last executing test programs:

2.4959454s ago: executing program 3 (id=2026):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
fadvise64(0xffffffffffffffff, 0x8000000000000000, 0x9, 0x6)

2.416137067s ago: executing program 3 (id=2028):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r1=>0x0})
r2 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r4, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r2, &(0x7f0000000000)={0xa0000001})
ppoll(&(0x7f0000000200)=[{r5, 0x1}], 0x1, 0x0, 0x0, 0x3)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TLS_RX(r7, 0x6, 0x2, &(0x7f0000000000)=@ccm_128={{0x304}, "a0d4f1ce8917c63d", "39db3a935c83f966a1f6ac19ee147c3c", "7d31a028", "bc19715f01808a0c"}, 0x28)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYRES64=r6, @ANYRES8], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r6, <r9=>0xffffffffffffffff}, &(0x7f0000000840), &(0x7f0000000880)=r8}, 0x20)
epoll_wait(r5, &(0x7f0000000140)=[{}], 0x1, 0xffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0xd72, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000a00)=@bpf_ext={0x1c, 0x26, &(0x7f0000000ac0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xa14}, {}, {}, [@map_val={0x18, 0xb, 0x2, 0x0, r9, 0x0, 0x0, 0x0, 0x9}, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3ff}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r6}}, @printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xff}}, @jmp={0x5, 0x1, 0xa, 0x4, 0x7, 0xfffffffffffffffe, 0xfffffffffffffffc}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000240)='syzkaller\x00', 0x2, 0x8a, &(0x7f0000000540)=""/138, 0x40f00, 0x44, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x3, 0x5}, 0x8, 0x10, &(0x7f00000002c0)={0x4, 0xb, 0x2, 0xfd6}, 0x10, 0x1e7c5, r10, 0x9, 0x0, &(0x7f0000000900)=[{0x2, 0x1, 0x3, 0x6}, {0x2, 0x2, 0xf, 0x7}, {0x200, 0x1, 0x9, 0x2}, {0x5, 0x1, 0xe, 0x8}, {0x0, 0x2, 0xd, 0x2}, {0x4, 0x1, 0xf, 0xa}, {0x4, 0x2, 0x5, 0x3}, {0x2, 0x4, 0xe, 0xb}, {0x4, 0x3, 0xc, 0x3}], 0x10, 0x4}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0xe, 0x0, &(0x7f00000003c0)="131c8701feaa16bca4ac74ab821d", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

2.338213734s ago: executing program 0 (id=2030):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000010000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000ac03000000000000850000003300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r1, r3, 0x25, 0x2}, 0x14)
syz_emit_ethernet(0x0, 0x0, 0x0)

2.258710342s ago: executing program 0 (id=2032):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$kcm(0x11, 0x3, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000c00)=@newtfilter={0x44, 0x2c, 0xd3f, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0xfff3, 0xffe0}, {}, {0x7, 0xfff2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r8)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$kcm(r4, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r9, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x4)

2.080489408s ago: executing program 0 (id=2037):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x8881, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000003c0), 0x200044, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0xa, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000d20800000000000000000000730109000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
umount2(&(0x7f0000000000)='./file0\x00', 0x7)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})

1.920948002s ago: executing program 0 (id=2039):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x810}, 0x40404)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x6a040000)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000100)=@filter={'filter\x00', 0x42, 0x4, 0x12f0, 0xffffffff, 0x98, 0x0, 0x98, 0xffffffff, 0xffffffff, 0x1258, 0x1258, 0x1258, 0xffffffff, 0x5, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'netpci0\x00', 'nr0\x00', {}, {}, 0x0, 0x2}, 0x74000002, 0x70, 0x98, 0x1ba, {0x46010000, 0x2c000000000000}}, @REJECT={0x28}}, {{@ip={@empty, @remote, 0xff, 0x0, 'veth0_to_batadv\x00', 'team_slave_1\x00'}, 0x287, 0x10e8, 0x1128, 0x0, {}, [@common=@unspec=@cgroup1={{0x1030}, {0x0, 0x1, 0x0, 0x0, './cgroup.cpu/syz1\x00', 0x0, {0x4000000000000000}}}, @common=@unspec=@limit={{0x48}, {0xfffffffe, 0x7, 0x0, 0x2, 0x0, 0x0, 0x2}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x3, {0x8}}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x1ff, 0x2, 0x1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x1350)

1.750053318s ago: executing program 0 (id=2041):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
pread64(r3, &(0x7f0000001440)=""/126, 0x7e, 0x41)
removexattr(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)=@known='trusted.overlay.upper\x00')
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x14, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000830000003f0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f00000004c0)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x6a, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xffffffffffffff5c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x18)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000580)='kfree\x00', r0, 0x0, 0x9}, 0x18)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, 0x0)

1.723250851s ago: executing program 2 (id=2042):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc00006000000080002000500000014000600ff01000a00f2f3f31f000a0000000001060001"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)
getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, 0x0, &(0x7f0000000180))
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x24008000}, 0x4040000)

1.677352535s ago: executing program 0 (id=2044):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0x7ffc0002}]})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x400000000000d07, 0x40}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mkdir(&(0x7f0000000580)='./file0\x00', 0x92)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000040)=@v2={0x2000000, [{0x9, 0xfffffff7}, {0xde7, 0x8002}]}, 0x14, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffff7a, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r3 = gettid()
tkill(r3, 0x7)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x6, 0xe4, 0x77, 0x1, 0x0, 0xe, 0x40, 0x6, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x1, @perf_config_ext={0xa, 0xff}, 0x6690, 0x7, 0x3, 0x3, 0x6, 0x2, 0xff80, 0x0, 0x8, 0x0, 0x7}, r3, 0x10, r2, 0xb)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], &(0x7f00000002c0)=""/203, 0xfffffffffffffe5f)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x800, 0x1)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x40010, r4, 0x2000)
mbind(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x8002, &(0x7f0000000180)=0x3ff, 0xc, 0x0)
mbind(&(0x7f0000ff8000/0x8000)=nil, 0x8000, 0x2, &(0x7f0000000180)=0x3ff, 0xc, 0x0)
mlock(&(0x7f00007fe000/0x800000)=nil, 0x800000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff})
pipe(&(0x7f00000008c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(r5, 0x0, r6, 0x0, 0x7, 0x9)
setsockopt$inet6_tcp_TLS_TX(r6, 0x11a, 0x1, &(0x7f0000000040)=@gcm_128={{0x303}, "3d738873b99041a9", "14a6416be64786710c7df59d08b2f6b3", "6742fc1d", "a63263737c2d86ee"}, 0x28)

1.603897162s ago: executing program 2 (id=2045):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000000))
sendmsg$NFC_CMD_DEV_UP(r2, 0x0, 0x20000080)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000003c0)='sys_enter\x00', r3}, 0x18)
nanosleep(&(0x7f0000000bc0)={0x0, 0x3938700}, 0x0)
socket$inet6(0xa, 0x5, 0x0)

1.340959096s ago: executing program 3 (id=2046):
r0 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81)
ioctl$HIDIOCSFEATURE(r0, 0xc0404806, &(0x7f0000000040))
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000100)=ANY=[@ANYRESDEC=r0], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0xa, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet6(0xa, 0x80002, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f00000011c0)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r3, 0x0, 0x4}, 0x18)
r4 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @empty, 0xffffffff}, 0x1c)
r5 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
bind$inet6(r5, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xffffffff}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000840)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000000800450000b00000000000119078e0000001000000004e214e20009c907801000000000000007b4b143b7761fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d031acac045942824251d7d17b5191584cdd4fbe40a27424dbcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b9649a3bfbc1f39cb307b3472eb993be0f0bd3981016cf9dcdb042d2643fcbb2c5a57df67d544af6e8dafe09"], 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000100)=ANY=[], 0x0, 0x3}, 0x94)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x6, 0x3, &(0x7f0000000340)=ANY=[@ANYRESDEC=r3, @ANYRESOCT=r3], &(0x7f0000000380)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x4272de7246a8d7ef}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0xe0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x4, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb3a}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
r9 = socket(0x2a, 0x2, 0x0)
flistxattr(r9, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0xf)
socket$inet6_sctp(0xa, 0x1, 0x84)

1.258945324s ago: executing program 2 (id=2048):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$kcm(0x11, 0x3, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000c00)=@newtfilter={0x44, 0x2c, 0xd3f, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0xfff3, 0xffe0}, {}, {0x7, 0xfff2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r8)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$kcm(r4, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r9, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x4)

1.229755127s ago: executing program 3 (id=2049):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', '#\x00'}, 0x28)
writev(r0, &(0x7f0000000740)=[{&(0x7f0000000280)="581a17919cc77431510e7fc4ed9fb860505f1495ff92f16a44f8a13d58751d926def1f80b315bdc726cdd8b5d1a91f485854af8fc854b0da7a02522fe7b2c21db7a46c48473099d4a4654cfd97a67c9e79afc0d444e6c78b0216d2201b128df9d4ed5b4dbe676fe56a6354f819d997a6acb8595633cff6f77473b2b3abcc65b51cb3d3a30bf9b0b2ce59d568d3a89b49331904da2a37c89ea236f5d5", 0x9c}], 0x1)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000f40)=""/250, 0xfa}], 0x1)

1.19294892s ago: executing program 3 (id=2050):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000000)=0x201, 0x4)
sendmsg$nl_route(r0, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x2010410, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
r1 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r2 = openat$binfmt(0xffffffffffffff9c, r1, 0x42, 0x1ff)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r4, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x3}}, [@TCA_RATE={0x6}]}, 0x2c}, 0x1, 0x0, 0x0, 0x48801}, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r7}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff})
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$binfmt_script(r2, &(0x7f0000000080)={'#! ', './file1'}, 0xb)

1.08323968s ago: executing program 2 (id=2051):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x810}, 0x40404)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x6a040000)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000100)=@filter={'filter\x00', 0x42, 0x4, 0x12f0, 0xffffffff, 0x98, 0x0, 0x98, 0xffffffff, 0xffffffff, 0x1258, 0x1258, 0x1258, 0xffffffff, 0x5, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'netpci0\x00', 'nr0\x00', {}, {}, 0x0, 0x2}, 0x74000002, 0x70, 0x98, 0x1ba, {0x46010000, 0x2c000000000000}}, @REJECT={0x28}}, {{@ip={@empty, @remote, 0xff, 0x0, 'veth0_to_batadv\x00', 'team_slave_1\x00'}, 0x287, 0x10e8, 0x1128, 0x0, {}, [@common=@unspec=@cgroup1={{0x1030}, {0x0, 0x1, 0x0, 0x0, './cgroup.cpu/syz1\x00', 0x0, {0x4000000000000000}}}, @common=@unspec=@limit={{0x48}, {0xfffffffe, 0x7, 0x0, 0x2, 0x0, 0x0, 0x2}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x3, {0x8}}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x1ff, 0x2, 0x1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x1350)

911.472345ms ago: executing program 2 (id=2052):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000003c0)='sched_switch\x00', r0, 0x0, 0x7}, 0x18)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0xb, 0x528, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb8, 0x1, @perf_config_ext={0x1f5a685a}, 0x4dc8, 0x10000, 0xfffffffc, 0x1, 0x1008, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x354, &(0x7f0000000300)={0x0, 0x6862, 0x80, 0x3, 0x1c0}, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000000))
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYRESDEC], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000dd67080000000000000000001811", @ANYRESHEX=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e85000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r3}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b000000000000000000"], 0x50)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kfree\x00', r4}, 0x18)
r5 = syz_mount_image$iso9660(&(0x7f0000000540), &(0x7f00000001c0)='./file1\x00', 0x14004, &(0x7f00000005c0)=ANY=[@ANYRES32=0x0], 0x4, 0x70a, &(0x7f00000232c0)="$eJzs3V+P21gZBvDnJJkkk0JVAapWVbdzOmWlqRhSJ7NNFRUkjHOSMSRxZHtgRkJaFTqDRs0UaItEc9PODX+k5Qtwtzdc8CFW4oKr/RZwBdIKhIR2BUJGPraTTOJkJm3a2aXPb7Qb5/j18etjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU/Ki2FdyMJm7OW+dKuF5AhP+gWMRbUfFbXxmFXA7/tY6r0berKIYfRQwuXL5098u5TLL8nIRfBBat8PHTwYN7/f7+ozPEZrFw9ecJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJYV3vl41jJr8TiHa0QDKnrVtt9t2t6VjwtlhzB35/g+iAGV2pDw47O9vjeXzLK2Nw6BKSvKZ8eAwqHra5laNarVSqVYrtdv123cMIzdVYISEMYSpiKUftHSeMvHxusAiyzt5E72kjNX4j/FnAbRRRBc72IVM/bHQgAsHnRnzY0n//84tNXe94/1/0suvjGZfge7/r0Xfrs3q/2fkIiH1AmlzxIzyxX5WdEYSj/EUAzzAPfTRxz4eLaFuCbn20jXkjbgll5LPzJ8WFLqw4cGBjQ5MtPBFyLhEoo4aajDwHrbRhAeJJmy0oeBhDx58qPCIyoeZKpjw4cCFxAYs3IREBXXUsQUJhTL24GAHXbTQgIlPgiA4wKFu9604n+cpW40kqDJjIwrIJcfdPqpztnZW///DZ9HScf9vsP9/U0XHQSH6+GheDNFnQBBf/y9o7dVkQ0RERERERESvgtC/fRf6r/JvAwjQtNvKOBFTOLfsiIiIiIiIiGgZBIICrkJEd+XjbYjp638iIiIiIiIi+nwT+hk7AaCkb+oXo8elzvJLgOxrSJGIiIiIiIiIXpJ+8v9aHgj0Xf5rEAtd/xMRERERERHR58Cvx8bYz2XjMXaD5M/6GQBrfymID/9egLsijnu7XxVHZjjHPIpjpu4A8JtXxMV4oF79kQegv1nqqojXJoF/Jb99CH18kD7W//MgIoRwJxLIZ8crmJGACNdcy8Xf8D6uR4tcj8eZvz/IQM+JRhQuNe22KltO+24Fpnkx46td/+cPD38BuMPtPDjs75d/9JP+fZ3LcVh0fBRW+uxEOpn0xhjl8kSPt6CfuUgb3XgVzWSVv+l2SkKv10i2PwvzKDO+onk7oLYKRFv5S6xH+2w9iGJLg+GI+wJY04M/VMp6l53YendFjLKoTG552o6YseVFncWNKObGxo3oI2mTsJ6MKH4tC1TLk/sgTHQsi+p4Fqe3hfjHRPvPzwKiGLbFVpjFH8OKJtri+x9GC2/1dpPhMc6SxdRRQER0Xg5GvZAexHxqjP2ke0hOamfvd5AD4rPcjN59tJYg7j+S3v3J74Koh8oCufhvE+lrSfoVhGf0DaHryUcDuueupJzRjfKnQRCYF4sYP6P/NwiSDTIW6N2OgyCYPKP/YfQOpDjtqSz+HQTB3YruSX470at+EC7wwcz1eu1qFkUU8OTop/gkmb3/4/2H1epWzXjXMG5XsaL/VyH+yIJ9DxERTTn9HTs6IjMnQryL61Ed1+//7Z1o6kSP96X4lgLtFtDHfWwmrxBYS6+1hAN885/RbQib0VUrsF6KPksDefnS3fCqdhh7KHL6DS+bM6/qdGcZxerbG6rD2OS9Q5NXgKPYrVe8F4iIiF6v9Rn9MHCi/8fJ/r94ov/fxEYUsXEl9bq7NHZL4WZydTy8pB9cOE6NrZye/LeW3BhERERvCOV+LEr+r4Tr2r33KvV6xfS3lXQd67vStRstJe2ur1xr2+y2lOy5ju9YTlv2XBTsVeVJb6fXc1xfNh1X9hzP3tVvfpfxq9891TG7vm15vbYyPSUtp+ubli8btmfJ3s6327a3rVy9sNdTlt20LdO3na70nB3XUmUpPaXGAu2G6vp20w4nu7Ln2h3T3ZPfc9o7HSUbyrNcu+c7UYXJuuxu03E7utoygoVfdEhERPT/6PHTwYN7/f7+o8mJ1fDSPCo5xoyY6Yl8SoUcI4iIiOgzZtRdL7BQ8RUmREREREREREREREREREREREREREREREREU05/pG/BiZW0hwWBYcnPLsYleI7RI4ZT9Qi8bD6fun/SA/u9yOKZYYkAcIalkkciBg8+mhO8OixJmn885niRDHEJeOH2+esXgAu6BFFJbokHwPTzo0s/xtImvnEQteisGD0zdVZhuC9yy//PIZx4+PvpWSJs+SAIgvmLF062Yf7sx3MOwKP8nF2wesrx87rPRET0uv0vAAD//ySOL9Y=")
chown(&(0x7f0000000040)='./file1\x00', 0x0, 0x0)
r6 = socket$inet6(0xa, 0x3, 0xff)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000001d80)={0x11, 0xf, &(0x7f0000001e40)=ANY=[@ANYBLOB="ffff00000000000200ffff00040000001811e501a678261fa48a9400142bf3a97eb7fc35c6492a83e9dff06d28d5b6c3e94732e99d181aa7a53b2e36bf380f7acc65439e461b35d445850800000000000000a44e701f1678dd8df09e53fd903060a6f6dba85f5648a23389108e7a60f0386a293249f89310c7f87a80330f37223218fc614b755f3bf0731ba59fd9a8784962f0b14c9b83", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x18)
setsockopt$inet6_int(r6, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000340)='kfree\x00', r8}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='\x00\x00\x00\x00\x00')
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x800)
recvmmsg(r9, &(0x7f0000007700), 0x4000267, 0xfc0, 0x0)
setsockopt$inet6_int(r6, 0x29, 0x16, &(0x7f0000fcb000)=0x80, 0x4)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r10}, 0x10)
statx(r5, &(0x7f0000000380)='./file1\x00', 0x6000, 0x0, &(0x7f0000000640))
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000840)={{}, &(0x7f00000007c0), &(0x7f0000000800)='%ps    \x00'}, 0x20)

