlink: 36 bytes leftover after parsing attributes in process `syz.4.606'.
[   67.500902][ T5288] CPU: 1 UID: 0 PID: 5288 Comm: syz.0.605 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   67.500936][ T5288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   67.500953][ T5288] Call Trace:
[   67.500963][ T5288]  <TASK>
[   67.500973][ T5288]  __dump_stack+0x1d/0x30
[   67.501004][ T5288]  dump_stack_lvl+0xe8/0x140
[   67.501047][ T5288]  dump_stack+0x15/0x1b
[   67.501071][ T5288]  should_fail_ex+0x265/0x280
[   67.501176][ T5288]  should_fail+0xb/0x20
[   67.501201][ T5288]  should_fail_usercopy+0x1a/0x20
[   67.501231][ T5288]  _copy_from_user+0x1c/0xb0
[   67.501269][ T5288]  get_timespec64+0x4c/0x100
[   67.501298][ T5288]  __x64_sys_nanosleep+0x5c/0x1b0
[   67.501375][ T5288]  x64_sys_call+0x202c/0x2ff0
[   67.501404][ T5288]  do_syscall_64+0xd2/0x200
[   67.501442][ T5288]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   67.501476][ T5288]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   67.501590][ T5288]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.501619][ T5288] RIP: 0033:0x7f0ba5deebe9
[   67.501639][ T5288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.501698][ T5288] RSP: 002b:00007f0ba484f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000023
[   67.501724][ T5288] RAX: ffffffffffffffda RBX: 00007f0ba6025fa0 RCX: 00007f0ba5deebe9
[   67.501739][ T5288] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[   67.501756][ T5288] RBP: 00007f0ba484f090 R08: 0000000000000000 R09: 0000000000000000
[   67.501773][ T5288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.501808][ T5288] R13: 00007f0ba6026038 R14: 00007f0ba6025fa0 R15: 00007ffe39811538
[   67.501835][ T5288]  </TASK>
[   67.607455][ T5291] loop0: detected capacity change from 0 to 512
[   67.687544][ T5291] EXT4-fs: Ignoring removed mblk_io_submit option
[   67.698275][ T5291] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   67.709724][ T5291] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   67.717774][ T5291] System zones: 1-12
[   67.722240][ T5291] EXT4-fs (loop0): 1 truncate cleaned up
[   67.729391][ T5273] tipc: Resetting bearer <eth:syzkaller0>
[   67.737383][ T5273] tipc: Disabling bearer <eth:syzkaller0>
[   67.748950][ T5291] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.806347][ T5294] loop4: detected capacity change from 0 to 128
[   67.837747][ T5291] team0: Device gtp0 is of different type
[   67.857459][ T5294] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   67.893397][ T5294] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   68.092990][ T5305] loop4: detected capacity change from 0 to 512
[   68.099987][ T5305] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   68.111897][ T5305] EXT4-fs (loop4): 1 truncate cleaned up
[   68.127205][ T5305] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.209188][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.228316][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.318877][ T5319] netlink: 36 bytes leftover after parsing attributes in process `syz.2.619'.
[   68.358102][ T5327] loop0: detected capacity change from 0 to 128
[   68.375424][ T5327] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   68.402633][ T5327] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   68.504687][ T5340] tipc: Started in network mode
[   68.509741][ T5340] tipc: Node identity ac14140f, cluster identity 4711
[   68.516913][ T5340] tipc: New replicast peer: 255.255.255.83
[   68.522935][ T5340] tipc: Enabled bearer <udp:£>, priority 10
[   68.529466][ T5337] loop3: detected capacity change from 0 to 1024
[   68.548743][ T5337] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.603337][ T5337] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   68.686048][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.733294][ T5365] loop3: detected capacity change from 0 to 128
[   68.772823][ T5367] loop1: detected capacity change from 0 to 512
[   68.790287][ T5365] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   68.804305][ T5376] netlink: 36 bytes leftover after parsing attributes in process `syz.4.638'.
[   68.827095][ T5365] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   68.927049][ T5387] FAULT_INJECTION: forcing a failure.
[   68.927049][ T5387] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   68.940207][ T5387] CPU: 0 UID: 0 PID: 5387 Comm: syz.4.646 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   68.940243][ T5387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   68.940259][ T5387] Call Trace:
[   68.940267][ T5387]  <TASK>
[   68.940277][ T5387]  __dump_stack+0x1d/0x30
[   68.940369][ T5387]  dump_stack_lvl+0xe8/0x140
[   68.940424][ T5387]  dump_stack+0x15/0x1b
[   68.940440][ T5387]  should_fail_ex+0x265/0x280
[   68.940461][ T5387]  should_fail+0xb/0x20
[   68.940477][ T5387]  should_fail_usercopy+0x1a/0x20
[   68.940500][ T5387]  _copy_from_user+0x1c/0xb0
[   68.940581][ T5387]  ___sys_sendmsg+0xc1/0x1d0
[   68.940628][ T5387]  __x64_sys_sendmsg+0xd4/0x160
[   68.940663][ T5387]  x64_sys_call+0x191e/0x2ff0
[   68.940690][ T5387]  do_syscall_64+0xd2/0x200
[   68.940747][ T5387]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   68.940773][ T5387]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   68.940807][ T5387]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.940845][ T5387] RIP: 0033:0x7f70e7c9ebe9
[   68.940864][ T5387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.940884][ T5387] RSP: 002b:00007f70e66ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   68.940905][ T5387] RAX: ffffffffffffffda RBX: 00007f70e7ed5fa0 RCX: 00007f70e7c9ebe9
[   68.940921][ T5387] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 000000000000000a
[   68.940937][ T5387] RBP: 00007f70e66ff090 R08: 0000000000000000 R09: 0000000000000000
[   68.941013][ T5387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.941024][ T5387] R13: 00007f70e7ed6038 R14: 00007f70e7ed5fa0 R15: 00007ffed68f34c8
[   68.941095][ T5387]  </TASK>
[   69.230579][ T5410] netlink: 36 bytes leftover after parsing attributes in process `syz.0.654'.
