last executing test programs:

3.538973454s ago: executing program 4 (id=1141):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000780)={r0, &(0x7f0000000780), &(0x7f0000000280)=@tcp, 0x1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x18, 0x140f, 0x1, 0x70bd27, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'mad\x00'}]}, 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0x1004)

3.336507341s ago: executing program 4 (id=1144):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r0, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x81203, 0x10000, 0x0, 0x5, 0x4, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x2000000a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x1)
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000800)='./file0\x00', 0x800, &(0x7f0000000040)=ANY=[@ANYBLOB='map=off,hide\x00utf8,overriderockperm,map=off,map=formalAcheck=relaxed,showassoc,unhide,overriderockperm,map=off,iocharset=koi8-u,check=relaxed,\x00'], 0x2, 0x6b1, &(0x7f0000001100)="$eJzs3V1vG1kdx/HfOI7jZKFaAaqqKm1PW1ZKRXFtZ5sqKhJrxuNkwPZYMw5KJKRV2Sarqk4X2iLR3JTc8CAtbwBxwwVc8CKQuN53wQ0CaQV3SMuFV/Pk2PFT3XXb3fb7iXY9nvOfc/4z4/qvSTzHAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsuxqsViyVHebO7tmPLvqe41k+f/d4fa4t0VdixeuTR1XssL/lM/rXLzq3LdOms+G/7ui1fjZqvLhQ15Hb519+/Y3s5l0+wkJPw/N2uGjJ0f373Q6+w+fIXZBM3f/KimTLi0n52RE0JbTdAPPbVS2HOMGntnc2Cje2K4FpubWnWAvaDsNY/tOpu35Zs2+Zkqbm+vGKex5O82taqXupCtvfbdcLG6YHy7FJ1pSIbC33XrdbW5FMWFzGHPLfPyTOMCpNIw5uNfZX5+2J2FQ6VmCytOCysVyuVQql0sbNzdv3ioWs/0rMpKyxZBV7NHQJnN/0eIrZj5v3MAcZML6/w9Lqiuvpna0KzPyx1ZVvjw1xrQn0vr/zg1n4rj99T+t8uek7yfN5xXV/4vxs4vj6v+YXIxMtMGoFmvM+tl+FqOMjB7piY50X3fUUUf7ejiHvo3Mpbn08hJ+tuSoKVeBPLlqqKIt/fnrStYYbWpDGyrqfW2rpkBGNbmqy1GgPQVqy4leUbZ8OaqoLU++jNZk65qMStrUptZl5KigPXnaUVNbqqqi/3W73QPdi477+oQclQaVxgQs9QeVJ/Q0WMz/qLT+//SppFzy0i32o/6/WeKXwFL88MmkGOBLoJtc//fLTN/s0ovLCAAAAAAAzJsV/fbdiv52f0FSVzW37hRfdVoAAAAAAGCOLHWXtCorvP6XdEEW1/8AAAAAALxurOgeO0vSSvShfuvkTqhn+SXAwktIEQAAAAAAfEHRnf8Xc1I3mrTikqyZrv8BAAAAAMBXwG/75tjPpnPsdtM/62ckBa0l62//WZK/aB23dr9tHVbClsphEvPZ6R7btfPWmWSi3ughJyl6Zjur1mo8OWYyCWZv3sFPD6bN9W/5pxLILfR3MCYBKxx5I5s808e6HG9yOZln/u5RRlFLPMpKza07Bdur3y6pUjmTaTu77V88uPdLye990uHgXme/8MFHnbtRLsfhquPDsNOnA+lkRh+Mk1weR/MtRPdcjNrjZdXSIX/XbKxY0bjFdP8XVDnM9A806QScjPlrXVH0qY0rK3HsylFvxv1w//Ph/pcK0Skb2Ht/0TrJonR6z0ediDFZ5KMsrsYxV9euqvzPeLl3FjJW/jsLUrkwfA4Gsij3ZzH9WFj/HToWfVlED2lL37FYD7P4e9jRmCzWZ8ti6IwAwKtyoAvKaiGsQk/VX4XySd1Ny0P6pvZcdWd6dX9vsLo//kO3G22wIGWTv01MHCWv8B19zYrqUE7RG2v2/Ih39GJSV/Ia845e/ALVLRzrryffgZSkPZTFZ91u93YpGvf3p6rqnwaGGxo3qJcXwkN44/Hhz6IJ8EMf7n+4/6BcXt8ovlss3ixrMdqN5GFB1B4AwJDp37EzNcJ6V5fjiMt3//1OvDRQ8b7R+0hBQR/oI3V0V9fTrxC4NLrXlb6PIVyPr1rVd9Vqzr59O/peusHYkq6PvaqLamlfbLkXu6h0k8FKfRK7/oLPAgAAL9eVKXV4dP3PD9T/61qLI9bOj7zuHqzlydVx75J+XGxpevLvzftoAADwZnD8T62V9m8s33db75c2N0uV9rZjfM/+kfHd6pZj3Gbb8e3tSnPLMS3fa3u2VzctX0tu1QlMsNNqeX7b1DzftLzA3Y2++d0kX/0eOI1Ks+3aQavuVALH2F6zXbHbpuoGtmnt/KDuBtuOH20ctBzbrbl2pe16TRN4O77tFIwJHKcv0K06zbZbc8PFpmn5bqPi75kfe/WdhmOqTmD7bqvtxR2mY7nNmuc3om4L2e6ozwsAAPDGefTk6P6dTmf/4emF5fDSPF5zrDExwws5PXoSXpWHa7JJE3MEAQDwJXNSwGfYKP8CEwIAAAAAAAAAAAAAAAAAAAAAAEOm39I348LiqJsFpd6an59J1uhXOrnFcKgfS/NObJaFzKxbpbdEHN3/ZFxMTneWe2vSw98fc/zSdvBfX5PeitYoXpOd/1jLE07ui1j43kF8RMfGhI0jm5Z65yL7HP8ccpoa8+AvY5q63W538hBLg8cwN7CDmUmDZiU9zM18CnJDL1EAr6vPAwAA//9FkjLH")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r0, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x14, 0x0, 0x202, 0x70bd29, 0x25dfdbff, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x404}, 0x40091)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x80, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x8}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x54, 0x3, 0x0, 0x1, [{0x50, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x44, 0xb, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x3}, @NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x10}]}}}, {0x14, 0x1, 0x0, 0x1, @last={{0x9}, @val={0x4}}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x104}}, 0x0)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x3, 0x3, 0x5e, 0x54, 0x0, 0x3, 0x89008, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x2, @perf_config_ext={0x10000, 0xfffffffffffffff9}, 0x1a, 0x81, 0x800, 0x6, 0x8, 0x4002}, 0x0, 0x1, 0xffffffffffffffff, 0x1)
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r3, &(0x7f0000000780)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b, 0x0, 0x0, 0x0, 0x800}}, 0x120)

3.2339615s ago: executing program 4 (id=1147):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000d000000"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
setrlimit(0x9, &(0x7f0000000040))

3.152263206s ago: executing program 4 (id=1150):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000570000"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x18)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

3.151742736s ago: executing program 4 (id=1151):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x20280, 0x0)
ioctl$IMADDTIMER(r2, 0x80044940, &(0x7f0000000080)=0x14)
r3 = creat(&(0x7f0000000180)='./file0\x00', 0x10)
r4 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x800020, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r3, &(0x7f0000000300)="ca0e808bb35bda", 0x7)
r6 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
dup2(r4, r6)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r7 = syz_open_procfs(0x0, &(0x7f0000000440)='ns\x00')
r8 = socket(0x1e, 0x4, 0x0)
r9 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r9, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r8, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r8, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r10 = dup3(r9, r8, 0x0)
recvmmsg(r10, &(0x7f0000004a40)=[{{&(0x7f0000000480)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000500)=""/144, 0x90}, {&(0x7f0000000680)=""/223, 0xdf}, {&(0x7f0000000780)=""/85, 0x55}, {&(0x7f0000000800)=""/69, 0x45}, {&(0x7f0000000880)=""/4, 0x4}, {&(0x7f00000008c0)=""/75, 0x4b}], 0x6, &(0x7f0000000cc0)=""/229, 0xe5}, 0x2}, {{&(0x7f00000009c0)=@l2tp={0x2, 0x0, @empty}, 0x80, &(0x7f0000001400)=[{&(0x7f0000000dc0)=""/191, 0xbf}, {&(0x7f0000000ac0)=""/43, 0x2b}, {&(0x7f0000000e80)=""/222, 0xde}, {&(0x7f0000000f80)=""/214, 0xd6}, {&(0x7f0000000b00)=""/12, 0xc}, {&(0x7f0000001080)=""/227, 0xe3}, {&(0x7f0000001240)=""/230, 0xe6}, {&(0x7f00000016c0)=""/175, 0xaf}], 0x8, &(0x7f00000014c0)=""/223, 0xdf}, 0x3}, {{&(0x7f0000000c00)=@l2={0x1f, 0x0, @none}, 0x80, &(0x7f0000001180)=[{&(0x7f0000000b80)=""/33, 0x21}, {&(0x7f0000004cc0)=""/221, 0xdd}, {&(0x7f00000015c0)=""/211, 0xd3}, {&(0x7f0000004c00)=""/163, 0xa3}], 0x4, &(0x7f0000001880)=""/76, 0x4c}, 0xffffffff}, {{&(0x7f0000001900)=@nfc_llcp, 0x80, &(0x7f00000019c0)=[{0x0}, {&(0x7f0000001980)=""/61, 0x3d}, {&(0x7f0000002080)=""/4096, 0x1000}, {&(0x7f0000003100)=""/4096, 0x1000}], 0x4, &(0x7f0000001a00)=""/191, 0xbf}, 0x4}, {{&(0x7f00000043c0)=@caif=@dbg, 0x80, &(0x7f00000046c0)=[{&(0x7f0000002000)=""/24, 0x18}, {&(0x7f0000004440)=""/184, 0xb8}, {&(0x7f0000004500)=""/142, 0x8e}, {&(0x7f00000045c0)=""/94, 0x5e}, {&(0x7f0000004640)=""/126, 0x7e}], 0x5, &(0x7f0000004740)=""/190, 0xbe}, 0x5}], 0x5, 0x40000001, 0x0)
setsockopt$packet_rx_ring(r7, 0x107, 0x5, &(0x7f0000000040)=@req={0x4, 0x5, 0x9, 0x80}, 0x10)
getdents(r7, &(0x7f0000001f80)=""/4096, 0x1000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018020000", @ANYRES32, @ANYBLOB="00000000000000006600020000000000180000000000000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222}, 0x78)
close(r2)

2.582344832s ago: executing program 3 (id=1164):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x18)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

2.539857555s ago: executing program 3 (id=1165):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f0"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x41}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x0, 0x2}, 0x10)
sendmsg$tipc(r2, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x2, {{0x40}, 0x2}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x4)

2.491660069s ago: executing program 3 (id=1167):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1700000000000000040000001de0696a1802ce220d5e4d615db6d8bc12cd96e7dea1c189eaf419fd8821367bed32edb3d3c834edb91ec630834650454389ec85ead099e277cd1e81430bfcdc88242f5450bb5f039f96662d5ea6ee1ca09134b7a35400009e921f58508903b1759c170bb12d14f58552f586b3c7a5233fee783e8573b337732f62363c2c438feed854215a2d0b5f81c2ba786fd4ab63a4c0c3f0b0c1b607499480db0c3c42f2bd1030e9a81ebd20acecd8d198e849564fbbbe91558c16d6798545dd6aa4c6e83f0cc6d0da9fdc7ab25d41b443bbe20d4b4a", @ANYBLOB="f29a0404184ddb6ac9b99556e931b309cb45fac6fa0d41930e072c1df6c4055e4a8f6b67eff4f8485d79f525ed1503cb87eded6520764af1"], 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x4a)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = epoll_create1(0x0)
epoll_create1(0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYRES32=r1, @ANYBLOB], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
syz_usb_connect(0x4, 0x24, 0x0, 0x0)
epoll_pwait(r0, &(0x7f0000000080)=[{}], 0x1, 0x4c6, 0x0, 0x0)

2.281386696s ago: executing program 4 (id=1168):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xc40a, &(0x7f0000000680)={[{@noblock_validity}, {@dioread_lock}, {@nobh}, {@nojournal_checksum}, {@noquota}, {@usrjquota, 0x2e}, {@grpquota}, {@barrier_val={'barrier', 0x3d, 0x8}}, {@jqfmt_vfsv0}, {@noload}], [], 0x2c}, 0x1, 0x464, &(0x7f0000000a40)="$eJzs28tvG8UfAPDv2nHaXx+/hFIeLQUM5RHxSJq0QA9cikDqBQkJDuUY0rQqdRvUBIlWFQ0cyhH1LwCOSPwFnOgFAScQV7gjpArlQuCAjNZeG9eOU8eJ46T+fKSNZ3ZnvfPd3YlnZ+wABlYx/ZNE7ImIXyJiJCLyzQWK1Zflpaszfy1dnUmiXH7zjyTdLf5cujpTK5pkr7uzzFiuvqrF/OUr56dLpdlLWX5i4cJ7E/OXrzx/7sL02dmzsxenjh8/dnTypRenXtiQOPemdT344dyhAyffvvH6zKkb73z/VVq5Pdn2xjiqRtd9zGIU256AJ9f97lvL3uy17QVnS0rb+lBEFCrtfyTylVzVSLz2cV8rB/RUuVwu72hZW+8BLJaBu1gS/a4B0B+1D/r0+be2bGL3o+9unag+AKVxL2dLdctQ5LIyhYbn241WjIhTi39/li6x4jgEAMDG+ibt/zy3Uv8vF/c3lPt/Njc0GhH3RMS+iLg3IvZHxH0RlbIPRMSDazx+sSnf2v/56X9dBdahWycieTmb27q9/1fr/cVoPsvtrcRfSM6cK80eyc7JWBR2pPnJVY5x89WfP223rbH/ly7p8Wt9wawevw81DdCdnl6YXk/MjW59VBkDvNYaf1KfCUgi4kBEHOzi/XdGxLlnvjzUsqFhoui2+COa4l/FUBcValL+IuLp6vVfjKb4G6u6yvzkxM4ozR6ZqN0VrX748fob7Y5/5+vfW+n137Xi/V+PfzRpnK+dX/sxrv/6Sdtnmm7v/+HkrUp6OFv3wfTCwqXJiOFksXX91H/71vK18mn8Y4dXbv/7Iv75PNvvoYhIb+KHI+KRiHg0q/tjEfF4RBxeJf7vXnni3e7j7600/tNruv5rT+TPf/t1u+N3dv2PVVJj2ZpO/v91WsH1nDsAAADYLnKV78AnufF6OpcbH69+h39/7MqV5uYXnj0z9/7F09Xvyo9GIVcb6RppGA+dzMaGa/mppvzRbCwwlebHZ+ZKvZpTBzqzu037T/2W73ftgJ5b0zyaX3jBXWUD5tGBbUr7h8Gl/cPg0v5hcK3U/q9FLPehKsAm8/kPg0v7h8Gl/cPg0v5hIK3nd/2rJfad7NU7b8fEzYhoVybf1xo+tbvb3SNXOjC8NU7vHROF7G6vr8ltkYpVEjsiotPC12KzKtbnf0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb5N8AAAD//6eJ4CE=")
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r1, 0x0, 0xb, &(0x7f0000000000)=0xfffffffd, 0x4)
sendto$inet(r1, 0x0, 0xffef, 0x20000000, &(0x7f0000000240)={0x2, 0x4e22, @remote}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mknod(&(0x7f0000000180)='./file0\x00', 0x1ffa, 0x0)
acct(&(0x7f0000000140)='./file0\x00')
open(0x0, 0x2000, 0x392)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x12, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x4}, 0x1c)
listen(r2, 0xfffffff8)
syz_usb_connect(0x0, 0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="1201000045c33f08ac05470223b00000000109021200ca5ecb29c3078810010000000009a5f58d877ff0ffe0d2f722d1b0decf21750f408f19acbce8ba9d7f2dd1ccf8fc9098e7d42aef4be10c98c0673afaa76d6ae2ac558296848dfcc304aff10a7c0928e6910183be59ea29525c71c4034bc020c573440660b6f313ca209e7282e5023e845351e492a108afc16d15f8825eedc89fde7719a57d509c23ad45887043a928"], 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x2, @local}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{}, &(0x7f0000000100), &(0x7f0000000180)='%ps    \x00'}, 0x20)
close_range(r2, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = gettid()
syz_open_procfs(r5, &(0x7f0000000200)='net/snmp\x00')
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
lseek(r6, 0x10001, 0x0)
recvfrom$inet(r1, 0x0, 0x0, 0x2000, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005500e5022cbd70000000161307000000", @ANYRES32, @ANYBLOB="120001"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x20000100)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01000000000000000000040000e41300050003030000000a0000005dc000000000010800020005000000140006"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)

1.643640368s ago: executing program 0 (id=1190):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x1cc12, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r3, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$urandom(0xffffffffffffff9c, &(0x7f0000000540), 0x80000, 0x0)
mincore(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

1.474249292s ago: executing program 0 (id=1196):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001300)=@newqdisc={0x2c, 0x28, 0x4ee4e6a52ff56541, 0x70bd28, 0xfffffdfc, {0x0, 0x0, 0x0, r5, {0xfff1}, {0xffff, 0xffff}, {0xffff, 0x3}}, [@TCA_RATE={0x6, 0x5, {0xe}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40058}, 0x4000080)

1.252380599s ago: executing program 0 (id=1199):
r0 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pread64(r0, &(0x7f0000000100)=""/78, 0x4e, 0x0)

1.227213281s ago: executing program 0 (id=1200):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe00181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000780)={r0, &(0x7f0000000780), &(0x7f0000000280)=@tcp, 0x1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x18, 0x140f, 0x1, 0x70bd27, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'mad\x00'}]}, 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0x1004)

1.226502921s ago: executing program 0 (id=1201):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f0000000140), 0x2, 0xbb8, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3kymaZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQ2mTS1M70x/f3gzD3nnpl5nmcuM/cemJkA7luD2U0asT8iTiURpeb+NCKK9V5fRK1xv6XF+bFfF+fHklhefumnJJKIuLk4P9Z6rqS53dsc9EXE188m8b831sednp2bHK1WK1PN8aGZsxcOTc/OPTFxdvRM5Uzl3PCRp0YOjxwZOjrSsVp/++74lV8eef6H2u8f/nH557ffT+J49Dfn1tbRKYMxuPKarFWIiNFOB8tJT7OetXUmhds8KO1yUgAAtJWuuYZ7IErRE6sXb6X4/JtckwMAAAA6YrknYhkAAADY4RLrfwAAANjhWt8DuLk4P9Zq+X4j4d66cSIiBhr1LzVbY6YQtfq2L3ojYs/NJNb+rDVpPOyuDUbE99ePfpK16NLvkDdTW4iIBzc6/km9/oH6r7jX159GxFAH4g/eMv431X+8A/Hzrh+A+9PVE40T2frzX7py/RMbnP8KG5y7/om8z3+t67+lddd/q/X3tLn+e3GLMS598O7FdnNZ/U9fee7jVsviZ9u7KuoO3FiIeKiwUf3JSv1Jm/pPbTFG6c+LlXZzede//F7Egdi4/pZk8/8nOjQ+Ua0MNW43jLHw1chH7eLnXX92/Pe0qb/1/0/tjv+FLcZ45eTJT9ftvL7a3bz+9Mdi8nK9V2zueW10ZmZqOKKYvLB+/+HNc2ndp/UcWf0HH938/b9R/dlnQq35OmRrgYXmNhu/fkvMZy5f+qxdPq31X57H/3Sb47+2/i8L64//m1uM8dgXbx1sN7d2/Zu1LH5rLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlE9EeSllf6aVouR+yNiP/HnrR6fnrm8fHzr547nc1FDERvOj5RrQxFRKkxTrLxcL2/Oj58y/jJiNgXEe+UdtfH5bHz1dN5Fw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCKvRHRH0lajog0IpZKaVou550VAAAA0HEDeScAAAAAdJ31PwAAAOx81v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB02b6Hr15LIqJ2bHe9ZYrNud5cMwO6Lc07ASA3PXknAOSmkHcCQG7ucI3vcgF2oOQ2831tZ3Z1PBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtq8D+69eSyKidmx3vWWKzbneXDMDui3NOwEgNz2bTRbuXR7AvectDvcva3wguc183+p9an+f2dW1nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYfvrrLUnLEVFs7iuXI/4TEQPRm4xPVCtDEfHfiPi21LsrGw/nnDMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdNz07NzlarVamsk4azc7KHp3VTtJ4xWrbJR+du+wUY1uksU07eX8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh+nZucnRarUyNZ13JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDepmfnJker1cpUFzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+CgAA//9gfgp0")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xa0242, 0x0)
linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000700)='./file7\x00', 0x400)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000200)={r1, 0x20, &(0x7f00000001c0)={&(0x7f0000000000), 0x0, <r3=>0x0, &(0x7f0000000180)=""/27, 0x1b}}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000002380)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, r2, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000340)='leases_conflict\x00', r4}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f0000000740)='free_extent_state\x00', r2, 0x0, 0x4}, 0x2e)
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
pwrite64(0xffffffffffffffff, &(0x7f00000005c0)='\"', 0x1, 0x4fed0)
renameat2(0xffffffffffffff9c, &(0x7f00000007c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file3\x00', 0x4)