899.158207ms ago: executing program 4 (id=2053):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYRESOCT, @ANYBLOB="67143353e059ada8c2456770cbf07e733a20e6abddffe4b3234076ccff7a7776ec0444d4e3e7ec37a85e1b3c26278a80822615748eb58f56bbc58d3205bcace113d61b2fffd7d787bc1b9fd827a2f23ac4b865c50b9bf57371b8813327ce2619f0e5c16f95ed18ae37749e041a748023b4f467613740463a73050a661f679c0d27c4b87874b25b7156e72d7c00"/151, @ANYRES16, @ANYRES32=0x0, @ANYBLOB="dbe9092c487df37ddecf2dbda95fd381c3deb63a3ced86c02eff01412d16bf566ac9b9b3e0832f1a8c97ddb80752e95d0915bf3fa518ae8c203ca125f3864ae78b7a94684bf9e15aa644b56aece60e608eae960f6c63f7ad316b00cdd397ec60b95ece821d371fbbd12303099c1bd8d9956cdcf3502b34c9d8ca95e8ad6e70ac0880ed355ca0ced6ac844b6debeafea524248d1c0261c1a971a2c664a3235db4b2d5f1ff0de044d0e2ad04ac0910fa3ca01ea84f7ec070ce2a2e630a43aa40b3fc66ecdf9ea7c0e0ade5bf9272f4c44c860ee8"], 0x50)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000280)=ANY=[@ANYRESOCT=r1, @ANYBLOB="000000000000a048b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1e, '\x00', 0x0, @fallback=0x1e83b8c8c87a14ca, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$isdn(0x22, 0x2, 0x0)
r3 = socket$isdn(0x22, 0x2, 0x2)
dup3(r3, r2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="160000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000bc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r5}, 0x9)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x46801}, 0x24040040)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r7=>r3, {0xc, 0xf}}, './file0\x00'})
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x12, &(0x7f0000000080)=ANY=[@ANYBLOB="1808000000000000000000000000000085"], 0x0, 0xc, 0x0, 0x0, 0x0, 0x26}, 0x94)
r8 = syz_io_uring_setup(0x22c3, &(0x7f0000000dc0)={0x0, 0x8000, 0x800, 0x1001, 0xc0}, &(0x7f00000001c0), &(0x7f0000000740))
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="1805000000000400000000000000000085000000f20000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
io_uring_register$IORING_REGISTER_FILES2(r8, 0xd, &(0x7f0000000180)={0x200000000000001f, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000080)=[0x4, 0x9]}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r9}, 0x18)
fremovexattr(r0, &(0x7f0000000040)=@random={'security.', 'raw\x00'})
r10 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000ec0)=@bpf_ext={0x1c, 0x9, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x4}, [@map_idx_val={0x18, 0x9, 0x6, 0x0, 0x5, 0x0, 0x0, 0x0, 0x40}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r7}}]}, &(0x7f0000000780)='GPL\x00', 0x8, 0xae, &(0x7f00000007c0)=""/174, 0x40f00, 0x40, '\x00', 0x0, 0x0, r7, 0x8, &(0x7f0000000880)={0x2, 0x9}, 0x8, 0x10, &(0x7f0000000940)={0x5, 0x6, 0x9, 0x8}, 0x10, 0x2701c, r9, 0x3, &(0x7f0000000e40)=[0xffffffffffffffff, r0], &(0x7f0000000e80)=[{0x4, 0x3, 0xa, 0x4}, {0x0, 0x2, 0x2000000, 0x9}, {0x4, 0x1, 0xf, 0x1}], 0x10, 0xc06}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f00000000c0), &(0x7f0000000180)=r10}, 0x44)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r11 = socket(0x2b, 0x1, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r11, 0x0, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x9, 0x3, 0x1c8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x160, 0xffffffff, 0xffffffff, 0x160, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00', 0x0, {0x81}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x10, 0xa1, 0xfff}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x228)

869.233ms ago: executing program 4 (id=2054):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
pread64(r3, &(0x7f0000001440)=""/126, 0x7e, 0x41)
removexattr(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)=@known='trusted.overlay.upper\x00')
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x14, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000830000003f0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f00000004c0)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x6a, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xffffffffffffff5c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x18)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000580)='kfree\x00', r0, 0x0, 0x9}, 0x18)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f00000001c0)=ANY=[])

847.854791ms ago: executing program 4 (id=2055):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', '#\x00'}, 0x28)
writev(r0, &(0x7f0000000740)=[{&(0x7f0000000280)="581a17919cc77431510e7fc4ed9fb860505f1495ff92f16a44f8a13d58751d926def1f80b315bdc726cdd8b5d1a91f485854af8fc854b0da7a02522fe7b2c21db7a46c48473099d4a4654cfd97a67c9e79afc0d444e6c78b0216d2201b128df9d4ed5b4dbe676fe56a6354f819d997a6acb8595633cff6f77473b2b3abcc65b51cb3d3a30bf9b0b2ce59d568d3a89b49331904da2a37c89ea236f5d5640c32c3ac74e4bde1a62c560cb63836552f881c8a8305d2a13d", 0xb6}], 0x1)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000f40)=""/250, 0xfa}], 0x1)

831.342073ms ago: executing program 4 (id=2056):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1400c, &(0x7f0000000840)={[{@stripe={'stripe', 0x3d, 0x3d}}, {@init_itable}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x3, 0x457, &(0x7f0000000bc0)="$eJzs281vFOUfAPDvTLvl11/BVsQ38KWKRuJLSwGVgwc1mnjAxEQPevDQtAtBFjC0JkJIBGPwZIyJd+PRf8GTXozxZOJV74aEGC6CpzWzO9PuLrtLt+x2kf18koHnmZc+3+/OPLvPzLMbwMiazf5JIrZHxO8RMV2vNu8wW//v2tXzS9evnl9Kolp9+6+ktt/fV88vFbsWx03llX1pRPpZEnvatLty9tyJxUqlfCavz6+e/HB+5ey5546fXDxWPlY+deDw4UMHF1584cDzfclzKtK89MZ7X7155Ium/Fvy6JPZbhufrFb73Nxw7WgoJ+NDDISejEVEdrpKtf4/HWOxfvKm4/VPhxocMFDVarU61XnzhSpwB0uiua7Lw6goPuiz+99iaR0EvDy44cfQXXmlfgOU5X0tX+pbxteeGJRa7m/7aTYi3r3wzzfZEoN5DgEA0OSHbPzzbDbaaR3/pXFfw3535XNDMxFxd0TsjIh74lTsioh7I2r73h8RD/TYfuskyY3jn/TyphLboGz891I+t9U8/itGfzEzltd21PIvJUePV8r766/J+/kwurzQpY0fX/vty07bGsd/2ZK1X4wF8zguj29rPmZ5cXXxVnJudOVixO7xdvknazMBSUQ8GBG7N9nG8ae/e6jTtpvn30Uf5pmq30Y8VT//F6Il/0LSfX5y/n9RKe+fL66KG/3y66W3OrV/S/n3QXb+/9/2+l/LfyZpnK9d6b2NS3983vGeZrPX/0TyTq08ka/7eHF19cxCxERypB504/oD68cW9WL/LP99e9v3/52x/krsiYjsIn44Ih6JiEfz2B+LiMcjYm+X/H9+9YkPWtdNbjj/wcryX+7p/K8XJqJ1TfvC2Imfvm9qdGa9mOd/vfv5P1Qr7cvXbOT9byNxbe5qBgAAgP+eNCK2R5LOrZXTdG6u/h3+XRFp5fTK6jNHT390arn+G4GZKKXFk67phuehC/ltfb1+MSLqXy0oth/Mnxt/PTZZq88tna4sDzt5GHFTHfp/VvlzbNjRAQPn91owunrq/8ng4gC2ns9/GF299f9tA4sD2Gqldv1/chiRAFuv3ef/J0OIA9h6Lf3ftB+MEM//YHTp/zC69H8YSSuTcfMfyXctFH9pk4ffsYUo3RZhDKwQ6W0RhsKACsN9XwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiXfwMAAP//EBbjLA==")
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98,\xc8\x18E/\x8c\x1a\xe3\xbd')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)

632.737511ms ago: executing program 4 (id=2058):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000000))
sendmsg$NFC_CMD_DEV_UP(r2, 0x0, 0x20000080)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000003c0)='sys_enter\x00', r3}, 0x18)
nanosleep(&(0x7f0000000bc0)={0x0, 0x3938700}, 0x0)
socket$inet6(0xa, 0x5, 0x0)

484.394245ms ago: executing program 4 (id=2061):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000240)='./file0\x00', 0x4000, &(0x7f0000000000)={[{@prjquota}, {@user_xattr}, {@dax_always}]}, 0x2, 0xbc8, &(0x7f0000001240)="$eJzs3M9rXNUeAPDvvZlM0zbvTfp4PF7f5uXxeLTwcJpUUmwRbKXixoWgW6EhnZSQ6Q+SSE2axUT/AVHXghtBLYoLu+5G0a0bbbeKC6FIbBRENHLnRzI2mTS1M70x/XzgzD3nnpk53++9zNxzYO4E8NAazh7SiIMRcSaJKDX3pxFRrNcGImqN560sL078uLw4kcTq6nPfJZFExO3lxYnWeyXN7f5mYyAiPn8yib+9snHc2fmF6fFqtTLTbB+ZO3/pyOz8wiNT58fPVc5VLowee2zs6NixkeNjXcv1p69OXvvhP09/U/v53V+ufv/620mcjMFmX3se3TIcw2vHpF0hIsa7PVhO+pr5tOeZFO7yorTHQQEA0FHaNof7R5SiL9Ynb6X4+ItcgwMAAAC6YrUvYhUAAADY5RLrfwAAANjlWr8DuL28ONEq+f4i4cG6dSoihhr5rzRLo6cQtfp2IPojYt/tJNpva00aL7tvwxHx9c3jH2QlenQf8lZqSxHxz83Of1LPf6h+F/fG/NOIGOnC+MN3tHdy/qttNzln+Z/swvh55w/Aw+n6qcaFbOP1L12b/8Qm1//CJteuPyLv619r/reyYf63nn9fh/nfs9sc48o7b17u1Jfl//i1p95vlWz8bHtfSd2DW0sR/ypsln+yln/SIf8z2xyj9OvlSqe+vPNffSviUGyef0uy9f8THZmcqlZGGo+bjrH02dh7ncbPO//s/O/rkH/r/586nf9L2xzjhdOnP9yw8+Z6dev802+LyfP1WrG556XxubmZ0Yhi8szG/Ue3jqX1nNZ7ZPkf/u/Wn//N8s++E2rN45CtBZaa26z98h1jPnH1yked4mmt//I8/2c7nP/2/D8tbDz/r25zjP998trhTn3t69+sZOO31sIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0JJGxGAkaXmtnqblcsT+iPh77EurF2fn/j958cULZ7O+iKHoTyenqpWRiCg12knWHq3X19tH72g/GhEHIuKN0t56uzxxsXo27+QBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYsz8iBiNJyxGRRsRKKU3L5byjAgAAALpuKO8AAAAAgJ6z/gcAAIDdz/ofAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHjvw7+s3koiondhbL5lis68/18iAXkvzDgDITV/eAQC5KeQdAJCbe1zjmy7ALpTcpX+gY8+erscCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwM516OD1G0lE1E7srZdMsdnXn2tkQK+leQcA5KZvq87Cg4sDePB8xOHhZY0PJHfpH1h/Tu33PXt6FhMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO89gvSRpOSKKzX3lcsRfImIo+pPJqWplJCL+GhFflvr3ZO3RnGMGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg+2bnF6bHq9XKTFZJo1lZ26OyXkkaR6y2U+JZmO6LiB0Qxp+1UowdEcYOreT9zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQB5m5xemx6vVysxs3pEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeZudX5ger1YrMz2s5J0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD5+S0AAP//cK0J1Q==")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x59}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0x8, &(0x7f0000000940)=ANY=[@ANYBLOB="1809000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70300000000000085"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r2}, &(0x7f0000000540), &(0x7f0000000580)=r3}, 0x20)

380.760625ms ago: executing program 1 (id=2064):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x10000000, 0xc, 0xc, 0x4, [@enum64={0x2, 0x0, 0x0, 0x13, 0x1, 0x1}]}, {0x0, [0x61, 0x5f]}}, 0x0, 0x28, 0x0, 0x1}, 0x28)

348.303878ms ago: executing program 1 (id=2065):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
pread64(r3, &(0x7f0000001440)=""/126, 0x7e, 0x41)
removexattr(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)=@known='trusted.overlay.upper\x00')
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x14, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000830000003f0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f00000004c0)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x6a, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xffffffffffffff5c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x18)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000580)='kfree\x00', r0, 0x0, 0x9}, 0x18)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f00000001c0)=ANY=[])

347.573588ms ago: executing program 1 (id=2066):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', '#\x00'}, 0x28)
writev(r0, &(0x7f0000000740)=[{&(0x7f0000000280)="581a17919cc77431510e7fc4ed9fb860505f1495ff92f16a44f8a13d58751d926def1f80b315bdc726cdd8b5d1a91f485854af8fc854b0da7a02522fe7b2c21db7a46c48473099d4a4654cfd97a67c9e79afc0d444e6c78b0216d2201b128df9d4ed5b4dbe676fe56a6354f819d997a6acb8595633cff6f77473b2b3abcc65b51cb3d3a30bf9b0b2ce59d568d3a89b49331904da2a37c89ea236f5d5640c32c3ac74e4bde1a62c560cb63836552f881c8a8305d2a13d838a5160a6c06c63decc865a92", 0xc3}], 0x1)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000f40)=""/250, 0xfa}], 0x1)

333.535979ms ago: executing program 1 (id=2067):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)={0x30, r3, 0xfc5, 0x0, 0x0, {{0x11}, {@val={0x8}, @val={0xc, 0x99, {0x5, 0x5a}}}}, [@NL80211_ATTR_IE={0x8, 0x2a, [@perr={0x84, 0x2}]}]}, 0x30}}, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000003000000000000000300000085000000d0000000180104bc143f6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000008000020850000002d0000009500000000040000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000007c0)={r5}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000100)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = memfd_create(&(0x7f0000000ec0)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'e\xe5\x8f\xf8\xd2\x1c\xc0\xfb\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6\x03\x00\x00\x00A\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\xfe@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xf2\xde\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\x91\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7yn\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xefCGa\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcas\xf4D\xd4\xd0s\r3\xcb\x9a&\xdf+(\xc9S\x9eL5\x84\xb1\x90pN\xe7/\r\b\x9a\xf13Q\xf9\xdf\x7fX\xa0\xafK\xefh\xbfOv\x9bh\xb3\xc0\xf5\x80\xba\"@\'\x02\xafi\xeaE\xa6a6F\xde\xd4\xfa\x84\xe4+A\xb7\xa2\x8f\xc9\xee|xxn\xefw\x93]%\xd0\x19\x132\x86\xabn\xfe\x91\xb6Cl\xcf\x04\x1cq\xc1\x1d~\x8d\x01\x83\x93_\x83\x8a`v\xb0K,|S\xe4\xba\xb1\f\xc8`\xa6s\xad\x11\xd4wG\x80u\x87u\xff\x87\xee', 0x2)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, 0x0)
fcntl$addseals(r6, 0x409, 0xb)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r6, &(0x7f0000000100))
fsetxattr$trusted_overlay_origin(r6, &(0x7f0000000000), &(0x7f0000000040), 0x2, 0x2)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073797a32000000000800410073697700140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)

311.022291ms ago: executing program 1 (id=2068):
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b000000000000000000000000800000000008"], 0x48)
perf_event_open(&(0x7f0000000000)={0x2, 0x7d, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x9, 0x5}, 0x400, 0x10000, 0x9, 0x3, 0xa, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0xfd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = socket$inet6(0xa, 0x3, 0x3c)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_aout(r1, &(0x7f0000000240)=ANY=[], 0x20)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0x12, r2, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0x0, 0x6, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000005a0000008500000022000000180100002020702500000000002020200100000000000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff"], 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r4=>0x0})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r4, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0xfcf0, &(0x7f0000000340)={@link_local, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x7, 0x6, "45208e", 0x18, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @local}, @mcast2, {[], @mld={0x84, 0x0, 0x0, 0x8, 0x1, @empty}}}}}}, 0x0)
r6 = open$dir(&(0x7f0000000080)='./file0\x00', 0x804000, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r1, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000003c0)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, &(0x7f0000000400)=[0x0, 0x0], &(0x7f0000000480)=[0x0, 0x0], <r7=>0x0, 0x15, &(0x7f00000004c0)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0x10, 0x8, 0x8, &(0x7f00000005c0)}}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0xe954e613bf84529f, 0xf, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x5}, [@func={0x85, 0x0, 0x1, 0x0, 0x5}, @printk={@li}]}, &(0x7f0000000180)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe63, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x18)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3, 0x12, r6, 0x0)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000f00)={0x0, 0x2, 0x2, 0x1, 0x0, [@mcast2]}, 0x18)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x403, 0x2, 0x0, {0x0, 0x0, 0x4, 0x0, 0x5380}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GTP_RESTART_COUNT={0x5, 0x6, 0x9}, @IFLA_GTP_ROLE={0x8, 0x4, 0x1}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x8044)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)

163.116235ms ago: executing program 3 (id=2069):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1400c, &(0x7f0000000840)={[{@stripe={'stripe', 0x3d, 0x3d}}, {@init_itable}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x3, 0x457, &(0x7f0000000bc0)="$eJzs281vFOUfAPDvTLvl11/BVsQ38KWKRuJLSwGVgwc1mnjAxEQPevDQtAtBFjC0JkJIBGPwZIyJd+PRf8GTXozxZOJV74aEGC6CpzWzO9PuLrtLt+x2kf18koHnmZc+3+/OPLvPzLMbwMiazf5JIrZHxO8RMV2vNu8wW//v2tXzS9evnl9Kolp9+6+ktt/fV88vFbsWx03llX1pRPpZEnvatLty9tyJxUqlfCavz6+e/HB+5ey5546fXDxWPlY+deDw4UMHF1584cDzfclzKtK89MZ7X7155Ium/Fvy6JPZbhufrFb73Nxw7WgoJ+NDDISejEVEdrpKtf4/HWOxfvKm4/VPhxocMFDVarU61XnzhSpwB0uiua7Lw6goPuiz+99iaR0EvDy44cfQXXmlfgOU5X0tX+pbxteeGJRa7m/7aTYi3r3wzzfZEoN5DgEA0OSHbPzzbDbaaR3/pXFfw3535XNDMxFxd0TsjIh74lTsioh7I2r73h8RD/TYfuskyY3jn/TyphLboGz891I+t9U8/itGfzEzltd21PIvJUePV8r766/J+/kwurzQpY0fX/vty07bGsd/2ZK1X4wF8zguj29rPmZ5cXXxVnJudOVixO7xdvknazMBSUQ8GBG7N9nG8ae/e6jTtpvn30Uf5pmq30Y8VT//F6Il/0LSfX5y/n9RKe+fL66KG/3y66W3OrV/S/n3QXb+/9/2+l/LfyZpnK9d6b2NS3983vGeZrPX/0TyTq08ka/7eHF19cxCxERypB504/oD68cW9WL/LP99e9v3/52x/krsiYjsIn44Ih6JiEfz2B+LiMcjYm+X/H9+9YkPWtdNbjj/wcryX+7p/K8XJqJ1TfvC2Imfvm9qdGa9mOd/vfv5P1Qr7cvXbOT9byNxbe5qBgAAgP+eNCK2R5LOrZXTdG6u/h3+XRFp5fTK6jNHT390arn+G4GZKKXFk67phuehC/ltfb1+MSLqXy0oth/Mnxt/PTZZq88tna4sDzt5GHFTHfp/VvlzbNjRAQPn91owunrq/8ng4gC2ns9/GF299f9tA4sD2Gqldv1/chiRAFuv3ef/J0OIA9h6Lf3ftB+MEM//YHTp/zC69H8YSSuTcfMfyXctFH9pk4ffsYUo3RZhDKwQ6W0RhsKACsN9XwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiXfwMAAP//EBbjLA==")
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98,\xc8\x18E/\x8c\x1a\xe3\xbd')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)