[   69.268883][ T5419] loop3: detected capacity change from 0 to 512
[   69.276633][ T5419] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   69.290485][ T5419] EXT4-fs (loop3): 1 truncate cleaned up
[   69.308528][   T29] kauditd_printk_skb: 236 callbacks suppressed
[   69.308544][   T29] audit: type=1326 audit(1756517817.508:3092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5416 comm="syz.2.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec89feebe9 code=0x7ffc0000
[   69.338260][   T29] audit: type=1326 audit(1756517817.518:3093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5416 comm="syz.2.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fec89feebe9 code=0x7ffc0000
[   69.340522][ T5419] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.361556][   T29] audit: type=1326 audit(1756517817.518:3094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5416 comm="syz.2.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec89feebe9 code=0x7ffc0000
[   69.397309][   T29] audit: type=1326 audit(1756517817.518:3095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5416 comm="syz.2.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec89feebe9 code=0x7ffc0000
[   69.420779][   T29] audit: type=1326 audit(1756517817.518:3096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5416 comm="syz.2.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fec89feebe9 code=0x7ffc0000
[   69.423598][ T5427] loop1: detected capacity change from 0 to 1024
[   69.444180][   T29] audit: type=1326 audit(1756517817.518:3097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5416 comm="syz.2.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec89feebe9 code=0x7ffc0000
[   69.473950][   T29] audit: type=1326 audit(1756517817.518:3098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5416 comm="syz.2.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fec89feebe9 code=0x7ffc0000
[   69.497303][   T29] audit: type=1326 audit(1756517817.518:3099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5416 comm="syz.2.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec89feebe9 code=0x7ffc0000
[   69.520680][   T29] audit: type=1326 audit(1756517817.518:3100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5416 comm="syz.2.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fec89feebe9 code=0x7ffc0000
[   69.543970][   T29] audit: type=1326 audit(1756517817.518:3101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5416 comm="syz.2.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec89feebe9 code=0x7ffc0000
[   69.567547][ T3411] tipc: Node number set to 2886997007
[   69.606013][ T5427] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.618494][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.690091][ T5427] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   69.769891][ T5449] sd 0:0:1:0: device reset
[   69.780418][ T5449] tipc: Started in network mode
[   69.785423][ T5449] tipc: Node identity ac14140f, cluster identity 4711
[   69.795776][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.822473][ T5449] tipc: New replicast peer: 255.255.255.83
[   69.828550][ T5449] tipc: Enabled bearer <udp:£>, priority 10
[   69.836950][ T5455] netlink: 36 bytes leftover after parsing attributes in process `syz.3.671'.
[   69.845878][ T5455] bridge_slave_1: left allmulticast mode
[   69.851733][ T5455] bridge_slave_1: left promiscuous mode
[   69.857595][ T5455] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.877180][ T5455] bridge_slave_0: left allmulticast mode
[   69.882876][ T5455] bridge_slave_0: left promiscuous mode
[   69.888636][ T5455] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.989370][ T5474] netlink: 36 bytes leftover after parsing attributes in process `syz.1.679'.
[   70.069152][ T5480] netlink: 14 bytes leftover after parsing attributes in process `syz.0.677'.
[   70.108381][ T5480] hsr_slave_0: left promiscuous mode
[   70.124166][ T5480] hsr_slave_1: left promiscuous mode
[   70.371923][ T5491] loop1: detected capacity change from 0 to 1024
[   70.385576][ T5491] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.426450][ T5491] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   70.554534][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.597130][ T5509] netlink: 20 bytes leftover after parsing attributes in process `syz.3.692'.
[   70.956934][   T10] tipc: Node number set to 2886997007
[   71.001899][ T5546] loop0: detected capacity change from 0 to 1024
[   71.036267][ T5553] loop4: detected capacity change from 0 to 128
[   71.047322][ T5546] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.065687][ T5553] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   71.080590][ T5553] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   71.095852][ T5546] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   71.170533][ T5570] FAULT_INJECTION: forcing a failure.
