last executing test programs:

10.113894571s ago: executing program 4 (id=1779):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet6_icmp(0xa, 0x2, 0x3a)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e05, 0x1, @mcast1, 0x7}, 0x1c)
sendto$inet6(r1, &(0x7f00000001c0)="80006466d3805699", 0x8, 0x20004840, 0x0, 0x0)

10.067049446s ago: executing program 4 (id=1781):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/13, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
remap_file_pages(&(0x7f00005fd000/0x4000)=nil, 0x4000, 0x0, 0x5, 0x20000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

9.21720604s ago: executing program 4 (id=1795):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001000)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x2}, 0x18)
r1 = socket(0x1e, 0x4, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0xa, 0x58740, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xa}, 0x0, 0x10000, 0x0, 0x8, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$AUTOFS_IOC_FAIL(r2, 0x4c80, 0xfffff)
r3 = socket(0x1e, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000080000000000000000000850000007d00000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r4}, 0x10)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_DISALLOCATE(r5, 0x5608)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0xfffffffc}, 0x10)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2, 0x4}, 0x10)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r6 = dup3(r3, r1, 0x0)
recvmmsg(r6, &(0x7f0000002c80)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000880)=""/194, 0xc2}, {&(0x7f0000000a00)=""/204, 0xcc}], 0x2, &(0x7f0000000580)=""/164, 0xa4}, 0x6}, {{0x0, 0x0, &(0x7f00000029c0)=[{&(0x7f0000001140)=""/4096, 0x1000}, {0x0}], 0x2}, 0x630}, {{&(0x7f00000024c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x80, &(0x7f0000000980)=[{&(0x7f0000002540)=""/251, 0xfb}, {&(0x7f0000002640)=""/228, 0xe4}, {&(0x7f0000002740)=""/97, 0x61}], 0x3}, 0x30e}, {{0x0, 0x0, &(0x7f0000002ac0)=[{&(0x7f0000000000)=""/127, 0x7f}, {&(0x7f0000002840)=""/44, 0x2c}, {&(0x7f0000002880)=""/124, 0x7c}, {0x0}, {&(0x7f0000002940)=""/71, 0x47}, {&(0x7f0000002e00)=""/243, 0xf3}], 0x6}, 0xe}, {{&(0x7f0000002b40)=@hci, 0x80, &(0x7f0000002bc0), 0x0, &(0x7f0000002c00)=""/107, 0x6b}, 0x4}], 0x5, 0x40000001, 0x0)
socket$kcm(0x29, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x41, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000006cf800000000000000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r8}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10002, 0x9, 0x1, 0x1}, 0x50)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000003feffff720af0fff8ffffff71a4f0ff0000000072030000000000001d400500000000004704000001ed000072030200000000001d440000000000006b0a00fe000000007303000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f1ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c107571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d1abf3cb17b40ac9b10968f38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d61f3b39c64307f9c82b2807c9ff4a269841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67a41b9e320146ee9f566a280570d811d6a6402f172a2901a2cd80d275bdffb52eae4963fdf2e88a2c56b2319aef69292a4982c9144df70d4bc5590c0e18e4751ba48e2c75bdbcb1df593dea26cd555b06a6ff64ee8b6c8b2ffc952f37fc8721d7c34d8aa91ba07316cf9c627f9e0b47c132ee269a600bebd6e0"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0x7, 0xfd, 0x0, 0x0, 0x0, 0x5d31, 0x10000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x5, 0x3}, 0x0, 0x80000000000, 0x40000, 0x0, 0x21, 0x3, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r9 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r9, @ANYBLOB="0000000000000000b703000000000000850000000d000000b70000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r10, 0x0, 0xe, 0x0, &(0x7f0000000900)="c1dfb080cd21d308098ee6888100", 0x0, 0xadf0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

7.980624272s ago: executing program 4 (id=1802):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000095"], &(0x7f0000000440)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0xf}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='timerslack_ns\x00')
write$binfmt_format(r1, &(0x7f0000000180)='1\x00', 0x2)
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x9801)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000009"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10)
sendmsg$NFT_BATCH(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000010000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0)
mount_setattr(r2, &(0x7f0000000080)='./file0/file0\x00', 0x8000, &(0x7f0000001dc0)={0x81, 0xc, 0x0, {r2}}, 0x20)
r6 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r6, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)

7.69207438s ago: executing program 4 (id=1806):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f00000001c0)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "69dcaf20127e9a854528f45826cb35be51ca73845d177dd8dba7221daeccfda56b75cfe286fdd14cb5b11b1cab614fec2236da7d88ea0f0700", 0x3f}, 0x48, 0xfffffffffffffffe)
keyctl$search(0xa, r2, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, 0x0)

7.456937894s ago: executing program 4 (id=1810):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000000)=0x1, 0x7, 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000500)={0x1c, r2, 0x10ada85e65c25359, 0xfffffffc, 0x25dfdbfd, {{0x6b}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8441}, 0x4000000)

7.430269646s ago: executing program 32 (id=1810):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000000)=0x1, 0x7, 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000500)={0x1c, r2, 0x10ada85e65c25359, 0xfffffffc, 0x25dfdbfd, {{0x6b}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8441}, 0x4000000)

1.950251127s ago: executing program 5 (id=1893):
socket$packet(0x11, 0xa, 0x300)
r0 = io_uring_setup(0x5597, &(0x7f0000000100)={0x0, 0x10000000, 0x1, 0x1, 0x1d1})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000002700)=""/4096, 0x1000}, {0x0}], &(0x7f0000000200)=[0xba], 0x2}, 0x20)
socket$packet(0x11, 0xa, 0x300)

1.754137176s ago: executing program 5 (id=1895):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_open_dev$ttys(0xc, 0x2, 0x0)
syz_clone(0x80000100, &(0x7f0000000000)="9a26404978957e3f67f526", 0xb, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0)="30ace7e2e1045e469399e3a14fb193392e287bf61cdb748bbde9c1336b6eff65bd03a500df14cf7cb1e8d8a943c017aa2a966318076f2d770781f0f374d0f9957072c4c56f4673ccd59f1055df6b77a27c7f4c4713acf734dce51c26b3ad60873aab6bff1538cf227a878000a87daa3eadbcf397ad42a82848d74358be7f1f038dd8b7")
ioctl$TIOCCONS(r1, 0x541d)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r2, 0x84, 0x15, &(0x7f0000000200)={0xfa}, 0x1)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r2, 0x84, 0x1b, &(0x7f0000000240), &(0x7f00000001c0)=0x8)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000001980), 0x200)
fcntl$setstatus(r3, 0x4, 0x2800)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x5452, &(0x7f0000000b00)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}})

1.530315559s ago: executing program 5 (id=1900):
getegid()
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x5a)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000600)=""/255, 0x118000, 0x1000, 0x8, 0x1}, 0x20)
capset(&(0x7f0000000080)={0x19980330}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x7})
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_UNIMAP(r1, 0x4b66, &(0x7f0000000000)={0xfffffc64, 0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x3, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @sched_cls=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000004000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kfree\x00', r7}, 0x18)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r8, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000042c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWRULE={0x7c, 0x6, 0xa, 0x403, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x50, 0x4, 0x0, 0x1, [{0x4c, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x24, 0x3, "7339f2f304fdd672bad09dfb040000000000000001f9580dabf95ddc91967c20"}, @NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0xc, 0x1, 'RATEEST\x00'}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xa4}, 0x1, 0x0, 0x0, 0x4000850}, 0x20008040)
write(r5, &(0x7f0000000280)="8654f6", 0x3)
splice(r5, &(0x7f0000000040), r4, 0x0, 0x6, 0x4)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001e80)=@newtaction={0x48, 0x31, 0x1, 0xfffffffd, 0x25dfdbfb, {0x0, 0x0, 0x11}, [{0x34, 0x1, [@m_police={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x3, {0x7ffffffe}}, {0xc}}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x8800}, 0x0)
vmsplice(r3, &(0x7f00000002c0)=[{&(0x7f0000000100)="eb", 0x1}, {&(0x7f0000000140)="ba1b8e7dd997b36076a2171d79e62ab906ee1eedb2b86a82", 0x18}, {&(0x7f0000000180)="141c94ff8541e31cc8e0e6c4a151f95ee61728f07eaa941c8ed39fd859d3efcf", 0x20}, {&(0x7f0000000540)="1e72423f634f6fdab2721b03a6e441d169238acf79e9998df1dec51a06d8d76b7505f875aa2817f270ac5d64dd3686c23a2adb428d657a80539cd89dc44ad83d6c6bc84ca36b4b95a83f9c2f7ed8f36c659180acc7c1cdece0f1b76f1c0380481c421c4bdf073a86a36824561093e6c621ba3f19bb416b7906b606bc947ce554b90c2971", 0x84}], 0x4, 0x7)
remap_file_pages(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000000, 0x9d4, 0x4000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='kfree\x00', r2}, 0x18)
r10 = socket(0x2, 0x80805, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r10, 0x84, 0x1a, 0x0, &(0x7f0000000080))

1.438826978s ago: executing program 2 (id=1902):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18)
connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1, 0x0, {0x1, 0xff, 0xa8fe8ad4eea2351f}, 0x2}, 0x18)
clock_gettime(0x0, &(0x7f0000001740)={<r2=>0x0, <r3=>0x0})
recvmmsg(r0, &(0x7f0000001600)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000240)=""/76, 0x4c}, {&(0x7f0000000300)=""/34, 0x22}, {&(0x7f0000000380)=""/50, 0x32}, {&(0x7f00000003c0)=""/117, 0x75}], 0x4, &(0x7f0000000480)=""/239, 0xef}, 0x800000}, {{&(0x7f0000000700)=@ieee802154={0x24, @long}, 0x80, &(0x7f0000000b00)=[{&(0x7f0000000780)=""/224, 0xe0}, {&(0x7f0000000880)=""/228, 0xe4}, {&(0x7f0000000980)=""/163, 0xa3}, {&(0x7f0000000a40)=""/149, 0x95}], 0x4, &(0x7f0000000b40)=""/31, 0x1f}}, {{&(0x7f0000000b80)=@un=@abs, 0x80, &(0x7f0000000e00)=[{&(0x7f0000000c00)=""/126, 0x7e}, {&(0x7f0000000c80)=""/175, 0xaf}, {&(0x7f0000000d40)=""/133, 0x85}], 0x3, &(0x7f0000000e40)=""/59, 0x3b}, 0x4}, {{&(0x7f0000000e80)=@xdp, 0x80, &(0x7f0000001300)=[{&(0x7f0000000f00)=""/191, 0xbf}, {&(0x7f0000000fc0)=""/126, 0x7e}, {&(0x7f0000001040)=""/119, 0x77}, {&(0x7f00000010c0)=""/247, 0xf7}, {&(0x7f00000011c0)=""/225, 0xe1}], 0x5}, 0x7}, {{&(0x7f0000001380)=@l2={0x1f, 0x0, @none}, 0x80, &(0x7f0000001580)=[{&(0x7f0000001400)=""/79, 0x4f}, {&(0x7f0000001480)=""/254, 0xfe}], 0x2, &(0x7f00000015c0)=""/39, 0x27}, 0x7}], 0x5, 0x20000100, &(0x7f0000001780)={r2, r3+60000000})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(r4, 0x26, &(0x7f0000000080)={0x1, 0x0, 0x2007, 0x1fd})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)={0x12c, r6, 0xfc5, 0x70bd29, 0x4000, {{0x11}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0x10e, 0x2a, [@perr={0x84, 0x108, {0x0, 0x10, [{{0x0, 0x1}, @device_a, 0x9, @value=@device_b, 0x1c}, {{}, @device_a, 0x4, @void, 0x1e}, {{0x0, 0x1}, @device_b, 0x8, @value, 0x2a}, {{}, @broadcast, 0x7805, @void, 0x28}, {{0x0, 0x1}, @device_a, 0x0, @value=@device_b, 0x34}, {{0x0, 0x1}, @device_b, 0x101, @value, 0x19}, {{0x0, 0x1}, @device_b, 0x81, @value, 0x7}, {{0x0, 0x1}, @device_b, 0x2, @value, 0xb}, {{}, @broadcast, 0x100, @void, 0x1e}, {{}, @device_b, 0x100040, @void, 0x26}, {{}, @device_a, 0x7fffffff, @void, 0x2e}, {{0x0, 0x1}, @broadcast, 0x4, @value=@broadcast, 0x12}, {{}, @broadcast, 0x0, @void, 0x1b}, {{0x0, 0x1}, @broadcast, 0x3, @value=@broadcast, 0xa}, {{}, @device_a, 0x80, @void, 0x1e}, {{0x0, 0x1}, @device_b, 0x6, @value, 0xb}]}}]}]}, 0x12c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(r4, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r6, 0x300, 0x70bd27, 0x25dfdbfd, {{}, {@void, @void}}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x80)
sendmmsg(r0, &(0x7f0000003e40), 0x3fffffffffffe3d, 0xf5)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000040)={'vxcan1\x00', @remote})

1.154387135s ago: executing program 0 (id=1904):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x5, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0xfffffffb, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x200c, &(0x7f0000000180)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@nojournal_checksum}, {@dax_never}, {@nodiscard}], [{@obj_user={'obj_user', 0x3d, 'nodiscard'}}, {@fsuuid={'fsuuid', 0x3d, {[0x31, 0x32, 0x34, 0x33, 0x33, 0x39, 0x37, 0x65], 0x2d, [0x66, 0x30, 0x65, 0x1], 0x2d, [0x65, 0x33, 0x38, 0x65], 0x2d, [0x33, 0x34, 0x35, 0x35], 0x2d, [0x61, 0x32, 0x64, 0x63, 0x66, 0x64, 0x36, 0x39]}}}, {@fowner_eq}, {@func={'func', 0x3d, 'FILE_MMAP'}}]}, 0x0, 0x479, &(0x7f0000001300)="$eJzs3MtvG8UfAPDvOo82fcW/qj+gDyAIEKVA0qSl9MAFBBIHkJDgUI4hSatSt0FNkEhVQUCoHFElTlwQRyT+Ak5wQcAJCQ4c4I4qVaiXFk5Gm91NHdfOw3Xstv58pHVmdtee+Xpn7NmdeAPoWSPpQxKxIyL+iIjhLLtyh5Hsz41rF6f+uXZxKolq9Y2/k/508/VrF6eKXYvnbS8y/RGlT5LY36DcuYULZyYrlZnzeX5s/uy7Y3MLF545fXby1MypmXMTx48fPTL+3LGJZ9sSZxrX9X0fzB7Y+8pbl1+bOnH57Z++SYr46+K4xW8tFTmy2sbHq9WWXvQONJg+7KxZkbUM7gZ9WTeNgaX+Pxx9cfPgDcfLH3e1csCmqlar1fuab16sAvewJLpdA6A7ii/69Py3WDo09LgjXH0hOwFK476RL9mW/ijl+wzUnd+200hEnFj898t0ibWuQwAAtMF36fjn6Ubjv1LUXhfalc+hlCPifxGxOyKORcSeiPh/xNK+90fEAxssv36S5NbxT+lKS4GtUzr+ez6f21o5/itGf1Huy3M7l+IfSE6erswczt+TgzGwJc2Pr1LG9y/9+lmzbbXjv3RJyy/Ggnk9rvRvWfmc6cn5yduJudbVjyL29TeKP1meCUgiYm9E7GuxjNOHvj7QbNva8a+iDfNM1a8insiO/2LUxV9IsvnJcpP5ybGtUZk5PFa0ihiqefnF9ND9/Mul15uVf1vxt0F6/Lc1bP/L8ZeT2vnauY28+hdPpo+X/vy06TlNq+1/MHlzxbr3J+fnz49HDCavZpWuXT9Rt9/Ezf3T+A8+2rj/746b78T+iEgb8YMR8VBEPJzX/ZHfd635Lvz44mPvtB7/5krjn17/8a8ORxQNYWEw8sTymsaJvjM/fLui0HLj+Hc1Pf5Hl1IH8zXr+fxbT7022poBAADgblWKiB2RlEaX06XS6Gj2P/x7YlupMjs3/9TJ2ffOTWe/ESjHQKm40jVccz10PD+tL/ITdfkj+XXjz/uGlvKjU7OV6W4HDz1ue5P+n/qrr9u1Azad32tB79L/oXfp/9C7sv5fe7a/tWt1ATqrwff/UDfqAXReo/H/h+t54o721wXorLr+b9oPeojrf9C7Wun/PjPg3tC/2i2bBztaFaBz5oZi7R/J32uJrRu4QcDdlyjuXLMZRQykreVQRCxciFLXI5XYxES3P5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa478AAAD//9OC4M8=")

1.151664516s ago: executing program 0 (id=1905):
socket$packet(0x11, 0xa, 0x300)
r0 = io_uring_setup(0x5597, &(0x7f0000000100)={0x0, 0x10000000, 0x1, 0x1, 0x1d1})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000002700)=""/4096, 0x1000}, {0x0}], &(0x7f0000000200)=[0xba], 0x2}, 0x20)
socket$packet(0x11, 0xa, 0x300)

998.663061ms ago: executing program 0 (id=1906):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/12, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=@base={0xa, 0x5, 0x102, 0x7, 0x0, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r1}, 0x38)
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'wg0\x00', <r5=>0x0})
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000003c0)=0xffffffffffffffff, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@bloom_filter={0x1e, 0x5, 0x1cd5, 0x56, 0xa02, r0, 0x9, '\x00', r5, r6, 0x4, 0x5, 0x6, 0xd}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r4}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
readv(r6, &(0x7f0000000400)=[{&(0x7f0000000c00)=""/201, 0xc9}], 0x1)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r7, <r8=>0xffffffffffffffff}, 0x4)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1f, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70500000000000085000000a500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r9}, 0xc)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
syz_usbip_server_init(0x1)
ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000000040)={'macsec0\x00', @random="06517dc2e6ea"})
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21481e, &(0x7f0000000300)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}, {@nodiscard}]}, 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")

977.233983ms ago: executing program 5 (id=1907):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x4b800, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000002400)={{0x1, 0x1, 0x18}, './file0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r1 = socket$rds(0x15, 0x5, 0x0)
getgroups(0x0, 0x0)
bind$rds(r1, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r3}, 0x10)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$rds(r1, &(0x7f0000000580)={&(0x7f00000005c0)={0x2, 0x4, @rand_addr=0x64010101}, 0x10, 0x0, 0x0, &(0x7f0000003a80)=[@rdma_args={0x48, 0x114, 0x1, {{0x0, 0x2}, {0x0}, &(0x7f0000003a00)=[{&(0x7f00000016c0)=""/96, 0x60}], 0x1, 0x39, 0x2}}], 0x48, 0x4000000}, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r4, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000200040010000800014004000000", 0x58}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x4, &(0x7f0000000680)=ANY=[@ANYRESHEX=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffed6)
syz_open_dev$sg(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000740), 0x0, 0x46c, &(0x7f0000000bc0)="$eJzs281rHGUYAPBnJh9t7UdirR+tVaNFCIpJk1btwYuiIKIo6KEeY7ItodtGmii2FpuKeBKkoGfxKPoXeBNB1JPg1ZMnKRTtpa2nyMzOpJttNrFmk4nd3w82+74z7+48T+br3ffdDaBrDWV/kogdEfFbRAw0qksbDDWerl05N3n9yrnJJBYWXv8zydtdvXJusmxavm57URlOI9KPkmIjS82eOXtiol6vnS7qo3Mn3x6dPXP2iXdPThyvHa+dGj9y5PChsaefGn+yI3lmeV3d98HM/r0vvnnxlcmjF9/66Zss3h3F+uY8OmUoS/yvhVzrukc7vbGK7WwqJ70VBsIt6YmIbHf15ef/QPTEjZ03EC98WGlwwLrK7k1b2q+eXwBuY0lUHQFQjfJGn33+LR8b1PXYFC4/2/gAlOV9rXg01vRGWrTpa/l820lDEXF0/u8vskes0zgEAECzTyY/fzl7fv/61y9lfY+BxTVp3JM//57/3VXMoQxGxJ0RsTsi7oqIPRFxd0Te9t6IuG+N8dzc/0kvrfEtV5T1/54p5raW9v/K3l8M9hS1nXn+fcmx6XrtYPE/GY6+LVl9bIVtfPf8r5+2W9fc/8se2fbLvmARx6XelgG6qYm5ibxT2gGXL0Ts610u/2RxJiCJiL0Rse/W3npXWZh+7Kv97Rqtnv8KOjDPtPBllt58lv98tORfSprnJ6dvmp8c3Rr12sHR8qi42c+/fPxau+2vKf8OuFxrPDft/9Ymg0nzfO1sZ7f/H4//tD95I59n7i+WvTcxN3d6LKI/yS9nS5eP33htWS/bZ8f/8IHlz//dxWuy/O+PiOwgfiAiHoyIh4rYH46IRyLiwAo5/vjc6vlHWtH+vxAxtez1b/H4b9n/t17oOfHDt+22/+/2/+G8NFwsya9/q1gunOxy0RrgWv53AAAA8H+R5t+BT9KRxXKajow0vsO/J+5I6zOzc48fm3nn1FTju/KD0ZeWI10DxXhofbpeG0vmi3dsjI+OF2PF5XjpoWLc+LOebXl9ZHKmPlVx7tDttrc5/zN/9FQdHbDOti27dLx/wwMBKtA6j54urZ5/NVwM4Hbl99rQvVY5/9ONigPYeO7/0L2WO//Pt9TNBcDtyf0fupfzH7pU+n3VEQAVcv+HrrSW3/WvY2Hr5gijmsJm3Sl5IaIspJsiHoV1KlR9ZQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiMfwIAAP//2wzmew==")
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000004000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
flistxattr(r6, 0x0, 0xdeff)