33.760127ms ago: executing program 1 (id=2070):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$unix(0x1, 0x5, 0x0)
pipe(&(0x7f0000000100)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r4, &(0x7f0000000140), 0xffffff17)
pselect6(0x40, &(0x7f0000000300)={0x0, 0xffffffffeffffffe, 0x0, 0x0, 0x401, 0xfffffffffffffffe, 0x8, 0xffffffffffffffff}, &(0x7f0000000000)={0x18, 0x20000000000}, 0x0, 0x0, 0x0)
splice(r3, 0x0, r5, 0x0, 0x400000004ffe6, 0x1)
bind$unix(r2, &(0x7f00000002c0)=@file={0x1, '.\x00'}, 0x6e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x5, 0x4, 0x8, 0xad, 0x0, 0xffffffffffffffff, 0x4000000}, 0x50)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'netpci0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4002, 0x5, r6, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x8000000}, 0x48)

0s ago: executing program 2 (id=2071):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000000))
sendmsg$NFC_CMD_DEV_UP(r2, 0x0, 0x20000080)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000003c0)='sys_enter\x00', r3}, 0x18)
nanosleep(&(0x7f0000000bc0)={0x0, 0x3938700}, 0x0)
socket$inet6(0xa, 0x5, 0x0)

kernel console output (not intermixed with test programs):

