last executing test programs:

2.802368244s ago: executing program 4 (id=2600):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_ADD_KEY(r1, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000a00)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="800428bd7000fddbdf25270000000500310003000000d0b3c1ee3dffa529af4fa717af3b31f68718a33bc1c780663d78728b8c20a9bb635bdccddb827bd945c83cfca4a57311d3d5b4346c00adb16516f5a9614c887f3f74af529dc4db4a1b0fa2f81e6bd6db61dc20de7d268bc94a3d8091fc62a26e8c1e32f93e1ffa3e06422904cc57805510669dab8ad4cdc755b5ce8ff283a394673c0fb868ff9b5f66767caf645a248a289f376000b134cc8f4573cf293bc7954444a196ec0bea6046c5b98f4a20676011120f3a71db152e6bf8d82f"], 0x1c}, 0x1, 0x0, 0x0, 0x20000040}, 0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r3}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001500000000000000000000000200000000000000000008"], 0x1c}}, 0x0)
r4 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000740)={@multicast1, @rand_addr=0x64010100}, 0xc)
setsockopt$inet_msfilter(r4, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000ec0)={{0xcc, 0x9, 0xe, 0x1f0, 0x3b4, 0x40, 0x2b9, 0x3}, "6b09d7d95faca44455ef22ffbab36138445d0f44849ec4e459b964818dd8e0c4c9aec89c2eb05ab95992acdd1373be866d13a052a8239f71f3ccea3689671386200333b142343366848abd4f0cae187585cfb7fa9f8409cc0f28bef06d9242950488b97455de10130f22957f0c9846814ffd4322452718fc44e3d98065a3ee414100a3aee25b62cac6d5b7763a52477f7159ea0c151c0c2bb920073564c5845f94278c69bf676b352ce017c2e414ecba91a01e65757a564cea172f2e3212db8880a03a63ad5292c71dcf303d04f41697566f5d0a95fc47c77b13d49db13a93c626c473b969c208eb8accabe72fd5d0ffa6e0909176bc5ed691330889b0eaf18d04fce7a51bd8c68cde5ecf2b714e8c4d032488e0a1407c5805442c22a5e363b0df5b0c4b757a25dd87957b2c01f3155937553be845e914b595277e2f59edb886c369b846c6baf675262739fee33bcd297bca657f3ac273a815d627822b56ca27187eee22d17be6e5ededa5e57b37dd801595851b16c46b2f460961b47a4b9f89ab53ca9ba29b387f99f06dad4d2df9a40fd0f2265176c39eda7e3db6129ab9bdfc21bd44309f45ab631920b9693055cad3f16f1038e8a333ca7125b959d120d61bd866d8f5c09abeadfb293f68a4eef0b7eb9813926c10cc8dc992bb4691f569c35bb73dc0a0aa74398200ba9c4771ea117f46a461bded4c72389ab8a0a05b707dad6f11ac2785e9d8a88012c4c734f1833949e598eee30cc3f69ac2a499bb9712f4888394e7a3bb09a7998bfdd2ad64280d75dae3170b1e2007cfe42ad494d16f80df3459ef3911fb107a7d7c9f207288ffaa269586e2584c3293359cc3ea383352a4c42bdf06c99738d5e2368c8e0e8528c272c1965f409f526e32be5cfca72ede31b3cc707dc5c1f3e6742838d20c9c4ba672be420d2b4c8426f71561b31aa74282355b85dc482998ce49652a103e8db31c5cc9396c54d4210a8e4cacc559538d65c5ef49fcb3555ff03251a05370d45efaabff0ebcdfa1867b8fe357e52ff15a997b6ff537d6a14440cd0d8e1166c2ad67cd5acdcb649441b8647f20a706129ee9060cccf21a2d8afb7ecd8c5bed109c12e48c02736f0107d7b225a050b592bd9cf6372ab601dbf4339eb6bb3111066fff1e80dbae1ecfde454ac59198d4299cc7de9deb0395eacceefeb9fad43ab2ff1255f1b7c5cb45049a2a676e2c256e6fa4c5ff5c13c0b71c5e04832910ed5dbb324605a8380b0dc45a7ac6993d6d6a917338ede773e7d51a7e7026d3b533fc69c7779de12613ec40223f62e0bf957655926d2db4b7335285820a33e38b2ee40dc2bdf7ce2df21e501bfa9f2f5229bc7cd6edd8af1f5942790785c5292cdbeed8a87b895a7943bcb6146a7df029fec49ef99d47378d56cf0f34c9bcdcfbf500e480ebf232941255dffb5268c64c0d8880f2986ca0792e7eb5fb2195d5eb7af782ae22efaf00bd8b52435550ed6376c5767408a426c0216a2b473f57139107a02ad02f6348f743cb6daf7a2fac25f46dbeacc0be2b4fe8a0cf99e192367caa536f40289c8a3875ce84858e9f156a51e72111be7c76a19d73c5175ff29c5faf5fb8543db3e268d6b651de029d3ec022e2e63fc62da86342b3a74f584d73fe657bdf6c5750f80694eea5ffa844bba524b4db9e2066d6f2222466bd9fde83524794207c28f40f0d0366e5bb1fcd1d1bbe8089d1ee9dfe98c52af43351872e3dd7517fef988337efbfabb0acc6e2c1d05bba208c75ec071f3a37a32b3ca350fdc64a6a11b7df5462dadaf6064a2b6ff6a3388219dc70ce7abdab2428607d7805dac1a4ddbbd2d8f44d50884347ce5b2e3e075d489e6bec62561c7c8495f6a45e37d4c0227416610662a7e6ba2a973c4282623aa53f259a1f98880b3bbd094113e7a2d58b078d8a8fe42a58341802393d8f483d764df58fa466ffc903521bfb027beefa069dc1f0e5a2a54a783dff4351f16cfcae8c686ae443cae9ef95becf50c791e204bfa2dcc63320f9f215eae647270143be0942538ef060dca4b8a319f65724c6308fd82ba13827be91250d0ba9c1b739e67b8407cfc420c4e93e49dd0b7879b3d0d696d509a589856ff9ebc49ba769c4b8dc7ff61fc5d92921d39a97f5ccc581972956121b0b7b59e38e1c62e6731cddd83e6c9788b55f5d003a2db69edbb0fa4011ab9ec1990ec61ec890cfa1c2569891b56bf13137c6580e0971fb371c16b0d9d1f8e42f1f0c30e7028520a322d5ce5e6aaba4b7d671dbaf760793324266e3269772b9ad7478835ea384564e9b68956ef8a706b90d9a257ac9eeedb43411f75f65fcf54c30b8421f54407e71c8f26303abc4821150ceec8acf50904af21c3d2c11d45fadafb17a641f42e3c4be863ea2c3eaf2c56603b9db844c66909b97416c5b937bc95c75e56b44cd0e6bdd793685ad0679c815fd3e1e84c26dba08790b779a5eecde8516ffc7877d0900ed5fb87afd7ffa17bd4dd9debc6de9291787d61b09d4858b0d6ad8d2658e3fbcaaa863a1fe0049353f7238f9c2116faa7b949905cc4d7a9bee9b1b7dce5748741f6582e8dd0f4363eb8d4118a6f6cda7f242453015ed5ab0dce8731ef0cb4156f13da326c5d9181f66c2386d8a5383e6ee8de7853ebe0e7f92cc7825dae6fe366ac57fbf9766ed775899a1e4db1b8a31103f455140d09c540a96de6d49251c2bbb915995cb525f4b69ac3dd815f99eb5458915d71a0ccbe4b9368817220c9312ad2dc27d51acf3f835bbec386e6055cb679411462f4e7ad7efbf37d2ddbe89f5d8d90d8f61ea38e1c8267938863fd08a59d87fd4469eec1c6e60757c1dc7145f27052898e0044330a96f05948557ced191cf63781cda452d38b73feec8a2b5112a5b46df5e5c6276ebea0e91767f8497e171d8f37929a2815cfe045e07cdba3161b47a1589d31c3ebbb2845ac6ab62c1eed335597fb219e9ed70fc3b036a927411b7fa22b00c0c1f8a060946b888c00e1b73d5cc7cd8f4239ac0a5c68aed39f603cb6525f2d546c3dff0cdb2529185dae76405916a352786851eb86974abbd4d87a9d0fbbc3202d31a63a4e7de445c39426b6a2b8daf817f589a93405d359cc08b13e77f82bfc4a15595e6ff1fb53ed679905359ef0b596870b91990bdc4aff033fc020aed36078771153a01c0cb72be06d038738b5737689a0b45ce7804b0987cbcdc2b98c8b03cea5beb45ccae12067b6531396c40b2f3e124d325d6681b8d57d07227620f9fac30f292c43a2e3351a86cc7a173d926bfecd155525e85ea621117f686f9f3f2b77f9b1c88217588c3aa6d2c147376b2a254ba790cd7d0ac5020a74d33d879cad736c64eb9a8ed94aafce7d303f635971a8a63d96ed4f8456bb67f15d3ccc60d3496d3ba67d8f998b48a9cd131736c70345efa6d9b0a9b05a43f6a4de3a1ae991314c7375e604153b08fcdd9e6e917e3dfbb8e8294b2209b4d76e5923004a6cfe84291071e93e11c8a4d7299263e913e566ecebbc1e51deba89bf84feac0dc83b201119df5ab47f5c02f794e43da8a8a121d4f838426ddf72e4f606503c5eba3a015d8e35bc717baf6219293f63763ac697272720d5160c1bf343de283e66038e7aece5c42862b3383216916a175dce68f6b68c57082c3230c2ab6fb288cabbaefe5660adc912e0f433b90eb3c24e6106018f4173a4f35d4afc8d3050c19b7a65b115a4ffe64a6a13e20841f6a0e1da6028e76b5165c5effbe0542c7326059ac830599f450ed599026dc8f728ffc6e486a329a32c135922af96905b15a0490ab2ce7e35434476d5cf47775c3cc96ba97868411023ac9f3b6646789ef8af2f6376de6c4d43b1d732eb6c14bb20f08f9c96aa9e858910cccd71f55b2988cfb84541d463b800e526bf7d30da18ab920e86309d1ba7b12a068947d6900740b75dd5da575c13761c882163a99ba8cf3b3476bfc3aa918419163d8460a091116b5fc0502fe587292c28f363a4f8797d18f3fc9a9a1c85e1a06361b667f247304d77d6457a5a669863cf5822adc632a8780c31454fb2b3482e042c78c0017bc8405d422fabb0339e4e9623c5014f90d724dcbaa887fe58026677f34f80e92ab8279adc9d7f5213aef458fafa72bcde33a0b861898555beb53d5d8bba13ed2166c82ef26c7054f225337bd56d567951925d1b63200e661f02c04f3bd7c9bc5a99c456092ce4dd3cbaa285d9eb24c3b8de6c08a10c1d1c033a93462dee535d61e7ed5162d603d6350308ba48162bc27e40cf86cb9b317b4d78aa9570f373d5b852b67b9fc78d00818dc54f319244b43e65e2258bc1933f856ea8163d08c1f2ceb9099832fad8d42c8ac23adee26b8a42f4fa7f35273d1ba1957afae38d2339e7258ae12f2cbbb3fbd0a62fcf64be0ce674e8e628f82a7282a8f633323d18b4167ef7323632a2dde87fb9a9b38e91e940df4e8b23e956d2e118a44ab21708ef77df3d286b35857dc2707529a0255622534205e5f3d353fba91bdb3689bda5e27f56fe6c675fefe5f377d82e51cf632290f3a5292503ebb1c8a72880b6d1ea96ca232dc7712435b365f54d2a531de00bb2fb7baec63204402ea2709271ca4f4136ded406c0d165bc6102102c488ba75a8651bed1d8060fa702585c3b69eea676e81e89ca498a1976be81ef7064b87ad01271be5ff3f8089d243e2d00a5881ad3bcdd9545ac6a3de0833735eb01a91d8d13bf38a63edd896e6d3d479facd44d851302bd4fc1199af51c86bc2a7824674bd589341111bc38537515d73f77a604b55d9dc2bec070544de89f312796dbd8c17341b37de209ed44520185f72e143f230aac3f0edb53deddfc0d31a7be570f826c80c339c2f5420b5f62e3d6d01827ad5290c9ec3b7e2dca940cdb23593773d88ae7632fa1b702a33e217c049711c0eeeae140f758d0c42f50174d4c45c8218b6dfeffe87ff9129db5cc6d4069e4071ac3da86584c458427ff22fb6b8cf4771d84d797459056271471ae6f9bd66c68d8b15e80a13e585b01dc35c43198c06808194539fcfa47f028797ec11b583e74c569d6d7c78cd8d53547d6b3f6ebda4bc3b218d63651c976312b168d53c954f68f6501009b7c32a3ce6175f79fa5c8a6bbc5d29978eaf284d86dc72c3d2dfbfa1f9e8c04c3d8aeccb9e13a5518c1bc5a332b3fb34e8063bfe9ac90b56e3068de977a8ce9e668caee09cf143c64d989ae7228052b7426186f707377082534e190f6b7e771e2567ea93dec0582a34b9e150e123b86e2e455e0a0638a301d5071eb9a578229a9625484fb12e7cb3f93290b01be396c64d0afa3a5380461ff535ea7995a9b275b1df566d50e2ae61d75c0065a5cd9b08a2b90312d33ca59851932d6e67473340ea5704c2a8c49ccc15b499f09cc5677a5a52a1a23b8f4c68b038357222b371cab112ffb562dc6a92439484a27c0d575adf98128f3d7b86935b13b2b82a2962fa707b775d7333b32c5ef70af8cd123d2e8a18bd9a616cdb1518e5c4f8eda5f9cd2f2f469436a4d4780f5a8cc1c914cec08cbe14be0e80e3b0a90dc900710b0755fa8be443320e27bb7075de5f246b32318b3f2294b4716b3e949271eb174d544ec8dc10d8bf73fa180499c2d668fec0893ae8ec22e43b344fa594043629be4fa57634893d94f94b1d6f929436eec0af00ba34f98e70ca8eef953c25c05bdfd3837b8bf7dafb279bc105662d1041a1dc4ea505000c647f201c625ad6d68fb16b5fbf8596ad53a1eedb2bc9d1b61ddd7a2e5c5a8237a4c085e53d32c287"}, 0x1020)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r6, 0x0, 0x2a, &(0x7f00000008c0)={0x1, {{0x2, 0x0, @multicast2}}}, 0x88)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000280)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r0}, &(0x7f00000004c0), &(0x7f0000000500)=r7}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='kfree\x00', r7, 0x0, 0x2}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES64=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x64, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r9, 0x0, 0x2}, 0x18)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r11, @ANYBLOB="0107000000000000000020000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)