[   71.170533][ T5570] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   71.184047][ T5570] CPU: 1 UID: 0 PID: 5570 Comm: syz.3.714 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   71.184107][ T5570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   71.184123][ T5570] Call Trace:
[   71.184132][ T5570]  <TASK>
[   71.184153][ T5570]  __dump_stack+0x1d/0x30
[   71.184229][ T5570]  dump_stack_lvl+0xe8/0x140
[   71.184254][ T5570]  dump_stack+0x15/0x1b
[   71.184276][ T5570]  should_fail_ex+0x265/0x280
[   71.184308][ T5570]  should_fail+0xb/0x20
[   71.184330][ T5570]  should_fail_usercopy+0x1a/0x20
[   71.184358][ T5570]  _copy_to_user+0x20/0xa0
[   71.184421][ T5570]  simple_read_from_buffer+0xb5/0x130
[   71.184449][ T5570]  proc_fail_nth_read+0x10e/0x150
[   71.184495][ T5570]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   71.184536][ T5570]  vfs_read+0x1a8/0x770
[   71.184562][ T5570]  ? __rcu_read_unlock+0x4f/0x70
[   71.184587][ T5570]  ? __fget_files+0x184/0x1c0
[   71.184706][ T5570]  ksys_read+0xda/0x1a0
[   71.184734][ T5570]  __x64_sys_read+0x40/0x50
[   71.184761][ T5570]  x64_sys_call+0x27bc/0x2ff0
[   71.184857][ T5570]  do_syscall_64+0xd2/0x200
[   71.184909][ T5570]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   71.184949][ T5570]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   71.185062][ T5570]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.185089][ T5570] RIP: 0033:0x7f7b1f10d5fc
[   71.185108][ T5570] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   71.185131][ T5570] RSP: 002b:00007f7b1db6f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   71.185209][ T5570] RAX: ffffffffffffffda RBX: 00007f7b1f345fa0 RCX: 00007f7b1f10d5fc
[   71.185226][ T5570] RDX: 000000000000000f RSI: 00007f7b1db6f0a0 RDI: 0000000000000008
[   71.185242][ T5570] RBP: 00007f7b1db6f090 R08: 0000000000000000 R09: 0000000000000000
[   71.185257][ T5570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.185330][ T5570] R13: 00007f7b1f346038 R14: 00007f7b1f345fa0 R15: 00007fff9cc89378
[   71.185352][ T5570]  </TASK>
[   71.411596][ T5572] loop4: detected capacity change from 0 to 512
[   71.418914][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.435073][ T5572] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: inode #11: comm syz.4.715: missing EA_INODE flag
[   71.447685][ T5572] EXT4-fs error (device loop4): ext4_xattr_inode_iget:442: comm syz.4.715: error while reading EA inode 11 err=-117
[   71.460274][ T5572] EXT4-fs (loop4): 1 orphan inode deleted
[   71.466487][ T5572] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.531146][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.595606][ T5593] loop4: detected capacity change from 0 to 128
[   71.627405][ T5593] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   71.656039][ T5593] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   71.742710][ T5608] loop4: detected capacity change from 0 to 512
[   71.760060][ T5608] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   71.772364][ T5612] loop1: detected capacity change from 0 to 1024
[   71.785825][ T5614] loop0: detected capacity change from 0 to 512
[   71.786053][ T5608] EXT4-fs (loop4): 1 truncate cleaned up
[   71.813216][ T5608] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.844676][ T5614] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: inode #11: comm syz.0.733: missing EA_INODE flag
[   71.864833][ T5612] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.867094][ T5614] EXT4-fs error (device loop0): ext4_xattr_inode_iget:442: comm syz.0.733: error while reading EA inode 11 err=-117
[   71.920173][ T5614] EXT4-fs (loop0): 1 orphan inode deleted
[   71.966538][ T5612] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   72.068145][ T5638] __nla_validate_parse: 5 callbacks suppressed
[   72.068161][ T5638] netlink: 36 bytes leftover after parsing attributes in process `syz.0.742'.
[   72.143414][ T5651] loop1: detected capacity change from 0 to 1024
[   72.177426][ T5651] EXT4-fs: Ignoring removed mblk_io_submit option
[   72.184012][ T5651] EXT4-fs: Ignoring removed bh option
[   72.196482][ T5659] loop3: detected capacity change from 0 to 128
[   72.205673][ T5659] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   72.211552][ T5651] ext3: Unknown parameter 'subj_type'
[   72.225259][ T5659] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   72.254179][ T5661] loop0: detected capacity change from 0 to 512
[   72.278564][ T5661] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: inode #11: comm syz.0.752: missing EA_INODE flag
[   72.290395][ T5668] loop4: detected capacity change from 0 to 1024
[   72.306354][ T5661] EXT4-fs error (device loop0): ext4_xattr_inode_iget:442: comm syz.0.752: error while reading EA inode 11 err=-117
[   72.320237][ T5661] EXT4-fs (loop0): 1 orphan inode deleted
[   72.323537][ T5651] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[   72.326490][ T5661] EXT4-fs mount: 4 callbacks suppressed
[   72.326508][ T5661] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.361144][ T5668] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.432712][ T5668] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   72.491855][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.528810][ T5684] netlink: 8 bytes leftover after parsing attributes in process `syz.1.747'.
[   72.529145][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.581337][ T5690] netlink: 4 bytes leftover after parsing attributes in process `syz.3.760'.
[   72.638351][ T5690] hsr_slave_0: left promiscuous mode
[   72.647284][ T5690] hsr_slave_1: left promiscuous mode
[   72.682059][ T5698] netlink: 36 bytes leftover after parsing attributes in process `syz.4.763'.
