last executing test programs:

5.017927435s ago: executing program 2 (id=843):
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, 0x0, 0x0, 0x0)
io_submit(0x0, 0x0, &(0x7f0000001fc0))
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0xc, 0x0, 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r1, 0x0, 0x0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000002c0)=0x1)
ioctl$TIOCSLCKTRMIOS(r2, 0x8924, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = shmget(0x0, 0x1000, 0xa04, &(0x7f0000ffd000/0x1000)=nil)
ioctl$PTP_PEROUT_REQUEST2(0xffffffffffffffff, 0x40383d0c, &(0x7f00000006c0)={{0x0, 0xf}, {0x2b1, 0x3}, 0x3})
shmctl$IPC_RMID(r3, 0x0)
socket(0x11, 0x3, 0x2)
r4 = gettid()
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="8a25fb8363606a8bc67e0a1cb1d4b1dba8fa9115e212155f7e1d835134a2512a2aaa7e8028849f90cf094ee0241d78e2d48b3934bd56bda1d9392a3713d5d70b8a39b52c484165dd8dd592cfe6b5b97444270aa047d351a8d8f5bb7cb97d00213541446caea6437a229493c1d93fd21ae6152f605e03000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f0000000080)='nfs\x00', 0x0, &(0x7f00000001c0)='\x05\x00\x00\x00\x04\xb0\xfe\x98\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\xc77<r\xe9\x9cD\xb0\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3wA\xf6`>\x8b')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000140)='kmem_cache_free\x00', r5, 0x0, 0x3}, 0x18)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x800)
timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000880)=ANY=[@ANYBLOB="18050000000000000000000000dcc7d977080000000000007b8af8ff00000000b7480000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000792cac7551e93c6ef5b9001c9d200bc1ed4c7d77c1e62977b2b325832ebbd070b88aba18c5258729c5689948bafc895e7a3657a9be882d9a7e6836cf0acd5e369a833e10fa8c898e7edef41aeba58576b6c98ca48b", @ANYRES32=r6, @ANYBLOB="0000000000000000b70400000800000085000000950000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r7}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000780)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
statx(0xffffffffffffffff, 0x0, 0x6000, 0x400, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x20, 0x0, 0x0, 0x7, 0x90540, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={&(0x7f0000000000), 0x9}, 0x114894, 0x10000, 0x4, 0x7, 0xa, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x7fffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')

4.414732633s ago: executing program 2 (id=848):
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffff"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0500000700000000000000000896edebf874c9127599158dce543b554920caee59c502e38c582b2db5e89ab366d285e4ba3c43208e578b5a0f59534ddf91119d091a16574a9be39b5d551382f67685cfec4377b67a0fb9f69c455ec1c695a390ac001543860cde4aa8c3e41ad36321995aa8d5872c6fdcc9ddfacbc10828bd35a69e20318af620dc241e8ab5ab55920b0579d626ea521a17fcf52d77fc7a4ecb86ded92e7eaaa8c8d6c1026487423628e8aab24b660f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/13, @ANYRES32=r0, @ANYBLOB], 0x0, 0x4, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_io_uring_setup(0x821, &(0x7f0000000340)={0x0, 0x4aa2, 0x8000, 0x3, 0x3c2}, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
syz_io_uring_setup(0x1104, 0x0, &(0x7f00000003c0), 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bc00551a000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70300000000000085"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

3.987608208s ago: executing program 3 (id=854):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}, 0x0, 0x318}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x26801000, 0x0, 0x12c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

3.747618087s ago: executing program 3 (id=856):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='kfree\x00', r1}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000040000000030a89e10000000000000000010000000900010073797a30000000000900030073797a3000000000140004800800024000000000080001400000000060000000060a010400000000000000000100000008000b400000000038000480340001800a0001006d61746368000000240002800c000300e4edf2b75cc7c0a308000240000000000c000100706b7474797065000900010073797a30"], 0xe8}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x5d, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r10 = syz_io_uring_setup(0x49d, &(0x7f00000003c0)={0x0, 0x79ac, 0x400, 0x7ffd, 0x32c, 0x0, r9}, &(0x7f0000000340)=<r11=>0x0, &(0x7f0000000040)=<r12=>0x0)
syz_io_uring_submit(r11, r12, 0x0)
io_uring_enter(r10, 0xfd0, 0x4c1, 0x43, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r8}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
socket$netlink(0x10, 0x3, 0x15)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00'}, 0x18)
syz_clone(0x40800000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x18)

3.609226578s ago: executing program 2 (id=858):
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
syz_open_dev$hiddev(&(0x7f0000000000), 0xfffffffffffffff9, 0x30000)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014800000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
write$cgroup_subtree(r1, &(0x7f00000000c0)=ANY=[], 0x32600)

3.513908456s ago: executing program 0 (id=860):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(r1, 0x0, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r3}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r4 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000300)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r4, 0x47f9, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000006000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
faccessat(r7, &(0x7f0000000000)='./file0\x00', 0x5)

2.731068979s ago: executing program 3 (id=863):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x2}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x50}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'macvlan1\x00', <r3=>0x0})
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', <r5=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="400000001000030500000000fddbdf0000000000", @ANYRES32=0x0, @ANYBLOB="02880100373004002000128008000100687372001400028008000100", @ANYRES32=r3, @ANYBLOB="08000200", @ANYRES32=r5], 0x40}}, 0x4008054)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r1, r5, 0x25, 0x19, @val=@kprobe_multi=@addrs={0x1, 0x1, 0x0, &(0x7f0000000380)=[0x8000000000000000], 0x8}}, 0x30)

2.730585109s ago: executing program 0 (id=864):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xd, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x9}, 0x18)
socket$igmp6(0xa, 0x3, 0x2)
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000200)='kfree\x00', 0xffffffffffffffff, 0x0, 0x80}, 0x18)
capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0x10040, 0x8f})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
syz_io_uring_setup(0x3c0c, &(0x7f0000000400)={0x0, 0xa070, 0x1000, 0x2}, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x22, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x18, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0xfffffffffffffffd}, 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01032757c38d085641a7260000000c000180080001"], 0x20}, 0x1, 0x0, 0x0, 0x20040005}, 0x8840)

2.657844145s ago: executing program 0 (id=866):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}}, 0x0)

2.557161083s ago: executing program 3 (id=867):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@bridge_dellink={0x2c, 0x13, 0x1, 0x2, 0x0, {0x7, 0x0, 0x0, r1, 0x50d00}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x4, 0x0, 0x1, {0x4}}]}]}, 0x2c}}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'veth0_to_team\x00', <r4=>0x0})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6, 0x0, 0x7fff}, 0x18)
add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, &(0x7f0000000100)="01000000020000000000006bb55a2a630b00c145f94cd977", 0x18, 0xffffffffffffffff)
sendmsg$nl_route_sched(r3, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000001a40)=@newqdisc={0x50, 0x24, 0xd0f, 0x3, 0x3, {0x60, 0x0, 0x0, r4, {0x0, 0x2}, {0xffff, 0xffff}, {0xb, 0xffe0}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0xa, 0x0, 0x5, 0x0, 0x9, 0x10000}}, {0x4}}]}, @qdisc_kind_options=@q_qfg={0x8}]}, 0x50}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)

2.449893542s ago: executing program 3 (id=868):
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffff"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0500000700000000000000000896edebf874c9127599158dce543b554920caee59c502e38c582b2db5e89ab366d285e4ba3c43208e578b5a0f59534ddf91119d091a16574a9be39b5d551382f67685cfec4377b67a0fb9f69c455ec1c695a390ac001543860cde4aa8c3e41ad36321995aa8d5872c6fdcc9ddfacbc10828bd35a69e20318af620dc241e8ab5ab55920b0579d626ea521a17fcf52d77fc7a4ecb86ded92e7eaaa8c8d6c1026487423628e8aab24b660f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/13, @ANYRES32=r0, @ANYBLOB], 0x0, 0x4, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_io_uring_setup(0x821, &(0x7f0000000340)={0x0, 0x4aa2, 0x8000, 0x3, 0x3c2}, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
syz_io_uring_setup(0x1104, 0x0, &(0x7f00000003c0), 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bc00551a000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70300000000000085"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

2.429461653s ago: executing program 0 (id=869):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x843)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000005c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
syz_emit_ethernet(0x6e, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3da, &(0x7f00000004c0)="$eJzs3N1qHFUcAPD/TPNh0+pGrV5owUgRgx/5aEpssKCCl15ZX2BN0hLdNrZZwZZcKIh9APUBxMv6CF6Id4LgTfHaO6VQJMm1rMxmdjNudmO+ltHu7wcHzpnZ4Zz/zOyek3MOCWBgTUTEpxExEhEfREQlP57kKd7cTtnntjbWF7OURKNx+c+keX5zY30xCtdkTuWFyTQi/TyJZ7vUu3br9ofVWm35Zl6erl/7aHrt1u1XV65Vry5fXb4+N7OwMDN3cX5h/thi/T3u/Hbp3tuVL38+9+uP7787n7X3dH6uGMdxmYiJ9j3pNHXclZXskUI+GSqxIRxIGhEnImKo+f2vxInYeXiV+L5SauMAgL5oNN7oKAMAD79Enw8AA6b1d//mxvpiK5UxD1GWB29tL15t5mubW+34h9orIcMd61vHaSIivvv6teeyFH1ahwQAKPohG/9c7Db+S+Ns4XMnI2Is39t1OiIejYjHCvvFDmuio7x7/JPeP2IVe8rGf5cKe9u2CvHnxk/kpSzm8RhOrqzUlmfy+CdjeDQrz+5Rx9nLT//V61xx/JelrP7WWDBvx/2h0X9es1StV48Sc9GDzyKeGeoWf9Ie/ybNuA/v9Rt3n+p17t/j76/GNxEvdn3+Ozv3kr33J04334fp1lux252XXrjRq/6y48+e/9je8Y8nxf2aawev46cLK7/0OnfY938kea+ZH8mPfVKt12/ORowk7+w+fn7n2la59fks/slz3b//Z2LnTjweEU9ExJMRzeM9X+guXql9+/zh4++vLP6lAz3/g2fGvrh7r1f9+3v+F5q5yfzIfn7/9tvAo9w7AAAA+L9Im/O5STrVzqfp1NT2PO+ZGEtrq2v1l6+sfnx9aXvedzyG09ZMV6UwHzqbzxG2yuc7ynP5HMpXoyeb5anF1dpS2cEDwIA61aP/z/wxWnbrAIC+6dfmdgDgv0v/DwCDR/8PAINH/w8Ag0f/DwCDR/8PAAPlKP/XT0ZG5mHNlP3LBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQrr8DAAD//3JA1T8=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x143042, 0x80)
pwritev2(r4, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfe}], 0x1, 0x5405, 0x0, 0x0)

2.253220727s ago: executing program 2 (id=870):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, 0x0)

1.931403144s ago: executing program 2 (id=881):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, 0x0)

1.888767937s ago: executing program 2 (id=872):
syz_usb_connect(0x2, 0x64, 0x0, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x2, 0x7, 0x0, 0x5, 0x2, 0x0, 0x70bd2d, 0x25dfdbfe}, 0x10}}, 0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="18010000400100000000000000040000850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000005c0)={'gre0\x00'})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000100)={'team0\x00', <r4=>0x0})
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000140)=<r5=>0x0, &(0x7f0000000180)=0x4)
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r7=>0x0})
bind$can_j1939(r6, &(0x7f00000000c0)={0x1d, r7}, 0x18)
connect$can_j1939(r6, &(0x7f0000000140)={0x1d, r7}, 0x18)
sendmsg$ETHTOOL_MSG_RINGS_GET(r2, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="f8000000", @ANYRES16=r3, @ANYBLOB="000200440001800800030002000000140002efc9d791eb0068737230000000000000000000000000140002006970365f76d369300000000000000000080001000000dc3c022d", @ANYRES32=r4, @ANYBLOB="080003000200000048000180140002007866726d30000000000000000000000014000200776c616e300000000000000000", @ANYRES32=r5, @ANYBLOB="140002007663616e3000000000000000000000003c0001801400020069703665727370616e3000000000000008000100", @ANYRES32=0x0, @ANYBLOB="1400020076657468305f746f5f626f6e6400000008000300020000001c00018008000100", @ANYRES32=r7, @ANYBLOB="08000300010000000800030002000000"], 0xf8}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'lo\x00'})
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r9)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r10}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)

1.672136274s ago: executing program 3 (id=876):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x40)
sendmmsg(r0, &(0x7f0000000180), 0x400008a, 0x0)

1.521191047s ago: executing program 4 (id=878):
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, 0x0, 0x0, 0x0)
io_submit(0x0, 0x0, &(0x7f0000001fc0))
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0xc, 0x0, 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x94)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)
open_tree(0xffffffffffffffff, 0x0, 0x89901)
syz_read_part_table(0x106a, &(0x7f0000000000)="$eJzsz7FJxVAUBuD/5ibxpnUB17C0EGwsFXexUcERnECwsbLWDdzCFbJAxECEt8B7r/i+6pyfHw4nHNTUtdOP5Py5vqQleUxyNySp45ik/Be/vq//luF1bicpNRf9Gi+fb/dbqSb91XyTYXkoP0u3ZuVyajsHu6ezus319n0/XwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAcfsNAAD//3OqEK8=") (fail_nth: 2)

1.267426637s ago: executing program 4 (id=880):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000002001000001"], 0x50)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x5}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x800, 0x4, 0x80, 0x2, 0x46b}, 0x4, 0x0, 0x9, 0x7, 0x7, 0x1, 0x2, 0x17, 0x7, 0x6, {0xa, 0x2, 0x3, 0xfffffffd, 0x5, 0xc}}}}]}, 0x78}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', r2, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000480)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0xfff2}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}, @IPSET_ATTR_BUCKETSIZE={0x5}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x24004080}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r5, &(0x7f0000004200)='t', 0x1)
sendfile(r5, r4, 0x0, 0x3ffff)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(r5, r4, 0x0, 0x7ffff000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000200)={0x5, &(0x7f00000001c0)=[{0x5, 0x3, 0x10, 0x3}, {0x6e81, 0xc, 0x9, 0x5}, {0x8, 0xa4, 0x80, 0x6d44}, {0x6, 0x5, 0x7, 0x8}, {0x4, 0x76, 0x7, 0x9}]})

1.23931686s ago: executing program 1 (id=883):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, 0x0)

1.177926955s ago: executing program 1 (id=884):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x2}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x50}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'macvlan1\x00', <r3=>0x0})
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', <r5=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="400000001000030500000000fddbdf0000000000", @ANYRES32=0x0, @ANYBLOB="02880100373004002000128008000100687372001400028008000100", @ANYRES32=r3, @ANYBLOB="08000200", @ANYRES32=r5], 0x40}}, 0x4008054)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r1, r5, 0x25, 0x19, @val=@kprobe_multi=@addrs={0x1, 0x1, 0x0, &(0x7f0000000380)=[0x8000000000000000], 0x8}}, 0x30)

1.101299911s ago: executing program 1 (id=885):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x80, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone(0x6a000000, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(r5, 0x6, 0x3, &(0x7f00000009c0)=0x1d, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x51031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB], 0x50)

786.625536ms ago: executing program 0 (id=886):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="2c756e616d653dd0ae"])

491.81086ms ago: executing program 0 (id=887):
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
syz_open_dev$hiddev(&(0x7f0000000000), 0xfffffffffffffff9, 0x30000)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014800000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
write$cgroup_subtree(r1, &(0x7f00000000c0)=ANY=[], 0x32600)