 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.285694][ T7436] R13: 00007fd3a6006038 R14: 00007fd3a6005fa0 R15: 00007ffca3fee408
[   99.285712][ T7436]  </TASK>
[   99.529305][ T7439] syzkaller0: entered promiscuous mode
[   99.534911][ T7439] syzkaller0: entered allmulticast mode
[   99.611527][ T7449] 8021q: adding VLAN 0 to HW filter on device bond1
[   99.748780][ T7460] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1398'.
[   99.832371][ T7460] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1398'.
[   99.860920][ T7472] syzkaller0: entered promiscuous mode
[   99.866583][ T7472] syzkaller0: entered allmulticast mode
[   99.997837][ T7477] syzkaller0: entered promiscuous mode
[  100.003566][ T7477] syzkaller0: entered allmulticast mode
[  100.016402][ T7481] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1406'.
[  100.031643][ T7481] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1406'.
[  100.100812][ T7485] loop0: detected capacity change from 0 to 128
[  100.352853][   T29] kauditd_printk_skb: 543 callbacks suppressed
[  100.352870][   T29] audit: type=1326 audit(1767288754.394:7691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7493 comm="syz.2.1410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  100.394727][   T29] audit: type=1326 audit(1767288754.394:7692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7493 comm="syz.2.1410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  100.418261][   T29] audit: type=1326 audit(1767288754.394:7693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7493 comm="syz.2.1410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f12a858f783 code=0x7ffc0000
[  100.442132][   T29] audit: type=1326 audit(1767288754.424:7694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7493 comm="syz.2.1410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f12a858e1ff code=0x7ffc0000
[  100.472977][ T7485] syz.0.1408: attempt to access beyond end of device
[  100.472977][ T7485] loop0: rw=2049, sector=138, nr_sectors = 2 limit=128
[  100.508316][ T7494] loop2: detected capacity change from 0 to 8192
[  100.545090][   T29] audit: type=1326 audit(1767288754.484:7695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7493 comm="syz.2.1410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f12a858f7d7 code=0x7ffc0000
[  100.568622][   T29] audit: type=1326 audit(1767288754.544:7696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7493 comm="syz.2.1410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f12a858df90 code=0x7ffc0000
[  100.592088][   T29] audit: type=1326 audit(1767288754.544:7697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7493 comm="syz.2.1410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f12a858f34b code=0x7ffc0000
[  100.616143][   T29] audit: type=1326 audit(1767288754.574:7698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7493 comm="syz.2.1410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f12a858e3aa code=0x7ffc0000
[  100.639597][   T29] audit: type=1326 audit(1767288754.574:7699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7493 comm="syz.2.1410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f12a858f34b code=0x7ffc0000
[  100.663085][   T29] audit: type=1326 audit(1767288754.574:7700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7493 comm="syz.2.1410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f12a858f34b code=0x7ffc0000
[  100.770259][ T7512] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  100.860771][ T7512] netlink: 'syz.4.1417': attribute type 10 has an invalid length.
[  100.868730][ T7512] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1417'.
[  100.886037][ T7512] loop4: detected capacity change from 0 to 1024
[  100.894343][ T7494] FAULT_INJECTION: forcing a failure.
[  100.894343][ T7494] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.907477][ T7494] CPU: 1 UID: 0 PID: 7494 Comm: syz.2.1410 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  100.907533][ T7494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  100.907546][ T7494] Call Trace:
[  100.907553][ T7494]  <TASK>
[  100.907601][ T7494]  __dump_stack+0x1d/0x30
[  100.907684][ T7494]  dump_stack_lvl+0x95/0xd0
[  100.907705][ T7494]  dump_stack+0x15/0x1b
[  100.907723][ T7494]  should_fail_ex+0x265/0x280
[  100.907757][ T7494]  should_fail+0xb/0x20
[  100.907828][ T7494]  should_fail_usercopy+0x1a/0x20
[  100.907851][ T7494]  strncpy_from_user+0x27/0x260
[  100.907886][ T7494]  keyctl_keyring_search+0x5b/0x2e0
[  100.907922][ T7494]  ? __seccomp_filter+0x843/0x1260
[  100.908081][ T7494]  __se_sys_keyctl+0x2d4/0xb80
[  100.908181][ T7494]  ? __rcu_read_unlock+0x4f/0x70
[  100.908206][ T7494]  ? __fget_files+0x184/0x1c0
[  100.908235][ T7494]  ? __secure_computing+0x82/0x150
[  100.908324][ T7494]  __x64_sys_keyctl+0x67/0x80
[  100.908346][ T7494]  x64_sys_call+0x27b8/0x3000
[  100.908406][ T7494]  do_syscall_64+0xca/0x2b0
[  100.908446][ T7494]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.908539][ T7494] RIP: 0033:0x7f12a858f749
[  100.908553][ T7494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.908571][ T7494] RSP: 002b:00007f12a6ff7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  100.908595][ T7494] RAX: ffffffffffffffda RBX: 00007f12a87e5fa0 RCX: 00007f12a858f749
[  100.908610][ T7494] RDX: 0000200000000080 RSI: 00000000045e1940 RDI: 000000000000000a
[  100.908625][ T7494] RBP: 00007f12a6ff7090 R08: 0000000000000000 R09: 0000000000000000
[  100.908640][ T7494] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  100.908673][ T7494] R13: 00007f12a87e6038 R14: 00007f12a87e5fa0 R15: 00007fff2b5db1d8
[  100.908752][ T7494]  </TASK>
[  101.097554][ T7512] =======================================================
[  101.097554][ T7512] WARNING: The mand mount option has been deprecated and
[  101.097554][ T7512]          and is ignored by this kernel. Remove the mand
[  101.097554][ T7512]          option from the mount to silence this warning.
[  101.097554][ T7512] =======================================================
[  101.438593][ T7532] loop4: detected capacity change from 0 to 512
[  101.447633][ T7532] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  101.456400][ T7532] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  101.503019][ T7536] FAULT_INJECTION: forcing a failure.
[  101.503019][ T7536] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.516152][ T7536] CPU: 1 UID: 0 PID: 7536 Comm: syz.1.1423 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  101.516180][ T7536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  101.516191][ T7536] Call Trace:
[  101.516199][ T7536]  <TASK>
[  101.516207][ T7536]  __dump_stack+0x1d/0x30
[  101.516257][ T7536]  dump_stack_lvl+0x95/0xd0
[  101.516278][ T7536]  dump_stack+0x15/0x1b
[  101.516300][ T7536]  should_fail_ex+0x265/0x280
[  101.516349][ T7536]  should_fail+0xb/0x20
[  101.516370][ T7536]  should_fail_usercopy+0x1a/0x20
[  101.516398][ T7536]  _copy_from_user+0x1c/0xb0
[  101.516430][ T7536]  ___sys_sendmsg+0xc1/0x1d0
[  101.516498][ T7536]  __x64_sys_sendmsg+0xd4/0x160
[  101.516534][ T7536]  x64_sys_call+0x17ba/0x3000
[  101.516558][ T7536]  do_syscall_64+0xca/0x2b0
[  101.516624][ T7536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.516648][ T7536] RIP: 0033:0x7f16e131f749
[  101.516666][ T7536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.516735][ T7536] RSP: 002b:00007f16dfd7f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  101.516803][ T7536] RAX: ffffffffffffffda RBX: 00007f16e1575fa0 RCX: 00007f16e131f749
[  101.516818][ T7536] RDX: 0000000000048043 RSI: 0000200000000800 RDI: 0000000000000003
[  101.516833][ T7536] RBP: 00007f16dfd7f090 R08: 0000000000000000 R09: 0000000000000000
[  101.516847][ T7536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.516858][ T7536] R13: 00007f16e1576038 R14: 00007f16e1575fa0 R15: 00007ffd97137788
[  101.516875][ T7536]  </TASK>
[  101.705060][ T7532] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.1421: Allocating blocks 41-42 which overlap fs metadata
[  101.729196][ T7532] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.1421: Allocating blocks 41-42 which overlap fs metadata
[  101.766820][ T7532] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.1421: Failed to acquire dquot type 1
[  101.778390][ T7532] EXT4-fs error (device loop4): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  101.795719][ T7532] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.1421: corrupted inode contents
[  101.807776][ T7532] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #12: comm syz.4.1421: mark_inode_dirty error
[  101.820131][ T7532] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.1421: corrupted inode contents
[  101.832327][ T7532] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.1421: mark_inode_dirty error
[  101.845585][ T7532] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.1421: corrupted inode contents
[  101.858047][ T7532] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[  101.866832][ T7532] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.1421: corrupted inode contents
[  101.879035][ T7532] EXT4-fs error (device loop4): ext4_truncate:4635: inode #12: comm syz.4.1421: mark_inode_dirty error
[  101.890420][ T7532] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[  101.921013][ T7532] EXT4-fs (loop4): 1 truncate cleaned up
[  101.928251][ T7532] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.957499][ T7532] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.968510][ T7551] FAULT_INJECTION: forcing a failure.
[  101.968510][ T7551] name failslab, interval 1, probability 0, space 0, times 1
[  101.981240][ T7551] CPU: 0 UID: 0 PID: 7551 Comm: syz.3.1428 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  101.981282][ T7551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  101.981293][ T7551] Call Trace:
[  101.981300][ T7551]  <TASK>
[  101.981308][ T7551]  __dump_stack+0x1d/0x30
[  101.981336][ T7551]  dump_stack_lvl+0x95/0xd0
[  101.981360][ T7551]  dump_stack+0x15/0x1b
[  101.981383][ T7551]  should_fail_ex+0x265/0x280
[  101.981524][ T7551]  should_failslab+0x8c/0xb0
[  101.981550][ T7551]  __kmalloc_cache_noprof+0x65/0x4c0
[  101.981577][ T7551]  ? audit_log_d_path+0x8d/0x150
[  101.981600][ T7551]  audit_log_d_path+0x8d/0x150
[  101.981619][ T7551]  audit_log_d_path_exe+0x42/0x70
[  101.981666][ T7551]  audit_log_task+0x1e9/0x250
[  101.981694][ T7551]  ? kstrtouint+0x76/0xc0
[  101.981766][ T7551]  audit_seccomp+0x61/0x100
[  101.981819][ T7551]  ? __seccomp_filter+0x832/0x1260
[  101.981847][ T7551]  __seccomp_filter+0x843/0x1260
[  101.981888][ T7551]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  101.981916][ T7551]  ? vfs_write+0x7e8/0x960
[  101.981936][ T7551]  ? kmem_cache_free+0xe3/0x3a0
[  101.982029][ T7551]  __secure_computing+0x82/0x150
[  101.982122][ T7551]  syscall_trace_enter+0xcf/0x1e0
[  101.982148][ T7551]  do_syscall_64+0xa4/0x2b0
[  101.982185][ T7551]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.982208][ T7551] RIP: 0033:0x7fd3a5daf749
[  101.982284][ T7551] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.982304][ T7551] RSP: 002b:00007fd3a4817038 EFLAGS: 00000246 ORIG_RAX: 00000000000000dd
[  101.982399][ T7551] RAX: ffffffffffffffda RBX: 00007fd3a6005fa0 RCX: 00007fd3a5daf749
[  101.982413][ T7551] RDX: 0000000000000009 RSI: 8000000000000000 RDI: ffffffffffffffff
[  101.982433][ T7551] RBP: 00007fd3a4817090 R08: 0000000000000000 R09: 0000000000000000
[  101.982446][ T7551] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001
[  101.982465][ T7551] R13: 00007fd3a6006038 R14: 00007fd3a6005fa0 R15: 00007ffca3fee408
[  101.982485][ T7551]  </TASK>
[  102.287570][ T7566] syzkaller0: entered promiscuous mode
[  102.293270][ T7566] syzkaller0: entered allmulticast mode
[  102.326685][ T7568] netlink: 'syz.1.1435': attribute type 21 has an invalid length.
[  102.356134][ T7568] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1435'.
[  102.363864][ T7574] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1438'.
[  102.379365][ T7568] loop1: detected capacity change from 0 to 1024
[  102.413317][ T7568] EXT4-fs: Ignoring removed orlov option
[  102.421510][ T7568] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.462219][ T7583] syzkaller0: entered promiscuous mode
[  102.467783][ T7583] syzkaller0: entered allmulticast mode
[  102.486193][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.495401][ T7581] loop3: detected capacity change from 0 to 8192
[  102.567195][    C0] hrtimer: interrupt took 38914 ns
[  102.638727][ T7595] syzkaller0: entered promiscuous mode
[  102.644304][ T7595] syzkaller0: entered allmulticast mode
[  102.652937][ T7594] netlink: 'syz.4.1443': attribute type 21 has an invalid length.
[  102.698683][ T7594] loop4: detected capacity change from 0 to 128
[  102.754384][ T7607] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1451'.
[  102.907022][ T7625] syzkaller0: entered promiscuous mode
[  102.912692][ T7625] syzkaller0: entered allmulticast mode
[  103.016693][ T7630] FAULT_INJECTION: forcing a failure.
[  103.016693][ T7630] name failslab, interval 1, probability 0, space 0, times 0
[  103.029364][ T7630] CPU: 0 UID: 0 PID: 7630 Comm: syz.3.1458 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  103.029394][ T7630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  103.029407][ T7630] Call Trace:
[  103.029414][ T7630]  <TASK>
[  103.029423][ T7630]  __dump_stack+0x1d/0x30
[  103.029472][ T7630]  dump_stack_lvl+0x95/0xd0
[  103.029494][ T7630]  dump_stack+0x15/0x1b
[  103.029517][ T7630]  should_fail_ex+0x265/0x280
[  103.029542][ T7630]  should_failslab+0x8c/0xb0
[  103.029609][ T7630]  kmem_cache_alloc_noprof+0x69/0x4b0
[  103.029668][ T7630]  ? copy_net_ns+0x10c/0x460
[  103.029701][ T7630]  copy_net_ns+0x10c/0x460
[  103.029723][ T7630]  create_new_namespaces+0x20e/0x400
[  103.029753][ T7630]  unshare_nsproxy_namespaces+0xe8/0x120
[  103.029790][ T7630]  ksys_unshare+0x3d0/0x6d0
[  103.029815][ T7630]  ? ksys_write+0x192/0x1a0
[  103.029839][ T7630]  __x64_sys_unshare+0x1f/0x30
[  103.029877][ T7630]  x64_sys_call+0x2ae6/0x3000
[  103.029939][ T7630]  do_syscall_64+0xca/0x2b0
[  103.029974][ T7630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.029997][ T7630] RIP: 0033:0x7fd3a5daf749
[  103.030015][ T7630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.030092][ T7630] RSP: 002b:00007fd3a47f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  103.030116][ T7630] RAX: ffffffffffffffda RBX: 00007fd3a6006090 RCX: 00007fd3a5daf749
[  103.030131][ T7630] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000062040200
[  103.030145][ T7630] RBP: 00007fd3a47f6090 R08: 0000000000000000 R09: 0000000000000000
[  103.030158][ T7630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.030171][ T7630] R13: 00007fd3a6006128 R14: 00007fd3a6006090 R15: 00007ffca3fee408
[  103.030273][ T7630]  </TASK>
[  103.254298][ T7634] loop0: detected capacity change from 0 to 128
[  103.269647][ T7636] syzkaller0: entered promiscuous mode
[  103.275311][ T7636] syzkaller0: entered allmulticast mode
[  103.437589][ T7634] syz.0.1461: attempt to access beyond end of device
[  103.437589][ T7634] loop0: rw=2049, sector=153, nr_sectors = 8 limit=128
[  103.506010][ T7634] syz.0.1461: attempt to access beyond end of device
[  103.506010][ T7634] loop0: rw=2049, sector=169, nr_sectors = 8 limit=128
[  103.530380][ T7645] loop4: detected capacity change from 0 to 8192
[  103.568568][ T7634] syz.0.1461: attempt to access beyond end of device
[  103.568568][ T7634] loop0: rw=2049, sector=185, nr_sectors = 8 limit=128
[  103.621555][ T7634] syz.0.1461: attempt to access beyond end of device
[  103.621555][ T7634] loop0: rw=2049, sector=201, nr_sectors = 8 limit=128
[  103.643595][ T7634] syz.0.1461: attempt to access beyond end of device
[  103.643595][ T7634] loop0: rw=2049, sector=217, nr_sectors = 8 limit=128
[  103.660091][ T7634] syz.0.1461: attempt to access beyond end of device
[  103.660091][ T7634] loop0: rw=2049, sector=233, nr_sectors = 8 limit=128
[  103.723100][ T7634] syz.0.1461: attempt to access beyond end of device
[  103.723100][ T7634] loop0: rw=2049, sector=249, nr_sectors = 8 limit=128
[  103.740504][ T7634] syz.0.1461: attempt to access beyond end of device
[  103.740504][ T7634] loop0: rw=2049, sector=265, nr_sectors = 8 limit=128
[  103.755220][ T7634] syz.0.1461: attempt to access beyond end of device
[  103.755220][ T7634] loop0: rw=2049, sector=281, nr_sectors = 8 limit=128
[  103.859051][ T7676] loop4: detected capacity change from 0 to 2048
[  103.934762][ T3534]  loop4: p1 < > p4
[  103.943267][ T3534] loop4: p4 size 8388608 extends beyond EOD, truncated
[  103.960381][ T7676]  loop4: p1 < > p4
[  103.965725][ T7676] loop4: p4 size 8388608 extends beyond EOD, truncated
[  104.059132][ T7698] loop0: detected capacity change from 0 to 1024
[  104.087367][ T7698] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.121113][ T3309] udevd[3309]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  104.135008][ T3534] udevd[3534]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  104.193928][ T3534] udevd[3534]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  104.204895][ T3309] udevd[3309]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  104.318639][ T7722] IPv6: Can't replace route, no match found
[  104.457656][ T7737] FAULT_INJECTION: forcing a failure.
[  104.457656][ T7737] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  104.471059][ T7737] CPU: 0 UID: 0 PID: 7737 Comm: syz.1.1496 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  104.471087][ T7737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  104.471096][ T7737] Call Trace:
[  104.471101][ T7737]  <TASK>
[  104.471106][ T7737]  __dump_stack+0x1d/0x30
[  104.471124][ T7737]  dump_stack_lvl+0x95/0xd0
[  104.471211][ T7737]  dump_stack+0x15/0x1b
[  104.471225][ T7737]  should_fail_ex+0x265/0x280
[  104.471240][ T7737]  should_fail+0xb/0x20
[  104.471253][ T7737]  should_fail_usercopy+0x1a/0x20
[  104.471269][ T7737]  _copy_from_user+0x1c/0xb0
[  104.471387][ T7737]  ___sys_sendmsg+0xc1/0x1d0
[  104.471459][ T7737]  __x64_sys_sendmsg+0xd4/0x160
[  104.471480][ T7737]  x64_sys_call+0x17ba/0x3000
[  104.471535][ T7737]  do_syscall_64+0xca/0x2b0
[  104.471558][ T7737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.471573][ T7737] RIP: 0033:0x7f16e131f749
[  104.471646][ T7737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.471726][ T7737] RSP: 002b:00007f16dfd7f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  104.471750][ T7737] RAX: ffffffffffffffda RBX: 00007f16e1575fa0 RCX: 00007f16e131f749
[  104.471758][ T7737] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000005
[  104.471767][ T7737] RBP: 00007f16dfd7f090 R08: 0000000000000000 R09: 0000000000000000
[  104.471774][ T7737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.471782][ T7737] R13: 00007f16e1576038 R14: 00007f16e1575fa0 R15: 00007ffd97137788
[  104.471795][ T7737]  </TASK>
[  104.629887][ T7738] loop2: detected capacity change from 0 to 512
[  104.637014][ T7738] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  104.657345][ T7738] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.670051][ T7738] ext4 filesystem being mounted at /267/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  104.777371][ T7744] __nla_validate_parse: 3 callbacks suppressed
[  104.777389][ T7744] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1497'.
[  104.852913][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.205240][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.289513][ T7778] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  105.383349][ T7781] loop3: detected capacity change from 0 to 164
[  105.400570][ T7781] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  105.423570][ T7781] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  105.441850][ T7781] Symlink component flag not implemented
[  105.447578][ T7781] Symlink component flag not implemented
[  105.464528][ T7781] Symlink component flag not implemented (7)
[  105.470554][ T7781] Symlink component flag not implemented (116)
[  105.485088][ T7782] netlink: 8 bytes leftover after parsing attributes in process `'.
[  105.494963][ T7781] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1508'.
[  105.530640][ T7781] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1508'.
[  105.558512][ T7781] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1508'.
[  105.954347][ T7784] loop4: detected capacity change from 0 to 8192
[  106.089348][   T29] kauditd_printk_skb: 1065 callbacks suppressed
[  106.089364][   T29] audit: type=1326 audit(1767288760.124:8762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7800 comm="syz.4.1513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7581aef749 code=0x7ffc0000
[  106.119555][   T29] audit: type=1326 audit(1767288760.124:8763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7800 comm="syz.4.1513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7581aef749 code=0x7ffc0000
[  106.142983][   T29] audit: type=1326 audit(1767288760.124:8764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7800 comm="syz.4.1513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7581aef749 code=0x7ffc0000
[  106.166679][   T29] audit: type=1326 audit(1767288760.124:8765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7800 comm="syz.4.1513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7581aef749 code=0x7ffc0000
[  106.190513][   T29] audit: type=1326 audit(1767288760.124:8766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7800 comm="syz.4.1513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7581aef749 code=0x7ffc0000
[  106.197077][ T7803] ªªªªªª: renamed from vlan0 (while UP)
[  106.214294][   T29] audit: type=1326 audit(1767288760.124:8767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7800 comm="syz.4.1513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7581aef749 code=0x7ffc0000
[  106.243295][   T29] audit: type=1326 audit(1767288760.124:8768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7800 comm="syz.4.1513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7581aef749 code=0x7ffc0000
[  106.266714][   T29] audit: type=1326 audit(1767288760.124:8769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7800 comm="syz.4.1513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7581aef749 code=0x7ffc0000
[  106.290141][   T29] audit: type=1326 audit(1767288760.124:8770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7800 comm="syz.4.1513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7581aef749 code=0x7ffc0000
[  106.313890][   T29] audit: type=1326 audit(1767288760.124:8771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7800 comm="syz.4.1513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7581aef749 code=0x7ffc0000