[   72.728660][ T5707] loop0: detected capacity change from 0 to 512
[   72.735793][ T5707] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   72.750193][ T5707] EXT4-fs (loop0): 1 truncate cleaned up
[   72.766863][ T5707] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.802996][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.893889][ T5722] loop0: detected capacity change from 0 to 512
[   72.916348][ T5722] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: inode #11: comm syz.0.774: missing EA_INODE flag
[   72.958812][ T5729] netlink: 'syz.4.777': attribute type 3 has an invalid length.
[   72.975076][ T5729] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=5729 comm=syz.4.777
[   73.009335][ T5722] EXT4-fs error (device loop0): ext4_xattr_inode_iget:442: comm syz.0.774: error while reading EA inode 11 err=-117
[   73.084550][ T5722] EXT4-fs (loop0): 1 orphan inode deleted
[   73.096327][ T5722] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.179995][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.206251][ T5746] loop4: detected capacity change from 0 to 512
[   73.225893][ T5746] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   73.246543][ T5746] EXT4-fs (loop4): 1 truncate cleaned up
[   73.258396][ T5746] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.290308][ T5748] netlink: 36 bytes leftover after parsing attributes in process `syz.0.786'.
[   73.303006][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.364199][ T5754] loop3: detected capacity change from 0 to 128
[   73.401924][ T5754] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   73.424002][ T5754] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   73.480676][ T5765] loop4: detected capacity change from 0 to 1024
[   73.491745][ T5759] netlink: 8 bytes leftover after parsing attributes in process `syz.0.790'.
[   73.529715][ T5765] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.543998][ T5774] FAULT_INJECTION: forcing a failure.
[   73.543998][ T5774] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   73.557344][ T5774] CPU: 1 UID: 0 PID: 5774 Comm: syz.3.795 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   73.557384][ T5774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   73.557396][ T5774] Call Trace:
[   73.557403][ T5774]  <TASK>
[   73.557411][ T5774]  __dump_stack+0x1d/0x30
[   73.557435][ T5774]  dump_stack_lvl+0xe8/0x140
[   73.557513][ T5774]  dump_stack+0x15/0x1b
[   73.557572][ T5774]  should_fail_ex+0x265/0x280
[   73.557620][ T5774]  should_fail+0xb/0x20
[   73.557644][ T5774]  should_fail_usercopy+0x1a/0x20
[   73.557673][ T5774]  _copy_from_user+0x1c/0xb0
[   73.557709][ T5774]  __sys_bpf+0x178/0x7b0
[   73.557817][ T5774]  __x64_sys_bpf+0x41/0x50
[   73.557913][ T5774]  x64_sys_call+0x2aea/0x2ff0
[   73.557940][ T5774]  do_syscall_64+0xd2/0x200
[   73.558006][ T5774]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   73.558064][ T5774]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   73.558097][ T5774]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.558150][ T5774] RIP: 0033:0x7f7b1f10ebe9
[   73.558167][ T5774] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.558245][ T5774] RSP: 002b:00007f7b1db6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   73.558269][ T5774] RAX: ffffffffffffffda RBX: 00007f7b1f345fa0 RCX: 00007f7b1f10ebe9
[   73.558339][ T5774] RDX: 0000000000000080 RSI: 0000200000000300 RDI: 0000000000000005
[   73.558354][ T5774] RBP: 00007f7b1db6f090 R08: 0000000000000000 R09: 0000000000000000
[   73.558369][ T5774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.558384][ T5774] R13: 00007f7b1f346038 R14: 00007f7b1f345fa0 R15: 00007fff9cc89378
[   73.558406][ T5774]  </TASK>
[   73.559986][ T5759] loop0: detected capacity change from 0 to 2048
[   73.794560][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.814098][ T5759]  loop0: unable to read partition table
[   73.824467][ T5759] loop0: partition table beyond EOD, truncated
[   73.830757][ T5759] loop_reread_partitions: partition scan of loop0 () failed (rc=-5)
[   73.846476][ T5788] netlink: 36 bytes leftover after parsing attributes in process `syz.2.802'.
[   73.858068][ T5785] netlink: 36 bytes leftover after parsing attributes in process `syz.1.799'.