464.425682ms ago: executing program 4 (id=888):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x170)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000680)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@bsdgroups}, {@lazytime}, {@noload}]}, 0x3, 0x45c, &(0x7f0000002400)="$eJzs3MtvG8UfAPDv+pG+m/yq/oA+gCBAlAJJk5bSAxcQSBxAQoJDOYYkrUrdBjVBIlUFBaFyRJU4cUEckfgLOMEFASckLhzgjipVqJcWTkYb76a2a+dVP0j9+UjrzuyuO/P1ztizM7EDGFij6UMSsTMifo+I4Vq28YTR2j+3blya/vvGpekkqtU3/kpK6eGbNy5N56fmz9uRZ0oRhU+SONCi3PnFi2enKpXZC1l+fOHcu+PzixefOXNu6vTs6dnzkydOHDs68dzxyWc7Emca1839H8wd3PfKW1dfmz559e2fvkny+Jvi6JDRlQ4+Xq12uLj+2lWXrrUMNoNirZtGean/D0cxbl+84Xj5475WDuiqarVava/94ctV4B6WRL9rAPRH/kGf3v/mW4+GHv8J11+o3QClcd/KttqRUhSyc8pN97edNBoRJy//82W6RXfmIQAAGnyXjn+ebjX+K0T9vNDubA1lJCL+FxF7IuJ4ROyNiP9HLJ17f0Q8sM7ymxdJ7hz/FK5tKLA1Ssd/z2drW43jv3z0FyPFLLdrKf5ycupMZfZI9pocivKWND+xQhnfv/TrZ+2O1Y//0i0tPx8LZvW4VtrS+JyZqYWpu4m53vWPIvaXWsWfLK8EJBGxLyL2b7CMM4e/Ptju2Orxr6AD60zVryKeqF3/y9EUfy5ZeX1yfGtUZo+M563iTj//cuX1duXfVfwdkF7/7S3b/3L8I0n9eu38ev73L55MH6/88Wnbe5qNtv+h5M2Gfe9PLSxcmIgYSl6tVbp+/2TTeZO3z0/jP/Ro6/6/J26/EgciIm3ED0bEQxHxcFb3R37bveqr8OOLj72z8fi7K41/Zu3XvzockTeExaHIEst7WieKZ3/4tqHQkdbx7257/Y8tpQ5le9by/reWeq23NQMAAMBmVYiInZEUxpbThcLYWO1v+PfG9kJlbn7hqVNz752fqX1HYCTKhXyma7huPnQiu63P85NN+aPZvPHnxW1L+bHpucpMv4OHAbejTf9P/Vnsd+2ArvN9LRhc+j8MLv0fBted/X9rX+oB9F6Lz/9t/agH0Hutxv8fruWJOztfF6C3mvq/ZT8YIOb/YHBtpP97z4B7Q2mln2we6mlVgN6Z3xarf0leYjMl8l+u6UYR5bS1HI6IxYtR6HukEl1M9PudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+DQAA//+CSeFs")
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket(0x10, 0x3, 0x0)
connect$netlink(r4, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x31, 0x829, 0x0, 0x25dfdbfe, {}, [{0x4}]}, 0x18}}, 0x0)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r4, 0x0, 0x48c, &(0x7f0000000040)={0x2, 'pim6reg1\x00', 0x2}, 0x18)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r3, 0x0, 0xff91, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
r5 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
fallocate(r5, 0x40, 0xbf5, 0x2000402)
ioctl$BTRFS_IOC_DEV_INFO(r2, 0xd000941e, &(0x7f0000001580)={<r6=>0x0, "638b2424616dacaa86036a4ce7e59b22"})
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="2e0000006a0081040000000000005ef40502e0dfffff0e000a000e0000000224ec4dc2cc0114664568a71802cd0b", 0x2e}], 0x1}, 0x0)
ioctl$BTRFS_IOC_DEV_INFO(r5, 0xd000941e, &(0x7f0000002580)={r6, "5a74620fa6f756ccc351f0c8d4166ea0"})
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r10}, 0x18)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
mlock(&(0x7f00004bc000/0x4000)=nil, 0x4000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)

305.692315ms ago: executing program 4 (id=889):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(r2, 0x0, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r4}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r5 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000300)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r5, 0x47f9, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000006000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
faccessat(r8, &(0x7f0000000000)='./file0\x00', 0x5)

271.648087ms ago: executing program 1 (id=890):
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x109a88, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioperm(0x3c, 0x1, 0x8)
r0 = syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x10552, &(0x7f0000000140)=ANY=[@ANYRESDEC=r0], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
ftruncate(r1, 0x2000009)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000000180), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000040)={0x2, 0x4e22, @loopback}, 0x10)
sendmsg$rds(r2, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x0)

166.283306ms ago: executing program 1 (id=891):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xd, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x9}, 0x18)
socket$igmp6(0xa, 0x3, 0x2)
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000200)='kfree\x00', 0xffffffffffffffff, 0x0, 0x80}, 0x18)
capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0x10040, 0x8f})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
syz_io_uring_setup(0x3c0c, &(0x7f0000000400)={0x0, 0xa070, 0x1000, 0x2}, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x22, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x18, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x94)
r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x8, 0x0, 0xa, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x3ff, 0x100000001}, 0x46d8, 0x10000, 0x0, 0x1, 0x8, 0x2000a, 0xb, 0x0, 0x0, 0x0, 0x8000000000000002}, 0xffffffffffffffff, 0xffffffdffbffffff, 0xffffffffffffffff, 0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), r2)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01032757c38d085641a7260000000c000180080001"], 0x20}, 0x1, 0x0, 0x0, 0x20040005}, 0x8840)

122.38471ms ago: executing program 1 (id=892):
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
syz_open_dev$hiddev(&(0x7f0000000000), 0xfffffffffffffff9, 0x30000)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014800000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
write$cgroup_subtree(r2, &(0x7f00000000c0)=ANY=[], 0x32600)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000400)="ba", 0xfdef}], 0x1, 0xe7b, 0x0, 0x1)

95.527832ms ago: executing program 4 (id=893):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}}, 0x0)

0s ago: executing program 4 (id=894):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='dlm_recv\x00', r0, 0x0, 0x9625}, 0x18)
r1 = creat(&(0x7f0000000240)='./file1\x00', 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000040)=0x4000, 0x4)
syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c04, &(0x7f0000000340), 0x1, 0x779, &(0x7f0000002080)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTuZ206bmWmSJjPV+XzgZs65907O+c79cc7MPdwbQN8aT//kIg5HxLtJxGhjfhIRQ/XUYMTJjfVura0W0ymJ9fWXf0nq69xcWy1G03tSBxuZ/0fEN29FHMltLre6vDJXKJdLi438ZG3+wmR1eeXo+fnCbGm2tHB8anr62ImnThzfvVh/+37l0LX3Xnj885N/vPm/q+98m8TJONRY1hzHbhmP8cZnMpR+hHd5frcL67Gk1xVgR9JDc2DjKI/DMRoD9RQA8E/2ekSsAwB9JtH+A0CfyX4HuLm2Wsym3v4i0V3Xn4uI/RvxZ9c3N5YMNq7Z7a9fBx25mdx1ZSSJiLFdKH88Ij7+8tVP0yn26DokQCtvXI6Is2Pjm8//yaYxC9v1RIdl+xqv4/fMd/6D7vkq7f883ar/l7vd/4kW/Z/hFsfuTtz3+D+wC4V0kPb/nm0a23arKf6GsYFG7l/1Pt9Qcu58uZSe2/4dERMxNJzmpzqUMXHjzxvtljX3/359/7VP0vLT1ztr5H4aHL77PTOFWuFBYm52/XLEI4Ot4k9ub/+kTf/39BbLePGZtz9qtyyNP403mzbHH43RSXtj/UrEYy23/50RbUnH8YmT9d1hMtspWvjihw9H2pXfvP3TKS0/+y7QDen2H+kc/1jSPF6zuv0yvrsy+nW7ZfePv/X+vy95pZ7O+hGXCrXa4lTEvuSlzfOP3Xlvls/WT+OfeLT18d9p/0+/E57dYvyD137+bOfx7600/pltbf/tJ67emhtoV/7Wtv90PTXRmLOV899WK/ggnx0AAAAAAAAAAAAAAAAAAAAAAAAAbFUuIg5FksvfTudy+fzGM7z/GyO5cqVaO3KusrQwE/VnZY/FUC671eVo0/1Qpxr3w8/yx+7JPxkR/4mID4YPJNl9FGd6HDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZA62ef5/6sfhXtcOANgz+3tdAQCg67T/ANB/tP8A0H+0/wDQf7T/ANB/tP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADssdOnTqXT+u9rq8U0P3NxeWmucvHoTKk6l59fKuaLlcUL+dlKZbZcyhcr8/f7f+VK5cJ0LCxdmqyVqrXJ6vLKmfnK0kLtzPn5wmzpTGmoK1EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPZUl1fmCuVyaVFiB4n1h6MavU8MNHanh6U+XU0kD0c1djnR6ayR687JCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBv4K8AAAD//8yLIwE=")
syz_emit_ethernet(0xd81, &(0x7f0000002800)=ANY=[], 0x0)
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0)={[{@dioread_nolock}, {@minixdf}, {@nolazytime}, {}]}, 0x1, 0x783, &(0x7f0000002200)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
pwrite64(r3, &(0x7f00000005c0)='\"', 0x1, 0x4fed0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x0)
pwrite64(r6, &(0x7f0000000140)='2', 0x1, 0x68)
r7 = open(&(0x7f00000005c0)='./bus\x00', 0x167842, 0x19)
pwritev2(r7, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x1400, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):