931.666708ms ago: executing program 1 (id=1908):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0xb, &(0x7f00000005c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
syz_read_part_table(0x5be, &(0x7f00000005c0)="$eJzs2z9o02kYB/An1SAonIuTk3VwOFwURzOoJFFRCNEu4qCgiJgpghC5gKCDzdDSDKVjl1LI0j9T0wwdjpYWOpfSoUehQ5c72qXQpTlK39vb6x8QPh94eXjf95s8v2f4jb/gl9YT/3S73UxEdC8d/9d9rXzhyY3Sg/LLiEy8jojeP3+bOrjJpMR//3oz7dfTfmz0cqd/53G2tfZi99ab+UZPuv+W1pXxdt+Jh+PMTeQWrn7/US0O1HIfV4v1zZ8ry88nt/Pl9rNGc+pp9tG7lFtM9WKqn6MWX+NTvI1KVOJ9VE+p/0hr487+9WJr5sP9vUJncO5uypVOOOdR+3/pHXrVrD+8PX1t+F5tdqm8deEwV/kfbxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOdvIrdw9fuPanGglvu4Wqxv/lxZfj65nS+3nzWaU0+zj96l3GKqF1P9HLX4Gp/ibVSiEu+jekr9R1obd/avF1szH+7vFTqDc3dTrnTCOY/a/0vv0Ktm/eHt6WvD92qzS+WtC4e5yqUzegAAAAAAAAAAAAAAAAAAAACIiHzhyY3Sg/LLiEy8jojf//6j5+C8m753z6TczVTX0/nY6OVO/87jbGvtxe6tN/ONv9L5t7SujLf7zn0Yju3fAAAA//8CE5V6")

719.470278ms ago: executing program 5 (id=1909):
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fsetxattr$security_selinux(r1, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
getdents64(r2, 0x0, 0x0)
r3 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
dup(r3)
r4 = io_uring_setup(0x1684, &(0x7f0000000ac0)={0x0, 0xdd95, 0x400, 0x0, 0x2})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000002040)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kfree\x00', r7}, 0x18)
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000017c0)=@newtaction={0x898, 0x30, 0xffff, 0x70bd29, 0x0, {}, [{0x884, 0x1, [@m_police={0x880, 0x1, 0x0, 0x0, {{0xb}, {0x854, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE64={0xc, 0xb, 0xffffffffffffffff}, @TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, 0x2, 0x4000, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x6, 0x0, 0x0, 0x5, 0x0, 0x4e16, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffe, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8432, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0xf, 0x2, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb7fe6bd0, 0x6, 0x1ffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x98, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffc, 0x0, 0x2, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x894e, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x9, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff0001, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0xcd9, 0x0, 0xe, 0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x319e, 0x4, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffc, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x7, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x4, 0x0, 0x0, 0x0, 0x0, 0xff}}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x898}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$getownex(r8, 0x10, &(0x7f0000000380))
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r9, 0x0, 0xb}, 0x18)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r10 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r11 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)
pwrite64(r11, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
fallocate(r10, 0x0, 0xbf5, 0x2000402)
ioctl$EXT4_IOC_MOVE_EXT(r11, 0xc028660f, &(0x7f0000000040)={0xc, r10, 0x0, 0x0, 0x0, 0xfffffffffdffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0}, 0x94)
socket(0x10, 0x3, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x10008)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)

718.827258ms ago: executing program 3 (id=1910):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x800000, &(0x7f0000000440)=ANY=[@ANYBLOB='iocharset=maccentGuro,shortname=winnt,\x00'], 0x1, 0x34c, &(0x7f0000001740)="$eJzs3T9oJGUUAPC3mU12EziTQji0Wu0EOS4RC21MOE44TKEni/8aFy7nn+wqZHEhFtlLo1gqNoJWdldoebVYiNhZ2HqCnIqN1x3c4cjuTHY3mcn9EbOn3u9XhJf3fW++byZDdhKSt6+uxua52Th/9eqVqNcrUV09tRrXKrEUM5FE5kIAAP8n19I0/kgzw8RTN5v90ULMZtHcVHYHAByF4ev/a8fGidrd3A0AMA2Fn//LPVuaffvItgUAHKHC6//D+4YP/Jq/OvqbAADgv+v5l15+Zm094myjUY/ovN9r9prx5Hh87Xy8Ee3YiJOxGDcisgeF7Glh8PHpM+unTzYGflmK5qCi14zo9HvN7ElhLRnW12I5FmMpr09H9cmgfnlY34iIC/3h+tGp9JqzsZCv/+NCbMRKLMb9hfqIM+unVxr5AZqdvfp+xG7U905isP8TsRjfzww/OReD2uxYg8zOcqNxKl3fV9+7WBvOAwAAAAAAAAAAAAAAAAAAAACAo3BiPvLuOY2lUf+btNPvvXc2n9Aojg/7+2TDeX+g3aw/UFrb687zQXKwP9D+/jy9ZjVm7uqZAwAAAAAAAAAAAAAAAAAAwL9Hd3suWu32xlZ3+93NcTDX7k9k3vr2i6/n4+CcN5NxJqrZ4fbNyXMxUZXEqDwdlafJvjl5kETkkyvRunhptOPJObXRWRTKB0GtMFTJ99Rqt4899POnZVV/jjNJjIbqpUtU8vUnhjr3Zamy/dw8qHS3V24x53KapoeV73xSrIp6RLXwhfsngm+uvP7AY93jj3cr1c3WV3nTh0ceXXzh8sef/7bZakd+adrtua3ujfRvr5VM3D+V/DpXSu6E8mB3nNnd6m63kh9+f/HBD787MDkpv3/Sycw7h6/15cHMXBYMtnk7ZzpbcvOXB69cH929d34xj3+22rq089OvexfzVlUT3yQ06gAAAAAAAAAAAAAAAAAAgKmY+F/xO/DEc0e3IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYvvH7/08Eu4XM7QTX+1Ecqm1sdQ9dfH6qpwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD3srwAAAP//JT9zjQ==")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd146, 0x10000, 0xc, 0x288}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000200)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r3, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='0'], 0x30}})
mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3000, 0x2, &(0x7f0000000000/0x3000)=nil)
modify_ldt$write(0x1, &(0x7f0000000180)={0xa, 0x20000000, 0x400, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1}, 0x10)
io_uring_enter(r4, 0x3516, 0x0, 0x4, 0x0, 0x0)
shutdown(r2, 0x0)
accept4$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @multicast1}, &(0x7f0000000040)=0x10, 0x80000)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa1780c206050086dd"], 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x94)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x8528c000)
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r7)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010104}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r8=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000440)="be6f88e904006dd2bd0117c586023380ec289d6c15d3fc0fb99d7337093227523ac2fe6bc9040e01b630dcecf43a9dc2ec73ca8323adbd5e3a0b91ebec615dfb1a23c01b1977a0b14dc32cafe1a70aaa8fb8a3683c7a114b56dd7f22da4178ffd809abddedaa6dfd4637286f12610033f3a62b203f7432b1ce1d701f3b38d77f0fd821733693a34566fd7aba12f7c8f6ff8092e2028fafa4bf4fa980508d371217af62f17c4eac6032968e543fd5a565b8efc372aa05a1b5add6c58ac7d8f828a9bfcb1081ffaecb10e29000"/219, 0xfe98}], 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB="2000000000000000840000000200000006000400280100000b008002", @ANYRES32=r8], 0x20, 0x6044}, 0x6)

685.123892ms ago: executing program 1 (id=1911):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a44080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)

530.904517ms ago: executing program 3 (id=1912):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001000)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x2}, 0x18)
socket(0x1e, 0x4, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0xa, 0x58740, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xa}, 0x0, 0x10000, 0x0, 0x8, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_DISALLOCATE(r1, 0x5608)

530.249057ms ago: executing program 1 (id=1913):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000ac0)={[{@grpquota}, {@sb={'sb', 0x3d, 0x5}}, {@quota}], [{@seclabel}, {@fowner_gt={'fowner>', 0xee00}}, {@mask={'mask', 0x3d, '^MAY_EXEC'}}]}, 0xfd, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
openat$vcsa(0xffffffffffffff9c, &(0x7f0000002fc0), 0x242002, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000040)}, 0x20)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x25, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)={0x2c, 0x0, 0xc4fc9e906872338b, 0x70bd2a, 0x0, {{0x15}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4, 0x3, 0x0, 0x0}]}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f00000002c0), 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0x30, 0x0, 0x1, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="8ecd705dd424"}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x6}]}, 0x30}, 0x1, 0x0, 0x0, 0x4050}, 0x50)
fcntl$lock(r0, 0x25, &(0x7f00000000c0)={0x2, 0x0, 0x4004, 0x409})

529.336577ms ago: executing program 3 (id=1914):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x2228c0, 0x0) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r3)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x1c, r4, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4008084}, 0x0) (async)
r5 = dup(r0)
ioctl$USBDEVFS_CONTROL(r5, 0xc0185500, &(0x7f0000000080)={0x60, 0xa, 0x2, 0x7fff, 0x12, 0x47, &(0x7f0000000000)="512c1b9c81b2718fe0bda5e31d2165ee9d35"}) (async)
ioctl$PTP_PEROUT_REQUEST2(r5, 0x40383d0c, &(0x7f00000000c0)={{0xeb4, 0x48c}, {0x10000000007, 0x90}, 0xb, 0x4})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a0300000000000000000002000000090002"], 0x34}}, 0x0) (async)
ioctl$BTRFS_IOC_RESIZE(r0, 0x50009403, &(0x7f0000000100)=ANY=[@ANYRES32=r0, @ANYBLOB="00ff00006d6178"])

447.597176ms ago: executing program 1 (id=1915):
r0 = syz_io_uring_setup(0x593, &(0x7f0000000400)={0x0, 0xc459, 0x8, 0x0, 0x398}, &(0x7f0000000300), &(0x7f0000000a40))
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000008}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000021c0)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xf}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_TUPDATE={0x8, 0x4, 0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x4008032, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3, <r4=>0xffffffffffffffff}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYRES32=r0, @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r7}, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000740)={'ipvlan1\x00', <r10=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000004c0)=@newqdisc={0x3c, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r10, {0x0, 0x1}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_WASH={0x8}]}}]}, 0x3c}}, 0x0)
r11 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r8)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r8, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="01002dbd7000fedbdf252c"], 0x2c}, 0x1, 0x0, 0x0, 0x20048881}, 0x2000c800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
r12 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r13}, 0x10)
r14 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r15 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0xea7c0, 0x0)
ioctl$TCSETS(r15, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x10, "0062ba5d8200"})
r16 = syz_open_pts(r15, 0x20800)
dup3(r16, r15, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r14, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

446.744926ms ago: executing program 2 (id=1916):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000180)='GPL\x00', 0xa, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000000)=0x1, 0x7, 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000500)={0x1c, r2, 0x10ada85e65c25359, 0xfffffffc, 0x25dfdbfd, {{0x6b}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8441}, 0x4000000)

398.41534ms ago: executing program 2 (id=1917):
r0 = io_uring_setup(0x5597, &(0x7f0000000100)={0x0, 0x10000000, 0x1, 0x1, 0x1d1})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000002700)=""/4096, 0x1000}, {0x0}], &(0x7f0000000200)=[0xba], 0x2}, 0x20)

398.13981ms ago: executing program 3 (id=1918):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001d40)=@base={0x12, 0x6, 0x4, 0x2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, &(0x7f0000000040), &(0x7f0000000140)=r1}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r2, &(0x7f0000000040)}, 0x20)

266.242793ms ago: executing program 3 (id=1919):
r0 = io_uring_setup(0x5597, &(0x7f0000000100)={0x0, 0x10000000, 0x1, 0x1, 0x1d1})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000002700)=""/4096, 0x1000}, {0x0}], &(0x7f0000000200)=[0xba], 0x2}, 0x20)

259.266684ms ago: executing program 0 (id=1920):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000180)='GPL\x00', 0xa, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000000)=0x1, 0x7, 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000500)={0x1c, r2, 0x10ada85e65c25359, 0xfffffffc, 0x25dfdbfd, {{0x6b}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8441}, 0x4000000)

230.795627ms ago: executing program 2 (id=1921):
r0 = creat(&(0x7f0000000300)='./file0\x00', 0x28)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
write$qrtrtun(r0, &(0x7f0000000900)="9d8d645e53b6183d874f9e93a18dd009a09560ff682bd07dc3d28385a8f3f9e18418950d4dfe49f13a19e24320444a7d6c121741ba3dc510dba4f980bbd9a315544fa0a1622d949faba79788908354e467989e8458e6f5f76e0e4e781bfca4c928c956321dd514877569805db6602f1584a8bd051f13bad882bea021ffb5ce918a1f87f1d439ec93772d6ecaaf8891f7678f2037ccced78ea5c1aa805f1b9f5a2c3974c5124cac5e163d9b6f5b998c1c7263fa2331d1241523986dccbd4e1f32b2f521380a2ea4732132264de6d26ce40177a780df98cbf94b96d900a2dfc5c877db675ebb1d7cbc398ca422ddbadc24ee6f3bf036f62cdb056502a6b657ff95930ea668649ad0003afe9a912179ce61631b3dab94642d2768f1f22299deb9eddb917fc0076b74406149024514d07417c6007e8cd4dc4e2295be71f412044b52b1ce32aac048cad9c413a8c19528dc1b432fe7f9fda7182a47243af427a76ede78aa5c6ef75ea1f48e2e9e9d203d4760a1ff6a0119b39a2458a050f9519d4bbd821684ef8356985e8f5b8d86346f428788fc374e7eaa0c2a2ef8478a13b4a56d0821201c37a0066fb9f5cc583005b9f71b67daa300311066bacbf43630a8388aff734a568a123a48ba1344a5500e5c6f8cef539617cd3970ffb873579a3b76bd529f1626d1f90543b2a0190df38bb1e8b6fc9bfc5c42693814665679e78ed8adce4d23b8725416101ae4113fee000cb92b32c6a74851a6c4af4625f28810ec16834a1589063af1bf0b29aa57e06dddc0fddf408fab63c536d5afd9ba5a71f9e534f99e5ea9c1eaaaad710ef30a37df0f87978894333850f4feac3740a3b010da7c250d060c8046cab40d0527234d4b4b28366bc7d5899948ddbfac66c848ef0f842eab95248e9d064c0ec4247483f0aa0cad7ca970365e474fe73cf79cf8c70fc7a015caa273ce41723453632cf5b809584d227f7e98e8ec41494518b0b8a8adbaf5ead6529451b116fab06529b653bffdd6d98f8322265305bdc0ff69f4a70dea414fcc63d149c564c834f24b8f7495cd9ccafa1e3f652cd3270935800ee0d5598afcaa41c150dac263408d77a61b5c77e2c3644dda1b8c333a36c30ce893140ce133827dde34d896d35c498bf6dda965a27cc77e2872fcedaf9dcb89614c758cf62ad769ac05a4fb9e27b421b82c1761f1322b03cc9ea586d15f7d2ffb6ed63c639cee97d9eea8f3934045e60b15eca5c13ebe002467c09815712165cee2af784f9e5db9f7227701ca9a3de588503c84c490f4986aa26e7b63d4c5a30157cdf82e433a1b64496392a1990b2a46b910d9a16429736308f71d8e78824a26f25f21829546b973c0905b20c2ef751eb0064eaf831874f0b58ef8779cafd02bcf075a212e79e07c73c49fc240d6845877fda649d1ab59ea06b907ec5031299a0e1fa2f8cbc241a8531ad241302b569d4581dcc944f27799f25593b97ea7681ba74d6cde9c8f58840ac4c4be3aa90e6273a64e549c47c7232f423406604c9c210eabe3d6a2343bd6c2ae72ab013ce2af32467bcfa8cbf0769f9156e35424", 0x45c)
r4 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x40)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x0, 0x0}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
syz_open_dev$vcsu(&(0x7f0000000340), 0x0, 0x10d882)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000f00000018110000", @ANYRES32=r5, @ANYRESHEX=r2], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
socket$inet6_sctp(0xa, 0x5, 0x84)
close(0x3)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
r7 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000640)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c3a00000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080000", @ANYRES32=r7, @ANYBLOB], &(0x7f0000000100)='GPL\x00', 0xfffffffa, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, 0x0, 0x4000000)
socket$inet6_sctp(0xa, 0x5, 0x84)
unshare(0x2040400)
mq_notify(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x2a, 0x0, @thr={0x0, 0x0}})
openat$tun(0xffffffffffffff9c, &(0x7f0000000380), 0x6100, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r8 = syz_open_dev$usbfs(&(0x7f0000000000), 0x800000001ff, 0x2)
r9 = dup(r8)
ioctl$USBDEVFS_CONTROL(r9, 0xc0185500, &(0x7f0000000040)={0x23, 0x1, 0x8, 0x4, 0x0, 0x4, 0x0})

192.276811ms ago: executing program 0 (id=1922):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000240), 0x401, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xe)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000f00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x1f, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x10000000, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket(0x10, 0x803, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0x7}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000010180)=@newtfilter={0x74, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x48, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0x5, 0xd, 0x3, 0x4, 0x13, 0x2, 0x6, 0x7ffffffa, [{0x200, 0x500, 0x3, 0x6}, {0x3, 0x2, 0x8001, 0x10}, {0x0, 0x55, 0xa9, 0x1}]}}]}}]}, 0x74}}, 0x24040084)

175.119982ms ago: executing program 5 (id=1923):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_COMPAT_GET(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x2c, 0x0, 0xb, 0x101, 0x0, 0x0, {0x3, 0x0, 0x3}, [@NFTA_COMPAT_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_COMPAT_NAME={0x7, 0x1, '\xa8\x81\x00'}, @NFTA_COMPAT_REV={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4004000}, 0x20000184)
r1 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0xb, &(0x7f0000001ec0)=ANY=[], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
iopl(0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000500)='./bus\x00', 0x124435, &(0x7f0000000340)={[], [{@dont_appraise}]}, 0x1, 0x4bc, &(0x7f0000000f00)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r6 = dup3(r1, r5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'batadv0\x00', <r7=>0x0})
quotactl$Q_GETINFO(0xffffffff80000500, &(0x7f0000003000)=@filename='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000840))
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000000000000089000a00000008000000e00000020c00088008000c00000000000000", @ANYRES32, @ANYBLOB], 0x28}}, 0x0)
quotactl$Q_GETFMT(0xffffffff80000401, &(0x7f0000000500)=@nbd={'/dev/nbd', 0x0}, 0x0, &(0x7f0000000740))
newfstatat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r8=>0x0}, 0x4000)
setresuid(r8, r8, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000005c0)=<r9=>0x0)
r10 = getuid()
r11 = getegid()
lsetxattr$system_posix_acl(&(0x7f0000000240)='./file1\x00', &(0x7f0000000380)='system.posix_acl_default\x00', &(0x7f0000000600)={{}, {0x1, 0x2}, [{0x2, 0x2}, {}, {0x2, 0x4}, {0x2, 0x1}, {0x2, 0x2}, {0x2, 0x3, 0xee00}, {0x2, 0x1, r8}, {0x2, 0x1, r9}, {0x2, 0x2, r10}], {0x4, 0x2}, [{0x8, 0x0, r11}], {0x10, 0x4}, {0x20, 0x7}}, 0x74, 0x3)
sendmsg$nl_route(r6, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="2c000000480000042dbd7000fddbdf250a001f00", @ANYRES32=r7, @ANYBLOB="d292cea4f21f30f3c51041fb9da23fa70008000200020000000800020005000000"], 0x2c}, 0x1, 0x0, 0x0, 0x20008000}, 0x44800)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x48)