2.681063797s ago: executing program 4 (id=2607):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_type(r0, &(0x7f0000000180), 0xfffffe51)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40305829, &(0x7f0000000040))
syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
splice(r3, 0x0, r2, 0x0, 0x5, 0x3)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="f40100001d00020029bd7000fbdbdf251c00040001004e204e210000ffffffff000000000000000000000000dd000100626c616b6532732d3132380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a80400007cb708fa425d39945a3c2474c55451934eb70db0d0c2729ab2337aee048fbb227bcce965e238ecfff97f222f7edd7f217a028a850e38e4cd2efbe1e62dab0b006f7da0770268ae684a302d8b7e065ded8e6ecb6423e2ef20051d81b4ac81e33e31cfb8d3f53b1a79f79f47c16326d8f7a55298f87bb472365df7341f8f1fad2e8f9e881ed9d975a499b8c0aef79ebe2abb8af15e35000000c1000800bd0008000080b500a4cb455479bbec9fc5fe33477e2a4ef04c174432250c9545d7a2d2ad6b3ee62be0d8819ae015b3dde055a5ab98ead2d9c0843e11f4ee65da8385a7a329e5fce504c582473c065f63d3dc2ca7e47d46c307dca650a267cc44b0b4e3ea20676606647888515ea8e9f36c2466d6beb914b5ea807db0747f9df78d27098c9298d7edf27a9437ca00ddfa7aa36f096d17673298c3bc2fba648ef0941077c5b595b10122a5163de53f5725bde0c0f1fbbc4e0bf749c7daab0000001c00040002004e234e230000fe8000000000000000000000000000aa08000c0007000000"], 0x1f4}, 0x1, 0x0, 0x0, 0x8810}, 0x11)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9}, 0x94)
write$nci(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYBLOB="50060000009300c8bc00847425f9ca82ff6c6b9198d1f5663d0dc451bde092b8340063765f37590cf72ac817ce15e6f3285db12addd33aea1dc3a07cbf4b6a51a19f31087ebd0629c122ff03d98ac76eb8477a6a654a52e5"], 0x7)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
unlink(&(0x7f0000000180)='./bus\x00')

2.178046647s ago: executing program 4 (id=2626):
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000004c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffd}]})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
semtimedop(0x0, &(0x7f0000000300)=[{0x2, 0x40, 0x1000}], 0x1, 0x0)

2.077307289s ago: executing program 3 (id=2629):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
statx(0xffffffffffffffff, 0x0, 0x7100, 0x7ff, 0x0) (fail_nth: 1)

2.00093339s ago: executing program 1 (id=2631):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYRES8=r1], &(0x7f0000000500)='syzkaller\x00', 0xfffffffe, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='selinux_audited\x00', r2, 0x0, 0x800000020006}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000540)={{r4}, &(0x7f00000004c0), &(0x7f0000000500)='%-010d \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001740)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ae0210000060a0b040000000000000000020000000900010073797a30000000000900020073797a3200000000b42104802800018008000100666962001c000280080001400000001508000240000000030800034000000032882101800a0001006d6174636800000078210280090001006473637000000000041003009153a04709dd3ce609dff7ed79a6b495475de7fb1ab757cefa6702b550641f1bc0f33a205505b2569471224ab9523b742af6a2a799407d48bec685a43c9fa1d84b2263623a39fa7d2373a858b35457216ee91bd3e98f97181b6f0abca47a3e5db91f5a0059d45a24730bddc5915ad5fcd19265f5dfeea8638bc7f3fe0fbefe12776b861bc591b7543536ebd3cf666a7a6366a7bb51f1011cfc40d26ccb7d27cba7e3ba76c82ccf6cf21f62bdb5c1dc9ffb5512c0c7f263fc19577efd96e3f8ea7ac0ac6058e344d8b2260c3f70badd0035a121a24d3926c18cdbc7b4e397d2b9925b54f549aac05575be911f1b0bc0b09114366933dd498a989085f3021f1dd0541a533516d85ac8a617621fa0ad728e5e77147cdcd4b310860e522a3780c8a92fc2e58a97d1bb432ecefbb0c85518da22a1071df27d204aabf65b3fc1aa04a6903a07548b4a2ee8b033821e727959b52528ae4bb4b8a7b9626b898bf1265b92540c67c05b476d1b9d83b7e43343748755e11081fe2394c817fc4e1d5962e929a9a85b66da20a7a100a0fe3ace658286342838271e7ce0765240260d67a0ab7cf8c601743c68f0ab0406e1a3bafa7561bdb08bc2002ad33e1bc80c1cb0dd72b6ac3f7c93bbea95be309848ff5194e98ac171c7495623e773062affd7a1de1a86bc8827c5ea24d4dbe3cfc37eaddf1ffaeabf7cdcbd4795004f18d4caea50c2da08b71c9c5df1f8f15a9abb7a822ba57348d14a6d022c66d9e60bdc2809913e5a0408d0a6c80a29ee8968d0160a54d5374680f0326ff3a2f38eb16288a92680f4be3f78f999a65b12347903a7c2860b80d72bf27fee3d3cf7728fecccf6c737ea08c570b829f19fb19959580332a5bca3f03b088178b2166783a0390748525e347a8f016687b179293a3a47087094d714204c50f5a65868656786453bd9703dcea9978b736118fa03e9fb98da62bfc21965149aeb03d4800c1b0fc3861ef8582e8017b0e5965b4f474af98e9d7785d9434811345b82644e2086239657bd4fa760f5478d8dda0e781da9f1fece3d0b587ded634479b6eb41d01cb63b8ffcd4aac7dea43645098cb48820b2d68a8bc7f0bd301a77e38ec0ee1148d897515e7b152034f532a350470419fff34b4ce2e69173fc26aa1edfeeccb5ca501cb3aedc0d68929a763add304818b220d17e936ad71109f5a8acd6e330f4a3ba6d05c7e0565f9a2b6009574906e30fd5af8d7a685696621c424d8cdc0126bfeb849084fb4feb66d5c6a05333f644367f51025d612d81d581adf3e4a7fc251f967908b2753b674e28a1dc3fd5401999eaa4b8b4322563f758e3402c09d25c6e73868a00be511726cdd5f53271f01e90d2f4f6c9927fae109198af082b2466449916e80060af83eca3780f7b29054fc1845d65bd40d5db892e6fab09bb84ca5ed0ff656fe8885144eed780e1a79645d6fd5af589713567786967376fdccbcf512ccf8667fd7d9cfcacae33ce247e1eaa90d7e9e64705d792fb3e89c638bb0a43fecaec2bfd6d4dfc24eb9442b3cab0858dceca92cdd6f7270f7733817230983187eabbce5544e0c92591069dcfd48a8e5e35f0316d549f31e4986335be22edefecfdb91eb8c35a9e32c20a58b6ca8a8e8f028ee45932956c56083694f62785f69807fa29dd56ebc04d7a47993fb9319f233d3c8ebef5139240a78f1a7bcdb3a985b79b7feb1d2d2868100c31cbba6bb6c776b92fbc6142532e4f4da848d974bec9d93c4927c6f93d11f7206082555ea18ba1867dd774d0d03c981f67e48f6dd507bf36d5fb0f7f7314a2d1c404bf6ec5f7aa61253102ee66dfd9db5562b3b155998378eee2a0b67f284ffd92be2416c9dfca460c4140c6ae310830971d44044140e895388da8fb1e1f8819973f5565fc42cd08f8847b5ab1409da27f8383e666c01cca9e3c95b49c5e5480c036fb504b07127583be1375fb400920c68ce11c6326b0936b468d88956387e8ab3ad821e03a39e0a0af2cc0814850a1f9246b94daaa43b06af1c1c530e390e566dd0fd9a5c7179b6500ef5fe169f9512aca335deb0c28051ce51e903ef34affd8205edc8858123104d6817f4a6ab59de833f27a573a57fab47ea8c71819cfa2809f8d0ff310cc369e76a89c7beb05dbc75da875f41b9454fcb83fc3f87119d8f4a7fe28587abf7469fb5e06d75754ceda96612ee14c81ab1f774928bb3bd50c4c4580448449904c0a6d90b04718d85829b72568b0dfc8caa7bbc52d6a2740845a9c6d06899ea6a5d60e68312a8dcb92d51c09b335fca73df180d5c04988c17e4915c95ae3c1b6a63cd4a40d1e0395c35d8c054c7d1a8d7a73015b0f21a974d84445aa8bad3a0f96db711e2083d4ec4e2166451c20ab2664de0dfc28e46cdc9355c3d4f122a975d67e40e9e9d4a7171258977540619083e5f1a9e0b884726f9721fe54c2bc20fc597370854f74d65780bdfb0e4ec8861131eac73120b20c750d53b3bd800a59c83b53e714151e20506399a82484a8fb0af514f46269eaf6329f1b818e479832572212f1ccd204a0013353c15ba7ae0f163f5f8728876ee763859a950217f55805b16781b99c570a897d5526b93f0e5d86d974d067cec23f3839db7e15c6f3516645a21b8c956a0346a769e90a430d49d57ba0e58ddc45cc5e8f97948bceaae05ecc6ff36e3ca0236416e0fdc71ef46739a588dc8a23366d01288282a2ce2c47609abbb4c80a412ada0bf6894aebcb95d04824836d3c3f0ced848d76cc415eeeb31fe85a68ad68810e5b16d8a93ab23e73131314f585472828d74854e8c147730607a4041fdbf98e933524021bb7e86cb468a001f91ab3fcbf02ba951def880167b1e01688b26802ae6e31bf48982b4e0a332d15ac45f8af06b740a882c94cbf976ff5035343d2e4485c694ede7954c038740830820ac54e9fda53b29ee3ffc1401a15e10772f224844cb88c1059524c52b9301049d1b626ad0a1de235ad4fda9424501d6de2b9c71bff9683f30ae187a662fee2df850783db3a4f671262bdcdbe3e76feec6533999b3926f8c26d1b2b8b7e44b81c2a77752fb15c61414b6884b44412188dd23b0fc52bdfa7ea52aef412075581e1323181ae34a86390d38a713aa6568db497ca0a9fc2a09729023e052ba59fbe1bb13629005871e0338dfb69e5afe8b7211389ddec86644ea065dbd5ed7908001440856d67d77ace8dc9f2f8028fd9be217ceea04be069ffb13d9aaf6645bedd3e6c1e4596033206b06a41a024897416fe81ec10c15f4eb6e9e35acfa48819d6bbd8b6427b695bbe119a9a5019abe58d80f7e11dce5cd56201676a10f22be24601b97f6732d800760d1ab31a87a6a1442667f2068946b24167dda85acfa818b28757d9eb67368124ca8c3d39aab854cab4e32508b62ffcaa0ec071d30c1dc69f855a4c971f35ce290fb8c520ddf2fffd54733401f385d715a04fa9ee5e291579e64f117448a0a9f56edea41539b423e2164b367728171eb2a79e1d5feddb8ce469fa63299a36572c66d4e29cd29b980efabbd49a40e15539fe27f4350e6d8c72db58818a056f08061dcdac3c6fa92ed00a556a5f785d61c5ba585ec240261246fb6089dc25d95736410f2c4ece4e9f268ba7ee2da0acdcdb4062a9b5b4389d699b46a915e80ab33777305760d6498d38b1b46649789f6b7776fa074eb9baaddea834f3a02088f2f2518969d1c2d2416af86abc2ed66397480f3869bd4eb4bc4d8a1f17f8bdc9ee340bb39c3fcac5ac6bf65a3b2148d185609e1f4c76adb3e9d6d47a31c4e20ae29a8e0e81b2ee22ffcd12777fd1e3d8c2de83610418da0d0349cf0a99e20b10680cc3ef2a3e13ae46825c9f172c73df249dff50664a78389603671ece11b2777e3015646bdb9e64da78499c94fe63c12e1a9981006d1a1653b5387231044b9c42978567aca87920851944166747b5e416f259ccc1be44c52a0f033cd6199421c1f19844ca996997b4c7dec56b289fc6708138801557f36e0cbad8c2d1ef86128d10683ccb8e659cefbe7d2523969c4c58539c520644dadf4aa1793622cd21f36ef84069f20add9278ce5b97d43f818a88a430ec39cf1681b080d617af5232086948b351d88d47c2cbbace772fd8580c7fd817658341c8e39b6843ac9cb78aa48f96fb39706622924169ceb6970021b86ce302f81f74ded068018791dfb1a9e44fcff9367c8cbf7b5229b1c1112328bd52cfea6b49f9e72b61ced9358b7e63f404ef2a3d891002cd024be68d268541af228df1873878f964035fd39634b33431ea3dd25ea1dd601a14a8286d73248922b2e3e72e550ad18e9a6c68568bafe85fd985d1fde1fb7368a8415b39b4ff30b2d4688fb6a4b775f57b1dc141ef065ff7f2d6551a1ce8f38c7d0676ad5d11d0dc4c8b375c72d9fcf20fca17ffaf2805a4527620498f76ee08af54f7e4969b2b82b828519f2c3231f0d9732fe574f918d8c0cab45c3b081db6a83c28c54550ff0fe3aaaa5d068cc5e42c6700788c17e30b43f6096ec55a8b551c4c1daaf61557f61c069102872920cf71e99dc256b78913aabe6d6bc9e1471f3a616b43bfb515412c5e0862f4ca417bc9dc48c8bacfec17f25d8286ab13be939757281457d44fe855a20e76b337c3eba4d7c51851088f234ab09b733a279af93215d75268178cf7106d9fd7777cea6363e3b3c24f7f35f22f75d2116d68b91810f70c7f82fe8f0cfdd9d5374759330a6b105f2a4a6777aee3e9cdfb92421c4f6ec5ba554052c78d118b58568736ff4641b679a7b1a9ad1374d1f3e305ebfa810b54e17e46650c1c97ab42e208d33c1817b390cefd2abcec74516d1b3995c9e5b7b7399a0e14bf895af84ac9b42f772a7180fef9b4cc628c1f4ce776eb6c29b5a3a98c230f28633c5fe0490fb39f39d5f796833f781708c5ee5d6f830c64bc999dcc817201d84211b8dbaba63ae062f7a011791a96f2bd7e89e0afe0f03b8d0c35985378a112db6cef0ac205c873f759fcdb04c5cce279df7f50db7eddd6ca0555728d5d1873c0fb064ca8bbe718f703fab9a7b60312fcdbc70aa41b6336f83d8d14a5c4e5783d87c119e11c0b54941be6ea2d97fee5f393fc27165f474a273655529d86af8b16993cd47006738ca71fae415cee097584b2cbe3e9f933e85114ef6a24eccc3bcc60f65b0048eed67a95ee74aa6c2e2fc5e6a168a923de7b3be45a73ec44cd2edd9154030811d3ae8b450278f929a06d0bb160af1366b2a7bbf431e82d5b0b84a8ae1856a95950e75f3880baa83c4c14cdb6b28029d886a1a7e92aee7b19dba39ac0ee40fc9bb53d55950cccb1f56b1ab102dc6c37e6af58970a34c9d6be6a9501a129343db66db61fb9733610e08f841d1f63f879885f53c814a61986fbda23d895e5105263a7fea53beff234e415a2876bba73b7719d2e38326465fc676c1853293acf6c99e6a5b1c119d6dc5f94d28f2fe444a08c30c9e82c730fff846c4dce48360a9eca970b36cb0e1b6aef8f3eaf6049d848ab2d0e85d9348693c406956c94206bba61761e4cb4f7a22d736b012efbd5c86d6db1a8ee8b8cfaf42d6bbd3cc3bf779ff17d1286a7f4ba9d37ac44dcc07a22ff9a54effdf90bbdce3a7b68fb1c3db8059b9db2eefdabaa8fdf04b9981c800b3aae454b696a8c6238efa159316462f56231abc2babf9cbbbc7844978f0e115c5c35317f220c4d4667bf092ba40bfb2636eb152682098b32c38b8bcc2220ee11aa2923976bc262ff5a1f08f2c17cffac082c289929c0aa2958fe080001006f736600080002"], 0x2208}, 0x1, 0x0, 0x0, 0x20000884}, 0x8800)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r6, &(0x7f0000004200)='t', 0x1)
sendfile(r6, r5, 0x0, 0x3ffff)
sendfile(r6, r5, 0x0, 0x7ffff000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, 0xffffffffffffffff, 0x0)
openat(r0, &(0x7f0000000240)='./file0\x00', 0x62100, 0x100)
faccessat(r0, &(0x7f0000000000)='./file0\x00', 0x5)