[   60.377106][ T5243]  __x64_sys_sendmsg+0xd4/0x160
[   60.377136][ T5243]  x64_sys_call+0x191e/0x2ff0
[   60.377161][ T5243]  do_syscall_64+0xd2/0x200
[   60.377236][ T5243]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   60.377267][ T5243]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   60.377294][ T5243]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.377322][ T5243] RIP: 0033:0x7f4b6474ebe9
[   60.377338][ T5243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.377353][ T5243] RSP: 002b:00007f4b631b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   60.377374][ T5243] RAX: ffffffffffffffda RBX: 00007f4b64985fa0 RCX: 00007f4b6474ebe9
[   60.377388][ T5243] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[   60.377433][ T5243] RBP: 00007f4b631b7090 R08: 0000000000000000 R09: 0000000000000000
[   60.377446][ T5243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.377460][ T5243] R13: 00007f4b64986038 R14: 00007f4b64985fa0 R15: 00007fffb0e76c18
[   60.377481][ T5243]  </TASK>
[   60.625915][ T5246] syz.3.292: attempt to access beyond end of device
[   60.625915][ T5246] loop3: rw=0, sector=121, nr_sectors = 920 limit=128
[   60.656985][ T5249] loop4: detected capacity change from 0 to 8192
[   60.685220][ T5249] vfat: Unknown parameter '18446744073709551615'
[   60.717123][ T5257] __nla_validate_parse: 6 callbacks suppressed
[   60.717158][ T5257] netlink: 8 bytes leftover after parsing attributes in process `syz.2.295'.
[   60.738470][ T5259] loop0: detected capacity change from 0 to 512
[   60.750966][ T5249] loop4: detected capacity change from 0 to 512
[   60.775969][ T5259] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   60.794132][ T5249] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   60.829338][ T5249] ext4 filesystem being mounted at /62/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.980785][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.058328][ T5295] netlink: 16 bytes leftover after parsing attributes in process `syz.2.299'.
[   61.316464][ T5321] 9pnet: Could not find request transport: fd0xffffffffffffffff
[   61.347515][ T5327] FAULT_INJECTION: forcing a failure.
[   61.347515][ T5327] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   61.360749][ T5327] CPU: 1 UID: 0 PID: 5327 Comm: syz.3.304 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   61.360775][ T5327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   61.360830][ T5327] Call Trace:
[   61.360838][ T5327]  <TASK>
[   61.360845][ T5327]  __dump_stack+0x1d/0x30
[   61.360866][ T5327]  dump_stack_lvl+0xe8/0x140
[   61.360892][ T5327]  dump_stack+0x15/0x1b
[   61.360908][ T5327]  should_fail_ex+0x265/0x280
[   61.360928][ T5327]  should_fail+0xb/0x20
[   61.361017][ T5327]  should_fail_usercopy+0x1a/0x20
[   61.361037][ T5327]  _copy_from_user+0x1c/0xb0
[   61.361062][ T5327]  sg_new_write+0x71a/0x890
[   61.361102][ T5327]  ? do_vfs_ioctl+0x866/0xe10
[   61.361177][ T5327]  sg_ioctl+0xb81/0x1360
[   61.361208][ T5327]  ? __pfx_sg_ioctl+0x10/0x10
[   61.361237][ T5327]  __se_sys_ioctl+0xcb/0x140
[   61.361316][ T5327]  __x64_sys_ioctl+0x43/0x50
[   61.361335][ T5327]  x64_sys_call+0x1816/0x2ff0
[   61.361358][ T5327]  do_syscall_64+0xd2/0x200
[   61.361387][ T5327]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   61.361411][ T5327]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   61.361468][ T5327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.361488][ T5327] RIP: 0033:0x7f8aee0aebe9
[   61.361503][ T5327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.361600][ T5327] RSP: 002b:00007f8aecb0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   61.361618][ T5327] RAX: ffffffffffffffda RBX: 00007f8aee2e5fa0 RCX: 00007f8aee0aebe9
[   61.361632][ T5327] RDX: 0000200000000040 RSI: 0000000000002285 RDI: 0000000000000006
[   61.361644][ T5327] RBP: 00007f8aecb0f090 R08: 0000000000000000 R09: 0000000000000000
[   61.361657][ T5327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.361670][ T5327] R13: 00007f8aee2e6038 R14: 00007f8aee2e5fa0 R15: 00007ffe33c7db18
[   61.361716][ T5327]  </TASK>
[   61.614496][ T5336] loop3: detected capacity change from 0 to 1024
[   61.639395][ T5336] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   61.654097][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.688450][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.697532][ T5347] loop0: detected capacity change from 0 to 128
[   61.745586][ T5352] macvlan1: entered promiscuous mode
[   61.747378][ T5354] FAULT_INJECTION: forcing a failure.
[   61.747378][ T5354] name failslab, interval 1, probability 0, space 0, times 0
[   61.756667][ T5352] ipvlan0: entered promiscuous mode
[   61.763949][ T5354] CPU: 1 UID: 0 PID: 5354 Comm: syz.3.307 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   61.763991][ T5354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   61.764003][ T5354] Call Trace:
[   61.764010][ T5354]  <TASK>
[   61.764019][ T5354]  __dump_stack+0x1d/0x30
[   61.764040][ T5354]  dump_stack_lvl+0xe8/0x140
[   61.764125][ T5354]  dump_stack+0x15/0x1b
[   61.764197][ T5354]  should_fail_ex+0x265/0x280
[   61.764218][ T5354]  should_failslab+0x8c/0xb0
[   61.764242][ T5354]  __kmalloc_noprof+0xa5/0x3e0
[   61.764380][ T5354]  ? kernfs_fop_write_iter+0xe1/0x2d0
[   61.764419][ T5354]  kernfs_fop_write_iter+0xe1/0x2d0
[   61.764478][ T5354]  ? __import_iovec+0x428/0x540
[   61.764506][ T5354]  do_iter_readv_writev+0x49c/0x540
[   61.764571][ T5354]  vfs_writev+0x2df/0x8b0
[   61.764602][ T5354]  ? mutex_lock+0xd/0x30
[   61.764624][ T5354]  do_writev+0xe7/0x210
[   61.764760][ T5354]  __x64_sys_writev+0x45/0x50
[   61.764784][ T5354]  x64_sys_call+0x1e9a/0x2ff0
[   61.764859][ T5354]  do_syscall_64+0xd2/0x200
[   61.764895][ T5354]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   61.764919][ T5354]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   61.764944][ T5354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.765026][ T5354] RIP: 0033:0x7f8aee0aebe9
[   61.765042][ T5354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.765059][ T5354] RSP: 002b:00007f8aecb0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   61.765079][ T5354] RAX: ffffffffffffffda RBX: 00007f8aee2e5fa0 RCX: 00007f8aee0aebe9
[   61.765092][ T5354] RDX: 0000000000000001 RSI: 0000200000001a00 RDI: 0000000000000003
[   61.765104][ T5354] RBP: 00007f8aecb0f090 R08: 0000000000000000 R09: 0000000000000000
[   61.765116][ T5354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.765195][ T5354] R13: 00007f8aee2e6038 R14: 00007f8aee2e5fa0 R15: 00007ffe33c7db18
[   61.765213][ T5354]  </TASK>
[   61.973411][ T5352] ipvlan0: left promiscuous mode
[   61.980338][ T5352] macvlan1: left promiscuous mode
[   62.021321][ T3386] usb 7-1: enqueue for inactive port 0
[   62.037664][ T3386] usb 7-1: enqueue for inactive port 0
[   62.058106][ T5384] loop0: detected capacity change from 0 to 128
[   62.080209][ T5393] netlink: 16 bytes leftover after parsing attributes in process `syz.2.309'.
[   62.103238][ T5394] netlink: 16 bytes leftover after parsing attributes in process `syz.3.310'.
[   62.122267][ T3386] vhci_hcd: vhci_device speed not set
[   62.802936][ T5443] netlink: 8 bytes leftover after parsing attributes in process `syz.4.315'.
[   62.811937][ T5443] netlink: 'syz.4.315': attribute type 30 has an invalid length.
[   62.847011][ T5443] loop4: detected capacity change from 0 to 512
[   62.857994][ T5443] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   62.877513][ T5447] loop3: detected capacity change from 0 to 1024
[   62.885451][   T12] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[   62.901553][   T12] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[   62.910834][   T12] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[   62.924796][ T5447] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   62.926460][   T12] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[   62.942185][ T5443] EXT4-fs (loop4): 1 truncate cleaned up
[   62.952459][ T5443] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   63.003278][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.013166][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.038163][ T5458] atomic_op ffff8881044b2528 conn xmit_atomic 0000000000000000
[   63.060362][ T5458] loop4: detected capacity change from 0 to 128
[   63.239213][ T5458] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   63.263058][ T5458] ext4 filesystem being mounted at /69/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   63.353121][ T5479] loop3: detected capacity change from 0 to 512
[   63.463718][   T29] kauditd_printk_skb: 106 callbacks suppressed
[   63.463737][   T29] audit: type=1400 audit(1756727213.756:915): avc:  denied  { setattr } for  pid=5457 comm="syz.4.321" path="/69/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   63.576918][ T5479] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   63.895937][ T3302] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   64.005306][ T5503] loop0: detected capacity change from 0 to 512
[   64.095828][ T5503] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   64.126617][   T29] audit: type=1326 audit(1756727214.386:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5502 comm="syz.4.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e75b3ebe9 code=0x7ffc0000
[   64.150181][   T29] audit: type=1326 audit(1756727214.386:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5502 comm="syz.4.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e75b3ebe9 code=0x7ffc0000
[   64.173847][   T29] audit: type=1326 audit(1756727214.386:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5502 comm="syz.4.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=172 compat=0 ip=0x7f8e75b3ebe9 code=0x7ffc0000
[   64.197451][   T29] audit: type=1326 audit(1756727214.386:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5502 comm="syz.4.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e75b3ebe9 code=0x7ffc0000
[   64.221372][   T29] audit: type=1326 audit(1756727214.386:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5502 comm="syz.4.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e75b3ebe9 code=0x7ffc0000
[   64.244831][   T29] audit: type=1326 audit(1756727214.386:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5502 comm="syz.4.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e75b3ebe9 code=0x7ffc0000
[   64.268448][   T29] audit: type=1326 audit(1756727214.386:922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5502 comm="syz.4.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e75b3ebe9 code=0x7ffc0000
[   64.292163][   T29] audit: type=1326 audit(1756727214.386:923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5502 comm="syz.4.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e75b3ebe9 code=0x7ffc0000
[   64.315855][   T29] audit: type=1326 audit(1756727214.386:924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5502 comm="syz.4.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7f8e75b3ebe9 code=0x7ffc0000
[   64.348877][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.478287][ T5535] netlink: 16 bytes leftover after parsing attributes in process `syz.3.327'.
[   64.673053][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.314838][ T5614] loop3: detected capacity change from 0 to 1024
[   65.358954][ T5614] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   65.388381][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.560871][ T5628] loop2: detected capacity change from 0 to 512
[   65.604654][ T5628] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   65.604885][ T5632] loop3: detected capacity change from 0 to 128
[   65.626265][ T5628] ext4 filesystem being mounted at /54/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.658509][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.676110][ T5632] syz.3.335: attempt to access beyond end of device
[   65.676110][ T5632] loop3: rw=0, sector=121, nr_sectors = 920 limit=128
[   65.713763][ T5648] loop2: detected capacity change from 0 to 128
[   65.756261][ T5654] loop2: detected capacity change from 0 to 128
[   65.812795][ T5665] netlink: 4 bytes leftover after parsing attributes in process `syz.3.339'.
[   65.826948][ T5665] netlink: 12 bytes leftover after parsing attributes in process `syz.3.339'.
[   65.975029][ T5693] loop3: detected capacity change from 0 to 128
[   66.496881][ T5766] netlink: 8 bytes leftover after parsing attributes in process `syz.1.344'.
[   66.908853][ T5797] loop1: detected capacity change from 0 to 512
[   66.927859][ T5796] loop3: detected capacity change from 0 to 128
[   66.960331][ T5792] loop4: detected capacity change from 0 to 8192
[   66.969612][ T5792] vfat: Unknown parameter '18446744073709551615'
[   67.208461][ T5792] loop4: detected capacity change from 0 to 512
[   67.222220][ T5797] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   67.282542][ T5792] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.327085][ T5797] EXT4-fs (loop1): mount failed
[   67.337359][ T5792] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.432924][ T5810] sg_write: process 206 (syz.3.352) changed security contexts after opening file descriptor, this is not allowed.
[   67.496665][ T5818] syz.0.353 uses obsolete (PF_INET,SOCK_PACKET)
[   67.512079][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.562606][ T5821] loop3: detected capacity change from 0 to 128
[   67.680254][ T5840] loop0: detected capacity change from 0 to 128
[   67.723782][ T5851] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   67.723782][ T5851]    program syz.2.357 not setting count and/or reply_len properly
[   68.348953][ T5911] loop2: detected capacity change from 0 to 128
[   68.519807][   T29] kauditd_printk_skb: 307 callbacks suppressed
[   68.519825][   T29] audit: type=1400 audit(1756727218.826:1231): avc:  denied  { unmount } for  pid=3306 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   68.619064][   T29] audit: type=1400 audit(1756727218.926:1232): avc:  denied  { ioctl } for  pid=5920 comm="syz.0.362" path="socket:[7698]" dev="sockfs" ino=7698 ioctlcmd=0x941d scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   68.660619][   T29] audit: type=1400 audit(1756727218.966:1233): avc:  denied  { open } for  pid=5929 comm="syz.3.363" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   68.680085][   T29] audit: type=1400 audit(1756727218.966:1234): avc:  denied  { kernel } for  pid=5929 comm="syz.3.363" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   68.703195][ T5931] netlink: 16 bytes leftover after parsing attributes in process `syz.0.362'.
[   68.713118][   T29] audit: type=1400 audit(1756727218.986:1235): avc:  denied  { read write } for  pid=5929 comm="syz.3.363" name="rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   68.737317][   T29] audit: type=1400 audit(1756727218.986:1236): avc:  denied  { open } for  pid=5929 comm="syz.3.363" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   68.762556][   T29] audit: type=1400 audit(1756727219.006:1237): avc:  denied  { setopt } for  pid=5920 comm="syz.0.362" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   68.782322][   T29] audit: type=1400 audit(1756727219.006:1238): avc:  denied  { create } for  pid=5920 comm="syz.0.362" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   68.803605][   T29] audit: type=1400 audit(1756727219.016:1239): avc:  denied  { write } for  pid=5920 comm="syz.0.362" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   68.824452][   T29] audit: type=1400 audit(1756727219.016:1240): avc:  denied  { read } for  pid=5920 comm="syz.0.362" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   69.047268][ T5953] loop3: detected capacity change from 0 to 8192
[   69.058103][ T5953] vfat: Unknown parameter '18446744073709551615'
[   69.106122][ T5953] loop3: detected capacity change from 0 to 512
[   69.138114][ T5953] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.187887][ T5953] ext4 filesystem being mounted at /77/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.280442][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.318048][ T5986] netlink: 16 bytes leftover after parsing attributes in process `syz.3.367'.
[   69.366965][ T5992] loop2: detected capacity change from 0 to 128
[   69.443415][ T6005] FAULT_INJECTION: forcing a failure.
[   69.443415][ T6005] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   69.456879][ T6005] CPU: 1 UID: 0 PID: 6005 Comm: syz.0.371 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   69.456910][ T6005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   69.457002][ T6005] Call Trace:
[   69.457008][ T6005]  <TASK>
[   69.457015][ T6005]  __dump_stack+0x1d/0x30
[   69.457038][ T6005]  dump_stack_lvl+0xe8/0x140
[   69.457077][ T6005]  dump_stack+0x15/0x1b
[   69.457092][ T6005]  should_fail_ex+0x265/0x280
[   69.457112][ T6005]  should_fail+0xb/0x20
[   69.457131][ T6005]  should_fail_usercopy+0x1a/0x20
[   69.457154][ T6005]  _copy_to_user+0x20/0xa0
[   69.457182][ T6005]  simple_read_from_buffer+0xb5/0x130
[   69.457233][ T6005]  proc_fail_nth_read+0x10e/0x150
[   69.457269][ T6005]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   69.457294][ T6005]  vfs_read+0x1a8/0x770
[   69.457313][ T6005]  ? __rcu_read_unlock+0x4f/0x70
[   69.457335][ T6005]  ? __fget_files+0x184/0x1c0
[   69.457363][ T6005]  ksys_read+0xda/0x1a0
[   69.457441][ T6005]  __x64_sys_read+0x40/0x50
[   69.457465][ T6005]  x64_sys_call+0x27bc/0x2ff0
[   69.457548][ T6005]  do_syscall_64+0xd2/0x200
[   69.457581][ T6005]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   69.457605][ T6005]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   69.457634][ T6005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.457797][ T6005] RIP: 0033:0x7fe9bcf7d5fc
[   69.457814][ T6005] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   69.457831][ T6005] RSP: 002b:00007fe9bb9df030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   69.457850][ T6005] RAX: ffffffffffffffda RBX: 00007fe9bd1b5fa0 RCX: 00007fe9bcf7d5fc
[   69.457863][ T6005] RDX: 000000000000000f RSI: 00007fe9bb9df0a0 RDI: 0000000000000009
[   69.457876][ T6005] RBP: 00007fe9bb9df090 R08: 0000000000000000 R09: 0000000000000000
[   69.457889][ T6005] R10: 0000000000c002a0 R11: 0000000000000246 R12: 0000000000000001
[   69.457950][ T6005] R13: 00007fe9bd1b6038 R14: 00007fe9bd1b5fa0 R15: 00007ffc001ac3d8
[   69.457965][ T6005]  </TASK>
[   69.739433][ T6018] SELinux:  Context system_u:object_r:src_t:s0 is not valid (left unmapped).
[   69.961879][ T6037] loop4: detected capacity change from 0 to 512
[   69.995881][ T6037] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.157747][ T6051] loop1: detected capacity change from 0 to 8192
[   70.165477][ T6051] vfat: Unknown parameter '18446744073709551615'
[   70.222072][ T6058] netlink: 16 bytes leftover after parsing attributes in process `syz.1.379'.
[   70.560278][ T6065] loop0: detected capacity change from 0 to 128