1.054377395s ago: executing program 2 (id=1204):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="2000000011d01f"], 0x20}, 0x1, 0x0, 0x0, 0xc0}, 0x40000)
r1 = add_key$fscrypt_v1(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
syz_clone3(&(0x7f00000006c0)={0x40002000, 0x0, 0x0, 0x0, {0xe}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
add_key$user(&(0x7f00000000c0), &(0x7f0000000240)={'syz', 0x1}, &(0x7f00000003c0)="6edb526534c18b7c7604cf2023026b8896cf882c94c663c2fb3bed878b29087b4f4a2ce32b5b3d73ad87ec3259bc15c172085d0f6f676dab538d5592ac3b5a202ad7705a643105a281b9628727ed0c25f188172b1aeb244178a922b8a2863192d7bcd6710171a8b7b6e60e59f06f4cb33cbd58eb7f2c6c15040c425850ea81bd8b2c7e0356720624", 0x88, r1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70300000004000085"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x2a, &(0x7f0000000340)=ANY=[@ANYBLOB="bbbbbbaaaaaaaaaabb08004500001c000000000002907800000000e0000300100090780003000e99b11ad3c88dbb4c81c6f164a169129c77775e60f6d1429ceb8c705d3df6f4aa141caee80a5c5f27430287000000"], 0x0)

993.65207ms ago: executing program 2 (id=1205):
r0 = shmget$private(0x0, 0x13000, 0x1, &(0x7f0000feb000/0x13000)=nil)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00'}, 0x10)
shmat(r0, &(0x7f0000ff1000/0x3000)=nil, 0x400c)

976.394632ms ago: executing program 2 (id=1206):
socket$tipc(0x1e, 0x2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
move_pages(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], &(0x7f0000001180), 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x9, &(0x7f0000000040)=ANY=[@ANYBLOB="1807000002000000000000000800000018120000", @ANYRES32=r2, @ANYBLOB="000003000000000000850000000c000000b7000000000000009500000000000000000f6e0000000000"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fffe}, 0x94)
unlink(&(0x7f0000000000)='./file0\x00')
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYRES16], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r3, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r4 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000280)=ANY=[@ANYRES32=r5, @ANYRES32=r5], 0x0, 0x9}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@gettclass={0x24, 0x2a, 0x200, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xe, 0xfff3}, {0xc83ddc9efb2da4f7, 0xb}, {0x6, 0xf}}, ["", "", "", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x3, 0x0, 0x0, 0x0, 0x8e, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2100002000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703f0ff000a0000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x16, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x76)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r7}, 0x10)
sendto$inet6(0xffffffffffffffff, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0", 0x8e, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDSKBENT(r8, 0x4b47, &(0x7f0000000400)={0x0, 0x7f, 0x20f})

969.356382ms ago: executing program 0 (id=1207):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000003580)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000380)="a1", 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00'], 0x30, 0x40400d1}}], 0x1, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x18)
pipe(&(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r0, 0x0, r3, 0x0, 0xa86, 0x0)

936.123315ms ago: executing program 2 (id=1208):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='ext4_sync_fs\x00', r2}, 0x18)
memfd_create(&(0x7f00000000c0)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\xa7\x1dp\t\x9a\xceb \x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00\x81Ks\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x14\xb1`\x87#X\\W`;\'_4\xc5\xc9\x921<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\x02\x00\x00\x00\x8aeh;F[\xe2\x1c<L\xaa\x87A\xcdN#\xfb\xb0\xf2\x1e\x0e#J\xd0hB<\xc0\x82A0)p\xe7&J\x82\x83\x83\xd14\x01\xcf\x1b\xa9\x1d\x1ef\x0f\x86(1\xd6l\xd2\x8f\xb0\xad\t\x15\xdb|\x87\xf1\xc4\xb8\xb2\x9a\xd2A\x80\xbf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd6\x80\x00\x00\x00\x00\x00\x00\x00\x88&}\xd1\x00\x00\x00\xe6\xaf\t\x9f\x96\rN\xc9\x90\xbe\xed\x1ad\x14\xe7\x84\t\'\x8b\x00\xdd\xc9\x0f\x14v\xb6\x04\xf2U\xb4\xf6\xbe\xddT\xcb\x00\x00\x00\x00\x00\x00\xe9\x00\x00\x00\x00\x00\x00o:}\xa7jmH\xedn\x11\xfe\xe2\x0fT\x00\x94\xbc\xc6\x7f\x93eE1xp\xa3\xdc\xd7K9J<\xeb\xd2!\xf4\x19\xbd#\xb8\x83\x858\n\xf8\x12Z\x1a\x12\xfa\xcc\x04\r\xf3\xf4;\v\x15b^\xea\xa2\x04 \xe8\x99\xb3\x97\x9e\r\xb0\x05\xbb(f\xd0\x85\xc5\x15\xae#\x12Q\xacF\xfb\xc8\xbd\xcc#\v\x00\x00\x00\x00\x00\x00\x8f\x9b\x00\x03\xc8}\x11\xbc\x01\x8fi\xf5\x7f\xaf\x11\xfb\x16\x95\xdfc\xc9\x8a/&\x81w\xdf]ao\\\x88\xf7\xce\xbd\xb0\xa6J~\x8d\xf1\xe9\x1c\xcfo\xb3\xdc\x04Y\x8e\r\xf5\xa0\xeft\x06G0\xe3D\xd6\xa3L\xedN\x0e\xdc@7\xd8^\xae\xea\x92\xbe\x9c\xf9~c\xc1|\xca\x8d\x93R\xe5\xceU\xa5\x0f\xbf\xd8l\x96`\x0f\x00e\x8aR{\x17Y\x15m>\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00J[\xc4\x04\xc1\xa6\x10\xc2\x9d\x11\t|\xc0\t\xd9(\x80\xe6s\xaa\x88\x8a\xd6\xa2\x01\x10W]Z\x8d\xf7\xd1P\xf9d\x01|\xa3\x03hSq\x95\x8f\xe1J\xd3#/fcCz\xff\x80\xe2M\xa3-r\xf6\x1a\xd74\xdc\xe1\xe4\xc3\x9dU t}\x02\x9a{C|S\xf4\x98\x05\xb9\x15}\xfa\"\xdc\xc2r\xf9\a\xadnD\xb6\x06\xd3\'\x10\x9f|\x17\xd6\x89O\f\x98@\x85\xa5m\x9d\\&\x17o\x11Z=l\xfb\x93\x8exZ', 0x6)
r3 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_udp_int(r3, 0x11, 0x68, &(0x7f0000000080)=0xa40, 0x4)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000380), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cpuset.effective_cpus\x00', 0x26e1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x3, 0x0, &(0x7f0000000100)={<r7=>0xffffffffffffffff})
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@bridge_delneigh={0x28, 0x1e, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r8, 0x0, 0x2}, [@NDA_LLADDR={0xa}]}, 0x28}}, 0x0)

861.051211ms ago: executing program 2 (id=1209):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001300)=@newqdisc={0x2c, 0x28, 0x4ee4e6a52ff56541, 0x70bd28, 0xfffffdfc, {0x0, 0x0, 0x0, r5, {0xfff1}, {0xffff, 0xffff}, {0xffff, 0x3}}, [@TCA_RATE={0x6, 0x5, {0xe}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40058}, 0x4000080)

773.878128ms ago: executing program 2 (id=1210):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xc40a, &(0x7f0000000680)={[{@noblock_validity}, {@dioread_lock}, {@nobh}, {@nojournal_checksum}, {@noquota}, {@usrjquota, 0x2e}, {@grpquota}, {@barrier_val={'barrier', 0x3d, 0x8}}, {@jqfmt_vfsv0}, {@noload}], [], 0x2c}, 0x1, 0x464, &(0x7f0000000a40)="$eJzs28tvG8UfAPDv2nHaXx+/hFIeLQUM5RHxSJq0QA9cikDqBQkJDuUY0rQqdRvUBIlWFQ0cyhH1LwCOSPwFnOgFAScQV7gjpArlQuCAjNZeG9eOU8eJ46T+fKSNZ3ZnvfPd3YlnZ+wABlYx/ZNE7ImIXyJiJCLyzQWK1Zflpaszfy1dnUmiXH7zjyTdLf5cujpTK5pkr7uzzFiuvqrF/OUr56dLpdlLWX5i4cJ7E/OXrzx/7sL02dmzsxenjh8/dnTypRenXtiQOPemdT344dyhAyffvvH6zKkb73z/VVq5Pdn2xjiqRtd9zGIU256AJ9f97lvL3uy17QVnS0rb+lBEFCrtfyTylVzVSLz2cV8rB/RUuVwu72hZW+8BLJaBu1gS/a4B0B+1D/r0+be2bGL3o+9unag+AKVxL2dLdctQ5LIyhYbn241WjIhTi39/li6x4jgEAMDG+ibt/zy3Uv8vF/c3lPt/Njc0GhH3RMS+iLg3IvZHxH0RlbIPRMSDazx+sSnf2v/56X9dBdahWycieTmb27q9/1fr/cVoPsvtrcRfSM6cK80eyc7JWBR2pPnJVY5x89WfP223rbH/ly7p8Wt9wawevw81DdCdnl6YXk/MjW59VBkDvNYaf1KfCUgi4kBEHOzi/XdGxLlnvjzUsqFhoui2+COa4l/FUBcValL+IuLp6vVfjKb4G6u6yvzkxM4ozR6ZqN0VrX748fob7Y5/5+vfW+n137Xi/V+PfzRpnK+dX/sxrv/6Sdtnmm7v/+HkrUp6OFv3wfTCwqXJiOFksXX91H/71vK18mn8Y4dXbv/7Iv75PNvvoYhIb+KHI+KRiHg0q/tjEfF4RBxeJf7vXnni3e7j7600/tNruv5rT+TPf/t1u+N3dv2PVVJj2ZpO/v91WsH1nDsAAADYLnKV78AnufF6OpcbH69+h39/7MqV5uYXnj0z9/7F09Xvyo9GIVcb6RppGA+dzMaGa/mppvzRbCwwlebHZ+ZKvZpTBzqzu037T/2W73ftgJ5b0zyaX3jBXWUD5tGBbUr7h8Gl/cPg0v5hcK3U/q9FLPehKsAm8/kPg0v7h8Gl/cPg0v5hIK3nd/2rJfad7NU7b8fEzYhoVybf1xo+tbvb3SNXOjC8NU7vHROF7G6vr8ltkYpVEjsiotPC12KzKtbnf0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb5N8AAAD//6eJ4CE=")
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r1, 0x0, 0xb, &(0x7f0000000000)=0xfffffffd, 0x4)
sendto$inet(r1, 0x0, 0xffef, 0x20000000, &(0x7f0000000240)={0x2, 0x4e22, @remote}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mknod(&(0x7f0000000180)='./file0\x00', 0x1ffa, 0x0)
acct(&(0x7f0000000140)='./file0\x00')
open(&(0x7f0000000080)='./file0\x00', 0x2000, 0x392)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, 0x0, 0x0)
listen(r2, 0xfffffff8)
syz_usb_connect(0x0, 0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="1201000045c33f08ac05470223b00000000109021200ca5ecb29c3078810010000000009a5f58d877ff0ffe0d2f722d1b0decf21750f408f19acbce8ba9d7f2dd1ccf8fc9098e7d42aef4be10c98c0673afaa76d6ae2ac558296848dfcc304aff10a7c0928e6910183be59ea29525c71c4034bc020c573440660b6f313ca209e7282e5023e845351e492a108afc16d15f8825eedc89fde7719a57d509c23ad45887043a928"], 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x2, @local}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{}, &(0x7f0000000100), &(0x7f0000000180)='%ps    \x00'}, 0x20)
close_range(r2, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = gettid()
syz_open_procfs(r5, &(0x7f0000000200)='net/snmp\x00')
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
lseek(r6, 0x10001, 0x0)
recvfrom$inet(r1, 0x0, 0x0, 0x2000, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005500e5022cbd70000000161307000000", @ANYRES32, @ANYBLOB="120001"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x20000100)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01000000000000000000040000e41300050003030000000a0000005dc000000000010800020005000000140006"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)

642.722679ms ago: executing program 3 (id=1211):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f0000000140), 0x2, 0xbb8, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3kymaZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQ2mTS1M70x/f3gzD3nnpl5nmcuM/cemJkA7luD2U0asT8iTiURpeb+NCKK9V5fRK1xv6XF+bFfF+fHklhefumnJJKIuLk4P9Z6rqS53dsc9EXE188m8b831sednp2bHK1WK1PN8aGZsxcOTc/OPTFxdvRM5Uzl3PCRp0YOjxwZOjrSsVp/++74lV8eef6H2u8f/nH557ffT+J49Dfn1tbRKYMxuPKarFWIiNFOB8tJT7OetXUmhds8KO1yUgAAtJWuuYZ7IErRE6sXb6X4/JtckwMAAAA6YrknYhkAAADY4RLrfwAAANjhWt8DuLk4P9Zq+X4j4d66cSIiBhr1LzVbY6YQtfq2L3ojYs/NJNb+rDVpPOyuDUbE99ePfpK16NLvkDdTW4iIBzc6/km9/oH6r7jX159GxFAH4g/eMv431X+8A/Hzrh+A+9PVE40T2frzX7py/RMbnP8KG5y7/om8z3+t67+lddd/q/X3tLn+e3GLMS598O7FdnNZ/U9fee7jVsviZ9u7KuoO3FiIeKiwUf3JSv1Jm/pPbTFG6c+LlXZzede//F7Egdi4/pZk8/8nOjQ+Ua0MNW43jLHw1chH7eLnXX92/Pe0qb/1/0/tjv+FLcZ45eTJT9ftvL7a3bz+9Mdi8nK9V2zueW10ZmZqOKKYvLB+/+HNc2ndp/UcWf0HH938/b9R/dlnQq35OmRrgYXmNhu/fkvMZy5f+qxdPq31X57H/3Sb47+2/i8L64//m1uM8dgXbx1sN7d2/Zu1LH5rLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlE9EeSllf6aVouR+yNiP/HnrR6fnrm8fHzr547nc1FDERvOj5RrQxFRKkxTrLxcL2/Oj58y/jJiNgXEe+UdtfH5bHz1dN5Fw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCKvRHRH0lajog0IpZKaVou550VAAAA0HEDeScAAAAAdJ31PwAAAOx81v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB02b6Hr15LIqJ2bHe9ZYrNud5cMwO6Lc07ASA3PXknAOSmkHcCQG7ucI3vcgF2oOQ2831tZ3Z1PBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtq8D+69eSyKidmx3vWWKzbneXDMDui3NOwEgNz2bTRbuXR7AvectDvcva3wguc183+p9an+f2dW1nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYfvrrLUnLEVFs7iuXI/4TEQPRm4xPVCtDEfHfiPi21LsrGw/nnDMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdNz07NzlarVamsk4azc7KHp3VTtJ4xWrbJR+du+wUY1uksU07eX8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh+nZucnRarUyNZ13JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDepmfnJker1cpUFzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+CgAA//9gfgp0")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xa0242, 0x0)
linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000700)='./file7\x00', 0x400)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r1, 0x400, 0x1)
renameat2(0xffffffffffffff9c, &(0x7f00000007c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file3\x00', 0x4)

437.479516ms ago: executing program 3 (id=1212):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x8}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xc0}}, 0x0)

402.049038ms ago: executing program 3 (id=1213):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000e6ec9ba0fd750b56aa05e99d4dfecb6c08732fe047958b77b4ba13964e9215f80aef9fc2ef17935ca14873e8531386d4b8a3722a72099f4522b7a4db1834afe327121f7b"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0xc0f00, 0x60, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f00000001c0)='./file0\x00', 0x57806, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x0, 0x70c, &(0x7f00000007c0)="$eJzs3V+P21gZBvDnJJkkk0JVAapWVbdzOmWlqRhSJ7NNFRUkjHOSMSRxZHtgRkJaFTqDRs0UaItEc9PODX+k5Qtwtzdc8CFW4oKr/RZwBdIKhIR2BUJGPraTTOJkJm3a2aXPb7Qb5/j18etjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU/Ki2FdyMJm7OW+dKuF5AhP+gWMRbUfFbXxmFXA7/tY6r0berKIYfRQwuXL5098u5TLL8nIRfBBat8PHTwYN7/f7+ozPEZrFw9ecJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJYV3vl41jJr8TiHa0QDKnrVtt9t2t6VjwtlhzB35/g+iAGV2pDw47O9vjeXzLK2Nw6BKSvKZ8eAwqHra5laNarVSqVYrtdv123cMIzdVYISEMYSpiKUftHSeMvHxusAiyzt5E72kjNX4j/FnAbRRRBc72IVM/bHQgAsHnRnzY0n//84tNXe94/1/0suvjGZfge7/r0Xfrs3q/2fkIiH1AmlzxIzyxX5WdEYSj/EUAzzAPfTRxz4eLaFuCbm22Dal/OSNuCUny5eS3/CnBYUubHhwYKMDEy18ETIukaijhhoMvIdtNOFBogkbbSh42IMHHyo8ovJhpgomfDhwIbEBCzchUUEddWxBQqGMPTjYQRctNGDikyAIDnCo230rzud5ylYjCarM2IgCcslxt4/qnK2d1f//8Fm0dNz/G+z/31TRcVCIPj6aF0P0GRDE1/8LWns12RARERERERHRqyD0b9+F/qv82wACNO22Mk7EFM4tOyIiIiIiIiJaBoGggKsQ0V35eBti+vqfiIiIiIiIiD7fhH7GTgAo6Zv6xehxqbP8EiD7GlIkIiIiIiIiopekn/y/lgcCfZf/GsRC1/9ERERERERE9Dnw67Ex9nPZeIzdIPmzfgbA2l8K4sO/F+CuiOPe7lfFkRnOMY/imKk7APzmFXExHqhXf+QB6G+WuiritUngX8lvH0IfH6SP9f88iAgh3IkE8tnxCmYkIMI113LxN7yP69Ei1+Nx5u8PMtBzohGFS027rcqW075bgWlezPhq1//5w8NfAO5wOw8O+/vlH/2kf1/nchwWHR+FlT47kU4mvTFGuTzR4y3oZy7SRjdeRTNZ5W+6nZLQ6zWS7c/CPMqMr2jeDqitAtFW/hLr0T5bD6LY0mA44r4A1vTgD5Wy3mUntt5dEaMsKpNbnrYjZmx5UWdxI4q5sXEj+kjaJKwnI4pfywLV8uQ+CBMdy6I6nsXpbSH+MdH+87OAKIZtsRVm8cewoom2+P6H0cJbvd1keIyzZDF1FBARnZeDUS+kBzGfGmM/6R6Sk9rZ+x3kgPgsN6N3H60liPuPpHd/8rsg6qGyQC7+20T6WpJ+BeEZfUPoevLRgO65KylndKP8aRAE5sUixs/o/w2CZIOMBXq34yAIJs/ofxi9AylOeyqLfwdBcLeie5LfTvSqH4QLfDBzvV67mkURBTw5+ik+SWbv/3j/YbW6VTPeNYzbVazo/1WIP7Jg30NERFNOf8eOjsjMiRDvJl3J9ft/eyeaOtHjfSm+pUC7BfRxH5vJKwTW0mst4QDf/Gd0G8JmdNUKrJeiz9JAXr50N7yqHcYeipx+w8vmzKs63VlGsfr2huowNnnv0OQV4Ch269XuBCIiotdsfUY/DJzo/3Gy/y+e6P83sRFFbFxJve4ujd1SuJlcHQ8v6QcXjlNjK6cn/60lNwYREdEbQrkfi5L/K+G6du+9Sr1eMf1tJV3H+q507UZLSbvrK9faNrstJXuu4zuW05Y9FwV7VXnS2+n1nLiq545n7+o3v8v41e+e6phd37a8XluZnpKW0/VNy5cN27Nkb+fbbdvbVq5sOq70esqym7Zl+rbTlZ6z41qqLKWn1Fig3VBd327a4WRX9ly7Y7p78ntOe6ejZEN5lmv3fCeqMFmX3W06bkdXW0aw8IsOiYiI/h89fjp4cK/f3380ObEaXppHJceYETM9kU+pkGMEERERfcaMuusFFiq+woSIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiGjK6Y/0LTixkvawIDAs+dnFuATPMXrEcKoegZfN51P3T3pgvxdZPDMsEQDOsFTySMTgwUdzgleHJUnzj8ccL5IhLgEv3D5//QJwQZcgKskt8QCYfn506cdY2sQ3DqIWnRWjZ6bOKgz3RW75/zmEEw9/Pz1LhC0fBEEwf/HCyTbMn/14zgF4lJ+zC1ZPOX5e95mIiF63/wUAAP//RtMt6g==")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
write$binfmt_aout(r2, &(0x7f0000000340)={{0x107, 0x3, 0x7, 0x357, 0x85, 0x8, 0x1e8, 0x5}}, 0x20)
waitid(0x0, r1, 0x0, 0x4, 0x0)
r3 = syz_pidfd_open(r1, 0x0)
pidfd_send_signal(r3, 0x2, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
r4 = socket$kcm(0x10, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="0000230c1100"})
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[@ANYBLOB="25390000290003"], 0x33fe0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r6, &(0x7f0000004200)='t', 0x1)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
preadv(r7, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0xfffffffffffffe15}], 0x1, 0x3fe, 0x6)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r7, 0x84, 0x71, &(0x7f00000001c0), &(0x7f0000000200)=0x8)
sendfile(r6, r5, 0x0, 0x3ffff)
r8 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r8, 0x29, 0x20, &(0x7f0000000180)={@loopback={0x200000000000000}, 0x800, 0x0, 0x3, 0x1}, 0x20)
setsockopt$inet6_int(r8, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r8, &(0x7f0000000100)={0xa, 0x0, 0x380000, @loopback={0x80fe}}, 0x1c)
syncfs(r7)
sendfile(r6, r5, 0x0, 0x7ffff000)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x42, 0x1c4)