170.100103ms ago: executing program 0 (id=1924):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0xa82, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0}) (async, rerun: 64)
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000100), 0x400002, 0x0)
recvmsg(r3, &(0x7f0000000940)={&(0x7f0000000140)=@alg, 0x80, &(0x7f0000000880)=[{&(0x7f00000001c0)=""/170, 0xaa}, {&(0x7f0000000280)=""/142, 0x8e}, {&(0x7f0000000340)=""/241, 0xf1}, {0x0}, {0x0}, {&(0x7f0000000780)=""/232, 0xe8}], 0x6, &(0x7f0000000900)=""/20, 0x14}, 0x40000103) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7) (async)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0xfffffffa) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r3, 0x93f16000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f0000000640), 0x0, 0x160, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f00000005c0)=ANY=[@ANYBLOB="1880000000000000343a0b9c0000007b00000095ee53b70c13cc0869def6aaaba0cd2b4558b880d0e873a53686e0b178e5b534957157689c4d1473b73e2f73f20c11b3f82f45b26d90b59328be1143d3e61cea2c62f1367993d13609147000943f9738362fda9281114a5049c3dad649f997cb001c1918ec"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, 0x0, 0x4000000)
sendmsg$NFT_BATCH(r8, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000540)=ANY=[@ANYRESOCT=0x0], 0xb0}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000440)={r0, 0x0, 0x25, 0xe, @val=@perf_event={0xf4}}, 0x18)
syz_open_procfs$namespace(r4, &(0x7f0000000040)='ns/pid_for_children\x00') (async)
syz_clone3(&(0x7f0000000340)={0xa320080, 0x0, 0x0, 0x0, {0x8}, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[r4], 0x1, {r0}}, 0x58) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="1b00000000000000000000000080d359845299c43ab4022e1f02294797fea14419d0a2a1d405f5d165869aaacf7d86aaac4235d0d07fb92baf16656cb5b2ccceb1e336fadda5af2b3ae9efc92c8a177478e762a44f0e44d53c0e0c30d5d93aa703c508d07d42998a942539063c8e98dce4f0950e0327d9c7ed6c25b2a5820151f1c8de71f7e30446c0ae0c375b6fd738a93d3ff46a0fc11abbb1db3c4cfb1ef58d954d3f8aa03893539a21d94a7021730130373aab01b646a5c8f880b9d0906a6ffdbb12a5466a8685c2dd7c7415a01c5d0a05946e7c7558b82e2dd64d8c38573ffd713e7c993a7a6074180173b2e999f0173608c59350ad727cd604c55e0e51848248d4f906631c3c729322138bf6807ff2e9585134c90844133103cb28317a0252cc3f7d64ad6174681c94443df3a99b858c"], 0x48) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000580)='ext4_read_block_bitmap_load\x00', r3, 0x0, 0x7f}, 0x18)
r9 = socket(0x10, 0x3, 0x40)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000180)={'ip6tnl0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newqdisc={0x3c, 0x24, 0xf0b, 0x20000000, 0x25dfdbfd, {0x0, 0x0, 0x0, r10, {0x0, 0x8}, {0xd, 0xffff}, {0xd, 0xc}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x4}}, @TCA_INGRESS_BLOCK={0x7, 0xd, 0xe6a4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20044881}, 0x0)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x2, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r11, 0x0, 0xb}, 0x31) (async)
write$cgroup_int(r0, &(0x7f0000000040)=0x922, 0x12)

168.253383ms ago: executing program 2 (id=1925):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000ac0)={[{@grpquota}, {@sb={'sb', 0x3d, 0x5}}, {@quota}], [{@seclabel}, {@fowner_gt={'fowner>', 0xee00}}, {@mask={'mask', 0x3d, '^MAY_EXEC'}}]}, 0xfd, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
openat$vcsa(0xffffffffffffff9c, &(0x7f0000002fc0), 0x242002, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000040)}, 0x20)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x25, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)={0x2c, 0x0, 0xc4fc9e906872338b, 0x70bd2a, 0x0, {{0x15}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4, 0x3, 0x0, 0x0}]}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f00000002c0), 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0x30, 0x0, 0x1, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="8ecd705dd424"}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x6}]}, 0x30}, 0x1, 0x0, 0x0, 0x4050}, 0x50)
fcntl$lock(r0, 0x25, &(0x7f00000000c0)={0x2, 0x0, 0x4004, 0x409})

86.216931ms ago: executing program 1 (id=1926):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000180)='GPL\x00', 0xa, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000000)=0x1, 0x7, 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000500)={0x1c, r2, 0x10ada85e65c25359, 0xfffffffc, 0x25dfdbfd, {{0x6b}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8441}, 0x4000000)

31.010017ms ago: executing program 1 (id=1927):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[@ANYBLOB="50000000090601020000000000006ce6016000000900020073797a31000000000500010007000000280007800c00018008000140640101010c00148008000140ac1414bb0c000280"], 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)

30.328357ms ago: executing program 3 (id=1928):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[@ANYBLOB="50000000090601020000000000006ce6016000000900020073797a31000000000500010007000000280007800c00018008000140640101010c00148008000140ac1414bb0c000280"], 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4) (fail_nth: 2)

0s ago: executing program 2 (id=1929):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001d40)=@base={0x12, 0x6, 0x4, 0x2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r3}, &(0x7f0000000040), &(0x7f0000000140)=r2}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r3, &(0x7f0000000040)}, 0x20)

kernel console output (not intermixed with test programs):