[   70.612928][ T3386] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   70.622086][ T3386] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   70.650234][ T1036] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   70.668000][ T6070] FAULT_INJECTION: forcing a failure.
[   70.668000][ T6070] name failslab, interval 1, probability 0, space 0, times 0
[   70.680836][ T6070] CPU: 1 UID: 0 PID: 6070 Comm: syz.2.384 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   70.680866][ T6070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   70.680879][ T6070] Call Trace:
[   70.680888][ T6070]  <TASK>
[   70.680898][ T6070]  __dump_stack+0x1d/0x30
[   70.680919][ T6070]  dump_stack_lvl+0xe8/0x140
[   70.680987][ T6070]  dump_stack+0x15/0x1b
[   70.681007][ T6070]  should_fail_ex+0x265/0x280
[   70.681029][ T6070]  ? kobject_uevent_env+0x1c0/0x570
[   70.681054][ T6070]  should_failslab+0x8c/0xb0
[   70.681238][ T6070]  __kmalloc_cache_noprof+0x4c/0x320
[   70.681302][ T6070]  kobject_uevent_env+0x1c0/0x570
[   70.681327][ T6070]  ? device_pm_check_callbacks+0x683/0x6a0
[   70.681364][ T6070]  kobject_uevent+0x1d/0x30
[   70.681388][ T6070]  device_del+0x710/0x790
[   70.681415][ T6070]  device_destroy+0x66/0xa0
[   70.681514][ T6070]  drop_ref+0xbf/0x1a0
[   70.681534][ T6070]  hidraw_disconnect+0x39/0x50
[   70.681553][ T6070]  hid_device_remove+0x158/0x210
[   70.681584][ T6070]  ? __pfx_hid_device_remove+0x10/0x10
[   70.681676][ T6070]  device_release_driver_internal+0x2be/0x4e0
[   70.681707][ T6070]  device_release_driver+0x19/0x20
[   70.681731][ T6070]  bus_remove_device+0x26d/0x290
[   70.681822][ T6070]  device_del+0x36a/0x790
[   70.681848][ T6070]  ? __pfx_uhid_char_release+0x10/0x10
[   70.681911][ T6070]  ? __pfx_uhid_char_release+0x10/0x10
[   70.681934][ T6070]  hid_destroy_device+0x54/0x120
[   70.682009][ T6070]  uhid_char_release+0x76/0x3c0
[   70.682038][ T6070]  __fput+0x298/0x650
[   70.682071][ T6070]  fput_close_sync+0x6e/0x120
[   70.682152][ T6070]  __x64_sys_close+0x56/0xf0
[   70.682185][ T6070]  x64_sys_call+0x2738/0x2ff0
[   70.682210][ T6070]  do_syscall_64+0xd2/0x200
[   70.682242][ T6070]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   70.682325][ T6070]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   70.682355][ T6070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.682380][ T6070] RIP: 0033:0x7f4b6474ebe9
[   70.682470][ T6070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.682487][ T6070] RSP: 002b:00007f4b631b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[   70.682533][ T6070] RAX: ffffffffffffffda RBX: 00007f4b64985fa0 RCX: 00007f4b6474ebe9
[   70.682548][ T6070] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[   70.682562][ T6070] RBP: 00007f4b631b7090 R08: 0000000000000000 R09: 0000000000000000
[   70.682577][ T6070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   70.682596][ T6070] R13: 00007f4b64986038 R14: 00007f4b64985fa0 R15: 00007fffb0e76c18
[   70.682652][ T6070]  </TASK>
[   70.946995][ T1036] hid-generic 0000:0000:0000.0002: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   70.972750][ T6074] fido_id[6074]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   71.000092][ T6075] fido_id[6075]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   71.030974][ T6080] loop3: detected capacity change from 0 to 128
[   71.098957][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.245183][ T6093] loop4: detected capacity change from 0 to 8192
[   71.253003][ T6093] vfat: Unknown parameter '18446744073709551615'
[   71.275703][ T6093] loop4: detected capacity change from 0 to 512
[   71.298344][ T6110] loop0: detected capacity change from 0 to 128
[   71.325592][ T6093] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.340367][ T6093] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.473379][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.145738][ T6120] loop2: detected capacity change from 0 to 128
[   72.545063][ T6125] loop4: detected capacity change from 0 to 8192
[   72.684445][ T6134] loop3: detected capacity change from 0 to 4096
[   72.698598][ T1036] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   72.737835][ T1036] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   72.775367][ T6134] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.810579][ T6138] fido_id[6138]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   72.920718][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.464804][ T6183] netlink: 'syz.4.407': attribute type 21 has an invalid length.
[   73.483449][ T6189] netlink: 4 bytes leftover after parsing attributes in process `syz.2.409'.
[   73.489676][ T6187] netlink: 8 bytes leftover after parsing attributes in process `syz.1.408'.
[   73.523519][   T29] kauditd_printk_skb: 185 callbacks suppressed
[   73.523577][   T29] audit: type=1400 audit(1756727223.836:1426): avc:  granted  { setsecparam } for  pid=6194 comm="syz.0.410" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[   73.589808][ T6203] FAULT_INJECTION: forcing a failure.
[   73.589808][ T6203] name failslab, interval 1, probability 0, space 0, times 0
[   73.591351][   T29] audit: type=1400 audit(1756727223.896:1427): avc:  denied  { read } for  pid=6201 comm="syz.4.411" name="usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   73.603057][ T6203] CPU: 1 UID: 0 PID: 6203 Comm: syz.4.411 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   73.603084][ T6203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   73.603096][ T6203] Call Trace:
[   73.603103][ T6203]  <TASK>
[   73.603143][ T6203]  __dump_stack+0x1d/0x30
[   73.603165][ T6203]  dump_stack_lvl+0xe8/0x140
[   73.603184][ T6203]  dump_stack+0x15/0x1b
[   73.603200][ T6203]  should_fail_ex+0x265/0x280
[   73.603284][ T6203]  should_failslab+0x8c/0xb0
[   73.603307][ T6203]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   73.603336][ T6203]  ? process_preds+0x68d/0x2bb0
[   73.603353][ T6203]  ? should_failslab+0x8c/0xb0
[   73.603457][ T6203]  kmemdup_nul+0x36/0xc0
[   73.603508][ T6203]  process_preds+0x68d/0x2bb0
[   73.603529][ T6203]  ? avc_has_perm_noaudit+0x1b1/0x200
[   73.603593][ T6203]  ? should_fail_ex+0xdb/0x280
[   73.603616][ T6203]  ftrace_profile_set_filter+0xff/0x1b0
[   73.603718][ T6203]  perf_ioctl+0x7b3/0x12e0
[   73.603745][ T6203]  ? ioctl_has_perm+0x289/0x2a0
[   73.603771][ T6203]  ? do_vfs_ioctl+0x866/0xe10
[   73.603790][ T6203]  ? selinux_file_ioctl+0x308/0x3a0
[   73.603829][ T6203]  ? __fget_files+0x184/0x1c0
[   73.603853][ T6203]  ? __pfx_perf_ioctl+0x10/0x10
[   73.603879][ T6203]  __se_sys_ioctl+0xcb/0x140
[   73.603978][ T6203]  __x64_sys_ioctl+0x43/0x50
[   73.603996][ T6203]  x64_sys_call+0x1816/0x2ff0
[   73.604016][ T6203]  do_syscall_64+0xd2/0x200
[   73.604118][ T6203]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   73.604140][ T6203]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   73.604208][ T6203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.604229][ T6203] RIP: 0033:0x7f8e75b3ebe9
[   73.604245][ T6203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.604263][ T6203] RSP: 002b:00007f8e7459f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   73.604323][ T6203] RAX: ffffffffffffffda RBX: 00007f8e75d75fa0 RCX: 00007f8e75b3ebe9
[   73.604336][ T6203] RDX: 0000200000000000 RSI: 0000000040082406 RDI: 0000000000000004
[   73.604348][ T6203] RBP: 00007f8e7459f090 R08: 0000000000000000 R09: 0000000000000000
[   73.604414][ T6203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.604426][ T6203] R13: 00007f8e75d76038 R14: 00007f8e75d75fa0 R15: 00007ffcb836c9c8
[   73.604451][ T6203]  </TASK>
[   73.861719][   T29] audit: type=1400 audit(1756727223.896:1428): avc:  denied  { open } for  pid=6201 comm="syz.4.411" path="/dev/usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   74.026829][ T6224] loop2: detected capacity change from 0 to 128
[   74.104410][ T6228] loop3: detected capacity change from 0 to 512
[   74.117777][ T6228] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.499656][ T6242] loop4: detected capacity change from 0 to 128
[   74.677929][ T6244] loop0: detected capacity change from 0 to 512
[   74.723631][   T29] audit: type=1400 audit(1756727225.036:1429): avc:  denied  { write } for  pid=6245 comm="syz.4.423" path="socket:[9194]" dev="sockfs" ino=9194 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   74.724460][ T6246] netlink: 8 bytes leftover after parsing attributes in process `syz.4.423'.
[   74.756464][ T6246] netlink: 'syz.4.423': attribute type 30 has an invalid length.
[   74.809074][   T29] audit: type=1400 audit(1756727225.106:1430): avc:  denied  { append } for  pid=6248 comm="syz.1.424" name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   74.836336][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.847727][ T6244] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.885725][ T6246] loop4: detected capacity change from 0 to 512
[   74.940827][ T6246] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   74.994888][ T6256] netlink: 8 bytes leftover after parsing attributes in process `syz.2.427'.
[   75.015450][ T6246] EXT4-fs (loop4): 1 truncate cleaned up
[   75.037050][ T6246] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.415567][ T6270] netlink: 16 bytes leftover after parsing attributes in process `syz.1.429'.
[   75.751362][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.784812][ T6274] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[   75.791550][ T6274] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   75.799221][ T6274] vhci_hcd vhci_hcd.0: Device attached
[   75.809299][ T6274] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   75.819623][ T6274] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(8)
[   75.826164][ T6274] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   75.833956][ T6274] vhci_hcd vhci_hcd.0: Device attached
[   75.846325][ T6280] loop2: detected capacity change from 0 to 512
[   75.852941][ T6274] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(10)
[   75.859658][ T6274] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   75.867459][ T6274] vhci_hcd vhci_hcd.0: Device attached
[   75.878859][   T29] audit: type=1400 audit(1756727226.186:1431): avc:  denied  { setopt } for  pid=6273 comm="syz.4.432" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   75.939956][ T6280] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.940934][ T6284] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6284 comm=syz.3.433
[   75.991411][   T10] vhci_hcd: vhci_device speed not set
[   76.029971][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.043798][ T6288] macvlan1: entered promiscuous mode
[   76.049925][ T6288] ipvlan0: entered promiscuous mode
[   76.057027][ T6288] ipvlan0: left promiscuous mode
[   76.062896][ T6288] macvlan1: left promiscuous mode
[   76.071464][   T10] usb 9-1: new full-speed USB device number 2 using vhci_hcd
[   76.209264][ T6293] loop0: detected capacity change from 0 to 8192
[   76.248044][ T6293] vfat: Unknown parameter '18446744073709551615'
[   76.251452][ T6296] netlink: 16 bytes leftover after parsing attributes in process `syz.1.436'.
[   76.293037][ T6293] loop0: detected capacity change from 0 to 512
[   76.334259][ T6293] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.347278][ T6293] ext4 filesystem being mounted at /87/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.406842][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.419877][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.503767][ T6305] loop2: detected capacity change from 0 to 8192
[   76.510664][ T6305] vfat: Unknown parameter '18446744073709551615'
[   76.523015][   T29] audit: type=1400 audit(1756727226.836:1432): avc:  denied  { ioctl } for  pid=6299 comm="syz.0.437" path="socket:[9273]" dev="sockfs" ino=9273 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   76.547665][   T29] audit: type=1400 audit(1756727226.836:1433): avc:  denied  { bind } for  pid=6299 comm="syz.0.437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   76.567177][   T29] audit: type=1400 audit(1756727226.836:1434): avc:  denied  { connect } for  pid=6299 comm="syz.0.437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   76.609821][ T6281] vhci_hcd: connection closed
[   76.610064][ T6278] vhci_hcd: connection closed
[   76.610101][ T6276] vhci_hcd: connection reset by peer
[   76.627243][   T41] vhci_hcd: stop threads
[   76.631682][   T41] vhci_hcd: release socket
[   76.636157][   T41] vhci_hcd: disconnect device
[   76.641801][   T41] vhci_hcd: stop threads
[   76.646190][   T41] vhci_hcd: release socket
[   76.650656][   T41] vhci_hcd: disconnect device
[   76.659417][   T41] vhci_hcd: stop threads
[   76.663765][   T41] vhci_hcd: release socket
[   76.668335][   T41] vhci_hcd: disconnect device
[   76.688431][ T6325] netlink: 8 bytes leftover after parsing attributes in process `syz.2.440'.
[   76.784139][ T6342] netlink: 16 bytes leftover after parsing attributes in process `syz.2.441'.
[   76.804370][ T6347] vlan0: entered promiscuous mode
[   76.818311][   T29] audit: type=1400 audit(1756727227.126:1435): avc:  denied  { name_connect } for  pid=6346 comm="syz.3.442" dest=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[   76.999615][ T6372] loop1: detected capacity change from 0 to 512
[   77.006903][ T6372] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   77.167999][ T6372] EXT4-fs (loop1): 1 truncate cleaned up
[   77.179151][ T6372] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.220706][ T6372] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.375386][ T6383] macvlan1: entered promiscuous mode
[   77.400281][ T6383] ipvlan0: entered promiscuous mode
[   77.418696][ T6383] ipvlan0: left promiscuous mode
[   77.438641][ T6383] macvlan1: left promiscuous mode
[   77.450315][ T6372] netlink: 'syz.1.445': attribute type 14 has an invalid length.
[   77.665740][ T6403] loop1: detected capacity change from 0 to 512
[   77.674985][ T6403] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.816570][ T6432] netlink: 8 bytes leftover after parsing attributes in process `syz.2.451'.
[   77.820192][ T6434] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6434 comm=syz.3.452
[   77.879789][ T6443] netlink: 16 bytes leftover after parsing attributes in process `syz.2.453'.
[   77.918744][ T6449] netlink: 'syz.2.454': attribute type 30 has an invalid length.
[   78.065164][ T6472] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[   78.071752][ T6472] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   78.079454][ T6472] vhci_hcd vhci_hcd.0: Device attached
[   78.085426][ T6472] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   78.094228][ T6472] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(8)
[   78.100917][ T6472] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   78.108797][ T6472] vhci_hcd vhci_hcd.0: Device attached
[   78.115004][ T6472] FAULT_INJECTION: forcing a failure.
[   78.115004][ T6472] name failslab, interval 1, probability 0, space 0, times 0
[   78.127717][ T6472] CPU: 1 UID: 0 PID: 6472 Comm: syz.4.456 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   78.127812][ T6472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   78.127823][ T6472] Call Trace:
[   78.127829][ T6472]  <TASK>
[   78.127837][ T6472]  __dump_stack+0x1d/0x30
[   78.127856][ T6472]  dump_stack_lvl+0xe8/0x140
[   78.127872][ T6472]  dump_stack+0x15/0x1b
[   78.127901][ T6472]  should_fail_ex+0x265/0x280
[   78.127935][ T6472]  should_failslab+0x8c/0xb0
[   78.128012][ T6472]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   78.128037][ T6472]  ? sock_alloc_inode+0x34/0xa0
[   78.128074][ T6472]  ? __pfx_sock_alloc_inode+0x10/0x10
[   78.128106][ T6472]  sock_alloc_inode+0x34/0xa0
[   78.128136][ T6472]  alloc_inode+0x3d/0x170
[   78.128160][ T6472]  __sock_create+0x122/0x5b0
[   78.128254][ T6472]  __sys_socketpair+0x170/0x430
[   78.128283][ T6472]  ? ksys_write+0x192/0x1a0
[   78.128308][ T6472]  __x64_sys_socketpair+0x52/0x60
[   78.128412][ T6472]  x64_sys_call+0x2bf2/0x2ff0
[   78.128435][ T6472]  do_syscall_64+0xd2/0x200
[   78.128464][ T6472]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   78.128573][ T6472]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   78.128594][ T6472]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.128614][ T6472] RIP: 0033:0x7f8e75b40b3a
[   78.128628][ T6472] Code: 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 35 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.128675][ T6472] RSP: 002b:00007f8e7459ef78 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[   78.128690][ T6472] RAX: ffffffffffffffda RBX: 00007f8e75d75f00 RCX: 00007f8e75b40b3a
[   78.128699][ T6472] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[   78.128710][ T6472] RBP: 00007f8e7459f090 R08: 0000000000000000 R09: 0000000000000000
[   78.128737][ T6472] R10: 00007f8e7459ef98 R11: 0000000000000246 R12: 0000000000000003
[   78.128747][ T6472] R13: 00007f8e75d76038 R14: 00007f8e75d75fa0 R15: 00007ffcb836c9c8
[   78.128759][ T6472]  </TASK>
[   78.128767][ T6472] socket: no more sockets
[   78.397552][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.457031][ T6487] loop1: detected capacity change from 0 to 128
[   78.961493][ T6476] vhci_hcd: connection closed
[   78.961672][ T6473] vhci_hcd: connection closed
[   78.991599][  T379] vhci_hcd: stop threads
[   79.000807][  T379] vhci_hcd: release socket
[   79.005422][  T379] vhci_hcd: disconnect device
[   79.021579][  T379] vhci_hcd: stop threads
[   79.026083][  T379] vhci_hcd: release socket
[   79.030612][  T379] vhci_hcd: disconnect device
[   79.306284][ T6504] __nla_validate_parse: 2 callbacks suppressed
[   79.306348][ T6504] netlink: 8 bytes leftover after parsing attributes in process `syz.2.464'.
[   79.338888][ T6506] netlink: 8 bytes leftover after parsing attributes in process `syz.1.465'.
[   79.348540][ T6506] netlink: 'syz.1.465': attribute type 30 has an invalid length.
[   79.453296][   T29] kauditd_printk_skb: 4 callbacks suppressed
[   79.453313][   T29] audit: type=1326 audit(1756727229.766:1440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6510 comm="syz.1.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e12ebe9 code=0x7ffc0000
[   79.483329][   T29] audit: type=1326 audit(1756727229.766:1441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6510 comm="syz.1.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e12ebe9 code=0x7ffc0000
[   79.507246][   T29] audit: type=1326 audit(1756727229.766:1442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6510 comm="syz.1.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff01e12ebe9 code=0x7ffc0000
[   79.531294][   T29] audit: type=1326 audit(1756727229.766:1443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6510 comm="syz.1.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e12ebe9 code=0x7ffc0000
[   79.554987][   T29] audit: type=1326 audit(1756727229.766:1444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6510 comm="syz.1.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e12ebe9 code=0x7ffc0000