[   73.922892][ T5795] loop4: detected capacity change from 0 to 128
[   73.948457][ T5795] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   73.991651][ T5795] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   74.057187][ T5804] loop4: detected capacity change from 0 to 512
[   74.080180][ T5807] loop1: detected capacity change from 0 to 512
[   74.105996][ T5804] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: inode #11: comm syz.4.808: missing EA_INODE flag
[   74.115872][ T5807] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   74.167449][ T5804] EXT4-fs error (device loop4): ext4_xattr_inode_iget:442: comm syz.4.808: error while reading EA inode 11 err=-117
[   74.177649][ T5807] EXT4-fs (loop1): 1 truncate cleaned up
[   74.196950][ T5804] EXT4-fs (loop4): 1 orphan inode deleted
[   74.203833][ T5807] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.225628][ T5804] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.279803][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.310577][ T5816] loop0: detected capacity change from 0 to 1024
[   74.338553][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.354924][ T5816] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   74.368283][ T5816] ext4 filesystem being mounted at /140/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   74.398857][ T5816] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #15: block 3: comm syz.0.812: lblock 3 mapped to illegal pblock 3 (length 3)
[   74.414470][ T5816] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[   74.426958][ T5816] EXT4-fs (loop0): This should not happen!! Data will be lost
[   74.426958][ T5816] 
[   74.493993][   T29] kauditd_printk_skb: 446 callbacks suppressed
[   74.494012][   T29] audit: type=1326 audit(1756517822.698:3547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5826 comm="syz.4.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70e7c9ebe9 code=0x7ffc0000
[   74.532674][ T3546] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #15: block 8: comm kworker/u8:19: lblock 8 mapped to illegal pblock 8 (length 8)
[   74.569121][ T5833] loop1: detected capacity change from 0 to 128
[   74.570621][   T29] audit: type=1326 audit(1756517822.728:3548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5826 comm="syz.4.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f70e7c9ebe9 code=0x7ffc0000
[   74.599242][   T29] audit: type=1326 audit(1756517822.728:3549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5826 comm="syz.4.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70e7c9ebe9 code=0x7ffc0000
[   74.607086][ T3546] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[   74.622664][   T29] audit: type=1326 audit(1756517822.728:3550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5826 comm="syz.4.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f70e7c9ebe9 code=0x7ffc0000
[   74.635273][ T3546] EXT4-fs (loop0): This should not happen!! Data will be lost
[   74.635273][ T3546] 
[   74.645450][ T5833] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   74.658818][   T29] audit: type=1326 audit(1756517822.728:3551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5826 comm="syz.4.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70e7c9ebe9 code=0x7ffc0000
[   74.672285][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   74.680267][   T29] audit: type=1326 audit(1756517822.728:3552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5826 comm="syz.4.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f70e7c9ebe9 code=0x7ffc0000
[   74.705591][ T5833] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   74.712560][   T29] audit: type=1326 audit(1756517822.728:3553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5826 comm="syz.4.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70e7c9ebe9 code=0x7ffc0000
[   74.712589][   T29] audit: type=1326 audit(1756517822.728:3554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5826 comm="syz.4.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f70e7c9ebe9 code=0x7ffc0000
[   74.791680][   T29] audit: type=1326 audit(1756517822.728:3555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5826 comm="syz.4.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70e7c9ebe9 code=0x7ffc0000
[   74.815036][   T29] audit: type=1326 audit(1756517822.728:3556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5826 comm="syz.4.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f70e7c9ebe9 code=0x7ffc0000
[   74.882759][ T5837] netlink: 36 bytes leftover after parsing attributes in process `syz.0.818'.
[   74.972453][ T5844] loop3: detected capacity change from 0 to 512
[   75.022492][ T5844] journal_path: Non-blockdev passed as './bus'
[   75.028765][ T5844] EXT4-fs: error: could not find journal device path
[   75.092488][ T5856] loop0: detected capacity change from 0 to 512
[   75.123422][ T5860] FAULT_INJECTION: forcing a failure.
[   75.123422][ T5860] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   75.136586][ T5860] CPU: 0 UID: 0 PID: 5860 Comm: syz.1.831 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   75.136665][ T5860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   75.136679][ T5860] Call Trace:
[   75.136686][ T5860]  <TASK>
[   75.136695][ T5860]  __dump_stack+0x1d/0x30
[   75.136720][ T5860]  dump_stack_lvl+0xe8/0x140
[   75.136742][ T5860]  dump_stack+0x15/0x1b
[   75.136820][ T5860]  should_fail_ex+0x265/0x280
[   75.136846][ T5860]  should_fail+0xb/0x20
[   75.136867][ T5860]  should_fail_usercopy+0x1a/0x20
[   75.136892][ T5860]  _copy_to_user+0x20/0xa0
[   75.136927][ T5860]  simple_read_from_buffer+0xb5/0x130
[   75.137037][ T5860]  proc_fail_nth_read+0x10e/0x150
[   75.137066][ T5860]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   75.137144][ T5860]  vfs_read+0x1a8/0x770
[   75.137165][ T5860]  ? __rcu_read_unlock+0x4f/0x70
[   75.137188][ T5860]  ? __fget_files+0x184/0x1c0
[   75.137216][ T5860]  ksys_read+0xda/0x1a0
[   75.137240][ T5860]  __x64_sys_read+0x40/0x50
[   75.137304][ T5860]  x64_sys_call+0x27bc/0x2ff0
[   75.137331][ T5860]  do_syscall_64+0xd2/0x200
[   75.137360][ T5860]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   75.137401][ T5860]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   75.137434][ T5860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.137456][ T5860] RIP: 0033:0x7efdcb8ed5fc
[   75.137517][ T5860] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   75.137537][ T5860] RSP: 002b:00007efdca34f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   75.137557][ T5860] RAX: ffffffffffffffda RBX: 00007efdcbb25fa0 RCX: 00007efdcb8ed5fc
[   75.137593][ T5860] RDX: 000000000000000f RSI: 00007efdca34f0a0 RDI: 0000000000000004
[   75.137683][ T5860] RBP: 00007efdca34f090 R08: 0000000000000000 R09: 0000000000000000
[   75.137696][ T5860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.137708][ T5860] R13: 00007efdcbb26038 R14: 00007efdcbb25fa0 R15: 00007ffc560d6358
[   75.137729][ T5860]  </TASK>
[   75.366094][ T5856] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: inode #11: comm syz.0.828: missing EA_INODE flag
[   75.384956][ T5856] EXT4-fs error (device loop0): ext4_xattr_inode_iget:442: comm syz.0.828: error while reading EA inode 11 err=-117
[   75.394210][ T5866] loop1: detected capacity change from 0 to 128
[   75.405388][ T5866] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   75.429695][ T5856] EXT4-fs (loop0): 1 orphan inode deleted
[   75.442284][ T5872] loop3: detected capacity change from 0 to 1024
[   75.449755][ T5856] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.469060][ T5866] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   75.494182][ T5872] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.513375][ T5874] netlink: 36 bytes leftover after parsing attributes in process `syz.2.837'.