230.304802ms ago: executing program 1 (id=1216):
ioctl$FITHAW(0xffffffffffffffff, 0xc0045878)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRES8=0x0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x94)
r0 = syz_io_uring_setup(0x2439, &(0x7f0000001480)={0x0, 0x1064, 0x2, 0x4, 0x2be}, &(0x7f00000006c0)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000340)=@IORING_OP_SENDMSG={0x9, 0x14, 0x0, r0, 0x0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000180)=[{0x0}, {0x0}], 0x3e, 0x0, 0x530}, 0x0, 0x1000})
io_uring_enter(r0, 0x47f8, 0x1e43, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000180)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0xad}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a31000000002c0003800800014000000000180003801400010076657468315f746f5f626f6e6400000008000240000000006c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000004000038008000140000000002c0003801400010067656e657665300000000000000000001400010076657468315f746f5f626f6e64000000080002"], 0x10c}}, 0x0)

229.520032ms ago: executing program 1 (id=1217):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x19, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
inotify_init1(0x800)

173.035527ms ago: executing program 1 (id=1218):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x8000000, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x5}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x10100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x80000, {0x0, 0x0, 0x0, r5, {0x0, 0x6}, {0xffe6, 0xb}, {0xd, 0xc}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x2000c0e1}, 0x4000804)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r7)
socket$unix(0x1, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})
r8 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82)
r9 = dup(r8)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b00000007000000010001000800000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r10, <r11=>0xffffffffffffffff}, &(0x7f00000001c0), &(0x7f0000000340)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r11, <r12=>0xffffffffffffffff}, &(0x7f0000000040)=0x18, &(0x7f0000000140)}, 0x20)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r13}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r9, 0x0)

73.958905ms ago: executing program 1 (id=1219):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x81203, 0x10000, 0x0, 0x5, 0x4, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x2000000a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)

43.948867ms ago: executing program 1 (id=1220):
r0 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r0, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6800}, 0x0)
r2 = add_key$user(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x0}, &(0x7f0000000700)=' ', 0x1, 0xfffffffffffffffe)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="540000000b060108000000000000000002000000090002"], 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES8, @ANYRES16=<r6=>r1, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x2000, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
fcntl$lock(r8, 0x24, &(0x7f0000000900)={0x1, 0x0, 0x2e, 0xfffffffffffffffc})
keyctl$dh_compute(0x17, &(0x7f00000000c0)={0x0, 0x0, r2}, 0x0, 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYRESDEC=0x0, @ANYRES64=r0, @ANYRESDEC=r0, @ANYRES8=r0, @ANYRESOCT=r1, @ANYRES8=r7, @ANYBLOB, @ANYRESDEC=0x0, @ANYRES32=r0, @ANYRES16=r1, @ANYRES32=r4, @ANYRES32=r6, @ANYRES64=r2], 0x48)
r10 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TIOCGRS485(r10, 0x542e, &(0x7f0000000000))
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r11}, 0x10)
r12 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2060, 0x0)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x84009422, &(0x7f0000000cc0)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000200)='kfree\x00', r13, 0x0, 0xfffffffffffffffc}, 0x18)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000c80)={'lo\x00', <r14=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r12, 0x8916, &(0x7f0000005b80)={@loopback, 0x35, r14})

0s ago: executing program 1 (id=1221):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e4"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x41}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x0, 0x2}, 0x10)
sendmsg$tipc(r2, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x2, {{0x40}, 0x2}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x4)

kernel console output (not intermixed with test programs):