][ T7568]  </TASK>
[  113.080805][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.223014][ T7582] FAULT_INJECTION: forcing a failure.
[  113.223014][ T7582] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  113.236797][ T7582] CPU: 1 UID: 0 PID: 7582 Comm: syz.3.1399 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  113.236890][ T7582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  113.236923][ T7582] Call Trace:
[  113.236930][ T7582]  <TASK>
[  113.236939][ T7582]  __dump_stack+0x1d/0x30
[  113.236962][ T7582]  dump_stack_lvl+0xe8/0x140
[  113.236982][ T7582]  dump_stack+0x15/0x1b
[  113.236999][ T7582]  should_fail_ex+0x265/0x280
[  113.237061][ T7582]  should_fail+0xb/0x20
[  113.237094][ T7582]  should_fail_usercopy+0x1a/0x20
[  113.237179][ T7582]  _copy_to_user+0x20/0xa0
[  113.237205][ T7582]  simple_read_from_buffer+0xb5/0x130
[  113.237230][ T7582]  proc_fail_nth_read+0x10e/0x150
[  113.237299][ T7582]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  113.237356][ T7582]  vfs_read+0x1a8/0x770
[  113.237412][ T7582]  ? __rcu_read_unlock+0x4f/0x70
[  113.237438][ T7582]  ? __fget_files+0x184/0x1c0
[  113.237468][ T7582]  ksys_read+0xda/0x1a0
[  113.237500][ T7582]  __x64_sys_read+0x40/0x50
[  113.237524][ T7582]  x64_sys_call+0x27c0/0x3000
[  113.237625][ T7582]  do_syscall_64+0xd2/0x200
[  113.237651][ T7582]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  113.237679][ T7582]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  113.237703][ T7582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.237729][ T7582] RIP: 0033:0x7f08455ed8dc
[  113.237746][ T7582] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  113.237765][ T7582] RSP: 002b:00007f0844057030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  113.237785][ T7582] RAX: ffffffffffffffda RBX: 00007f0845845fa0 RCX: 00007f08455ed8dc
[  113.237840][ T7582] RDX: 000000000000000f RSI: 00007f08440570a0 RDI: 0000000000000006
[  113.237853][ T7582] RBP: 00007f0844057090 R08: 0000000000000000 R09: 0000000000000000
[  113.237866][ T7582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.237878][ T7582] R13: 00007f0845846038 R14: 00007f0845845fa0 R15: 00007ffec0f3cfd8
[  113.237898][ T7582]  </TASK>
[  113.241986][ T7588] loop1: detected capacity change from 0 to 512
[  113.310104][ T7592] loop3: detected capacity change from 0 to 512
[  113.327520][ T7588] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  113.454476][ T7592] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.484764][ T7588] EXT4-fs (loop1): mount failed
[  113.491154][ T7592] ext4 filesystem being mounted at /266/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.515033][ T7600] loop0: detected capacity change from 0 to 2048
[  113.530594][ T7600] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.543278][ T7588] loop1: detected capacity change from 0 to 2048
[  113.571009][ T7605] loop4: detected capacity change from 0 to 128
[  113.603018][ T7588]  loop1: p1 p2 p3
[  113.607771][ T3319] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.617357][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.640591][ T7605] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  113.672451][ T7605] ext4 filesystem being mounted at /299/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  113.715614][ T7613] loop1: detected capacity change from 0 to 128
[  113.789627][ T7620] loop7: detected capacity change from 0 to 16384
[  113.801874][ T7621] loop3: detected capacity change from 0 to 1024
[  113.811244][ T7621] EXT4-fs: Ignoring removed orlov option
[  113.841114][ T3312] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  113.853066][ T7621] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  113.869426][ T7621] ext4 filesystem being mounted at /268/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.909702][ T7621] lo speed is unknown, defaulting to 1000
[  113.938620][ T7632] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: comm syz.3.1414: lblock 0 mapped to illegal pblock 0 (length 1)
[  113.974852][ T7632] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  113.987241][ T7632] EXT4-fs (loop3): This should not happen!! Data will be lost
[  113.987241][ T7632] 
[  114.112035][ T7641] loop2: detected capacity change from 0 to 512
[  114.161512][ T7641] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.178736][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  114.190896][ T7641] ext4 filesystem being mounted at /279/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.209864][ T7645] netlink: 'syz.0.1421': attribute type 10 has an invalid length.
[  114.267630][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.276252][ T7649] loop3: detected capacity change from 0 to 512
[  114.295090][ T7649] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  114.318534][ T7649] EXT4-fs (loop3): mount failed
[  114.325714][ T7659] FAULT_INJECTION: forcing a failure.
[  114.325714][ T7659] name failslab, interval 1, probability 0, space 0, times 0
[  114.338705][ T7659] CPU: 1 UID: 0 PID: 7659 Comm: syz.4.1426 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  114.338756][ T7659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  114.338773][ T7659] Call Trace:
[  114.338781][ T7659]  <TASK>
[  114.338792][ T7659]  __dump_stack+0x1d/0x30
[  114.338820][ T7659]  dump_stack_lvl+0xe8/0x140
[  114.338848][ T7659]  dump_stack+0x15/0x1b
[  114.338872][ T7659]  should_fail_ex+0x265/0x280
[  114.338960][ T7659]  should_failslab+0x8c/0xb0
[  114.338989][ T7659]  __kmalloc_node_noprof+0xaa/0x580
[  114.339021][ T7659]  ? __vmalloc_node_range_noprof+0x410/0xed0
[  114.339067][ T7659]  __vmalloc_node_range_noprof+0x410/0xed0
[  114.339132][ T7659]  ? mntput+0x4b/0x80
[  114.339174][ T7659]  ? terminate_walk+0x27f/0x2a0
[  114.339211][ T7659]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[  114.339256][ T7659]  __vmalloc_noprof+0x83/0xc0
[  114.339360][ T7659]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[  114.339402][ T7659]  bpf_prog_alloc_no_stats+0x47/0x3b0
[  114.339443][ T7659]  ? bpf_prog_alloc+0x2a/0x150
[  114.339519][ T7659]  bpf_prog_alloc+0x3c/0x150
[  114.339574][ T7659]  bpf_prog_load+0x506/0x1100
[  114.339610][ T7659]  ? security_bpf+0x2b/0x90
[  114.339644][ T7659]  __sys_bpf+0x469/0x7c0
[  114.339690][ T7659]  __x64_sys_bpf+0x41/0x50
[  114.339732][ T7659]  x64_sys_call+0x2aee/0x3000
[  114.339760][ T7659]  do_syscall_64+0xd2/0x200
[  114.339792][ T7659]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  114.339871][ T7659]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  114.339900][ T7659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.339927][ T7659] RIP: 0033:0x7f5b032eeec9
[  114.339944][ T7659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.339962][ T7659] RSP: 002b:00007f5b01d57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  114.340015][ T7659] RAX: ffffffffffffffda RBX: 00007f5b03545fa0 RCX: 00007f5b032eeec9
[  114.340031][ T7659] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005
[  114.340120][ T7659] RBP: 00007f5b01d57090 R08: 0000000000000000 R09: 0000000000000000
[  114.340138][ T7659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  114.340153][ T7659] R13: 00007f5b03546038 R14: 00007f5b03545fa0 R15: 00007ffd842864c8
[  114.340173][ T7659]  </TASK>
[  114.340180][ T7659] syz.4.1426: vmalloc error: size 4096, failed to allocated page array size 8, mode:0x500dc2(GFP_HIGHUSER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0
[  114.588643][ T7659] CPU: 1 UID: 0 PID: 7659 Comm: syz.4.1426 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  114.588689][ T7659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  114.588705][ T7659] Call Trace:
[  114.588712][ T7659]  <TASK>
[  114.588720][ T7659]  __dump_stack+0x1d/0x30
[  114.588741][ T7659]  dump_stack_lvl+0xe8/0x140
[  114.588760][ T7659]  dump_stack+0x15/0x1b
[  114.588789][ T7659]  warn_alloc+0x12b/0x1a0
[  114.588833][ T7659]  __vmalloc_node_range_noprof+0x4b9/0xed0
[  114.588885][ T7659]  ? mntput+0x4b/0x80
[  114.588983][ T7659]  ? terminate_walk+0x27f/0x2a0
[  114.589013][ T7659]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[  114.589108][ T7659]  __vmalloc_noprof+0x83/0xc0
[  114.589136][ T7659]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[  114.589235][ T7659]  bpf_prog_alloc_no_stats+0x47/0x3b0
[  114.589342][ T7659]  ? bpf_prog_alloc+0x2a/0x150
[  114.589375][ T7659]  bpf_prog_alloc+0x3c/0x150
[  114.589415][ T7659]  bpf_prog_load+0x506/0x1100
[  114.589479][ T7659]  ? security_bpf+0x2b/0x90
[  114.589510][ T7659]  __sys_bpf+0x469/0x7c0
[  114.589560][ T7659]  __x64_sys_bpf+0x41/0x50
[  114.589662][ T7659]  x64_sys_call+0x2aee/0x3000
[  114.589693][ T7659]  do_syscall_64+0xd2/0x200
[  114.589720][ T7659]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  114.589749][ T7659]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  114.589784][ T7659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.589806][ T7659] RIP: 0033:0x7f5b032eeec9
[  114.589823][ T7659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.589842][ T7659] RSP: 002b:00007f5b01d57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  114.589879][ T7659] RAX: ffffffffffffffda RBX: 00007f5b03545fa0 RCX: 00007f5b032eeec9
[  114.589892][ T7659] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005
[  114.589928][ T7659] RBP: 00007f5b01d57090 R08: 0000000000000000 R09: 0000000000000000
[  114.589941][ T7659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  114.590015][ T7659] R13: 00007f5b03546038 R14: 00007f5b03545fa0 R15: 00007ffd842864c8
[  114.590035][ T7659]  </TASK>
[  114.590043][ T7659] Mem-Info:
[  114.773522][ T7671] loop1: detected capacity change from 0 to 512
[  114.776478][ T7659] active_anon:7462 inactive_anon:14948 isolated_anon:13
[  114.776478][ T7659]  active_file:20764 inactive_file:2315 isolated_file:0
[  114.776478][ T7659]  unevictable:0 dirty:212 writeback:18
[  114.776478][ T7659]  slab_reclaimable:3385 slab_unreclaimable:15517
[  114.776478][ T7659]  mapped:29310 shmem:17260 pagetables:1424
[  114.776478][ T7659]  sec_pagetables:0 bounce:0
[  114.776478][ T7659]  kernel_misc_reclaimable:0
[  114.776478][ T7659]  free:1835172 free_pcp:39241 free_cma:0
[  114.794126][ T7671] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  114.800590][ T7659] Node 0 active_anon:29848kB inactive_anon:59792kB active_file:83056kB inactive_file:9260kB unevictable:0kB isolated(anon):52kB isolated(file):0kB mapped:117240kB dirty:848kB writeback:72kB shmem:69040kB kernel_stack:3344kB pagetables:5696kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  114.804118][ T7671] EXT4-fs (loop1): mount failed
[  114.806799][ T7659] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  114.806927][ T7659] lowmem_reserve[]: 0 2883 7862 7862
[  114.937090][ T7659] Node 0 DMA32 free:2949156kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2952688kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:0kB free_cma:0kB
[  114.973792][ T7659] lowmem_reserve[]: 0 0 4978 4978
[  114.978968][ T7659] Node 0 Normal free:4375940kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:29616kB inactive_anon:59792kB active_file:83056kB inactive_file:9260kB unevictable:0kB writepending:920kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:153672kB local_pcp:131560kB free_cma:0kB
[  115.012946][ T7659] lowmem_reserve[]: 0 0 0 0
[  115.017817][ T7659] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  115.030581][ T7659] Node 0 DMA32: 3*4kB (M) 3*8kB (M) 6*16kB (M) 3*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949156kB
[  115.046978][ T7659] Node 0 Normal: 1*4kB (U) 2*8kB (UE) 2*16kB (ME) 24*32kB (UM) 223*64kB (M) 205*128kB (UME) 305*256kB (UME) 183*512kB (UME) 107*1024kB (UME) 55*2048kB (UM) 962*4096kB (UM) = 4375668kB
[  115.066252][ T7659] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  115.075679][ T7659] 40365 total pagecache pages
[  115.080367][ T7659] 32 pages in swap cache
[  115.084840][ T7659] Free swap  = 119060kB
[  115.089055][ T7659] Total swap = 124996kB
[  115.093232][ T7659] 2097051 pages RAM
[  115.097070][ T7659] 0 pages HighMem/MovableOnly
[  115.101849][ T7659] 80479 pages reserved
[  115.157137][ T7649] loop3: detected capacity change from 0 to 2048
[  115.194225][ T7649]  loop3: p1 p2 p3
[  115.205587][ T7683] loop0: detected capacity change from 0 to 512
[  115.238471][ T7683] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.262891][ T7683] ext4 filesystem being mounted at /322/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.314230][ T7690] capability: warning: `syz.2.1434' uses 32-bit capabilities (legacy support in use)
[  115.437833][ T3319] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.499751][ T7671] loop1: detected capacity change from 0 to 2048
[  115.576483][ T7671]  loop1: p1 p2 p3
[  115.975531][ T7698] loop0: detected capacity change from 0 to 512
[  115.987606][ T7701] loop2: detected capacity change from 0 to 512
[  116.011455][ T7698] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  116.011887][ T7701] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  116.035207][ T7701] EXT4-fs (loop2): mount failed
[  116.040222][ T7698] EXT4-fs (loop0): orphan cleanup on readonly fs
[  116.048830][ T7698] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1438: Failed to acquire dquot type 1
[  116.061685][ T7698] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1438: bg 0: block 40: padding at end of block bitmap is not set
[  116.076723][ T7698] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  116.085720][ T7698] EXT4-fs (loop0): 1 truncate cleaned up
[  116.185619][ T7701] loop2: detected capacity change from 0 to 2048
[  116.234877][ T7723] netlink: 'syz.1.1448': attribute type 10 has an invalid length.
[  116.270171][ T7701]  loop2: p1 p2 p3
[  116.336983][ T7725] loop1: detected capacity change from 0 to 512
[  116.352358][ T7728] loop2: detected capacity change from 0 to 512
[  116.358889][ T7729] loop3: detected capacity change from 0 to 512
[  116.374015][ T7725] ------------[ cut here ]------------
[  116.379551][ T7725] EA inode 11 i_nlink=2
[  116.379803][ T7725] WARNING: CPU: 0 PID: 7725 at fs/ext4/xattr.c:1058 ext4_xattr_inode_update_ref+0x36a/0x380
[  116.394616][ T7725] Modules linked in:
[  116.398768][ T7725] CPU: 0 UID: 0 PID: 7725 Comm: syz.1.1450 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  116.408706][ T7725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  116.418849][ T7725] RIP: 0010:ext4_xattr_inode_update_ref+0x36a/0x380
[  116.425548][ T7725] Code: 90 49 8d 7e 40 e8 66 01 b9 ff 4d 8b 6e 40 4c 89 e7 e8 7a fc b8 ff 41 8b 56 48 48 c7 c7 b2 4d 55 86 4c 89 ee e8 c7 08 68 ff 90 <0f> 0b 90 90 e9 ff fe ff ff e8 08 77 b0 03 0f 1f 84 00 00 00 00 00
[  116.445534][ T7725] RSP: 0018:ffffc90000f5b778 EFLAGS: 00010246
[  116.451715][ T7725] RAX: f295aa4722a3fe00 RBX: ffff8881004b2468 RCX: 0000000000080000
[  116.460019][ T7725] RDX: ffffc90002053000 RSI: 00000000000029e0 RDI: 00000000000029e1
[  116.468138][ T7725] RBP: 0000000000000002 R08: 0001c90000f5b5f7 R09: 0000000000000000
[  116.476200][ T7725] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff8881004b2418
[  116.484232][ T7725] R13: 000000000000000b R14: ffff8881004b23d0 R15: 0000000000000001
[  116.492324][ T7725] FS:  00007f17cf8376c0(0000) GS:ffff8882aee3a000(0000) knlGS:0000000000000000
[  116.501395][ T7725] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  116.508219][ T7725] CR2: 0000001b33d13ff8 CR3: 000000011b3ea000 CR4: 00000000003506f0
[  116.516298][ T7725] DR0: 0000000000000006 DR1: 0000000000000000 DR2: 0000000000000000
[  116.524497][ T7725] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  116.532668][ T7725] Call Trace:
[  116.536004][ T7725]  <TASK>
[  116.538977][ T7725]  ext4_xattr_inode_dec_ref_all+0x579/0x830
[  116.545062][ T7725]  ? errseq_check+0x2c/0x50
[  116.549613][ T7725]  ext4_xattr_delete_inode+0x6b7/0x790
[  116.555265][ T7725]  ext4_evict_inode+0xa6a/0xd90
[  116.560331][ T7725]  ? __pfx_ext4_evict_inode+0x10/0x10
[  116.565822][ T7725]  evict+0x2e3/0x550
[  116.569810][ T7725]  ? __dquot_initialize+0x146/0x7c0
[  116.575213][ T7725]  iput+0x4ed/0x650
[  116.579073][ T7725]  ext4_process_orphan+0x1a9/0x1c0
[  116.584386][ T7725]  ext4_orphan_cleanup+0x6a8/0xa00
[  116.589612][ T7725]  ext4_fill_super+0x3483/0x3810
[  116.594652][ T7725]  ? set_blocksize+0x1a8/0x310
[  116.599446][ T7725]  ? sb_set_blocksize+0x2a/0x100
[  116.604534][ T7725]  ? sb_set_blocksize+0xe3/0x100
[  116.609595][ T7725]  ? setup_bdev_super+0x30e/0x370
[  116.614734][ T7725]  ? __pfx_ext4_fill_super+0x10/0x10
[  116.620188][ T7725]  get_tree_bdev_flags+0x291/0x300
[  116.625468][ T7725]  ? __pfx_ext4_fill_super+0x10/0x10
[  116.630791][ T7725]  get_tree_bdev+0x1f/0x30
[  116.635351][ T7725]  ext4_get_tree+0x1c/0x30
[  116.639900][ T7725]  vfs_get_tree+0x57/0x1d0
[  116.644585][ T7725]  do_new_mount+0x24d/0x660
[  116.649173][ T7725]  path_mount+0x4a5/0xb70
[  116.653612][ T7725]  ? user_path_at+0x109/0x130
[  116.658430][ T7725]  __se_sys_mount+0x28c/0x2e0
[  116.663280][ T7725]  ? do_mkdirat+0x3ac/0x3f0
[  116.667834][ T7725]  __x64_sys_mount+0x67/0x80
[  116.672538][ T7725]  x64_sys_call+0x2b51/0x3000
[  116.677309][ T7725]  do_syscall_64+0xd2/0x200
[  116.681951][ T7725]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  116.688212][ T7725]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  116.694168][ T7725]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.700191][ T7725] RIP: 0033:0x7f17d0dd066a
[  116.704662][ T7725] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.724344][ T7725] RSP: 002b:00007f17cf836e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  116.732935][ T7725] RAX: ffffffffffffffda RBX: 00007f17cf836ef0 RCX: 00007f17d0dd066a
[  116.741117][ T7725] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f17cf836eb0
[  116.749212][ T7725] RBP: 0000200000000180 R08: 00007f17cf836ef0 R09: 0000000000800700
[  116.757293][ T7725] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  116.765623][ T7725] R13: 00007f17cf836eb0 R14: 000000000000046c R15: 0000200000000740
[  116.773885][ T7725]  </TASK>
[  116.777008][ T7725] ---[ end trace 0000000000000000 ]---
[  116.784749][ T7725] EXT4-fs (loop1): 1 orphan inode deleted
[  116.786056][ T7729] __quota_error: 182 callbacks suppressed
[  116.786076][ T7729] Quota error (device loop3): v2_read_file_info: Free block number 1 out of range (1, 6).
[  116.806456][ T7729] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  116.821620][ T7729] EXT4-fs (loop3): mount failed
[  116.893331][ T7729] loop3: detected capacity change from 0 to 2048
[  116.934100][ T7729]  loop3: p1 p2 p3
[  117.037578][ T7745] __nla_validate_parse: 6 callbacks suppressed
[  117.037596][ T7745] netlink: 191080 bytes leftover after parsing attributes in process `syz.1.1455'.
[  117.053369][ T7745] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  117.080216][ T7749] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1458'.
[  117.089368][ T7749] netlink: 'syz.3.1458': attribute type 30 has an invalid length.
[  117.188870][ T7757] loop1: detected capacity change from 0 to 512
[  117.203167][ T7757] ext4: Unknown parameter 'fowner>00000000000000060928'
[  117.311297][ T7763] loop1: detected capacity change from 0 to 512
[  117.328794][ T7763] ext4: Unknown parameter 'fowner>00000000000000060928'
[  117.372064][ T7765] loop0: detected capacity change from 0 to 512
[  117.443725][ T7765] Quota error (device loop0): v2_read_file_info: Free block number 1 out of range (1, 6).
[  117.460109][ T7765] EXT4-fs warning (device loop0): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  117.508472][ T7765] EXT4-fs (loop0): mount failed
[  117.653743][ T7742] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1454'.
[  117.664219][ T7765] loop0: detected capacity change from 0 to 2048
[  117.724675][ T7742] loop4: detected capacity change from 0 to 164
[  117.731952][ T7765]  loop0: p1 p2 p3
[  118.116866][ T7792] loop3: detected capacity change from 0 to 512
[  118.341278][   T29] audit: type=1400 audit(1760498371.029:4238): avc:  denied  { connect } for  pid=7804 comm="syz.3.1472" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  118.369925][ T7810] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1474'.
[  118.379583][ T7810] netlink: 'syz.1.1474': attribute type 30 has an invalid length.
[  118.526335][ T7828] loop2: detected capacity change from 0 to 512
[  118.535985][ T7829] netlink: 191080 bytes leftover after parsing attributes in process `syz.4.1480'.
[  118.546727][ T7829] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  118.575755][ T7828] ext4 filesystem being mounted at /293/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.581430][ T7833] FAULT_INJECTION: forcing a failure.
[  118.581430][ T7833] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  118.600016][ T7833] CPU: 0 UID: 0 PID: 7833 Comm: syz.3.1481 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  118.600107][ T7833] Tainted: [W]=WARN
[  118.600146][ T7833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  118.600160][ T7833] Call Trace:
[  118.600168][ T7833]  <TASK>
[  118.600186][ T7833]  __dump_stack+0x1d/0x30
[  118.600355][ T7833]  dump_stack_lvl+0xe8/0x140
[  118.600379][ T7833]  dump_stack+0x15/0x1b
[  118.600398][ T7833]  should_fail_ex+0x265/0x280
[  118.600522][ T7833]  should_fail+0xb/0x20
[  118.600564][ T7833]  should_fail_usercopy+0x1a/0x20
[  118.600592][ T7833]  _copy_from_user+0x1c/0xb0
[  118.600632][ T7833]  __sys_bpf+0x183/0x7c0
[  118.600758][ T7833]  __x64_sys_bpf+0x41/0x50
[  118.600797][ T7833]  x64_sys_call+0x2aee/0x3000
[  118.600826][ T7833]  do_syscall_64+0xd2/0x200
[  118.600866][ T7833]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  118.600903][ T7833]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  118.600933][ T7833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.600962][ T7833] RIP: 0033:0x7f08455eeec9
[  118.600982][ T7833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.601011][ T7833] RSP: 002b:00007f0844057038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  118.601035][ T7833] RAX: ffffffffffffffda RBX: 00007f0845845fa0 RCX: 00007f08455eeec9
[  118.601051][ T7833] RDX: 0000000000000038 RSI: 0000200000000700 RDI: 0000000000000018
[  118.601086][ T7833] RBP: 00007f0844057090 R08: 0000000000000000 R09: 0000000000000000
[  118.601119][ T7833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.601135][ T7833] R13: 00007f0845846038 R14: 00007f0845845fa0 R15: 00007ffec0f3cfd8
[  118.601161][ T7833]  </TASK>
[  118.829069][ T7844] lo speed is unknown, defaulting to 1000
[  118.847759][ T7844] lo speed is unknown, defaulting to 1000
[  118.854226][ T7844] lo speed is unknown, defaulting to 1000
[  118.860963][ T7844] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  118.871803][ T7844] lo speed is unknown, defaulting to 1000
[  118.932348][ T7844] lo speed is unknown, defaulting to 1000
[  119.000242][   T29] audit: type=1400 audit(1760498371.689:4239): avc:  denied  { ioctl } for  pid=7843 comm="syz.3.1484" path="socket:[18188]" dev="sockfs" ino=18188 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  119.103685][ T7844] lo speed is unknown, defaulting to 1000
[  119.110530][ T7844] lo speed is unknown, defaulting to 1000
[  119.117217][ T7844] lo speed is unknown, defaulting to 1000
[  119.508644][   T29] audit: type=1400 audit(1760498372.199:4240): avc:  denied  { relabelfrom } for  pid=7864 comm="syz.2.1492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  119.549121][   T29] audit: type=1400 audit(1760498372.199:4241): avc:  denied  { relabelto } for  pid=7864 comm="syz.2.1492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  119.639087][ T7877] lo speed is unknown, defaulting to 1000
[  119.722451][ T7880] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1496'.
[  119.737722][ T7877] lo speed is unknown, defaulting to 1000
[  119.755246][ T7880] loop0: detected capacity change from 0 to 512