1.985792391s ago: executing program 4 (id=2632):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
r1 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000ac0)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000005feffff720af0fff8ffffff71a4f0ff000000002d030000000000001d400500000000004704000001ed000072030000100000001d44000000000000db0a00fee10000007303000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
connect$unix(0xffffffffffffffff, &(0x7f0000000340)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94)
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
write$binfmt_aout(r4, &(0x7f00000000c0)=ANY=[], 0x20)
openat$incfs(r4, &(0x7f0000000240)='.pending_reads\x00', 0x1, 0x10a)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
syz_usb_disconnect(r1)
syz_usb_connect$cdc_ncm(0x3, 0x6e, &(0x7f0000000080)=ANY=[@ANYBLOB="1201500202002505a1a440000102030109025c000201112005090400000119fcda8db76130020d00000524060001052400df000d240f0101000000000003000506241a01041009058103ff030608050904010000020d00000904010102020d0000090582020004f102060905"], 0x0)
ioctl$EVIOCRMFF(r1, 0x41015500, &(0x7f0000000500))

1.778442185s ago: executing program 3 (id=2633):
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000100)={'gre0\x00', &(0x7f00000002c0)={'erspan0\x00', <r0=>0x0, 0x10, 0x1, 0x1, 0x80000000, {{0x32, 0x4, 0x0, 0x0, 0xc8, 0x65, 0x0, 0x4, 0x2f, 0x0, @multicast2, @local, {[@timestamp_addr={0x44, 0x14, 0xef, 0x1, 0x2, [{@broadcast, 0x6}, {@loopback, 0x2}]}, @ra={0x94, 0x4, 0x1}, @ssrr={0x89, 0xf, 0x65, [@rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x24}, @empty]}, @rr={0x7, 0x7, 0xd6, [@multicast2]}, @generic={0x44, 0x8, "d72961f897a3"}, @lsrr={0x83, 0x23, 0x42, [@rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x1, 0x0}, @local, @multicast1, @rand_addr=0x64010102, @empty, @rand_addr=0x64010102, @loopback]}, @cipso={0x86, 0x4e, 0x2, [{0x2, 0x4, "cce1"}, {0x2, 0x5, "e41d4f"}, {0x6, 0x11, "b49bd066c2e65093fa8d89cdb7ae44"}, {0x6, 0xd, "c2f1d5f09d11dcb543efad"}, {0x2, 0x8, "85b3e8c9d115"}, {0x6, 0x8, "458ddc943199"}, {0x5, 0x11, "877b486c670db2f2522d438060162a"}]}, @timestamp_addr={0x44, 0xc, 0xcb, 0x1, 0x6, [{@broadcast, 0x6}]}]}}}}})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007b0000009554d3f614998f2c4e1d7baab1f679b3d2989a5f629071bbc3c412178f0ef22dd3a6fa638a487e7c679916a392af799fe1490532cc2490b8579315bbb6f1da9ed4c2389814c5d2b06a934a8b78edb346a282a789c5ac36ed1c1ec150eafab119d5887c6071067d19e9ccb03e03a177f2f81021"], &(0x7f0000000140)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', r0, 0x2}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000e27f000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$AUTOFS_IOC_FAIL(r4, 0x4c80, 0x7000000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x8, &(0x7f0000000040)=[{0x101, 0x8, 0x95, 0x3}, {0x2, 0xa, 0x51, 0x6}, {0x836, 0xdd, 0xe5, 0x4}, {0x7, 0x4, 0x40, 0x3}, {0x6000, 0x3, 0x9, 0xd25}, {0x4, 0x9, 0x0, 0x41e1057d}, {0x3, 0xa, 0x8, 0x33d5}, {0x2, 0x8, 0x3, 0x7}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r5 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f00000004c0), 0x1, 0x0)
symlinkat(&(0x7f00000001c0)='./file0\x00', r5, &(0x7f0000000500)='\x00')
statx(0xffffffffffffffff, 0x0, 0x7100, 0x7ff, 0x0)

1.636467148s ago: executing program 3 (id=2638):
socket$nl_route(0x10, 0x3, 0x0) (async)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x6, 0x19, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000"], 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, 0x0, &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) (async)
getpid()
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000f00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) (async)
unshare(0x20040600)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) (async, rerun: 32)
socket$packet(0x11, 0x2, 0x300) (async, rerun: 32)
bpf$MAP_CREATE(0x0, 0x0, 0x48) (async)
syz_mount_image$msdos(&(0x7f0000000100), &(0x7f0000000140)='./file0\x00', 0x80c406, &(0x7f00000005c0)=ANY=[], 0xff, 0x2bc, &(0x7f0000000180)="$eJzs3EFrE1sUwPGTTJtJ+2ja1YP3Nh50o5uhxqUKRmlBDChpR9SFMKVTDYlJmQmaiGDWrvo5ikt3gvgFuhW3grsiSFddOdJkMk7SpJZYE03/Pyhz7j136L25Uzi3MNm9t/WktOFbG05NkmmVpEhT9kUWpCgdifCaasWpqF+uZqUpFxaf7r1auf/gVi6fXyqoLudWL2VVNXPm3bMXr8++r/1z903GNGVn4eHu1+znnX93/tv9tvq46GvR10q1po6uVas1Z63s6nrRL1mqd8qu47tarPiu15XfKFc3NxvqVNbnZjc91/fVqTQ0KQ2tVTUdzqqilmXp3OxBnJZTJHXcgZ+CMLC3CwUn13fMqfrkJpvn5RxDRGYO7am9PZ4ZAQCAcRpc/yejMZ36P9lb/4v8pP5/GY7KvB1Y/wcJkWHqf0Oi+r/ktur/mtdQ55FTjNf/OJJ9bWD9f4Tk75kMfkWiGWtc70p5Xm6m/03U/wAAAAAAAAAAAAAAAAAAAAAA/A32g2A+CIL5g2tSRIKwbYqIEWv3uZU3xCdAfP+D2I8ZbvAR+48JEHtxLy3ypVm363aidW3nl2/mlxa1Jfbi3169bhtR/mI7r935aZkN89m++ZScP9fOH+Ru3M7H81t1e0bWe+ZqdLWaJ/kxAAAAAAAw0SyNLESdaYnO95alpvTmW+f3VjAlIp3/D/Sc76fk/6kRLgQAAAAAAAzkN56XnHLZ9UYTGCP8XUMHIsPdfjkwT2QahojEesxwq+JjCisiJ7fklAy75J7AFLcz29Fu3Mfc+B+b0QRXjjv4Q+bwY9MVBAmRds90uGc9fwUAAAAAJsuP88C4ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOk1iq8uG/caAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD/F9wAAAP//SmOyhw==") (async)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x6}, 0x18) (async)
mq_open(&(0x7f00000002c0)='-.{\x00', 0x40, 0x80, &(0x7f0000000440)={0x9, 0xd78e, 0x5, 0x1}) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0x3, 0x6}, {0x0, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x48080}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) (async, rerun: 64)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}) (rerun: 64)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
syz_clone(0x40000080, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
sendmsg$rds(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000800}, 0x4000008)

1.635457638s ago: executing program 3 (id=2641):
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x200000b, 0x204031, 0xffffffffffffffff, 0xec776000)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
r0 = syz_open_procfs(0x0, &(0x7f0000000200)='environ\x00')
preadv(r0, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bf"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)

1.5398711s ago: executing program 0 (id=2643):
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, 0x1c)
socket(0x2, 0xa, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x19, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2688634c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.381505463s ago: executing program 3 (id=2646):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
openat$zero(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffff"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
fadvise64(0xffffffffffffffff, 0x8000000000000000, 0x9, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x36e, &(0x7f00000007c0)="$eJzs3U1oM0UYwPEnaZImeXmbHERRkA6+CHpZ2uhZDNKCELC0jdgKwrbdaMialGyoRsS2J4+Kd0+Ch9KbBQ8F7VnoxZteRPDWi6BgBXVlv5LNV9PGpMH2/4OSycw8uzPZSXk27WYv3vj03UrJ0kp6Q6JJJRERkUuRrEQlEPEfo245IfLJd622A3n+wW8/PL22UUx6FWo5v/5CTik1N//Nex+m/G6ns3Kefevi19wv54+fP3nxz/o7ZUuVLVWtNZSutmo/NfQt01A7ZauiKbViGrplqHLVMupe+1f+dsza7m5T6dWdh+ndumFZSq82VcVoqkZNNepNpb+tl6tK0zT1MC0Ypni0uqrnRwzeHvNgMCH1el6fEZFUT0vxaCoDAgAAU9Wd/0edlH5Y/h/Syv83Za5QWFpVTud2/n/8zFnjwesnc37+f5rol/+/+KO3rY783zmdaOf/Ne/8oDQ8//9cbpD/92ZE98vI+X92AoPBaOYTPVWRjmdO/p/237+uwzePF9wC+T8AAAAAAAAAAAAAAAAAAAAAAP8Hl7adsW07EzwGP+1LCPznuJMGHf9ZEUk6R9/m+N9laxubknQv3HOOsfnxXnGv6D36Hc5ExBTjb7ubszaCK4+UIyvfmvt+/P5eccZtyZek7MTLomQk666nULxtL79aWFpUHj++dZlSOhyfk4w8Fo7/2l2dTnyuM97ff0KeexSK1yQj329LTUzZcSPb+/9oUalXXit0xafcfiLy860fFAAAAAAAxkxTLX3P3zVtULv3LSP5kvsxkSELkpG/+p/fL/Q9P49lnopNe/YAAAAAANwPVvODii5Ro+4WTLNfISUDm8ZQiHXUxEWkb+dEV038qi3PhGZ43fEkxLuDyX+d1xfBq3qTqOAfKZyBt5r8O6rIaOMJ5u/WRGLP/u43/XnTeUUOxF0AB+GmqFwjPNY9+HmnQvXt/Gjgdg79ibRqgo+NEgNeZ1np3U70ipUQ76mxI6MtgCc++/KP8b1BXjrxV8D7wzsfmoa9L9c5KF0FZxe9TfGJ/+IBAAAAcOvaSX9Q83K4OXwjkfDNcvjLPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYzSRr/TrKgze++xtThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYun8DAAD//7ct9c4=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x100000b, 0x2013, r2, 0x0)

1.333084794s ago: executing program 0 (id=2649):
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x28a4c1, 0xff)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
unshare(0x62040200)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x181001, 0x0)
ioctl$SNAPSHOT_FREE(r0, 0x3305)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
r1 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r1, &(0x7f00000000c0)={0x0, 0xfc00, &(0x7f0000000140)={&(0x7f0000000640)=ANY=[@ANYBLOB="2800000014001901000000000000000228"], 0x28}}, 0x4080)

957.160961ms ago: executing program 0 (id=2650):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000005, 0x50032, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000e000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000000ffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffe89, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0xfffff000)