[   75.530676][ T5872] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   75.564869][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.582319][ T5891] loop4: detected capacity change from 0 to 512
[   75.592386][ T5891] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   75.603771][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.646557][ T5891] EXT4-fs (loop4): 1 truncate cleaned up
[   75.653634][ T5891] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.730005][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.751236][ T5907] loop3: detected capacity change from 0 to 128
[   75.769489][ T5907] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   75.786651][ T5907] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   75.834286][ T5917] loop3: detected capacity change from 0 to 512
[   75.853711][ T5917] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: inode #11: comm syz.3.853: missing EA_INODE flag
[   75.878007][ T5917] EXT4-fs error (device loop3): ext4_xattr_inode_iget:442: comm syz.3.853: error while reading EA inode 11 err=-117
[   75.942658][ T5917] EXT4-fs (loop3): 1 orphan inode deleted
[   75.948934][ T5917] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.970982][ T5932] loop1: detected capacity change from 0 to 512
[   75.989587][ T5935] loop0: detected capacity change from 0 to 512
[   76.000883][ T5932] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   76.013558][ T5935] EXT4-fs: Ignoring removed nomblk_io_submit option
[   76.025999][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.026097][ T5935] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   76.043628][ T5935] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   76.055567][ T5932] EXT4-fs (loop1): 1 truncate cleaned up
[   76.063329][ T5932] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.103126][ T5942] loop3: detected capacity change from 0 to 128
[   76.123126][ T5942] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   76.142426][ T5942] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   76.191927][ T5948] loop3: detected capacity change from 0 to 512
[   76.281769][ T5935] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.860: Allocating blocks 41-42 which overlap fs metadata
[   76.298732][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.318188][ T5957] FAULT_INJECTION: forcing a failure.
[   76.318188][ T5957] name failslab, interval 1, probability 0, space 0, times 0
[   76.330922][ T5957] CPU: 1 UID: 0 PID: 5957 Comm: syz.3.869 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   76.330951][ T5957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   76.330967][ T5957] Call Trace:
[   76.330976][ T5957]  <TASK>
[   76.331005][ T5957]  __dump_stack+0x1d/0x30
[   76.331030][ T5957]  dump_stack_lvl+0xe8/0x140
[   76.331054][ T5957]  dump_stack+0x15/0x1b
[   76.331075][ T5957]  should_fail_ex+0x265/0x280
[   76.331102][ T5957]  should_failslab+0x8c/0xb0
[   76.331183][ T5957]  kmem_cache_alloc_noprof+0x50/0x310
[   76.331311][ T5957]  ? getname_flags+0x80/0x3b0
[   76.331347][ T5957]  getname_flags+0x80/0x3b0
[   76.331382][ T5957]  __x64_sys_rename+0x33/0x70
[   76.331409][ T5957]  x64_sys_call+0x1f9/0x2ff0
[   76.331461][ T5957]  do_syscall_64+0xd2/0x200
[   76.331496][ T5957]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   76.331521][ T5957]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   76.331548][ T5957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.331631][ T5957] RIP: 0033:0x7f7b1f10ebe9
[   76.331648][ T5957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.331671][ T5957] RSP: 002b:00007f7b1db6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[   76.331694][ T5957] RAX: ffffffffffffffda RBX: 00007f7b1f345fa0 RCX: 00007f7b1f10ebe9
[   76.331708][ T5957] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   76.331792][ T5957] RBP: 00007f7b1db6f090 R08: 0000000000000000 R09: 0000000000000000
[   76.331826][ T5957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.331838][ T5957] R13: 00007f7b1f346038 R14: 00007f7b1f345fa0 R15: 00007fff9cc89378
[   76.331856][ T5957]  </TASK>
[   76.520570][ T5935] EXT4-fs (loop0): Remounting filesystem read-only
[   76.539187][ T5935] EXT4-fs (loop0): 1 truncate cleaned up
[   76.545258][ T5935] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.590986][ T5970] loop4: detected capacity change from 0 to 512
[   76.622072][ T5975] loop1: detected capacity change from 0 to 128
[   76.633613][ T5975] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   76.656515][ T5970] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: inode #11: comm syz.4.874: missing EA_INODE flag
[   76.670486][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.681660][ T5975] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   76.697726][ T5970] EXT4-fs error (device loop4): ext4_xattr_inode_iget:442: comm syz.4.874: error while reading EA inode 11 err=-117
[   76.739075][ T5993] loop0: detected capacity change from 0 to 512
[   76.767386][ T5970] EXT4-fs (loop4): 1 orphan inode deleted
[   76.790239][ T5970] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.803082][ T5993] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   76.852945][ T5993] EXT4-fs (loop0): 1 truncate cleaned up
[   76.859359][ T5993] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.939554][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.967387][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.982501][ T6009] FAULT_INJECTION: forcing a failure.