[  119.776303][ T7886] loop2: detected capacity change from 0 to 512
[  119.927335][ T7898] netlink: 191080 bytes leftover after parsing attributes in process `syz.0.1503'.
[  119.936817][ T7898] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  120.390667][ T7906] loop0: detected capacity change from 0 to 32768
[  120.443422][ T7906]  loop0: p1 p3 < p5 p6 >
[  120.464210][ T7915] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1507'.
[  120.473270][ T7915] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1507'.
[  120.619161][ T7929] netlink: 'syz.0.1514': attribute type 10 has an invalid length.
[  120.655870][   T29] audit: type=1400 audit(1760498373.339:4242): avc:  denied  { write } for  pid=7932 comm="syz.0.1517" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  120.690565][ T7931] netlink: 191080 bytes leftover after parsing attributes in process `syz.4.1516'.
[  120.699959][ T7931] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  120.737405][   T29] audit: type=1400 audit(1760498373.379:4243): avc:  denied  { read write } for  pid=3319 comm="syz-executor" name="loop0" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  120.762275][   T29] audit: type=1400 audit(1760498373.379:4244): avc:  denied  { open } for  pid=3319 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  120.787155][   T29] audit: type=1400 audit(1760498373.379:4245): avc:  denied  { ioctl } for  pid=3319 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=100 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  120.958029][ T7947] loop1: detected capacity change from 0 to 512
[  120.965084][ T7947] ext4: Unknown parameter 'fowner>00000000000000060928'
[  121.284320][ T7962] bridge_slave_1: left allmulticast mode
[  121.290045][ T7962] bridge_slave_1: left promiscuous mode
[  121.295897][ T7962] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.315986][ T7962] bridge_slave_0: left allmulticast mode
[  121.321704][ T7962] bridge_slave_0: left promiscuous mode
[  121.327476][ T7962] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.352288][ T7962] bond0: (slave bridge0): Releasing backup interface
[  121.443715][ T7967] netlink: 'syz.0.1527': attribute type 30 has an invalid length.
[  121.450879][ T7969] tipc: Started in network mode
[  121.456666][ T7969] tipc: Node identity d2820dcfe29d, cluster identity 4711
[  121.464021][ T7969] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  121.626454][ T7980] tipc: Resetting bearer <eth:syzkaller0>
[  121.638815][ T7977] syzkaller0: entered promiscuous mode
[  121.684123][ T7982] netlink: 'syz.2.1532': attribute type 10 has an invalid length.
[  121.733892][ T7984] loop2: detected capacity change from 0 to 512
[  121.740525][ T7984] ext4: Unknown parameter 'fowner>00000000000000060928'
[  122.330339][ T7988] loop1: detected capacity change from 0 to 512
[  122.394900][ T7988] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1534: couldn't read orphan inode 26 (err -116)
[  122.409391][ T7988] ext4 filesystem being mounted at /275/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.420451][   T29] kauditd_printk_skb: 54 callbacks suppressed
[  122.420477][   T29] audit: type=1400 audit(1760498375.099:4300): avc:  denied  { mount } for  pid=7985 comm="syz.1.1534" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  122.684052][   T29] audit: type=1400 audit(1760498375.379:4301): avc:  denied  { read write } for  pid=7996 comm="syz.3.1535" name="rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  122.684365][   T10] tipc: Node number set to 807341519
[  122.708850][   T29] audit: type=1400 audit(1760498375.379:4302): avc:  denied  { open } for  pid=7996 comm="syz.3.1535" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  122.772923][   T29] audit: type=1400 audit(1760498375.429:4303): avc:  denied  { unmount } for  pid=3310 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  122.794824][ T7968] tipc: Resetting bearer <eth:syzkaller0>
[  122.802962][ T7968] tipc: Disabling bearer <eth:syzkaller0>
[  122.853481][ T8001] __nla_validate_parse: 3 callbacks suppressed
[  122.853498][ T8001] netlink: 191080 bytes leftover after parsing attributes in process `syz.1.1537'.
[  122.854031][ T8003] loop2: detected capacity change from 0 to 512
[  122.859960][ T8001] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  122.901223][ T7997] loop3: detected capacity change from 0 to 1024
[  122.920394][ T8003] Quota error (device loop2): v2_read_file_info: Free block number 1 out of range (1, 6).
[  122.930794][ T7997] EXT4-fs: Ignoring removed oldalloc option
[  122.938066][ T8003] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  122.940699][ T7997] EXT4-fs: Ignoring removed bh option
[  122.972861][ T8003] EXT4-fs (loop2): mount failed
[  122.991621][ T8007] lo speed is unknown, defaulting to 1000
[  123.019406][ T8003] loop2: detected capacity change from 0 to 2048
[  123.029989][ T8010] loop1: detected capacity change from 0 to 512
[  123.044454][ T8013] loop4: detected capacity change from 0 to 512
[  123.071205][ T8010] Quota error (device loop1): v2_read_file_info: Free block number 1 out of range (1, 6).
[  123.073336][ T8007] lo speed is unknown, defaulting to 1000
[  123.090894][ T8010] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  123.120053][   T29] audit: type=1400 audit(1760498375.779:4304): avc:  denied  { add_name } for  pid=7996 comm="syz.3.1535" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  123.141064][   T29] audit: type=1400 audit(1760498375.779:4305): avc:  denied  { create } for  pid=7996 comm="syz.3.1535" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  123.162139][   T29] audit: type=1400 audit(1760498375.799:4306): avc:  denied  { append } for  pid=7996 comm="syz.3.1535" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  123.184539][   T29] audit: type=1400 audit(1760498375.799:4307): avc:  denied  { open } for  pid=7996 comm="syz.3.1535" path="/286/file1/file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  123.227374][ T8010] EXT4-fs (loop1): mount failed
[  123.230959][ T8003]  loop2: p1 p2 p3
[  123.365452][ T8010] loop1: detected capacity change from 0 to 2048
[  123.395289][ T8026] netlink: 'syz.0.1544': attribute type 10 has an invalid length.
[  123.417363][ T8010]  loop1: p1 p2 p3
[  123.422540][  T143] Bluetooth: hci0: Frame reassembly failed (-84)
[  123.457357][ T8029] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1545'.
[  123.527444][ T8048] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1551'.
[  123.549657][ T8048] lo speed is unknown, defaulting to 1000
[  123.587542][ T8048] lo speed is unknown, defaulting to 1000
[  123.771015][ T8060] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1555'.
[  123.780190][ T8060] netlink: 'syz.0.1555': attribute type 30 has an invalid length.
[  123.836534][ T8065] netlink: 'syz.0.1557': attribute type 10 has an invalid length.
[  123.923852][ T8069] tipc: Started in network mode
[  123.928842][ T8069] tipc: Node identity ac14140f, cluster identity 4711
[  123.936072][ T8069] tipc: New replicast peer: 255.255.255.255
[  123.942303][ T8069] tipc: Enabled bearer <udp:s>, priority 10
[  124.311379][ T8091] lo speed is unknown, defaulting to 1000
[  124.347754][ T8091] lo speed is unknown, defaulting to 1000
[  124.362554][ T8093] loop2: detected capacity change from 0 to 512
[  124.411082][ T8095] loop1: detected capacity change from 0 to 512
[  124.435954][ T8096] FAULT_INJECTION: forcing a failure.
[  124.435954][ T8096] name failslab, interval 1, probability 0, space 0, times 0
[  124.448707][ T8096] CPU: 0 UID: 0 PID: 8096 Comm: syz.4.1566 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  124.448767][ T8096] Tainted: [W]=WARN
[  124.448774][ T8096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  124.448791][ T8096] Call Trace:
[  124.448799][ T8096]  <TASK>
[  124.448809][ T8096]  __dump_stack+0x1d/0x30
[  124.448843][ T8096]  dump_stack_lvl+0xe8/0x140
[  124.448870][ T8096]  dump_stack+0x15/0x1b
[  124.448891][ T8096]  should_fail_ex+0x265/0x280
[  124.449008][ T8096]  should_failslab+0x8c/0xb0
[  124.449044][ T8096]  kmem_cache_alloc_noprof+0x50/0x480
[  124.449072][ T8096]  ? alloc_empty_file+0x76/0x200
[  124.449111][ T8096]  alloc_empty_file+0x76/0x200
[  124.449193][ T8096]  path_openat+0x68/0x2170
[  124.449215][ T8096]  ? mntput+0x4b/0x80
[  124.449305][ T8096]  ? terminate_walk+0x27f/0x2a0
[  124.449341][ T8096]  ? trie_lookup_elem+0x3fe/0x430
[  124.449370][ T8096]  ? __rcu_read_unlock+0x4f/0x70
[  124.449400][ T8096]  ? _parse_integer_limit+0x170/0x190
[  124.449482][ T8096]  do_filp_open+0x109/0x230
[  124.449521][ T8096]  do_open_execat+0xd8/0x260
[  124.449549][ T8096]  alloc_bprm+0x25/0x350
[  124.449606][ T8096]  do_execveat_common+0x12e/0x750
[  124.449635][ T8096]  __x64_sys_execve+0x5c/0x70
[  124.449665][ T8096]  x64_sys_call+0x271a/0x3000
[  124.449688][ T8096]  do_syscall_64+0xd2/0x200
[  124.449720][ T8096]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  124.449793][ T8096]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  124.449822][ T8096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.449846][ T8096] RIP: 0033:0x7f5b032eeec9
[  124.449867][ T8096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.449913][ T8096] RSP: 002b:00007f5b01d15038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  124.449933][ T8096] RAX: ffffffffffffffda RBX: 00007f5b03546180 RCX: 00007f5b032eeec9
[  124.449948][ T8096] RDX: 0000200000000800 RSI: 0000000000000000 RDI: 0000200000000180
[  124.449964][ T8096] RBP: 00007f5b01d15090 R08: 0000000000000000 R09: 0000000000000000
[  124.449981][ T8096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  124.449999][ T8096] R13: 00007f5b03546218 R14: 00007f5b03546180 R15: 00007ffd842864c8
[  124.450025][ T8096]  </TASK>
[  124.715309][ T8100] netlink: 'syz.2.1569': attribute type 10 has an invalid length.
[  124.739359][ T8095] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  124.775422][ T8103] loop2: detected capacity change from 0 to 256
[  124.782238][ T8095] EXT4-fs (loop1): mount failed
[  124.821738][ T8095] loop1: detected capacity change from 0 to 2048
[  124.835454][ T8103] FAT-fs (loop2): IO charset maccentGuro not found
[  124.895809][ T8095]  loop1: p1 p2 p3
[  124.955133][   T10] tipc: Node number set to 2886997007
[  125.005235][ T8109] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1572'.
[  125.462237][ T8128] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10)
[  125.462742][ T3946] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  125.469061][ T8128] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  125.483140][ T8128] vhci_hcd vhci_hcd.0: Device attached
[  125.601874][ T8111] syz.0.1573 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  125.616473][ T8111] CPU: 0 UID: 0 PID: 8111 Comm: syz.0.1573 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  125.616559][ T8111] Tainted: [W]=WARN
[  125.616582][ T8111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  125.616600][ T8111] Call Trace:
[  125.616609][ T8111]  <TASK>
[  125.616619][ T8111]  __dump_stack+0x1d/0x30
[  125.616647][ T8111]  dump_stack_lvl+0xe8/0x140
[  125.616673][ T8111]  dump_stack+0x15/0x1b
[  125.616690][ T8111]  dump_header+0x81/0x220
[  125.616758][ T8111]  oom_kill_process+0x342/0x400
[  125.616790][ T8111]  out_of_memory+0x979/0xb80
[  125.616822][ T8111]  try_charge_memcg+0x610/0xa10
[  125.616863][ T8111]  obj_cgroup_charge_pages+0xa6/0x150
[  125.616943][ T8111]  __memcg_kmem_charge_page+0x9f/0x170
[  125.616983][ T8111]  __alloc_frozen_pages_noprof+0x188/0x360
[  125.617033][ T8111]  alloc_pages_mpol+0xb3/0x260
[  125.617062][ T8111]  ? alloc_pages_noprof+0xf4/0x130
[  125.617091][ T8111]  alloc_pages_noprof+0x90/0x130
[  125.617113][ T8111]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  125.617158][ T8111]  __kvmalloc_node_noprof+0x483/0x670
[  125.617272][ T8111]  ? ip_set_alloc+0x24/0x30
[  125.617301][ T8111]  ? ip_set_alloc+0x24/0x30
[  125.617327][ T8111]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  125.617361][ T8111]  ip_set_alloc+0x24/0x30
[  125.617399][ T8111]  hash_netiface_create+0x282/0x740
[  125.617449][ T8111]  ? __pfx_hash_netiface_create+0x10/0x10
[  125.617485][ T8111]  ip_set_create+0x3cc/0x970
[  125.617554][ T8111]  ? __nla_parse+0x40/0x60
[  125.617586][ T8111]  nfnetlink_rcv_msg+0x4c6/0x590
[  125.617694][ T8111]  netlink_rcv_skb+0x123/0x220
[  125.617781][ T8111]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  125.617823][ T8111]  nfnetlink_rcv+0x167/0x16c0
[  125.617909][ T8111]  ? kmem_cache_free+0xe4/0x3d0
[  125.617941][ T8111]  ? __kfree_skb+0x109/0x150
[  125.617977][ T8111]  ? nlmon_xmit+0x4f/0x60
[  125.618008][ T8111]  ? consume_skb+0x49/0x150
[  125.618108][ T8111]  ? nlmon_xmit+0x4f/0x60
[  125.618136][ T8111]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  125.618215][ T8111]  ? __dev_queue_xmit+0x1200/0x2000
[  125.618244][ T8111]  ? __dev_queue_xmit+0x182/0x2000
[  125.618275][ T8111]  ? ref_tracker_free+0x37d/0x3e0
[  125.618347][ T8111]  ? __netlink_deliver_tap+0x4dc/0x500
[  125.618394][ T8111]  netlink_unicast+0x5c0/0x690
[  125.618430][ T8111]  netlink_sendmsg+0x58b/0x6b0
[  125.618514][ T8111]  ? __pfx_netlink_sendmsg+0x10/0x10
[  125.618662][ T8111]  __sock_sendmsg+0x145/0x180
[  125.618769][ T8111]  ____sys_sendmsg+0x31e/0x4e0
[  125.618816][ T8111]  ___sys_sendmsg+0x17b/0x1d0
[  125.618862][ T8111]  __x64_sys_sendmsg+0xd4/0x160
[  125.618958][ T8111]  x64_sys_call+0x191e/0x3000
[  125.618988][ T8111]  do_syscall_64+0xd2/0x200
[  125.619014][ T8111]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  125.619071][ T8111]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  125.619103][ T8111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.619134][ T8111] RIP: 0033:0x7f1c3891eec9
[  125.619155][ T8111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.619183][ T8111] RSP: 002b:00007f1c3737f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  125.619267][ T8111] RAX: ffffffffffffffda RBX: 00007f1c38b75fa0 RCX: 00007f1c3891eec9
[  125.619286][ T8111] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  125.619305][ T8111] RBP: 00007f1c389a1f91 R08: 0000000000000000 R09: 0000000000000000
[  125.619323][ T8111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  125.619341][ T8111] R13: 00007f1c38b76038 R14: 00007f1c38b75fa0 R15: 00007fff4da5eff8
[  125.619364][ T8111]  </TASK>
[  125.619390][ T8111] memory: usage 307200kB, limit 307200kB, failcnt 316
[  125.772759][ T3398] usb 3-1: new low-speed USB device number 2 using vhci_hcd
[  125.773230][ T8111] memory+swap: usage 307392kB, limit 9007199254740988kB, failcnt 0
[  125.998833][ T8111] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[  126.006185][ T8111] Memory cgroup stats for /syz0:
[  126.009491][ T8111] cache 0
[  126.017925][ T8111] rss 0
[  126.020747][ T8111] shmem 0
[  126.023980][ T8111] mapped_file 0
[  126.027496][ T8111] dirty 0
[  126.030579][ T8111] writeback 0
[  126.033915][ T8111] workingset_refault_anon 72
[  126.038618][ T8111] workingset_refault_file 655
[  126.043750][ T8111] swap 196608
[  126.047390][ T8111] swapcached 4096
[  126.050921][ T8134] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1581'.
[  126.051112][ T8111] pgpgin 137578
[  126.051125][ T8111] pgpgout 137576
[  126.051132][ T8111] pgfault 143694
[  126.051139][ T8111] pgmajfault 58
[  126.051146][ T8111] inactive_anon 0
[  126.051191][ T8111] active_anon 4096
[  126.060239][ T8134] netlink: 'syz.3.1581': attribute type 30 has an invalid length.
[  126.063657][ T8111] inactive_file 0
[  126.094236][ T8111] active_file 4096
[  126.098078][ T8111] unevictable 0
[  126.101710][ T8111] hierarchical_memory_limit 314572800
[  126.107171][ T8111] hierarchical_memsw_limit 9223372036854771712
[  126.113484][ T8111] total_cache 0
[  126.117080][ T8111] total_rss 0
[  126.120438][ T8111] total_shmem 0
[  126.123278][ T8137] loop3: detected capacity change from 0 to 512
[  126.123984][ T8111] total_mapped_file 0
[  126.134430][ T8111] total_dirty 0
[  126.137927][ T8111] total_writeback 0
[  126.141954][ T8111] total_workingset_refault_anon 72
[  126.147173][ T8111] total_workingset_refault_file 655
[  126.149185][ T8138] lo speed is unknown, defaulting to 1000
[  126.152559][ T8111] total_swap 196608
[  126.152633][ T8111] total_swapcached 4096
[  126.152640][ T8111] total_pgpgin 137578
[  126.170520][ T8111] total_pgpgout 137576
[  126.174765][ T8111] total_pgfault 143694
[  126.178885][ T8111] total_pgmajfault 58
[  126.183007][ T8111] total_inactive_anon 0
[  126.187177][ T8111] total_active_anon 4096
[  126.191477][ T8111] total_inactive_file 0
[  126.195777][ T8111] total_active_file 4096
[  126.197091][ T8138] lo speed is unknown, defaulting to 1000
[  126.200073][ T8111] total_unevictable 0
[  126.200099][ T8111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null)
[  126.205986][ T8129] vhci_hcd: connection reset by peer
[  126.210051][ T8111] ,cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.1573,pid=8110,uid=0
[  126.224411][ T8141] loop2: detected capacity change from 0 to 512
[  126.232502][ T8111] Memory cgroup out of memory: Killed process 8110 (syz.0.1573) total-vm:93824kB, anon-rss:1136kB, file-rss:22180kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  126.239163][   T31] vhci_hcd: stop threads
[  126.260597][   T31] vhci_hcd: release socket
[  126.265074][   T31] vhci_hcd: disconnect device
[  126.273980][ T8137] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  126.290411][ T8137] EXT4-fs (loop3): mount failed
[  126.319070][ T8137] loop3: detected capacity change from 0 to 2048
[  126.353026][ T8143] netlink: 191080 bytes leftover after parsing attributes in process `syz.2.1584'.
[  126.362851][ T8143] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  126.384207][ T8137]  loop3: p1 p2 p3
[  126.423245][ T8147] loop2: detected capacity change from 0 to 512
[  126.430158][ T8147] ext4: Unknown parameter 'fowner>00000000000000060928'
[  126.558836][ T8159] loop0: detected capacity change from 0 to 512
[  126.574456][ T8159] ext4 filesystem being mounted at /355/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  126.615718][ T8159] EXT4-fs error (device loop0): ext4_do_update_inode:5624: inode #2: comm syz.0.1591: corrupted inode contents
[  126.635940][ T8159] EXT4-fs error (device loop0): ext4_dirty_inode:6509: inode #2: comm syz.0.1591: mark_inode_dirty error
[  126.651278][ T8159] EXT4-fs error (device loop0): ext4_do_update_inode:5624: inode #2: comm syz.0.1591: corrupted inode contents
[  126.720143][ T8176] loop1: detected capacity change from 0 to 512
[  126.746691][ T8176] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  126.762086][ T8176] EXT4-fs (loop1): mount failed
[  126.765039][ T8182] loop3: detected capacity change from 0 to 512
[  126.786048][ T8176] loop1: detected capacity change from 0 to 2048
[  126.794417][ T8178] netlink: 191080 bytes leftover after parsing attributes in process `syz.0.1597'.
[  126.804089][ T8178] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  126.812839][ T8182] ext4: Unknown parameter 'fowner>00000000000000060928'
[  126.834419][ T8176]  loop1: p1 p2 p3
[  126.888415][ T8190] loop3: detected capacity change from 0 to 128
[  126.931529][ T8190] FAULT_INJECTION: forcing a failure.
[  126.931529][ T8190] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  126.944798][ T8190] CPU: 0 UID: 0 PID: 8190 Comm: syz.3.1603 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  126.944910][ T8190] Tainted: [W]=WARN
[  126.944918][ T8190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  126.944935][ T8190] Call Trace:
[  126.944944][ T8190]  <TASK>
[  126.944952][ T8190]  __dump_stack+0x1d/0x30
[  126.944978][ T8190]  dump_stack_lvl+0xe8/0x140
[  126.945003][ T8190]  dump_stack+0x15/0x1b
[  126.945061][ T8190]  should_fail_ex+0x265/0x280
[  126.945120][ T8190]  should_fail+0xb/0x20
[  126.945155][ T8190]  should_fail_usercopy+0x1a/0x20
[  126.945178][ T8190]  _copy_from_user+0x1c/0xb0
[  126.945257][ T8190]  io_submit_one+0x52/0x11d0
[  126.945297][ T8190]  __se_sys_io_submit+0xfb/0x280
[  126.945330][ T8190]  __x64_sys_io_submit+0x43/0x50
[  126.945424][ T8190]  x64_sys_call+0x2d6c/0x3000
[  126.945495][ T8190]  do_syscall_64+0xd2/0x200
[  126.945521][ T8190]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  126.945552][ T8190]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  126.945650][ T8190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.945674][ T8190] RIP: 0033:0x7f08455eeec9
[  126.945691][ T8190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.945710][ T8190] RSP: 002b:00007f0844057038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  126.945740][ T8190] RAX: ffffffffffffffda RBX: 00007f0845845fa0 RCX: 00007f08455eeec9
[  126.945754][ T8190] RDX: 0000200000001d00 RSI: 0000000000000002 RDI: 00007f084401e000
[  126.945767][ T8190] RBP: 00007f0844057090 R08: 0000000000000000 R09: 0000000000000000
[  126.945781][ T8190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  126.945794][ T8190] R13: 00007f0845846038 R14: 00007f0845845fa0 R15: 00007ffec0f3cfd8
[  126.945887][ T8190]  </TASK>
[  127.169951][ T8199] FAULT_INJECTION: forcing a failure.
[  127.169951][ T8199] name failslab, interval 1, probability 0, space 0, times 0
[  127.182740][ T8199] CPU: 1 UID: 0 PID: 8199 Comm: syz.0.1606 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  127.182853][ T8199] Tainted: [W]=WARN
[  127.182859][ T8199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  127.182872][ T8199] Call Trace:
[  127.182881][ T8199]  <TASK>
[  127.182891][ T8199]  __dump_stack+0x1d/0x30
[  127.182917][ T8199]  dump_stack_lvl+0xe8/0x140
[  127.182942][ T8199]  dump_stack+0x15/0x1b
[  127.182965][ T8199]  should_fail_ex+0x265/0x280
[  127.183134][ T8199]  ? audit_log_d_path+0x8d/0x150
[  127.183162][ T8199]  should_failslab+0x8c/0xb0
[  127.183197][ T8199]  __kmalloc_cache_noprof+0x4c/0x4a0
[  127.183312][ T8199]  audit_log_d_path+0x8d/0x150
[  127.183334][ T8199]  audit_log_d_path_exe+0x42/0x70
[  127.183355][ T8199]  audit_log_task+0x1e9/0x250
[  127.183398][ T8199]  ? kstrtouint+0x76/0xc0
[  127.183521][ T8199]  audit_seccomp+0x61/0x100
[  127.183556][ T8199]  ? __seccomp_filter+0x82d/0x1250
[  127.183651][ T8199]  __seccomp_filter+0x83e/0x1250
[  127.183703][ T8199]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  127.183780][ T8199]  ? vfs_write+0x7e8/0x960
[  127.183804][ T8199]  ? __rcu_read_unlock+0x4f/0x70
[  127.183829][ T8199]  ? __fget_files+0x184/0x1c0
[  127.183887][ T8199]  __secure_computing+0x82/0x150
[  127.183923][ T8199]  syscall_trace_enter+0xcf/0x1e0
[  127.183975][ T8199]  do_syscall_64+0xac/0x200
[  127.184000][ T8199]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  127.184063][ T8199]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  127.184090][ T8199]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.184112][ T8199] RIP: 0033:0x7f1c3891eec9
[  127.184132][ T8199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.184276][ T8199] RSP: 002b:00007f1c3737f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf
[  127.184302][ T8199] RAX: ffffffffffffffda RBX: 00007f1c38b75fa0 RCX: 00007f1c3891eec9
[  127.184315][ T8199] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  127.184343][ T8199] RBP: 00007f1c3737f090 R08: 0000000000000000 R09: 0000000000000000
[  127.184358][ T8199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.184373][ T8199] R13: 00007f1c38b76038 R14: 00007f1c38b75fa0 R15: 00007fff4da5eff8
[  127.184394][ T8199]  </TASK>
[  127.430881][   T29] kauditd_printk_skb: 140 callbacks suppressed
[  127.430898][   T29] audit: type=1326 audit(1760498380.119:4445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8198 comm="syz.0.1606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f1c38951785 code=0x7ffc0000