s (loop2): 1 orphan inode deleted
[   80.951850][ T4793] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.012744][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.110058][ T4810] netem: incorrect ge model size
[   81.115127][ T4810] netem: change failed
[   81.269658][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811a727800: rx timeout, send abort
[   81.277939][    C0] vcan0: j1939_tp_rxtimer: 0xffff888119ade000: rx timeout, send abort
[   81.286201][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88811a727800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[   81.300517][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888119ade000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[   81.321160][ T4819] loop2: detected capacity change from 0 to 512
[   81.330437][ T4819] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   81.343658][ T4819] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   81.392637][ T4819] EXT4-fs (loop2): 1 truncate cleaned up
[   81.398847][ T4819] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.418714][ T4822] loop1: detected capacity change from 0 to 8192
[   81.621855][ T4827] netlink: 'syz.3.579': attribute type 1 has an invalid length.
[   81.655147][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.785712][ T4822] /dev/loop1: Can't open blockdev
[   81.974332][   T29] kauditd_printk_skb: 6446 callbacks suppressed
[   81.974349][   T29] audit: type=1400 audit(1754952190.468:7115): avc:  denied  { load_policy } for  pid=4821 comm="syz.1.578" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   82.011522][ T4822] SELinux: ebitmap: truncated map
[   82.033523][ T4822] SELinux: failed to load policy
[   82.166021][ T4845] netlink: 'syz.3.581': attribute type 39 has an invalid length.
[   82.217832][ T4847] netem: incorrect ge model size
[   82.222886][ T4847] netem: change failed
[   82.473069][   T29] audit: type=1400 audit(1754952190.598:7116): avc:  denied  { unlink } for  pid=3308 comm="syz-executor" name="file0" dev="tmpfs" ino=486 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   82.495789][   T29] audit: type=1400 audit(1754952190.598:7117): avc:  denied  { create } for  pid=4830 comm="syz.3.581" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   82.515321][   T29] audit: type=1400 audit(1754952190.598:7118): avc:  denied  { ioctl } for  pid=4830 comm="syz.3.581" path="socket:[9197]" dev="sockfs" ino=9197 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   82.539903][   T29] audit: type=1326 audit(1754952190.868:7119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4853 comm="syz.2.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c219ebe9 code=0x7ffc0000
[   82.563290][   T29] audit: type=1326 audit(1754952190.868:7120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4853 comm="syz.2.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c219ebe9 code=0x7ffc0000
[   82.586614][   T29] audit: type=1326 audit(1754952190.878:7121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4853 comm="syz.2.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7f61c219ebe9 code=0x7ffc0000
[   82.609969][   T29] audit: type=1326 audit(1754952190.878:7122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4853 comm="syz.2.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c219ebe9 code=0x7ffc0000
[   82.633571][   T29] audit: type=1326 audit(1754952190.878:7123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4853 comm="syz.2.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c219ebe9 code=0x7ffc0000
[   82.661886][   T29] audit: type=1326 audit(1754952191.078:7124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4863 comm="syz.1.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f867b73ebe9 code=0x7ffc0000
[   82.750758][ T4875] netlink: 'syz.2.595': attribute type 1 has an invalid length.
[   82.784116][ T4850] FAULT_INJECTION: forcing a failure.
[   82.784116][ T4850] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   82.797371][ T4850] CPU: 0 UID: 0 PID: 4850 Comm: syz.0.585 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   82.797404][ T4850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   82.797443][ T4850] Call Trace:
[   82.797448][ T4850]  <TASK>
[   82.797455][ T4850]  __dump_stack+0x1d/0x30
[   82.797483][ T4850]  dump_stack_lvl+0xe8/0x140
[   82.797616][ T4850]  dump_stack+0x15/0x1b
[   82.797637][ T4850]  should_fail_ex+0x265/0x280
[   82.797740][ T4850]  should_fail+0xb/0x20
[   82.797760][ T4850]  should_fail_usercopy+0x1a/0x20
[   82.797788][ T4850]  _copy_to_user+0x20/0xa0
[   82.797826][ T4850]  simple_read_from_buffer+0xb5/0x130
[   82.797930][ T4850]  proc_fail_nth_read+0x10e/0x150
[   82.797962][ T4850]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   82.797992][ T4850]  vfs_read+0x1a8/0x770
[   82.798056][ T4850]  ? __rcu_read_unlock+0x4f/0x70
[   82.798081][ T4850]  ? __fget_files+0x184/0x1c0
[   82.798112][ T4850]  ksys_read+0xda/0x1a0
[   82.798158][ T4850]  __x64_sys_read+0x40/0x50
[   82.798189][ T4850]  x64_sys_call+0x27bc/0x2ff0
[   82.798213][ T4850]  do_syscall_64+0xd2/0x200
[   82.798237][ T4850]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   82.798260][ T4850]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   82.798293][ T4850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.798317][ T4850] RIP: 0033:0x7f7f9b9ed5fc
[   82.798356][ T4850] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   82.798372][ T4850] RSP: 002b:00007f7f9a436030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   82.798391][ T4850] RAX: ffffffffffffffda RBX: 00007f7f9bc16090 RCX: 00007f7f9b9ed5fc
[   82.798402][ T4850] RDX: 000000000000000f RSI: 00007f7f9a4360a0 RDI: 0000000000000006
[   82.798413][ T4850] RBP: 00007f7f9a436090 R08: 0000000000000000 R09: 0000000000000000
[   82.798427][ T4850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   82.798441][ T4850] R13: 00007f7f9bc16128 R14: 00007f7f9bc16090 R15: 00007ffe90ca34d8
[   82.798463][ T4850]  </TASK>
[   83.016408][ T4885] atomic_op ffff8881222a1d28 conn xmit_atomic 0000000000000000
[   83.036143][ T4889] netem: incorrect ge model size
[   83.041166][ T4889] netem: change failed
[   83.164635][ T4903] netlink: 'syz.4.607': attribute type 1 has an invalid length.
[   83.211122][ T4907] loop3: detected capacity change from 0 to 512
[   83.226002][ T4907] EXT4-fs: Ignoring removed nobh option
[   83.246398][ T4907] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117
[   83.255182][ T4907] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.609: invalid indirect mapped block 256 (level 1)
[   83.269695][ T4907] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.609: invalid indirect mapped block 2683928664 (level 1)
[   83.285127][ T4907] EXT4-fs (loop3): 1 truncate cleaned up
[   83.291312][ T4907] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.308086][ T4907] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   83.316654][ T4907] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   83.329096][ T4912] netlink: 28 bytes leftover after parsing attributes in process `syz.0.603'.
[   83.372056][ T4916] netem: incorrect ge model size
[   83.377081][ T4916] netem: change failed
[   83.411812][   T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   83.419478][   T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   83.426918][   T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   83.436907][   T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   83.444452][   T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   83.451846][   T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   83.459292][   T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   83.466812][   T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   83.474295][   T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   83.481681][   T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   83.511757][ T4924] loop2: detected capacity change from 0 to 512
[   83.519643][   T10] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v8.00 Device [syz1] on syz0
[   83.531270][ T4924] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.576011][ T4924] ext4 filesystem being mounted at /148/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.619649][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.335167][ T4949] netlink: 20 bytes leftover after parsing attributes in process `syz.2.626'.
[   84.386568][ T4949] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=4949 comm=syz.2.626
[   84.402941][ T4949] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   84.411717][ T4949] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   84.438297][ T4957] netlink: 'syz.4.630': attribute type 11 has an invalid length.
[   84.446085][ T4957] netlink: 140 bytes leftover after parsing attributes in process `syz.4.630'.
[   84.447426][ T4949] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65 sclass=netlink_route_socket pid=4949 comm=syz.2.626
[   84.467413][ T4949] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=64 sclass=netlink_route_socket pid=4949 comm=syz.2.626
[   84.479909][ T4949] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=63 sclass=netlink_route_socket pid=4949 comm=syz.2.626
[   84.492292][ T4949] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57 sclass=netlink_route_socket pid=4949 comm=syz.2.626
[   85.191046][ T4969] loop2: detected capacity change from 0 to 512
[   85.197888][ T4969] EXT4-fs: Ignoring removed nobh option
[   85.205276][ T4969] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117
[   85.214923][ T4969] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.635: invalid indirect mapped block 256 (level 1)
[   85.228548][ T4969] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.635: invalid indirect mapped block 2683928664 (level 1)
[   85.242950][ T4969] EXT4-fs (loop2): 1 truncate cleaned up
[   85.249162][ T4969] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.265191][ T4969] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   85.273839][ T4969] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   85.335546][ T4973] netlink: 8 bytes leftover after parsing attributes in process `syz.2.635'.
[   85.356159][ T4981] netlink: 'syz.4.640': attribute type 1 has an invalid length.
[   85.479468][ T4994] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=4994 comm=syz.0.646
[   85.492094][ T4994] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2563 sclass=netlink_route_socket pid=4994 comm=syz.0.646
[   85.504650][ T4994] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2566 sclass=netlink_route_socket pid=4994 comm=syz.0.646
[   85.557943][ T4994] lo speed is unknown, defaulting to 1000
[   85.566618][ T4994] lo speed is unknown, defaulting to 1000
[   85.572518][ T4994] lo speed is unknown, defaulting to 1000
[   85.578556][ T4994] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   85.586759][ T4797] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[   85.600918][ T4994] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   85.609457][ T4797] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[   85.627047][ T4994] lo speed is unknown, defaulting to 1000
[   85.633255][ T4994] lo speed is unknown, defaulting to 1000
[   85.639384][ T4994] lo speed is unknown, defaulting to 1000
[   85.646273][ T4994] lo speed is unknown, defaulting to 1000
[   85.652396][ T4994] lo speed is unknown, defaulting to 1000
[   85.972571][ T5010] lo speed is unknown, defaulting to 1000
[   86.099825][ T5020] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   86.107085][ T5020] syzkaller0: entered promiscuous mode
[   86.112679][ T5020] syzkaller0: entered allmulticast mode
[   86.121255][ T5020] tipc: Resetting bearer <eth:syzkaller0>
[   86.154161][ T5019] tipc: Resetting bearer <eth:syzkaller0>
[   86.161021][ T5019] tipc: Disabling bearer <eth:syzkaller0>
[   86.221205][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.237917][ T5024] netem: incorrect ge model size
[   86.242354][ T5026] loop3: detected capacity change from 0 to 512
[   86.242974][ T5024] netem: change failed
[   86.255368][ T5026] EXT4-fs (loop3): 1 truncate cleaned up
[   86.261351][ T5026] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.289876][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.309240][ T5030] loop3: detected capacity change from 0 to 512
[   86.324081][ T5030] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.336871][ T5030] ext4 filesystem being mounted at /123/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   86.349622][ T5030] siw: device registration error -23
[   86.365281][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.500715][ T5038] loop3: detected capacity change from 0 to 512
[   86.514418][ T5038] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.526923][ T5038] ext4 filesystem being mounted at /125/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.537924][ T5038] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.618239][ T5036] loop3: detected capacity change from 0 to 1024
[   86.624989][ T5036] =======================================================
[   86.624989][ T5036] WARNING: The mand mount option has been deprecated and
[   86.624989][ T5036]          and is ignored by this kernel. Remove the mand
[   86.624989][ T5036]          option from the mount to silence this warning.
[   86.624989][ T5036] =======================================================
[   86.664612][ T5036] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.665916][ T5052] netlink: 60 bytes leftover after parsing attributes in process `syz.4.667'.
[   86.676944][ T5036] ext4 filesystem being mounted at /125/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.686098][ T5049] netlink: 60 bytes leftover after parsing attributes in process `syz.4.667'.
[   86.698385][ T5036] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.860712][ T5054] netlink: 29 bytes leftover after parsing attributes in process `syz.3.668'.
[   86.889751][ T5060] loop4: detected capacity change from 0 to 512
[   86.897196][ T5060] EXT4-fs: Ignoring removed nobh option
[   86.916995][ T5060] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117
[   86.925774][ T5060] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.670: invalid indirect mapped block 256 (level 1)
[   86.939897][ T5060] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.670: invalid indirect mapped block 2683928664 (level 1)
[   86.956279][ T5060] EXT4-fs (loop4): 1 truncate cleaned up
[   86.962557][ T5060] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.978412][ T5060] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   86.986897][   T29] kauditd_printk_skb: 3934 callbacks suppressed
[   86.986910][   T29] audit: type=1400 audit(1754952195.468:11059): avc:  denied  { accept } for  pid=5064 comm="syz.3.672" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   87.002697][ T5060] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   87.034803][ T5066] loop3: detected capacity change from 0 to 128
[   87.047289][ T5066] syz.3.672: attempt to access beyond end of device
[   87.047289][ T5066] loop3: rw=2049, sector=145, nr_sectors = 3 limit=128
[   87.049291][   T29] audit: type=1400 audit(1754952195.538:11060): avc:  denied  { mount } for  pid=5064 comm="syz.3.672" name="/" dev="loop3" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   87.100026][   T29] audit: type=1400 audit(1754952195.588:11061): avc:  denied  { map } for  pid=5064 comm="syz.3.672" path="socket:[11521]" dev="sockfs" ino=11521 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   87.118279][ T5069] loop1: detected capacity change from 0 to 1024
[   87.123220][   T29] audit: type=1400 audit(1754952195.588:11062): avc:  denied  { read } for  pid=5064 comm="syz.3.672" path="socket:[11521]" dev="sockfs" ino=11521 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   87.131784][ T5069] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[   87.155100][   T29] audit: type=1400 audit(1754952195.588:11063): avc:  denied  { sqpoll } for  pid=5068 comm="syz.1.673" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   87.162463][ T5069] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[   87.191840][ T5069] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   87.202266][ T5069] EXT4-fs error (device loop1): ext4_get_journal_inode:5796: inode #32: comm syz.1.673: iget: special inode unallocated
[   87.202972][   T29] audit: type=1400 audit(1754952195.698:11064): avc:  denied  { unmount } for  pid=3304 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   87.222139][ T5069] EXT4-fs (loop1): no journal found
[   87.240123][ T5069] EXT4-fs (loop1): can't get journal size
[   87.248962][ T5069] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   87.252978][ T5073] netlink: 'syz.3.674': attribute type 11 has an invalid length.
[   87.269152][ T5073] netlink: 140 bytes leftover after parsing attributes in process `syz.3.674'.
[   87.284622][   T29] audit: type=1400 audit(1754952195.778:11065): avc:  denied  { create } for  pid=5068 comm="syz.1.673" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   87.304345][   T29] audit: type=1400 audit(1754952195.778:11066): avc:  denied  { create } for  pid=5068 comm="syz.1.673" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   87.324304][   T29] audit: type=1400 audit(1754952195.778:11067): avc:  denied  { bind } for  pid=5068 comm="syz.1.673" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   87.343728][   T29] audit: type=1400 audit(1754952195.778:11068): avc:  denied  { listen } for  pid=5068 comm="syz.1.673" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   87.945497][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.032057][ T5088] FAULT_INJECTION: forcing a failure.
[   88.032057][ T5088] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   88.045419][ T5088] CPU: 1 UID: 0 PID: 5088 Comm: syz.1.679 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   88.045451][ T5088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   88.045466][ T5088] Call Trace:
[   88.045473][ T5088]  <TASK>
[   88.045482][ T5088]  __dump_stack+0x1d/0x30
[   88.045508][ T5088]  dump_stack_lvl+0xe8/0x140
[   88.045583][ T5088]  dump_stack+0x15/0x1b
[   88.045621][ T5088]  should_fail_ex+0x265/0x280
[   88.045648][ T5088]  should_fail+0xb/0x20
[   88.045705][ T5088]  should_fail_usercopy+0x1a/0x20
[   88.045733][ T5088]  _copy_from_iter+0xcf/0xe40
[   88.045844][ T5088]  ? __build_skb_around+0x1a0/0x200
[   88.045877][ T5088]  ? __alloc_skb+0x223/0x320
[   88.045930][ T5088]  netlink_sendmsg+0x471/0x6b0
[   88.045960][ T5088]  ? __pfx_netlink_sendmsg+0x10/0x10
[   88.045985][ T5088]  __sock_sendmsg+0x145/0x180
[   88.046027][ T5088]  ____sys_sendmsg+0x31e/0x4e0
[   88.046058][ T5088]  ___sys_sendmsg+0x17b/0x1d0
[   88.046116][ T5088]  __x64_sys_sendmsg+0xd4/0x160
[   88.046160][ T5088]  x64_sys_call+0x191e/0x2ff0
[   88.046186][ T5088]  do_syscall_64+0xd2/0x200
[   88.046342][ T5088]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   88.046374][ T5088]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   88.046404][ T5088]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.046499][ T5088] RIP: 0033:0x7f867b73ebe9
[   88.046516][ T5088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.046535][ T5088] RSP: 002b:00007f867a1a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   88.046630][ T5088] RAX: ffffffffffffffda RBX: 00007f867b965fa0 RCX: 00007f867b73ebe9
[   88.046645][ T5088] RDX: 0000000020040054 RSI: 0000200000006040 RDI: 0000000000000004
[   88.046660][ T5088] RBP: 00007f867a1a7090 R08: 0000000000000000 R09: 0000000000000000
[   88.046674][ T5088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.046689][ T5088] R13: 00007f867b966038 R14: 00007f867b965fa0 R15: 00007ffe80d7c4f8
[   88.046717][ T5088]  </TASK>
[   88.252311][ T4797] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[   88.267568][ T4797] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[   88.282460][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.321397][ T5092] loop2: detected capacity change from 0 to 128
[   88.330568][ T5092] syz.2.680: attempt to access beyond end of device
[   88.330568][ T5092] loop2: rw=0, sector=2072, nr_sectors = 1 limit=128
[   88.346312][ T5095] FAULT_INJECTION: forcing a failure.
[   88.346312][ T5095] name failslab, interval 1, probability 0, space 0, times 0
[   88.359015][ T5095] CPU: 0 UID: 0 PID: 5095 Comm: syz.1.682 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   88.359048][ T5095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   88.359062][ T5095] Call Trace:
[   88.359069][ T5095]  <TASK>
[   88.359077][ T5095]  __dump_stack+0x1d/0x30
[   88.359180][ T5095]  dump_stack_lvl+0xe8/0x140
[   88.359204][ T5095]  dump_stack+0x15/0x1b
[   88.359269][ T5095]  should_fail_ex+0x265/0x280
[   88.359338][ T5095]  ? inet6_rtm_newroute+0x5af/0x1020
[   88.359386][ T5095]  should_failslab+0x8c/0xb0
[   88.359415][ T5095]  __kmalloc_cache_noprof+0x4c/0x320
[   88.359475][ T5095]  inet6_rtm_newroute+0x5af/0x1020
[   88.359550][ T5095]  ? strlen+0x19/0x40
[   88.359580][ T5095]  ? __memcg_slab_free_hook+0x135/0x230
[   88.359643][ T5095]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[   88.359675][ T5095]  rtnetlink_rcv_msg+0x5fb/0x6d0
[   88.359744][ T5095]  netlink_rcv_skb+0x120/0x220
[   88.359762][ T5095]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   88.359789][ T5095]  rtnetlink_rcv+0x1c/0x30
[   88.359877][ T5095]  netlink_unicast+0x5c0/0x690
[   88.359917][ T5095]  netlink_sendmsg+0x58b/0x6b0
[   88.359943][ T5095]  ? __pfx_netlink_sendmsg+0x10/0x10
[   88.359968][ T5095]  __sock_sendmsg+0x145/0x180
[   88.360029][ T5095]  ____sys_sendmsg+0x345/0x4e0
[   88.360058][ T5095]  ___sys_sendmsg+0x17b/0x1d0
[   88.360095][ T5095]  __sys_sendmmsg+0x178/0x300
[   88.360189][ T5095]  __x64_sys_sendmmsg+0x57/0x70
[   88.360220][ T5095]  x64_sys_call+0x1c4a/0x2ff0
[   88.360243][ T5095]  do_syscall_64+0xd2/0x200
[   88.360272][ T5095]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   88.360355][ T5095]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   88.360376][ T5095]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.360393][ T5095] RIP: 0033:0x7f867b73ebe9
[   88.360406][ T5095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.360425][ T5095] RSP: 002b:00007f867a1a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   88.360486][ T5095] RAX: ffffffffffffffda RBX: 00007f867b965fa0 RCX: 00007f867b73ebe9
[   88.360500][ T5095] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000005
[   88.360513][ T5095] RBP: 00007f867a1a7090 R08: 0000000000000000 R09: 0000000000000000
[   88.360527][ T5095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.360540][ T5095] R13: 00007f867b966038 R14: 00007f867b965fa0 R15: 00007ffe80d7c4f8
[   88.360562][ T5095]  </TASK>
[   88.674886][ T5101] netlink: 'syz.0.684': attribute type 1 has an invalid length.
[   88.702103][ T5104] loop1: detected capacity change from 0 to 512
[   88.717756][ T5104] EXT4-fs: Ignoring removed nobh option
[   88.723624][  T410] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 20003 - 0
[   88.736721][  T410] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 20003 - 0
[   88.785271][  T410] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 20003 - 0
[   88.805802][  T410] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 20003 - 0
[   88.844491][ T5113] loop0: detected capacity change from 0 to 512
[   88.856211][ T5113] EXT4-fs: Ignoring removed nobh option