907.603132ms ago: executing program 0 (id=2651):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
pivot_root(&(0x7f0000000000)='.\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18)
process_mrelease(0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000554a1800000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r6}, 0x18)
r7 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [], 0x6b}})

833.016424ms ago: executing program 1 (id=2652):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x8, 0xd9}, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x0, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = syz_io_uring_setup(0x69b7, &(0x7f0000000100)={0x0, 0x5aed, 0x8, 0x2, 0xbffffffa}, &(0x7f0000000080)=<r2=>0x0, &(0x7f00000000c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_SYMLINKAT={0x26, 0x44, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000037c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00'})
io_uring_enter(r1, 0x1c3a, 0x106a, 0x22, 0x0, 0x0)

816.038044ms ago: executing program 4 (id=2653):
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000006000000000000000085"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000004c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffd}]})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
semtimedop(0x0, &(0x7f0000000300)=[{0x2, 0x40, 0x1000}], 0x1, 0x0)

793.650035ms ago: executing program 1 (id=2654):
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b708000000ffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffe89, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r0}, 0x10)
r1 = socket$pptp(0x18, 0x1, 0x2)
r2 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
fstat(0xffffffffffffffff, &(0x7f00000006c0))
io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6})
ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000c40)={0x0, 0xfe72})
ioctl$MON_IOCX_GETX(r2, 0x80089203, &(0x7f0000000a40)={0x0, 0x0})
close_range(r1, 0xffffffffffffffff, 0x0)

756.743445ms ago: executing program 4 (id=2655):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000f2ae433f03004803d162256eb8f66aa2008063084b000000000000000c00", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000540)=[{&(0x7f0000000400)="08001efbb07d586e", 0x8}], 0x1, &(0x7f0000000040)=[@ip_tos_int={{0x14, 0x0, 0x7}}], 0x18}, 0x804)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="070000000400000008000000d900000000000000", @ANYRES32, @ANYBLOB="000000ffffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r4}, 0x18)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002080)=@newtaction={0xe6c, 0x30, 0x25, 0x0, 0x0, {}, [{0xe58, 0x1, [@m_pedit={0xe54, 0x1, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x4}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x6}, {0x1000}, {}, {}, {}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x20000}, {}, {}, {}, {0x1}, {0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {0x0, 0x0, 0x7}, {0x0, 0x7}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0x2, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {0xfffffffc}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x9}, {}, {}, {}, {0x0, 0x0, 0x10000000}, {0x0, 0x1, 0x0, 0x0, 0x0, 0x2}, {0x7}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x800000}, {}, {}, {}, {0x0, 0x0, 0x2}, {0x4, 0xc000000}, {}, {0x0, 0x80000000}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, {0x0, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x23}, {0x0, 0x0, 0x0, 0x404}, {0x0, 0x0, 0x0, 0x2, 0xfffffffd}, {0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0x0, 0x100000}, {}, {}, {}, {0x0, 0x0, 0x9f, 0x0, 0x0, 0x1}, {0x20000, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {0xfffffffd}, {}, {}, {}, {}, {0xfffffffd}, {}, {}, {0x0, 0x0, 0x1, 0x0, 0x747}, {0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x0, 0x6}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, {}, {}, {0x0, 0x78}, {0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x2}], [{0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe6c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
close(r6)
bind$inet(r6, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r8=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYRESHEX=r7, @ANYRES32=r8], 0x20}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@bloom_filter={0x1e, 0x800, 0x9, 0x9, 0x20000, 0x1, 0x7fff, '\x00', r8, 0xffffffffffffffff, 0x0, 0x0, 0x2, 0xb}, 0x50)
r9 = socket$netlink(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r10, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r11 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r11, 0x11b, 0x2, &(0x7f00000004c0)=0x1000000, 0x4)

688.500317ms ago: executing program 0 (id=2656):
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x200000b, 0x204031, 0xffffffffffffffff, 0xec776000)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
r0 = syz_open_procfs(0x0, &(0x7f0000000200)='environ\x00')
preadv(r0, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bf"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)

604.108799ms ago: executing program 1 (id=2657):
r0 = socket$inet6(0xa, 0x80002, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffccb}, 0x90)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
connect$inet(r1, &(0x7f0000000280)={0x2, 0x4, @multicast1}, 0x10)
sendmmsg$inet(r1, &(0x7f0000004540)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000001100)="15", 0x1}], 0x1}}], 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}, 0x400}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

603.897338ms ago: executing program 2 (id=2658):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a5000000080000"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x4}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f687372"], 0xfc}}, 0x0)

565.270679ms ago: executing program 1 (id=2659):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0xac, 0x453, 0x10, 0x70bd27, 0x25dfdbfd, "adad60159d51c640f606a6b281607289051606382a60f45f3ee15c93c3484a34f2370c7f5284f19d792e4083aaf861006c197748d260fd2532d8865c8de41034ac70f894031147264e50c5c19f648acb95dc3c1520d020c6ba616e2bc401cd7bbe87bab33de4e6545d2c0929cb83bb26f216ff5d55979e07641d62536fb71e78ed6b57a8f87d87e8156f4f53255a51826b160bf516d7d77c7eb91577", [""]}, 0xac}, 0x1, 0x0, 0x0, 0x20000000}, 0x200408c4)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0xa00, 0x81, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000009c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000180100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000008740000000c0a95c900000000000000000100000008000440000000000900010073797a300000000038000380340000800400018004000680140007800c000100636f756e7465720004000280140001800c0001"], 0xe4}}, 0x0)

543.22049ms ago: executing program 2 (id=2660):
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000440)='./file2\x00', 0x0, &(0x7f0000000480), 0x1, 0x3da, &(0x7f00000004c0)="$eJzs3N1qHFUcAPD/TPNh0+pGrV5owUgRgx/5aEpssKCCl15ZX2BN0hLdNrZZwZZcKIh9APUBxMv6CF6Id4LgTfHaO6VQJMm1rMxmdjNudmO+ltHu7wcHzpnZ4Zz/zOyek3MOCWBgTUTEpxExEhEfREQlP57kKd7cTtnntjbWF7OURKNx+c+keX5zY30xCtdkTuWFyTQi/TyJZ7vUu3br9ofVWm35Zl6erl/7aHrt1u1XV65Vry5fXb4+N7OwMDN3cX5h/thi/T3u/Hbp3tuVL38+9+uP7787n7X3dH6uGMdxmYiJ9j3pNHXclZXskUI+GSqxIRxIGhEnImKo+f2vxInYeXiV+L5SauMAgL5oNN7oKAMAD79Enw8AA6b1d//mxvpiK5UxD1GWB29tL15t5mubW+34h9orIcMd61vHaSIivvv6teeyFH1ahwQAKPohG/9c7Db+S+Ns4XMnI2Is39t1OiIejYjHCvvFDmuio7x7/JPeP2IVe8rGf5cKe9u2CvHnxk/kpSzm8RhOrqzUlmfy+CdjeDQrz+5Rx9nLT//V61xx/JelrP7WWDBvx/2h0X9es1StV48Sc9GDzyKeGeoWf9Ie/ybNuA/v9Rt3n+p17t/j76/GNxEvdn3+Ozv3kr33J04334fp1lux252XXrjRq/6y48+e/9je8Y8nxf2aawev46cLK7/0OnfY938kea+ZH8mPfVKt12/ORowk7+w+fn7n2la59fks/slz3b//Z2LnTjweEU9ExJMRzeM9X+guXql9+/zh4++vLP6lAz3/g2fGvrh7r1f9+3v+F5q5yfzIfn7/9tvAo9w7AAAA+L9Im/O5STrVzqfp1NT2PO+ZGEtrq2v1l6+sfnx9aXvedzyG09ZMV6UwHzqbzxG2yuc7ynP5HMpXoyeb5anF1dpS2cEDwIA61aP/z/wxWnbrAIC+6dfmdgDgv0v/DwCDR/8PAINH/w8Ag0f/DwCDR/8PAAPlKP/XT0ZG5mHNlP3LBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQrr8DAAD//3JA1T8=") (async)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000100)={0x1, 0x1, 0xa, 0x20, 0x1cb, &(0x7f0000000480)})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x143042, 0x80)
pwritev2(r1, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfe}], 0x1, 0x5405, 0x0, 0x0) (async)
sendfile(r1, r1, 0x0, 0x7a680000)

479.063331ms ago: executing program 2 (id=2661):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000040), 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
readv(r2, &(0x7f0000000100)=[{&(0x7f0000000240)=""/20, 0x14}], 0x1) (fail_nth: 1)
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})