[  127.466311][   T29] audit: type=1326 audit(1760498380.119:4446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8198 comm="syz.0.1606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f1c3891d8dc code=0x7ffc0000
[  127.489818][   T29] audit: type=1326 audit(1760498380.119:4447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8198 comm="syz.0.1606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f1c3891d97f code=0x7ffc0000
[  127.513560][   T29] audit: type=1326 audit(1760498380.119:4448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8198 comm="syz.0.1606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f1c3891db2a code=0x7ffc0000
[  127.537750][   T29] audit: type=1326 audit(1760498380.119:4449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8198 comm="syz.0.1606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c3891eec9 code=0x7ffc0000
[  127.561833][   T29] audit: type=1326 audit(1760498380.119:4450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8198 comm="syz.0.1606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c3891eec9 code=0x7ffc0000
[  127.586135][   T29] audit: type=1326 audit(1760498380.119:4451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8198 comm="syz.0.1606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f1c3891eec9 code=0x7ffc0000
[  127.610454][   T29] audit: type=1326 audit(1760498380.129:4452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8198 comm="syz.0.1606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f1c3891eec9 code=0x7ffc0000
[  127.648896][   T29] audit: type=1400 audit(1760498380.159:4453): avc:  denied  { unmount } for  pid=3316 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  127.657912][ T8206] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1609'.
[  127.678066][ T8206] netlink: 'syz.4.1609': attribute type 30 has an invalid length.
[  127.747837][ T8210] lo speed is unknown, defaulting to 1000
[  127.754691][ T8212] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1611'.
[  127.764511][ T8212] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  127.800168][   T29] audit: type=1400 audit(1760498380.489:4454): avc:  denied  { append } for  pid=8217 comm="syz.4.1614" name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  127.828496][ T8216] loop3: detected capacity change from 0 to 512
[  127.835416][ T8218] usb usb1: usbfs: process 8218 (syz.4.1614) did not claim interface 1 before use
[  127.848194][ T8210] lo speed is unknown, defaulting to 1000
[  128.101999][ T8244] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1626'.
[  128.111512][ T8244] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  128.229108][ T8250] loop4: detected capacity change from 0 to 512
[  128.328226][ T8250] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  128.347945][ T8250] EXT4-fs (loop4): mount failed
[  128.367478][ T8250] loop4: detected capacity change from 0 to 2048
[  128.425729][ T8250]  loop4: p1 p2 p3
[  128.570619][ T8286] loop4: detected capacity change from 0 to 1024
[  128.590630][ T8286] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1639'.
[  128.633325][ T8299] netlink: 'syz.3.1643': attribute type 10 has an invalid length.
[  128.688159][ T8305] FAULT_INJECTION: forcing a failure.
[  128.688159][ T8305] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  128.701848][ T8305] CPU: 0 UID: 0 PID: 8305 Comm: syz.2.1645 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  128.701893][ T8305] Tainted: [W]=WARN
[  128.701902][ T8305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  128.701919][ T8305] Call Trace:
[  128.701928][ T8305]  <TASK>
[  128.701937][ T8305]  __dump_stack+0x1d/0x30
[  128.701959][ T8305]  dump_stack_lvl+0xe8/0x140
[  128.702038][ T8305]  dump_stack+0x15/0x1b
[  128.702073][ T8305]  should_fail_ex+0x265/0x280
[  128.702119][ T8305]  should_fail+0xb/0x20
[  128.702236][ T8305]  should_fail_usercopy+0x1a/0x20
[  128.702265][ T8305]  strncpy_from_user+0x25/0x230
[  128.702303][ T8305]  ? refill_obj_stock+0x254/0x2e0
[  128.702434][ T8305]  strncpy_from_user_nofault+0x68/0xf0
[  128.702478][ T8305]  bpf_probe_read_compat_str+0xb4/0x130
[  128.702549][ T8305]  bpf_prog_95f2e3557e98b35e+0x3e/0x44
[  128.702573][ T8305]  bpf_trace_run2+0x107/0x1c0
[  128.702608][ T8305]  ? nf_tables_set_elem_destroy+0x198/0x1b0
[  128.702674][ T8305]  ? nf_tables_set_elem_destroy+0x198/0x1b0
[  128.702703][ T8305]  kfree+0x351/0x400
[  128.702736][ T8305]  nf_tables_set_elem_destroy+0x198/0x1b0
[  128.702799][ T8305]  nft_rbtree_destroy+0x4a/0x80
[  128.702842][ T8305]  nft_set_destroy+0x14a/0x460
[  128.702872][ T8305]  __nft_release_table+0x615/0x8c0
[  128.702984][ T8305]  ? __pfx_autoremove_wake_function+0x10/0x10
[  128.703046][ T8305]  nft_rcv_nl_event+0x334/0x3d0
[  128.703079][ T8305]  ? __pfx_nft_rcv_nl_event+0x10/0x10
[  128.703116][ T8305]  blocking_notifier_call_chain+0x9b/0x1f0
[  128.703150][ T8305]  netlink_release+0xac2/0xf40
[  128.703258][ T8305]  sock_close+0x6b/0x150
[  128.703303][ T8305]  ? __pfx_sock_close+0x10/0x10
[  128.703348][ T8305]  __fput+0x29b/0x650
[  128.703458][ T8305]  fput_close_sync+0x6e/0x120
[  128.703498][ T8305]  __x64_sys_close+0x56/0xf0
[  128.703538][ T8305]  x64_sys_call+0x273c/0x3000
[  128.703566][ T8305]  do_syscall_64+0xd2/0x200
[  128.703604][ T8305]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  128.703645][ T8305]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  128.703670][ T8305]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.703695][ T8305] RIP: 0033:0x7ff06db8eec9
[  128.703714][ T8305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.703739][ T8305] RSP: 002b:00007ff06c5f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  128.703765][ T8305] RAX: ffffffffffffffda RBX: 00007ff06dde5fa0 RCX: 00007ff06db8eec9
[  128.703794][ T8305] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[  128.703811][ T8305] RBP: 00007ff06c5f7090 R08: 0000000000000000 R09: 0000000000000000
[  128.703824][ T8305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  128.703837][ T8305] R13: 00007ff06dde6038 R14: 00007ff06dde5fa0 R15: 00007ffd0a7b69d8
[  128.703863][ T8305]  </TASK>
[  128.729892][ T8309] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1647'.
[  128.793202][ T8311] loop2: detected capacity change from 0 to 512
[  128.797881][ T8309] netlink: 'syz.3.1647': attribute type 30 has an invalid length.
[  128.805339][ T8311] ext4: Unknown parameter 'fowner>00000000000000060928'
[  128.883052][ T8319] loop3: detected capacity change from 0 to 1024
[  129.031347][ T8319] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  129.044317][ T8319] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.1651: Invalid block bitmap block 0 in block_group 0
[  129.058586][ T8319] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.1651: Failed to acquire dquot type 0
[  129.070736][ T8319] EXT4-fs error (device loop3): ext4_free_blocks:6706: comm syz.3.1651: Freeing blocks not in datazone - block = 0, count = 4096
[  129.085040][ T8319] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.1651: Invalid inode bitmap blk 0 in block_group 0
[  129.096658][ T8319] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[  129.106458][  T143] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:4: Failed to release dquot type 0
[  129.131518][ T8319] EXT4-fs (loop3): 1 orphan inode deleted
[  129.161808][   T37] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:2: Failed to release dquot type 0
[  129.200514][ T8339] loop4: detected capacity change from 0 to 256
[  129.209947][ T8341] 9pnet_virtio: no channels available for device 127.0.0.1
[  129.241109][ T8339] FAT-fs (loop4): IO charset maccentGuro not found
[  129.262339][ T8349] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1661'.
[  129.272299][ T8349] netlink: 'syz.3.1661': attribute type 30 has an invalid length.
[  129.288825][ T8347] loop0: detected capacity change from 0 to 512
[  129.307122][ T8347] ext4 filesystem being mounted at /371/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  129.350442][ T8356] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1663'.
[  129.359851][ T8356] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  129.445832][ T8359] loop0: detected capacity change from 0 to 512
[  129.455061][ T8359] EXT4-fs (loop0): failed to initialize system zone (-117)
[  129.462489][ T8359] EXT4-fs (loop0): mount failed
[  129.719459][ T8385] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1674'.
[  129.728438][ T8385] netlink: 'syz.0.1674': attribute type 30 has an invalid length.
[  129.758804][ T8387] FAULT_INJECTION: forcing a failure.
[  129.758804][ T8387] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  129.772667][ T8387] CPU: 0 UID: 0 PID: 8387 Comm: syz.0.1675 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  129.772711][ T8387] Tainted: [W]=WARN
[  129.772721][ T8387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  129.772737][ T8387] Call Trace:
[  129.772747][ T8387]  <TASK>
[  129.772817][ T8387]  __dump_stack+0x1d/0x30
[  129.772845][ T8387]  dump_stack_lvl+0xe8/0x140
[  129.772901][ T8387]  dump_stack+0x15/0x1b
[  129.772923][ T8387]  should_fail_ex+0x265/0x280
[  129.772977][ T8387]  should_fail+0xb/0x20
[  129.773015][ T8387]  should_fail_usercopy+0x1a/0x20
[  129.773044][ T8387]  _copy_from_user+0x1c/0xb0
[  129.773108][ T8387]  __sys_bpf+0x183/0x7c0
[  129.773156][ T8387]  __x64_sys_bpf+0x41/0x50
[  129.773185][ T8387]  x64_sys_call+0x2aee/0x3000
[  129.773208][ T8387]  do_syscall_64+0xd2/0x200
[  129.773277][ T8387]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  129.773303][ T8387]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.773342][ T8387] RIP: 0033:0x7f1c3891eec9
[  129.773363][ T8387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.773494][ T8387] RSP: 002b:00007f1c3737f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  129.773519][ T8387] RAX: ffffffffffffffda RBX: 00007f1c38b75fa0 RCX: 00007f1c3891eec9
[  129.773537][ T8387] RDX: 0000000000000050 RSI: 00002000000003c0 RDI: 000000000000000a
[  129.773555][ T8387] RBP: 00007f1c3737f090 R08: 0000000000000000 R09: 0000000000000000
[  129.773616][ T8387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.773633][ T8387] R13: 00007f1c38b76038 R14: 00007f1c38b75fa0 R15: 00007fff4da5eff8
[  129.773655][ T8387]  </TASK>
[  130.175454][ T8400] lo speed is unknown, defaulting to 1000
[  130.194945][ T8404] loop4: detected capacity change from 0 to 512
[  130.304744][ T8400] lo speed is unknown, defaulting to 1000
[  130.460010][ T8415] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1686'.
[  130.469687][ T8415] netlink: 'syz.4.1686': attribute type 30 has an invalid length.
[  130.822752][ T3398] usb 3-1: enqueue for inactive port 0
[  130.832035][ T3398] usb 3-1: enqueue for inactive port 0
[  130.837837][ T8436] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1695'.
[  130.912806][ T3398] vhci_hcd: vhci_device speed not set
[  131.219516][ T8453] atomic_op ffff88811ae50d28 conn xmit_atomic 0000000000000000
[  131.313893][ T8455] block device autoloading is deprecated and will be removed.
[  131.650225][ T8466] loop0: detected capacity change from 0 to 512
[  131.671023][ T8466] EXT4-fs: Ignoring removed bh option
[  131.680734][ T8466] EXT4-fs: Ignoring removed mblk_io_submit option
[  131.694428][ T8466] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  131.718442][ T8468] loop4: detected capacity change from 0 to 512
[  131.758408][ T8466] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  131.766867][ T8468] ext4: Unknown parameter 'fowner>00000000000000060928'
[  131.785062][ T8466] EXT4-fs (loop0): orphan cleanup on readonly fs
[  131.794989][ T8466] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1706: Failed to acquire dquot type 1
[  131.808527][ T8466] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.1706: Invalid block bitmap block 0 in block_group 0
[  131.828994][ T8466] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.1706: Invalid block bitmap block 0 in block_group 0
[  131.848501][ T8442] syz.2.1696 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  131.859726][ T8442] CPU: 1 UID: 0 PID: 8442 Comm: syz.2.1696 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  131.859761][ T8442] Tainted: [W]=WARN
[  131.859873][ T8442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  131.859889][ T8442] Call Trace:
[  131.859897][ T8442]  <TASK>
[  131.859906][ T8442]  __dump_stack+0x1d/0x30
[  131.859931][ T8442]  dump_stack_lvl+0xe8/0x140
[  131.859952][ T8442]  dump_stack+0x15/0x1b
[  131.859971][ T8442]  dump_header+0x81/0x220
[  131.860035][ T8442]  oom_kill_process+0x342/0x400
[  131.860070][ T8442]  out_of_memory+0x979/0xb80
[  131.860106][ T8442]  try_charge_memcg+0x610/0xa10
[  131.860206][ T8442]  charge_memcg+0x51/0xc0
[  131.860230][ T8442]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  131.860258][ T8442]  __read_swap_cache_async+0x17b/0x2d0
[  131.860373][ T8442]  swap_cluster_readahead+0x262/0x3c0
[  131.860402][ T8442]  swapin_readahead+0xde/0x6f0
[  131.860423][ T8442]  ? mod_memcg_lruvec_state+0x1fc/0x2c0
[  131.860488][ T8442]  ? __lruvec_stat_mod_folio+0xd6/0x120
[  131.860519][ T8442]  ? __rcu_read_unlock+0x4f/0x70
[  131.860547][ T8442]  ? swap_cache_get_folio+0x277/0x280
[  131.860586][ T8442]  do_swap_page+0x2ae/0x2370
[  131.860646][ T8442]  ? css_rstat_updated+0xb7/0x240
[  131.860740][ T8442]  ? __pfx_default_wake_function+0x10/0x10
[  131.860771][ T8442]  handle_mm_fault+0x9a5/0x2be0
[  131.860796][ T8442]  ? vma_start_read+0x141/0x1f0
[  131.860846][ T8442]  do_user_addr_fault+0x630/0x1080
[  131.860949][ T8442]  exc_page_fault+0x62/0xa0
[  131.860972][ T8442]  asm_exc_page_fault+0x26/0x30
[  131.860995][ T8442] RIP: 0033:0x7ff06da657a8
[  131.861013][ T8442] Code: 48 f7 f1 48 01 d8 49 39 c4 4c 0f 42 e0 83 3d 1a 26 38 00 00 0f 8e 09 fe ff ff e8 13 9d fe ff 49 39 c4 72 66 66 0f 1f 44 00 00 <69> 3d e6 fe ea 00 e8 03 00 00 48 8d 1d e7 07 38 00 e8 62 96 12 00
[  131.861035][ T8442] RSP: 002b:00007ffd0a7b6b40 EFLAGS: 00010202
[  131.861054][ T8442] RAX: 00000000000202b1 RBX: 00007ff06dde7da0 RCX: 000000000001ffb8
[  131.861068][ T8442] RDX: 00000000000002f9 RSI: 00007ffd0a7b6b20 RDI: 0000000000000001
[  131.861083][ T8442] RBP: 00007ff06dde7da0 R08: 000000002d68561c R09: 7fffffffffffffff
[  131.861098][ T8442] R10: 3fffffffffffffff R11: 0000000000000293 R12: 00000000000202c1
[  131.861112][ T8442] R13: 00007ffd0a7b6c30 R14: ffffffffffffffff R15: 00007ffd0a7b6c50
[  131.861156][ T8442]  </TASK>
[  131.861196][ T8442] memory: usage 307200kB, limit 307200kB, failcnt 327
[  131.986265][ T8480] lo speed is unknown, defaulting to 1000
[  131.990288][ T8442] memory+swap: usage 307556kB, limit 9007199254740988kB, failcnt 0
[  132.024661][ T8466] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.1706: Invalid block bitmap block 0 in block_group 0
[  132.039283][ T8442] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[  132.039307][ T8442] Memory cgroup stats for 
[  132.120308][ T8481] loop3: detected capacity change from 0 to 512
[  132.124504][ T8442] /syz2
[  132.137417][ T8466] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1706: Failed to acquire dquot type 1
[  132.143301][ T8442] :
[  132.165360][ T8480] lo speed is unknown, defaulting to 1000
[  132.174462][ T8442] cache 0
[  132.177751][ T8442] rss 0
[  132.179383][ T8466] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1706: Failed to acquire dquot type 1
[  132.180609][ T8442] shmem 0
[  132.180621][ T8442] mapped_file 0
[  132.180630][ T8442] dirty 0
[  132.195399][ T8466] EXT4-fs (loop0): 1 orphan inode deleted
[  132.198418][ T8442] writeback 4096
[  132.198430][ T8442] workingset_refault_anon 102
[  132.198441][ T8442] workingset_refault_file 971
[  132.220321][ T8442] swap 364544
[  132.223691][ T8442] swapcached 8192
[  132.227343][ T8442] pgpgin 144145
[  132.230837][ T8485] loop1: detected capacity change from 0 to 512
[  132.230902][ T8442] pgpgout 144142
[  132.230914][ T8442] pgfault 136656
[  132.245224][ T8442] pgmajfault 64
[  132.248784][ T8442] inactive_anon 4096
[  132.249292][ T8485] ext4: Unknown parameter 'fowner>00000000000000060928'
[  132.252714][ T8442] active_anon 4096
[  132.252735][ T8442] inactive_file 0
[  132.252745][ T8442] active_file 4096
[  132.271046][ T8442] unevictable 0
[  132.274570][ T8442] hierarchical_memory_limit 314572800
[  132.279971][ T8442] hierarchical_memsw_limit 9223372036854771712
[  132.286270][ T8442] total_cache 0
[  132.289802][ T8442] total_rss 0
[  132.293223][ T8442] total_shmem 0
[  132.296772][ T8442] total_mapped_file 0
[  132.300785][ T8442] total_dirty 0
[  132.304440][ T8442] total_writeback 4096
[  132.308706][ T8442] total_workingset_refault_anon 102
[  132.313997][ T8442] total_workingset_refault_file 971
[  132.319275][ T8442] total_swap 364544
[  132.323690][ T8442] total_swapcached 8192
[  132.327917][ T8442] total_pgpgin 144145
[  132.331965][ T8442] total_pgpgout 144142
[  132.336110][ T8442] total_pgfault 136656
[  132.340285][ T8442] total_pgmajfault 64
[  132.344405][ T8442] total_inactive_anon 4096
[  132.348906][ T8442] total_active_anon 4096
[  132.353209][ T8442] total_inactive_file 0
[  132.354497][ T8466] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1706'.
[  132.357380][ T8442] total_active_file 4096
[  132.357393][ T8442] total_unevictable 0
[  132.357404][ T8442] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null)
[  132.369879][ T8490] loop3: detected capacity change from 0 to 512
[  132.370650][ T8442] ,cpuset=/
[  132.375547][ T8490] ext4: Unknown parameter 'fowner>00000000000000060928'
[  132.381556][ T8442] ,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.1696,pid=8442,uid=0
[  132.408000][ T8442] Memory cgroup out of memory: Killed process 8442 (syz.2.1696) total-vm:93824kB, anon-rss:1264kB, file-rss:22180kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  132.488959][   T29] kauditd_printk_skb: 1228 callbacks suppressed
[  132.488979][   T29] audit: type=1400 audit(1760498385.099:5672): avc:  denied  { ioctl } for  pid=8465 comm="syz.0.1706" path="socket:[19435]" dev="sockfs" ino=19435 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  132.680191][   T29] audit: type=1326 audit(1760498385.369:5673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8511 comm="syz.0.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c3891eec9 code=0x7ffc0000
[  132.764978][ T8513] loop1: detected capacity change from 0 to 128
[  132.882584][ T8510] random: crng reseeded on system resumption
[  132.922641][ T8516] netlink: 'syz.0.1724': attribute type 10 has an invalid length.
[  132.934661][ T8510] loop3: detected capacity change from 0 to 164
[  132.978989][ T8510] Unable to read rock-ridge attributes
[  133.042618][ T8510] Unable to read rock-ridge attributes
[  133.099702][ T8510] iso9660: Corrupted directory entry in block 4 of inode 1792
[  133.119044][   T29] audit: type=1326 audit(1760498385.389:5674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8511 comm="syz.0.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c3891eec9 code=0x7ffc0000
[  133.142696][   T29] audit: type=1326 audit(1760498385.399:5675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8511 comm="syz.0.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f1c3891eec9 code=0x7ffc0000
[  133.166450][   T29] audit: type=1326 audit(1760498385.539:5676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8511 comm="syz.0.1723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f1c3891eec9 code=0x7ffc0000
[  133.190065][   T29] audit: type=1400 audit(1760498385.569:5677): avc:  denied  { read append } for  pid=8509 comm="syz.3.1722" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  133.214306][   T29] audit: type=1400 audit(1760498385.569:5678): avc:  denied  { ioctl open } for  pid=8509 comm="syz.3.1722" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  133.238502][   T29] audit: type=1400 audit(1760498385.729:5679): avc:  denied  { mount } for  pid=8509 comm="syz.3.1722" name="/" dev="loop3" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  133.261619][   T29] audit: type=1326 audit(1760498385.749:5680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8517 comm="syz.4.1725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b032eeec9 code=0x7ffc0000
[  133.285361][   T29] audit: type=1326 audit(1760498385.749:5681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8517 comm="syz.4.1725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b032eeec9 code=0x7ffc0000
[  133.440604][ T8533] FAULT_INJECTION: forcing a failure.
[  133.440604][ T8533] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  133.441228][ T8535] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1735'.
[  133.454045][ T8533] CPU: 0 UID: 0 PID: 8533 Comm: syz.0.1733 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  133.454106][ T8533] Tainted: [W]=WARN
[  133.454147][ T8533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  133.454166][ T8533] Call Trace:
[  133.454176][ T8533]  <TASK>
[  133.454188][ T8533]  __dump_stack+0x1d/0x30
[  133.454217][ T8533]  dump_stack_lvl+0xe8/0x140
[  133.454245][ T8533]  dump_stack+0x15/0x1b
[  133.454268][ T8533]  should_fail_ex+0x265/0x280
[  133.454388][ T8533]  should_fail+0xb/0x20
[  133.454433][ T8533]  should_fail_usercopy+0x1a/0x20
[  133.454462][ T8533]  _copy_to_user+0x20/0xa0
[  133.454499][ T8533]  simple_read_from_buffer+0xb5/0x130
[  133.454544][ T8533]  proc_fail_nth_read+0x10e/0x150
[  133.454589][ T8533]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  133.454662][ T8533]  vfs_read+0x1a8/0x770
[  133.454694][ T8533]  ? __rcu_read_unlock+0x4f/0x70
[  133.454728][ T8533]  ? __fget_files+0x184/0x1c0
[  133.454842][ T8533]  ksys_read+0xda/0x1a0
[  133.454875][ T8533]  __x64_sys_read+0x40/0x50
[  133.454909][ T8533]  x64_sys_call+0x27c0/0x3000
[  133.454986][ T8533]  do_syscall_64+0xd2/0x200
[  133.455027][ T8533]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  133.455134][ T8533]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  133.455166][ T8533]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.455197][ T8533] RIP: 0033:0x7f1c3891d8dc
[  133.455219][ T8533] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  133.455246][ T8533] RSP: 002b:00007f1c3737f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  133.455273][ T8533] RAX: ffffffffffffffda RBX: 00007f1c38b75fa0 RCX: 00007f1c3891d8dc
[  133.455366][ T8533] RDX: 000000000000000f RSI: 00007f1c3737f0a0 RDI: 0000000000000008
[  133.455383][ T8533] RBP: 00007f1c3737f090 R08: 0000000000000000 R09: 0000000000000000
[  133.455417][ T8533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  133.455434][ T8533] R13: 00007f1c38b76038 R14: 00007f1c38b75fa0 R15: 00007fff4da5eff8
[  133.455461][ T8533]  </TASK>
[  133.511789][ T8539] netlink: 191080 bytes leftover after parsing attributes in process `syz.0.1736'.
[  133.512827][ T8535] netlink: 'syz.4.1735': attribute type 30 has an invalid length.
[  133.589546][ T8544] loop1: detected capacity change from 0 to 1024
[  133.594126][ T8539] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  133.670670][ T8550] loop0: detected capacity change from 0 to 128
[  133.671117][ T8544] EXT4-fs: Ignoring removed nobh option
[  133.697708][ T8531] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2064 sclass=netlink_route_socket pid=8531 comm=syz.2.1731
[  133.710079][ T8542] loop3: detected capacity change from 0 to 2048
[  133.720569][ T8551] loop4: detected capacity change from 0 to 256
[  133.740592][ T8544] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  133.760480][ T8544] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #11: comm syz.1.1737: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  133.784827][ T8544] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1737: couldn't read orphan inode 11 (err -117)
[  133.797449][ T8544] EXT4-fs mount: 26 callbacks suppressed
[  133.797470][ T8544] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.817858][ T8542]  loop3: p1 p2 p3