[   88.873843][ T4797] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[   88.880664][ T5104] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117
[   88.897205][ T5104] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.685: invalid indirect mapped block 256 (level 1)
[   88.910691][ T5104] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.685: invalid indirect mapped block 2683928664 (level 1)
[   88.925867][ T5104] EXT4-fs (loop1): 1 truncate cleaned up
[   88.932101][ T5104] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.946861][ T5113] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -117
[   88.955373][ T5113] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.690: invalid indirect mapped block 256 (level 1)
[   88.972813][ T4797] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[   89.030036][ T5113] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.690: invalid indirect mapped block 2683928664 (level 1)
[   89.084053][ T5113] EXT4-fs (loop0): 1 truncate cleaned up
[   89.091537][ T5113] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.120652][ T5104] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   89.138134][ T5104] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   89.167960][ T5104] netlink: 8 bytes leftover after parsing attributes in process `syz.1.685'.
[   89.225922][ T5113] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   89.239926][ T5113] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   89.310854][ T5120] netlink: 8 bytes leftover after parsing attributes in process `syz.0.690'.
[   89.443671][ T5126] loop2: detected capacity change from 0 to 512
[   89.454793][ T5126] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.467342][ T5126] ext4 filesystem being mounted at /161/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.564905][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.698357][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.718441][ T5133] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   89.725413][ T5133] syzkaller0: entered promiscuous mode
[   89.730939][ T5133] syzkaller0: entered allmulticast mode
[   89.740434][ T5133] tipc: Resetting bearer <eth:syzkaller0>
[   89.784112][ T5132] tipc: Resetting bearer <eth:syzkaller0>
[   89.791287][ T5132] tipc: Disabling bearer <eth:syzkaller0>
[   89.904176][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.989217][ T5147] loop1: detected capacity change from 0 to 164
[   89.997142][ T5147] Unable to read rock-ridge attributes
[   90.007368][ T5147] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5147 comm=syz.1.702
[   90.021460][   T10] hid_parser_main: 18 callbacks suppressed
[   90.021477][   T10] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   90.034807][   T10] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   90.042224][   T10] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   90.051364][   T10] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   90.058790][   T10] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   90.066259][   T10] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   90.073697][   T10] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   90.081141][   T10] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   90.088526][   T10] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   90.095925][   T10] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   90.103573][ T5149] netlink: 4 bytes leftover after parsing attributes in process `syz.1.702'.
[   90.103878][   T10] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v8.00 Device [syz1] on syz0
[   90.149229][ T5147] netlink: 8 bytes leftover after parsing attributes in process `syz.1.702'.
[   90.160028][ T5147] netlink: 4 bytes leftover after parsing attributes in process `syz.1.702'.
[   90.524246][ T5156] loop3: detected capacity change from 0 to 128
[   90.785652][ T5165] loop2: detected capacity change from 0 to 512
[   90.855901][ T5165] EXT4-fs: Ignoring removed nobh option
[   90.881988][ T5165] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117
[   90.897564][ T5165] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.708: invalid indirect mapped block 256 (level 1)
[   90.914925][ T5165] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.708: invalid indirect mapped block 2683928664 (level 1)
[   90.958079][ T5165] EXT4-fs (loop2): 1 truncate cleaned up
[   90.974439][ T5165] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.011460][ T5165] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   91.040161][ T5165] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   91.251392][ T5175] lo speed is unknown, defaulting to 1000
[   91.283159][ T5176] loop3: detected capacity change from 0 to 164
[   91.415143][ T5189] netem: incorrect ge model size
[   91.420126][ T5189] netem: change failed
[   91.434495][ T5185] loop3: detected capacity change from 0 to 8192
[   91.552576][ T4797] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[   91.572613][ T4797] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[   91.646138][ T5195] loop3: detected capacity change from 0 to 256
[   91.785180][ T5197] netlink: 'syz.4.720': attribute type 1 has an invalid length.
[   91.850647][ T5205] netlink: 'syz.4.724': attribute type 39 has an invalid length.
[   91.860055][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.973901][ T5225] loop0: detected capacity change from 0 to 164
[   91.984530][ T5225] Unable to read rock-ridge attributes
[   91.994451][ T5225] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5225 comm=syz.0.730
[   92.004855][   T29] kauditd_printk_skb: 1858 callbacks suppressed
[   92.004870][   T29] audit: type=1400 audit(1754952200.488:12927): avc:  denied  { block_suspend } for  pid=5226 comm="syz.4.731" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   92.009271][   T10] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v8.00 Device [syz1] on syz0
[   92.048625][ T5225] netlink: 4 bytes leftover after parsing attributes in process `syz.0.730'.
[   92.071296][ T5225] netlink: 8 bytes leftover after parsing attributes in process `syz.0.730'.
[   92.084330][ T5225] netlink: 4 bytes leftover after parsing attributes in process `syz.0.730'.
[   92.090640][ T5231] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   92.143958][ T5231] syzkaller0: entered promiscuous mode
[   92.149504][ T5231] syzkaller0: entered allmulticast mode
[   92.157052][ T5231] tipc: Resetting bearer <eth:syzkaller0>
[   92.194311][ T5230] tipc: Resetting bearer <eth:syzkaller0>
[   92.200561][ T5230] tipc: Disabling bearer <eth:syzkaller0>
[   92.215704][   T29] audit: type=1400 audit(1754952200.708:12928): avc:  denied  { unmount } for  pid=3308 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[   92.263768][ T5236] loop0: detected capacity change from 0 to 1024
[   92.275164][ T5236] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.288929][ T5236] tipc: Can't bind to reserved service type 0
[   92.306661][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.379018][   T29] audit: type=1400 audit(1754952200.778:12929): avc:  denied  { execmem } for  pid=5237 comm="syz.1.736" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   92.398388][   T29] audit: type=1326 audit(1754952200.858:12930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5243 comm="syz.4.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55cc51ebe9 code=0x7ffc0000
[   92.421786][   T29] audit: type=1326 audit(1754952200.858:12931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5243 comm="syz.4.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55cc51ebe9 code=0x7ffc0000
[   92.445547][   T29] audit: type=1326 audit(1754952200.858:12932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5243 comm="syz.4.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f55cc51ebe9 code=0x7ffc0000
[   92.469011][   T29] audit: type=1326 audit(1754952200.858:12933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5243 comm="syz.4.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55cc51ebe9 code=0x7ffc0000
[   92.469705][ T5251] netlink: 'syz.3.742': attribute type 39 has an invalid length.
[   92.492759][   T29] audit: type=1326 audit(1754952200.858:12934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5243 comm="syz.4.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55cc51ebe9 code=0x7ffc0000
[   92.523854][   T29] audit: type=1326 audit(1754952200.858:12935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5243 comm="syz.4.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f55cc51ebe9 code=0x7ffc0000
[   92.547431][   T29] audit: type=1326 audit(1754952200.858:12936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5243 comm="syz.4.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55cc51ebe9 code=0x7ffc0000
[   92.576488][ T5238] loop1: detected capacity change from 0 to 512
[   92.588387][ T5238] EXT4-fs (loop1): filesystem is read-only
[   92.597588][ T5259] netlink: 'syz.0.737': attribute type 11 has an invalid length.
[   92.597966][ T5238] can0: slcan on ttyS3.
[   92.605394][ T5259] netlink: 140 bytes leftover after parsing attributes in process `syz.0.737'.
[   92.652592][ T5237] can0 (unregistered): slcan off ttyS3.
[   92.658343][ T5267] loop3: detected capacity change from 0 to 164
[   92.665597][ T5267] Unable to read rock-ridge attributes
[   92.672807][ T5267] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5267 comm=syz.3.748
[   92.688117][   T36] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v8.00 Device [syz1] on syz0
[   92.735361][ T5270] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   92.742401][ T5270] syzkaller0: entered promiscuous mode
[   92.747946][ T5270] syzkaller0: entered allmulticast mode
[   92.755425][ T5270] tipc: Resetting bearer <eth:syzkaller0>
[   92.785138][ T5269] tipc: Resetting bearer <eth:syzkaller0>
[   92.791955][ T5269] tipc: Disabling bearer <eth:syzkaller0>
[   93.217534][ T5273] loop1: detected capacity change from 0 to 128
[   93.279155][ T5275] syz.1.750: attempt to access beyond end of device
[   93.279155][ T5275] loop1: rw=2049, sector=153, nr_sectors = 8 limit=128
[   93.293292][ T5275] syz.1.750: attempt to access beyond end of device
[   93.293292][ T5275] loop1: rw=2049, sector=169, nr_sectors = 8 limit=128
[   93.306710][ T5275] syz.1.750: attempt to access beyond end of device
[   93.306710][ T5275] loop1: rw=2049, sector=185, nr_sectors = 8 limit=128
[   93.320180][ T5275] syz.1.750: attempt to access beyond end of device
[   93.320180][ T5275] loop1: rw=2049, sector=201, nr_sectors = 8 limit=128
[   93.342557][ T5275] syz.1.750: attempt to access beyond end of device
[   93.342557][ T5275] loop1: rw=2049, sector=217, nr_sectors = 8 limit=128
[   93.369919][ T5275] syz.1.750: attempt to access beyond end of device
[   93.369919][ T5275] loop1: rw=2049, sector=233, nr_sectors = 8 limit=128
[   93.405225][ T5275] syz.1.750: attempt to access beyond end of device
[   93.405225][ T5275] loop1: rw=2049, sector=249, nr_sectors = 8 limit=128
[   93.420996][ T5279] netlink: 'syz.3.753': attribute type 39 has an invalid length.
[   93.432610][ T5275] syz.1.750: attempt to access beyond end of device
[   93.432610][ T5275] loop1: rw=2049, sector=265, nr_sectors = 8 limit=128
[   93.462586][ T5275] syz.1.750: attempt to access beyond end of device
[   93.462586][ T5275] loop1: rw=2049, sector=281, nr_sectors = 8 limit=128
[   93.480463][ T5275] syz.1.750: attempt to access beyond end of device
[   93.480463][ T5275] loop1: rw=2049, sector=297, nr_sectors = 8 limit=128
[   93.517819][ T5283] FAULT_INJECTION: forcing a failure.
[   93.517819][ T5283] name failslab, interval 1, probability 0, space 0, times 0
[   93.530500][ T5283] CPU: 0 UID: 0 PID: 5283 Comm: syz.3.755 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   93.530524][ T5283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   93.530614][ T5283] Call Trace:
[   93.530619][ T5283]  <TASK>
[   93.530625][ T5283]  __dump_stack+0x1d/0x30
[   93.530648][ T5283]  dump_stack_lvl+0xe8/0x140
[   93.530705][ T5283]  dump_stack+0x15/0x1b
[   93.530724][ T5283]  should_fail_ex+0x265/0x280
[   93.530749][ T5283]  should_failslab+0x8c/0xb0
[   93.530834][ T5283]  kmem_cache_alloc_node_noprof+0x57/0x320
[   93.530870][ T5283]  ? __alloc_skb+0x101/0x320
[   93.530913][ T5283]  __alloc_skb+0x101/0x320
[   93.530962][ T5283]  ? audit_log_start+0x365/0x6c0
[   93.531001][ T5283]  audit_log_start+0x380/0x6c0
[   93.531037][ T5283]  audit_seccomp+0x48/0x100
[   93.531066][ T5283]  ? __seccomp_filter+0x68c/0x10d0
[   93.531156][ T5283]  __seccomp_filter+0x69d/0x10d0
[   93.531209][ T5283]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   93.531290][ T5283]  ? vfs_write+0x7e8/0x960
[   93.531316][ T5283]  ? __rcu_read_unlock+0x4f/0x70
[   93.531340][ T5283]  ? __fget_files+0x184/0x1c0
[   93.531365][ T5283]  __secure_computing+0x82/0x150
[   93.531383][ T5283]  syscall_trace_enter+0xcf/0x1e0
[   93.531420][ T5283]  do_syscall_64+0xac/0x200
[   93.531560][ T5283]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   93.531588][ T5283]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   93.531619][ T5283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.531644][ T5283] RIP: 0033:0x7fc33407ebe9
[   93.531732][ T5283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.531828][ T5283] RSP: 002b:00007fc332adf038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[   93.531851][ T5283] RAX: ffffffffffffffda RBX: 00007fc3342a5fa0 RCX: 00007fc33407ebe9
[   93.531870][ T5283] RDX: 0000000000000000 RSI: 0000000000000121 RDI: 0000000000000000
[   93.531885][ T5283] RBP: 00007fc332adf090 R08: 0000000000000000 R09: 0000000000000000
[   93.531899][ T5283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.531913][ T5283] R13: 00007fc3342a6038 R14: 00007fc3342a5fa0 R15: 00007fff6a164ee8
[   93.531937][ T5283]  </TASK>
[   93.755568][ T5285] mmap: syz.4.756 (5285) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   93.774364][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.816167][ T5285] loop4: detected capacity change from 0 to 512
[   93.827876][ T5287] random: crng reseeded on system resumption
[   93.889121][ T5285] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   93.928253][ T5285] ext4 filesystem being mounted at /142/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.971939][ T5285] ieee802154 phy0 wpan0: encryption failed: -22
[   94.081826][ T5295] loop2: detected capacity change from 0 to 8192
[   94.215486][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   94.295057][ T5309] netlink: 'syz.1.762': attribute type 21 has an invalid length.
[   94.303855][ T5309] netlink: 156 bytes leftover after parsing attributes in process `syz.1.762'.
[   94.376091][ T5325] netlink: 'syz.4.767': attribute type 11 has an invalid length.
[   94.383936][ T5325] netlink: 140 bytes leftover after parsing attributes in process `syz.4.767'.
[   94.442617][ T5333] capability: warning: `syz.1.769' uses deprecated v2 capabilities in a way that may be insecure
[   94.954151][ T5350] netem: incorrect ge model size
[   94.959151][ T5350] netem: change failed
[   95.384368][ T5358] loop2: detected capacity change from 0 to 8192
[   95.684963][ T5357] loop0: detected capacity change from 0 to 8192
[   96.160881][ T5395] loop2: detected capacity change from 0 to 8192
[   96.199738][ T5395] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   96.236080][ T5395] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[   96.243951][ T5395] FAT-fs (loop2): Filesystem has been set read-only
[   96.251048][ T5407] netlink: 'syz.3.800': attribute type 1 has an invalid length.
[   96.262827][ T5395] netlink: 404 bytes leftover after parsing attributes in process `syz.2.795'.
[   96.423388][ T5415] netlink: 'syz.4.804': attribute type 1 has an invalid length.
[   96.596513][ T5436] netlink: 220 bytes leftover after parsing attributes in process `syz.2.812'.
[   96.618099][ T5440] netlink: 'syz.3.814': attribute type 1 has an invalid length.
[   96.741021][   T37] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 20000 - 0
[   96.755872][   T37] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 20000 - 0
[   96.768204][ T5455] FAULT_INJECTION: forcing a failure.
[   96.768204][ T5455] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   96.778509][   T37] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 20000 - 0
[   96.781368][ T5455] CPU: 0 UID: 0 PID: 5455 Comm: syz.4.822 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   96.781401][ T5455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   96.781416][ T5455] Call Trace:
[   96.781423][ T5455]  <TASK>
[   96.781433][ T5455]  __dump_stack+0x1d/0x30
[   96.781460][ T5455]  dump_stack_lvl+0xe8/0x140
[   96.781483][ T5455]  dump_stack+0x15/0x1b
[   96.781546][ T5455]  should_fail_ex+0x265/0x280
[   96.781572][ T5455]  should_fail+0xb/0x20
[   96.781662][ T5455]  should_fail_usercopy+0x1a/0x20
[   96.781689][ T5455]  _copy_to_user+0x20/0xa0
[   96.781726][ T5455]  simple_read_from_buffer+0xb5/0x130
[   96.781753][ T5455]  proc_fail_nth_read+0x10e/0x150
[   96.781854][ T5455]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   96.781956][ T5455]  vfs_read+0x1a8/0x770
[   96.781983][ T5455]  ? __rcu_read_unlock+0x4f/0x70
[   96.782012][ T5455]  ? __fget_files+0x184/0x1c0
[   96.782063][ T5455]  ksys_read+0xda/0x1a0
[   96.782093][ T5455]  __x64_sys_read+0x40/0x50
[   96.782121][ T5455]  x64_sys_call+0x27bc/0x2ff0
[   96.782151][ T5455]  do_syscall_64+0xd2/0x200
[   96.782186][ T5455]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   96.782246][ T5455]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   96.782363][ T5455]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.782393][ T5455] RIP: 0033:0x7f55cc51d5fc
[   96.782412][ T5455] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   96.782444][ T5455] RSP: 002b:00007f55caf7f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   96.782469][ T5455] RAX: ffffffffffffffda RBX: 00007f55cc745fa0 RCX: 00007f55cc51d5fc
[   96.782490][ T5455] RDX: 000000000000000f RSI: 00007f55caf7f0a0 RDI: 0000000000000005
[   96.782507][ T5455] RBP: 00007f55caf7f090 R08: 0000000000000000 R09: 0000000000000000
[   96.782592][ T5455] R10: 0000000000009a80 R11: 0000000000000246 R12: 0000000000000001
[   96.782608][ T5455] R13: 00007f55cc746038 R14: 00007f55cc745fa0 R15: 00007ffc10da7e08
[   96.782634][ T5455]  </TASK>
[   97.009237][   T29] kauditd_printk_skb: 4063 callbacks suppressed
[   97.009253][   T29] audit: type=1326 audit(1754952205.498:16992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.1.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f867b735ba7 code=0x7ffc0000
[   97.044526][   T29] audit: type=1326 audit(1754952205.538:16993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.1.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f867b6dadd9 code=0x7ffc0000
[   97.068058][   T29] audit: type=1326 audit(1754952205.538:16994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.1.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f867b73ebe9 code=0x7ffc0000
[   97.091560][   T29] audit: type=1326 audit(1754952205.538:16995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.1.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f867b73ebe9 code=0x7ffc0000
[   97.115065][   T29] audit: type=1326 audit(1754952205.538:16996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.1.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f867b73ebe9 code=0x7ffc0000
[   97.138496][   T29] audit: type=1326 audit(1754952205.538:16997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.1.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f867b735ba7 code=0x7ffc0000
[   97.147136][ T5468] loop4: detected capacity change from 0 to 164
[   97.161874][   T29] audit: type=1326 audit(1754952205.538:16998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.1.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f867b6dadd9 code=0x7ffc0000
[   97.173457][   T37] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 20000 - 0
[   97.191465][   T29] audit: type=1326 audit(1754952205.538:16999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.1.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f867b73ebe9 code=0x7ffc0000
[   97.223366][ T5467] process 'syz.0.825' launched './file1' with NULL argv: empty string added
[   97.223904][   T29] audit: type=1326 audit(1754952205.658:17000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.1.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f867b735ba7 code=0x7ffc0000
[   97.255667][   T29] audit: type=1326 audit(1754952205.658:17001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.1.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f867b6dadd9 code=0x7ffc0000
[   97.281599][ T5468] Unable to read rock-ridge attributes
[   97.468308][ T5492] sd 0:0:1:0: device reset
[   97.482884][ T5492] netlink: 12 bytes leftover after parsing attributes in process `syz.1.837'.
[   97.505229][ T5492] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[   97.559341][ T5496] FAULT_INJECTION: forcing a failure.
[   97.559341][ T5496] name failslab, interval 1, probability 0, space 0, times 0
[   97.572118][ T5496] CPU: 1 UID: 0 PID: 5496 Comm: syz.2.839 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   97.572273][ T5496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   97.572288][ T5496] Call Trace:
[   97.572294][ T5496]  <TASK>
[   97.572301][ T5496]  __dump_stack+0x1d/0x30
[   97.572324][ T5496]  dump_stack_lvl+0xe8/0x140
[   97.572346][ T5496]  dump_stack+0x15/0x1b
[   97.572375][ T5496]  should_fail_ex+0x265/0x280
[   97.572422][ T5496]  should_failslab+0x8c/0xb0
[   97.572489][ T5496]  __kvmalloc_node_noprof+0x123/0x4e0
[   97.572534][ T5496]  ? alloc_netdev_mqs+0x553/0xa20
[   97.572558][ T5496]  ? br_dev_setup+0x436/0x460
[   97.572588][ T5496]  alloc_netdev_mqs+0x553/0xa20
[   97.572664][ T5496]  rtnl_create_link+0x239/0x710
[   97.572773][ T5496]  rtnl_newlink_create+0x14c/0x620
[   97.572809][ T5496]  ? security_capable+0x83/0x90
[   97.572897][ T5496]  ? netlink_ns_capable+0x86/0xa0
[   97.572935][ T5496]  rtnl_newlink+0xf29/0x12d0
[   97.573034][ T5496]  ? xas_load+0x413/0x430
[   97.573059][ T5496]  ? __rcu_read_unlock+0x4f/0x70
[   97.573077][ T5496]  ? xa_load+0xb1/0xe0
[   97.573099][ T5496]  ? __rcu_read_unlock+0x4f/0x70
[   97.573117][ T5496]  ? avc_has_perm_noaudit+0x1b1/0x200
[   97.573159][ T5496]  ? cred_has_capability+0x210/0x280
[   97.573295][ T5496]  ? selinux_capable+0x31/0x40
[   97.573327][ T5496]  ? security_capable+0x83/0x90
[   97.573347][ T5496]  ? ns_capable+0x7d/0xb0
[   97.573364][ T5496]  ? __pfx_rtnl_newlink+0x10/0x10
[   97.573457][ T5496]  rtnetlink_rcv_msg+0x5fb/0x6d0
[   97.573483][ T5496]  ? avc_has_perm_noaudit+0x1b1/0x200
[   97.573507][ T5496]  netlink_rcv_skb+0x120/0x220
[   97.573526][ T5496]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   97.573688][ T5496]  rtnetlink_rcv+0x1c/0x30
[   97.573744][ T5496]  netlink_unicast+0x5c0/0x690
[   97.573784][ T5496]  netlink_sendmsg+0x58b/0x6b0
[   97.573886][ T5496]  ? __pfx_netlink_sendmsg+0x10/0x10
[   97.573911][ T5496]  __sock_sendmsg+0x145/0x180
[   97.573944][ T5496]  ____sys_sendmsg+0x31e/0x4e0
[   97.574014][ T5496]  ___sys_sendmsg+0x17b/0x1d0
[   97.574098][ T5496]  __x64_sys_sendmsg+0xd4/0x160
[   97.574129][ T5496]  x64_sys_call+0x191e/0x2ff0
[   97.574152][ T5496]  do_syscall_64+0xd2/0x200