[   79.578646][   T29] audit: type=1326 audit(1756727229.766:1445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6510 comm="syz.1.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff01e12ebe9 code=0x7ffc0000
[   79.602536][   T29] audit: type=1326 audit(1756727229.766:1446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6510 comm="syz.1.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e12ebe9 code=0x7ffc0000
[   79.626192][   T29] audit: type=1326 audit(1756727229.766:1447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6510 comm="syz.1.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff01e12ebe9 code=0x7ffc0000
[   79.649802][   T29] audit: type=1326 audit(1756727229.766:1448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6510 comm="syz.1.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e12ebe9 code=0x7ffc0000
[   79.673903][   T29] audit: type=1326 audit(1756727229.766:1449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6510 comm="syz.1.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7ff01e12ebe9 code=0x7ffc0000
[   79.769819][ T6534] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6534 comm=syz.3.471
[   79.796506][   T50] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[   79.809730][   T50] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[   79.819612][   T50] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[   79.828673][   T50] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[   79.906851][ T6547] loop1: detected capacity change from 0 to 128
[   80.099116][ T6579] netlink: 8 bytes leftover after parsing attributes in process `syz.0.477'.
[   80.258184][ T6597] 9pnet: Could not find request transport: fd0xffffffffffffffff
[   80.309691][ T6603] vlan0: entered promiscuous mode
[   80.985505][ T6638] loop3: detected capacity change from 0 to 128
[   81.056519][ T6638] syz.3.485: attempt to access beyond end of device
[   81.056519][ T6638] loop3: rw=0, sector=121, nr_sectors = 920 limit=128
[   81.070266][ T6644] netlink: 16 bytes leftover after parsing attributes in process `syz.1.487'.
[   81.201519][   T10] usb 9-1: enqueue for inactive port 0
[   81.208198][   T10] usb 9-1: enqueue for inactive port 0
[   81.316062][ T6675] netlink: 8 bytes leftover after parsing attributes in process `syz.2.492'.
[   81.324958][ T6675] netlink: 'syz.2.492': attribute type 30 has an invalid length.
[   81.336270][ T6676] loop1: detected capacity change from 0 to 512
[   81.392702][ T6676] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.580102][   T10] vhci_hcd: vhci_device speed not set
[   81.609646][ T6694] loop2: detected capacity change from 0 to 128
[   81.990286][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.056397][ T6722] loop1: detected capacity change from 0 to 128
[   82.102810][ T6722] syz.1.501: attempt to access beyond end of device
[   82.102810][ T6722] loop1: rw=0, sector=121, nr_sectors = 920 limit=128
[   82.154749][ T6728] netlink: 40 bytes leftover after parsing attributes in process `syz.3.504'.
[   82.404676][ T6742] loop4: detected capacity change from 0 to 128
[   82.421498][ T6694] syz.2.494 (6694) used greatest stack depth: 10432 bytes left
[   82.515326][ T6748] loop1: detected capacity change from 0 to 512
[   82.562236][ T6748] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.662269][ T6754] loop2: detected capacity change from 0 to 512
[   82.747712][ T6754] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.065627][ T6765] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6765 comm=syz.0.516
[   83.135502][ T6769] netlink: 16 bytes leftover after parsing attributes in process `syz.3.517'.
[   83.291431][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.318294][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.329226][ T6771] FAULT_INJECTION: forcing a failure.
[   83.329226][ T6771] name failslab, interval 1, probability 0, space 0, times 0
[   83.342293][ T6771] CPU: 1 UID: 0 PID: 6771 Comm: syz.1.518 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   83.342323][ T6771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   83.342342][ T6771] Call Trace:
[   83.342349][ T6771]  <TASK>
[   83.342357][ T6771]  __dump_stack+0x1d/0x30
[   83.342380][ T6771]  dump_stack_lvl+0xe8/0x140
[   83.342398][ T6771]  dump_stack+0x15/0x1b
[   83.342456][ T6771]  should_fail_ex+0x265/0x280
[   83.342476][ T6771]  should_failslab+0x8c/0xb0
[   83.342503][ T6771]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   83.342529][ T6771]  ? shmem_alloc_inode+0x34/0x50
[   83.342615][ T6771]  ? __pfx_shmem_alloc_inode+0x10/0x10
[   83.342636][ T6771]  shmem_alloc_inode+0x34/0x50
[   83.342657][ T6771]  alloc_inode+0x3d/0x170
[   83.342706][ T6771]  new_inode+0x1d/0xe0
[   83.342729][ T6771]  shmem_get_inode+0x244/0x750
[   83.342753][ T6771]  __shmem_file_setup+0x113/0x210
[   83.342807][ T6771]  shmem_file_setup+0x3b/0x50
[   83.342844][ T6771]  __se_sys_memfd_create+0x2c3/0x590
[   83.342867][ T6771]  __x64_sys_memfd_create+0x31/0x40
[   83.342889][ T6771]  x64_sys_call+0x2abe/0x2ff0
[   83.342908][ T6771]  do_syscall_64+0xd2/0x200
[   83.342949][ T6771]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   83.342970][ T6771]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   83.343001][ T6771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.343024][ T6771] RIP: 0033:0x7ff01e12ebe9
[   83.343040][ T6771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.343068][ T6771] RSP: 002b:00007ff01cb96d68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   83.343087][ T6771] RAX: ffffffffffffffda RBX: 000000000000106f RCX: 00007ff01e12ebe9
[   83.343099][ T6771] RDX: 00007ff01cb96dec RSI: 0000000000000000 RDI: 00007ff01e1b27e8
[   83.343111][ T6771] RBP: 0000200000001080 R08: 00007ff01cb96b07 R09: 0000000000000000
[   83.343123][ T6771] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001
[   83.343136][ T6771] R13: 00007ff01cb96dec R14: 00007ff01cb96df0 R15: 00007ffe9ca82a88
[   83.343211][ T6771]  </TASK>
[   83.597848][ T6777] loop2: detected capacity change from 0 to 512
[   83.625712][ T6777] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.660532][ T6779] loop4: detected capacity change from 0 to 128
[   84.009455][ T6797] netlink: 40 bytes leftover after parsing attributes in process `syz.0.524'.
[   84.106772][ T6804] loop1: detected capacity change from 0 to 128
[   84.247304][ T6806] syz.1.528: attempt to access beyond end of device
[   84.247304][ T6806] loop1: rw=2049, sector=961, nr_sectors = 80 limit=128
[   84.580594][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.598369][ T6808] loop4: detected capacity change from 0 to 8192
[   84.610613][ T6808] vfat: Unknown parameter '18446744073709551615'
[   84.685646][   T29] kauditd_printk_skb: 225 callbacks suppressed
[   84.685662][   T29] audit: type=1400 audit(1756727234.996:1675): avc:  denied  { connect } for  pid=6815 comm="syz.4.533" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   84.711619][   T29] audit: type=1400 audit(1756727234.996:1676): avc:  denied  { write } for  pid=6815 comm="syz.4.533" path="socket:[10420]" dev="sockfs" ino=10420 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   84.746561][ T6819] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6819 comm=syz.3.534
[   84.770174][ T6816] netlink: 24 bytes leftover after parsing attributes in process `syz.4.533'.
[   84.786324][ T6814] capability: warning: `syz.2.532' uses 32-bit capabilities (legacy support in use)
[   84.787009][ T6816] loop4: detected capacity change from 0 to 1024
[   84.802740][ T6814] FAULT_INJECTION: forcing a failure.
[   84.802740][ T6814] name failslab, interval 1, probability 0, space 0, times 0
[   84.815511][ T6814] CPU: 1 UID: 0 PID: 6814 Comm: syz.2.532 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   84.815540][ T6814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   84.815581][ T6814] Call Trace:
[   84.815588][ T6814]  <TASK>
[   84.815595][ T6814]  __dump_stack+0x1d/0x30
[   84.815620][ T6814]  dump_stack_lvl+0xe8/0x140
[   84.815659][ T6814]  dump_stack+0x15/0x1b
[   84.815675][ T6814]  should_fail_ex+0x265/0x280
[   84.815704][ T6814]  should_failslab+0x8c/0xb0
[   84.815730][ T6814]  kmem_cache_alloc_noprof+0x50/0x310
[   84.815870][ T6814]  ? getname_flags+0x80/0x3b0
[   84.815953][ T6814]  getname_flags+0x80/0x3b0
[   84.816049][ T6814]  do_sys_openat2+0x60/0x110
[   84.816173][ T6814]  __x64_sys_openat+0xf2/0x120
[   84.816199][ T6814]  x64_sys_call+0x2e9c/0x2ff0
[   84.816218][ T6814]  do_syscall_64+0xd2/0x200
[   84.816283][ T6814]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   84.816304][ T6814]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   84.816326][ T6814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.816424][ T6814] RIP: 0033:0x7f4b6474ebe9
[   84.816439][ T6814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.816454][ T6814] RSP: 002b:00007f4b631b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   84.816478][ T6814] RAX: ffffffffffffffda RBX: 00007f4b64985fa0 RCX: 00007f4b6474ebe9
[   84.816516][ T6814] RDX: 0000000000000140 RSI: 0000200000000000 RDI: ffffffffffffff9c
[   84.816527][ T6814] RBP: 00007f4b631b7090 R08: 0000000000000000 R09: 0000000000000000
[   84.816610][ T6814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   84.816620][ T6814] R13: 00007f4b64986038 R14: 00007f4b64985fa0 R15: 00007fffb0e76c18
[   84.816636][ T6814]  </TASK>
[   84.820781][ T6820] loop0: detected capacity change from 0 to 128
[   85.008988][ T6816] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.034758][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.050033][ T6851] netlink: 8 bytes leftover after parsing attributes in process `syz.2.535'.
[   85.059075][ T6851] netlink: 'syz.2.535': attribute type 30 has an invalid length.
[   85.080898][ T6820] syz.0.531: attempt to access beyond end of device
[   85.080898][ T6820] loop0: rw=0, sector=121, nr_sectors = 920 limit=128
[   85.208627][ T6865] loop2: detected capacity change from 0 to 128
[   85.226731][ T6870] netlink: 16 bytes leftover after parsing attributes in process `syz.1.537'.
[   85.251686][ T6869] netlink: 24 bytes leftover after parsing attributes in process `syz.0.539'.
[   85.275281][ T6872] netlink: 40 bytes leftover after parsing attributes in process `syz.4.541'.
[   85.286307][ T6869] loop0: detected capacity change from 0 to 1024
[   85.306323][ T6869] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.357428][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.417353][ T6881] vlan2: entered allmulticast mode
[   85.595759][   T29] audit: type=1326 audit(1756727235.906:1677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6884 comm="syz.3.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aee0aebe9 code=0x7ffc0000
[   85.620138][   T29] audit: type=1326 audit(1756727235.906:1678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6884 comm="syz.3.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aee0aebe9 code=0x7ffc0000
[   85.643758][   T29] audit: type=1326 audit(1756727235.906:1679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6884 comm="syz.3.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f8aee0aebe9 code=0x7ffc0000
[   85.667100][   T29] audit: type=1326 audit(1756727235.906:1680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6884 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aee0aebe9 code=0x7ffc0000
[   85.690376][   T29] audit: type=1326 audit(1756727235.906:1681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6884 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aee0aebe9 code=0x7ffc0000
[   85.713384][   T29] audit: type=1326 audit(1756727235.906:1682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6884 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8aee0aebe9 code=0x7ffc0000
[   85.736186][   T29] audit: type=1326 audit(1756727235.906:1683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6884 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aee0aebe9 code=0x7ffc0000
[   85.759096][   T29] audit: type=1326 audit(1756727235.906:1684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6884 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=306 compat=0 ip=0x7f8aee0aebe9 code=0x7ffc0000
[   85.946206][ T6890] netlink: 24 bytes leftover after parsing attributes in process `syz.4.547'.
[   85.972225][ T6890] loop4: detected capacity change from 0 to 1024
[   86.032771][ T6893] loop3: detected capacity change from 0 to 512
[   86.054450][ T6893] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.153466][ T6890] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.182536][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.258392][ T6904] netlink: 28 bytes leftover after parsing attributes in process `syz.2.551'.
[   86.353655][ T6908] FAULT_INJECTION: forcing a failure.
[   86.353655][ T6908] name failslab, interval 1, probability 0, space 0, times 0
[   86.366369][ T6908] CPU: 0 UID: 0 PID: 6908 Comm: syz.1.554 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   86.366396][ T6908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   86.366408][ T6908] Call Trace:
[   86.366435][ T6908]  <TASK>
[   86.366445][ T6908]  __dump_stack+0x1d/0x30
[   86.366469][ T6908]  dump_stack_lvl+0xe8/0x140
[   86.366490][ T6908]  dump_stack+0x15/0x1b
[   86.366508][ T6908]  should_fail_ex+0x265/0x280
[   86.366546][ T6908]  should_failslab+0x8c/0xb0
[   86.366568][ T6908]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   86.366600][ T6908]  ? debugfs_alloc_inode+0x34/0x40
[   86.366629][ T6908]  ? lookup_noperm+0xc9/0x180
[   86.366738][ T6908]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[   86.366767][ T6908]  debugfs_alloc_inode+0x34/0x40
[   86.366872][ T6908]  alloc_inode+0x3d/0x170
[   86.366897][ T6908]  new_inode+0x1d/0xe0
[   86.367000][ T6908]  __debugfs_create_file+0x109/0x330
[   86.367029][ T6908]  debugfs_create_file_full+0x3f/0x60
[   86.367054][ T6908]  ? __pfx_vlan_setup+0x10/0x10
[   86.367162][ T6908]  ref_tracker_dir_debugfs+0x100/0x1e0
[   86.367249][ T6908]  alloc_netdev_mqs+0x1a2/0xa30
[   86.367284][ T6908]  rtnl_create_link+0x239/0x710
[   86.367311][ T6908]  rtnl_newlink_create+0x14c/0x620
[   86.367376][ T6908]  ? security_capable+0x83/0x90
[   86.367402][ T6908]  ? netlink_ns_capable+0x86/0xa0
[   86.367432][ T6908]  rtnl_newlink+0xf29/0x12d0
[   86.367512][ T6908]  ? xas_load+0x413/0x430
[   86.367542][ T6908]  ? __rcu_read_unlock+0x4f/0x70
[   86.367566][ T6908]  ? xa_load+0xb1/0xe0
[   86.367610][ T6908]  ? __rcu_read_unlock+0x4f/0x70
[   86.367630][ T6908]  ? avc_has_perm_noaudit+0x1b1/0x200
[   86.367660][ T6908]  ? cred_has_capability+0x210/0x280
[   86.367695][ T6908]  ? selinux_capable+0x31/0x40
[   86.367802][ T6908]  ? security_capable+0x83/0x90
[   86.367825][ T6908]  ? ns_capable+0x7d/0xb0
[   86.367844][ T6908]  ? __pfx_rtnl_newlink+0x10/0x10
[   86.367869][ T6908]  rtnetlink_rcv_msg+0x5fb/0x6d0
[   86.367911][ T6908]  ? avc_has_perm_noaudit+0x1b1/0x200
[   86.367934][ T6908]  netlink_rcv_skb+0x123/0x220
[   86.367954][ T6908]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   86.368016][ T6908]  rtnetlink_rcv+0x1c/0x30
[   86.368044][ T6908]  netlink_unicast+0x5bd/0x690
[   86.368067][ T6908]  netlink_sendmsg+0x58b/0x6b0
[   86.368130][ T6908]  ? __pfx_netlink_sendmsg+0x10/0x10
[   86.368151][ T6908]  __sock_sendmsg+0x145/0x180
[   86.368176][ T6908]  ____sys_sendmsg+0x31e/0x4e0
[   86.368239][ T6908]  ___sys_sendmsg+0x17b/0x1d0
[   86.368276][ T6908]  __x64_sys_sendmsg+0xd4/0x160
[   86.368305][ T6908]  x64_sys_call+0x191e/0x2ff0
[   86.368325][ T6908]  do_syscall_64+0xd2/0x200
[   86.368388][ T6908]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   86.368415][ T6908]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   86.368441][ T6908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.368470][ T6908] RIP: 0033:0x7ff01e12ebe9
[   86.368485][ T6908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.368504][ T6908] RSP: 002b:00007ff01cb97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   86.368527][ T6908] RAX: ffffffffffffffda RBX: 00007ff01e365fa0 RCX: 00007ff01e12ebe9
[   86.368539][ T6908] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000007
[   86.368552][ T6908] RBP: 00007ff01cb97090 R08: 0000000000000000 R09: 0000000000000000
[   86.368564][ T6908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.368640][ T6908] R13: 00007ff01e366038 R14: 00007ff01e365fa0 R15: 00007ffe9ca82a88
[   86.368659][ T6908]  </TASK>
[   86.368675][ T6908] debugfs: out of free dentries, can not create file 'netdev@ffff888109b1c550'
[   86.412193][ T6910] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6910 comm=syz.2.555
[   86.457011][ T6908] vlan2: entered allmulticast mode
[   86.490772][ T6914] loop4: detected capacity change from 0 to 128
[   86.588035][ T6916] netlink: 16 bytes leftover after parsing attributes in process `syz.0.556'.
[   86.778430][ T6919] netlink: 8 bytes leftover after parsing attributes in process `syz.4.557'.
[   86.787580][ T6919] netlink: 'syz.4.557': attribute type 30 has an invalid length.
[   86.804038][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.813176][ T6908] syz.1.554 (6908) used greatest stack depth: 10088 bytes left
[   86.872696][ T6925] loop1: detected capacity change from 0 to 128
[   86.900146][ T6927] 9pnet: Could not find request transport: fd0xffffffffffffffff
[   86.907603][ T6925] syz.1.561: attempt to access beyond end of device
[   86.907603][ T6925] loop1: rw=0, sector=121, nr_sectors = 920 limit=128
[   86.937057][ T6931] netlink: 24 bytes leftover after parsing attributes in process `syz.4.562'.
[   86.954325][ T6931] loop4: detected capacity change from 0 to 1024
[   86.968852][ T6931] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.989550][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.047427][ T6937] loop4: detected capacity change from 0 to 128
[   87.146426][ T6948] loop2: detected capacity change from 0 to 128
[   87.802461][ T6962] 9pnet: Could not find request transport: fd0xffffffffffffffff
[   87.916597][ T6965] loop3: detected capacity change from 0 to 1024
[   87.930264][ T6965] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.979196][ T6969] loop0: detected capacity change from 0 to 128
[   87.992214][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.018821][ T6976] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6976 comm=syz.4.578
[   88.038796][ T6969] syz.0.574: attempt to access beyond end of device
[   88.038796][ T6969] loop0: rw=0, sector=121, nr_sectors = 920 limit=128
[   88.103509][ T6981] loop2: detected capacity change from 0 to 128
[   88.257923][ T6988] loop3: detected capacity change from 0 to 512
[   88.288163][ T6988] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.343153][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.368232][ T6998] 9pnet: Could not find request transport: fd0xffffffffffffffff
[   88.432032][ T7004] loop0: detected capacity change from 0 to 512
[   88.443954][ T7004] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.841405][ T7007] loop4: detected capacity change from 0 to 8192
[   88.848076][ T7007] vfat: Unknown parameter '18446744073709551615'