477.849071ms ago: executing program 3 (id=2662):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYRES8=r1], &(0x7f0000000500)='syzkaller\x00', 0xfffffffe, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='selinux_audited\x00', r2, 0x0, 0x800000020006}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000540)={{r4}, &(0x7f00000004c0), &(0x7f0000000500)='%-010d \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001740)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ae0210000060a0b040000000000000000020000000900010073797a30000000000900020073797a3200000000b42104802800018008000100666962001c000280080001400000001508000240000000030800034000000032882101800a0001006d6174636800000078210280090001006473637000000000041003009153a04709dd3ce609dff7ed79a6b495475de7fb1ab757cefa6702b550641f1bc0f33a205505b2569471224ab9523b742af6a2a799407d48bec685a43c9fa1d84b2263623a39fa7d2373a858b35457216ee91bd3e98f97181b6f0abca47a3e5db91f5a0059d45a24730bddc5915ad5fcd19265f5dfeea8638bc7f3fe0fbefe12776b861bc591b7543536ebd3cf666a7a6366a7bb51f1011cfc40d26ccb7d27cba7e3ba76c82ccf6cf21f62bdb5c1dc9ffb5512c0c7f263fc19577efd96e3f8ea7ac0ac6058e344d8b2260c3f70badd0035a121a24d3926c18cdbc7b4e397d2b9925b54f549aac05575be911f1b0bc0b09114366933dd498a989085f3021f1dd0541a533516d85ac8a617621fa0ad728e5e77147cdcd4b310860e522a3780c8a92fc2e58a97d1bb432ecefbb0c85518da22a1071df27d204aabf65b3fc1aa04a6903a07548b4a2ee8b033821e727959b52528ae4bb4b8a7b9626b898bf1265b92540c67c05b476d1b9d83b7e43343748755e11081fe2394c817fc4e1d5962e929a9a85b66da20a7a100a0fe3ace658286342838271e7ce0765240260d67a0ab7cf8c601743c68f0ab0406e1a3bafa7561bdb08bc2002ad33e1bc80c1cb0dd72b6ac3f7c93bbea95be309848ff5194e98ac171c7495623e773062affd7a1de1a86bc8827c5ea24d4dbe3cfc37eaddf1ffaeabf7cdcbd4795004f18d4caea50c2da08b71c9c5df1f8f15a9abb7a822ba57348d14a6d022c66d9e60bdc2809913e5a0408d0a6c80a29ee8968d0160a54d5374680f0326ff3a2f38eb16288a92680f4be3f78f999a65b12347903a7c2860b80d72bf27fee3d3cf7728fecccf6c737ea08c570b829f19fb19959580332a5bca3f03b088178b2166783a0390748525e347a8f016687b179293a3a47087094d714204c50f5a65868656786453bd9703dcea9978b736118fa03e9fb98da62bfc21965149aeb03d4800c1b0fc3861ef8582e8017b0e5965b4f474af98e9d7785d9434811345b82644e2086239657bd4fa760f5478d8dda0e781da9f1fece3d0b587ded634479b6eb41d01cb63b8ffcd4aac7dea43645098cb48820b2d68a8bc7f0bd301a77e38ec0ee1148d897515e7b152034f532a350470419fff34b4ce2e69173fc26aa1edfeeccb5ca501cb3aedc0d68929a763add304818b220d17e936ad71109f5a8acd6e330f4a3ba6d05c7e0565f9a2b6009574906e30fd5af8d7a685696621c424d8cdc0126bfeb849084fb4feb66d5c6a05333f644367f51025d612d81d581adf3e4a7fc251f967908b2753b674e28a1dc3fd5401999eaa4b8b4322563f758e3402c09d25c6e73868a00be511726cdd5f53271f01e90d2f4f6c9927fae109198af082b2466449916e80060af83eca3780f7b29054fc1845d65bd40d5db892e6fab09bb84ca5ed0ff656fe8885144eed780e1a79645d6fd5af589713567786967376fdccbcf512ccf8667fd7d9cfcacae33ce247e1eaa90d7e9e64705d792fb3e89c638bb0a43fecaec2bfd6d4dfc24eb9442b3cab0858dceca92cdd6f7270f7733817230983187eabbce5544e0c92591069dcfd48a8e5e35f0316d549f31e4986335be22edefecfdb91eb8c35a9e32c20a58b6ca8a8e8f028ee45932956c56083694f62785f69807fa29dd56ebc04d7a47993fb9319f233d3c8ebef5139240a78f1a7bcdb3a985b79b7feb1d2d2868100c31cbba6bb6c776b92fbc6142532e4f4da848d974bec9d93c4927c6f93d11f7206082555ea18ba1867dd774d0d03c981f67e48f6dd507bf36d5fb0f7f7314a2d1c404bf6ec5f7aa61253102ee66dfd9db5562b3b155998378eee2a0b67f284ffd92be2416c9dfca460c4140c6ae310830971d44044140e895388da8fb1e1f8819973f5565fc42cd08f8847b5ab1409da27f8383e666c01cca9e3c95b49c5e5480c036fb504b07127583be1375fb400920c68ce11c6326b0936b468d88956387e8ab3ad821e03a39e0a0af2cc0814850a1f9246b94daaa43b06af1c1c530e390e566dd0fd9a5c7179b6500ef5fe169f9512aca335deb0c28051ce51e903ef34affd8205edc8858123104d6817f4a6ab59de833f27a573a57fab47ea8c71819cfa2809f8d0ff310cc369e76a89c7beb05dbc75da875f41b9454fcb83fc3f87119d8f4a7fe28587abf7469fb5e06d75754ceda96612ee14c81ab1f774928bb3bd50c4c4580448449904c0a6d90b04718d85829b72568b0dfc8caa7bbc52d6a2740845a9c6d06899ea6a5d60e68312a8dcb92d51c09b335fca73df180d5c04988c17e4915c95ae3c1b6a63cd4a40d1e0395c35d8c054c7d1a8d7a73015b0f21a974d84445aa8bad3a0f96db711e2083d4ec4e2166451c20ab2664de0dfc28e46cdc9355c3d4f122a975d67e40e9e9d4a7171258977540619083e5f1a9e0b884726f9721fe54c2bc20fc597370854f74d65780bdfb0e4ec8861131eac73120b20c750d53b3bd800a59c83b53e714151e20506399a82484a8fb0af514f46269eaf6329f1b818e479832572212f1ccd204a0013353c15ba7ae0f163f5f8728876ee763859a950217f55805b16781b99c570a897d5526b93f0e5d86d974d067cec23f3839db7e15c6f3516645a21b8c956a0346a769e90a430d49d57ba0e58ddc45cc5e8f97948bceaae05ecc6ff36e3ca0236416e0fdc71ef46739a588dc8a23366d01288282a2ce2c47609abbb4c80a412ada0bf6894aebcb95d04824836d3c3f0ced848d76cc415eeeb31fe85a68ad68810e5b16d8a93ab23e73131314f585472828d74854e8c147730607a4041fdbf98e933524021bb7e86cb468a001f91ab3fcbf02ba951def880167b1e01688b26802ae6e31bf48982b4e0a332d15ac45f8af06b740a882c94cbf976ff5035343d2e4485c694ede7954c038740830820ac54e9fda53b29ee3ffc1401a15e10772f224844cb88c1059524c52b9301049d1b626ad0a1de235ad4fda9424501d6de2b9c71bff9683f30ae187a662fee2df850783db3a4f671262bdcdbe3e76feec6533999b3926f8c26d1b2b8b7e44b81c2a77752fb15c61414b6884b44412188dd23b0fc52bdfa7ea52aef412075581e1323181ae34a86390d38a713aa6568db497ca0a9fc2a09729023e052ba59fbe1bb13629005871e0338dfb69e5afe8b7211389ddec86644ea065dbd5ed7908001440856d67d77ace8dc9f2f8028fd9be217ceea04be069ffb13d9aaf6645bedd3e6c1e4596033206b06a41a024897416fe81ec10c15f4eb6e9e35acfa48819d6bbd8b6427b695bbe119a9a5019abe58d80f7e11dce5cd56201676a10f22be24601b97f6732d800760d1ab31a87a6a1442667f2068946b24167dda85acfa818b28757d9eb67368124ca8c3d39aab854cab4e32508b62ffcaa0ec071d30c1dc69f855a4c971f35ce290fb8c520ddf2fffd54733401f385d715a04fa9ee5e291579e64f117448a0a9f56edea41539b423e2164b367728171eb2a79e1d5feddb8ce469fa63299a36572c66d4e29cd29b980efabbd49a40e15539fe27f4350e6d8c72db58818a056f08061dcdac3c6fa92ed00a556a5f785d61c5ba585ec240261246fb6089dc25d95736410f2c4ece4e9f268ba7ee2da0acdcdb4062a9b5b4389d699b46a915e80ab33777305760d6498d38b1b46649789f6b7776fa074eb9baaddea834f3a02088f2f2518969d1c2d2416af86abc2ed66397480f3869bd4eb4bc4d8a1f17f8bdc9ee340bb39c3fcac5ac6bf65a3b2148d185609e1f4c76adb3e9d6d47a31c4e20ae29a8e0e81b2ee22ffcd12777fd1e3d8c2de83610418da0d0349cf0a99e20b10680cc3ef2a3e13ae46825c9f172c73df249dff50664a78389603671ece11b2777e3015646bdb9e64da78499c94fe63c12e1a9981006d1a1653b5387231044b9c42978567aca87920851944166747b5e416f259ccc1be44c52a0f033cd6199421c1f19844ca996997b4c7dec56b289fc6708138801557f36e0cbad8c2d1ef86128d10683ccb8e659cefbe7d2523969c4c58539c520644dadf4aa1793622cd21f36ef84069f20add9278ce5b97d43f818a88a430ec39cf1681b080d617af5232086948b351d88d47c2cbbace772fd8580c7fd817658341c8e39b6843ac9cb78aa48f96fb39706622924169ceb6970021b86ce302f81f74ded068018791dfb1a9e44fcff9367c8cbf7b5229b1c1112328bd52cfea6b49f9e72b61ced9358b7e63f404ef2a3d891002cd024be68d268541af228df1873878f964035fd39634b33431ea3dd25ea1dd601a14a8286d73248922b2e3e72e550ad18e9a6c68568bafe85fd985d1fde1fb7368a8415b39b4ff30b2d4688fb6a4b775f57b1dc141ef065ff7f2d6551a1ce8f38c7d0676ad5d11d0dc4c8b375c72d9fcf20fca17ffaf2805a4527620498f76ee08af54f7e4969b2b82b828519f2c3231f0d9732fe574f918d8c0cab45c3b081db6a83c28c54550ff0fe3aaaa5d068cc5e42c6700788c17e30b43f6096ec55a8b551c4c1daaf61557f61c069102872920cf71e99dc256b78913aabe6d6bc9e1471f3a616b43bfb515412c5e0862f4ca417bc9dc48c8bacfec17f25d8286ab13be939757281457d44fe855a20e76b337c3eba4d7c51851088f234ab09b733a279af93215d75268178cf7106d9fd7777cea6363e3b3c24f7f35f22f75d2116d68b91810f70c7f82fe8f0cfdd9d5374759330a6b105f2a4a6777aee3e9cdfb92421c4f6ec5ba554052c78d118b58568736ff4641b679a7b1a9ad1374d1f3e305ebfa810b54e17e46650c1c97ab42e208d33c1817b390cefd2abcec74516d1b3995c9e5b7b7399a0e14bf895af84ac9b42f772a7180fef9b4cc628c1f4ce776eb6c29b5a3a98c230f28633c5fe0490fb39f39d5f796833f781708c5ee5d6f830c64bc999dcc817201d84211b8dbaba63ae062f7a011791a96f2bd7e89e0afe0f03b8d0c35985378a112db6cef0ac205c873f759fcdb04c5cce279df7f50db7eddd6ca0555728d5d1873c0fb064ca8bbe718f703fab9a7b60312fcdbc70aa41b6336f83d8d14a5c4e5783d87c119e11c0b54941be6ea2d97fee5f393fc27165f474a273655529d86af8b16993cd47006738ca71fae415cee097584b2cbe3e9f933e85114ef6a24eccc3bcc60f65b0048eed67a95ee74aa6c2e2fc5e6a168a923de7b3be45a73ec44cd2edd9154030811d3ae8b450278f929a06d0bb160af1366b2a7bbf431e82d5b0b84a8ae1856a95950e75f3880baa83c4c14cdb6b28029d886a1a7e92aee7b19dba39ac0ee40fc9bb53d55950cccb1f56b1ab102dc6c37e6af58970a34c9d6be6a9501a129343db66db61fb9733610e08f841d1f63f879885f53c814a61986fbda23d895e5105263a7fea53beff234e415a2876bba73b7719d2e38326465fc676c1853293acf6c99e6a5b1c119d6dc5f94d28f2fe444a08c30c9e82c730fff846c4dce48360a9eca970b36cb0e1b6aef8f3eaf6049d848ab2d0e85d9348693c406956c94206bba61761e4cb4f7a22d736b012efbd5c86d6db1a8ee8b8cfaf42d6bbd3cc3bf779ff17d1286a7f4ba9d37ac44dcc07a22ff9a54effdf90bbdce3a7b68fb1c3db8059b9db2eefdabaa8fdf04b9981c800b3aae454b696a8c6238efa159316462f56231abc2babf9cbbbc7844978f0e115c5c35317f220c4d4667bf092ba40bfb2636eb152682098b32c38b8bcc2220ee11aa2923976bc262ff5a1f08f2c17cffac082c289929c0aa2958fe080001006f736600080002"], 0x2208}, 0x1, 0x0, 0x0, 0x20000884}, 0x8800)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r6, &(0x7f0000004200)='t', 0x1)
sendfile(r6, r5, 0x0, 0x3ffff)
sendfile(r6, r5, 0x0, 0x7ffff000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, 0xffffffffffffffff, 0x0)
openat(r0, &(0x7f0000000240)='./file0\x00', 0x62100, 0x100)
faccessat(r0, &(0x7f0000000000)='./file0\x00', 0x5)

375.144693ms ago: executing program 1 (id=2663):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
r1 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000ac0)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000005feffff720af0fff8ffffff71a4f0ff000000002d030000000000001d400500000000004704000001ed000072030000100000001d44000000000000db0a00fee10000007303000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
connect$unix(0xffffffffffffffff, &(0x7f0000000340)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94)
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
write$binfmt_aout(r4, &(0x7f00000000c0)=ANY=[], 0x20)
openat$incfs(r4, &(0x7f0000000240)='.pending_reads\x00', 0x1, 0x10a)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
syz_usb_disconnect(r1)
syz_usb_connect$cdc_ncm(0x3, 0x6e, &(0x7f0000000080)=ANY=[@ANYBLOB="1201500202002505a1a440000102030109025c000201112005090400000119fcda8db76130020d00000524060001052400df000d240f0101000000000003000506241a01041009058103ff030608050904010000020d00000904010102020d0000090582020004f102060905"], 0x0)
ioctl$EVIOCRMFF(r1, 0x41015500, &(0x7f0000000500))

331.593874ms ago: executing program 0 (id=2664):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x0, &(0x7f0000000080)}, 0x10)
close(0xffffffffffffffff)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000000e00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adffa87d2255f674412d020000000000005ab527ee3697f1ec4436dd1164aa93cc5800075557165397000a63f6b9b3f427f6ba6b34f98125f30e697fffffffffffffffa30b273683626e0003254d570dca6b78ad833488cfe4109eaf009edd3e69613d3cd6aaa300006eee8501000000520a0000151d010000000100bf00000000cc587424363dc6ad7f3bbd424c6e6cafbe9309aba218a52001a3cd000041f0db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de4758c1096a1dc52f29e470a000517ebc406e89dcbb7677e6528b0856e31ed9474ac24cf609068f645ce971fc0480737a55ebb0bd701f7ff21e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d933bed759ff232cebc68b91af50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56d06c759da324a39f7f51b870b2851c3f0a1aab71587a21c8f1b3369ebfcba105a6ccdd01b0f04edb256c604f068773f6ff000000000000006ffbfe5ca32142b0195531458b7d1e341c6f864f983d745f5865aad41d2915aae7602a2d6cd415e8351ebc4223f54d6bec664709ff03f1aa3dc7f1580ace9bf2afd28d7157e67fb98d121ad6eb372713255012e028cb2654d493a0b4b35faae176c89b745eda2967199cc936859a537e8e4871d4acf3e3dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0cff28235a3cbb5d33b09bc30cf2880c586272c3f4d79bc36305745cb1cb385e6add14652003c7cdd3324f07d134d3ed07f1c10900000009dd872ec66ea6c718bbd1aa59114000f0be4c6f8df084c5e9734ae30aa9afdc719bf01ab03a9b1074407136b4506000f0916a39d3057d50183612b39e73aeeb6eaf14652dda68e98ef938e6515a94a71836469e2051d9b7eb85f3f2d5ae2c51944da8d7391d6d6b97419a3b7660df4c5124ca425d374b371867a79b31c6617fc3327191fbf514573f0e30d1d60be2168fe6c2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257b84000000b749ccd74089ed6b86f81ca3d247d8f71d290ed1b1a11f7a67125170c88c3b6a50696332226401b110da9c786eeca22debc99335583b54c13c3130978fa069af8223b38ced735c2d905f51ca85ffa4add5647489b3960127696cf2f16625c0c102000000000000009ef52134842e64171f3963841086e3797a4825d081f2d987f05c5341877386ec55d7dc958fd235d6071619a65d4b82d9c162f3556076b80550d961ca74f1ffdaccf0ea5f02e0fca8b27ff3983ab74fd3d560700a1fbb44e77e312b3b129e000302d613916c9bcf9f0000fac73adb6bfb27f88dba816020be760f7b45e001efada800000000000000fdaf4660402f7b3b79a433e08074ea2462974ab2cbd247eb1cfa2638f56daee57ed14bc74de0fd87a9ce638190f3570e0b4c80ef682df22237270955afb6008846557ee3bc09fda6dbb6542e597300eb82a184c96ffde5a30e5433d86666cb045bdd02c804c22ff2635c7bfbf5c0d586cda5e1e88a4d41dee7cc74f822278d124638fec58faeb48afe324369cc51204158bb440df2a694f4cdcaa4f65c22f000000000000000000000000000d503d79906958102000000000000000000001ffff0ef89b2a635edb2dd163e863315e84498dfb52b7f54da6398cbedaa42cc17c4563c859656a357770289a61faa95a82bf1cfb7f2fd7252e9322abe282c3344fc6738b4467893b9bf0d1c8130ae6b226900110635376413c29f7c6f7b7e29b9f4bddd5e328661f4046e01f7d7dc22174e5e627a6f608ad53a4168d4d8f7fbc71104512efe8e5d7d934aa289b4db2b870000000000000000000000000000000000000000009b777883a0f9cf4ad155110cd3ace2b322ac31bfa27847dc99c8a69a1ea5b98e525e6393ad7fd9795170e7b11e4fa990b9386910a6a1a66a70eaff01247603c2ff49d3979676bffb3049166ab84a0f061991bd57c2566c10c282352a5105b6164e3f2491e4793e590dcc71de10da96fdff40dd44a2c9882d3aa0f8a797b8fea6efcfb5046b7679f15559cdaa977504c40b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd50c5e22ade17556abb722d9c085b189b5fd1f30e8dc813f60400fde1f88d830b11002135e8e7262f299ed7923bfbe00ad88be179e56b41ff3792cee2fc37eee739c3e3af923e8738d93d583a9cf00b946960fc38cf85aae7cf708f9a9d166f2e352a06d99b8be476d1cc2a53a859ae4fdab2a987925d12422474ac044ffe9fe2bf9bf9bbdf36c4ca89c516647542ac45545337829fa7039d155ebda42d4c14f4ca7f8b5d5842658c62d0a03092b94fa1b19f190000000000000000000000000000009e75a32b9fafeffd890f2759b0fe3add33fa43a4c3995458f86a926ad56b23571c46728c039cd3b4bb7d69dfa27782b953a7b81cc161912b3e5716360686e126311a7e21bfa2efd0f57b90c203528c8f620d3c7b31c7abcffae382f53500f7cd5d00159e5f741d3e2d2cbd1a04b3f39b50a4683daa7d117b7f4a149c954d69d8ab001339e464c8eb5f0c63899010757c9a3b69f4920531b83f71d5a34ef9405819afee15b77c015ea755c95127ff2274bb9a8463ce4b8c08ad70596ad2b2b044e660ed144b9dce372450ea69d25da2b6deed67fac26e765aa7d5532ba1044f62db049486acde2294127cb767c23da7d8f9844d3be5b6aa83ee4ce1876af5130efe1b64ccb6bbd349bcc0e8deec8ab3bd1b35bbc8ab8a152771744baa576b9223d26b5603a7f091be1264cabaf661fe2dbe7990a61f710f923f2337818a3983d06c11a6bee7fccb78a53c56db5c18f920d2194374db665dcadf53b8d0014e682ec721d67a7ab6c817fe53c86f8900000000000000000000000000000060b7b827c56e973a2ab5bc5c558ada68c4ec3762f5957b20b919af5d53c87de056a397bdcb614c34761e2c815698e1f9f5521a385c2910850929040a4eba573e91ca21fc855358120ecd79a5d7007693ef3ff9d2b993d114443d53c53094e516f675b2a7074584714e7a2015e05e507811b4ca89c39281c9ada5f58ceb55893cca783ab09c9a19836a3a2c715b10436a5731549e364679ecd8461a68433ab52b1108831edb9654dc602183c1170d6881647f6dca15d57fb76357d815c5f1000000000000000000f49e327c0b6e511494466cec78650f0a6267"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x7}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x803, 0x6)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000180)={r3, r1})
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, 0x0, 0x48040)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
lsm_set_self_attr(0x0, 0x0, 0x65, 0x0)
sendmmsg$inet(r2, &(0x7f0000000b80)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f00000001c0)='J', 0x1}], 0x1}}], 0x1, 0x4000)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r7 = socket$kcm(0x1e, 0x4, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="1100000004000000040000000a00000004000000", @ANYRES32, @ANYBLOB="b80900"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000018000"/28], 0x50)
setsockopt$sock_attach_bpf(r7, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r8 = syz_io_uring_setup(0x794a, &(0x7f0000000000)={0x0, 0x7836, 0x80, 0x1, 0x23f}, &(0x7f0000000080), &(0x7f0000000180))
io_uring_register$IORING_REGISTER_BUFFERS2(r8, 0x24, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[], &(0x7f0000000600)=""/4074, 0x1f, 0xfea, 0x1}, 0x28)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0xfffffeec)
r9 = socket$kcm(0x1e, 0x6, 0x0)
setsockopt$sock_attach_bpf(r9, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
write$cgroup_subtree(r9, &(0x7f0000000040)=ANY=[], 0xfdef)
ioctl$LOOP_SET_BLOCK_SIZE(r6, 0x4c09, 0x1)
close(r9)
recvmsg(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001740)=""/4107, 0x100b}], 0x1}, 0x2000)