[   97.574179][ T5496]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.574200][ T5496]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   97.574273][ T5496]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.574361][ T5496] RIP: 0033:0x7f61c219ebe9
[   97.574378][ T5496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.574398][ T5496] RSP: 002b:00007f61c0bff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   97.574447][ T5496] RAX: ffffffffffffffda RBX: 00007f61c23c5fa0 RCX: 00007f61c219ebe9
[   97.574457][ T5496] RDX: 0000000000008044 RSI: 0000200000000440 RDI: 0000000000000003
[   97.574547][ T5496] RBP: 00007f61c0bff090 R08: 0000000000000000 R09: 0000000000000000
[   97.574561][ T5496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   97.574575][ T5496] R13: 00007f61c23c6038 R14: 00007f61c23c5fa0 R15: 00007ffdc7f0dfb8
[   97.574598][ T5496]  </TASK>
[   97.914082][ T5503] FAULT_INJECTION: forcing a failure.
[   97.914082][ T5503] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.927261][ T5503] CPU: 0 UID: 0 PID: 5503 Comm: syz.2.842 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   97.927300][ T5503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   97.927316][ T5503] Call Trace:
[   97.927322][ T5503]  <TASK>
[   97.927380][ T5503]  __dump_stack+0x1d/0x30
[   97.927405][ T5503]  dump_stack_lvl+0xe8/0x140
[   97.927427][ T5503]  dump_stack+0x15/0x1b
[   97.927447][ T5503]  should_fail_ex+0x265/0x280
[   97.927468][ T5503]  should_fail+0xb/0x20
[   97.927569][ T5503]  should_fail_usercopy+0x1a/0x20
[   97.927604][ T5503]  strncpy_from_user+0x25/0x230
[   97.927632][ T5503]  ? kmem_cache_alloc_noprof+0x186/0x310
[   97.927662][ T5503]  ? getname_flags+0x80/0x3b0
[   97.927763][ T5503]  getname_flags+0xae/0x3b0
[   97.927794][ T5503]  getname_uflags+0x21/0x30
[   97.927821][ T5503]  __x64_sys_execveat+0x5d/0x90
[   97.927855][ T5503]  x64_sys_call+0x1fec/0x2ff0
[   97.927882][ T5503]  do_syscall_64+0xd2/0x200
[   97.927955][ T5503]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.927986][ T5503]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   97.928092][ T5503]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.928113][ T5503] RIP: 0033:0x7f61c219ebe9
[   97.928131][ T5503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.928151][ T5503] RSP: 002b:00007f61c0bff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[   97.928169][ T5503] RAX: ffffffffffffffda RBX: 00007f61c23c5fa0 RCX: 00007f61c219ebe9
[   97.928190][ T5503] RDX: 0000000000000000 RSI: 0000200000000140 RDI: ffffffffffffff9c
[   97.928262][ T5503] RBP: 00007f61c0bff090 R08: 0000000000001000 R09: 0000000000000000
[   97.928272][ T5503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.928334][ T5503] R13: 00007f61c23c6038 R14: 00007f61c23c5fa0 R15: 00007ffdc7f0dfb8
[   97.928351][ T5503]  </TASK>
[   98.118960][ T5504] loop4: detected capacity change from 0 to 164
[   98.137042][ T5504] Unable to read rock-ridge attributes
[   98.187916][ T5516] can: request_module (can-proto-0) failed.
[   98.190700][ T5517] can: request_module (can-proto-0) failed.
[   98.214411][ T5516] loop4: detected capacity change from 0 to 512
[   98.241304][ T5516] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   98.279487][ T5516] EXT4-fs (loop4): orphan cleanup on readonly fs
[   98.295050][ T5530] lo speed is unknown, defaulting to 1000
[   98.313329][ T5516] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.848: corrupted inode contents
[   98.341554][ T5516] EXT4-fs (loop4): Remounting filesystem read-only
[   98.349315][ T5516] EXT4-fs (loop4): 1 truncate cleaned up
[   98.399099][  T125] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   98.409672][  T125] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   98.421311][  T125] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   98.433501][ T5516] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   98.461041][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.567428][ T5546] loop3: detected capacity change from 0 to 164
[   98.581100][ T5546] Unable to read rock-ridge attributes
[   98.591977][ T5544] loop4: detected capacity change from 0 to 8192
[   98.644299][ T5552] FAULT_INJECTION: forcing a failure.
[   98.644299][ T5552] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   98.657449][ T5552] CPU: 1 UID: 0 PID: 5552 Comm: syz.3.861 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   98.657475][ T5552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   98.657487][ T5552] Call Trace:
[   98.657494][ T5552]  <TASK>
[   98.657503][ T5552]  __dump_stack+0x1d/0x30
[   98.657528][ T5552]  dump_stack_lvl+0xe8/0x140
[   98.657552][ T5552]  dump_stack+0x15/0x1b
[   98.657584][ T5552]  should_fail_ex+0x265/0x280
[   98.657610][ T5552]  should_fail+0xb/0x20
[   98.657628][ T5552]  should_fail_usercopy+0x1a/0x20
[   98.657650][ T5552]  strncpy_from_user+0x25/0x230
[   98.657736][ T5552]  ? kmem_cache_alloc_noprof+0x186/0x310
[   98.657772][ T5552]  ? getname_flags+0x80/0x3b0
[   98.657865][ T5552]  getname_flags+0xae/0x3b0
[   98.657895][ T5552]  __x64_sys_unlinkat+0x70/0xb0
[   98.657940][ T5552]  x64_sys_call+0x2ede/0x2ff0
[   98.657967][ T5552]  do_syscall_64+0xd2/0x200
[   98.658017][ T5552]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   98.658087][ T5552]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   98.658113][ T5552]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.658132][ T5552] RIP: 0033:0x7fc33407ebe9
[   98.658144][ T5552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.658159][ T5552] RSP: 002b:00007fc332adf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000107
[   98.658228][ T5552] RAX: ffffffffffffffda RBX: 00007fc3342a5fa0 RCX: 00007fc33407ebe9
[   98.658241][ T5552] RDX: 0000000000000000 RSI: 0000200000000380 RDI: ffffffffffffff9c
[   98.658251][ T5552] RBP: 00007fc332adf090 R08: 0000000000000000 R09: 0000000000000000
[   98.658262][ T5552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   98.658272][ T5552] R13: 00007fc3342a6038 R14: 00007fc3342a5fa0 R15: 00007fff6a164ee8
[   98.658289][ T5552]  </TASK>
[   98.844105][ T5554] FAULT_INJECTION: forcing a failure.
[   98.844105][ T5554] name failslab, interval 1, probability 0, space 0, times 0
[   98.856892][ T5554] CPU: 0 UID: 0 PID: 5554 Comm: syz.4.862 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   98.856923][ T5554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   98.856940][ T5554] Call Trace:
[   98.856947][ T5554]  <TASK>
[   98.856956][ T5554]  __dump_stack+0x1d/0x30
[   98.856982][ T5554]  dump_stack_lvl+0xe8/0x140
[   98.857005][ T5554]  dump_stack+0x15/0x1b
[   98.857039][ T5554]  should_fail_ex+0x265/0x280
[   98.857060][ T5554]  should_failslab+0x8c/0xb0
[   98.857107][ T5554]  kmem_cache_alloc_node_noprof+0x57/0x320
[   98.857170][ T5554]  ? __alloc_skb+0x101/0x320
[   98.857213][ T5554]  __alloc_skb+0x101/0x320
[   98.857252][ T5554]  ? audit_log_start+0x365/0x6c0
[   98.857305][ T5554]  audit_log_start+0x380/0x6c0
[   98.857343][ T5554]  audit_seccomp+0x48/0x100
[   98.857371][ T5554]  ? __seccomp_filter+0x68c/0x10d0
[   98.857399][ T5554]  __seccomp_filter+0x69d/0x10d0
[   98.857472][ T5554]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   98.857509][ T5554]  ? vfs_write+0x7e8/0x960
[   98.857535][ T5554]  ? __rcu_read_unlock+0x4f/0x70
[   98.857563][ T5554]  ? __fget_files+0x184/0x1c0
[   98.857613][ T5554]  __secure_computing+0x82/0x150
[   98.857641][ T5554]  syscall_trace_enter+0xcf/0x1e0
[   98.857673][ T5554]  do_syscall_64+0xac/0x200
[   98.857704][ T5554]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   98.857771][ T5554]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   98.857801][ T5554]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.857821][ T5554] RIP: 0033:0x7f55cc51ebe9
[   98.857839][ T5554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.857873][ T5554] RSP: 002b:00007f55caf7f038 EFLAGS: 00000246 ORIG_RAX: 000000000000000a
[   98.857897][ T5554] RAX: ffffffffffffffda RBX: 00007f55cc745fa0 RCX: 00007f55cc51ebe9
[   98.857913][ T5554] RDX: 0000000000000005 RSI: 0000000000800000 RDI: 0000200000000000
[   98.857928][ T5554] RBP: 00007f55caf7f090 R08: 0000000000000000 R09: 0000000000000000
[   98.857955][ T5554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   98.857970][ T5554] R13: 00007f55cc746038 R14: 00007f55cc745fa0 R15: 00007ffc10da7e08
[   98.858025][ T5554]  </TASK>
[   98.859528][ T5556] netlink: 'syz.3.863': attribute type 1 has an invalid length.
[   98.930795][ T5558] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(16)
[   99.090374][ T5558] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   99.098023][ T5558] vhci_hcd vhci_hcd.0: Device attached
[   99.111397][ T5559] vhci_hcd: connection closed
[   99.116178][   T37] vhci_hcd: stop threads
[   99.125302][   T37] vhci_hcd: release socket
[   99.129813][   T37] vhci_hcd: disconnect device
[   99.258724][ T5573] loop3: detected capacity change from 0 to 164
[   99.266149][ T5575] loop2: detected capacity change from 0 to 164
[   99.266265][ T5573] Unable to read rock-ridge attributes
[   99.278429][ T5575] Unable to read rock-ridge attributes
[   99.285995][ T5575] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5575 comm=syz.2.871
[   99.334538][ T5579] loop2: detected capacity change from 0 to 164
[   99.340968][ T5577] loop3: detected capacity change from 0 to 8192
[   99.341772][ T5579] Unable to read rock-ridge attributes
[   99.359013][ T5579] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5579 comm=syz.2.873
[   99.388430][ T5581] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   99.422275][ T5585] netlink: 'syz.3.876': attribute type 1 has an invalid length.
[   99.477904][ T5590] SELinux:  Context @ is not valid (left unmapped).
[   99.600273][ T5603] loop3: detected capacity change from 0 to 128
[   99.640286][ T5605] FAULT_INJECTION: forcing a failure.
[   99.640286][ T5605] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   99.653503][ T5605] CPU: 0 UID: 0 PID: 5605 Comm: syz.2.885 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   99.653561][ T5605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   99.653572][ T5605] Call Trace:
[   99.653577][ T5605]  <TASK>
[   99.653583][ T5605]  __dump_stack+0x1d/0x30
[   99.653603][ T5605]  dump_stack_lvl+0xe8/0x140
[   99.653624][ T5605]  dump_stack+0x15/0x1b
[   99.653683][ T5605]  should_fail_ex+0x265/0x280
[   99.653705][ T5605]  should_fail+0xb/0x20
[   99.653725][ T5605]  should_fail_usercopy+0x1a/0x20
[   99.653749][ T5605]  strncpy_from_user+0x25/0x230
[   99.653849][ T5605]  ? obj_cgroup_charge_account+0x122/0x1a0
[   99.653892][ T5605]  strncpy_from_user_nofault+0x68/0xf0
[   99.653920][ T5605]  bpf_probe_read_user_str+0x2a/0x70
[   99.654025][ T5605]  bpf_prog_b1bc9f7c1f89903c+0x41/0x47
[   99.654083][ T5605]  bpf_trace_run3+0x10f/0x1d0
[   99.654110][ T5605]  ? skb_free_head+0x87/0x150
[   99.654174][ T5605]  ? skb_free_head+0x87/0x150
[   99.654217][ T5605]  __traceiter_kmem_cache_free+0x38/0x60
[   99.654243][ T5605]  ? skb_free_head+0x87/0x150
[   99.654261][ T5605]  kmem_cache_free+0x257/0x300
[   99.654396][ T5605]  ? __rcu_read_unlock+0x4f/0x70
[   99.654416][ T5605]  skb_free_head+0x87/0x150
[   99.654435][ T5605]  skb_release_data+0x33b/0x370
[   99.654452][ T5605]  ? __pfx_sock_rfree+0x10/0x10
[   99.654551][ T5605]  ? tsk_advance_rx_queue+0xc3/0x1b0
[   99.654620][ T5605]  __kfree_skb+0x44/0x150
[   99.654641][ T5605]  sk_skb_reason_drop+0xbd/0x270
[   99.654657][ T5605]  tsk_advance_rx_queue+0xc3/0x1b0
[   99.654788][ T5605]  tipc_recvmsg+0x1fa/0x9d0
[   99.654870][ T5605]  ? __pfx_tipc_recvmsg+0x10/0x10
[   99.654896][ T5605]  sock_recvmsg+0x139/0x170
[   99.654998][ T5605]  ____sys_recvmsg+0xf5/0x280
[   99.655021][ T5605]  ___sys_recvmsg+0x11f/0x370
[   99.655047][ T5605]  __x64_sys_recvmsg+0xd1/0x160
[   99.655114][ T5605]  x64_sys_call+0x2b42/0x2ff0
[   99.655191][ T5605]  do_syscall_64+0xd2/0x200
[   99.655210][ T5605]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   99.655229][ T5605]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   99.655258][ T5605]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.655282][ T5605] RIP: 0033:0x7f61c219ebe9
[   99.655293][ T5605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.655312][ T5605] RSP: 002b:00007f61c0bff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[   99.655326][ T5605] RAX: ffffffffffffffda RBX: 00007f61c23c5fa0 RCX: 00007f61c219ebe9
[   99.655336][ T5605] RDX: 00000000000040fd RSI: 0000200000000b00 RDI: 0000000000000005
[   99.655345][ T5605] RBP: 00007f61c0bff090 R08: 0000000000000000 R09: 0000000000000000
[   99.655354][ T5605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.655363][ T5605] R13: 00007f61c23c6038 R14: 00007f61c23c5fa0 R15: 00007ffdc7f0dfb8
[   99.655399][ T5605]  </TASK>
[   99.955443][ T5609] loop2: detected capacity change from 0 to 256
[   99.980095][ T5616] netlink: 'syz.4.890': attribute type 1 has an invalid length.
[   99.999611][ T5620] loop2: detected capacity change from 0 to 512
[  100.006794][ T5620] EXT4-fs: Ignoring removed nobh option
[  100.017727][ T5620] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117
[  100.026792][ T5620] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.889: invalid indirect mapped block 256 (level 1)
[  100.041913][ T5620] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.889: invalid indirect mapped block 2683928664 (level 1)
[  100.063348][ T5620] EXT4-fs (loop2): 1 truncate cleaned up
[  100.069573][ T5620] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.086123][ T5620] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  100.094936][ T5620] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  100.166366][ T5638] netlink: 8 bytes leftover after parsing attributes in process `syz.2.889'.
[  100.176613][ T5637] syz.4.897 uses obsolete (PF_INET,SOCK_PACKET)
[  100.193364][ T5640] loop3: detected capacity change from 0 to 128
[  100.226299][ T5642] FAULT_INJECTION: forcing a failure.
[  100.226299][ T5642] name failslab, interval 1, probability 0, space 0, times 0
[  100.239007][ T5642] CPU: 1 UID: 0 PID: 5642 Comm: syz.3.899 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  100.239037][ T5642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  100.239051][ T5642] Call Trace:
[  100.239065][ T5642]  <TASK>
[  100.239073][ T5642]  __dump_stack+0x1d/0x30
[  100.239095][ T5642]  dump_stack_lvl+0xe8/0x140
[  100.239112][ T5642]  dump_stack+0x15/0x1b
[  100.239126][ T5642]  should_fail_ex+0x265/0x280
[  100.239145][ T5642]  should_failslab+0x8c/0xb0
[  100.239171][ T5642]  kmem_cache_alloc_noprof+0x50/0x310
[  100.239203][ T5642]  ? mas_alloc_nodes+0x265/0x520
[  100.239236][ T5642]  mas_alloc_nodes+0x265/0x520
[  100.239270][ T5642]  mas_preallocate+0x33e/0x520
[  100.239300][ T5642]  __split_vma+0x240/0x650
[  100.239325][ T5642]  ? obj_cgroup_charge_account+0x122/0x1a0
[  100.239363][ T5642]  ? security_inode_alloc+0x37/0x100
[  100.239391][ T5642]  ? should_fail_ex+0x30/0x280
[  100.239412][ T5642]  ? __rcu_read_unlock+0x4f/0x70
[  100.239437][ T5642]  vms_gather_munmap_vmas+0x17a/0x7b0
[  100.239458][ T5642]  ? bsearch+0x95/0xc0
[  100.239483][ T5642]  ? __pfx_cmp_ex_search+0x10/0x10
[  100.239512][ T5642]  ? strncpy_from_user+0x17d/0x230
[  100.239547][ T5642]  ? search_extable+0x53/0x80
[  100.239574][ T5642]  ? strncpy_from_user+0x17d/0x230
[  100.239599][ T5642]  ? strncpy_from_user+0x17d/0x230
[  100.239632][ T5642]  do_vmi_align_munmap+0x1a4/0x3d0
[  100.239670][ T5642]  do_vmi_munmap+0x1db/0x220
[  100.239697][ T5642]  do_munmap+0x8a/0xc0
[  100.239723][ T5642]  mremap_to+0x1a4/0x440
[  100.239749][ T5642]  ? check_prep_vma+0x49c/0x660
[  100.239783][ T5642]  __se_sys_mremap+0x652/0xc60
[  100.239821][ T5642]  ? fput+0x8f/0xc0
[  100.239846][ T5642]  ? ksys_write+0x192/0x1a0
[  100.239868][ T5642]  __x64_sys_mremap+0x67/0x80
[  100.239899][ T5642]  x64_sys_call+0x2a24/0x2ff0
[  100.239923][ T5642]  do_syscall_64+0xd2/0x200
[  100.239952][ T5642]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.239980][ T5642]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  100.240009][ T5642]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.240033][ T5642] RIP: 0033:0x7fc33407ebe9
[  100.240045][ T5642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.240063][ T5642] RSP: 002b:00007fc332adf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  100.240078][ T5642] RAX: ffffffffffffffda RBX: 00007fc3342a5fa0 RCX: 00007fc33407ebe9
[  100.240087][ T5642] RDX: 0000000000200000 RSI: 0000000000600000 RDI: 0000200000000000
[  100.240097][ T5642] RBP: 00007fc332adf090 R08: 0000200000a00000 R09: 0000000000000000
[  100.240106][ T5642] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[  100.240115][ T5642] R13: 00007fc3342a6038 R14: 00007fc3342a5fa0 R15: 00007fff6a164ee8
[  100.240130][ T5642]  </TASK>
[  100.554148][ T5649] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  100.561200][ T5649] syzkaller0: entered promiscuous mode
[  100.566921][ T5649] syzkaller0: entered allmulticast mode
[  100.574422][ T5649] tipc: Resetting bearer <eth:syzkaller0>
[  100.581242][ T5652] netem: incorrect ge model size
[  100.586260][ T5652] netem: change failed
[  100.609382][ T5648] tipc: Resetting bearer <eth:syzkaller0>
[  100.616607][ T5648] tipc: Disabling bearer <eth:syzkaller0>
[  100.616757][ T5657] FAULT_INJECTION: forcing a failure.
[  100.616757][ T5657] name failslab, interval 1, probability 0, space 0, times 0
[  100.635087][ T5657] CPU: 0 UID: 0 PID: 5657 Comm: syz.4.906 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  100.635182][ T5657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  100.635193][ T5657] Call Trace:
[  100.635197][ T5657]  <TASK>
[  100.635204][ T5657]  __dump_stack+0x1d/0x30
[  100.635228][ T5657]  dump_stack_lvl+0xe8/0x140
[  100.635316][ T5657]  dump_stack+0x15/0x1b
[  100.635335][ T5657]  should_fail_ex+0x265/0x280
[  100.635359][ T5657]  should_failslab+0x8c/0xb0
[  100.635493][ T5657]  kmem_cache_alloc_noprof+0x50/0x310
[  100.635527][ T5657]  ? dst_alloc+0xbd/0x100
[  100.635547][ T5657]  dst_alloc+0xbd/0x100
[  100.635563][ T5657]  ? ip_vs_ftp_get_addrport+0x102/0x6c0
[  100.635586][ T5657]  ip_route_output_key_hash_rcu+0xef5/0x1380
[  100.635640][ T5657]  ip_route_output_key_hash+0x7a/0xb0
[  100.635730][ T5657]  tcp_v4_connect+0x3e2/0xad0
[  100.635800][ T5657]  __inet_stream_connect+0x166/0x7e0
[  100.635824][ T5657]  ? _raw_spin_unlock_bh+0x36/0x40
[  100.635854][ T5657]  ? release_sock+0x116/0x150
[  100.635940][ T5657]  ? _raw_spin_unlock_bh+0x36/0x40
[  100.635975][ T5657]  ? lock_sock_nested+0x112/0x140
[  100.636041][ T5657]  ? selinux_netlbl_socket_connect+0x115/0x130
[  100.636155][ T5657]  inet_stream_connect+0x44/0x70
[  100.636175][ T5657]  ? __pfx_inet_stream_connect+0x10/0x10
[  100.636194][ T5657]  __sys_connect+0x1ef/0x2b0
[  100.636240][ T5657]  __x64_sys_connect+0x3f/0x50
[  100.636311][ T5657]  x64_sys_call+0x2c08/0x2ff0
[  100.636337][ T5657]  do_syscall_64+0xd2/0x200
[  100.636368][ T5657]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.636392][ T5657]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  100.636497][ T5657]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.636518][ T5657] RIP: 0033:0x7f55cc51ebe9
[  100.636596][ T5657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.636617][ T5657] RSP: 002b:00007f55caf7f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  100.636650][ T5657] RAX: ffffffffffffffda RBX: 00007f55cc745fa0 RCX: 00007f55cc51ebe9
[  100.636665][ T5657] RDX: 0000000000000010 RSI: 0000200000000180 RDI: 0000000000000004
[  100.636680][ T5657] RBP: 00007f55caf7f090 R08: 0000000000000000 R09: 0000000000000000
[  100.636695][ T5657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.636714][ T5657] R13: 00007f55cc746038 R14: 00007f55cc745fa0 R15: 00007ffc10da7e08
[  100.636765][ T5657]  </TASK>
[  100.883901][ T5660] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  100.890708][ T5660] syzkaller0: entered promiscuous mode
[  100.896227][ T5660] syzkaller0: entered allmulticast mode
[  100.904758][ T5660] tipc: Resetting bearer <eth:syzkaller0>
[  100.934553][ T5664] loop4: detected capacity change from 0 to 164
[  100.938599][ T5659] tipc: Resetting bearer <eth:syzkaller0>
[  100.947036][ T5664] Unable to read rock-ridge attributes
[  100.954045][ T5659] tipc: Disabling bearer <eth:syzkaller0>
[  100.961208][ T5664] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5664 comm=syz.4.909
[  101.039069][ T5672] FAULT_INJECTION: forcing a failure.
[  101.039069][ T5672] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.052194][ T5672] CPU: 1 UID: 0 PID: 5672 Comm: syz.4.913 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  101.052257][ T5672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  101.052274][ T5672] Call Trace:
[  101.052281][ T5672]  <TASK>
[  101.052288][ T5672]  __dump_stack+0x1d/0x30
[  101.052311][ T5672]  dump_stack_lvl+0xe8/0x140
[  101.052331][ T5672]  dump_stack+0x15/0x1b
[  101.052344][ T5672]  should_fail_ex+0x265/0x280
[  101.052362][ T5672]  should_fail+0xb/0x20
[  101.052394][ T5672]  should_fail_usercopy+0x1a/0x20
[  101.052458][ T5672]  _copy_from_iter+0xcf/0xe40
[  101.052479][ T5672]  ? alloc_pages_mpol+0x201/0x250
[  101.052572][ T5672]  copy_page_from_iter+0x178/0x2a0
[  101.052740][ T5672]  tun_get_user+0x679/0x2680
[  101.052784][ T5672]  ? ref_tracker_alloc+0x1f2/0x2f0
[  101.052812][ T5672]  tun_chr_write_iter+0x15e/0x210
[  101.052915][ T5672]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  101.052940][ T5672]  vfs_write+0x52a/0x960
[  101.052962][ T5672]  ksys_write+0xda/0x1a0
[  101.052987][ T5672]  __x64_sys_write+0x40/0x50
[  101.053004][ T5672]  x64_sys_call+0x27fe/0x2ff0
[  101.053061][ T5672]  do_syscall_64+0xd2/0x200
[  101.053081][ T5672]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.053106][ T5672]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  101.053143][ T5672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.053165][ T5672] RIP: 0033:0x7f55cc51d69f
[  101.053177][ T5672] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  101.053242][ T5672] RSP: 002b:00007f55caf7f000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  101.053256][ T5672] RAX: ffffffffffffffda RBX: 00007f55cc745fa0 RCX: 00007f55cc51d69f
[  101.053266][ T5672] RDX: 0000000000000083 RSI: 00002000000003c0 RDI: 00000000000000c8
[  101.053275][ T5672] RBP: 00007f55caf7f090 R08: 0000000000000000 R09: 0000000000000000
[  101.053322][ T5672] R10: 0000000000000083 R11: 0000000000000293 R12: 0000000000000001
[  101.053336][ T5672] R13: 00007f55cc746038 R14: 00007f55cc745fa0 R15: 00007ffc10da7e08
[  101.053376][ T5672]  </TASK>
[  101.264892][ T5674] netlink: 12 bytes leftover after parsing attributes in process `syz.3.914'.
[  101.466461][ T5697] loop3: detected capacity change from 0 to 164
[  101.472221][ T5701] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  101.479713][ T5697] Unable to read rock-ridge attributes
[  101.481081][ T5701] syzkaller0: entered promiscuous mode
[  101.490690][ T5701] syzkaller0: entered allmulticast mode
[  101.499255][ T5701] tipc: Resetting bearer <eth:syzkaller0>
[  101.505582][ T5697] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5697 comm=syz.3.921
[  101.534330][ T5700] tipc: Resetting bearer <eth:syzkaller0>
[  101.541564][ T5700] tipc: Disabling bearer <eth:syzkaller0>
[  101.597736][ T5709] loop3: detected capacity change from 0 to 128
[  101.671628][ T5715] netem: incorrect ge model size
[  101.676621][ T5715] netem: change failed
[  101.889161][ T5728] FAULT_INJECTION: forcing a failure.