[   89.040330][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.160233][ T7029] loop2: detected capacity change from 0 to 128
[   89.201477][ T7029] syz.2.595: attempt to access beyond end of device
[   89.201477][ T7029] loop2: rw=0, sector=121, nr_sectors = 920 limit=128
[   89.677827][ T7065] loop2: detected capacity change from 0 to 512
[   89.774698][ T7065] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   90.370877][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.386526][ T7119] __nla_validate_parse: 6 callbacks suppressed
[   90.386542][ T7119] netlink: 16 bytes leftover after parsing attributes in process `syz.0.602'.
[   90.576355][   T29] kauditd_printk_skb: 82 callbacks suppressed
[   90.576423][   T29] audit: type=1326 audit(1756727241.204:1767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7163 comm="syz.2.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6474ebe9 code=0x7ffc0000
[   90.613880][   T29] audit: type=1326 audit(1756727241.204:1768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7163 comm="syz.2.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b6474ebe9 code=0x7ffc0000
[   90.637562][   T29] audit: type=1326 audit(1756727241.204:1769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7163 comm="syz.2.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6474ebe9 code=0x7ffc0000
[   90.641868][ T7168] loop2: detected capacity change from 0 to 128
[   90.661008][   T29] audit: type=1326 audit(1756727241.204:1770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7163 comm="syz.2.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b6474ebe9 code=0x7ffc0000
[   90.661039][   T29] audit: type=1326 audit(1756727241.204:1771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7163 comm="syz.2.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6474ebe9 code=0x7ffc0000
[   90.714648][   T29] audit: type=1326 audit(1756727241.204:1772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7163 comm="syz.2.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6474ebe9 code=0x7ffc0000
[   90.738330][   T29] audit: type=1326 audit(1756727241.204:1773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7163 comm="syz.2.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b6474ebe9 code=0x7ffc0000
[   90.761747][   T29] audit: type=1326 audit(1756727241.204:1774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7163 comm="syz.2.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6474ebe9 code=0x7ffc0000
[   90.785401][   T29] audit: type=1326 audit(1756727241.204:1775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7163 comm="syz.2.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6474ebe9 code=0x7ffc0000
[   90.808863][   T29] audit: type=1326 audit(1756727241.204:1776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7163 comm="syz.2.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7f4b6474ebe9 code=0x7ffc0000
[   90.873768][ T7191] 9pnet: Could not find request transport: fd0xffffffffffffffff
[   91.099849][ T7204] loop2: detected capacity change from 0 to 512
[   91.126288][ T7206] netlink: 'syz.0.610': attribute type 96 has an invalid length.
[   91.139308][ T7204] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.363817][ T7208] FAULT_INJECTION: forcing a failure.
[   91.363817][ T7208] name failslab, interval 1, probability 0, space 0, times 0
[   91.368984][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.376653][ T7208] CPU: 0 UID: 0 PID: 7208 Comm: syz.4.614 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   91.376680][ T7208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   91.376711][ T7208] Call Trace:
[   91.376718][ T7208]  <TASK>
[   91.376727][ T7208]  __dump_stack+0x1d/0x30
[   91.376774][ T7208]  dump_stack_lvl+0xe8/0x140
[   91.376878][ T7208]  dump_stack+0x15/0x1b
[   91.376938][ T7208]  should_fail_ex+0x265/0x280
[   91.376959][ T7208]  should_failslab+0x8c/0xb0
[   91.376983][ T7208]  kmem_cache_alloc_noprof+0x50/0x310
[   91.377009][ T7208]  ? alloc_empty_file+0x76/0x200
[   91.377101][ T7208]  ? mntput+0x4b/0x80
[   91.377129][ T7208]  alloc_empty_file+0x76/0x200
[   91.377156][ T7208]  path_openat+0x68/0x2170
[   91.377176][ T7208]  ? _parse_integer_limit+0x170/0x190
[   91.377222][ T7208]  ? kstrtoull+0x111/0x140
[   91.377241][ T7208]  ? kstrtouint+0x76/0xc0
[   91.377261][ T7208]  do_filp_open+0x109/0x230
[   91.377324][ T7208]  do_sys_openat2+0xa6/0x110
[   91.377354][ T7208]  __x64_sys_openat+0xf2/0x120
[   91.377509][ T7208]  x64_sys_call+0x2e9c/0x2ff0
[   91.377529][ T7208]  do_syscall_64+0xd2/0x200
[   91.377555][ T7208]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   91.377610][ T7208]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   91.377635][ T7208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.377656][ T7208] RIP: 0033:0x7f8e75b3d550
[   91.377672][ T7208] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[   91.377710][ T7208] RSP: 002b:00007f8e7459ef10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[   91.377742][ T7208] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f8e75b3d550
[   91.377755][ T7208] RDX: 0000000000000002 RSI: 00007f8e7459efa0 RDI: 00000000ffffff9c
[   91.377816][ T7208] RBP: 00007f8e7459efa0 R08: 0000000000000000 R09: 0000000000000000
[   91.377828][ T7208] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   91.377840][ T7208] R13: 00007f8e75d76038 R14: 00007f8e75d75fa0 R15: 00007ffcb836c9c8
[   91.377858][ T7208]  </TASK>
[   91.633276][ T7218] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7218 comm=syz.3.618
[   91.696854][ T7222] loop1: detected capacity change from 0 to 512
[   91.715372][ T7222] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   91.730638][ T7222] EXT4-fs (loop1): mount failed
[   91.788068][ T7227] netlink: 16 bytes leftover after parsing attributes in process `syz.4.620'.
[   91.823640][ T7228] loop2: detected capacity change from 0 to 512
[   91.855759][ T7228] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.957063][ T7222] atomic_op ffff8881044b1d28 conn xmit_atomic 0000000000000000
[   92.010801][ T7222] loop1: detected capacity change from 0 to 128
[   92.023562][ T7222] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   92.067355][ T7222] ext4 filesystem being mounted at /120/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   92.431114][ T7236] netlink: 24 bytes leftover after parsing attributes in process `syz.3.622'.
[   92.449146][ T3303] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   92.532521][ T7242] loop4: detected capacity change from 0 to 128
[   92.541662][ T7248] netlink: 24 bytes leftover after parsing attributes in process `syz.1.626'.
[   92.558507][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.565278][ T7248] loop1: detected capacity change from 0 to 1024
[   92.615121][ T7248] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.657394][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.765635][ T7268] loop1: detected capacity change from 0 to 128
[   93.026996][ T7286] loop2: detected capacity change from 0 to 8192
[   93.037613][ T7286] vfat: Unknown parameter '18446744073709551615'
[   93.347390][ T7322] netlink: 24 bytes leftover after parsing attributes in process `syz.4.634'.
[   93.371923][ T7322] loop4: detected capacity change from 0 to 1024
[   93.390442][ T7322] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   93.420625][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.437780][ T7331] netlink: 16 bytes leftover after parsing attributes in process `syz.2.633'.
[   93.532107][ T7343] netlink: 16 bytes leftover after parsing attributes in process `syz.4.637'.
[   93.630605][ T7359] netlink: 16 bytes leftover after parsing attributes in process `syz.1.636'.
[   93.668912][ T7361] loop0: detected capacity change from 0 to 128
[   94.180560][ T7426] loop2: detected capacity change from 0 to 8192
[   94.187570][ T7426] vfat: Unknown parameter '18446744073709551615'
[   94.336898][ T7434] netlink: 24 bytes leftover after parsing attributes in process `syz.1.645'.
[   94.352045][ T7434] loop1: detected capacity change from 0 to 1024
[   94.381816][ T7434] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.408370][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.474081][ T7449] loop4: detected capacity change from 0 to 128
[   94.766398][ T7472] netlink: 8 bytes leftover after parsing attributes in process `syz.3.655'.
[   94.794556][ T7474] loop2: detected capacity change from 0 to 1024
[   94.808834][ T7474] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.853258][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.990221][ T7486] loop0: detected capacity change from 0 to 8192
[   94.997983][ T7486] vfat: Unknown parameter '18446744073709551615'
[   95.203518][ T7508] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7508 comm=syz.0.665
[   95.267364][ T7514] 9pnet: Could not find request transport: fd0xffffffffffffffff
[   95.292723][ T7520] __nla_validate_parse: 1 callbacks suppressed
[   95.292740][ T7520] netlink: 28 bytes leftover after parsing attributes in process `syz.2.680'.
[   95.300147][ T7518] loop3: detected capacity change from 0 to 512
[   95.314774][ T7520] netlink: 28 bytes leftover after parsing attributes in process `syz.2.680'.
[   95.339585][ T7518] ext4 filesystem being mounted at /129/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   95.353672][   T29] kauditd_printk_skb: 251 callbacks suppressed
[   95.353686][   T29] audit: type=1400 audit(1756727246.321:2027): avc:  denied  { create } for  pid=7517 comm="syz.3.669" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   95.375955][ T7525] netlink: 28 bytes leftover after parsing attributes in process `syz.2.682'.
[   95.379312][   T29] audit: type=1326 audit(1756727246.321:2028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7517 comm="syz.3.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aee0aebe9 code=0x7ffc0000
[   95.411758][   T29] audit: type=1326 audit(1756727246.321:2029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7517 comm="syz.3.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aee0aebe9 code=0x7ffc0000
[   95.435577][   T29] audit: type=1326 audit(1756727246.321:2030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7517 comm="syz.3.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8aee0aebe9 code=0x7ffc0000
[   95.458978][   T29] audit: type=1326 audit(1756727246.321:2031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7517 comm="syz.3.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aee0aebe9 code=0x7ffc0000
[   95.482546][   T29] audit: type=1326 audit(1756727246.321:2032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7517 comm="syz.3.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aee0aebe9 code=0x7ffc0000
[   95.506386][   T29] audit: type=1326 audit(1756727246.321:2033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7517 comm="syz.3.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8aee0aebe9 code=0x7ffc0000
[   95.529726][   T29] audit: type=1326 audit(1756727246.321:2034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7517 comm="syz.3.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aee0aebe9 code=0x7ffc0000
[   95.553090][   T29] audit: type=1326 audit(1756727246.332:2035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7517 comm="syz.3.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8aee0aebe9 code=0x7ffc0000
[   95.576499][   T29] audit: type=1326 audit(1756727246.332:2036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7517 comm="syz.3.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aee0aebe9 code=0x7ffc0000
[   95.601664][ T7526] netlink: 28 bytes leftover after parsing attributes in process `syz.2.682'.
[   95.647287][ T7532] loop1: detected capacity change from 0 to 128
[   95.726507][ T7540] netlink: 8 bytes leftover after parsing attributes in process `syz.2.686'.
[   95.811658][ T7549] netlink: 24 bytes leftover after parsing attributes in process `syz.2.689'.
[   95.848980][ T7549] loop2: detected capacity change from 0 to 1024
[   95.859984][ T7551] netlink: 8 bytes leftover after parsing attributes in process `syz.4.673'.
[   95.893560][ T7547] loop3: detected capacity change from 0 to 8192
[   95.905259][ T7547] vfat: Unknown parameter '18446744073709551615'
[   96.019097][ T7560] loop3: detected capacity change from 0 to 128
[   96.068891][ T7560] syz.3.681: attempt to access beyond end of device
[   96.068891][ T7560] loop3: rw=0, sector=121, nr_sectors = 920 limit=128
[   96.254519][ T7556] loop0: detected capacity change from 0 to 8192
[   96.261755][ T7556] vfat: Unknown parameter '18446744073709551615'
[   96.292709][ T7556] loop0: detected capacity change from 0 to 512
[   96.564011][ T7556] EXT4-fs mount: 4 callbacks suppressed
[   96.564029][ T7556] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.640802][ T7585] loop4: detected capacity change from 0 to 8192
[   96.680865][ T7585] vfat: Unknown parameter '18446744073709551615'
[   96.835498][ T7582] loop4: detected capacity change from 0 to 512
[   96.848006][ T7556] ext4 filesystem being mounted at /131/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.869560][ T7582] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.887784][ T7582] ext4 filesystem being mounted at /133/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.012963][ T7592] vlan0: entered promiscuous mode
[   97.025709][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.036200][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.048808][ T7590] netlink: 8 bytes leftover after parsing attributes in process `syz.2.691'.
[   97.208436][ T7610] 9pnet: Could not find request transport: fd0xffffffffffffffff
[   97.220633][ T7615] netlink: 24 bytes leftover after parsing attributes in process `syz.1.696'.
[   97.236164][ T7598] usb usb7: usbfs: process 7598 (syz.1.696) did not claim interface 0 before use
[   97.338263][ T7621] loop4: detected capacity change from 0 to 128
[   97.393359][ T7630] loop0: detected capacity change from 0 to 512
[   97.439403][ T7630] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.539780][ T7636] netlink: 64 bytes leftover after parsing attributes in process `syz.3.704'.
[   98.576165][ T7660] 9pnet: Could not find request transport: fd0xffffffffffffffff
[   98.783662][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.956667][ T7673] loop2: detected capacity change from 0 to 128
[   99.021372][ T7673] syz.2.715: attempt to access beyond end of device
[   99.021372][ T7673] loop2: rw=0, sector=121, nr_sectors = 920 limit=128
[   99.165433][ T7681] loop1: detected capacity change from 0 to 128
[   99.227301][ T7690] loop2: detected capacity change from 0 to 512
[   99.244345][ T7687] loop3: detected capacity change from 0 to 128
[   99.263970][ T7690] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.280989][ T7690] ext4 filesystem being mounted at /159/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   99.331049][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.345448][ T7700] FAULT_INJECTION: forcing a failure.
[   99.345448][ T7700] name failslab, interval 1, probability 0, space 0, times 0
[   99.358212][ T7700] CPU: 1 UID: 0 PID: 7700 Comm: syz.0.722 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   99.358247][ T7700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   99.358297][ T7700] Call Trace:
[   99.358306][ T7700]  <TASK>
[   99.358315][ T7700]  __dump_stack+0x1d/0x30
[   99.358341][ T7700]  dump_stack_lvl+0xe8/0x140
[   99.358438][ T7700]  dump_stack+0x15/0x1b
[   99.358525][ T7700]  should_fail_ex+0x265/0x280
[   99.358548][ T7700]  should_failslab+0x8c/0xb0
[   99.358570][ T7700]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   99.358597][ T7700]  ? sidtab_sid2str_get+0xa0/0x130
[   99.358644][ T7700]  ? skb_put+0xa9/0xf0
[   99.358743][ T7700]  kmemdup_noprof+0x2b/0x70
[   99.358839][ T7700]  sidtab_sid2str_get+0xa0/0x130
[   99.358859][ T7700]  security_sid_to_context_core+0x1eb/0x2e0
[   99.358883][ T7700]  security_sid_to_context+0x27/0x40
[   99.358901][ T7700]  avc_audit_post_callback+0x9d/0x520
[   99.358925][ T7700]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   99.358960][ T7700]  common_lsm_audit+0x1bb/0x230
[   99.358988][ T7700]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   99.359016][ T7700]  ? avc_denied+0xe4/0x100
[   99.359129][ T7700]  slow_avc_audit+0x104/0x140
[   99.359160][ T7700]  avc_has_perm+0x13a/0x180
[   99.359190][ T7700]  selinux_socket_sendmsg+0x175/0x1b0
[   99.359230][ T7700]  security_socket_sendmsg+0x48/0x80
[   99.359270][ T7700]  __sock_sendmsg+0x30/0x180
[   99.359298][ T7700]  __sys_sendto+0x268/0x330
[   99.359328][ T7700]  __x64_sys_sendto+0x76/0x90
[   99.359350][ T7700]  x64_sys_call+0x2d05/0x2ff0
[   99.359440][ T7700]  do_syscall_64+0xd2/0x200
[   99.359512][ T7700]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   99.359537][ T7700]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   99.359567][ T7700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.359606][ T7700] RIP: 0033:0x7fe9bcf7ebe9
[   99.359624][ T7700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.359645][ T7700] RSP: 002b:00007fe9bb969038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   99.359669][ T7700] RAX: ffffffffffffffda RBX: 00007fe9bd1b6090 RCX: 00007fe9bcf7ebe9
[   99.359720][ T7700] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[   99.359732][ T7700] RBP: 00007fe9bb969090 R08: 0000200000000300 R09: 000000000000001c
[   99.359744][ T7700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.359755][ T7700] R13: 00007fe9bd1b6128 R14: 00007fe9bd1b6090 R15: 00007ffc001ac3d8
[   99.359772][ T7700]  </TASK>
[   99.657539][ T7702] loop2: detected capacity change from 0 to 8192
[   99.699074][ T3859]  loop2: p1 p2[DM] p4
[   99.703596][ T3859] loop2: p1 size 196608 extends beyond EOD, truncated
[   99.714455][ T3859] loop2: p2 start 4292936063 is beyond EOD, truncated
[   99.721350][ T3859] loop2: p4 size 50331648 extends beyond EOD, truncated
[   99.747985][ T7702]  loop2: p1 p2[DM] p4
[   99.756588][ T7702] loop2: p1 size 196608 extends beyond EOD, truncated
[   99.765336][ T7702] loop2: p2 start 4292936063 is beyond EOD, truncated
[   99.772397][ T7702] loop2: p4 size 50331648 extends beyond EOD, truncated
[   99.863364][ T3293] udevd[3293]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   99.874799][ T3859] udevd[3859]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   99.905968][ T3293] udevd[3293]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   99.916850][ T3859] udevd[3859]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  100.004376][ T7708] loop4: detected capacity change from 0 to 8192
[  100.026605][ T7708] vfat: Unknown parameter '18446744073709551615'
[  100.079312][ T7708] loop4: detected capacity change from 0 to 512
[  100.130438][ T7708] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.572030][ T7708] ext4 filesystem being mounted at /141/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.641358][ T7717] loop2: detected capacity change from 0 to 8192
[  100.657131][ T7717] vfat: Unknown parameter '18446744073709551615'