[  133.826076][ T8544] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.1737: Invalid block bitmap block 0 in block_group 0
[  133.840237][ T8544] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.1737: Failed to acquire dquot type 0
[  133.852004][ T8551] FAT-fs (loop4): IO charset maccentGuro not found
[  133.897484][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.470348][ T8565] netlink: 'syz.2.1744': attribute type 27 has an invalid length.
[  134.646542][ T8565] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  134.657213][ T8565] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  134.697781][ T3378] syz1: Port: 1 Link DOWN
[  134.702213][ T2808] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  134.711344][ T2808] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  134.721952][ T2808] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  134.731121][ T2808] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  134.752435][ T2808] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  134.761520][ T2808] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  134.773478][ T2808] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  134.782520][ T2808] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  134.801817][ T8579] loop0: detected capacity change from 0 to 512
[  134.812861][ T8579] ext4: Unknown parameter 'fowner>00000000000000060928'
[  134.836670][ T8581] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1750'.
[  134.877461][ T8582] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2593 sclass=netlink_route_socket pid=8582 comm=syz.1.1750
[  134.933570][ T8591] loop2: detected capacity change from 0 to 2048
[  134.976680][ T8591]  loop2: p1 p2 p3
[  134.990163][ T8557] syz.3.1741 (8557) used greatest stack depth: 6072 bytes left
[  135.090942][ T8606] loop3: detected capacity change from 0 to 256
[  135.121209][ T8606] FAT-fs (loop3): IO charset maccentGuro not found
[  135.206438][ T8615] lo speed is unknown, defaulting to 1000
[  135.219703][ T8620] loop4: detected capacity change from 0 to 512
[  135.221650][ T8621] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1761'.
[  135.235289][ T8621] netlink: 'syz.0.1761': attribute type 30 has an invalid length.
[  135.237539][ T8620] ext4: Unknown parameter 'fowner>00000000000000060928'
[  135.296619][ T8622] loop2: detected capacity change from 0 to 512
[  135.327257][ T8615] lo speed is unknown, defaulting to 1000
[  135.616733][ T8638] netlink: 191080 bytes leftover after parsing attributes in process `syz.0.1769'.
[  135.626172][ T8638] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  135.642239][ T8636] loop4: detected capacity change from 0 to 512
[  135.665208][ T8636] ext4: Unknown parameter 'fowner>00000000000000060928'
[  135.754450][ T8646] loop0: detected capacity change from 0 to 256
[  135.832746][ T8646] FAT-fs (loop0): IO charset maccentGuro not found
[  135.980544][ T8658] loop0: detected capacity change from 0 to 512
[  136.131892][ T8669] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1784'.
[  136.166145][ T8669] netlink: 'syz.0.1784': attribute type 12 has an invalid length.
[  136.314678][ T8685] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1789'.
[  136.323870][ T8685] netlink: 'syz.0.1789': attribute type 30 has an invalid length.
[  136.385376][ T8691] loop1: detected capacity change from 0 to 512
[  136.416578][ T8688] loop0: detected capacity change from 0 to 2048
[  136.442778][ T8691] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  136.481294][ T8691] EXT4-fs (loop1): mount failed
[  136.487497][ T8688]  loop0: p1 p2 p3
[  136.492058][ T8662] netlink: 7 bytes leftover after parsing attributes in process `syz.2.1780'.
[  136.535738][ T8662] loop2: detected capacity change from 0 to 164
[  136.617195][ T8691] loop1: detected capacity change from 0 to 2048
[  136.676148][ T8691]  loop1: p1 p2 p3
[  137.188052][ T8689] syz.3.1790 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  137.202536][ T8689] CPU: 0 UID: 0 PID: 8689 Comm: syz.3.1790 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  137.202572][ T8689] Tainted: [W]=WARN
[  137.202597][ T8689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  137.202611][ T8689] Call Trace:
[  137.202621][ T8689]  <TASK>
[  137.202631][ T8689]  __dump_stack+0x1d/0x30
[  137.202657][ T8689]  dump_stack_lvl+0xe8/0x140
[  137.202682][ T8689]  dump_stack+0x15/0x1b
[  137.202708][ T8689]  dump_header+0x81/0x220
[  137.202808][ T8689]  oom_kill_process+0x342/0x400
[  137.202945][ T8689]  out_of_memory+0x979/0xb80
[  137.202990][ T8689]  try_charge_memcg+0x610/0xa10
[  137.203028][ T8689]  obj_cgroup_charge_pages+0xa6/0x150
[  137.203118][ T8689]  __memcg_kmem_charge_page+0x9f/0x170
[  137.203210][ T8689]  __alloc_frozen_pages_noprof+0x188/0x360
[  137.203330][ T8689]  alloc_pages_mpol+0xb3/0x260
[  137.203354][ T8689]  alloc_pages_noprof+0x90/0x130
[  137.203374][ T8689]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  137.203449][ T8689]  __kvmalloc_node_noprof+0x483/0x670
[  137.203492][ T8689]  ? ip_set_alloc+0x24/0x30
[  137.203529][ T8689]  ? ip_set_alloc+0x24/0x30
[  137.203597][ T8689]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  137.203629][ T8689]  ip_set_alloc+0x24/0x30
[  137.203658][ T8689]  hash_netiface_create+0x282/0x740
[  137.203709][ T8689]  ? __pfx_hash_netiface_create+0x10/0x10
[  137.203762][ T8689]  ip_set_create+0x3cc/0x970
[  137.203840][ T8689]  ? __nla_parse+0x40/0x60
[  137.203874][ T8689]  nfnetlink_rcv_msg+0x4c6/0x590
[  137.203936][ T8689]  netlink_rcv_skb+0x123/0x220
[  137.204045][ T8689]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  137.204085][ T8689]  nfnetlink_rcv+0x167/0x16c0
[  137.204195][ T8689]  ? kmem_cache_free+0xe4/0x3d0
[  137.204227][ T8689]  ? __kfree_skb+0x109/0x150
[  137.204253][ T8689]  ? nlmon_xmit+0x4f/0x60
[  137.204302][ T8689]  ? consume_skb+0x49/0x150
[  137.204328][ T8689]  ? nlmon_xmit+0x4f/0x60
[  137.204350][ T8689]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  137.204385][ T8689]  ? __dev_queue_xmit+0x1200/0x2000
[  137.204462][ T8689]  ? __dev_queue_xmit+0x182/0x2000
[  137.204500][ T8689]  ? ref_tracker_free+0x37d/0x3e0
[  137.204596][ T8689]  ? __netlink_deliver_tap+0x4dc/0x500
[  137.204640][ T8689]  netlink_unicast+0x5c0/0x690
[  137.204680][ T8689]  netlink_sendmsg+0x58b/0x6b0
[  137.204780][ T8689]  ? __pfx_netlink_sendmsg+0x10/0x10
[  137.204812][ T8689]  __sock_sendmsg+0x145/0x180
[  137.204833][ T8689]  ____sys_sendmsg+0x31e/0x4e0
[  137.204948][ T8689]  ___sys_sendmsg+0x17b/0x1d0
[  137.205011][ T8689]  __x64_sys_sendmsg+0xd4/0x160
[  137.205055][ T8689]  x64_sys_call+0x191e/0x3000
[  137.205087][ T8689]  do_syscall_64+0xd2/0x200
[  137.205113][ T8689]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  137.205162][ T8689]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  137.205194][ T8689]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.205216][ T8689] RIP: 0033:0x7f08455eeec9
[  137.205233][ T8689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.205269][ T8689] RSP: 002b:00007f0844057038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  137.205292][ T8689] RAX: ffffffffffffffda RBX: 00007f0845845fa0 RCX: 00007f08455eeec9
[  137.205310][ T8689] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[  137.205327][ T8689] RBP: 00007f0845671f91 R08: 0000000000000000 R09: 0000000000000000
[  137.205345][ T8689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  137.205362][ T8689] R13: 00007f0845846038 R14: 00007f0845845fa0 R15: 00007ffec0f3cfd8
[  137.205387][ T8689]  </TASK>
[  137.554018][ T8689] memory: usage 307200kB, limit 307200kB, failcnt 359
[  137.560806][ T8689] memory+swap: usage 372956kB, limit 9007199254740988kB, failcnt 0
[  137.568762][ T8689] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[  137.576227][ T8689] Memory cgroup stats for /syz3:
[  137.576409][ T8689] cache 4096
[  137.584670][ T8689] rss 0
[  137.587490][ T8689] shmem 0
[  137.590526][ T8689] mapped_file 0
[  137.594028][ T8689] dirty 0
[  137.596990][ T8689] writeback 0
[  137.600384][ T8689] workingset_refault_anon 113
[  137.605211][ T8689] workingset_refault_file 1761
[  137.609996][ T8689] swap 67334144
[  137.613561][ T8689] swapcached 4096
[  137.617210][ T8689] pgpgin 150776
[  137.620818][ T8689] pgpgout 150774
[  137.624494][ T8689] pgfault 144844
[  137.628257][ T8689] pgmajfault 94
[  137.631732][ T8689] inactive_anon 0
[  137.635422][ T8689] active_anon 4096
[  137.639208][ T8689] inactive_file 0
[  137.643054][ T8689] active_file 4096
[  137.646873][ T8689] unevictable 0
[  137.650413][ T8689] hierarchical_memory_limit 314572800
[  137.655834][ T8689] hierarchical_memsw_limit 9223372036854771712
[  137.662446][ T8689] total_cache 4096
[  137.666208][ T8689] total_rss 0
[  137.669772][ T8689] total_shmem 0
[  137.673531][ T8689] total_mapped_file 0
[  137.677640][ T8689] total_dirty 0
[  137.681125][ T8689] total_writeback 0
[  137.685035][ T8689] total_workingset_refault_anon 113
[  137.690408][ T8689] total_workingset_refault_file 1761
[  137.695804][ T8689] total_swap 67334144
[  137.700058][ T8689] total_swapcached 4096
[  137.704272][ T8689] total_pgpgin 150776
[  137.708373][ T8689] total_pgpgout 150774
[  137.712570][ T8689] total_pgfault 144844
[  137.716679][ T8689] total_pgmajfault 94
[  137.720784][ T8689] total_inactive_anon 0
[  137.724990][ T8689] total_active_anon 4096
[  137.729261][ T8689] total_inactive_file 0
[  137.733629][ T8689] total_active_file 4096
[  137.737995][ T8689] total_unevictable 0
[  137.742006][ T8689] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.1790,pid=8686,uid=0
[  137.757239][ T8689] Memory cgroup out of memory: Killed process 8686 (syz.3.1790) total-vm:95872kB, anon-rss:1212kB, file-rss:22308kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  137.851930][   T29] kauditd_printk_skb: 154 callbacks suppressed
[  137.851948][   T29] audit: type=1400 audit(1760498390.531:5833): avc:  denied  { create } for  pid=8716 comm="syz.0.1799" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  137.925761][ T8723] loop1: detected capacity change from 0 to 512
[  137.927333][   T29] audit: type=1400 audit(1760498390.561:5834): avc:  denied  { bind } for  pid=8716 comm="syz.0.1799" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  137.932454][ T8723] EXT4-fs: Ignoring removed bh option
[  137.952398][   T29] audit: type=1400 audit(1760498390.571:5835): avc:  denied  { listen } for  pid=8716 comm="syz.0.1799" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  137.977565][   T29] audit: type=1400 audit(1760498390.581:5836): avc:  denied  { read } for  pid=8717 comm="syz.1.1798" name="usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  138.001164][   T29] audit: type=1400 audit(1760498390.581:5837): avc:  denied  { open } for  pid=8717 comm="syz.1.1798" path="/dev/usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  138.025195][   T29] audit: type=1400 audit(1760498390.581:5838): avc:  denied  { bind } for  pid=8717 comm="syz.1.1798" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  138.052776][ T8723] EXT4-fs: Ignoring removed mblk_io_submit option
[  138.073132][ T8723] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  138.104235][ T8723] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  138.122645][ T8723] EXT4-fs (loop1): orphan cleanup on readonly fs
[  138.128579][ T8727] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1802'.
[  138.129576][ T8723] Quota error (device loop1): do_insert_tree: Free block already used in tree: block 4
[  138.148220][ T8723] Quota error (device loop1): qtree_write_dquot: Error -5 occurred while creating quota
[  138.159142][ T8723] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.1801: Failed to acquire dquot type 1
[  138.170657][   T29] audit: type=1326 audit(1760498390.781:5839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8726 comm="syz.4.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b032eeec9 code=0x7ffc0000
[  138.195371][   T29] audit: type=1326 audit(1760498390.781:5840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8726 comm="syz.4.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b032eeec9 code=0x7ffc0000
[  138.219900][ T8723] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.1801: Invalid block bitmap block 0 in block_group 0
[  138.236411][ T8723] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.1801: Invalid block bitmap block 0 in block_group 0
[  138.252824][ T8723] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.1801: Invalid block bitmap block 0 in block_group 0
[  138.268136][ T8723] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.1801: Failed to acquire dquot type 1
[  138.312073][ T8723] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.1801: Failed to acquire dquot type 1
[  138.324220][ T8723] EXT4-fs (loop1): 1 orphan inode deleted
[  138.330714][ T8723] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  138.350905][ T8723] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1801'.
[  138.410732][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.495719][ T8742] loop1: detected capacity change from 0 to 2048
[  138.522026][ T8747] loop0: detected capacity change from 0 to 512
[  138.529238][ T8747] EXT4-fs: Ignoring removed bh option
[  138.534796][ T8747] EXT4-fs: Ignoring removed mblk_io_submit option
[  138.542033][ T8747] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  138.555817][ T8742]  loop1: p1 p2 p3
[  138.572724][ T8747] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  138.600208][ T8747] EXT4-fs (loop0): orphan cleanup on readonly fs
[  138.611446][   T37] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  138.621979][   T37] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.637878][ T8747] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1809: Failed to acquire dquot type 1
[  138.663021][ T8747] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.1809: Invalid block bitmap block 0 in block_group 0
[  138.693162][ T8747] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.1809: Invalid block bitmap block 0 in block_group 0
[  138.727104][   T37] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  138.737577][   T37] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.762653][ T8759] loop2: detected capacity change from 0 to 256
[  138.776368][ T8747] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.1809: Invalid block bitmap block 0 in block_group 0
[  138.808828][ T8759] FAT-fs (loop2): IO charset maccentGuro not found
[  138.823002][ T8747] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1809: Failed to acquire dquot type 1
[  138.848453][   T37] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  138.858854][   T37] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.873004][ T8747] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1809: Failed to acquire dquot type 1
[  138.885424][ T8768] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1815'.
[  138.892797][ T8747] EXT4-fs (loop0): 1 orphan inode deleted
[  138.894639][ T8768] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1815'.
[  138.910943][ T8747] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  138.948456][   T37] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  138.959028][   T37] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.971300][ T8747] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1809'.
[  138.995774][ T3319] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.013471][ T8785] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1820'.
[  139.022436][ T8785] netlink: 'syz.1.1820': attribute type 30 has an invalid length.
[  139.058988][ T8793] siw: device registration error -23
[  139.065601][ T8763] lo speed is unknown, defaulting to 1000
[  139.107168][ T8763] lo speed is unknown, defaulting to 1000
[  139.170254][ T8804] loop2: detected capacity change from 0 to 256
[  139.192219][   T37] erspan0 (unregistering): left allmulticast mode
[  139.213374][ T8804] /dev/loop2: Can't open blockdev
[  139.239574][   T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  139.251904][   T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  139.267510][   T37] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  139.277690][   T37] bond0 (unregistering): Released all slaves
[  139.344870][   T37] tipc: Left network mode
[  139.356583][ T8763] chnl_net:caif_netlink_parms(): no params data found
[  139.372766][ T8810] FAULT_INJECTION: forcing a failure.
[  139.372766][ T8810] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  139.385994][ T8810] CPU: 0 UID: 0 PID: 8810 Comm: syz.0.1829 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  139.386077][ T8810] Tainted: [W]=WARN
[  139.386086][ T8810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  139.386102][ T8810] Call Trace:
[  139.386110][ T8810]  <TASK>
[  139.386119][ T8810]  __dump_stack+0x1d/0x30
[  139.386145][ T8810]  dump_stack_lvl+0xe8/0x140
[  139.386168][ T8810]  dump_stack+0x15/0x1b
[  139.386190][ T8810]  should_fail_ex+0x265/0x280
[  139.386299][ T8810]  should_fail+0xb/0x20
[  139.386411][ T8810]  should_fail_usercopy+0x1a/0x20
[  139.386439][ T8810]  _copy_from_user+0x1c/0xb0
[  139.386471][ T8810]  user_termio_to_kernel_termios+0x4e/0x140
[  139.386578][ T8810]  set_termios+0x101/0x4d0
[  139.386619][ T8810]  ? cred_has_capability+0x210/0x280
[  139.386689][ T8810]  tty_mode_ioctl+0x379/0x5c0
[  139.386732][ T8810]  ? security_capable+0x83/0x90
[  139.386774][ T8810]  n_tty_ioctl_helper+0x91/0x210
[  139.386837][ T8810]  n_tty_ioctl+0x101/0x200
[  139.386873][ T8810]  ? __pfx_n_tty_ioctl+0x10/0x10
[  139.386910][ T8810]  tty_ioctl+0x83f/0xb80
[  139.386997][ T8810]  ? __pfx_tty_ioctl+0x10/0x10
[  139.387018][ T8810]  __se_sys_ioctl+0xce/0x140
[  139.387040][ T8810]  __x64_sys_ioctl+0x43/0x50
[  139.387062][ T8810]  x64_sys_call+0x1816/0x3000
[  139.387123][ T8810]  do_syscall_64+0xd2/0x200
[  139.387213][ T8810]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  139.387259][ T8810]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  139.387337][ T8810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.387371][ T8810] RIP: 0033:0x7f1c3891eec9
[  139.387391][ T8810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.387475][ T8810] RSP: 002b:00007f1c3737f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  139.387501][ T8810] RAX: ffffffffffffffda RBX: 00007f1c38b75fa0 RCX: 00007f1c3891eec9
[  139.387517][ T8810] RDX: 00002000000001c0 RSI: 0000000000005406 RDI: 0000000000000003
[  139.387532][ T8810] RBP: 00007f1c3737f090 R08: 0000000000000000 R09: 0000000000000000
[  139.387547][ T8810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.387562][ T8810] R13: 00007f1c38b76038 R14: 00007f1c38b75fa0 R15: 00007fff4da5eff8
[  139.387585][ T8810]  </TASK>
[  139.617377][   T37] hsr_slave_0: left promiscuous mode
[  139.626869][   T37] hsr_slave_1: left promiscuous mode
[  139.632841][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  139.640335][   T37] batman_adv: batadv0: Removing interface: batadv_slave_0
[  139.651293][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  139.658847][   T37] batman_adv: batadv0: Removing interface: batadv_slave_1
[  139.668280][   T37] veth1_macvtap: left promiscuous mode
[  139.674008][   T37] veth0_macvtap: left promiscuous mode
[  139.679575][   T37] veth1_vlan: left promiscuous mode
[  139.689002][   T37] veth0_vlan: left promiscuous mode
[  139.792896][   T37] team0 (unregistering): Port device team_slave_1 removed
[  139.810082][   T37] team0 (unregistering): Port device team_slave_0 removed
[  139.851906][ T8837] netlink: 240 bytes leftover after parsing attributes in process `syz.0.1833'.
[  139.856259][ T8826] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1834'.
[  139.870044][ T8826] netlink: 'syz.3.1834': attribute type 30 has an invalid length.
[  139.877957][ T1036] lo speed is unknown, defaulting to 1000
[  139.883753][ T1036] s
z1: Port: 1 Link DOWN
[  139.971510][ T8847] loop3: detected capacity change from 0 to 512
[  139.989533][ T8847] ext4: Unknown parameter 'fowner>00000000000000060928'
[  140.013048][ T8763] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.020164][ T8763] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.029816][ T8763] bridge_slave_0: entered allmulticast mode
[  140.062001][ T8763] bridge_slave_0: entered promiscuous mode
[  140.066941][ T8849] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  140.077017][ T8849] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  140.115275][ T8763] bridge0: port 2(bridge_slave_1) entered blocking state
[  140.122420][ T8763] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.132287][ T8763] bridge_slave_1: entered allmulticast mode
[  140.140317][ T8763] bridge_slave_1: entered promiscuous mode
[  140.176669][ T8763] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  140.192313][ T8763] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  140.212643][ T8859] loop3: detected capacity change from 0 to 2048
[  140.230669][ T8763] team0: Port device team_slave_0 added
[  140.238298][ T8763] team0: Port device team_slave_1 added
[  140.255742][ T8763] batman_adv: batadv0: Adding interface: batadv_slave_0
[  140.262917][ T8763] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  140.274543][ T8859]  loop3: p1 p2 p3
[  140.289558][ T8763] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  140.305367][ T8763] batman_adv: batadv0: Adding interface: batadv_slave_1
[  140.312779][ T8763] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  140.339185][ T8763] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  140.397274][ T8763] hsr_slave_0: entered promiscuous mode
[  140.413286][ T8763] hsr_slave_1: entered promiscuous mode
[  140.419316][ T8763] debugfs: 'hsr0' already exists in 'hsr'
[  140.425278][ T8763] Cannot create hsr debugfs directory
[  140.494554][ T8863] loop3: detected capacity change from 0 to 512
[  140.540038][ T8763] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  140.549889][ T8763] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  140.551017][ T8863] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.572225][ T8863] ext4 filesystem being mounted at /335/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.575752][ T8763] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  140.595178][ T8763] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  140.634900][ T8763] bridge0: port 2(bridge_slave_1) entered blocking state
[  140.642049][ T8763] bridge0: port 2(bridge_slave_1) entered forwarding state
[  140.649708][ T8763] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.656892][ T8763] bridge0: port 1(bridge_slave_0) entered forwarding state
[  140.683259][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.698349][ T8763] 8021q: adding VLAN 0 to HW filter on device bond0
[  140.708413][ T8874] loop2: detected capacity change from 0 to 512
[  140.720393][   T37] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.743170][ T8874] ext4: Unknown parameter 'fowner>00000000000000060928'
[  140.754728][   T37] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.792050][ T8882] loop3: detected capacity change from 0 to 512
[  140.813041][ T8882] EXT4-fs: Ignoring removed bh option
[  140.818622][ T8882] EXT4-fs: Ignoring removed mblk_io_submit option
[  140.843719][ T8763] 8021q: adding VLAN 0 to HW filter on device team0
[  140.858440][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.865648][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[  140.885015][ T8882] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  140.896124][ T8763] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  140.907325][ T8763] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  140.921155][ T8882] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  140.935064][ T8882] EXT4-fs (loop3): orphan cleanup on readonly fs