113.354878ms ago: executing program 2 (id=2665):
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000006000000000000000085"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000004c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffd}]})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
semtimedop(0x0, &(0x7f0000000300)=[{0x2, 0x40, 0x1000}], 0x1, 0x0)

89.721108ms ago: executing program 2 (id=2666):
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, 0x1c)
socket(0x2, 0xa, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x19, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2688634c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

0s ago: executing program 2 (id=2667):
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b708000000ffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffe89, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r0}, 0x10)
r1 = socket$pptp(0x18, 0x1, 0x2)
r2 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
fstat(0xffffffffffffffff, &(0x7f00000006c0))
io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6})
ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000c40)={0x0, 0xfe72})
ioctl$MON_IOCX_GETX(r2, 0x80089203, &(0x7f0000000a40)={0x0, 0x0})
close_range(r1, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

: error, invalid access to FAT (entry 0x00000100)
[  150.090601][ T8354] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  150.163916][ T8366] loop0: detected capacity change from 0 to 512
[  150.175518][ T8368] loop3: detected capacity change from 0 to 512
[  150.192284][ T8368] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  150.208595][ T8368] EXT4-fs (loop3): orphan cleanup on readonly fs
[  150.224792][ T8368] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.1580: corrupted inode contents
[  150.239163][ T8353] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  150.253499][ T8368] EXT4-fs (loop3): Remounting filesystem read-only
[  150.261316][ T8353] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  150.271638][ T8368] EXT4-fs (loop3): 1 truncate cleaned up
[  150.277402][ T5550] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  150.288000][ T5550] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  150.409103][ T5550] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  150.461339][ T8366] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  150.469546][ T8366] EXT4-fs (loop0): orphan cleanup on readonly fs
[  150.478151][ T8366] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.1579: corrupted inode contents
[  150.490355][ T8366] EXT4-fs (loop0): Remounting filesystem read-only
[  150.650381][ T8383] netlink: 'syz.3.1584': attribute type 10 has an invalid length.
[  151.135619][ T8366] EXT4-fs (loop0): 1 truncate cleaned up
[  151.163898][ T8389] loop1: detected capacity change from 0 to 4096
[  151.180501][ T8391] loop3: detected capacity change from 0 to 512
[  151.236754][ T8398] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[  151.244918][ T5550] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  151.255541][ T5550] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  151.275159][ T8403] 9pnet: p9_errstr2errno: server reported unknown error 
[  151.282808][ T5550] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  151.292033][ T8405] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[  151.333922][ T8391] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  151.356707][ T8415] netlink: 'syz.2.1595': attribute type 10 has an invalid length.
[  151.358999][ T8391] EXT4-fs (loop3): orphan cleanup on readonly fs
[  151.372829][ T8391] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.1587: corrupted inode contents
[  151.389324][ T8403] loop4: detected capacity change from 0 to 512
[  151.398283][ T8391] EXT4-fs (loop3): Remounting filesystem read-only
[  151.408787][ T8391] EXT4-fs (loop3): 1 truncate cleaned up
[  151.414671][ T5577] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  151.425313][ T5577] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  151.438458][   T29] kauditd_printk_skb: 870 callbacks suppressed
[  151.438476][   T29] audit: type=1400 audit(1759497904.321:9580): avc:  denied  { ioctl } for  pid=8414 comm="syz.2.1595" path="/dev/usbmon7" dev="devtmpfs" ino=163 ioctlcmd=0x9203 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  151.446669][ T5577] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  151.480029][ T5577] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  151.492787][ T8403] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  151.495353][   T29] audit: type=1400 audit(1759497904.351:9581): avc:  denied  { map_create } for  pid=8418 comm="syz.0.1597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  151.506468][ T8403] EXT4-fs (loop4): orphan cleanup on readonly fs
[  151.519979][   T29] audit: type=1400 audit(1759497904.351:9582): avc:  denied  { map_read map_write } for  pid=8418 comm="syz.0.1597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  151.531706][ T8403] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.1590: corrupted inode contents
[  151.546164][   T29] audit: type=1400 audit(1759497904.351:9583): avc:  denied  { perfmon } for  pid=8418 comm="syz.0.1597" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  151.546198][   T29] audit: type=1400 audit(1759497904.371:9584): avc:  denied  { create } for  pid=8422 comm="syz.0.1599" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  151.562574][ T5577] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  151.579488][   T29] audit: type=1400 audit(1759497904.381:9585): avc:  denied  { create } for  pid=8421 comm="syz.1.1598" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  151.628987][   T29] audit: type=1400 audit(1759497904.401:9586): avc:  denied  { ioctl } for  pid=8421 comm="syz.1.1598" path="socket:[22228]" dev="sockfs" ino=22228 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  151.653944][ T8403] EXT4-fs (loop4): Remounting filesystem read-only
[  151.653947][   T29] audit: type=1400 audit(1759497904.411:9587): avc:  denied  { create } for  pid=8421 comm="syz.1.1598" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  151.681873][ T8403] EXT4-fs (loop4): 1 truncate cleaned up
[  151.689083][ T5550] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  151.699808][ T5550] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  151.711301][ T8431] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  151.720100][ T5550] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  151.743490][ T8431] loop0: detected capacity change from 0 to 1024
[  151.750715][ T8431] EXT4-fs: Ignoring removed orlov option
[  151.757672][ T8435] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[  151.803340][ T8439] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  151.846446][ T8439] loop0: detected capacity change from 0 to 1024
[  151.863359][ T8439] EXT4-fs: Ignoring removed orlov option
[  151.863482][ T8447] loop3: detected capacity change from 0 to 512
[  151.971671][ T8447] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  151.980266][ T8447] EXT4-fs (loop3): orphan cleanup on readonly fs
[  151.988502][ T8447] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.1607: corrupted inode contents
[  152.000751][ T8447] EXT4-fs (loop3): Remounting filesystem read-only
[  152.007566][ T8447] EXT4-fs (loop3): 1 truncate cleaned up
[  152.013430][ T5604] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  152.024000][ T5604] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  152.034707][ T5604] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  152.674832][ T8469] __nla_validate_parse: 5 callbacks suppressed
[  152.674852][ T8469] netlink: 4436 bytes leftover after parsing attributes in process `syz.0.1613'.
[  152.679223][ T8467] loop2: detected capacity change from 0 to 512
[  152.691220][ T8469] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  152.697596][ T8467] EXT4-fs: Ignoring removed mblk_io_submit option
[  152.728334][ T8467] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  152.742473][ T8471] netlink: 'syz.1.1614': attribute type 10 has an invalid length.
[  152.756856][ T8467] EXT4-fs (loop2): 1 truncate cleaned up
[  152.776990][ T8473] loop0: detected capacity change from 0 to 1024
[  152.785552][ T8473] EXT4-fs: Ignoring removed orlov option
[  152.791401][ T8475] loop4: detected capacity change from 0 to 512
[  152.805399][ T8477] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[  152.825612][ T8475] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e002e028, mo2=0002]
[  152.833879][ T8475] System zones: 0-2, 18-18, 34-34
[  152.847408][ T8475] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 42 vs 41 free clusters
[  152.863877][ T8475] EXT4-fs (loop4): Remounting filesystem read-only
[  152.871812][ T8475] EXT4-fs (loop4): 1 truncate cleaned up
[  152.878318][ T8475] ext4 filesystem being mounted at /323/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  152.879977][ T8465] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  152.897392][ T8486] hub 9-0:1.0: USB hub found
[  152.902296][ T5550] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  152.909351][ T8465] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  152.912881][ T5550] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  152.923435][ T8486] hub 9-0:1.0: 8 ports detected
[  152.935975][ T8489] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1619'.
[  152.939594][ T5550] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  152.976637][ T8491] netlink: 'syz.0.1621': attribute type 10 has an invalid length.
[  153.023392][ T8497] loop2: detected capacity change from 0 to 2048
[  153.053279][ T8504] netlink: 'syz.1.1626': attribute type 10 has an invalid length.
[  153.069957][ T8497] Alternate GPT is invalid, using primary GPT.
[  153.076328][ T8497]  loop2: p1 p2 p3
[  153.080133][ T8497] loop2: partition table partially beyond EOD, truncated
[  153.113261][ T8510] loop4: detected capacity change from 0 to 512
[  153.131094][ T8510] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  153.150543][ T8510] EXT4-fs (loop4): orphan cleanup on readonly fs
[  153.169335][ T8510] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.1628: corrupted inode contents
[  153.181520][ T8521] loop0: detected capacity change from 0 to 2048
[  153.188416][ T8521] EXT4-fs: Ignoring removed i_version option
[  153.195895][ T8521] EXT4-fs: Ignoring removed mblk_io_submit option
[  153.202624][ T8521] ext4: Unknown parameter 'subj_type'
[  153.203743][ T8510] EXT4-fs (loop4): Remounting filesystem read-only
[  153.213076][ T8521] Invalid ELF header magic: != ELF
[  153.230059][ T8524] loop2: detected capacity change from 0 to 512
[  153.239168][ T8510] EXT4-fs (loop4): 1 truncate cleaned up
[  153.243635][ T8522] lo speed is unknown, defaulting to 1000
[  153.248666][ T8524] EXT4-fs: Ignoring removed oldalloc option
[  153.260694][ T8524] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  153.271977][ T5604] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  153.282586][ T5604] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  153.298864][ T8526] loop1: detected capacity change from 0 to 512
[  153.308636][ T8526] EXT4-fs: Ignoring removed mblk_io_submit option
[  153.309265][ T8524] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.1635: invalid indirect mapped block 4294967295 (level 0)
[  153.315255][ T5604] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  153.337005][ T8524] EXT4-fs (loop2): Remounting filesystem read-only
[  153.346235][ T8524] EXT4-fs (loop2): 1 orphan inode deleted
[  153.352175][ T8524] EXT4-fs (loop2): 1 truncate cleaned up
[  153.369952][ T8526] ext4 filesystem being mounted at /326/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  153.383646][ T8530] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1637'.
[  153.401694][ T8522] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.1633: corrupted xattr block 33: e_value out of bounds
[  153.428090][ T8522] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[  153.448916][ T8522] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.1633: corrupted xattr block 33: e_value out of bounds
[  153.470565][ T8522] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[  153.481900][ T8522] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  153.496836][ T8522] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2962: inode #15: comm syz.1.1633: corrupted xattr block 33: e_value out of bounds
[  153.511904][ T8522] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117)
[  153.550315][ T8544] loop3: detected capacity change from 0 to 2048
[  153.610082][ T8544] Alternate GPT is invalid, using primary GPT.
[  153.616472][ T8544]  loop3: p1 p2 p3
[  153.620291][ T8544] loop3: partition table partially beyond EOD, truncated
[  153.660773][ T8552] Falling back ldisc for ptm0.
[  153.721620][ T8558] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1649'.
[  153.789581][ T8568] vhci_hcd: default hub control req: 030c v0017 i0006 l0
[  153.806317][ T8572] netlink: 'syz.0.1656': attribute type 6 has an invalid length.
[  153.817354][ T8570] lo speed is unknown, defaulting to 1000
[  153.877770][ T8575] loop3: detected capacity change from 0 to 512
[  153.892276][ T8575] EXT4-fs: Ignoring removed mblk_io_submit option
[  153.922754][ T8575] ext4 filesystem being mounted at /290/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  153.965354][ T8570] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.1655: corrupted xattr block 33: e_value out of bounds
[  153.985272][ T8582] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[  153.993584][ T8570] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[  154.011454][ T8570] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.1655: corrupted xattr block 33: e_value out of bounds
[  154.012746][ T8566] bridge_slave_0: left allmulticast mode
[  154.031080][ T8566] bridge_slave_0: left promiscuous mode
[  154.036817][ T8566] bridge0: port 1(bridge_slave_0) entered disabled state
[  154.047625][ T8570] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[  154.058750][ T8570] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  154.081073][ T8566] bridge_slave_1: left allmulticast mode
[  154.086788][ T8566] bridge_slave_1: left promiscuous mode