[  106.829593][ T7819] FAULT_INJECTION: forcing a failure.
[  106.829593][ T7819] name failslab, interval 1, probability 0, space 0, times 0
[  106.842364][ T7819] CPU: 0 UID: 0 PID: 7819 Comm: syz.1.1517 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  106.842479][ T7819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  106.842519][ T7819] Call Trace:
[  106.842526][ T7819]  <TASK>
[  106.842533][ T7819]  __dump_stack+0x1d/0x30
[  106.842560][ T7819]  dump_stack_lvl+0x95/0xd0
[  106.842618][ T7819]  dump_stack+0x15/0x1b
[  106.842641][ T7819]  should_fail_ex+0x265/0x280
[  106.842666][ T7819]  should_failslab+0x8c/0xb0
[  106.842692][ T7819]  kmem_cache_alloc_node_noprof+0x6b/0x4c0
[  106.842719][ T7819]  ? __alloc_skb+0x2ff/0x4b0
[  106.842797][ T7819]  __alloc_skb+0x2ff/0x4b0
[  106.842818][ T7819]  ? __alloc_skb+0x228/0x4b0
[  106.842844][ T7819]  audit_log_start+0x3a0/0x720
[  106.842868][ T7819]  ? __rcu_read_unlock+0x4f/0x70
[  106.843003][ T7819]  audit_seccomp+0x48/0x100
[  106.843035][ T7819]  ? __seccomp_filter+0x832/0x1260
[  106.843060][ T7819]  __seccomp_filter+0x843/0x1260
[  106.843087][ T7819]  ? __schedule+0x85f/0xcd0
[  106.843122][ T7819]  __secure_computing+0x82/0x150
[  106.843228][ T7819]  syscall_trace_enter+0xcf/0x1e0
[  106.843250][ T7819]  do_syscall_64+0xa4/0x2b0
[  106.843284][ T7819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.843310][ T7819] RIP: 0033:0x7f16e131e15c
[  106.843334][ T7819] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  106.843355][ T7819] RSP: 002b:00007f16dfd7f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  106.843374][ T7819] RAX: ffffffffffffffda RBX: 00007f16e1575fa0 RCX: 00007f16e131e15c
[  106.843386][ T7819] RDX: 000000000000000f RSI: 00007f16dfd7f0a0 RDI: 0000000000000003
[  106.843457][ T7819] RBP: 00007f16dfd7f090 R08: 0000000000000000 R09: 0000000000000000
[  106.843534][ T7819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.843546][ T7819] R13: 00007f16e1576038 R14: 00007f16e1575fa0 R15: 00007ffd97137788
[  106.843563][ T7819]  </TASK>
[  107.070416][ T7827] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1521'.
[  107.179709][ T7834] loop1: detected capacity change from 0 to 8192
[  108.040004][ T7869] loop2: detected capacity change from 0 to 512
[  108.092569][ T7869] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  108.139131][ T7880] loop3: detected capacity change from 0 to 512
[  108.146742][ T7869] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #13: comm syz.2.1533: iget: bad i_size value: 12154757448730
[  108.193304][ T7869] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.1533: couldn't read orphan inode 13 (err -117)
[  108.222260][ T7880] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[  108.238389][ T7869] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.260233][ T7880] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #13: comm syz.3.1535: iget: bad i_size value: 12154757448730
[  108.278640][ T7869] EXT4-fs warning (device loop2): ext4_lookup:1797: Inconsistent encryption contexts: 2/12
[  108.291252][ T7880] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1535: couldn't read orphan inode 13 (err -117)
[  108.303536][ T7869] EXT4-fs warning (device loop2): ext4_lookup:1797: Inconsistent encryption contexts: 2/12
[  108.314439][ T7880] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.352310][ T7880] EXT4-fs warning (device loop3): ext4_lookup:1797: Inconsistent encryption contexts: 2/12
[  108.365815][ T7880] FAULT_INJECTION: forcing a failure.
[  108.365815][ T7880] name failslab, interval 1, probability 0, space 0, times 0
[  108.378623][ T7880] CPU: 0 UID: 0 PID: 7880 Comm: syz.3.1535 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  108.378652][ T7880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  108.378718][ T7880] Call Trace:
[  108.378727][ T7880]  <TASK>
[  108.378736][ T7880]  __dump_stack+0x1d/0x30
[  108.378827][ T7880]  dump_stack_lvl+0x95/0xd0
[  108.378847][ T7880]  dump_stack+0x15/0x1b
[  108.378868][ T7880]  should_fail_ex+0x265/0x280
[  108.378891][ T7880]  should_failslab+0x8c/0xb0
[  108.378992][ T7880]  kmem_cache_alloc_noprof+0x69/0x4b0
[  108.379013][ T7880]  ? getname_flags+0x80/0x3b0
[  108.379102][ T7880]  getname_flags+0x80/0x3b0
[  108.379136][ T7880]  user_path_at+0x28/0x130
[  108.379167][ T7880]  __se_sys_mount+0x25b/0x2e0
[  108.379267][ T7880]  ? fput+0x8f/0xc0
[  108.379350][ T7880]  __x64_sys_mount+0x67/0x80
[  108.379370][ T7880]  x64_sys_call+0x2cca/0x3000
[  108.379452][ T7880]  do_syscall_64+0xca/0x2b0
[  108.379485][ T7880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.379505][ T7880] RIP: 0033:0x7fd3a5daf749
[  108.379573][ T7880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.379667][ T7880] RSP: 002b:00007fd3a4817038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  108.379687][ T7880] RAX: ffffffffffffffda RBX: 00007fd3a6005fa0 RCX: 00007fd3a5daf749
[  108.379700][ T7880] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[  108.379712][ T7880] RBP: 00007fd3a4817090 R08: 0000000000000000 R09: 0000000000000000
[  108.379727][ T7880] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000001
[  108.379742][ T7880] R13: 00007fd3a6006038 R14: 00007fd3a6005fa0 R15: 00007ffca3fee408
[  108.379764][ T7880]  </TASK>
[  108.563833][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.609399][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.790057][ T7915] syzkaller0: entered promiscuous mode
[  108.795671][ T7915] syzkaller0: entered allmulticast mode
[  109.129910][ T7924] loop1: detected capacity change from 0 to 4096
[  109.197189][ T7924] EXT4-fs: dax option not supported
[  109.832070][ T7959] xt_CT: You must specify a L4 protocol and not use inversions on it
[  110.169461][ T7979] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1559'.
[  110.180390][ T7981] FAULT_INJECTION: forcing a failure.
[  110.180390][ T7981] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  110.193538][ T7981] CPU: 1 UID: 0 PID: 7981 Comm: syz.4.1562 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  110.193618][ T7981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  110.193671][ T7981] Call Trace:
[  110.193678][ T7981]  <TASK>
[  110.193687][ T7981]  __dump_stack+0x1d/0x30
[  110.193714][ T7981]  dump_stack_lvl+0x95/0xd0
[  110.193736][ T7981]  dump_stack+0x15/0x1b
[  110.193825][ T7981]  should_fail_ex+0x265/0x280
[  110.193850][ T7981]  should_fail+0xb/0x20
[  110.193868][ T7981]  should_fail_usercopy+0x1a/0x20
[  110.193894][ T7981]  _copy_from_user+0x1c/0xb0
[  110.193996][ T7981]  ___sys_sendmsg+0xc1/0x1d0
[  110.194040][ T7981]  __x64_sys_sendmsg+0xd4/0x160
[  110.194070][ T7981]  x64_sys_call+0x17ba/0x3000
[  110.194123][ T7981]  do_syscall_64+0xca/0x2b0
[  110.194162][ T7981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.194186][ T7981] RIP: 0033:0x7f7581aef749
[  110.194205][ T7981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.194261][ T7981] RSP: 002b:00007f7580557038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  110.194283][ T7981] RAX: ffffffffffffffda RBX: 00007f7581d45fa0 RCX: 00007f7581aef749
[  110.194299][ T7981] RDX: 0000000000008000 RSI: 0000200000000000 RDI: 0000000000000005
[  110.194323][ T7981] RBP: 00007f7580557090 R08: 0000000000000000 R09: 0000000000000000
[  110.194335][ T7981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.194346][ T7981] R13: 00007f7581d46038 R14: 00007f7581d45fa0 R15: 00007fffcba1e9d8
[  110.194364][ T7981]  </TASK>
[  110.209916][ T7979] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1559'.
[  110.640349][ T7997] loop3: detected capacity change from 0 to 8192
[  110.736343][ T3321] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  110.744311][ T3321] FAT-fs (loop3): Filesystem has been set read-only
[  110.826422][ T8006] loop2: detected capacity change from 0 to 128
[  111.197733][ T8006] bio_check_eod: 103 callbacks suppressed
[  111.197752][ T8006] syz.2.1570: attempt to access beyond end of device
[  111.197752][ T8006] loop2: rw=2049, sector=138, nr_sectors = 2 limit=128
[  111.264734][ T8026] loop4: detected capacity change from 0 to 8192
[  111.281886][ T8027] loop3: detected capacity change from 0 to 8192
[  111.343164][   T29] kauditd_printk_skb: 870 callbacks suppressed
[  111.343182][   T29] audit: type=1326 audit(1767288765.384:9640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8030 comm="syz.0.1578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbfcf2f749 code=0x7ffc0000
[  111.412901][   T29] audit: type=1326 audit(1767288765.414:9641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8032 comm="syz.1.1579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e131f749 code=0x7ffc0000
[  111.436389][   T29] audit: type=1326 audit(1767288765.414:9642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8032 comm="syz.1.1579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e131f749 code=0x7ffc0000
[  111.460019][   T29] audit: type=1326 audit(1767288765.414:9643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8032 comm="syz.1.1579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e131f749 code=0x7ffc0000
[  111.483639][   T29] audit: type=1326 audit(1767288765.414:9644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8032 comm="syz.1.1579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e131f749 code=0x7ffc0000
[  111.507073][   T29] audit: type=1326 audit(1767288765.414:9645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8032 comm="syz.1.1579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f16e131f749 code=0x7ffc0000
[  111.530693][   T29] audit: type=1326 audit(1767288765.414:9646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8032 comm="syz.1.1579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e131f749 code=0x7ffc0000
[  111.554195][   T29] audit: type=1326 audit(1767288765.414:9647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8032 comm="syz.1.1579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e131f749 code=0x7ffc0000
[  111.577654][   T29] audit: type=1326 audit(1767288765.414:9649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8030 comm="syz.0.1578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbfcf2f749 code=0x7ffc0000
[  111.601320][   T29] audit: type=1326 audit(1767288765.414:9648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8032 comm="syz.1.1579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e131f749 code=0x7ffc0000
[  111.653509][ T8037] capability: warning: `syz.4.1581' uses 32-bit capabilities (legacy support in use)
[  111.732244][ T8045] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1583'.
[  111.854351][ T8058] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  111.866861][ T8058] bond0: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  111.877776][ T8058] bond0: (slave ipvlan2): Error -95 calling set_mac_address
[  111.891199][ T8059] syzkaller0: entered promiscuous mode
[  111.896765][ T8059] syzkaller0: entered allmulticast mode
[  112.046149][ T8074] FAULT_INJECTION: forcing a failure.
[  112.046149][ T8074] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  112.059667][ T8074] CPU: 0 UID: 0 PID: 8074 Comm: syz.4.1593 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  112.059700][ T8074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  112.059772][ T8074] Call Trace:
[  112.059779][ T8074]  <TASK>
[  112.059787][ T8074]  __dump_stack+0x1d/0x30
[  112.059815][ T8074]  dump_stack_lvl+0x95/0xd0
[  112.059835][ T8074]  dump_stack+0x15/0x1b
[  112.059858][ T8074]  should_fail_ex+0x265/0x280
[  112.059916][ T8074]  should_fail+0xb/0x20
[  112.059975][ T8074]  should_fail_usercopy+0x1a/0x20
[  112.060002][ T8074]  _copy_from_user+0x1c/0xb0
[  112.060034][ T8074]  __sys_bpf+0x183/0x7c0
[  112.060062][ T8074]  __x64_sys_bpf+0x41/0x50
[  112.060167][ T8074]  x64_sys_call+0x28e1/0x3000
[  112.060190][ T8074]  do_syscall_64+0xca/0x2b0
[  112.060243][ T8074]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.060264][ T8074] RIP: 0033:0x7f7581aef749
[  112.060339][ T8074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.060358][ T8074] RSP: 002b:00007f7580557038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  112.060386][ T8074] RAX: ffffffffffffffda RBX: 00007f7581d45fa0 RCX: 00007f7581aef749
[  112.060399][ T8074] RDX: 0000000000000048 RSI: 0000200000000080 RDI: 000000000000000a
[  112.060411][ T8074] RBP: 00007f7580557090 R08: 0000000000000000 R09: 0000000000000000
[  112.060454][ T8074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  112.060473][ T8074] R13: 00007f7581d46038 R14: 00007f7581d45fa0 R15: 00007fffcba1e9d8
[  112.060492][ T8074]  </TASK>
[  112.247725][ T8081] loop3: detected capacity change from 0 to 128
[  112.267256][ T8085] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1597'.
[  112.377460][ T8093] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1602'.
[  112.459466][ T8093] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1602'.
[  112.617845][ T8116] syz.3.1596: attempt to access beyond end of device
[  112.617845][ T8116] loop3: rw=2049, sector=138, nr_sectors = 2 limit=128
[  112.688823][ T8133] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1613'.
[  112.777651][ T8143] loop2: detected capacity change from 0 to 512
[  112.791125][ T8143] EXT4-fs: dax option not supported
[  112.836304][ T8143] loop2: detected capacity change from 0 to 1024
[  112.852850][ T8143] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  112.864056][ T8143] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  112.876429][ T8143] JBD2: no valid journal superblock found
[  112.882206][ T8143] EXT4-fs (loop2): Could not load journal inode
[  112.941938][ T8150] loop4: detected capacity change from 0 to 512
[  112.950132][ T8150] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  112.963323][ T8150] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  112.991160][ T8150] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.1619: bad orphan inode 131083
[  113.016416][ T8150] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.103328][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.113350][ T8166] loop1: detected capacity change from 0 to 8192
[  113.171546][ T8172] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1624'.
[  113.224619][ T8175] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1626'.
[  113.386203][ T8189] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  113.425954][ T8189] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  113.432563][ T8189] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  113.440109][ T8189] vhci_hcd vhci_hcd.0: Device attached
[  113.489383][ T8192] vhci_hcd: connection closed
[  113.489500][ T1577] vhci_hcd vhci_hcd.1: stop threads
[  113.499629][ T1577] vhci_hcd vhci_hcd.1: release socket
[  113.505120][ T1577] vhci_hcd vhci_hcd.1: disconnect device
[  113.620872][ T8222] FAULT_INJECTION: forcing a failure.
[  113.620872][ T8222] name failslab, interval 1, probability 0, space 0, times 0
[  113.633573][ T8222] CPU: 0 UID: 0 PID: 8222 Comm: syz.4.1637 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  113.633605][ T8222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  113.633618][ T8222] Call Trace:
[  113.633627][ T8222]  <TASK>
[  113.633648][ T8222]  __dump_stack+0x1d/0x30
[  113.633677][ T8222]  dump_stack_lvl+0x95/0xd0
[  113.633709][ T8222]  dump_stack+0x15/0x1b
[  113.633727][ T8222]  should_fail_ex+0x265/0x280
[  113.633769][ T8222]  should_failslab+0x8c/0xb0
[  113.633793][ T8222]  __kmalloc_cache_noprof+0x65/0x4c0
[  113.633817][ T8222]  ? ipv6_add_addr+0x389/0x830
[  113.633912][ T8222]  ipv6_add_addr+0x389/0x830
[  113.633937][ T8222]  inet6_addr_add+0x28d/0x720
[  113.633977][ T8222]  ? cred_has_capability+0x210/0x280
[  113.634010][ T8222]  ? selinux_capable+0x31/0x40
[  113.634033][ T8222]  ? should_fail_ex+0xdb/0x280
[  113.634057][ T8222]  addrconf_add_ifaddr+0x1ab/0x270
[  113.634091][ T8222]  inet6_ioctl+0xb0/0x190
[  113.634119][ T8222]  ? ioctl_has_perm+0x255/0x2a0
[  113.634151][ T8222]  sock_do_ioctl+0x73/0x220
[  113.634210][ T8222]  sock_ioctl+0x41b/0x610
[  113.634276][ T8222]  ? __pfx_sock_ioctl+0x10/0x10
[  113.634309][ T8222]  __se_sys_ioctl+0xce/0x140
[  113.634358][ T8222]  __x64_sys_ioctl+0x43/0x50
[  113.634460][ T8222]  x64_sys_call+0x14b0/0x3000
[  113.634488][ T8222]  do_syscall_64+0xca/0x2b0
[  113.634525][ T8222]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.634593][ T8222] RIP: 0033:0x7f7581aef749
[  113.634610][ T8222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.634647][ T8222] RSP: 002b:00007f7580557038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  113.634670][ T8222] RAX: ffffffffffffffda RBX: 00007f7581d45fa0 RCX: 00007f7581aef749
[  113.634685][ T8222] RDX: 0000200000005b80 RSI: 0000000000008916 RDI: 0000000000000003
[  113.634698][ T8222] RBP: 00007f7580557090 R08: 0000000000000000 R09: 0000000000000000
[  113.634711][ T8222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.634726][ T8222] R13: 00007f7581d46038 R14: 00007f7581d45fa0 R15: 00007fffcba1e9d8
[  113.634753][ T8222]  </TASK>
[  113.883181][ T8227] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1640'.
[  113.976247][ T8232] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  113.985907][ T8232] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  113.994368][ T8232] Symlink component flag not implemented
[  114.000070][ T8232] Symlink component flag not implemented
[  114.006322][ T8232] Symlink component flag not implemented (7)
[  114.012371][ T8232] Symlink component flag not implemented (116)
[  114.070936][ T8233] syz.0.1639: attempt to access beyond end of device
[  114.070936][ T8233] loop0: rw=2049, sector=138, nr_sectors = 2 limit=128
[  114.276802][ T8238] syz.3.1642: attempt to access beyond end of device
[  114.276802][ T8238] loop3: rw=2049, sector=138, nr_sectors = 2 limit=128
[  114.314607][ T8240] syzkaller0: entered promiscuous mode
[  114.320113][ T8240] syzkaller0: entered allmulticast mode
[  114.500673][ T8250] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  114.577831][ T8256] set_capacity_and_notify: 5 callbacks suppressed
[  114.577851][ T8256] loop1: detected capacity change from 0 to 8192
[  114.593750][ T8257] loop2: detected capacity change from 0 to 164
[  114.602737][ T8257] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  114.622265][ T8257] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  114.641989][ T8257] Symlink component flag not implemented
[  114.647768][ T8257] Symlink component flag not implemented
[  114.656603][ T8257] Symlink component flag not implemented (7)
[  114.662668][ T8257] Symlink component flag not implemented (116)
[  114.848036][ T8273] syzkaller0: entered promiscuous mode
[  114.853615][ T8273] syzkaller0: entered allmulticast mode
[  115.143705][ T8298] loop3: detected capacity change from 0 to 512
[  115.164650][ T8298] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  115.189827][ T8302] loop0: detected capacity change from 0 to 128
[  115.201607][ T8298] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.1666: bad orphan inode 131083
[  115.216520][ T8298] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.267883][ T8298] EXT4-fs error (device loop3): ext4_find_dest_de:2050: inode #12: block 7: comm wÞ£ÿ: bad entry in directory: directory entry overrun - offset=16, inode=1560281102, rec_len=1024, size=56 fake=0
[  115.309463][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.433788][ T8309] syzkaller0: entered promiscuous mode
[  115.439326][ T8309] syzkaller0: entered allmulticast mode
[  115.511837][ T8312] syz.0.1668: attempt to access beyond end of device
[  115.511837][ T8312] loop0: rw=2049, sector=138, nr_sectors = 2 limit=128
[  115.541395][ T8314] FAULT_INJECTION: forcing a failure.
[  115.541395][ T8314] name failslab, interval 1, probability 0, space 0, times 0
[  115.554152][ T8314] CPU: 0 UID: 0 PID: 8314 Comm: syz.4.1672 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  115.554183][ T8314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  115.554197][ T8314] Call Trace:
[  115.554204][ T8314]  <TASK>
[  115.554213][ T8314]  __dump_stack+0x1d/0x30
[  115.554273][ T8314]  dump_stack_lvl+0x95/0xd0
[  115.554292][ T8314]  dump_stack+0x15/0x1b
[  115.554321][ T8314]  should_fail_ex+0x265/0x280
[  115.554395][ T8314]  should_failslab+0x8c/0xb0
[  115.554447][ T8314]  kmem_cache_alloc_node_noprof+0x6b/0x4c0
[  115.554472][ T8314]  ? __alloc_skb+0x2ff/0x4b0
[  115.554498][ T8314]  __alloc_skb+0x2ff/0x4b0
[  115.554549][ T8314]  ? __alloc_skb+0x228/0x4b0
[  115.554647][ T8314]  ppp_write+0x8a/0x330
[  115.554676][ T8314]  vfs_writev+0x406/0x8b0
[  115.554778][ T8314]  ? __pfx_ppp_write+0x10/0x10
[  115.554807][ T8314]  __x64_sys_pwritev+0xfd/0x1c0
[  115.554829][ T8314]  x64_sys_call+0x161b/0x3000
[  115.554853][ T8314]  do_syscall_64+0xca/0x2b0
[  115.554953][ T8314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.554973][ T8314] RIP: 0033:0x7f7581aef749
[  115.555057][ T8314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.555076][ T8314] RSP: 002b:00007f7580557038 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
[  115.555098][ T8314] RAX: ffffffffffffffda RBX: 00007f7581d45fa0 RCX: 00007f7581aef749
[  115.555113][ T8314] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003
[  115.555145][ T8314] RBP: 00007f7580557090 R08: 0000000000000000 R09: 0000000000000000
[  115.555159][ T8314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  115.555173][ T8314] R13: 00007f7581d46038 R14: 00007f7581d45fa0 R15: 00007fffcba1e9d8
[  115.555193][ T8314]  </TASK>
[  115.830149][ T8330] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  115.869506][ T8331] syzkaller0: entered promiscuous mode
[  115.875501][ T8331] syzkaller0: entered allmulticast mode
[  115.900686][ T8336] loop4: detected capacity change from 0 to 164
[  115.907995][ T8336] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  115.935432][ T8336] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  115.958163][ T8336] Symlink component flag not implemented
[  115.964091][ T8336] Symlink component flag not implemented
[  115.978945][ T8336] Symlink component flag not implemented (7)
[  115.985087][ T8336] Symlink component flag not implemented (116)
[  115.993961][ T8336] __nla_validate_parse: 12 callbacks suppressed
[  115.993980][ T8336] netlink: 8 bytes leftover after parsing attributes in process `'.
[  116.012321][ T8336] netlink: 8 bytes leftover after parsing attributes in process `'.
[  116.021045][ T8336] netlink: 8 bytes leftover after parsing attributes in process `'.
[  116.031375][ T8336] netlink: 8 bytes leftover after parsing attributes in process `'.
[  116.608636][ T8360] netlink: 'syz.2.1690': attribute type 1 has an invalid length.
[  116.760754][   T29] kauditd_printk_skb: 569 callbacks suppressed