[  101.889161][ T5728] name failslab, interval 1, probability 0, space 0, times 0
[  101.901845][ T5728] CPU: 1 UID: 0 PID: 5728 Comm: syz.4.933 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  101.901873][ T5728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  101.901886][ T5728] Call Trace:
[  101.901892][ T5728]  <TASK>
[  101.901923][ T5728]  __dump_stack+0x1d/0x30
[  101.901945][ T5728]  dump_stack_lvl+0xe8/0x140
[  101.901962][ T5728]  dump_stack+0x15/0x1b
[  101.901980][ T5728]  should_fail_ex+0x265/0x280
[  101.902091][ T5728]  should_failslab+0x8c/0xb0
[  101.902132][ T5728]  kmem_cache_alloc_node_noprof+0x57/0x320
[  101.902158][ T5728]  ? __alloc_skb+0x101/0x320
[  101.902189][ T5728]  __alloc_skb+0x101/0x320
[  101.902250][ T5728]  ? audit_log_start+0x365/0x6c0
[  101.902288][ T5728]  audit_log_start+0x380/0x6c0
[  101.902346][ T5728]  audit_seccomp+0x48/0x100
[  101.902412][ T5728]  ? __seccomp_filter+0x68c/0x10d0
[  101.902432][ T5728]  __seccomp_filter+0x69d/0x10d0
[  101.902453][ T5728]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  101.902486][ T5728]  ? vfs_write+0x7e8/0x960
[  101.902534][ T5728]  __secure_computing+0x82/0x150
[  101.902559][ T5728]  syscall_trace_enter+0xcf/0x1e0
[  101.902625][ T5728]  do_syscall_64+0xac/0x200
[  101.902651][ T5728]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.902676][ T5728]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  101.902714][ T5728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.902738][ T5728] RIP: 0033:0x7f55cc51ebe9
[  101.902755][ T5728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.902775][ T5728] RSP: 002b:00007f55caf7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  101.902795][ T5728] RAX: ffffffffffffffda RBX: 00007f55cc745fa0 RCX: 00007f55cc51ebe9
[  101.902887][ T5728] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 0000000000000012
[  101.902908][ T5728] RBP: 00007f55caf7f090 R08: 0000000000000000 R09: 0000000000000000
[  101.902923][ T5728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.902937][ T5728] R13: 00007f55cc746038 R14: 00007f55cc745fa0 R15: 00007ffc10da7e08
[  101.903010][ T5728]  </TASK>
[  102.108369][ T5728] audit_log_lost: 2770 callbacks suppressed
[  102.108384][ T5728] audit: audit_lost=5 audit_rate_limit=0 audit_backlog_limit=64
[  102.122355][ T5728] audit: out of memory in audit_log_start
[  102.124660][ T5732] loop0: detected capacity change from 0 to 512
[  102.128163][   T29] audit: type=1326 audit(1754952210.378:19764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5729 comm="syz.0.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f9b9eebe9 code=0x7ffc0000
[  102.157759][   T29] audit: type=1326 audit(1754952210.378:19765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5729 comm="syz.0.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f9b9eebe9 code=0x7ffc0000
[  102.181333][   T29] audit: type=1326 audit(1754952210.378:19766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5729 comm="syz.0.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7f9b9eebe9 code=0x7ffc0000
[  102.204773][   T29] audit: type=1326 audit(1754952210.378:19767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5729 comm="syz.0.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f9b9eebe9 code=0x7ffc0000
[  102.214574][ T5732] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.228266][   T29] audit: type=1326 audit(1754952210.378:19768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5729 comm="syz.0.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f9b9eebe9 code=0x7ffc0000
[  102.242373][ T5732] ext4 filesystem being mounted at /134/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.264363][   T29] audit: type=1326 audit(1754952210.648:19769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5727 comm="syz.4.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f55cc51d5fc code=0x7ffc0000
[  102.297923][   T29] audit: type=1326 audit(1754952210.648:19770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5727 comm="syz.4.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f55cc51d69f code=0x7ffc0000
[  102.321180][   T29] audit: type=1326 audit(1754952210.648:19771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5727 comm="syz.4.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f55cc51d84a code=0x7ffc0000
[  102.326266][ T5732] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  102.359231][ T5732] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 1029 with error 28
[  102.371901][ T5732] EXT4-fs (loop0): This should not happen!! Data will be lost
[  102.371901][ T5732] 
[  102.381627][ T5732] EXT4-fs (loop0): Total free blocks count 0
[  102.387638][ T5732] EXT4-fs (loop0): Free/Dirty block details
[  102.393554][ T5732] EXT4-fs (loop0): free_blocks=65280
[  102.398947][ T5732] EXT4-fs (loop0): dirty_blocks=1029
[  102.404395][ T5732] EXT4-fs (loop0): Block reservation details
[  102.410413][ T5732] EXT4-fs (loop0): i_reserved_data_blocks=1029
[  102.425417][ T5741] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  102.432382][ T5741] syzkaller0: entered promiscuous mode
[  102.437918][ T5741] syzkaller0: entered allmulticast mode
[  102.439283][ T5625] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[  102.445230][ T5741] tipc: Resetting bearer <eth:syzkaller0>
[  102.466295][ T5625] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[  102.494199][ T5739] tipc: Resetting bearer <eth:syzkaller0>
[  102.500358][ T5739] tipc: Disabling bearer <eth:syzkaller0>
[  102.568629][ T5747] loop3: detected capacity change from 0 to 8192
[  102.575946][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.678722][ T5765] loop4: detected capacity change from 0 to 512
[  102.685380][ T5765] EXT4-fs: Ignoring removed nobh option
[  102.692319][ T5765] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117
[  102.701362][ T5765] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.950: invalid indirect mapped block 256 (level 1)
[  102.724151][ T5765] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.950: invalid indirect mapped block 2683928664 (level 1)
[  102.741982][ T5765] EXT4-fs (loop4): 1 truncate cleaned up
[  102.749333][ T5772] FAULT_INJECTION: forcing a failure.
[  102.749333][ T5772] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  102.762686][ T5772] CPU: 1 UID: 0 PID: 5772 Comm: syz.0.953 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  102.762717][ T5772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  102.762733][ T5772] Call Trace:
[  102.762740][ T5772]  <TASK>
[  102.762809][ T5772]  __dump_stack+0x1d/0x30
[  102.762829][ T5772]  dump_stack_lvl+0xe8/0x140
[  102.762847][ T5772]  dump_stack+0x15/0x1b
[  102.762879][ T5772]  should_fail_ex+0x265/0x280
[  102.762901][ T5772]  should_fail+0xb/0x20
[  102.762960][ T5772]  should_fail_usercopy+0x1a/0x20
[  102.762980][ T5772]  _copy_to_user+0x20/0xa0
[  102.763006][ T5772]  simple_read_from_buffer+0xb5/0x130
[  102.763026][ T5772]  proc_fail_nth_read+0x10e/0x150
[  102.763125][ T5772]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  102.763154][ T5772]  vfs_read+0x1a8/0x770
[  102.763175][ T5772]  ? __rcu_read_unlock+0x4f/0x70
[  102.763251][ T5772]  ? __fget_files+0x184/0x1c0
[  102.763281][ T5772]  ksys_read+0xda/0x1a0
[  102.763305][ T5772]  __x64_sys_read+0x40/0x50
[  102.763324][ T5772]  x64_sys_call+0x27bc/0x2ff0
[  102.763344][ T5772]  do_syscall_64+0xd2/0x200
[  102.763411][ T5772]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  102.763456][ T5772]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  102.763482][ T5772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.763551][ T5772] RIP: 0033:0x7f7f9b9ed5fc
[  102.763564][ T5772] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  102.763579][ T5772] RSP: 002b:00007f7f9a457030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  102.763597][ T5772] RAX: ffffffffffffffda RBX: 00007f7f9bc15fa0 RCX: 00007f7f9b9ed5fc
[  102.763608][ T5772] RDX: 000000000000000f RSI: 00007f7f9a4570a0 RDI: 0000000000000004
[  102.763618][ T5772] RBP: 00007f7f9a457090 R08: 0000000000000000 R09: 0000000000000014
[  102.763659][ T5772] R10: 0000000088a8ffff R11: 0000000000000246 R12: 0000000000000001
[  102.763671][ T5772] R13: 00007f7f9bc16038 R14: 00007f7f9bc15fa0 R15: 00007ffe90ca34d8
[  102.763694][ T5772]  </TASK>
[  102.764688][ T5765] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.992780][ T5775] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  102.999737][ T5775] syzkaller0: entered promiscuous mode
[  103.005245][ T5775] syzkaller0: entered allmulticast mode
[  103.013353][ T5775] tipc: Resetting bearer <eth:syzkaller0>
[  103.019706][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.044631][ T5774] tipc: Resetting bearer <eth:syzkaller0>
[  103.051544][ T5774] tipc: Disabling bearer <eth:syzkaller0>
[  103.067962][ T5780] netlink: 7 bytes leftover after parsing attributes in process `syz.2.956'.
[  103.178188][ T5788] netlink: 'syz.0.960': attribute type 11 has an invalid length.
[  103.186207][ T5788] netlink: 140 bytes leftover after parsing attributes in process `syz.0.960'.
[  103.271653][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811a4ee400: rx timeout, send abort
[  103.279914][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811a4ee800: rx timeout, send abort
[  103.292524][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88811a4ee400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  103.306848][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88811a4ee800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  103.328060][ T5792] netlink: 'syz.2.957': attribute type 39 has an invalid length.
[  104.104070][ T5814] netlink: 'syz.0.968': attribute type 1 has an invalid length.
[  104.222832][ T5816] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  104.229709][ T5816] syzkaller0: entered promiscuous mode
[  104.235212][ T5816] syzkaller0: entered allmulticast mode
[  104.243547][ T5816] tipc: Resetting bearer <eth:syzkaller0>
[  104.274259][ T5815] tipc: Resetting bearer <eth:syzkaller0>
[  104.280744][ T5815] tipc: Disabling bearer <eth:syzkaller0>
[  104.365582][ T5824] loop2: detected capacity change from 0 to 512
[  104.372155][ T5824] EXT4-fs: Ignoring removed nobh option
[  104.393025][ T5826] loop0: detected capacity change from 0 to 164
[  104.400696][ T5826] Unable to read rock-ridge attributes
[  104.410342][ T5826] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5826 comm=syz.0.974
[  104.424080][ T5824] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117
[  104.426007][   T10] hid_parser_main: 74 callbacks suppressed
[  104.426028][   T10] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  104.432759][ T5824] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.973: invalid indirect mapped block 256 (level 1)
[  104.438190][   T10] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  104.438217][   T10] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  104.458997][ T5824] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.973: invalid indirect mapped block 2683928664 (level 1)
[  104.466238][   T10] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  104.466287][   T10] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  104.495584][ T5824] EXT4-fs (loop2): 1 truncate cleaned up
[  104.502264][   T10] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  104.515320][   T10] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  104.520954][ T5824] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.522735][   T10] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  104.522762][   T10] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  104.549907][   T10] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  104.564036][   T10] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v8.00 Device [syz1] on syz0
[  104.566581][ T5824] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  104.583076][ T5824] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  104.618584][ T5835] loop1: detected capacity change from 0 to 164
[  104.626854][ T5835] Unable to read rock-ridge attributes
[  104.635797][ T5837] netlink: 'syz.0.979': attribute type 1 has an invalid length.
[  104.679777][ T5842] netlink: 8 bytes leftover after parsing attributes in process `syz.2.973'.
[  104.710345][ T5848] netlink: 'syz.3.984': attribute type 11 has an invalid length.
[  104.718234][ T5848] netlink: 140 bytes leftover after parsing attributes in process `syz.3.984'.
[  104.745519][ T5852] loop1: detected capacity change from 0 to 164
[  104.755451][ T5852] Unable to read rock-ridge attributes
[  104.765119][   T36] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v8.00 Device [syz1] on syz0
[  105.726550][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.815681][ T5869] netlink: 'syz.1.991': attribute type 1 has an invalid length.
[  106.145093][ T5884] FAULT_INJECTION: forcing a failure.
[  106.145093][ T5884] name failslab, interval 1, probability 0, space 0, times 0
[  106.157826][ T5884] CPU: 0 UID: 0 PID: 5884 Comm: syz.1.999 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  106.157853][ T5884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  106.157865][ T5884] Call Trace:
[  106.157870][ T5884]  <TASK>
[  106.157877][ T5884]  __dump_stack+0x1d/0x30
[  106.157904][ T5884]  dump_stack_lvl+0xe8/0x140
[  106.157929][ T5884]  dump_stack+0x15/0x1b
[  106.158027][ T5884]  should_fail_ex+0x265/0x280
[  106.158052][ T5884]  should_failslab+0x8c/0xb0
[  106.158075][ T5884]  kmem_cache_alloc_node_noprof+0x57/0x320
[  106.158206][ T5884]  ? __alloc_skb+0x101/0x320
[  106.158275][ T5884]  __alloc_skb+0x101/0x320
[  106.158345][ T5884]  ? audit_log_start+0x365/0x6c0
[  106.158475][ T5884]  audit_log_start+0x380/0x6c0
[  106.158517][ T5884]  audit_seccomp+0x48/0x100
[  106.158555][ T5884]  ? __seccomp_filter+0x68c/0x10d0
[  106.158573][ T5884]  __seccomp_filter+0x69d/0x10d0
[  106.158593][ T5884]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  106.158690][ T5884]  ? vfs_write+0x7e8/0x960
[  106.158715][ T5884]  ? __rcu_read_unlock+0x4f/0x70
[  106.158738][ T5884]  ? __fget_files+0x184/0x1c0
[  106.158766][ T5884]  __secure_computing+0x82/0x150
[  106.158791][ T5884]  syscall_trace_enter+0xcf/0x1e0
[  106.158827][ T5884]  do_syscall_64+0xac/0x200
[  106.158857][ T5884]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  106.158885][ T5884]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  106.158913][ T5884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.158982][ T5884] RIP: 0033:0x7f867b73ebe9
[  106.158994][ T5884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.159009][ T5884] RSP: 002b:00007f867a1a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000063
[  106.159025][ T5884] RAX: ffffffffffffffda RBX: 00007f867b965fa0 RCX: 00007f867b73ebe9
[  106.159035][ T5884] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000140
[  106.159114][ T5884] RBP: 00007f867a1a7090 R08: 0000000000000000 R09: 0000000000000000
[  106.159128][ T5884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.159215][ T5884] R13: 00007f867b966038 R14: 00007f867b965fa0 R15: 00007ffe80d7c4f8
[  106.159237][ T5884]  </TASK>
[  106.431312][ T5894] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  106.468467][ T5902] FAULT_INJECTION: forcing a failure.
[  106.468467][ T5902] name failslab, interval 1, probability 0, space 0, times 0
[  106.481138][ T5902] CPU: 0 UID: 0 PID: 5902 Comm: syz.3.1007 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  106.481162][ T5902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  106.481251][ T5902] Call Trace:
[  106.481257][ T5902]  <TASK>
[  106.481263][ T5902]  __dump_stack+0x1d/0x30
[  106.481286][ T5902]  dump_stack_lvl+0xe8/0x140
[  106.481303][ T5902]  dump_stack+0x15/0x1b
[  106.481322][ T5902]  should_fail_ex+0x265/0x280
[  106.481346][ T5902]  should_failslab+0x8c/0xb0
[  106.481376][ T5902]  kmem_cache_alloc_noprof+0x50/0x310
[  106.481442][ T5902]  ? getname_flags+0x80/0x3b0
[  106.481476][ T5902]  getname_flags+0x80/0x3b0
[  106.481508][ T5902]  user_path_at+0x28/0x130
[  106.481543][ T5902]  __se_sys_pivot_root+0xd0/0x710
[  106.481677][ T5902]  __x64_sys_pivot_root+0x31/0x40
[  106.481708][ T5902]  x64_sys_call+0x144/0x2ff0
[  106.481734][ T5902]  do_syscall_64+0xd2/0x200
[  106.481767][ T5902]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  106.481798][ T5902]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  106.481835][ T5902]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.481914][ T5902] RIP: 0033:0x7fc33407ebe9
[  106.481944][ T5902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.481961][ T5902] RSP: 002b:00007fc332adf038 EFLAGS: 00000246 ORIG_RAX: 000000000000009b
[  106.481984][ T5902] RAX: ffffffffffffffda RBX: 00007fc3342a5fa0 RCX: 00007fc33407ebe9
[  106.481999][ T5902] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000001c0
[  106.482070][ T5902] RBP: 00007fc332adf090 R08: 0000000000000000 R09: 0000000000000000
[  106.482081][ T5902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.482093][ T5902] R13: 00007fc3342a6038 R14: 00007fc3342a5fa0 R15: 00007fff6a164ee8
[  106.482113][ T5902]  </TASK>
[  106.560779][ T5894] syzkaller0: entered promiscuous mode
[  106.633483][ T5905] loop3: detected capacity change from 0 to 164
[  106.636856][ T5894] syzkaller0: entered allmulticast mode
[  106.676847][ T5894] tipc: Resetting bearer <eth:syzkaller0>
[  106.688018][ T5905] Unable to read rock-ridge attributes
[  106.698585][ T3399] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v8.00 Device [syz1] on syz0
[  106.734818][ T5892] tipc: Resetting bearer <eth:syzkaller0>
[  106.796300][ T5926] netlink: 'syz.4.1006': attribute type 39 has an invalid length.
[  106.805239][ T5892] tipc: Disabling bearer <eth:syzkaller0>
[  106.953119][ T5625] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[  107.068926][ T5625] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[  107.122894][   T29] kauditd_printk_skb: 4054 callbacks suppressed
[  107.122982][   T29] audit: type=1326 audit(1754952215.608:23824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5941 comm="syz.0.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7f9b9e5ba7 code=0x7ffc0000
[  107.152834][   T29] audit: type=1326 audit(1754952215.608:23825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5941 comm="syz.0.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7f9b98add9 code=0x7ffc0000
[  107.176231][   T29] audit: type=1326 audit(1754952215.608:23826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5941 comm="syz.0.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f9b9eebe9 code=0x7ffc0000
[  107.199733][   T29] audit: type=1326 audit(1754952215.608:23827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5941 comm="syz.0.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f9b9eebe9 code=0x7ffc0000
[  107.223272][   T29] audit: type=1326 audit(1754952215.608:23829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5922 comm="syz.3.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc334075ba7 code=0x7ffc0000
[  107.246651][   T29] audit: type=1326 audit(1754952215.608:23830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5922 comm="syz.3.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc33401add9 code=0x7ffc0000
[  107.270088][   T29] audit: type=1326 audit(1754952215.608:23831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5922 comm="syz.3.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc334075ba7 code=0x7ffc0000
[  107.293542][   T29] audit: type=1326 audit(1754952215.608:23832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5922 comm="syz.3.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc33401add9 code=0x7ffc0000
[  107.317018][   T29] audit: type=1326 audit(1754952215.608:23833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5922 comm="syz.3.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc334075ba7 code=0x7ffc0000
[  107.340416][   T29] audit: type=1326 audit(1754952215.608:23834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5922 comm="syz.3.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc33401add9 code=0x7ffc0000
[  107.400795][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.443339][ T5951] loop2: detected capacity change from 0 to 164
[  107.453408][ T5951] Unable to read rock-ridge attributes
[  107.505561][ T5961] loop3: detected capacity change from 0 to 128
[  107.573222][ T5973] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  107.574617][ T5979] loop2: detected capacity change from 0 to 128
[  107.580355][ T5973] syzkaller0: entered promiscuous mode
[  107.591813][ T5973] syzkaller0: entered allmulticast mode
[  107.601317][ T5973] tipc: Resetting bearer <eth:syzkaller0>
[  107.634201][ T5972] tipc: Resetting bearer <eth:syzkaller0>
[  107.636297][ T5981] loop4: detected capacity change from 0 to 8192
[  107.649590][ T5972] tipc: Disabling bearer <eth:syzkaller0>
[  107.667121][ T5986] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1028'.
[  107.794576][ T6015] lo speed is unknown, defaulting to 1000
[  107.804478][ T6018] loop1: detected capacity change from 0 to 128
[  107.816533][ T6014] loop3: detected capacity change from 0 to 8192
[  107.899308][ T6056] FAULT_INJECTION: forcing a failure.
[  107.899308][ T6056] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  107.912454][ T6056] CPU: 1 UID: 0 PID: 6056 Comm: syz.2.1045 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  107.912593][ T6056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  107.912609][ T6056] Call Trace:
[  107.912616][ T6056]  <TASK>
[  107.912625][ T6056]  __dump_stack+0x1d/0x30
[  107.912651][ T6056]  dump_stack_lvl+0xe8/0x140
[  107.912686][ T6056]  dump_stack+0x15/0x1b
[  107.912724][ T6056]  should_fail_ex+0x265/0x280
[  107.912749][ T6056]  should_fail+0xb/0x20
[  107.912829][ T6056]  should_fail_usercopy+0x1a/0x20
[  107.912847][ T6056]  strncpy_from_user+0x25/0x230
[  107.912878][ T6056]  ? kmem_cache_alloc_noprof+0x186/0x310
[  107.912992][ T6056]  ? getname_flags+0x80/0x3b0
[  107.913089][ T6056]  getname_flags+0xae/0x3b0
[  107.913122][ T6056]  __x64_sys_unlinkat+0x70/0xb0
[  107.913158][ T6056]  x64_sys_call+0x2ede/0x2ff0
[  107.913183][ T6056]  do_syscall_64+0xd2/0x200
[  107.913214][ T6056]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  107.913245][ T6056]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  107.913269][ T6056]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.913436][ T6056] RIP: 0033:0x7f61c219ebe9
[  107.913452][ T6056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.913467][ T6056] RSP: 002b:00007f61c0bff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000107
[  107.913483][ T6056] RAX: ffffffffffffffda RBX: 00007f61c23c5fa0 RCX: 00007f61c219ebe9
[  107.913561][ T6056] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffff9c
[  107.913576][ T6056] RBP: 00007f61c0bff090 R08: 0000000000000000 R09: 0000000000000000
[  107.913590][ T6056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.913622][ T6056] R13: 00007f61c23c6038 R14: 00007f61c23c5fa0 R15: 00007ffdc7f0dfb8
[  107.913647][ T6056]  </TASK>
[  108.161256][ T6063] sd 0:0:1:0: device reset
[  108.237381][ T6076] loop1: detected capacity change from 0 to 128
[  108.328416][ T6090] loop1: detected capacity change from 0 to 1024
[  108.344911][ T6090] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  108.357239][ T6090] ext4 filesystem being mounted at /235/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.525979][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  108.668293][ T6118] loop2: detected capacity change from 0 to 8192