[   76.982501][ T6009] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   76.995683][ T6009] CPU: 0 UID: 0 PID: 6009 Comm: syz.0.886 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   76.995718][ T6009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   76.995734][ T6009] Call Trace:
[   76.995743][ T6009]  <TASK>
[   76.995752][ T6009]  __dump_stack+0x1d/0x30
[   76.995775][ T6009]  dump_stack_lvl+0xe8/0x140
[   76.995793][ T6009]  dump_stack+0x15/0x1b
[   76.995808][ T6009]  should_fail_ex+0x265/0x280
[   76.995863][ T6009]  should_fail+0xb/0x20
[   76.995885][ T6009]  should_fail_usercopy+0x1a/0x20
[   76.995912][ T6009]  _copy_from_user+0x1c/0xb0
[   76.995963][ T6009]  memdup_sockptr_noprof+0x95/0x100
[   76.996005][ T6009]  do_ip_setsockopt+0x1bd7/0x2240
[   76.996119][ T6009]  ip_setsockopt+0x58/0x110
[   76.996218][ T6009]  tcp_setsockopt+0x98/0xb0
[   76.996245][ T6009]  sock_common_setsockopt+0x66/0x80
[   76.996280][ T6009]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   76.996310][ T6009]  __sys_setsockopt+0x184/0x200
[   76.996385][ T6009]  __x64_sys_setsockopt+0x64/0x80
[   76.996413][ T6009]  x64_sys_call+0x20ec/0x2ff0
[   76.996439][ T6009]  do_syscall_64+0xd2/0x200
[   76.996474][ T6009]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   76.996575][ T6009]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   76.996637][ T6009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.996664][ T6009] RIP: 0033:0x7f0ba5deebe9
[   76.996690][ T6009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.996712][ T6009] RSP: 002b:00007f0ba484f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   76.996734][ T6009] RAX: ffffffffffffffda RBX: 00007f0ba6025fa0 RCX: 00007f0ba5deebe9
[   76.996746][ T6009] RDX: 0000000000000029 RSI: 0000000000000000 RDI: 0000000000000003
[   76.996765][ T6009] RBP: 00007f0ba484f090 R08: 0000000000000018 R09: 0000000000000000
[   76.996780][ T6009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.996815][ T6009] R13: 00007f0ba6026038 R14: 00007f0ba6025fa0 R15: 00007ffe39811538
[   76.996839][ T6009]  </TASK>
[   77.263399][ T6007] __nla_validate_parse: 5 callbacks suppressed
[   77.263420][ T6007] netlink: 36 bytes leftover after parsing attributes in process `syz.3.887'.
[   77.296519][ T6018] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6018 comm=syz.4.890
[   77.325043][ T6020] netlink: 36 bytes leftover after parsing attributes in process `syz.3.891'.
[   77.363798][ T6020] loop3: detected capacity change from 0 to 512
[   77.381993][ T6020] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.395971][ T6020] ext4 filesystem being mounted at /164/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.408412][ T6020] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.891: corrupted xattr block 19: overlapping e_value 
[   77.434819][ T6030] loop4: detected capacity change from 0 to 128
[   77.444819][ T6030] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   77.458403][ T6020] EXT4-fs (loop3): Remounting filesystem read-only
[   77.465058][ T6020] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   77.492347][ T6030] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   77.518576][ T6020] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   77.530381][ T6035] loop0: detected capacity change from 0 to 512
[   77.537532][ T6020] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   77.550965][ T6035] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   77.566059][ T6035] EXT4-fs (loop0): 1 truncate cleaned up
[   77.587662][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.606978][ T6035] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.655598][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.692958][ T6045] netlink: 36 bytes leftover after parsing attributes in process `syz.3.902'.
[   77.703432][ T6047] FAULT_INJECTION: forcing a failure.