[  116.760769][   T29] audit: type=1400 audit(1767288770.794:10219): avc:  denied  { read write } for  pid=3323 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  116.792276][   T29] audit: type=1400 audit(1767288770.794:10220): avc:  denied  { open } for  pid=3323 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  116.816929][   T29] audit: type=1400 audit(1767288770.794:10221): avc:  denied  { ioctl } for  pid=3323 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  116.844078][   T29] audit: type=1400 audit(1767288770.864:10222): avc:  denied  { read write } for  pid=8375 comm="syz.4.1694" name="virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  116.867881][   T29] audit: type=1400 audit(1767288770.864:10223): avc:  denied  { open } for  pid=8375 comm="syz.4.1694" path="/dev/virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  116.895480][ T8382] Driver unsupported XDP return value 0 on prog  (id 520) dev N/A, expect packet loss!
[  116.896105][   T29] audit: type=1400 audit(1767288770.914:10224): avc:  denied  { map_create } for  pid=8381 comm="syz.3.1695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  116.924657][   T29] audit: type=1400 audit(1767288770.914:10225): avc:  denied  { perfmon } for  pid=8381 comm="syz.3.1695" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  116.945706][   T29] audit: type=1400 audit(1767288770.914:10226): avc:  denied  { map_read map_write } for  pid=8381 comm="syz.3.1695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  116.965710][   T29] audit: type=1400 audit(1767288770.914:10227): avc:  denied  { prog_load } for  pid=8381 comm="syz.3.1695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  116.984922][   T29] audit: type=1400 audit(1767288770.914:10228): avc:  denied  { bpf } for  pid=8381 comm="syz.3.1695" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  117.298954][ T8396] netlink: 'syz.3.1697': attribute type 1 has an invalid length.
[  117.597487][ T8400] loop1: detected capacity change from 0 to 512
[  117.638861][ T8400] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1)
[  117.698747][ T8400] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  117.911398][ T8400] FAT-fs (loop1): FAT read failed (blocknr 128)
[  118.006146][ T8413] loop0: detected capacity change from 0 to 1024
[  118.083679][ T8413] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  118.158377][ T8413] ext4 filesystem being mounted at /339/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.170151][ T8424] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1711'.
[  118.226657][ T8413] netlink: 'syz.0.1706': attribute type 21 has an invalid length.
[  118.234722][ T8413] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1706'.
[  118.262118][ T8413] netlink: 'syz.0.1706': attribute type 4 has an invalid length.
[  118.270089][ T8413] netlink: 'syz.0.1706': attribute type 5 has an invalid length.
[  118.277930][ T8413] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1706'.
[  118.302985][ T8424] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1711'.
[  118.409778][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  118.419939][ T8435] loop1: detected capacity change from 0 to 128
[  118.820899][ T8439] syz.1.1714: attempt to access beyond end of device
[  118.820899][ T8439] loop1: rw=2049, sector=138, nr_sectors = 2 limit=128
[  118.868436][ T8446] xt_hashlimit: max too large, truncated to 1048576
[  119.089051][ T8468] FAULT_INJECTION: forcing a failure.
[  119.089051][ T8468] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  119.098502][ T8469] loop0: detected capacity change from 0 to 512
[  119.102317][ T8468] CPU: 1 UID: 0 PID: 8468 Comm: syz.2.1728 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  119.102379][ T8468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  119.102393][ T8468] Call Trace:
[  119.102401][ T8468]  <TASK>
[  119.102409][ T8468]  __dump_stack+0x1d/0x30
[  119.102435][ T8468]  dump_stack_lvl+0x95/0xd0
[  119.102463][ T8468]  dump_stack+0x15/0x1b
[  119.102513][ T8468]  should_fail_ex+0x265/0x280
[  119.102537][ T8468]  should_fail+0xb/0x20
[  119.102557][ T8468]  should_fail_usercopy+0x1a/0x20
[  119.102581][ T8468]  _copy_from_user+0x1c/0xb0
[  119.102727][ T8468]  __se_sys_rt_sigprocmask+0xa0/0x260
[  119.102759][ T8468]  __x64_sys_rt_sigprocmask+0x55/0x70
[  119.102788][ T8468]  x64_sys_call+0x276b/0x3000
[  119.102813][ T8468]  do_syscall_64+0xca/0x2b0
[  119.102870][ T8468]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.102892][ T8468] RIP: 0033:0x7f12a858f749
[  119.102909][ T8468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.102928][ T8468] RSP: 002b:00007f12a6ff7038 EFLAGS: 00000246 ORIG_RAX: 000000000000000e
[  119.103019][ T8468] RAX: ffffffffffffffda RBX: 00007f12a87e5fa0 RCX: 00007f12a858f749
[  119.103033][ T8468] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[  119.103098][ T8468] RBP: 00007f12a6ff7090 R08: 0000000000000000 R09: 0000000000000000
[  119.103111][ T8468] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  119.103124][ T8468] R13: 00007f12a87e6038 R14: 00007f12a87e5fa0 R15: 00007fff2b5db1d8
[  119.103208][ T8468]  </TASK>
[  119.274497][ T8469] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  119.294486][ T8469] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.1727: bad orphan inode 131083
[  119.313620][ T8469] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.330367][ T8469] EXT4-fs error (device loop0): ext4_find_dest_de:2050: inode #12: block 7: comm wÞ£ÿ: bad entry in directory: directory entry overrun - offset=16, inode=1560281102, rec_len=1024, size=56 fake=0
[  119.441821][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.538256][ T8491] syzkaller0: entered promiscuous mode
[  119.543876][ T8491] syzkaller0: entered allmulticast mode
[  119.575993][ T8497] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1739'.
[  119.627777][ T8501] syzkaller0: entered promiscuous mode
[  119.633384][ T8501] syzkaller0: entered allmulticast mode
[  119.718821][ T8505] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1743'.
[  119.728433][ T8505] 9p: Bad value for 'rfdno'
[  119.805519][ T8513] IPVS: set_ctl: invalid protocol: 58 100.1.1.2:20003
[  119.833968][ T8518] loop3: detected capacity change from 0 to 128
[  120.008018][ T8522] syz.3.1746: attempt to access beyond end of device
[  120.008018][ T8522] loop3: rw=2049, sector=138, nr_sectors = 2 limit=128
[  120.403357][ T8547] syzkaller0: entered promiscuous mode
[  120.408922][ T8547] syzkaller0: entered allmulticast mode
[  120.686128][ T8558] loop0: detected capacity change from 0 to 8192
[  120.755018][ T8574] loop1: detected capacity change from 0 to 764
[  120.823520][ T8574] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  121.023865][ T8591] loop3: detected capacity change from 0 to 4096
[  121.056290][ T8591] EXT4-fs: dax option not supported
[  121.201546][ T8593] loop2: detected capacity change from 0 to 8192
[  121.483832][ T8609] batman_adv: batadv0: Adding interface: dummy0
[  121.490235][ T8609] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  121.539869][ T8609] batman_adv: batadv0: Interface activated: dummy0
[  121.569942][ T8610] batadv0: mtu less than device minimum
[  121.576450][ T8610] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  121.587569][ T8610] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  121.598607][ T8610] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  121.609647][ T8610] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  121.620565][ T8610] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  121.631691][ T8610] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  121.642839][ T8610] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  121.653785][ T8610] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  121.664868][ T8610] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  121.776945][   T29] kauditd_printk_skb: 198 callbacks suppressed
[  121.776962][   T29] audit: type=1326 audit(1767288775.814:10427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8618 comm="syz.2.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  121.779057][ T8622] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1778'.
[  121.794422][   T29] audit: type=1326 audit(1767288775.814:10428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8618 comm="syz.2.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  121.839764][   T29] audit: type=1326 audit(1767288775.814:10429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8618 comm="syz.2.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  121.863389][   T29] audit: type=1326 audit(1767288775.824:10430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8618 comm="syz.2.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  121.887137][   T29] audit: type=1326 audit(1767288775.824:10431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8618 comm="syz.2.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  121.910712][   T29] audit: type=1326 audit(1767288775.824:10432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8618 comm="syz.2.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  121.936583][   T29] audit: type=1326 audit(1767288775.854:10433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8618 comm="syz.2.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  121.960565][   T29] audit: type=1326 audit(1767288775.854:10434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8618 comm="syz.2.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  121.984248][   T29] audit: type=1326 audit(1767288775.884:10435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8618 comm="syz.2.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  122.007853][   T29] audit: type=1326 audit(1767288775.884:10436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8618 comm="syz.2.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  122.071749][ T8633] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1780'.
[  122.108654][ T8633] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1780'.
[  122.225707][ T8650] loop4: detected capacity change from 0 to 164
[  122.246929][ T8650] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  122.275146][ T8650] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  122.302687][ T8650] Symlink component flag not implemented
[  122.308455][ T8650] Symlink component flag not implemented
[  122.341538][ T8651] loop0: detected capacity change from 0 to 8192
[  122.353414][ T8650] Symlink component flag not implemented (7)
[  122.359484][ T8650] Symlink component flag not implemented (116)
[  122.441274][ T8652] netlink: 8 bytes leftover after parsing attributes in process `'.
[  122.561146][ T8657] smc: net device ip6gretap0 applied user defined pnetid SYZ2
[  122.586567][ T8657] smc: net device ip6gretap0 erased user defined pnetid SYZ2
[  122.687677][ T8666] smc: net device ip6gretap0 applied user defined pnetid SYZ2
[  122.716439][ T8666] FAULT_INJECTION: forcing a failure.
[  122.716439][ T8666] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  122.729737][ T8666] CPU: 1 UID: 0 PID: 8666 Comm: syz.0.1789 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  122.729765][ T8666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  122.729778][ T8666] Call Trace:
[  122.729786][ T8666]  <TASK>
[  122.729796][ T8666]  __dump_stack+0x1d/0x30
[  122.729828][ T8666]  dump_stack_lvl+0x95/0xd0
[  122.729853][ T8666]  dump_stack+0x15/0x1b
[  122.729952][ T8666]  should_fail_ex+0x265/0x280
[  122.729981][ T8666]  should_fail+0xb/0x20
[  122.730003][ T8666]  should_fail_usercopy+0x1a/0x20
[  122.730026][ T8666]  _copy_from_user+0x1c/0xb0
[  122.730054][ T8666]  ___sys_sendmsg+0xc1/0x1d0
[  122.730151][ T8666]  __x64_sys_sendmsg+0xd4/0x160
[  122.730187][ T8666]  x64_sys_call+0x17ba/0x3000
[  122.730255][ T8666]  do_syscall_64+0xca/0x2b0
[  122.730285][ T8666]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.730307][ T8666] RIP: 0033:0x7ffbfcf2f749
[  122.730334][ T8666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.730373][ T8666] RSP: 002b:00007ffbfb997038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  122.730393][ T8666] RAX: ffffffffffffffda RBX: 00007ffbfd185fa0 RCX: 00007ffbfcf2f749
[  122.730409][ T8666] RDX: 0000000000000800 RSI: 0000200000001a80 RDI: 0000000000000005
[  122.730423][ T8666] RBP: 00007ffbfb997090 R08: 0000000000000000 R09: 0000000000000000
[  122.730435][ T8666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  122.730446][ T8666] R13: 00007ffbfd186038 R14: 00007ffbfd185fa0 R15: 00007fff263d3248
[  122.730472][ T8666]  </TASK>
[  122.891585][ T8670] FAULT_INJECTION: forcing a failure.
[  122.891585][ T8670] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  122.904898][ T8670] CPU: 0 UID: 0 PID: 8670 Comm: syz.1.1793 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  122.904974][ T8670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  122.905007][ T8670] Call Trace:
[  122.905015][ T8670]  <TASK>
[  122.905022][ T8670]  __dump_stack+0x1d/0x30
[  122.905104][ T8670]  dump_stack_lvl+0x95/0xd0
[  122.905127][ T8670]  dump_stack+0x15/0x1b
[  122.905151][ T8670]  should_fail_ex+0x265/0x280
[  122.905178][ T8670]  should_fail+0xb/0x20
[  122.905200][ T8670]  should_fail_usercopy+0x1a/0x20
[  122.905275][ T8670]  _copy_to_user+0x20/0xa0
[  122.905304][ T8670]  finalize_log+0xa1/0x100
[  122.905328][ T8670]  btf_new_fd+0x50a/0x790
[  122.905375][ T8670]  bpf_btf_load+0x112/0x130
[  122.905397][ T8670]  __sys_bpf+0x357/0x7c0
[  122.905425][ T8670]  __x64_sys_bpf+0x41/0x50
[  122.905462][ T8670]  x64_sys_call+0x28e1/0x3000
[  122.905548][ T8670]  do_syscall_64+0xca/0x2b0
[  122.905586][ T8670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.905612][ T8670] RIP: 0033:0x7f16e131f749
[  122.905628][ T8670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.905696][ T8670] RSP: 002b:00007f16dfd7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  122.905718][ T8670] RAX: ffffffffffffffda RBX: 00007f16e1575fa0 RCX: 00007f16e131f749
[  122.905731][ T8670] RDX: 0000000000000028 RSI: 0000200000000040 RDI: 0000000000000012
[  122.905827][ T8670] RBP: 00007f16dfd7f090 R08: 0000000000000000 R09: 0000000000000000
[  122.905840][ T8670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  122.905852][ T8670] R13: 00007f16e1576038 R14: 00007f16e1575fa0 R15: 00007ffd97137788
[  122.905871][ T8670]  </TASK>
[  122.947069][ T8664] loop2: detected capacity change from 0 to 4096
[  123.091721][ T8664] EXT4-fs: dax option not supported
[  123.185323][ T8683] FAULT_INJECTION: forcing a failure.
[  123.185323][ T8683] name failslab, interval 1, probability 0, space 0, times 0
[  123.198285][ T8683] CPU: 0 UID: 0 PID: 8683 Comm: syz.4.1799 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  123.198320][ T8683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  123.198338][ T8683] Call Trace:
[  123.198346][ T8683]  <TASK>
[  123.198354][ T8683]  __dump_stack+0x1d/0x30
[  123.198381][ T8683]  dump_stack_lvl+0x95/0xd0
[  123.198412][ T8683]  dump_stack+0x15/0x1b
[  123.198435][ T8683]  should_fail_ex+0x265/0x280
[  123.198512][ T8683]  should_failslab+0x8c/0xb0
[  123.198538][ T8683]  kmem_cache_alloc_noprof+0x69/0x4b0
[  123.198703][ T8683]  ? dst_alloc+0xbd/0x100
[  123.198728][ T8683]  dst_alloc+0xbd/0x100
[  123.198779][ T8683]  ip_route_input_rcu+0x15a6/0x1b10
[  123.198852][ T8683]  ip_route_input_noref+0x5f/0x90
[  123.198884][ T8683]  ip_rcv_finish_core+0x315/0xb60
[  123.198944][ T8683]  ? iptable_mangle_hook+0x119/0x260
[  123.198971][ T8683]  ip_rcv_finish+0x100/0x1c0
[  123.198993][ T8683]  ip_rcv+0x62/0x140
[  123.199014][ T8683]  ? __pfx_ip_rcv_finish+0x10/0x10
[  123.199056][ T8683]  ? __pfx_ip_rcv+0x10/0x10
[  123.199071][ T8683]  __netif_receive_skb+0xff/0x270
[  123.199101][ T8683]  ? tun_rx_batched+0xc7/0x430
[  123.199122][ T8683]  netif_receive_skb+0x4b/0x2e0
[  123.199225][ T8683]  ? should_failslab+0x8c/0xb0
[  123.199257][ T8683]  ? tun_rx_batched+0xc7/0x430
[  123.199277][ T8683]  tun_rx_batched+0xfc/0x430
[  123.199296][ T8683]  ? eth_type_trans+0x215/0x3d0
[  123.199393][ T8683]  tun_get_user+0x1ed0/0x2670
[  123.199422][ T8683]  ? ref_tracker_alloc+0x1f2/0x2f0
[  123.199454][ T8683]  tun_chr_write_iter+0x15e/0x210
[  123.199544][ T8683]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  123.199626][ T8683]  vfs_write+0x52a/0x960
[  123.199660][ T8683]  ksys_write+0xda/0x1a0
[  123.199684][ T8683]  __x64_sys_write+0x40/0x50
[  123.199708][ T8683]  x64_sys_call+0x2847/0x3000
[  123.199743][ T8683]  do_syscall_64+0xca/0x2b0
[  123.199800][ T8683]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.199827][ T8683] RIP: 0033:0x7f7581aee1ff
[  123.199846][ T8683] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  123.199865][ T8683] RSP: 002b:00007f7580557000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  123.199942][ T8683] RAX: ffffffffffffffda RBX: 00007f7581d45fa0 RCX: 00007f7581aee1ff
[  123.199955][ T8683] RDX: 000000000000003f RSI: 0000200000000400 RDI: 00000000000000c8
[  123.199966][ T8683] RBP: 00007f7580557090 R08: 0000000000000000 R09: 0000000000000000
[  123.199979][ T8683] R10: 000000000000003f R11: 0000000000000293 R12: 0000000000000001
[  123.200042][ T8683] R13: 00007f7581d46038 R14: 00007f7581d45fa0 R15: 00007fffcba1e9d8
[  123.200064][ T8683]  </TASK>
[  123.520524][ T8688] loop1: detected capacity change from 0 to 8192
[  123.712982][ T8701] loop4: detected capacity change from 0 to 512
[  123.764348][ T8705] lo speed is unknown, defaulting to 1000
[  123.766555][ T8701] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.770140][ T8705] lo speed is unknown, defaulting to 1000
[  123.770392][ T8705] lo speed is unknown, defaulting to 1000
[  123.794699][ T8705] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  123.802352][ T8705] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  123.804748][ T8701] ext4 filesystem being mounted at /371/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  123.824404][ T8705] lo speed is unknown, defaulting to 1000
[  123.841454][ T8705] lo speed is unknown, defaulting to 1000
[  123.864751][ T8705] lo speed is unknown, defaulting to 1000
[  123.887195][ T8705] lo speed is unknown, defaulting to 1000
[  123.893366][ T8701] sctp: [Deprecated]: syz.4.1806 (pid 8701) Use of struct sctp_assoc_value in delayed_ack socket option.
[  123.893366][ T8701] Use struct sctp_sack_info instead
[  123.923901][ T8707] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  123.932722][ T8707] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  123.946924][ T8705] lo speed is unknown, defaulting to 1000
[  123.963624][ T8710] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #2: comm syz.4.1806: corrupted inode contents
[  123.987178][ T8707] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4215: comm syz.1.1807: Allocating blocks 41-42 which overlap fs metadata
[  123.992377][ T8714] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1808'.
[  124.012801][ T8710] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #2: comm syz.4.1806: mark_inode_dirty error
[  124.023993][ T8707] EXT4-fs error (device loop1): ext4_acquire_dquot:6986: comm syz.1.1807: Failed to acquire dquot type 1
[  124.036073][ T8710] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #2: comm syz.4.1806: corrupted inode contents
[  124.058611][ T8707] EXT4-fs error (device loop1): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  124.073586][ T8710] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.1806: mark_inode_dirty error
[  124.085810][ T8707] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.1807: corrupted inode contents
[  124.098177][ T8707] EXT4-fs error (device loop1): ext4_dirty_inode:6502: inode #12: comm syz.1.1807: mark_inode_dirty error
[  124.109902][ T8707] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.1807: corrupted inode contents
[  124.127913][ T8707] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #12: comm syz.1.1807: mark_inode_dirty error
[  124.146595][ T8707] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.1807: corrupted inode contents
[  124.169719][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.188120][ T8707] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[  124.192969][ T8720] EXT4-fs: inline encryption not supported
[  124.206785][ T8707] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.1807: corrupted inode contents
[  124.219613][ T8707] EXT4-fs error (device loop1): ext4_truncate:4635: inode #12: comm syz.1.1807: mark_inode_dirty error
[  124.240328][ T8720] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  124.267271][ T8707] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem
[  124.277881][ T8707] EXT4-fs (loop1): 1 truncate cleaned up
[  124.284208][ T8707] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  124.284749][ T8720] EXT4-fs error (device loop3): mb_free_blocks:2037: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  124.298226][ T8709] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1807'.
[  124.311860][ T8720] EXT4-fs (loop3): Remounting filesystem read-only
[  124.369205][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.380211][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.394396][ T8732] EXT4-fs: inline encryption not supported
[  124.410150][ T8734] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  124.425225][ T8734] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  124.443508][ T8734] Symlink component flag not implemented
[  124.449334][ T8734] Symlink component flag not implemented
[  124.458190][ T8732] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  124.496040][ T8745] netlink: 8 bytes leftover after parsing attributes in process `'.
[  124.504492][ T8734] Symlink component flag not implemented (7)
[  124.510689][ T8734] Symlink component flag not implemented (116)
[  124.516557][ T8747] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1819'.
[  124.528807][ T8745] netlink: 8 bytes leftover after parsing attributes in process `'.
[  124.537677][ T8745] netlink: 8 bytes leftover after parsing attributes in process `'.
[  124.538191][ T8732] EXT4-fs error (device loop2): mb_free_blocks:2037: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  124.561024][ T8732] EXT4-fs (loop2): Remounting filesystem read-only
[  124.615912][ T8732] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.941684][ T8778] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  125.089779][ T1038] lo speed is unknown, defaulting to 1000
[  125.135466][ T8786] tipc: Started in network mode
[  125.140389][ T8786] tipc: Node identity ac14142f, cluster identity 4711
[  125.147386][ T8786] tipc: New replicast peer: 0.0.0.0
[  125.152765][ T8786] tipc: Enabled bearer <udp:syz2>, priority 10
[  125.163939][ T8786] set_capacity_and_notify: 5 callbacks suppressed
[  125.163974][ T8786] loop3: detected capacity change from 0 to 1024