[  154.087047][ T8570] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2962: inode #15: comm syz.3.1655: corrupted xattr block 33: e_value out of bounds
[  154.092612][ T8566] bridge0: port 2(bridge_slave_1) entered disabled state
[  154.107539][ T8570] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  154.142822][ T8586] loop4: detected capacity change from 0 to 1024
[  154.170707][ T8586] EXT4-fs: Ignoring removed orlov option
[  154.180019][ T8566] bond0: (slave bond_slave_0): Releasing backup interface
[  154.198360][ T8566] bond0: (slave bond_slave_1): Releasing backup interface
[  154.211457][ T8593] loop2: detected capacity change from 0 to 2048
[  154.218575][ T8566] batman_adv: batadv0: Removing interface: batadv_slave_0
[  154.229007][ T8566] batman_adv: batadv0: Removing interface: batadv_slave_1
[  154.236976][ T8566] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  154.279441][ T8593] Alternate GPT is invalid, using primary GPT.
[  154.285748][ T8593]  loop2: p1 p2 p3
[  154.289610][ T8593] loop2: partition table partially beyond EOD, truncated
[  154.339238][ T8601] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1664'.
[  154.370664][ T8601] loop4: detected capacity change from 0 to 128
[  154.423181][ T8604] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1666'.
[  154.432713][ T8601] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  154.440733][ T8601] FAT-fs (loop4): Filesystem has been set read-only
[  154.464831][ T8610] netlink: 'syz.3.1668': attribute type 5 has an invalid length.
[  154.471444][ T8601] bio_check_eod: 22964 callbacks suppressed
[  154.471469][ T8601] syz.4.1664: attempt to access beyond end of device
[  154.471469][ T8601] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  154.472740][ T8610] netlink: 168 bytes leftover after parsing attributes in process `syz.3.1668'.
[  154.485163][ T8601] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  154.509405][ T8601] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  154.525487][ T8609] loop1: detected capacity change from 0 to 4096
[  154.531057][ T8610] loop3: detected capacity change from 0 to 512
[  154.533297][ T8601] syz.4.1664: attempt to access beyond end of device
[  154.533297][ T8601] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  154.548859][ T8610] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  154.561404][ T8601] syz.4.1664: attempt to access beyond end of device
[  154.561404][ T8601] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  154.562208][ T8572] vhci_hcd: default hub control req: 030c v0017 i0006 l0
[  154.575495][ T8601] syz.4.1664: attempt to access beyond end of device
[  154.575495][ T8601] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  154.595841][ T8601] syz.4.1664: attempt to access beyond end of device
[  154.595841][ T8601] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  154.596840][ T8610] EXT4-fs (loop3): 1 truncate cleaned up
[  154.609709][ T8601] syz.4.1664: attempt to access beyond end of device
[  154.609709][ T8601] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  154.628272][ T8601] syz.4.1664: attempt to access beyond end of device
[  154.628272][ T8601] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  154.641742][ T8601] syz.4.1664: attempt to access beyond end of device
[  154.641742][ T8601] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  154.700522][ T8617] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1671'.
[  154.704085][ T8615] loop2: detected capacity change from 0 to 2048
[  154.709730][ T8601] syz.4.1664: attempt to access beyond end of device
[  154.709730][ T8601] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  154.747306][ T8601] syz.4.1664: attempt to access beyond end of device
[  154.747306][ T8601] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  154.820183][ T8624] netlink: 4436 bytes leftover after parsing attributes in process `syz.3.1673'.
[  154.847806][ T8624] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  154.875659][ T8624] loop3: detected capacity change from 0 to 1024
[  154.892568][ T8624] EXT4-fs: Ignoring removed orlov option
[  154.924922][ T8615] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  154.974305][ T8615] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 34 with error 28
[  154.986661][ T8615] EXT4-fs (loop2): This should not happen!! Data will be lost
[  154.986661][ T8615] 
[  154.996343][ T8615] EXT4-fs (loop2): Total free blocks count 0
[  155.002522][ T8615] EXT4-fs (loop2): Free/Dirty block details
[  155.008521][ T8615] EXT4-fs (loop2): free_blocks=2415919104
[  155.014362][ T8615] EXT4-fs (loop2): dirty_blocks=48
[  155.019532][ T8615] EXT4-fs (loop2): Block reservation details
[  155.025651][ T8615] EXT4-fs (loop2): i_reserved_data_blocks=3
[  155.050596][ T8630] netlink: 'syz.0.1674': attribute type 10 has an invalid length.
[  155.278301][ T8651] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[  155.291065][ T8654] loop4: detected capacity change from 0 to 2048
[  155.298375][ T8654] EXT4-fs: Ignoring removed mblk_io_submit option
[  155.318182][ T8656] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1685'.
[  155.428323][ T8669] netlink: 'syz.3.1690': attribute type 10 has an invalid length.
[  155.469891][ T8643] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  155.487986][ T8643] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  155.622613][ T8682] loop1: detected capacity change from 0 to 512
[  155.630520][ T8682] EXT4-fs: Ignoring removed mblk_io_submit option
[  155.684053][ T8685] bridge: RTM_NEWNEIGH with invalid ether address
[  155.697837][ T8682] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  155.751372][ T8682] EXT4-fs (loop1): 1 truncate cleaned up
[  155.938595][ T8697] netlink: 'syz.3.1700': attribute type 5 has an invalid length.
[  155.952861][ T8697] loop3: detected capacity change from 0 to 512
[  155.960363][ T8697] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  155.972607][ T8697] EXT4-fs (loop3): 1 truncate cleaned up
[  156.236314][ T8708] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  156.251543][ T8708] loop1: detected capacity change from 0 to 1024
[  156.251784][ T8705] loop0: detected capacity change from 0 to 2048
[  156.258876][ T8708] EXT4-fs: Ignoring removed orlov option
[  156.280314][ T8705] EXT4-fs: Ignoring removed i_version option
[  156.307637][ T8705] EXT4-fs: Ignoring removed mblk_io_submit option
[  156.324502][ T8705] ext4: Unknown parameter 'subj_type'
[  156.345420][ T8705] Invalid ELF header magic: != ELF
[  156.390360][ T8714] lo speed is unknown, defaulting to 1000
[  156.415555][ T8712] netlink: 'syz.4.1706': attribute type 16 has an invalid length.
[  156.448492][   T29] kauditd_printk_skb: 797 callbacks suppressed
[  156.448509][   T29] audit: type=1400 audit(1759497909.321:10358): avc:  denied  { read } for  pid=8713 comm="syz.3.1705" dev="nsfs" ino=4026532718 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  156.475993][   T29] audit: type=1400 audit(1759497909.321:10359): avc:  denied  { open } for  pid=8713 comm="syz.3.1705" path="net:[4026532718]" dev="nsfs" ino=4026532718 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  156.499471][   T29] audit: type=1400 audit(1759497909.331:10360): avc:  denied  { create } for  pid=8713 comm="syz.3.1705" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  156.523391][ T8723] FAULT_INJECTION: forcing a failure.
[  156.523391][ T8723] name failslab, interval 1, probability 0, space 0, times 0
[  156.536077][ T8723] CPU: 0 UID: 0 PID: 8723 Comm: syz.0.1710 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  156.536109][ T8723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  156.536125][ T8723] Call Trace:
[  156.536132][ T8723]  <TASK>
[  156.536140][ T8723]  __dump_stack+0x1d/0x30
[  156.536182][ T8723]  dump_stack_lvl+0xe8/0x140
[  156.536233][ T8723]  dump_stack+0x15/0x1b
[  156.536335][ T8723]  should_fail_ex+0x265/0x280
[  156.536370][ T8723]  should_failslab+0x8c/0xb0
[  156.536401][ T8723]  __kmalloc_noprof+0xa5/0x570
[  156.536428][ T8723]  ? fib_trie_table+0x2f/0xf0
[  156.536495][ T8723]  fib_trie_table+0x2f/0xf0
[  156.536520][ T8723]  fib_new_table+0xd7/0x1c0
[  156.536550][ T8723]  inet_rtm_newroute+0x95/0x140
[  156.536591][ T8723]  ? __pfx_inet_rtm_newroute+0x10/0x10
[  156.536626][ T8723]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  156.536688][ T8723]  ? avc_has_perm_noaudit+0x1b1/0x200
[  156.536726][ T8723]  netlink_rcv_skb+0x120/0x220
[  156.536853][ T8723]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  156.536899][ T8723]  rtnetlink_rcv+0x1c/0x30
[  156.536935][ T8723]  netlink_unicast+0x5c0/0x690
[  156.536973][ T8723]  netlink_sendmsg+0x58b/0x6b0
[  156.537007][ T8723]  ? __pfx_netlink_sendmsg+0x10/0x10
[  156.537040][ T8723]  __sock_sendmsg+0x142/0x180
[  156.537116][ T8723]  ____sys_sendmsg+0x31e/0x4e0
[  156.537153][ T8723]  ___sys_sendmsg+0x17b/0x1d0
[  156.537211][ T8723]  __x64_sys_sendmsg+0xd4/0x160
[  156.537277][ T8723]  x64_sys_call+0x191e/0x3000
[  156.537301][ T8723]  do_syscall_64+0xd2/0x200
[  156.537429][ T8723]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  156.537461][ T8723]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  156.537578][ T8723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.537619][ T8723] RIP: 0033:0x7f4c6d05eec9
[  156.537635][ T8723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.537656][ T8723] RSP: 002b:00007f4c6bac7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  156.537678][ T8723] RAX: ffffffffffffffda RBX: 00007f4c6d2b5fa0 RCX: 00007f4c6d05eec9
[  156.537697][ T8723] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  156.537747][   T29] audit: type=1400 audit(1759497909.401:10361): avc:  denied  { ioctl } for  pid=8713 comm="syz.3.1705" path="socket:[23714]" dev="sockfs" ino=23714 ioctlcmd=0x8910 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  156.537772][ T8723] RBP: 00007f4c6bac7090 R08: 0000000000000000 R09: 0000000000000000
[  156.537790][ T8723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.537805][ T8723] R13: 00007f4c6d2b6038 R14: 00007f4c6d2b5fa0 R15: 00007ffc03a2f218
[  156.537835][ T8723]  </TASK>
[  156.696250][ T8714] loop3: detected capacity change from 0 to 512
[  156.731996][   T29] audit: type=1400 audit(1759497909.421:10362): avc:  denied  { create } for  pid=8724 comm="syz.2.1709" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  156.754859][ T8714] EXT4-fs: Ignoring removed mblk_io_submit option
[  156.776402][   T29] audit: type=1400 audit(1759497909.421:10363): avc:  denied  { write } for  pid=8724 comm="syz.2.1709" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  156.805045][ T8714] ext4 filesystem being mounted at /309/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  156.809723][   T29] audit: type=1400 audit(1759497909.421:10364): avc:  denied  { nlmsg_write } for  pid=8724 comm="syz.2.1709" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  156.846231][ T8714] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.1705: corrupted xattr block 33: e_value out of bounds
[  156.856726][   T29] audit: type=1326 audit(1759497909.421:10365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8724 comm="syz.2.1709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  156.867958][ T8714] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[  156.887877][   T29] audit: type=1326 audit(1759497909.431:10366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8724 comm="syz.2.1709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  156.901647][ T8714] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.1705: corrupted xattr block 33: e_value out of bounds
[  156.925048][   T29] audit: type=1326 audit(1759497909.431:10367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8724 comm="syz.2.1709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  156.934233][ T8714] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[  157.039356][ T8714] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  157.055390][ T8714] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2962: inode #15: comm syz.3.1705: corrupted xattr block 33: e_value out of bounds
[  157.059930][ T8745] lo speed is unknown, defaulting to 1000
[  157.072057][ T8714] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  157.218108][ T8753] netlink: 'syz.3.1720': attribute type 10 has an invalid length.
[  157.284666][ T8755] loop4: detected capacity change from 0 to 512
[  157.292299][ T8755] EXT4-fs: Ignoring removed mblk_io_submit option
[  157.299280][ T8755] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  157.311533][ T8755] EXT4-fs (loop4): 1 truncate cleaned up
[  157.328822][ T8746] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  157.338283][ T8746] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  157.375741][ T8760] loop4: detected capacity change from 0 to 512
[  157.383368][ T8760] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  157.395510][ T5843] IPVS: starting estimator thread 0...
[  157.409394][ T8762] loop0: detected capacity change from 0 to 128
[  157.422760][ T8760] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  157.425203][ T8762] ext4 filesystem being mounted at /350/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  157.437639][ T8760] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1722: bg 0: block 248: padding at end of block bitmap is not set
[  157.477195][ T8760] EXT4-fs error (device loop4): ext4_acquire_dquot:6943: comm syz.4.1722: Failed to acquire dquot type 1
[  157.494513][ T8760] EXT4-fs (loop4): 1 truncate cleaned up
[  157.514463][ T8770] loop3: detected capacity change from 0 to 128
[  157.531850][ T8770] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  157.539792][ T8770] FAT-fs (loop3): Filesystem has been set read-only
[  157.546698][ T8770] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  157.547791][ T8763] IPVS: using max 2256 ests per chain, 112800 per kthread
[  157.554571][ T8770] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  157.629636][ T8775] lo speed is unknown, defaulting to 1000
[  157.686133][ T8773] infiniband syz!: set down
[  157.690836][ T8773] infiniband syz!: added team_slave_0
[  157.723114][ T8773] RDS/IB: syz!: added
[  157.760367][ T8779] __nla_validate_parse: 5 callbacks suppressed
[  157.760405][ T8779] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1728'.
[  157.862308][ T8787] FAULT_INJECTION: forcing a failure.