[  100.668635][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.697152][ T7729] loop4: detected capacity change from 0 to 128
[  100.705716][ T7727] __nla_validate_parse: 3 callbacks suppressed
[  100.705731][ T7727] netlink: 8 bytes leftover after parsing attributes in process `syz.0.728'.
[  100.750484][ T7729] syz.4.730: attempt to access beyond end of device
[  100.750484][ T7729] loop4: rw=0, sector=121, nr_sectors = 920 limit=128
[  100.785341][ T7727] netlink: 8 bytes leftover after parsing attributes in process `syz.0.728'.
[  100.830283][ T7731] loop3: detected capacity change from 0 to 128
[  100.863462][ T7741] loop0: detected capacity change from 0 to 128
[  100.918710][ T7741] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  100.940513][ T7741] ext4 filesystem being mounted at /136/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.957065][   T29] kauditd_printk_skb: 299 callbacks suppressed
[  100.957082][   T29] audit: type=1400 audit(1756727252.340:2336): avc:  denied  { setattr } for  pid=7738 comm="syz.0.733" path="/136/file0" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  100.960613][ T7748] netlink: 16 bytes leftover after parsing attributes in process `syz.1.734'.
[  100.997824][   T29] audit: type=1400 audit(1756727252.383:2337): avc:  denied  { watch watch_reads } for  pid=7738 comm="syz.0.733" path="/136/file0" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  101.038074][ T7741] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:375: inode #2: comm syz.0.733: No space for directory leaf checksum. Please run e2fsck -D.
[  101.053606][ T7741] EXT4-fs error (device loop0): __ext4_find_entry:1626: inode #2: comm syz.0.733: checksumming directory block 0
[  101.087899][   T29] audit: type=1326 audit(1756727252.469:2338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7738 comm="syz.0.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9bcf7ebe9 code=0x7ffc0000
[  101.111704][   T29] audit: type=1326 audit(1756727252.480:2339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7738 comm="syz.0.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9bcf7ebe9 code=0x7ffc0000
[  101.147477][ T3306] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  101.190048][   T29] audit: type=1400 audit(1756727252.587:2340): avc:  denied  { ioctl } for  pid=7756 comm="syz.0.738" path="socket:[12513]" dev="sockfs" ino=12513 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  101.597469][ T7766] loop4: detected capacity change from 0 to 512
[  101.615760][ T7766] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.730683][ T7772] netlink: 8 bytes leftover after parsing attributes in process `syz.1.742'.
[  101.802061][ T7768] loop0: detected capacity change from 0 to 512
[  101.933138][ T7768] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.424828][ T7776] loop2: detected capacity change from 0 to 8192
[  102.440665][ T7776] vfat: Unknown parameter '18446744073709551615'
[  102.495167][ T7785] loop1: detected capacity change from 0 to 8192
[  102.527699][ T7776] loop2: detected capacity change from 0 to 512
[  102.554885][ T7785]  loop1: p1 p2[DM] p4
[  102.563573][ T7776] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.577816][ T7785] loop1: p1 size 196608 extends beyond EOD, truncated
[  102.645686][   T29] audit: type=1400 audit(1756727254.154:2341): avc:  denied  { read } for  pid=7790 comm="syz.3.748" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  102.669595][   T29] audit: type=1400 audit(1756727254.154:2342): avc:  denied  { ioctl } for  pid=7790 comm="syz.3.748" path="/dev/sg0" dev="devtmpfs" ino=135 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  102.700424][ T7785] loop1: p2 start 4292936063 is beyond EOD, truncated
[  102.707387][ T7785] loop1: p4 size 50331648 extends beyond EOD, truncated
[  102.715924][ T7776] ext4 filesystem being mounted at /165/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.763197][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.791859][ T3293] udevd[3293]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  102.803602][   T29] audit: type=1326 audit(1756727254.325:2343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7797 comm="syz.3.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aee0aebe9 code=0x7ffc0000
[  102.834527][ T3859] udevd[3859]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  102.874996][ T7801] netlink: 24 bytes leftover after parsing attributes in process `syz.2.761'.
[  102.910053][   T29] audit: type=1326 audit(1756727254.347:2344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7797 comm="syz.3.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f8aee0aebe9 code=0x7ffc0000
[  102.934032][   T29] audit: type=1326 audit(1756727254.347:2345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7797 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8aee0aebe9 code=0x7ffc0000
[  102.960330][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.991504][ T7809] netlink: 16 bytes leftover after parsing attributes in process `syz.3.752'.
[  103.007183][ T7811] loop1: detected capacity change from 0 to 128
[  103.055183][ T7811] syz.1.754: attempt to access beyond end of device
[  103.055183][ T7811] loop1: rw=0, sector=121, nr_sectors = 920 limit=128
[  103.183242][ T7816] loop1: detected capacity change from 0 to 128
[  103.307812][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.534382][ T7836] FAULT_INJECTION: forcing a failure.
[  103.534382][ T7836] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  103.547651][ T7836] CPU: 0 UID: 0 PID: 7836 Comm: syz.0.760 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  103.547678][ T7836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  103.547739][ T7836] Call Trace:
[  103.547746][ T7836]  <TASK>
[  103.547753][ T7836]  __dump_stack+0x1d/0x30
[  103.547774][ T7836]  dump_stack_lvl+0xe8/0x140
[  103.547795][ T7836]  dump_stack+0x15/0x1b
[  103.547814][ T7836]  should_fail_ex+0x265/0x280
[  103.547837][ T7836]  should_fail+0xb/0x20
[  103.547853][ T7836]  should_fail_usercopy+0x1a/0x20
[  103.547896][ T7836]  _copy_from_user+0x1c/0xb0
[  103.547957][ T7836]  ___sys_sendmsg+0xc1/0x1d0
[  103.547989][ T7836]  __x64_sys_sendmsg+0xd4/0x160
[  103.548080][ T7836]  x64_sys_call+0x191e/0x2ff0
[  103.548108][ T7836]  do_syscall_64+0xd2/0x200
[  103.548210][ T7836]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  103.548232][ T7836]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  103.548308][ T7836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.548332][ T7836] RIP: 0033:0x7fe9bcf7ebe9
[  103.548347][ T7836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.548363][ T7836] RSP: 002b:00007fe9bb9df038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  103.548407][ T7836] RAX: ffffffffffffffda RBX: 00007fe9bd1b5fa0 RCX: 00007fe9bcf7ebe9
[  103.548422][ T7836] RDX: 0000000000000040 RSI: 0000200000009b40 RDI: 0000000000000003
[  103.548436][ T7836] RBP: 00007fe9bb9df090 R08: 0000000000000000 R09: 0000000000000000
[  103.548493][ T7836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.548504][ T7836] R13: 00007fe9bd1b6038 R14: 00007fe9bd1b5fa0 R15: 00007ffc001ac3d8
[  103.548521][ T7836]  </TASK>
[  103.951849][ T7839] loop3: detected capacity change from 0 to 8192
[  104.146154][ T7839] vfat: Unknown parameter '18446744073709551615'
[  104.295131][ T7839] loop3: detected capacity change from 0 to 512
[  104.342923][ T7839] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.405763][ T7839] ext4 filesystem being mounted at /149/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.452774][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.513909][ T7868] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  104.595515][ T7884] loop3: detected capacity change from 0 to 128
[  104.608809][ T7886] netlink: 24 bytes leftover after parsing attributes in process `syz.4.770'.
[  104.655250][ T7894] atomic_op ffff88810478f928 conn xmit_atomic 0000000000000000
[  104.655367][ T7884] syz.3.769: attempt to access beyond end of device
[  104.655367][ T7884] loop3: rw=0, sector=121, nr_sectors = 920 limit=128
[  104.679324][ T7894] loop1: detected capacity change from 0 to 128
[  104.692221][ T7894] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  104.704907][ T7894] ext4 filesystem being mounted at /154/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  104.901371][ T7924] netlink: 16 bytes leftover after parsing attributes in process `syz.3.772'.
[  104.939164][ T3303] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  104.976192][ T7931] loop1: detected capacity change from 0 to 128
[  105.149082][ T7958] FAULT_INJECTION: forcing a failure.
[  105.149082][ T7958] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  105.162506][ T7958] CPU: 1 UID: 0 PID: 7958 Comm: syz.4.775 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  105.162531][ T7958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  105.162542][ T7958] Call Trace:
[  105.162575][ T7958]  <TASK>
[  105.162584][ T7958]  __dump_stack+0x1d/0x30
[  105.162609][ T7958]  dump_stack_lvl+0xe8/0x140
[  105.162627][ T7958]  dump_stack+0x15/0x1b
[  105.162708][ T7958]  should_fail_ex+0x265/0x280
[  105.162727][ T7958]  should_fail_alloc_page+0xf2/0x100
[  105.162751][ T7958]  __alloc_frozen_pages_noprof+0xff/0x360
[  105.162839][ T7958]  alloc_pages_mpol+0xb3/0x250
[  105.162868][ T7958]  vma_alloc_folio_noprof+0x1aa/0x300
[  105.162900][ T7958]  handle_mm_fault+0xec2/0x2c20
[  105.162927][ T7958]  do_user_addr_fault+0x636/0x1090
[  105.162983][ T7958]  ? fpregs_restore_userregs+0xad/0x1d0
[  105.163009][ T7958]  ? switch_fpu_return+0xe/0x20
[  105.163041][ T7958]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  105.163116][ T7958]  exc_page_fault+0x62/0xa0
[  105.163138][ T7958]  asm_exc_page_fault+0x26/0x30
[  105.163158][ T7958] RIP: 0033:0x7f8e75aec1eb
[  105.163172][ T7958] Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01
[  105.163231][ T7958] RSP: 002b:00007f8e7459ce10 EFLAGS: 00010246
[  105.163249][ T7958] RAX: 00007f8e7459ef30 RBX: 00007f8e75d47640 RCX: 0000000000000000
[  105.163261][ T7958] RDX: 00007f8e7459ef78 RSI: 00007f8e75b9eca8 RDI: 00007f8e7459ce30
[  105.163273][ T7958] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[  105.163314][ T7958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  105.163328][ T7958] R13: 00007f8e75d76038 R14: 00007f8e75d75fa0 R15: 00007ffcb836c9c8
[  105.163348][ T7958]  </TASK>
[  105.163359][ T7958] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  105.429282][ T7966] loop0: detected capacity change from 0 to 164
[  105.459873][ T7970] kernel profiling enabled (shift: 63)
[  105.465609][ T7970] profiling shift: 63 too large
[  105.536046][ T7977] vlan0: entered promiscuous mode
[  105.537048][ T7974] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  105.611675][ T7983] netlink: 4 bytes leftover after parsing attributes in process `syz.3.780'.
[  105.623299][ T7983] netlink: 4 bytes leftover after parsing attributes in process `syz.3.780'.
[  105.837903][ T8004] netlink: 8 bytes leftover after parsing attributes in process `syz.0.783'.
[  105.893556][ T8007] loop3: detected capacity change from 0 to 128
[  105.958605][ T8007] syz.3.784: attempt to access beyond end of device
[  105.958605][ T8007] loop3: rw=0, sector=121, nr_sectors = 920 limit=128
[  106.087643][   T29] kauditd_printk_skb: 49 callbacks suppressed
[  106.087660][   T29] audit: type=1400 audit(1756727257.844:2395): avc:  denied  { bind } for  pid=8020 comm="syz.0.785" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  106.131663][   T29] audit: type=1400 audit(1756727257.877:2396): avc:  denied  { listen } for  pid=8020 comm="syz.0.785" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  106.160435][   T29] audit: type=1326 audit(1756727257.920:2397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8026 comm="syz.1.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e12ebe9 code=0x7ffc0000
[  106.183895][   T29] audit: type=1326 audit(1756727257.920:2398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8026 comm="syz.1.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e12ebe9 code=0x7ffc0000
[  106.240034][ T8027] loop1: detected capacity change from 0 to 128
[  106.251037][   T29] audit: type=1326 audit(1756727257.973:2399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8026 comm="syz.1.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff01e12ebe9 code=0x7ffc0000
[  106.274739][   T29] audit: type=1326 audit(1756727257.973:2400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8026 comm="syz.1.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e12ebe9 code=0x7ffc0000
[  106.298967][   T29] audit: type=1326 audit(1756727257.973:2401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8026 comm="syz.1.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e12ebe9 code=0x7ffc0000
[  106.322938][   T29] audit: type=1326 audit(1756727257.973:2402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8026 comm="syz.1.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff01e12ebe9 code=0x7ffc0000
[  106.346582][   T29] audit: type=1326 audit(1756727257.973:2403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8026 comm="syz.1.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e12ebe9 code=0x7ffc0000
[  106.370057][   T29] audit: type=1326 audit(1756727257.973:2404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8026 comm="syz.1.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01e12ebe9 code=0x7ffc0000
[  106.405154][ T8045] loop0: detected capacity change from 0 to 128
[  106.426243][ T8053] netlink: 16 bytes leftover after parsing attributes in process `syz.4.791'.
[  106.463886][ T8060] netlink: 4 bytes leftover after parsing attributes in process `syz.1.794'.
[  106.473538][ T8060] netlink: 4 bytes leftover after parsing attributes in process `syz.1.794'.
[  106.496718][ T8058] syz.0.792: attempt to access beyond end of device
[  106.496718][ T8058] loop0: rw=0, sector=121, nr_sectors = 920 limit=128
[  106.519572][ T8066] netlink: 8 bytes leftover after parsing attributes in process `syz.1.795'.
[  106.612264][ T8073] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  106.635723][ T8076] loop1: detected capacity change from 0 to 128
[  106.659055][ T8076] syz.1.797: attempt to access beyond end of device
[  106.659055][ T8076] loop1: rw=0, sector=121, nr_sectors = 920 limit=128
[  106.818039][ T8080] loop1: detected capacity change from 0 to 128
[  106.938539][ T8089] netlink: 28 bytes leftover after parsing attributes in process `syz.3.801'.
[  106.987229][ T8091] FAULT_INJECTION: forcing a failure.
[  106.987229][ T8091] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  107.000637][ T8091] CPU: 0 UID: 0 PID: 8091 Comm: syz.3.802 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  107.000733][ T8091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  107.000744][ T8091] Call Trace:
[  107.000750][ T8091]  <TASK>
[  107.000757][ T8091]  __dump_stack+0x1d/0x30
[  107.000774][ T8091]  dump_stack_lvl+0xe8/0x140
[  107.000837][ T8091]  dump_stack+0x15/0x1b
[  107.000849][ T8091]  should_fail_ex+0x265/0x280
[  107.000865][ T8091]  should_fail+0xb/0x20
[  107.000879][ T8091]  should_fail_usercopy+0x1a/0x20
[  107.000934][ T8091]  _copy_to_user+0x20/0xa0
[  107.000955][ T8091]  simple_read_from_buffer+0xb5/0x130
[  107.000974][ T8091]  proc_fail_nth_read+0x10e/0x150
[  107.001009][ T8091]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  107.001030][ T8091]  vfs_read+0x1a8/0x770
[  107.001047][ T8091]  ? __rcu_read_unlock+0x4f/0x70
[  107.001063][ T8091]  ? __fget_files+0x184/0x1c0
[  107.001243][ T8091]  ksys_read+0xda/0x1a0
[  107.001263][ T8091]  __x64_sys_read+0x40/0x50
[  107.001285][ T8091]  x64_sys_call+0x27bc/0x2ff0
[  107.001321][ T8091]  do_syscall_64+0xd2/0x200
[  107.001346][ T8091]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  107.001405][ T8091]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  107.001430][ T8091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.001491][ T8091] RIP: 0033:0x7f8aee0ad5fc
[  107.001507][ T8091] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  107.001588][ T8091] RSP: 002b:00007f8aecb0f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  107.001609][ T8091] RAX: ffffffffffffffda RBX: 00007f8aee2e5fa0 RCX: 00007f8aee0ad5fc
[  107.001622][ T8091] RDX: 000000000000000f RSI: 00007f8aecb0f0a0 RDI: 0000000000000006
[  107.001636][ T8091] RBP: 00007f8aecb0f090 R08: 0000000000000000 R09: 0000000000000000
[  107.001656][ T8091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.001671][ T8091] R13: 00007f8aee2e6038 R14: 00007f8aee2e5fa0 R15: 00007ffe33c7db18
[  107.001689][ T8091]  </TASK>
[  107.253178][ T8096] netlink: 'syz.2.804': attribute type 21 has an invalid length.
[  107.367271][ T8094] loop3: detected capacity change from 0 to 8192
[  107.374380][ T8094] vfat: Unknown parameter '18446744073709551615'
[  107.392656][ T8102] loop4: detected capacity change from 0 to 128
[  107.412621][ T8113] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8216 sclass=netlink_route_socket pid=8113 comm=syz.2.808
[  107.602792][ T8122] netlink: 28 bytes leftover after parsing attributes in process `syz.3.812'.
[  107.807494][ T8133] loop0: detected capacity change from 0 to 128
[  108.375840][ T8162] syz.2.817: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  108.390604][ T8162] CPU: 0 UID: 0 PID: 8162 Comm: syz.2.817 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  108.390687][ T8162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  108.390766][ T8162] Call Trace:
[  108.390774][ T8162]  <TASK>
[  108.390784][ T8162]  __dump_stack+0x1d/0x30
[  108.390807][ T8162]  dump_stack_lvl+0xe8/0x140
[  108.390831][ T8162]  dump_stack+0x15/0x1b
[  108.390852][ T8162]  warn_alloc+0x12b/0x1a0
[  108.390903][ T8162]  ? audit_log_end+0x1d7/0x1f0
[  108.390937][ T8162]  ? audit_log_end+0x1d7/0x1f0
[  108.391028][ T8162]  __vmalloc_node_range_noprof+0x9c/0xe00
[  108.391063][ T8162]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  108.391093][ T8162]  ? __rcu_read_unlock+0x4f/0x70
[  108.391116][ T8162]  ? xfd_validate_state+0x45/0xf0
[  108.391311][ T8162]  ? save_fpregs_to_fpstate+0x100/0x160
[  108.391337][ T8162]  ? should_fail_ex+0x30/0x280
[  108.391356][ T8162]  ? xskq_create+0x36/0xe0
[  108.391397][ T8162]  vmalloc_user_noprof+0x7d/0xb0
[  108.391432][ T8162]  ? xskq_create+0x80/0xe0
[  108.391481][ T8162]  xskq_create+0x80/0xe0
[  108.391510][ T8162]  xsk_init_queue+0x95/0xf0
[  108.391625][ T8162]  xsk_setsockopt+0x477/0x640
[  108.391736][ T8162]  ? __pfx_xsk_setsockopt+0x10/0x10
[  108.391768][ T8162]  __sys_setsockopt+0x184/0x200
[  108.391841][ T8162]  __x64_sys_setsockopt+0x64/0x80
[  108.391866][ T8162]  x64_sys_call+0x20ec/0x2ff0
[  108.391888][ T8162]  do_syscall_64+0xd2/0x200
[  108.391925][ T8162]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  108.391952][ T8162]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  108.392005][ T8162]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.392136][ T8162] RIP: 0033:0x7f4b6474ebe9