[  125.177045][ T8786] EXT4-fs: Ignoring removed oldalloc option
[  125.183466][ T8786] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  125.192400][ T8786] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  125.203889][ T8786] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  125.211872][ T8786] EXT4-fs (loop3): orphan cleanup on readonly fs
[  125.218518][ T8786] EXT4-fs error (device loop3): ext4_free_blocks:6728: comm syz.3.1837: Freeing blocks not in datazone - block = 0, count = 4096
[  125.232305][ T8786] EXT4-fs (loop3): Remounting filesystem read-only
[  125.238877][ T8786] EXT4-fs (loop3): 1 orphan inode deleted
[  125.245049][ T8786] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  125.268408][ T8786] syz.3.1837 (8786) used greatest stack depth: 9392 bytes left
[  125.280552][ T8789] FAULT_INJECTION: forcing a failure.
[  125.280552][ T8789] name failslab, interval 1, probability 0, space 0, times 0
[  125.293402][ T8789] CPU: 1 UID: 0 PID: 8789 Comm: syz.4.1838 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  125.293447][ T8789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  125.293459][ T8789] Call Trace:
[  125.293464][ T8789]  <TASK>
[  125.293469][ T8789]  __dump_stack+0x1d/0x30
[  125.293565][ T8789]  dump_stack_lvl+0x95/0xd0
[  125.293580][ T8789]  dump_stack+0x15/0x1b
[  125.293593][ T8789]  should_fail_ex+0x265/0x280
[  125.293667][ T8789]  should_failslab+0x8c/0xb0
[  125.293682][ T8789]  kmem_cache_alloc_noprof+0x69/0x4b0
[  125.293697][ T8789]  ? audit_log_start+0x342/0x720
[  125.293712][ T8789]  audit_log_start+0x342/0x720
[  125.293726][ T8789]  ? kstrtouint+0x76/0xc0
[  125.293811][ T8789]  audit_seccomp+0x48/0x100
[  125.293831][ T8789]  ? __seccomp_filter+0x832/0x1260
[  125.293849][ T8789]  __seccomp_filter+0x843/0x1260
[  125.293868][ T8789]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  125.293941][ T8789]  ? vfs_write+0x7e8/0x960
[  125.293953][ T8789]  ? __rcu_read_unlock+0x4f/0x70
[  125.293967][ T8789]  ? __fget_files+0x184/0x1c0
[  125.294052][ T8789]  __secure_computing+0x82/0x150
[  125.294104][ T8789]  syscall_trace_enter+0xcf/0x1e0
[  125.294120][ T8789]  do_syscall_64+0xa4/0x2b0
[  125.294222][ T8789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.294244][ T8789] RIP: 0033:0x7f7581aef749
[  125.294256][ T8789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.294367][ T8789] RSP: 002b:00007f7580557038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c6
[  125.294387][ T8789] RAX: ffffffffffffffda RBX: 00007f7581d45fa0 RCX: 00007f7581aef749
[  125.294399][ T8789] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  125.294411][ T8789] RBP: 00007f7580557090 R08: 0000000000000000 R09: 0000000000000000
[  125.294423][ T8789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  125.294477][ T8789] R13: 00007f7581d46038 R14: 00007f7581d45fa0 R15: 00007fffcba1e9d8
[  125.294497][ T8789]  </TASK>
[  125.295545][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.357507][ T8791] siw: device registration error -23
[  125.564519][ T8799] FAULT_INJECTION: forcing a failure.
[  125.564519][ T8799] name failslab, interval 1, probability 0, space 0, times 0
[  125.577300][ T8799] CPU: 0 UID: 0 PID: 8799 Comm: syz.3.1843 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  125.577384][ T8799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  125.577397][ T8799] Call Trace:
[  125.577527][ T8799]  <TASK>
[  125.577537][ T8799]  __dump_stack+0x1d/0x30
[  125.577566][ T8799]  dump_stack_lvl+0x95/0xd0
[  125.577591][ T8799]  dump_stack+0x15/0x1b
[  125.577614][ T8799]  should_fail_ex+0x265/0x280
[  125.577708][ T8799]  should_failslab+0x8c/0xb0
[  125.577733][ T8799]  __kvmalloc_node_noprof+0x149/0x6b0
[  125.577756][ T8799]  ? xt_alloc_table_info+0x40/0x80
[  125.577848][ T8799]  ? should_fail_ex+0xdb/0x280
[  125.577869][ T8799]  xt_alloc_table_info+0x40/0x80
[  125.577943][ T8799]  do_ipt_set_ctl+0x59c/0x820
[  125.577967][ T8799]  ? _raw_spin_unlock_bh+0x36/0x40
[  125.577994][ T8799]  ? tcp_release_cb+0xf1/0x370
[  125.578028][ T8799]  nf_setsockopt+0x199/0x1b0
[  125.578105][ T8799]  ip_setsockopt+0x102/0x110
[  125.578141][ T8799]  tcp_setsockopt+0x98/0xb0
[  125.578221][ T8799]  sock_common_setsockopt+0x69/0x80
[  125.578246][ T8799]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  125.578290][ T8799]  __sys_setsockopt+0x184/0x200
[  125.578315][ T8799]  __x64_sys_setsockopt+0x64/0x80
[  125.578383][ T8799]  x64_sys_call+0x21d5/0x3000
[  125.578439][ T8799]  do_syscall_64+0xca/0x2b0
[  125.578479][ T8799]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.578505][ T8799] RIP: 0033:0x7fd3a5daf749
[  125.578530][ T8799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.578547][ T8799] RSP: 002b:00007fd3a4817038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  125.578608][ T8799] RAX: ffffffffffffffda RBX: 00007fd3a6005fa0 RCX: 00007fd3a5daf749
[  125.578623][ T8799] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003
[  125.578635][ T8799] RBP: 00007fd3a4817090 R08: 0000000000000500 R09: 0000000000000000
[  125.578651][ T8799] R10: 0000200000000580 R11: 0000000000000246 R12: 0000000000000001
[  125.578665][ T8799] R13: 00007fd3a6006038 R14: 00007fd3a6005fa0 R15: 00007ffca3fee408
[  125.578698][ T8799]  </TASK>
[  125.600355][ T8797] lo speed is unknown, defaulting to 1000
[  125.646255][ T8802] loop3: detected capacity change from 0 to 128
[  125.784200][ T8804] loop2: detected capacity change from 0 to 8192
[  126.104697][ T8817] lo speed is unknown, defaulting to 1000
[  126.110858][ T8821] siw: device registration error -23
[  126.153316][ T8815] syz.3.1845: attempt to access beyond end of device
[  126.153316][ T8815] loop3: rw=2049, sector=138, nr_sectors = 2 limit=128
[  126.187540][ T1038] tipc: Node number set to 2886997039
[  126.217976][ T8826] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0
[  126.321789][ T8833] team0 (unregistering): Port device team_slave_0 removed
[  126.342508][ T8833] team0 (unregistering): Port device team_slave_1 removed
[  126.783659][   T29] kauditd_printk_skb: 660 callbacks suppressed
[  126.783675][   T29] audit: type=1326 audit(1767288780.824:11092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8846 comm="syz.1.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e131f749 code=0x7ffc0000
[  126.814270][   T29] audit: type=1326 audit(1767288780.854:11093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8846 comm="syz.1.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f16e131f749 code=0x7ffc0000
[  126.838106][   T29] audit: type=1326 audit(1767288780.854:11094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8846 comm="syz.1.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e131f749 code=0x7ffc0000
[  126.861720][   T29] audit: type=1326 audit(1767288780.854:11095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8846 comm="syz.1.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e131f749 code=0x7ffc0000
[  126.885351][   T29] audit: type=1326 audit(1767288780.854:11096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8846 comm="syz.1.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e131f749 code=0x7ffc0000
[  126.908867][   T29] audit: type=1326 audit(1767288780.854:11097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8846 comm="syz.1.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e131f749 code=0x7ffc0000
[  126.932564][   T29] audit: type=1326 audit(1767288780.854:11099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8846 comm="syz.1.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f16e131f749 code=0x7ffc0000
[  126.956554][   T29] audit: type=1326 audit(1767288780.854:11098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8846 comm="syz.1.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e131f749 code=0x7ffc0000
[  127.002582][   T29] audit: type=1326 audit(1767288780.854:11100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8846 comm="syz.1.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e131f749 code=0x7ffc0000
[  127.026246][   T29] audit: type=1326 audit(1767288780.854:11101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8846 comm="syz.1.1861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e131f749 code=0x7ffc0000
[  127.051638][ T8850] FAULT_INJECTION: forcing a failure.
[  127.051638][ T8850] name failslab, interval 1, probability 0, space 0, times 0
[  127.064310][ T8850] CPU: 0 UID: 0 PID: 8850 Comm: syz.3.1862 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  127.064377][ T8850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  127.064392][ T8850] Call Trace:
[  127.064400][ T8850]  <TASK>
[  127.064407][ T8850]  __dump_stack+0x1d/0x30
[  127.064435][ T8850]  dump_stack_lvl+0x95/0xd0
[  127.064460][ T8850]  dump_stack+0x15/0x1b
[  127.064549][ T8850]  should_fail_ex+0x265/0x280
[  127.064622][ T8850]  should_failslab+0x8c/0xb0
[  127.064648][ T8850]  kmem_cache_alloc_noprof+0x69/0x4b0
[  127.064671][ T8850]  ? audit_log_start+0x342/0x720
[  127.064726][ T8850]  audit_log_start+0x342/0x720
[  127.064750][ T8850]  ? kstrtouint+0x76/0xc0
[  127.064770][ T8850]  audit_seccomp+0x48/0x100
[  127.064866][ T8850]  ? __seccomp_filter+0x832/0x1260
[  127.064954][ T8850]  __seccomp_filter+0x843/0x1260
[  127.065048][ T8850]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  127.065099][ T8850]  ? vfs_write+0x7e8/0x960
[  127.065186][ T8850]  ? __rcu_read_unlock+0x4f/0x70
[  127.065256][ T8850]  ? __fget_files+0x184/0x1c0
[  127.065286][ T8850]  __secure_computing+0x82/0x150
[  127.065316][ T8850]  syscall_trace_enter+0xcf/0x1e0
[  127.065338][ T8850]  do_syscall_64+0xa4/0x2b0
[  127.065488][ T8850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.065514][ T8850] RIP: 0033:0x7fd3a5daf749
[  127.065531][ T8850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.065548][ T8850] RSP: 002b:00007fd3a4817038 EFLAGS: 00000246 ORIG_RAX: 00000000000000cf
[  127.065568][ T8850] RAX: ffffffffffffffda RBX: 00007fd3a6005fa0 RCX: 00007fd3a5daf749
[  127.065580][ T8850] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  127.065602][ T8850] RBP: 00007fd3a4817090 R08: 0000000000000000 R09: 0000000000000000
[  127.065617][ T8850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.065632][ T8850] R13: 00007fd3a6006038 R14: 00007fd3a6005fa0 R15: 00007ffca3fee408
[  127.065688][ T8850]  </TASK>
[  127.322770][ T8854] siw: device registration error -23
[  127.432352][ T8864] loop2: detected capacity change from 0 to 1024
[  127.439208][ T8864] EXT4-fs: Ignoring removed orlov option
[  127.465755][ T8864] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.493073][ T8865] lo speed is unknown, defaulting to 1000
[  127.562956][ T8864] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  127.578668][ T8864] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  128.096804][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.141550][ T8884] syzkaller0: entered promiscuous mode
[  128.147145][ T8884] syzkaller0: entered allmulticast mode
[  128.159931][ T8886] FAULT_INJECTION: forcing a failure.
[  128.159931][ T8886] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  128.173247][ T8886] CPU: 1 UID: 0 PID: 8886 Comm: syz.0.1877 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  128.173278][ T8886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  128.173329][ T8886] Call Trace:
[  128.173334][ T8886]  <TASK>
[  128.173339][ T8886]  __dump_stack+0x1d/0x30
[  128.173366][ T8886]  dump_stack_lvl+0x95/0xd0
[  128.173389][ T8886]  dump_stack+0x15/0x1b
[  128.173410][ T8886]  should_fail_ex+0x265/0x280
[  128.173466][ T8886]  should_fail+0xb/0x20
[  128.173481][ T8886]  should_fail_usercopy+0x1a/0x20
[  128.173497][ T8886]  _copy_from_user+0x1c/0xb0
[  128.173526][ T8886]  __copy_msghdr+0x244/0x300
[  128.173555][ T8886]  ___sys_sendmsg+0x109/0x1d0
[  128.173653][ T8886]  __x64_sys_sendmsg+0xd4/0x160
[  128.173687][ T8886]  x64_sys_call+0x17ba/0x3000
[  128.173712][ T8886]  do_syscall_64+0xca/0x2b0
[  128.173776][ T8886]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.173801][ T8886] RIP: 0033:0x7ffbfcf2f749
[  128.173819][ T8886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.173839][ T8886] RSP: 002b:00007ffbfb997038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  128.173882][ T8886] RAX: ffffffffffffffda RBX: 00007ffbfd185fa0 RCX: 00007ffbfcf2f749
[  128.173898][ T8886] RDX: 00000000040048d0 RSI: 00002000000000c0 RDI: 0000000000000003
[  128.173913][ T8886] RBP: 00007ffbfb997090 R08: 0000000000000000 R09: 0000000000000000
[  128.173927][ T8886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  128.173942][ T8886] R13: 00007ffbfd186038 R14: 00007ffbfd185fa0 R15: 00007fff263d3248
[  128.173958][ T8886]  </TASK>
[  128.451558][ T8902] loop2: detected capacity change from 0 to 128
[  128.578157][ T8915] FAULT_INJECTION: forcing a failure.
[  128.578157][ T8915] name failslab, interval 1, probability 0, space 0, times 0
[  128.590939][ T8915] CPU: 1 UID: 0 PID: 8915 Comm: syz.0.1889 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  128.590969][ T8915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  128.590985][ T8915] Call Trace:
[  128.590992][ T8915]  <TASK>
[  128.591002][ T8915]  __dump_stack+0x1d/0x30
[  128.591087][ T8915]  dump_stack_lvl+0x95/0xd0
[  128.591108][ T8915]  dump_stack+0x15/0x1b
[  128.591127][ T8915]  should_fail_ex+0x265/0x280
[  128.591150][ T8915]  should_failslab+0x8c/0xb0
[  128.591173][ T8915]  __kmalloc_cache_node_noprof+0x6a/0x4d0
[  128.591400][ T8915]  ? __get_vm_area_node+0x106/0x1d0
[  128.591428][ T8915]  __get_vm_area_node+0x106/0x1d0
[  128.591454][ T8915]  __vmalloc_node_range_noprof+0x28e/0x1310
[  128.591490][ T8915]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  128.591517][ T8915]  ? __rcu_read_unlock+0x4f/0x70
[  128.591624][ T8915]  ? avc_has_perm_noaudit+0xab/0x130
[  128.591653][ T8915]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  128.591676][ T8915]  __vmalloc_noprof+0xa4/0xf0
[  128.591704][ T8915]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  128.591804][ T8915]  bpf_prog_alloc_no_stats+0x47/0x390
[  128.591824][ T8915]  ? bpf_prog_alloc+0x2a/0x150
[  128.591842][ T8915]  bpf_prog_alloc+0x3c/0x150
[  128.591938][ T8915]  bpf_prog_load+0x506/0x1140
[  128.591972][ T8915]  ? security_bpf+0x2b/0x90
[  128.592002][ T8915]  __sys_bpf+0x469/0x7c0
[  128.592070][ T8915]  __x64_sys_bpf+0x41/0x50
[  128.592108][ T8915]  x64_sys_call+0x28e1/0x3000
[  128.592134][ T8915]  do_syscall_64+0xca/0x2b0
[  128.592230][ T8915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.592277][ T8915] RIP: 0033:0x7ffbfcf2f749
[  128.592298][ T8915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.592318][ T8915] RSP: 002b:00007ffbfb997038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  128.592340][ T8915] RAX: ffffffffffffffda RBX: 00007ffbfd185fa0 RCX: 00007ffbfcf2f749
[  128.592352][ T8915] RDX: 0000000000000094 RSI: 0000200000000840 RDI: 0000000000000005
[  128.592365][ T8915] RBP: 00007ffbfb997090 R08: 0000000000000000 R09: 0000000000000000
[  128.592376][ T8915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  128.592458][ T8915] R13: 00007ffbfd186038 R14: 00007ffbfd185fa0 R15: 00007fff263d3248
[  128.592480][ T8915]  </TASK>
[  128.818071][ T8915] syz.0.1889: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0
[  128.834697][ T8915] CPU: 1 UID: 0 PID: 8915 Comm: syz.0.1889 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  128.834739][ T8915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  128.834751][ T8915] Call Trace:
[  128.834758][ T8915]  <TASK>
[  128.834766][ T8915]  __dump_stack+0x1d/0x30
[  128.834791][ T8915]  dump_stack_lvl+0x95/0xd0
[  128.834942][ T8915]  dump_stack+0x15/0x1b
[  128.834961][ T8915]  warn_alloc+0x12b/0x1a0
[  128.835129][ T8915]  __vmalloc_node_range_noprof+0x2b3/0x1310
[  128.835227][ T8915]  ? __rcu_read_unlock+0x4f/0x70
[  128.835296][ T8915]  ? avc_has_perm_noaudit+0xab/0x130
[  128.835322][ T8915]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  128.835342][ T8915]  __vmalloc_noprof+0xa4/0xf0
[  128.835444][ T8915]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  128.835465][ T8915]  bpf_prog_alloc_no_stats+0x47/0x390
[  128.835484][ T8915]  ? bpf_prog_alloc+0x2a/0x150
[  128.835638][ T8915]  bpf_prog_alloc+0x3c/0x150
[  128.835657][ T8915]  bpf_prog_load+0x506/0x1140
[  128.835739][ T8915]  ? security_bpf+0x2b/0x90
[  128.835772][ T8915]  __sys_bpf+0x469/0x7c0
[  128.835856][ T8915]  __x64_sys_bpf+0x41/0x50
[  128.835884][ T8915]  x64_sys_call+0x28e1/0x3000
[  128.835908][ T8915]  do_syscall_64+0xca/0x2b0
[  128.835945][ T8915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.836002][ T8915] RIP: 0033:0x7ffbfcf2f749
[  128.836018][ T8915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.836082][ T8915] RSP: 002b:00007ffbfb997038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  128.836101][ T8915] RAX: ffffffffffffffda RBX: 00007ffbfd185fa0 RCX: 00007ffbfcf2f749
[  128.836114][ T8915] RDX: 0000000000000094 RSI: 0000200000000840 RDI: 0000000000000005
[  128.836127][ T8915] RBP: 00007ffbfb997090 R08: 0000000000000000 R09: 0000000000000000
[  128.836141][ T8915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  128.836230][ T8915] R13: 00007ffbfd186038 R14: 00007ffbfd185fa0 R15: 00007fff263d3248
[  128.836321][ T8915]  </TASK>
[  128.836425][ T8915] Mem-Info:
[  129.034675][ T8920] syz.2.1885: attempt to access beyond end of device
[  129.034675][ T8920] loop2: rw=2049, sector=138, nr_sectors = 2 limit=128
[  129.037433][ T8915] active_anon:9077 inactive_anon:0 isolated_anon:0
[  129.037433][ T8915]  active_file:9541 inactive_file:2295 isolated_file:0
[  129.037433][ T8915]  unevictable:0 dirty:606 writeback:0
[  129.037433][ T8915]  slab_reclaimable:3281 slab_unreclaimable:15980
[  129.037433][ T8915]  mapped:32723 shmem:3036 pagetables:1142
[  129.037433][ T8915]  sec_pagetables:0 bounce:0
[  129.037433][ T8915]  kernel_misc_reclaimable:0
[  129.037433][ T8915]  free:1897208 free_pcp:7700 free_cma:0
[  129.057281][ T8926] loop1: detected capacity change from 0 to 128
[  129.099234][ T8915] Node 0 active_anon:36424kB inactive_anon:0kB active_file:38164kB inactive_file:9180kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:130892kB dirty:2424kB writeback:0kB shmem:12260kB kernel_stack:3776kB pagetables:4684kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  129.132852][ T8915] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  129.162890][ T8915] lowmem_reserve[]: 0 2880 7859 7859
[  129.168268][ T8915] Node 0 DMA32 free:2945988kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2949516kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:0kB free_cma:0kB
[  129.199526][ T8915] lowmem_reserve[]: 0 0 4978 4978
[  129.205114][ T8915] Node 0 Normal free:4619712kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:41760kB inactive_anon:0kB active_file:38164kB inactive_file:9180kB unevictable:0kB writepending:2424kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:29400kB local_pcp:18676kB free_cma:0kB
[  129.238532][ T8915] lowmem_reserve[]: 0 0 0 0
[  129.243268][ T8915] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  129.256108][ T8915] Node 0 DMA32: 3*4kB (M) 3*8kB (M) 4*16kB (M) 3*32kB (M) 4*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 716*4096kB (M) = 2945988kB
[  129.272508][ T8915] Node 0 Normal: 1*4kB (M) 226*8kB (UM) 33*16kB (UME) 67*32kB (UM) 90*64kB (UME) 45*128kB (UM) 5*256kB (U) 5*512kB (UE) 2*1024kB (UE) 1*2048kB (M) 1121*4096kB (UM) = 4615556kB
[  129.290226][ T8915] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  129.299669][ T8915] 17402 total pagecache pages
[  129.304593][ T8915] 0 pages in swap cache
[  129.308753][ T8915] Free swap  = 124996kB
[  129.312989][ T8915] Total swap = 124996kB
[  129.315290][ T8924] syz.1.1890: attempt to access beyond end of device
[  129.315290][ T8924] loop1: rw=2049, sector=138, nr_sectors = 2 limit=128
[  129.317208][ T8915] 2097051 pages RAM
[  129.317218][ T8915] 0 pages HighMem/MovableOnly
[  129.339590][ T8915] 81272 pages reserved
[  129.414507][ T8935] __nla_validate_parse: 8 callbacks suppressed
[  129.414579][ T8935] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1895'.
[  129.546587][ T8942] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1898'.
[  129.556152][ T8942] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1898'.
[  129.635387][ T8947] loop3: detected capacity change from 0 to 512
[  129.649696][ T8947] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  129.679230][ T8947] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.1900: bad orphan inode 131083
[  129.698360][ T8947] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.715531][ T8947] EXT4-fs error (device loop3): ext4_find_dest_de:2050: inode #12: block 7: comm wÞ£ÿ: bad entry in directory: directory entry overrun - offset=16, inode=1560281102, rec_len=1024, size=56 fake=0
[  129.769806][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.858380][ T8936] tipc: Started in network mode
[  129.863406][ T8936] tipc: Node identity ac14140f, cluster identity 4711
[  129.870427][ T8936] tipc: New replicast peer: 255.255.255.255
[  129.876690][ T8936] tipc: Enabled bearer <udp:syz2>, priority 10
[  129.891839][ T8936] loop4: detected capacity change from 0 to 512
[  129.936636][ T8936] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  129.962756][ T8936] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #13: comm syz.4.1894: iget: bad i_size value: 12154757448730
[  130.015866][ T8936] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1894: couldn't read orphan inode 13 (err -117)
[  130.066112][ T8936] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.087060][ T8956] lo speed is unknown, defaulting to 1000
[  130.221252][ T8959] net_ratelimit: 10 callbacks suppressed
[  130.221268][ T8959] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 36:ed:9c:5e:40:48
[  130.242222][ T8933] syz.4.1894 (8933) used greatest stack depth: 7448 bytes left
[  130.321326][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.356460][ T8967] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1907'.
[  130.375637][ T8965] syzkaller0: entered promiscuous mode
[  130.381224][ T8965] syzkaller0: entered allmulticast mode
[  130.465699][ T8972] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1909'.
[  130.539853][ T8972] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1909'.
[  130.570963][ T8978] loop0: detected capacity change from 0 to 8192
[  130.622427][ T8972] lo speed is unknown, defaulting to 1000
[  130.747307][ T8992] batman_adv: batadv0: Adding interface: dummy0
[  130.753814][ T8992] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  130.795518][ T8992] batman_adv: batadv0: Interface activated: dummy0
[  130.828491][ T8993] batadv0: mtu less than device minimum