[   77.703432][ T6047] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   77.716645][ T6047] CPU: 0 UID: 0 PID: 6047 Comm: syz.0.901 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   77.716678][ T6047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   77.716692][ T6047] Call Trace:
[   77.716700][ T6047]  <TASK>
[   77.716709][ T6047]  __dump_stack+0x1d/0x30
[   77.716731][ T6047]  dump_stack_lvl+0xe8/0x140
[   77.716765][ T6047]  dump_stack+0x15/0x1b
[   77.716785][ T6047]  should_fail_ex+0x265/0x280
[   77.716808][ T6047]  should_fail+0xb/0x20
[   77.716827][ T6047]  should_fail_usercopy+0x1a/0x20
[   77.716881][ T6047]  _copy_from_user+0x1c/0xb0
[   77.716911][ T6047]  do_ipv6_setsockopt+0x124/0x2160
[   77.716934][ T6047]  ? _parse_integer+0x27/0x40
[   77.716953][ T6047]  ? kstrtoull+0x111/0x140
[   77.716974][ T6047]  ? __rcu_read_unlock+0x4f/0x70
[   77.717015][ T6047]  ? avc_has_perm_noaudit+0x1b1/0x200
[   77.717044][ T6047]  ? selinux_netlbl_socket_setsockopt+0x1f9/0x2d0
[   77.717086][ T6047]  ipv6_setsockopt+0x59/0x130
[   77.717109][ T6047]  rawv6_setsockopt+0x1d2/0x420
[   77.717175][ T6047]  sock_common_setsockopt+0x66/0x80
[   77.717208][ T6047]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   77.717240][ T6047]  __sys_setsockopt+0x184/0x200
[   77.717265][ T6047]  __x64_sys_setsockopt+0x64/0x80
[   77.717352][ T6047]  x64_sys_call+0x20ec/0x2ff0
[   77.717375][ T6047]  do_syscall_64+0xd2/0x200
[   77.717404][ T6047]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   77.717465][ T6047]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.717488][ T6047] RIP: 0033:0x7f0ba5deebe9
[   77.717503][ T6047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.717521][ T6047] RSP: 002b:00007f0ba484f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   77.717558][ T6047] RAX: ffffffffffffffda RBX: 00007f0ba6025fa0 RCX: 00007f0ba5deebe9
[   77.717571][ T6047] RDX: 0000000000000039 RSI: 0000000000000029 RDI: 0000000000000006
[   77.717589][ T6047] RBP: 00007f0ba484f090 R08: 00000000000000a8 R09: 0000000000000000
[   77.717602][ T6047] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001
[   77.717653][ T6047] R13: 00007f0ba6026038 R14: 00007f0ba6025fa0 R15: 00007ffe39811538
[   77.717673][ T6047]  </TASK>
[   78.030830][ T6059] loop1: detected capacity change from 0 to 128
[   78.043441][ T6063] loop0: detected capacity change from 0 to 1024
[   78.050826][ T6059] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   78.084414][ T6063] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.096717][ T6059] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   78.155990][ T6063] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   78.183166][ T6082] netlink: 36 bytes leftover after parsing attributes in process `syz.3.918'.
[   78.258791][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.365411][ T6111] loop3: detected capacity change from 0 to 512
[   78.400132][ T6111] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   78.408251][ T6111] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[   78.412912][ T6119] loop0: detected capacity change from 0 to 512
[   78.423390][ T6111] System zones: 0-1, 15-15, 18-18, 34-34
[   78.429626][ T6111] EXT4-fs (loop3): orphan cleanup on readonly fs
[   78.432054][ T6119] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: inode #11: comm syz.0.932: missing EA_INODE flag
[   78.436176][ T6111] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   78.448352][ T6122] netlink: 12 bytes leftover after parsing attributes in process `syz.1.930'.
[   78.462355][ T6111] EXT4-fs (loop3): Cannot turn on quotas: error -22
[   78.478397][ T6120] netlink: 36 bytes leftover after parsing attributes in process `syz.2.931'.
[   78.479176][ T6111] EXT4-fs (loop3): 1 truncate cleaned up
[   78.493489][ T6111] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   78.520402][ T6119] EXT4-fs error (device loop0): ext4_xattr_inode_iget:442: comm syz.0.932: error while reading EA inode 11 err=-117
[   78.533980][ T6119] EXT4-fs (loop0): 1 orphan inode deleted
[   78.542325][ T6111] dummy0: entered allmulticast mode
[   78.549158][ T6111] dummy0: left allmulticast mode
[   78.569002][ T6119] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.621152][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.665367][ T6135] ==================================================================
[   78.673501][ T6135] BUG: KCSAN: data-race in mas_state_walk / mas_wr_store_entry
[   78.681072][ T6135] 
[   78.683399][ T6135] write to 0xffff8881059acc08 of 8 bytes by task 6130 on cpu 0:
[   78.691033][ T6135]  mas_wr_store_entry+0x1581/0x2b50
[   78.696253][ T6135]  mas_store_prealloc+0x74d/0x9e0
[   78.701294][ T6135]  commit_merge+0x6a5/0x730
[   78.706078][ T6135]  vma_expand+0x220/0x320
[   78.710514][ T6135]  vma_merge_new_range+0x296/0x310
[   78.715651][ T6135]  mmap_region+0xa59/0x1630
[   78.720172][ T6135]  do_mmap+0x9b3/0xbe0
[   78.724374][ T6135]  vm_mmap_pgoff+0x17a/0x2e0
[   78.729068][ T6135]  ksys_mmap_pgoff+0xc2/0x310
[   78.733773][ T6135]  x64_sys_call+0x14a3/0x2ff0
[   78.738467][ T6135]  do_syscall_64+0xd2/0x200
[   78.742989][ T6135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.748976][ T6135] 
[   78.751299][ T6135] read to 0xffff8881059acc08 of 8 bytes by task 6135 on cpu 1:
[   78.758844][ T6135]  mas_state_walk+0x28f/0x650
[   78.763538][ T6135]  mas_walk+0x60/0x150
[   78.767615][ T6135]  lock_vma_under_rcu+0x8d/0x160
[   78.772570][ T6135]  do_user_addr_fault+0x233/0x1090
[   78.777701][ T6135]  exc_page_fault+0x62/0xa0
[   78.782212][ T6135]  asm_exc_page_fault+0x26/0x30
[   78.787071][ T6135] 
[   78.789406][ T6135] value changed: 0x00007f0ba47ecfff -> 0x0000000000000000
[   78.796511][ T6135] 
[   78.798839][ T6135] Reported by Kernel Concurrency Sanitizer on:
[   78.804998][ T6135] CPU: 1 UID: 0 PID: 6135 Comm: syz.0.935 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   78.814736][ T6135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   78.824838][ T6135] ==================================================================
[   79.154318][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.