[  140.964772][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  140.972089][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  140.989452][ T8882] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.1849: Failed to acquire dquot type 1
[  141.055759][ T8899] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1858'.
[  141.087848][ T8904] loop2: detected capacity change from 0 to 512
[  141.088654][ T8882] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.1849: Invalid block bitmap block 0 in block_group 0
[  141.097222][ T8904] ext4: Unknown parameter 'fowner>00000000000000060928'
[  141.174363][ T8882] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.1849: Invalid block bitmap block 0 in block_group 0
[  141.175953][ T8763] 8021q: adding VLAN 0 to HW filter on device batadv0
[  141.217012][ T8882] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.1849: Invalid block bitmap block 0 in block_group 0
[  141.262995][ T8882] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.1849: Failed to acquire dquot type 1
[  141.276457][ T8860] syz.1.1855 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  141.291205][ T8860] CPU: 1 UID: 0 PID: 8860 Comm: syz.1.1855 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  141.291245][ T8860] Tainted: [W]=WARN
[  141.291254][ T8860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  141.291271][ T8860] Call Trace:
[  141.291348][ T8860]  <TASK>
[  141.291358][ T8860]  __dump_stack+0x1d/0x30
[  141.291421][ T8860]  dump_stack_lvl+0xe8/0x140
[  141.291460][ T8860]  dump_stack+0x15/0x1b
[  141.291483][ T8860]  dump_header+0x81/0x220
[  141.291573][ T8860]  oom_kill_process+0x342/0x400
[  141.291611][ T8860]  out_of_memory+0x979/0xb80
[  141.291652][ T8860]  try_charge_memcg+0x610/0xa10
[  141.291721][ T8860]  obj_cgroup_charge_pages+0xa6/0x150
[  141.291778][ T8860]  __memcg_kmem_charge_page+0x9f/0x170
[  141.291827][ T8860]  __alloc_frozen_pages_noprof+0x188/0x360
[  141.291942][ T8860]  alloc_pages_mpol+0xb3/0x260
[  141.291966][ T8860]  ? alloc_pages_noprof+0xf4/0x130
[  141.292045][ T8860]  alloc_pages_noprof+0x90/0x130
[  141.292071][ T8860]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  141.292202][ T8860]  __kvmalloc_node_noprof+0x483/0x670
[  141.292242][ T8860]  ? ip_set_alloc+0x24/0x30
[  141.292268][ T8860]  ? ip_set_alloc+0x24/0x30
[  141.292329][ T8860]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  141.292403][ T8860]  ip_set_alloc+0x24/0x30
[  141.292432][ T8860]  hash_netiface_create+0x282/0x740
[  141.292526][ T8860]  ? __pfx_hash_netiface_create+0x10/0x10
[  141.292555][ T8860]  ip_set_create+0x3cc/0x970
[  141.292635][ T8860]  ? __nla_parse+0x40/0x60
[  141.292743][ T8860]  nfnetlink_rcv_msg+0x4c6/0x590
[  141.292803][ T8860]  netlink_rcv_skb+0x123/0x220
[  141.292902][ T8860]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  141.292952][ T8860]  nfnetlink_rcv+0x167/0x16c0
[  141.292981][ T8860]  ? kmem_cache_free+0xe4/0x3d0
[  141.293102][ T8860]  ? __kfree_skb+0x109/0x150
[  141.293184][ T8860]  ? nlmon_xmit+0x4f/0x60
[  141.293207][ T8860]  ? consume_skb+0x49/0x150
[  141.293244][ T8860]  ? nlmon_xmit+0x4f/0x60
[  141.293275][ T8860]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  141.293350][ T8860]  ? __dev_queue_xmit+0x1200/0x2000
[  141.293418][ T8860]  ? __dev_queue_xmit+0x182/0x2000
[  141.293463][ T8860]  ? ref_tracker_free+0x37d/0x3e0
[  141.293531][ T8860]  ? __netlink_deliver_tap+0x4dc/0x500
[  141.293564][ T8860]  netlink_unicast+0x5c0/0x690
[  141.293593][ T8860]  netlink_sendmsg+0x58b/0x6b0
[  141.293640][ T8860]  ? __pfx_netlink_sendmsg+0x10/0x10
[  141.293681][ T8860]  __sock_sendmsg+0x145/0x180
[  141.293776][ T8860]  ____sys_sendmsg+0x31e/0x4e0
[  141.293809][ T8860]  ___sys_sendmsg+0x17b/0x1d0
[  141.293864][ T8860]  __x64_sys_sendmsg+0xd4/0x160
[  141.293947][ T8860]  x64_sys_call+0x191e/0x3000
[  141.294029][ T8860]  do_syscall_64+0xd2/0x200
[  141.294061][ T8860]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  141.294107][ T8860]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  141.294137][ T8860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.294229][ T8860] RIP: 0033:0x7f17d0dceec9
[  141.294270][ T8860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.294289][ T8860] RSP: 002b:00007f17cf837038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  141.294388][ T8860] RAX: ffffffffffffffda RBX: 00007f17d1025fa0 RCX: 00007f17d0dceec9
[  141.294406][ T8860] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  141.294423][ T8860] RBP: 00007f17d0e51f91 R08: 0000000000000000 R09: 0000000000000000
[  141.294440][ T8860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  141.294456][ T8860] R13: 00007f17d1026038 R14: 00007f17d1025fa0 R15: 00007ffe10eb6d28
[  141.294480][ T8860]  </TASK>
[  141.648295][ T8860] memory: usage 307200kB, limit 307200kB, failcnt 534
[  141.655416][ T8860] memory+swap: usage 307400kB, limit 9007199254740988kB, failcnt 0
[  141.663408][ T8860] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[  141.670801][ T8860] Memory cgroup stats for /syz1:
[  141.672481][ T8860] cache 0
[  141.673098][ T8882] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.1849: Failed to acquire dquot type 1
[  141.677657][ T8860] rss 0
[  141.685976][ T8919] loop2: detected capacity change from 0 to 512
[  141.691904][ T8860] shmem 0
[  141.698209][ T8882] EXT4-fs (loop3): 1 orphan inode deleted
[  141.700991][ T8860] mapped_file 0
[  141.701006][ T8860] dirty 0
[  141.701065][ T8860] writeback 0
[  141.719735][ T8860] workingset_refault_anon 245
[  141.723817][ T8882] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  141.724490][ T8860] workingset_refault_file 2150
[  141.741848][ T8860] swap 204800
[  141.745221][ T8860] swapcached 4096
[  141.749030][ T8860] pgpgin 140021
[  141.752446][ T8919] ext4: Unknown parameter 'fowner>00000000000000060928'
[  141.752500][ T8860] pgpgout 140018
[  141.752513][ T8860] pgfault 152078
[  141.767134][ T8860] pgmajfault 199
[  141.770796][ T8860] inactive_anon 0
[  141.774478][ T8860] active_anon 4096
[  141.778256][ T8860] inactive_file 0
[  141.781918][ T8860] active_file 8192
[  141.785844][ T8860] unevictable 0
[  141.789444][ T8860] hierarchical_memory_limit 314572800
[  141.795162][ T8860] hierarchical_memsw_limit 9223372036854771712
[  141.801549][ T8860] total_cache 0
[  141.804872][ T8882] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1849'.
[  141.805128][ T8860] total_rss 0
[  141.817505][ T8860] total_shmem 0
[  141.821072][ T8860] total_mapped_file 0
[  141.825122][ T8860] total_dirty 0
[  141.828600][ T8860] total_writeback 0
[  141.832463][ T8860] total_workingset_refault_anon 245
[  141.837922][ T8860] total_workingset_refault_file 2150
[  141.843527][ T8860] total_swap 204800
[  141.847361][ T8860] total_swapcached 4096
[  141.851540][ T8860] total_pgpgin 140021
[  141.855568][ T8860] total_pgpgout 140018
[  141.859664][ T8860] total_pgfault 152078
[  141.863882][ T8860] total_pgmajfault 199
[  141.868015][ T8860] total_inactive_anon 0
[  141.872300][ T8860] total_active_anon 4096
[  141.876692][ T8860] total_inactive_file 0
[  141.880993][ T8860] total_active_file 8192
[  141.885296][ T8860] total_unevictable 0
[  141.889342][ T8860] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.1855,pid=8858,uid=0
[  141.904047][ T8860] Memory cgroup out of memory: Killed process 8858 (syz.1.1855) total-vm:95872kB, anon-rss:1136kB, file-rss:22248kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  141.964461][ T8882] Process accounting resumed
[  141.972084][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.008616][ T8763] veth0_vlan: entered promiscuous mode
[  142.024408][ T8933] block device autoloading is deprecated and will be removed.
[  142.039134][ T8935] loop2: detected capacity change from 0 to 512
[  142.048203][ T8763] veth1_vlan: entered promiscuous mode
[  142.095874][ T8763] veth0_macvtap: entered promiscuous mode
[  142.106235][ T8935] ext4: Unknown parameter 'smackfsroot'
[  142.123898][ T8763] veth1_macvtap: entered promiscuous mode
[  142.155155][ T8763] batman_adv: batadv0: Interface activated: batadv_slave_0
[  142.168564][ T8763] batman_adv: batadv0: Interface activated: batadv_slave_1
[  142.197624][  T143] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  142.224999][  T143] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  142.249759][  T143] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  142.259311][  T143] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  142.341320][ T8953] loop3: detected capacity change from 0 to 512
[  142.369402][ T8953] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  142.409411][ T8965] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1875'.
[  142.418457][ T8965] netlink: 'syz.0.1875': attribute type 30 has an invalid length.
[  142.466990][ T8953] EXT4-fs (loop3): mount failed
[  142.494286][ T8968] loop2: detected capacity change from 0 to 256
[  142.538167][ T8968] FAT-fs (loop2): IO charset maccentGuro not found
[  142.598804][ T8953] loop3: detected capacity change from 0 to 2048
[  142.689459][ T8953]  loop3: p1 p2 p3
[  143.377188][ T8982] loop0: detected capacity change from 0 to 512
[  143.424684][ T8982] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1879: couldn't read orphan inode 26 (err -116)
[  143.438014][ T8982] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.450751][ T8982] ext4 filesystem being mounted at /444/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.723340][ T3319] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.742064][ T8991] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1891'.
[  143.761361][ T8998] loop2: detected capacity change from 0 to 512
[  143.781394][ T8998] ext4: Unknown parameter 'fowner>00000000000000060928'
[  144.035442][ T9014] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1888'.
[  144.044763][ T9014] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1888'.
[  144.092957][ T9018] netlink: 'syz.1.1892': attribute type 5 has an invalid length.
[  144.121978][ T9014] 9pnet_fd: Insufficient options for proto=fd
[  144.142148][ T9018] loop1: detected capacity change from 0 to 512
[  144.152732][   T29] kauditd_printk_skb: 198 callbacks suppressed
[  144.152749][   T29] audit: type=1400 audit(1760498396.839:6022): avc:  denied  { write } for  pid=9008 comm="syz.2.1888" name="sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  144.182924][   T29] audit: type=1400 audit(1760498396.839:6023): avc:  denied  { open } for  pid=9008 comm="syz.2.1888" path="/dev/sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  144.207027][   T29] audit: type=1400 audit(1760498396.839:6024): avc:  denied  { ioctl } for  pid=9008 comm="syz.2.1888" path="/dev/sg0" dev="devtmpfs" ino=137 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  144.234593][ T9014] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  144.234593][ T9014]    program syz.2.1888 not setting count and/or reply_len properly
[  144.315244][ T9018] EXT4-fs (loop1): orphan cleanup on readonly fs
[  144.342401][   T29] audit: type=1400 audit(1760498397.029:6025): avc:  denied  { ioctl } for  pid=9024 comm="syz.0.1897" path="socket:[22796]" dev="sockfs" ino=22796 ioctlcmd=0x8936 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  144.369212][ T9018] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.1892: bad orphan inode 13
[  144.444845][ T9033] loop0: detected capacity change from 0 to 512
[  144.451575][ T9033] ext4: Unknown parameter 'fowner>00000000000000060928'
[  144.459012][ T9018] ext4_test_bit(bit=12, block=18) = 1
[  144.465114][ T9018] is_bad_inode(inode)=0
[  144.469500][ T9018] NEXT_ORPHAN(inode)=2130706432
[  144.474581][ T9018] max_ino=32
[  144.476582][ T3316] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  144.477810][ T9018] i_nlink=1
[  144.491691][ T9018] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  144.492293][ T3316] CPU: 1 UID: 0 PID: 3316 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  144.492332][ T3316] Tainted: [W]=WARN
[  144.492377][ T3316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  144.492396][ T3316] Call Trace:
[  144.492414][ T3316]  <TASK>
[  144.492426][ T3316]  __dump_stack+0x1d/0x30
[  144.492454][ T3316]  dump_stack_lvl+0xe8/0x140
[  144.492483][ T3316]  dump_stack+0x15/0x1b
[  144.492507][ T3316]  dump_header+0x81/0x220
[  144.492554][ T3316]  oom_kill_process+0x342/0x400
[  144.492665][ T3316]  out_of_memory+0x979/0xb80
[  144.492759][ T3316]  try_charge_memcg+0x610/0xa10
[  144.492871][ T3316]  charge_memcg+0x51/0xc0
[  144.492902][ T3316]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  144.493018][ T3316]  __read_swap_cache_async+0x17b/0x2d0
[  144.493073][ T3316]  swap_cluster_readahead+0x362/0x3c0
[  144.493167][ T3316]  swapin_readahead+0xde/0x6f0
[  144.493254][ T3316]  ? next_uptodate_folio+0x81c/0x890
[  144.493304][ T3316]  ? percpu_counter_add_batch+0xb6/0x130
[  144.493352][ T3316]  ? __rcu_read_unlock+0x4f/0x70
[  144.493422][ T3316]  ? swap_cache_get_folio+0x277/0x280
[  144.493471][ T3316]  do_swap_page+0x2ae/0x2370
[  144.493539][ T3316]  ? fput+0x8f/0xc0
[  144.493587][ T3316]  ? css_rstat_updated+0xb7/0x240
[  144.493679][ T3316]  ? __pfx_default_wake_function+0x10/0x10
[  144.493720][ T3316]  handle_mm_fault+0x9a5/0x2be0
[  144.493754][ T3316]  ? vma_start_read+0x141/0x1f0
[  144.493812][ T3316]  do_user_addr_fault+0x630/0x1080
[  144.493925][ T3316]  exc_page_fault+0x62/0xa0
[  144.493955][ T3316]  asm_exc_page_fault+0x26/0x30
[  144.493983][ T3316] RIP: 0033:0x7f08454c5db7
[  144.494004][ T3316] Code: 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 e8 f9 ea 00 48 69 8c 24 90 00 00 00 e8 03 00 00 8b 78 08 <48> 8b 44 24 18 48 c1 ea 12 4c 8b 0d f9 f8 ea 00 48 01 d1 39 7c 24
[  144.494109][ T3316] RSP: 002b:00007ffec0f3d360 EFLAGS: 00010202
[  144.494131][ T3316] RAX: 0000001b33824000 RBX: 000000000000034b RCX: 0000000000023280
[  144.494149][ T3316] RDX: 000000000651a1f1 RSI: 00007ffec0f3d3f0 RDI: 0000000000000005
[  144.494216][ T3316] RBP: 00007ffec0f3d39c R08: 00000000181ac755 R09: 7fffffffffffffff
[  144.494252][ T3316] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  144.494270][ T3316] R13: 00000000000927c0 R14: 00000000000230f5 R15: 00007ffec0f3d3f0
[  144.494297][ T3316]  </TASK>
[  144.494346][ T3316] memory: usage 307200kB, limit 307200kB, failcnt 713
[  144.669141][   T29] audit: type=1400 audit(1760498397.249:6026): avc:  denied  { execute } for  pid=9017 comm="syz.1.1892" name="file2" dev="loop1" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  144.685495][ T3316] memory+swap: usage 372960kB, limit 9007199254740988kB, failcnt 0
[  144.685516][ T3316] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  144.685531][ T3316] Memory cgroup stats for /syz3:
[  144.773376][   T29] audit: type=1400 audit(1760498397.469:6027): avc:  denied  { read } for  pid=9034 comm="syz.2.1902" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  144.782333][ T3316] cache 0
[  144.785494][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.804313][ T3316] rss 0
[  144.804326][ T3316] shmem 0
[  144.804334][ T3316] mapped_file 0
[  144.804342][ T3316] dirty 0
[  144.804350][ T3316] writeback 0
[  144.831909][ T3316] workingset_refault_anon 145
[  144.831925][ T3316] workingset_refault_file 2408
[  144.831936][ T3316] swap 67338240
[  144.844689][ T9042] vxcan1: entered allmulticast mode
[  144.845113][ T3316] swapcached 0
[  144.853709][ T3316] pgpgin 152859
[  144.857345][ T3316] pgpgout 152859
[  144.859967][ T9038] netlink: 'syz.5.1900': attribute type 3 has an invalid length.
[  144.861057][ T3316] pgfault 146937
[  144.861067][ T3316] pgmajfault 131
[  144.861077][ T3316] inactive_anon 0
[  144.861087][ T3316] active_anon 0
[  144.883404][ T3316] inactive_file 0
[  144.887136][ T3316] active_file 0
[  144.889236][ T9044] loop0: detected capacity change from 0 to 512
[  144.890604][ T3316] unevictable 0
[  144.890615][ T3316] hierarchical_memory_limit 314572800
[  144.905858][ T3316] hierarchical_memsw_limit 9223372036854771712
[  144.912260][ T3316] total_cache 0
[  144.916199][ T3316] total_rss 0
[  144.919565][ T3316] total_shmem 0
[  144.923079][ T3316] total_mapped_file 0
[  144.927189][ T3316] total_dirty 0
[  144.930745][ T3316] total_writeback 0
[  144.934669][ T3316] total_workingset_refault_anon 145
[  144.939983][ T3316] total_workingset_refault_file 2408
[  144.945320][ T3316] total_swap 67338240
[  144.949325][ T3316] total_swapcached 0
[  144.953262][ T3316] total_pgpgin 152859
[  144.957293][ T3316] total_pgpgout 152859
[  144.961382][ T3316] total_pgfault 146937
[  144.965492][ T3316] total_pgmajfault 131
[  144.969592][ T3316] total_inactive_anon 0
[  144.973867][ T3316] total_active_anon 0
[  144.977864][ T3316] total_inactive_file 0
[  144.982046][ T3316] total_active_file 0
[  144.986156][ T3316] total_unevictable 0
[  144.990152][ T3316] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.1882,pid=8989,uid=0
[  145.004883][ T3316] Memory cgroup out of memory: Killed process 8989 (syz.3.1882) total-vm:95872kB, anon-rss:1068kB, file-rss:22100kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  145.091287][ T9050] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  145.097963][ T9050] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  145.105625][ T9050] vhci_hcd vhci_hcd.0: Device attached
[  145.140123][ T9058] veth1_macvtap: left promiscuous mode
[  145.156460][ T9058] macsec0: entered promiscuous mode
[  145.197729][ T9057] loop5: detected capacity change from 0 to 512
[  145.207903][ T9050] loop0: detected capacity change from 0 to 512
[  145.225625][ T9050] EXT4-fs (loop0): too many log groups per flexible block group
[  145.225842][ T9056] loop1: detected capacity change from 0 to 2048
[  145.233643][ T9050] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  145.249293][ T9057] EXT4-fs (loop5): 1 orphan inode deleted
[  145.250237][ T9050] EXT4-fs (loop0): mount failed
[  145.255755][ T9057] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.281292][ T9051] vhci_hcd: connection closed
[  145.281785][   T31] vhci_hcd: stop threads
[  145.290896][   T31] vhci_hcd: release socket
[  145.295427][   T31] vhci_hcd: disconnect device
[  145.302860][    T9] vhci_hcd: vhci_device speed not set
[  145.312826][ T8763] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.313069][ T9056]  loop1: p1 p2 p3
[  145.370795][ T9063] loop3: detected capacity change from 0 to 256
[  145.386526][   T29] audit: type=1400 audit(1760498398.079:6028): avc:  denied  { relabelfrom } for  pid=9064 comm="syz.5.1909" name="" dev="pipefs" ino=22360 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  145.425169][ T9063] FAT-fs (loop3): IO charset maccentGuro not found
[  145.430022][   T29] audit: type=1400 audit(1760498398.079:6029): avc:  denied  { create } for  pid=9064 comm="syz.5.1909" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  145.517049][ T9072] loop1: detected capacity change from 0 to 512
[  145.534045][ T9072] ext4: Unknown parameter 'fowner>00000000000000060928'
[  145.546775][ T9065] loop5: detected capacity change from 0 to 512
[  145.556606][   T29] audit: type=1400 audit(1760498398.249:6030): avc:  denied  { firmware_load } for  pid=9073 comm="syz.3.1914" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  145.593240][ T9075] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1914'.
[  145.634847][ T9065] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  145.659073][ T9065] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  145.769264][   T29] audit: type=1400 audit(1760498398.459:6031): avc:  denied  { ioctl } for  pid=9064 comm="syz.5.1909" path="/11/file1/file1" dev="loop5" ino=15 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  145.821080][ T9079] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1915'.
[  145.904914][ T9100] loop2: detected capacity change from 0 to 512
[  145.914370][ T8763] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.928422][ T9100] ext4: Unknown parameter 'fowner>00000000000000060928'
[  146.046956][ T9102] ==================================================================
[  146.055107][ T9102] BUG: KCSAN: data-race in copy_mm / vma_complete
[  146.061566][ T9102] 
[  146.063910][ T9102] read-write to 0xffff88810005d6f0 of 4 bytes by task 9098 on cpu 1:
[  146.071996][ T9102]  vma_complete+0x13f/0x580
[  146.076533][ T9102]  __split_vma+0x591/0x650
[  146.080981][ T9102]  vma_modify+0x21e/0xc80
[  146.085332][ T9102]  vma_modify_flags+0x101/0x130
[  146.090224][ T9102]  mprotect_fixup+0x2cc/0x570
[  146.094935][ T9102]  do_mprotect_pkey+0x6d6/0x980
[  146.099827][ T9102]  __x64_sys_mprotect+0x48/0x60
[  146.104715][ T9102]  x64_sys_call+0x2752/0x3000
[  146.109424][ T9102]  do_syscall_64+0xd2/0x200
[  146.113945][ T9102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.119862][ T9102] 
[  146.122212][ T9102] read to 0xffff88810005d640 of 1408 bytes by task 9102 on cpu 0:
[  146.130038][ T9102]  copy_mm+0xe2/0x370
[  146.134080][ T9102]  copy_process+0xd08/0x2000
[  146.138690][ T9102]  kernel_clone+0x16c/0x5c0
[  146.143230][ T9102]  __se_sys_clone3+0x1c2/0x200
[  146.148042][ T9102]  __x64_sys_clone3+0x31/0x40
[  146.152847][ T9102]  x64_sys_call+0x1fc9/0x3000
[  146.157559][ T9102]  do_syscall_64+0xd2/0x200
[  146.162110][ T9102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.168031][ T9102] 
[  146.170373][ T9102] Reported by Kernel Concurrency Sanitizer on:
[  146.176542][ T9102] CPU: 0 UID: 0 PID: 9102 Comm: syz.0.1924 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  146.187933][ T9102] Tainted: [W]=WARN
[  146.191780][ T9102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  146.201932][ T9102] ==================================================================
[  146.256840][ T9114] FAULT_INJECTION: forcing a failure.
[  146.256840][ T9114] name failslab, interval 1, probability 0, space 0, times 0
[  146.269651][ T9114] CPU: 0 UID: 0 PID: 9114 Comm: syz.3.1928 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  146.269691][ T9114] Tainted: [W]=WARN
[  146.269699][ T9114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  146.269716][ T9114] Call Trace:
[  146.269723][ T9114]  <TASK>
[  146.269731][ T9114]  __dump_stack+0x1d/0x30
[  146.269772][ T9114]  dump_stack_lvl+0xe8/0x140
[  146.269795][ T9114]  dump_stack+0x15/0x1b
[  146.269814][ T9114]  should_fail_ex+0x265/0x280
[  146.269858][ T9114]  should_failslab+0x8c/0xb0
[  146.269892][ T9114]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  146.270002][ T9114]  ? __alloc_skb+0x101/0x320
[  146.270036][ T9114]  __alloc_skb+0x101/0x320
[  146.270094][ T9114]  netlink_alloc_large_skb+0xbf/0xf0
[  146.270124][ T9114]  netlink_sendmsg+0x3cf/0x6b0
[  146.270157][ T9114]  ? __pfx_netlink_sendmsg+0x10/0x10
[  146.270197][ T9114]  __sock_sendmsg+0x145/0x180
[  146.270347][ T9114]  ____sys_sendmsg+0x31e/0x4e0
[  146.270401][ T9114]  ___sys_sendmsg+0x17b/0x1d0
[  146.270613][ T9114]  __x64_sys_sendmsg+0xd4/0x160
[  146.270694][ T9114]  x64_sys_call+0x191e/0x3000
[  146.270793][ T9114]  do_syscall_64+0xd2/0x200
[  146.270825][ T9114]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  146.270854][ T9114]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  146.270978][ T9114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.271004][ T9114] RIP: 0033:0x7f08455eeec9
[  146.271019][ T9114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.271038][ T9114] RSP: 002b:00007f0844057038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  146.271112][ T9114] RAX: ffffffffffffffda RBX: 00007f0845845fa0 RCX: 00007f08455eeec9
[  146.271129][ T9114] RDX: 0000000000000004 RSI: 00002000000000c0 RDI: 0000000000000003
[  146.271146][ T9114] RBP: 00007f0844057090 R08: 0000000000000000 R09: 0000000000000000
[  146.271243][ T9114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  146.271256][ T9114] R13: 00007f0845846038 R14: 00007f0845845fa0 R15: 00007ffec0f3cfd8
[  146.271274][ T9114]  </TASK>
[  146.739270][ T9119] loop5: detected capacity change from 0 to 512