[  108.392155][ T8162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.392184][ T8162] RSP: 002b:00007f4b631b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  108.392207][ T8162] RAX: ffffffffffffffda RBX: 00007f4b64985fa0 RCX: 00007f4b6474ebe9
[  108.392221][ T8162] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000006
[  108.392254][ T8162] RBP: 00007f4b647d1e19 R08: 0000000000000004 R09: 0000000000000000
[  108.392269][ T8162] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000
[  108.392283][ T8162] R13: 00007f4b64986038 R14: 00007f4b64985fa0 R15: 00007fffb0e76c18
[  108.392304][ T8162]  </TASK>
[  108.392336][ T8162] Mem-Info:
[  108.493856][ T8135] syz.0.809: attempt to access beyond end of device
[  108.493856][ T8135] loop0: rw=2049, sector=1025, nr_sectors = 16 limit=128
[  108.497458][ T8162] active_anon:9495 inactive_anon:0 isolated_anon:0
[  108.497458][ T8162]  active_file:21231 inactive_file:2333 isolated_file:0
[  108.497458][ T8162]  unevictable:0 dirty:327 writeback:29
[  108.497458][ T8162]  slab_reclaimable:3242 slab_unreclaimable:14859
[  108.497458][ T8162]  mapped:30843 shmem:3077 pagetables:1213
[  108.497458][ T8162]  sec_pagetables:0 bounce:0
[  108.497458][ T8162]  kernel_misc_reclaimable:0
[  108.497458][ T8162]  free:1882260 free_pcp:4815 free_cma:0
[  108.689179][ T8162] Node 0 active_anon:38096kB inactive_anon:0kB active_file:84924kB inactive_file:9332kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:123372kB dirty:1308kB writeback:116kB shmem:12308kB kernel_stack:3472kB pagetables:6012kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  108.717365][ T8162] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  108.746717][ T8162] lowmem_reserve[]: 0 2883 7862 7862
[  108.752223][ T8162] Node 0 DMA32 free:2949296kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952828kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:3532kB free_cma:0kB
[  108.782997][ T8162] lowmem_reserve[]: 0 0 4978 4978
[  108.788149][ T8162] Node 0 Normal free:4564384kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:38096kB inactive_anon:0kB active_file:84924kB inactive_file:9332kB unevictable:0kB writepending:1308kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:12504kB local_pcp:9200kB free_cma:0kB
[  108.820469][ T8162] lowmem_reserve[]: 0 0 0 0
[  108.825181][ T8162] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  108.838332][ T8162] Node 0 DMA32: 4*4kB (M) 4*8kB (M) 4*16kB (M) 2*32kB (M) 4*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949296kB
[  108.855068][ T8162] Node 0 Normal: 647*4kB (UM) 387*8kB (UME) 175*16kB (UM) 172*32kB (UME) 165*64kB (UME) 78*128kB (UME) 64*256kB (UME) 23*512kB (UM) 18*1024kB (UME) 7*2048kB (UME) 1091*4096kB (UM) = 4564196kB
[  108.875088][ T8162] Node 0 hugepages_total=6 hugepages_free=5 hugepages_surp=2 hugepages_size=2048kB
[  108.884743][ T8162] 26647 total pagecache pages
[  108.889570][ T8162] 0 pages in swap cache
[  108.893780][ T8162] Free swap  = 124996kB
[  108.898118][ T8162] Total swap = 124996kB
[  108.902434][ T8162] 2097051 pages RAM
[  108.906385][ T8162] 0 pages HighMem/MovableOnly
[  108.911250][ T8162] 80444 pages reserved
[  109.061035][ T8229] loop3: detected capacity change from 0 to 8192
[  109.069921][ T8229] vfat: Unknown parameter '18446744073709551615'
[  109.145465][ T8242] netlink: 16 bytes leftover after parsing attributes in process `syz.2.820'.
[  109.227053][ T8262] loop4: detected capacity change from 0 to 512
[  109.255035][ T8262] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.377529][ T8264] loop0: detected capacity change from 0 to 8192
[  109.385319][ T8264] vfat: Unknown parameter '18446744073709551615'
[  109.462524][ T8251] loop0: detected capacity change from 0 to 512
[  109.559425][ T8251] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.576325][ T8251] ext4 filesystem being mounted at /151/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  109.638946][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.731826][ T8295] loop0: detected capacity change from 0 to 128
[  109.889422][ T8311] smc: net device bond0 applied user defined pnetid SYZ0
[  109.898331][ T8311] smc: net device bond0 erased user defined pnetid SYZ0
[  110.118817][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.614151][ T8338] loop2: detected capacity change from 0 to 128
[  110.683508][ T8347] loop1: detected capacity change from 0 to 128
[  110.684850][ T8338] syz.2.836: attempt to access beyond end of device
[  110.684850][ T8338] loop2: rw=0, sector=121, nr_sectors = 920 limit=128
[  110.700810][ T8349] __nla_validate_parse: 1 callbacks suppressed
[  110.700825][ T8349] netlink: 4 bytes leftover after parsing attributes in process `syz.0.839'.
[  110.736477][ T8349] netlink: 4 bytes leftover after parsing attributes in process `syz.0.839'.
[  110.788725][ T8357] FAULT_INJECTION: forcing a failure.
[  110.788725][ T8357] name failslab, interval 1, probability 0, space 0, times 0
[  110.794866][ T8352] syz.1.838: attempt to access beyond end of device
[  110.794866][ T8352] loop1: rw=0, sector=121, nr_sectors = 920 limit=128
[  110.803217][ T8357] CPU: 0 UID: 0 PID: 8357 Comm: syz.0.842 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  110.803302][ T8357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  110.803313][ T8357] Call Trace:
[  110.803318][ T8357]  <TASK>
[  110.803324][ T8357]  __dump_stack+0x1d/0x30
[  110.803425][ T8357]  dump_stack_lvl+0xe8/0x140
[  110.803444][ T8357]  dump_stack+0x15/0x1b
[  110.803530][ T8357]  should_fail_ex+0x265/0x280
[  110.803563][ T8357]  should_failslab+0x8c/0xb0
[  110.803587][ T8357]  __kmalloc_noprof+0xa5/0x3e0
[  110.803613][ T8357]  ? security_prepare_creds+0x52/0x120
[  110.803652][ T8357]  security_prepare_creds+0x52/0x120
[  110.803680][ T8357]  prepare_creds+0x34a/0x4c0
[  110.803702][ T8357]  copy_creds+0x8f/0x3f0
[  110.803770][ T8357]  copy_process+0x658/0x2000
[  110.803800][ T8357]  kernel_clone+0x16c/0x5c0
[  110.803828][ T8357]  __x64_sys_clone+0xe6/0x120
[  110.803879][ T8357]  x64_sys_call+0x119c/0x2ff0
[  110.803900][ T8357]  do_syscall_64+0xd2/0x200
[  110.803926][ T8357]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  110.804010][ T8357]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.804038][ T8357] RIP: 0033:0x7fe9bcf7ebe9
[  110.804054][ T8357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.804072][ T8357] RSP: 002b:00007fe9bb9defe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  110.804092][ T8357] RAX: ffffffffffffffda RBX: 00007fe9bd1b5fa0 RCX: 00007fe9bcf7ebe9
[  110.804169][ T8357] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000026801000
[  110.804181][ T8357] RBP: 00007fe9bb9df090 R08: 0000000000000000 R09: 0000000000000000
[  110.804193][ T8357] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  110.804212][ T8357] R13: 00007fe9bd1b6038 R14: 00007fe9bd1b5fa0 R15: 00007ffc001ac3d8
[  110.804230][ T8357]  </TASK>
[  110.873941][   T29] kauditd_printk_skb: 154 callbacks suppressed
[  110.873957][   T29] audit: type=1400 audit(1756727262.973:2559): avc:  denied  { wake_alarm } for  pid=8358 comm="syz.2.843" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  111.078995][   T29] audit: type=1326 audit(1756727263.145:2560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8358 comm="syz.2.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6474ebe9 code=0x7ffc0000
[  111.102522][   T29] audit: type=1326 audit(1756727263.145:2561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8358 comm="syz.2.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6474ebe9 code=0x7ffc0000
[  111.125999][   T29] audit: type=1326 audit(1756727263.145:2562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8358 comm="syz.2.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=332 compat=0 ip=0x7f4b6474ebe9 code=0x7ffc0000
[  111.149719][   T29] audit: type=1326 audit(1756727263.145:2563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8358 comm="syz.2.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6474ebe9 code=0x7ffc0000
[  111.173153][   T29] audit: type=1326 audit(1756727263.145:2564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8358 comm="syz.2.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6474ebe9 code=0x7ffc0000
[  111.196742][   T29] audit: type=1326 audit(1756727263.145:2565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8358 comm="syz.2.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f4b6474ebe9 code=0x7ffc0000
[  111.220119][   T29] audit: type=1326 audit(1756727263.145:2566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8358 comm="syz.2.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6474ebe9 code=0x7ffc0000
[  111.244195][   T29] audit: type=1326 audit(1756727263.145:2567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8358 comm="syz.2.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6474ebe9 code=0x7ffc0000
[  111.267617][   T29] audit: type=1326 audit(1756727263.145:2568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8358 comm="syz.2.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7f4b6474ebe9 code=0x7ffc0000
[  111.424258][ T8414] loop0: detected capacity change from 0 to 512
[  111.432813][ T8414] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.488483][ T8406] loop3: detected capacity change from 0 to 8192
[  111.495567][ T8406] vfat: Unknown parameter '18446744073709551615'
[  111.735345][ T8439] netlink: 28 bytes leftover after parsing attributes in process `syz.1.851'.
[  111.801395][ T8447] netlink: 4 bytes leftover after parsing attributes in process `syz.4.853'.
[  111.889556][ T8447] netlink: 4 bytes leftover after parsing attributes in process `syz.4.853'.
[  111.940395][ T8460] SELinux:  Context Ü is not valid (left unmapped).
[  112.035819][ T8460] loop4: detected capacity change from 0 to 8192
[  112.086100][ T3859]  loop4: p1 p2[DM] p4
[  112.090448][ T3859] loop4: p1 size 196608 extends beyond EOD, truncated
[  112.099968][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.110069][ T3859] loop4: p2 start 4292936063 is beyond EOD, truncated
[  112.117007][ T3859] loop4: p4 size 50331648 extends beyond EOD, truncated
[  112.149252][ T8460]  loop4: p1 p2[DM] p4
[  112.158375][ T8460] loop4: p1 size 196608 extends beyond EOD, truncated
[  112.166139][ T8460] loop4: p2 start 4292936063 is beyond EOD, truncated
[  112.173058][ T8460] loop4: p4 size 50331648 extends beyond EOD, truncated
[  112.520519][ T8484] loop1: detected capacity change from 0 to 8192
[  112.534442][ T8484] vfat: Unknown parameter '18446744073709551615'
[  112.630390][ T8482] loop1: detected capacity change from 0 to 512
[  112.720896][ T8482] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.759331][ T8482] ext4 filesystem being mounted at /172/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.833474][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.871401][ T8491] loop2: detected capacity change from 0 to 8192
[  113.097220][ T8497] loop1: detected capacity change from 0 to 128
[  113.100868][ T8498] macvlan1: entered promiscuous mode
[  113.109849][ T8498] ipvlan0: entered promiscuous mode
[  113.121363][ T8498] ipvlan0: left promiscuous mode
[  113.126611][ T8498] macvlan1: left promiscuous mode
[  113.161368][ T3293] udevd[3293]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  113.172913][ T3859] udevd[3859]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  113.184941][ T8502] loop4: detected capacity change from 0 to 8192
[  113.198663][ T8505] netlink: 4 bytes leftover after parsing attributes in process `syz.0.866'.
[  113.263098][ T8506] syz.1.862: attempt to access beyond end of device
[  113.263098][ T8506] loop1: rw=0, sector=121, nr_sectors = 920 limit=128
[  113.284769][ T3293] udevd[3293]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  113.288352][ T3859] udevd[3859]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  113.310707][ T8505] netlink: 4 bytes leftover after parsing attributes in process `syz.0.866'.
[  113.631796][ T8518] loop0: detected capacity change from 0 to 512
[  113.672631][ T8518] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.976381][ T8523] loop4: detected capacity change from 0 to 8192
[  113.983401][ T8523] vfat: Unknown parameter '18446744073709551615'
[  114.044296][ T8533] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  114.095745][ T8543] loop1: detected capacity change from 0 to 128
[  114.150003][ T8543] syz.1.874: attempt to access beyond end of device
[  114.150003][ T8543] loop1: rw=0, sector=121, nr_sectors = 920 limit=128
[  114.285962][ T8569] FAULT_INJECTION: forcing a failure.
[  114.285962][ T8569] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  114.299201][ T8569] CPU: 0 UID: 0 PID: 8569 Comm: syz.4.878 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  114.299227][ T8569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  114.299238][ T8569] Call Trace:
[  114.299244][ T8569]  <TASK>
[  114.299251][ T8569]  __dump_stack+0x1d/0x30
[  114.299300][ T8569]  dump_stack_lvl+0xe8/0x140
[  114.299317][ T8569]  dump_stack+0x15/0x1b
[  114.299335][ T8569]  should_fail_ex+0x265/0x280
[  114.299358][ T8569]  should_fail+0xb/0x20
[  114.299384][ T8569]  should_fail_usercopy+0x1a/0x20
[  114.299424][ T8569]  strncpy_from_user+0x25/0x230
[  114.299450][ T8569]  ? __kmalloc_cache_noprof+0x189/0x320
[  114.299517][ T8569]  __se_sys_memfd_create+0x1ff/0x590
[  114.299590][ T8569]  __x64_sys_memfd_create+0x31/0x40
[  114.299612][ T8569]  x64_sys_call+0x2abe/0x2ff0
[  114.299635][ T8569]  do_syscall_64+0xd2/0x200
[  114.299659][ T8569]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  114.299756][ T8569]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  114.299781][ T8569]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.299851][ T8569] RIP: 0033:0x7f8e75b3ebe9
[  114.299867][ T8569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.299888][ T8569] RSP: 002b:00007f8e7459ed68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  114.299929][ T8569] RAX: ffffffffffffffda RBX: 000000000000106a RCX: 00007f8e75b3ebe9
[  114.299941][ T8569] RDX: 00007f8e7459edec RSI: 0000000000000000 RDI: 00007f8e75bc27e8
[  114.299953][ T8569] RBP: 0000200000000000 R08: 00007f8e7459eb07 R09: 00007f8e7459f01f
[  114.299992][ T8569] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001
[  114.300005][ T8569] R13: 00007f8e7459edec R14: 00007f8e7459edf0 R15: 00007ffcb836c9c8
[  114.300025][ T8569]  </TASK>
[  114.496904][ T8583] netlink: 4 bytes leftover after parsing attributes in process `syz.1.879'.
[  114.507329][ T8583] netlink: 4 bytes leftover after parsing attributes in process `syz.1.879'.
[  114.581277][ T8589] loop4: detected capacity change from 0 to 128
[  114.605592][ T8602] macvlan1: entered promiscuous mode
[  114.612047][ T8602] ipvlan0: entered promiscuous mode
[  114.621553][ T8602] ipvlan0: left promiscuous mode
[  114.627432][ T8602] macvlan1: left promiscuous mode
[  115.019060][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.290686][ T8628] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  115.354443][ T8638] loop4: detected capacity change from 0 to 512
[  115.364520][ T8638] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  115.377211][ T8638] EXT4-fs (loop4): 1 truncate cleaned up
[  115.383530][ T8638] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.396444][ T8635] loop0: detected capacity change from 0 to 8192
[  115.406905][ T8638] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.434169][ T8638] netlink: 'syz.4.888': attribute type 14 has an invalid length.
[  115.585021][ T8653] loop1: detected capacity change from 0 to 8192
[  115.592274][ T8653] vfat: Unknown parameter '18446744073709551615'
[  115.719548][ T8679] netlink: 4 bytes leftover after parsing attributes in process `syz.4.893'.
[  115.759059][ T8679] netlink: 4 bytes leftover after parsing attributes in process `syz.4.893'.
[  115.765479][ T8675] loop1: detected capacity change from 0 to 8192
[  115.811530][ T8686] loop4: detected capacity change from 0 to 1024
[  115.825563][ T8686] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.847573][ T8686] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.895985][ T8686] loop4: detected capacity change from 0 to 2048
[  115.919964][ T8686] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.938521][ T8686] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.998674][ T8686] loop4: detected capacity change from 0 to 2048
[  116.006602][ T8691] ==================================================================
[  116.014727][ T8691] BUG: KCSAN: data-race in fat16_ent_put / fat_mirror_bhs
[  116.021896][ T8691] 
[  116.024318][ T8691] write to 0xffff88811b5ce50a of 2 bytes by task 8675 on cpu 0:
[  116.032224][ T8691]  fat16_ent_put+0x28/0x60
[  116.036662][ T8691]  fat_alloc_clusters+0x4ce/0xa80
[  116.041885][ T8691]  fat_get_block+0x258/0x5e0
[  116.046578][ T8691]  __block_write_begin_int+0x400/0xf90
[  116.052055][ T8691]  cont_write_begin+0x5fc/0x970
[  116.056930][ T8691]  fat_write_begin+0x4f/0xe0
[  116.061532][ T8691]  generic_perform_write+0x181/0x490
[  116.066892][ T8691]  __generic_file_write_iter+0xec/0x120
[  116.072444][ T8691]  generic_file_write_iter+0x8d/0x2f0
[  116.077909][ T8691]  vfs_write+0x52a/0x960
[  116.082253][ T8691]  ksys_write+0xda/0x1a0
[  116.086672][ T8691]  __x64_sys_write+0x40/0x50
[  116.091459][ T8691]  x64_sys_call+0x27fe/0x2ff0
[  116.096416][ T8691]  do_syscall_64+0xd2/0x200
[  116.101244][ T8691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.107333][ T8691] 
[  116.109674][ T8691] read to 0xffff88811b5ce400 of 512 bytes by task 8691 on cpu 1:
[  116.117393][ T8691]  fat_mirror_bhs+0x1df/0x320
[  116.122100][ T8691]  fat_alloc_clusters+0x98b/0xa80
[  116.127136][ T8691]  fat_get_block+0x258/0x5e0
[  116.131819][ T8691]  __block_write_begin_int+0x400/0xf90
[  116.137373][ T8691]  cont_write_begin+0x5fc/0x970
[  116.142244][ T8691]  fat_write_begin+0x4f/0xe0
[  116.146841][ T8691]  generic_perform_write+0x181/0x490
[  116.152134][ T8691]  __generic_file_write_iter+0x9e/0x120
[  116.157695][ T8691]  generic_file_write_iter+0x8d/0x2f0
[  116.163088][ T8691]  do_iter_readv_writev+0x49c/0x540
[  116.168299][ T8691]  vfs_writev+0x2df/0x8b0
[  116.172643][ T8691]  __se_sys_pwritev2+0xfc/0x1c0
[  116.177500][ T8691]  __x64_sys_pwritev2+0x67/0x80
[  116.182363][ T8691]  x64_sys_call+0x2c55/0x2ff0
[  116.187062][ T8691]  do_syscall_64+0xd2/0x200
[  116.191586][ T8691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.197568][ T8691] 
[  116.200072][ T8691] Reported by Kernel Concurrency Sanitizer on:
[  116.206476][ T8691] CPU: 1 UID: 0 PID: 8691 Comm: syz.1.892 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  116.216543][ T8691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  116.226943][ T8691] ==================================================================
[  116.275844][ T8686] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.288346][ T8686] ext4 filesystem being mounted at /177/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.305963][ T8686] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.