[  130.834884][ T8993] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  130.837771][ T8995] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1918'.
[  130.845975][ T8993] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  130.865172][ T8993] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  130.876146][ T8993] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  130.887188][ T8993] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  130.898262][ T8993] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  130.909346][ T8993] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  130.920274][ T8993] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  130.993112][ T4674] tipc: Node number set to 2886997007
[  131.438207][ T9019] loop1: detected capacity change from 0 to 8192
[  131.443290][ T9023] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1929'.
[  131.683464][ T9027] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1930'.
[  131.702548][ T9027] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1930'.
[  131.864660][   T29] kauditd_printk_skb: 617 callbacks suppressed
[  131.864679][   T29] audit: type=1326 audit(1767288785.904:11717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9030 comm="syz.2.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  131.922082][   T29] audit: type=1326 audit(1767288785.904:11718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9030 comm="syz.2.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  131.945990][   T29] audit: type=1326 audit(1767288785.904:11719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9030 comm="syz.2.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  131.969851][   T29] audit: type=1326 audit(1767288785.904:11720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9030 comm="syz.2.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  131.993664][   T29] audit: type=1326 audit(1767288785.934:11721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9030 comm="syz.2.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  132.017270][   T29] audit: type=1326 audit(1767288785.934:11722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9030 comm="syz.2.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  132.040904][   T29] audit: type=1326 audit(1767288785.954:11723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9030 comm="syz.2.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  132.064497][   T29] audit: type=1326 audit(1767288785.954:11724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9030 comm="syz.2.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  132.088007][   T29] audit: type=1326 audit(1767288785.954:11725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9030 comm="syz.2.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  132.111621][   T29] audit: type=1326 audit(1767288785.954:11726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9030 comm="syz.2.1932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f12a858f749 code=0x7ffc0000
[  132.210371][ T9045] loop4: detected capacity change from 0 to 1024
[  132.233061][ T9050] loop3: detected capacity change from 0 to 128
[  132.254060][ T9045] EXT4-fs: Ignoring removed oldalloc option
[  132.260043][ T9045] EXT4-fs: Ignoring removed bh option
[  132.323585][ T9045] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.431927][ T9031] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  132.472218][ T9058] syz.3.1937: attempt to access beyond end of device
[  132.472218][ T9058] loop3: rw=2049, sector=138, nr_sectors = 2 limit=128
[  132.673083][ T9066] vhci_hcd vhci_hcd.3: invalid port number 0
[  132.725407][ T9065] lo speed is unknown, defaulting to 1000
[  132.924024][ T9071] lo speed is unknown, defaulting to 1000
[  133.281232][ T9093] loop2: detected capacity change from 0 to 512
[  133.302209][ T9093] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  133.320601][ T9087] syzkaller0: entered promiscuous mode
[  133.326215][ T9087] syzkaller0: entered allmulticast mode
[  133.349858][ T9093] EXT4-fs error (device loop2): ext4_orphan_get:1417: comm syz.2.1951: bad orphan inode 131083
[  133.374302][ T9093] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.406439][ T9093] EXT4-fs error (device loop2): ext4_find_dest_de:2050: inode #12: block 7: comm wÞ£ÿ: bad entry in directory: directory entry overrun - offset=16, inode=1560281102, rec_len=1024, size=56 fake=0
[  133.473134][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.505538][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.516195][ T9091] lo speed is unknown, defaulting to 1000
[  133.663015][ T9101] lo speed is unknown, defaulting to 1000
[  133.804319][ T9124] batman_adv: batadv0: Adding interface: dummy0
[  133.810724][ T9124] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  133.837996][ T9124] batman_adv: batadv0: Interface activated: dummy0
[  133.910972][ T9128] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  133.917558][ T9128] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  133.925227][ T9128] vhci_hcd vhci_hcd.0: Device attached
[  133.968561][ T9129] vhci_hcd: connection closed
[  133.968732][ T1577] vhci_hcd vhci_hcd.3: stop threads
[  133.978744][ T1577] vhci_hcd vhci_hcd.3: release socket
[  133.984402][ T1577] vhci_hcd vhci_hcd.3: disconnect device
[  134.225433][ T9138] syzkaller0: entered promiscuous mode
[  134.231002][ T9138] syzkaller0: entered allmulticast mode
[  134.347865][ T9145] batman_adv: batadv0: Interface deactivated: dummy0
[  134.354867][ T9145] batman_adv: batadv0: Removing interface: dummy0
[  134.443554][ T9151] __nla_validate_parse: 3 callbacks suppressed
[  134.443575][ T9151] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1971'.
[  134.515963][ T9160] syzkaller0: entered promiscuous mode
[  134.521501][ T9160] syzkaller0: entered allmulticast mode
[  134.526916][ T9163] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1973'.
[  134.566468][ T9166] loop1: detected capacity change from 0 to 128
[  134.632721][ T9171] batman_adv: batadv0: Interface deactivated: dummy0
[  134.639493][ T9171] batman_adv: batadv0: Removing interface: dummy0
[  134.724900][ T9151] lo speed is unknown, defaulting to 1000
[  134.745879][ T9177] FAULT_INJECTION: forcing a failure.
[  134.745879][ T9177] name failslab, interval 1, probability 0, space 0, times 0
[  134.758586][ T9177] CPU: 1 UID: 0 PID: 9177 Comm: syz.4.1983 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  134.758619][ T9177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  134.758631][ T9177] Call Trace:
[  134.758638][ T9177]  <TASK>
[  134.758646][ T9177]  __dump_stack+0x1d/0x30
[  134.758743][ T9177]  dump_stack_lvl+0x95/0xd0
[  134.758768][ T9177]  dump_stack+0x15/0x1b
[  134.758791][ T9177]  should_fail_ex+0x265/0x280
[  134.758820][ T9177]  should_failslab+0x8c/0xb0
[  134.758895][ T9177]  kmem_cache_alloc_noprof+0x69/0x4b0
[  134.758926][ T9177]  ? dst_alloc+0xbd/0x100
[  134.758950][ T9177]  ? __rcu_read_unlock+0x4f/0x70
[  134.758969][ T9177]  dst_alloc+0xbd/0x100
[  134.759043][ T9177]  ip_route_output_key_hash_rcu+0xf29/0x1380
[  134.759073][ T9177]  ip_route_output_flow+0x65/0x110
[  134.759098][ T9177]  udp_sendmsg+0x11b0/0x13c0
[  134.759129][ T9177]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  134.759222][ T9177]  ? avc_has_perm+0xf7/0x180
[  134.759244][ T9177]  ? __pfx_udp_sendmsg+0x10/0x10
[  134.759266][ T9177]  inet_sendmsg+0xac/0xd0
[  134.759320][ T9177]  __sock_sendmsg+0x102/0x180
[  134.759338][ T9177]  ____sys_sendmsg+0x345/0x4a0
[  134.759405][ T9177]  ___sys_sendmsg+0x17b/0x1d0
[  134.759486][ T9177]  __sys_sendmmsg+0x178/0x300
[  134.759564][ T9177]  __x64_sys_sendmmsg+0x57/0x70
[  134.759598][ T9177]  x64_sys_call+0x1e28/0x3000
[  134.759628][ T9177]  do_syscall_64+0xca/0x2b0
[  134.759770][ T9177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.759796][ T9177] RIP: 0033:0x7f7581aef749
[  134.759847][ T9177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.759864][ T9177] RSP: 002b:00007f7580557038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  134.759884][ T9177] RAX: ffffffffffffffda RBX: 00007f7581d45fa0 RCX: 00007f7581aef749
[  134.759897][ T9177] RDX: 000000000800001d RSI: 0000200000007fc0 RDI: 0000000000000003
[  134.759989][ T9177] RBP: 00007f7580557090 R08: 0000000000000000 R09: 0000000000000000
[  134.760001][ T9177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  134.760013][ T9177] R13: 00007f7581d46038 R14: 00007f7581d45fa0 R15: 00007fffcba1e9d8
[  134.760030][ T9177]  </TASK>
[  134.782264][ T9174] netlink: 'syz.0.1982': attribute type 10 has an invalid length.
[  134.813330][ T9103] IPVS: starting estimator thread 0...
[  134.817366][ T9174] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1982'.
[  134.872776][ T9166] syz.1.1978: attempt to access beyond end of device
[  134.872776][ T9166] loop1: rw=2049, sector=138, nr_sectors = 2 limit=128
[  134.932496][ T9180] IPVS: using max 2304 ests per chain, 115200 per kthread
[  135.092965][ T9190] netlink: 'syz.0.1986': attribute type 10 has an invalid length.
[  135.100856][ T9190] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1986'.
[  135.118575][ T9190] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  135.213853][ T9202] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  135.221295][ T9202] vhci_hcd vhci_hcd.2: invalid port number 96
[  135.227478][ T9202] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  135.321243][ T9212] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1995'.
[  135.364026][ T9210] syzkaller0: entered promiscuous mode
[  135.369658][ T9210] syzkaller0: entered allmulticast mode
[  135.511664][ T9212] lo speed is unknown, defaulting to 1000
[  135.525692][ T9217] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9217 comm=syz.3.1996
[  135.654332][ T9220] loop4: detected capacity change from 0 to 2048
[  135.705254][ T3309]  loop4: p1 < > p3 p4 < >
[  135.720270][ T3309] loop4: p3 start 4284289 is beyond EOD, truncated
[  135.730181][ T9231] FAULT_INJECTION: forcing a failure.
[  135.730181][ T9231] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  135.743477][ T9231] CPU: 0 UID: 0 PID: 9231 Comm: syz.3.2002 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  135.743571][ T9231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  135.743584][ T9231] Call Trace:
[  135.743602][ T9231]  <TASK>
[  135.743622][ T9231]  __dump_stack+0x1d/0x30
[  135.743649][ T9231]  dump_stack_lvl+0x95/0xd0
[  135.743673][ T9231]  dump_stack+0x15/0x1b
[  135.743695][ T9231]  should_fail_ex+0x265/0x280
[  135.743719][ T9231]  should_fail+0xb/0x20
[  135.743766][ T9231]  should_fail_usercopy+0x1a/0x20
[  135.743800][ T9231]  _copy_from_user+0x1c/0xb0
[  135.743834][ T9231]  copy_from_bpfptr+0x5c/0x90
[  135.743858][ T9231]  bpf_prog_load+0x73b/0x1140
[  135.743889][ T9231]  ? security_bpf+0x2b/0x90
[  135.743919][ T9231]  __sys_bpf+0x469/0x7c0
[  135.743964][ T9231]  __x64_sys_bpf+0x41/0x50
[  135.744001][ T9231]  x64_sys_call+0x28e1/0x3000
[  135.744029][ T9231]  do_syscall_64+0xca/0x2b0
[  135.744083][ T9231]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.744108][ T9231] RIP: 0033:0x7fd3a5daf749
[  135.744126][ T9231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.744170][ T9231] RSP: 002b:00007fd3a4817038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  135.744193][ T9231] RAX: ffffffffffffffda RBX: 00007fd3a6005fa0 RCX: 00007fd3a5daf749
[  135.744236][ T9231] RDX: 0000000000000094 RSI: 0000200000000400 RDI: 0000000000000005
[  135.744251][ T9231] RBP: 00007fd3a4817090 R08: 0000000000000000 R09: 0000000000000000
[  135.744265][ T9231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  135.744277][ T9231] R13: 00007fd3a6006038 R14: 00007fd3a6005fa0 R15: 00007ffca3fee408
[  135.744298][ T9231]  </TASK>
[  135.932591][ T9220]  loop4: p1 < > p3 p4 < >
[  135.939511][ T9234] loop0: detected capacity change from 0 to 164
[  135.945517][ T9220] loop4: p3 start 4284289 is beyond EOD, truncated
[  135.973361][ T9234] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  136.034792][ T9234] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  136.058760][ T9234] Symlink component flag not implemented
[  136.064522][ T9234] Symlink component flag not implemented
[  136.078508][ T9234] Symlink component flag not implemented (7)
[  136.084763][ T9234] Symlink component flag not implemented (116)
[  136.096623][ T3309] udevd[3309]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  136.114018][ T3534] udevd[3534]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  136.137126][ T9246] siw: device registration error -23
[  136.176355][ T3534] udevd[3534]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  136.185495][ T9253] loop1: detected capacity change from 0 to 128
[  136.196920][ T3309] udevd[3309]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  136.209476][ T9243] loop2: detected capacity change from 0 to 8192
[  136.400894][ T9261] loop4: detected capacity change from 0 to 8192
[  136.622839][ T9253] syz.1.2009: attempt to access beyond end of device
[  136.622839][ T9253] loop1: rw=2049, sector=138, nr_sectors = 2 limit=128
[  136.916302][ T9284] syzkaller0: entered promiscuous mode
[  136.921791][ T9284] syzkaller0: entered allmulticast mode
[  136.929680][ T9279] lo speed is unknown, defaulting to 1000
[  137.003774][ T9294] loop0: detected capacity change from 0 to 512
[  137.011702][ T9294] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  137.029558][ T9294] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.2022: bad orphan inode 131083
[  137.040707][ T9294] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.056444][ T9294] EXT4-fs error (device loop0): ext4_find_dest_de:2050: inode #12: block 7: comm wÞ£ÿ: bad entry in directory: directory entry overrun - offset=16, inode=1560281102, rec_len=1024, size=56 fake=0
[  137.095420][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.116960][ T9300] siw: device registration error -23
[  137.163525][   T29] kauditd_printk_skb: 622 callbacks suppressed
[  137.163542][   T29] audit: type=1326 audit(1767288791.204:12349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9302 comm="syz.3.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3a5daf749 code=0x7ffc0000
[  137.202897][   T29] audit: type=1326 audit(1767288791.204:12350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9302 comm="syz.3.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3a5daf749 code=0x7ffc0000
[  137.226535][   T29] audit: type=1326 audit(1767288791.204:12351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9302 comm="syz.3.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=221 compat=0 ip=0x7fd3a5daf749 code=0x7ffc0000
[  137.250133][   T29] audit: type=1326 audit(1767288791.204:12352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9302 comm="syz.3.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3a5daf749 code=0x7ffc0000
[  137.402328][ T9298] lo speed is unknown, defaulting to 1000
[  137.437113][ T9323] syzkaller0: entered promiscuous mode
[  137.442722][ T9323] syzkaller0: entered allmulticast mode
[  137.523958][ T9326] loop1: detected capacity change from 0 to 8192
[  137.575191][ T9334] syzkaller0: entered promiscuous mode
[  137.580802][ T9334] syzkaller0: entered allmulticast mode
[  137.641111][ T9336] loop2: detected capacity change from 0 to 8192
[  137.716107][ T9341] loop4: detected capacity change from 0 to 128
[  137.760846][ T9339] lo speed is unknown, defaulting to 1000
[  137.953822][   T29] audit: type=1326 audit(1767288791.994:12353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.0.2044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbfcf2f749 code=0x7ffc0000
[  137.977797][   T29] audit: type=1326 audit(1767288791.994:12354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.0.2044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbfcf2f749 code=0x7ffc0000
[  138.044251][ T9353] FAULT_INJECTION: forcing a failure.
[  138.044251][ T9353] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  138.057676][ T9353] CPU: 1 UID: 0 PID: 9353 Comm: syz.1.2043 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  138.057707][ T9353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  138.057722][ T9353] Call Trace:
[  138.057729][ T9353]  <TASK>
[  138.057781][ T9353]  __dump_stack+0x1d/0x30
[  138.057805][ T9353]  dump_stack_lvl+0x95/0xd0
[  138.057826][ T9353]  dump_stack+0x15/0x1b
[  138.057850][ T9353]  should_fail_ex+0x265/0x280
[  138.057948][ T9353]  should_fail+0xb/0x20
[  138.057966][ T9353]  should_fail_usercopy+0x1a/0x20
[  138.057990][ T9353]  _copy_from_user+0x1c/0xb0
[  138.058079][ T9353]  ___sys_sendmsg+0xc1/0x1d0
[  138.058117][ T9353]  __x64_sys_sendmsg+0xd4/0x160
[  138.058153][ T9353]  x64_sys_call+0x17ba/0x3000
[  138.058200][ T9353]  do_syscall_64+0xca/0x2b0
[  138.058277][ T9353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.058333][ T9353] RIP: 0033:0x7f16e131f749
[  138.058349][ T9353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.058378][ T9353] RSP: 002b:00007f16dfd7f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  138.058402][ T9353] RAX: ffffffffffffffda RBX: 00007f16e1575fa0 RCX: 00007f16e131f749
[  138.058419][ T9353] RDX: 0000000004040000 RSI: 0000200000000100 RDI: 0000000000000004
[  138.058434][ T9353] RBP: 00007f16dfd7f090 R08: 0000000000000000 R09: 0000000000000000
[  138.058530][ T9353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  138.058545][ T9353] R13: 00007f16e1576038 R14: 00007f16e1575fa0 R15: 00007ffd97137788
[  138.058566][ T9353]  </TASK>
[  138.232252][   T29] audit: type=1326 audit(1767288791.994:12355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.0.2044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ffbfcf2f749 code=0x7ffc0000
[  138.255974][   T29] audit: type=1326 audit(1767288792.044:12356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.0.2044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbfcf2f749 code=0x7ffc0000
[  138.279948][   T29] audit: type=1326 audit(1767288792.054:12357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.0.2044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7ffbfcf2f749 code=0x7ffc0000
[  138.303596][   T29] audit: type=1326 audit(1767288792.054:12358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.0.2044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbfcf2f749 code=0x7ffc0000
[  138.348567][ T9364] hub 9-0:1.0: USB hub found
[  138.354297][ T9364] hub 9-0:1.0: 8 ports detected
[  138.398903][ T9362] syz.4.2040: attempt to access beyond end of device
[  138.398903][ T9362] loop4: rw=2049, sector=138, nr_sectors = 2 limit=128
[  138.434718][ T9366] syzkaller0: entered promiscuous mode
[  138.440259][ T9366] syzkaller0: entered allmulticast mode
[  138.448585][ T9360] lo speed is unknown, defaulting to 1000
[  138.448629][ T9371] loop3: detected capacity change from 0 to 128
[  138.638795][ T9375] lo speed is unknown, defaulting to 1000
[  138.683093][ T9377] syz.3.2050: attempt to access beyond end of device
[  138.683093][ T9377] loop3: rw=2049, sector=138, nr_sectors = 2 limit=128
[  138.805216][ T9388] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  138.805788][ T9386] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  138.839699][ T9390] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  138.841813][ T9386] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  138.859082][ T9386] Symlink component flag not implemented
[  138.864966][ T9386] Symlink component flag not implemented
[  138.870047][ T9388] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.2056: bad orphan inode 131083
[  138.872406][ T9386] Symlink component flag not implemented (7)
[  138.887267][ T9386] Symlink component flag not implemented (116)
[  138.891252][ T9390] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.2057: bad orphan inode 131083
[  138.905224][ T9388] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.919089][ T9390] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.931487][ T9388] EXT4-fs error (device loop4): ext4_find_dest_de:2050: inode #12: block 7: comm wÞ£ÿ: bad entry in directory: directory entry overrun - offset=16, inode=1560281102, rec_len=1024, size=56 fake=0
[  138.941723][ T9390] EXT4-fs error (device loop1): ext4_find_dest_de:2050: inode #12: block 7: comm wÞ£ÿ: bad entry in directory: directory entry overrun - offset=16, inode=1560281102, rec_len=1024, size=56 fake=0
[  138.980903][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.000023][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.128694][ T9405] EXT4-fs: dax option not supported
[  139.287206][ T9420] siw: device registration error -23
[  139.353661][ T9422] lo speed is unknown, defaulting to 1000
[  139.487981][ T9427] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  139.506330][ T9427] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.2069: bad orphan inode 131083
[  139.519388][ T9427] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.546054][ T9427] EXT4-fs error (device loop3): ext4_find_dest_de:2050: inode #12: block 7: comm wÞ£ÿ: bad entry in directory: directory entry overrun - offset=16, inode=1560281102, rec_len=1024, size=56 fake=0
[  139.644776][    T2] ==================================================================
[  139.652901][    T2] BUG: KCSAN: data-race in copy_process / free_pid
[  139.659419][    T2] 
[  139.661745][    T2] read-write to 0xffffffff86860008 of 4 bytes by task 3321 on cpu 0:
[  139.669812][    T2]  free_pid+0xb9/0x1d0
[  139.673893][    T2]  free_pids+0x54/0xb0
[  139.678063][    T2]  release_task+0x9a7/0xb60
[  139.682575][    T2]  wait_consider_task+0x114a/0x1660
[  139.687781][    T2]  __do_wait+0xfa/0x510
[  139.691938][    T2]  do_wait+0xb7/0x250
[  139.695930][    T2]  kernel_wait4+0x16b/0x1e0
[  139.700444][    T2]  __x64_sys_wait4+0x91/0x120
[  139.705219][    T2]  x64_sys_call+0x28ec/0x3000
[  139.710142][    T2]  do_syscall_64+0xca/0x2b0
[  139.714658][    T2]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.720554][    T2] 
[  139.722916][    T2] read to 0xffffffff86860008 of 4 bytes by task 2 on cpu 1:
[  139.730198][    T2]  copy_process+0x16d4/0x1ef0
[  139.734883][    T2]  kernel_clone+0x16c/0x5c0
[  139.739477][    T2]  kernel_thread+0xad/0xe0
[  139.743905][    T2]  kthreadd+0x26c/0x340
[  139.748070][    T2]  ret_from_fork+0x149/0x290
[  139.752675][    T2]  ret_from_fork_asm+0x1a/0x30
[  139.757556][    T2] 
[  139.759889][    T2] value changed: 0x800000f0 -> 0x800000ef
[  139.765615][    T2] 
[  139.767953][    T2] Reported by Kernel Concurrency Sanitizer on:
[  139.774118][    T2] CPU: 1 UID: 0 PID: 2 Comm: kthreadd Not tainted syzkaller #0 PREEMPT(voluntary) 
[  139.783411][    T2] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  139.793470][    T2] ==================================================================
[  139.817053][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.