[  108.728804][ T6123] loop2: detected capacity change from 0 to 8192
[  108.736187][ T6123] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  108.798220][ T6128] loop2: detected capacity change from 0 to 8192
[  108.873305][ T6137] loop3: detected capacity change from 0 to 4096
[  108.881767][ T6137] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.896278][ T6137] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.1069: corrupted inode contents
[  108.908320][ T6137] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #15: comm syz.3.1069: mark_inode_dirty error
[  108.919856][ T6137] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.1069: corrupted inode contents
[  108.931815][ T6137] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #15: comm syz.3.1069: mark_inode_dirty error
[  108.943547][ T6137] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.1069: corrupted inode contents
[  108.955787][ T6137] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #15: comm syz.3.1069: mark_inode_dirty error
[  108.967292][ T6137] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.1069: corrupted inode contents
[  108.979371][ T6137] EXT4-fs error (device loop3): ext4_truncate:4666: inode #15: comm syz.3.1069: mark_inode_dirty error
[  108.990722][ T6137] EXT4-fs error (device loop3) in ext4_setattr:6071: Corrupt filesystem
[  109.006293][ T6140] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.1069: corrupted inode contents
[  109.029919][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.052870][ T6145] loop3: detected capacity change from 0 to 164
[  109.060016][ T6145] Unable to read rock-ridge attributes
[  109.068683][ T3399] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v8.00 Device [syz1] on syz0
[  109.230087][ T3399] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v8.00 Device [syz1] on syz0
[  109.262009][ T6176] FAULT_INJECTION: forcing a failure.
[  109.262009][ T6176] name failslab, interval 1, probability 0, space 0, times 0
[  109.274669][ T6176] CPU: 1 UID: 0 PID: 6176 Comm: syz.3.1078 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  109.274706][ T6176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  109.274722][ T6176] Call Trace:
[  109.274728][ T6176]  <TASK>
[  109.274737][ T6176]  __dump_stack+0x1d/0x30
[  109.274761][ T6176]  dump_stack_lvl+0xe8/0x140
[  109.274782][ T6176]  dump_stack+0x15/0x1b
[  109.274796][ T6176]  should_fail_ex+0x265/0x280
[  109.274876][ T6176]  ? __se_sys_memfd_create+0x1cc/0x590
[  109.274902][ T6176]  should_failslab+0x8c/0xb0
[  109.275004][ T6176]  __kmalloc_cache_noprof+0x4c/0x320
[  109.275074][ T6176]  __se_sys_memfd_create+0x1cc/0x590
[  109.275100][ T6176]  __x64_sys_memfd_create+0x31/0x40
[  109.275125][ T6176]  x64_sys_call+0x2abe/0x2ff0
[  109.275150][ T6176]  do_syscall_64+0xd2/0x200
[  109.275258][ T6176]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  109.275279][ T6176]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  109.275300][ T6176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.275348][ T6176] RIP: 0033:0x7fc33407ebe9
[  109.275365][ T6176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.275384][ T6176] RSP: 002b:00007fc332adee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  109.275402][ T6176] RAX: ffffffffffffffda RBX: 00000000000004c4 RCX: 00007fc33407ebe9
[  109.275412][ T6176] RDX: 00007fc332adeef0 RSI: 0000000000000000 RDI: 00007fc3341027e8
[  109.275422][ T6176] RBP: 0000200000000500 R08: 00007fc332adebb7 R09: 00007fc332adee40
[  109.275433][ T6176] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000080
[  109.275447][ T6176] R13: 00007fc332adeef0 R14: 00007fc332adeeb0 R15: 0000200000000200
[  109.275525][ T6176]  </TASK>
[  109.464121][ T6174] loop4: detected capacity change from 0 to 8192
[  109.497296][ T6183] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  109.504381][ T6183] syzkaller0: entered promiscuous mode
[  109.509851][ T6183] syzkaller0: entered allmulticast mode
[  109.518325][ T6183] tipc: Resetting bearer <eth:syzkaller0>
[  109.554569][ T6181] tipc: Resetting bearer <eth:syzkaller0>
[  109.562112][ T6181] tipc: Disabling bearer <eth:syzkaller0>
[  109.566746][ T6184] loop3: detected capacity change from 0 to 8192
[  109.645602][ T6205] netlink: 'syz.1.1085': attribute type 11 has an invalid length.
[  109.653524][ T6205] netlink: 140 bytes leftover after parsing attributes in process `syz.1.1085'.
[  109.760997][ T6219] sd 0:0:1:0: device reset
[  110.028397][ T6226] FAULT_INJECTION: forcing a failure.
[  110.028397][ T6226] name failslab, interval 1, probability 0, space 0, times 0
[  110.041074][ T6226] CPU: 1 UID: 0 PID: 6226 Comm: syz.4.1094 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  110.041099][ T6226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  110.041151][ T6226] Call Trace:
[  110.041158][ T6226]  <TASK>
[  110.041166][ T6226]  __dump_stack+0x1d/0x30
[  110.041195][ T6226]  dump_stack_lvl+0xe8/0x140
[  110.041261][ T6226]  dump_stack+0x15/0x1b
[  110.041281][ T6226]  should_fail_ex+0x265/0x280
[  110.041306][ T6226]  should_failslab+0x8c/0xb0
[  110.041332][ T6226]  kmem_cache_alloc_noprof+0x50/0x310
[  110.041361][ T6226]  ? fcntl_setlk+0x53/0x950
[  110.041389][ T6226]  fcntl_setlk+0x53/0x950
[  110.041417][ T6226]  ? should_fail_ex+0xdb/0x280
[  110.041449][ T6226]  do_fcntl+0x5dd/0xdf0
[  110.041484][ T6226]  ? selinux_file_fcntl+0x1cb/0x1e0
[  110.041513][ T6226]  __se_sys_fcntl+0xb1/0x120
[  110.041561][ T6226]  __x64_sys_fcntl+0x43/0x50
[  110.041594][ T6226]  x64_sys_call+0x29a0/0x2ff0
[  110.041669][ T6226]  do_syscall_64+0xd2/0x200
[  110.041699][ T6226]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  110.041768][ T6226]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  110.041796][ T6226]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.041900][ T6226] RIP: 0033:0x7f55cc51ebe9
[  110.041917][ T6226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.041937][ T6226] RSP: 002b:00007f55caf7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  110.041959][ T6226] RAX: ffffffffffffffda RBX: 00007f55cc745fa0 RCX: 00007f55cc51ebe9
[  110.041973][ T6226] RDX: 0000200000000440 RSI: 0000000000000026 RDI: 0000000000000003
[  110.041987][ T6226] RBP: 00007f55caf7f090 R08: 0000000000000000 R09: 0000000000000000
[  110.042072][ T6226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.042087][ T6226] R13: 00007f55cc746038 R14: 00007f55cc745fa0 R15: 00007ffc10da7e08
[  110.042111][ T6226]  </TASK>
[  110.255544][ T6223] loop3: detected capacity change from 0 to 8192
[  110.282064][ T6229] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  110.290416][ T6229] syzkaller0: entered promiscuous mode
[  110.295893][ T6229] syzkaller0: entered allmulticast mode
[  110.303325][ T6229] tipc: Resetting bearer <eth:syzkaller0>
[  110.320619][ T6235] loop3: detected capacity change from 0 to 164
[  110.328203][ T6235] Unable to read rock-ridge attributes
[  110.402454][ T6228] tipc: Resetting bearer <eth:syzkaller0>
[  110.424330][ T3399] hid_parser_main: 158 callbacks suppressed
[  110.424346][ T3399] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  110.437721][ T3399] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  110.445131][ T3399] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  110.453282][ T6228] tipc: Disabling bearer <eth:syzkaller0>
[  110.464286][ T3399] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  110.471708][ T3399] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  110.479135][ T3399] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  110.486622][ T3399] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  110.494155][ T3399] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  110.501540][ T3399] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  110.509034][ T3399] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  110.653287][ T3379] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v8.00 Device [syz1] on syz0
[  110.704325][ T6254] netlink: 'syz.0.1101': attribute type 1 has an invalid length.
[  110.817416][ T3399] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v8.00 Device [syz1] on syz0
[  110.959605][ T6268] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1107'.
[  111.107173][ T6286] loop0: detected capacity change from 0 to 4096
[  111.121009][ T6268] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1107'.
[  111.130104][ T6268] unsupported nlmsg_type 40
[  111.137164][ T6286] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.141461][ T6290] netlink: 'syz.2.1113': attribute type 1 has an invalid length.
[  111.170911][ T6296] netlink: 'syz.3.1115': attribute type 11 has an invalid length.
[  111.178756][ T6296] netlink: 140 bytes leftover after parsing attributes in process `syz.3.1115'.
[  111.193258][ T6286] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #15: comm syz.0.1112: corrupted inode contents
[  111.206526][ T6286] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #15: comm syz.0.1112: mark_inode_dirty error
[  111.218405][ T6286] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #15: comm syz.0.1112: corrupted inode contents
[  111.231674][ T6286] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #15: comm syz.0.1112: mark_inode_dirty error
[  111.244847][ T6286] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #15: comm syz.0.1112: corrupted inode contents
[  111.257408][ T6286] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #15: comm syz.0.1112: mark_inode_dirty error
[  111.270035][ T6286] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #15: comm syz.0.1112: corrupted inode contents
[  111.281143][ T6298] lo speed is unknown, defaulting to 1000
[  111.282471][ T6286] EXT4-fs error (device loop0): ext4_truncate:4666: inode #15: comm syz.0.1112: mark_inode_dirty error
[  111.300916][ T6286] EXT4-fs error (device loop0) in ext4_setattr:6071: Corrupt filesystem
[  111.320239][ T6303] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #15: comm syz.0.1112: corrupted inode contents
[  111.380986][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.618599][ T6353] loop0: detected capacity change from 0 to 8192
[  111.753634][ T6367] netlink: 'syz.0.1126': attribute type 1 has an invalid length.
[  111.819729][ T6366] loop2: detected capacity change from 0 to 8192
[  111.979156][ T6381] loop4: detected capacity change from 0 to 164
[  111.999259][ T6381] Unable to read rock-ridge attributes
[  112.011174][ T3399] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v8.00 Device [syz1] on syz0
[  112.132728][   T29] kauditd_printk_skb: 4166 callbacks suppressed
[  112.132743][   T29] audit: type=1326 audit(1754952220.618:28000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6399 comm="syz.3.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc334075ba7 code=0x7ffc0000
[  112.195108][   T29] audit: type=1326 audit(1754952220.658:28001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6399 comm="syz.3.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc33401add9 code=0x7ffc0000
[  112.216962][ T6404] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1140'.
[  112.218543][   T29] audit: type=1326 audit(1754952220.658:28002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6399 comm="syz.3.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc334075ba7 code=0x7ffc0000
[  112.250873][   T29] audit: type=1326 audit(1754952220.658:28003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6399 comm="syz.3.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc33401add9 code=0x7ffc0000
[  112.274589][   T29] audit: type=1326 audit(1754952220.658:28004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6399 comm="syz.3.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc334075ba7 code=0x7ffc0000
[  112.298065][   T29] audit: type=1326 audit(1754952220.658:28005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6399 comm="syz.3.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc33401add9 code=0x7ffc0000
[  112.321519][   T29] audit: type=1326 audit(1754952220.658:28006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6399 comm="syz.3.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc334075ba7 code=0x7ffc0000
[  112.344913][   T29] audit: type=1326 audit(1754952220.658:28007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6399 comm="syz.3.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc33401add9 code=0x7ffc0000
[  112.368440][   T29] audit: type=1326 audit(1754952220.658:28008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6399 comm="syz.3.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc334075ba7 code=0x7ffc0000
[  112.392100][   T29] audit: type=1326 audit(1754952220.658:28009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6399 comm="syz.3.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc33401add9 code=0x7ffc0000
[  112.451835][ T6418] loop4: detected capacity change from 0 to 164
[  112.473683][ T6418] Unable to read rock-ridge attributes
[  112.485844][ T6421] netlink: 'syz.2.1145': attribute type 11 has an invalid length.
[  112.493734][ T6421] netlink: 140 bytes leftover after parsing attributes in process `syz.2.1145'.
[  112.547042][ T6425] lo speed is unknown, defaulting to 1000
[  112.656522][ T6463] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1152'.
[  112.751740][ T6470] netlink: 'syz.0.1155': attribute type 1 has an invalid length.
[  112.990198][ T6475] loop1: detected capacity change from 0 to 8192
[  113.557332][ T6504] loop4: detected capacity change from 0 to 512
[  113.577148][ T6510] loop1: detected capacity change from 0 to 1024
[  113.585030][ T6504] EXT4-fs: Ignoring removed nobh option
[  113.591421][ T6510] ext4: Unknown parameter 'noacl'
[  113.601337][ T6504] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117
[  113.610976][ T6504] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.1168: invalid indirect mapped block 256 (level 1)
[  113.626131][ T6504] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.1168: invalid indirect mapped block 2683928664 (level 1)
[  113.640336][ T6504] EXT4-fs (loop4): 1 truncate cleaned up
[  113.647886][ T6504] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.671161][ T6504] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  113.679874][ T6504] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  113.744802][ T6530] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1168'.
[  113.952944][ T3379] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v8.00 Device [syz1] on syz0
[  114.241770][ T6594] loop2: detected capacity change from 0 to 8192
[  114.287265][ T6599] FAULT_INJECTION: forcing a failure.
[  114.287265][ T6599] name failslab, interval 1, probability 0, space 0, times 0
[  114.299915][ T6599] CPU: 0 UID: 0 PID: 6599 Comm: syz.2.1195 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  114.300001][ T6599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  114.300015][ T6599] Call Trace:
[  114.300021][ T6599]  <TASK>
[  114.300028][ T6599]  __dump_stack+0x1d/0x30
[  114.300045][ T6599]  dump_stack_lvl+0xe8/0x140
[  114.300090][ T6599]  dump_stack+0x15/0x1b
[  114.300108][ T6599]  should_fail_ex+0x265/0x280
[  114.300222][ T6599]  should_failslab+0x8c/0xb0
[  114.300301][ T6599]  __kvmalloc_node_noprof+0x123/0x4e0
[  114.300411][ T6599]  ? __se_sys_add_key+0x1e9/0x350
[  114.300435][ T6599]  __se_sys_add_key+0x1e9/0x350
[  114.300459][ T6599]  __x64_sys_add_key+0x67/0x80
[  114.300543][ T6599]  x64_sys_call+0x28c4/0x2ff0
[  114.300567][ T6599]  do_syscall_64+0xd2/0x200
[  114.300604][ T6599]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  114.300624][ T6599]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  114.300645][ T6599]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.300665][ T6599] RIP: 0033:0x7f61c219ebe9
[  114.300680][ T6599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.300711][ T6599] RSP: 002b:00007f61c0bff038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  114.300731][ T6599] RAX: ffffffffffffffda RBX: 00007f61c23c5fa0 RCX: 00007f61c219ebe9
[  114.300745][ T6599] RDX: 00002000000000c0 RSI: 0000000000000000 RDI: 0000200000000040
[  114.300758][ T6599] RBP: 00007f61c0bff090 R08: fffffffffffffffd R09: 0000000000000000
[  114.300771][ T6599] R10: 000000000000001c R11: 0000000000000246 R12: 0000000000000001
[  114.300784][ T6599] R13: 00007f61c23c6038 R14: 00007f61c23c5fa0 R15: 00007ffdc7f0dfb8
[  114.300806][ T6599]  </TASK>
[  114.557021][ T6616] loop0: detected capacity change from 0 to 4096
[  114.573713][ T6616] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.588904][ T6616] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #15: comm syz.0.1201: corrupted inode contents
[  114.601065][ T6616] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #15: comm syz.0.1201: mark_inode_dirty error
[  114.613720][ T6616] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #15: comm syz.0.1201: corrupted inode contents
[  114.625784][ T6616] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #15: comm syz.0.1201: mark_inode_dirty error
[  114.638435][ T6616] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #15: comm syz.0.1201: corrupted inode contents
[  114.650504][ T6616] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #15: comm syz.0.1201: mark_inode_dirty error
[  114.663556][ T6616] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #15: comm syz.0.1201: corrupted inode contents
[  114.675977][ T6616] EXT4-fs error (device loop0): ext4_truncate:4666: inode #15: comm syz.0.1201: mark_inode_dirty error
[  114.688247][ T6616] EXT4-fs error (device loop0) in ext4_setattr:6071: Corrupt filesystem
[  114.697286][ T6621] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #15: comm syz.0.1201: corrupted inode contents
[  114.729152][ T6625] lo speed is unknown, defaulting to 1000
[  114.797301][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.992557][ T6516] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[  115.011583][ T6516] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[  115.028019][ T6670] loop2: detected capacity change from 0 to 512
[  115.036768][ T6670] EXT4-fs: Ignoring removed nobh option
[  115.046801][ T6670] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117
[  115.060148][ T6670] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.1210: invalid indirect mapped block 256 (level 1)
[  115.075044][ T6670] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.1210: invalid indirect mapped block 2683928664 (level 1)
[  115.089582][ T6670] EXT4-fs (loop2): 1 truncate cleaned up
[  115.096899][ T6670] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.114581][ T6670] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  115.126568][ T6670] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  115.158244][ T6678] loop3: detected capacity change from 0 to 4096
[  115.167326][ T6678] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.183006][ T6678] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.1211: corrupted inode contents
[  115.196423][ T6678] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #15: comm syz.3.1211: mark_inode_dirty error
[  115.208335][ T6678] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.1211: corrupted inode contents
[  115.215513][ T6681] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1210'.
[  115.221601][ T6678] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #15: comm syz.3.1211: mark_inode_dirty error
[  115.242155][ T6678] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.1211: corrupted inode contents
[  115.255477][ T6678] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #15: comm syz.3.1211: mark_inode_dirty error
[  115.267536][ T6678] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.1211: corrupted inode contents
[  115.280582][ T6678] EXT4-fs error (device loop3): ext4_truncate:4666: inode #15: comm syz.3.1211: mark_inode_dirty error
[  115.291938][ T6678] EXT4-fs error (device loop3) in ext4_setattr:6071: Corrupt filesystem
[  115.302683][ T6682] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #15: comm syz.3.1211: corrupted inode contents
[  115.329650][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.371652][ T6689] loop3: detected capacity change from 0 to 164
[  115.439342][ T6694] loop3: detected capacity change from 0 to 128
[  115.455360][ T6694] netlink: 14593 bytes leftover after parsing attributes in process `syz.3.1213'.
[  115.571675][ T6706] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  115.578758][ T6706] syzkaller0: entered promiscuous mode
[  115.584250][ T6706] syzkaller0: entered allmulticast mode
[  115.595322][ T6706] tipc: Resetting bearer <eth:syzkaller0>
[  115.627355][ T6705] tipc: Resetting bearer <eth:syzkaller0>
[  115.637106][ T6705] tipc: Disabling bearer <eth:syzkaller0>
[  115.730648][ T6715] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1220'.
[  115.769859][ T6694] ==================================================================
[  115.777980][ T6694] BUG: KCSAN: data-race in vfs_fsync_range / writeback_single_inode
[  115.786003][ T6694] 
[  115.788335][ T6694] write to 0xffff88810ae96e28 of 4 bytes by task 6689 on cpu 1:
[  115.795971][ T6694]  writeback_single_inode+0x14a/0x3e0
[  115.801354][ T6694]  sync_inode_metadata+0x5b/0x90
[  115.806298][ T6694]  __generic_file_fsync+0xf8/0x140
[  115.811419][ T6694]  fat_file_fsync+0x49/0x100
[  115.816017][ T6694]  vfs_fsync_range+0x10d/0x130
[  115.820799][ T6694]  generic_file_write_iter+0x1b8/0x2f0
[  115.826274][ T6694]  iter_file_splice_write+0x666/0x9e0
[  115.831654][ T6694]  direct_splice_actor+0x153/0x2a0
[  115.836796][ T6694]  splice_direct_to_actor+0x30f/0x680
[  115.842192][ T6694]  do_splice_direct+0xda/0x150
[  115.846969][ T6694]  do_sendfile+0x380/0x650
[  115.851428][ T6694]  __x64_sys_sendfile64+0x105/0x150
[  115.856666][ T6694]  x64_sys_call+0x2bb0/0x2ff0
[  115.861365][ T6694]  do_syscall_64+0xd2/0x200
[  115.865891][ T6694]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.871794][ T6694] 
[  115.874118][ T6694] read to 0xffff88810ae96e28 of 4 bytes by task 6694 on cpu 0:
[  115.881674][ T6694]  vfs_fsync_range+0x9b/0x130
[  115.886380][ T6694]  generic_file_write_iter+0x1b8/0x2f0
[  115.891852][ T6694]  iter_file_splice_write+0x666/0x9e0
[  115.897238][ T6694]  direct_splice_actor+0x153/0x2a0
[  115.902371][ T6694]  splice_direct_to_actor+0x30f/0x680
[  115.907761][ T6694]  do_splice_direct+0xda/0x150
[  115.912565][ T6694]  do_sendfile+0x380/0x650
[  115.917001][ T6694]  __x64_sys_sendfile64+0x105/0x150
[  115.922216][ T6694]  x64_sys_call+0x2bb0/0x2ff0
[  115.926911][ T6694]  do_syscall_64+0xd2/0x200
[  115.931437][ T6694]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.937446][ T6694] 
[  115.939780][ T6694] value changed: 0x00000038 -> 0x00000022
[  115.945515][ T6694] 
[  115.947853][ T6694] Reported by Kernel Concurrency Sanitizer on:
[  115.954014][ T6694] CPU: 0 UID: 0 PID: 6694 Comm: syz.3.1213 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  115.964705][ T6694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  115.974765][ T6694] ==================================================================
[  116.505504][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.672562][ T6673] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[  116.686575][ T6673] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[  118.021486][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.