[  157.862308][ T8787] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  157.875523][ T8787] CPU: 1 UID: 0 PID: 8787 Comm: syz.0.1730 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  157.875571][ T8787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  157.875587][ T8787] Call Trace:
[  157.875596][ T8787]  <TASK>
[  157.875607][ T8787]  __dump_stack+0x1d/0x30
[  157.875733][ T8787]  dump_stack_lvl+0xe8/0x140
[  157.875776][ T8787]  dump_stack+0x15/0x1b
[  157.875813][ T8787]  should_fail_ex+0x265/0x280
[  157.875881][ T8787]  should_fail+0xb/0x20
[  157.875957][ T8787]  should_fail_usercopy+0x1a/0x20
[  157.875995][ T8787]  _copy_from_user+0x1c/0xb0
[  157.876023][ T8787]  __sys_bpf+0x183/0x7c0
[  157.876144][ T8787]  __x64_sys_bpf+0x41/0x50
[  157.876297][ T8787]  x64_sys_call+0x2aee/0x3000
[  157.876337][ T8787]  do_syscall_64+0xd2/0x200
[  157.876444][ T8787]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  157.876477][ T8787]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  157.876524][ T8787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.876553][ T8787] RIP: 0033:0x7f4c6d05eec9
[  157.876572][ T8787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.876609][ T8787] RSP: 002b:00007f4c6bac7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  157.876629][ T8787] RAX: ffffffffffffffda RBX: 00007f4c6d2b5fa0 RCX: 00007f4c6d05eec9
[  157.876642][ T8787] RDX: 0000000000000040 RSI: 00002000000005c0 RDI: 000000000000001c
[  157.876655][ T8787] RBP: 00007f4c6bac7090 R08: 0000000000000000 R09: 0000000000000000
[  157.876672][ T8787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  157.876689][ T8787] R13: 00007f4c6d2b6038 R14: 00007f4c6d2b5fa0 R15: 00007ffc03a2f218
[  157.876717][ T8787]  </TASK>
[  158.084498][ T8790] loop0: detected capacity change from 0 to 512
[  158.102038][ T8790] ext4 filesystem being mounted at /354/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  158.113876][ T8790] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  158.236925][ T8800] loop0: detected capacity change from 0 to 512
[  158.259502][ T8800] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  158.277970][ T8785] lo speed is unknown, defaulting to 1000
[  158.316717][ T8800] ext4 filesystem being mounted at /355/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  158.377147][ T8805] netlink: 'syz.3.1734': attribute type 10 has an invalid length.
[  158.500198][ T8811] netlink: 'syz.4.1735': attribute type 10 has an invalid length.
[  158.592697][ T8817] loop1: detected capacity change from 0 to 512
[  158.618708][ T8817] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  158.629473][ T8817] EXT4-fs (loop1): orphan cleanup on readonly fs
[  158.642821][ T8817] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1738: corrupted inode contents
[  158.674241][ T8826] siw: device registration error -23
[  158.689627][ T8831] netlink: 'syz.0.1741': attribute type 5 has an invalid length.
[  158.694271][ T8817] EXT4-fs (loop1): Remounting filesystem read-only
[  158.697449][ T8831] netlink: 168 bytes leftover after parsing attributes in process `syz.0.1741'.
[  158.713469][ T8817] EXT4-fs (loop1): 1 truncate cleaned up
[  158.719675][ T5596] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  158.730389][ T5596] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  158.753352][ T8832] loop2: detected capacity change from 0 to 512
[  158.763739][ T5596] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  158.778835][ T8832] EXT4-fs (loop2): 1 orphan inode deleted
[  158.799687][ T8832] ext4 filesystem being mounted at /374/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  158.876751][ T8840] Invalid ELF header magic: != ELF
[  158.937357][ T8849] lo speed is unknown, defaulting to 1000
[  158.975835][ T8856] netlink: 'syz.0.1750': attribute type 10 has an invalid length.
[  159.139184][ T8865] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1753'.
[  159.148381][ T8865] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1753'.
[  159.172800][ T8866] loop2: detected capacity change from 0 to 512
[  159.186980][ T8866] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  159.229719][ T8866] ext4 filesystem being mounted at /377/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.272549][ T8873] loop1: detected capacity change from 0 to 512
[  159.290385][ T8874] loop4: detected capacity change from 0 to 512
[  159.298358][ T8874] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  159.312073][ T8877] SELinux: security_context_str_to_sid () failed with errno=-22
[  159.317970][ T8873] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  159.331126][ T8874] EXT4-fs (loop4): 1 truncate cleaned up
[  159.331141][ T8873] EXT4-fs (loop1): orphan cleanup on readonly fs
[  159.332859][ T8873] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1755: corrupted inode contents
[  159.355373][ T8873] EXT4-fs (loop1): Remounting filesystem read-only
[  159.362222][ T8873] EXT4-fs (loop1): 1 truncate cleaned up
[  159.368148][ T5550] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  159.378695][ T5550] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  159.389296][ T5550] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  159.560595][ T8897] netlink: 'syz.4.1762': attribute type 5 has an invalid length.
[  159.568447][ T8897] netlink: 168 bytes leftover after parsing attributes in process `syz.4.1762'.
[  159.600647][ T8899] geneve2: entered promiscuous mode
[  159.605890][ T8899] geneve2: entered allmulticast mode
[  159.617601][ T8897] loop4: detected capacity change from 0 to 512
[  159.624831][ T8897] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  159.637108][ T8897] EXT4-fs (loop4): 1 truncate cleaned up
[  159.713447][ T8910] loop1: detected capacity change from 0 to 512
[  159.720337][ T8910] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  159.734277][ T8910] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm syz.1.1769: invalid indirect mapped block 4294967295 (level 0)
[  159.748734][ T8910] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm syz.1.1769: invalid indirect mapped block 4294967295 (level 1)
[  159.750354][ T8914] loop4: detected capacity change from 0 to 512
[  159.764322][ T8910] EXT4-fs (loop1): 1 orphan inode deleted
[  159.774870][ T8910] EXT4-fs (loop1): 1 truncate cleaned up
[  159.785427][ T8910] 
: renamed from bond0
[  159.793860][ T8914] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  159.811391][ T8914] EXT4-fs (loop4): orphan cleanup on readonly fs
[  159.828648][ T8914] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.1770: corrupted inode contents
[  159.840993][ T8914] EXT4-fs (loop4): Remounting filesystem read-only
[  159.848463][ T8922] netlink: 4436 bytes leftover after parsing attributes in process `syz.1.1773'.
[  159.850213][ T8914] EXT4-fs (loop4): 1 truncate cleaned up
[  159.863622][   T51] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  159.868144][ T8922] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  159.874267][   T51] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  159.894372][   T51] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  159.910035][ T8925] loop1: detected capacity change from 0 to 1024
[  159.926784][ T8925] EXT4-fs: Ignoring removed orlov option
[  159.945949][ T8930] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1775'.
[  159.965143][ T8930] loop4: detected capacity change from 0 to 128
[  159.993367][ T8932] 9pnet_fd: Insufficient options for proto=fd
[  159.999990][ T8930] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  160.007874][ T8930] FAT-fs (loop4): Filesystem has been set read-only
[  160.044442][ T8930] bio_check_eod: 19149 callbacks suppressed
[  160.044460][ T8930] syz.4.1775: attempt to access beyond end of device
[  160.044460][ T8930] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  160.102677][ T8930] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  160.110590][ T8930] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  160.143215][ T8930] syz.4.1775: attempt to access beyond end of device
[  160.143215][ T8930] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  160.165279][ T8930] syz.4.1775: attempt to access beyond end of device
[  160.165279][ T8930] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  160.178781][ T8930] syz.4.1775: attempt to access beyond end of device
[  160.178781][ T8930] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  160.192168][ T8930] syz.4.1775: attempt to access beyond end of device
[  160.192168][ T8930] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  160.205597][ T8930] syz.4.1775: attempt to access beyond end of device
[  160.205597][ T8930] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  160.219092][ T8930] syz.4.1775: attempt to access beyond end of device
[  160.219092][ T8930] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  160.232472][ T8930] syz.4.1775: attempt to access beyond end of device
[  160.232472][ T8930] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  160.246026][ T8930] syz.4.1775: attempt to access beyond end of device
[  160.246026][ T8930] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  160.259451][ T8930] syz.4.1775: attempt to access beyond end of device
[  160.259451][ T8930] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  160.317906][ T8935] lo speed is unknown, defaulting to 1000
[  160.472661][ T8953] netlink: 'syz.3.1785': attribute type 10 has an invalid length.
[  160.586483][ T8959] netlink: 'syz.0.1787': attribute type 7 has an invalid length.
[  160.594597][ T8959] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1787'.
[  160.919254][ T8979] netlink: 'syz.0.1796': attribute type 10 has an invalid length.
[  160.942768][ T8963] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  160.972815][ T8963] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  161.136021][ T8984] loop3: detected capacity change from 0 to 1024
[  161.147001][ T8984] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  161.171247][ T8984] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  161.188986][ T8984] EXT4-fs (loop3): orphan cleanup on readonly fs
[  161.204256][ T8984] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #3: block 3: comm syz.3.1794: lblock 3 mapped to illegal pblock 3 (length 1)
[  161.221447][ T8984] EXT4-fs error (device loop3): ext4_acquire_dquot:6943: comm syz.3.1794: Failed to acquire dquot type 0
[  161.243182][ T8984] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 3: comm syz.3.1794: lblock 3 mapped to illegal pblock 3 (length 1)
[  161.264194][ T8984] EXT4-fs error (device loop3): ext4_acquire_dquot:6943: comm syz.3.1794: Failed to acquire dquot type 0
[  161.286474][ T8984] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.1794: Freeing blocks not in datazone - block = 0, count = 4096
[  161.337984][ T8984] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 3: comm syz.3.1794: lblock 3 mapped to illegal pblock 3 (length 1)
[  161.351502][ T8990] lo speed is unknown, defaulting to 1000
[  161.367902][ T8984] EXT4-fs error (device loop3): ext4_acquire_dquot:6943: comm syz.3.1794: Failed to acquire dquot type 0
[  161.388682][ T8984] EXT4-fs (loop3): 1 orphan inode deleted
[  161.458484][   T29] kauditd_printk_skb: 1016 callbacks suppressed
[  161.458531][   T29] audit: type=1326 audit(1759497914.341:11359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8992 comm="syz.3.1800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86aafbeec9 code=0x7ffc0000
[  161.506639][   T29] audit: type=1326 audit(1759497914.341:11360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8992 comm="syz.3.1800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86aafbeec9 code=0x7ffc0000
[  161.520091][ T8946] syz.2.1784 (8946) used greatest stack depth: 6360 bytes left
[  161.530284][   T29] audit: type=1326 audit(1759497914.371:11361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8992 comm="syz.3.1800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f86aafbeec9 code=0x7ffc0000
[  161.561318][   T29] audit: type=1326 audit(1759497914.371:11362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8992 comm="syz.3.1800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86aafbeec9 code=0x7ffc0000
[  161.585024][   T29] audit: type=1326 audit(1759497914.371:11363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8992 comm="syz.3.1800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86aafbeec9 code=0x7ffc0000
[  161.608714][   T29] audit: type=1326 audit(1759497914.371:11364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8992 comm="syz.3.1800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f86aafbeec9 code=0x7ffc0000
[  161.632581][   T29] audit: type=1326 audit(1759497914.371:11365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8992 comm="syz.3.1800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86aafbeec9 code=0x7ffc0000
[  161.656147][   T29] audit: type=1326 audit(1759497914.371:11366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8992 comm="syz.3.1800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86aafbeec9 code=0x7ffc0000
[  161.679790][   T29] audit: type=1326 audit(1759497914.371:11367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8992 comm="syz.3.1800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f86aafbeec9 code=0x7ffc0000
[  161.703641][   T29] audit: type=1326 audit(1759497914.371:11368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8992 comm="syz.3.1800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86aafbeec9 code=0x7ffc0000
[  161.749235][ T9004] loop3: detected capacity change from 0 to 2048
[  161.751447][ T9000] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1802'.
[  161.757932][ T9004] EXT4-fs: Ignoring removed i_version option
[  161.782979][ T9004] EXT4-fs: Ignoring removed mblk_io_submit option
[  161.790193][ T9004] ext4: Unknown parameter 'subj_type'
[  161.815493][ T9011] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1808'.
[  161.849820][ T9014] netlink: 'syz.0.1809': attribute type 7 has an invalid length.
[  162.046400][ T9036] lo speed is unknown, defaulting to 1000
[  162.059266][ T9038] loop4: detected capacity change from 0 to 512
[  162.081415][ T9038] EXT4-fs: Ignoring removed mblk_io_submit option
[  162.100466][ T9038] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  162.127659][ T9038] EXT4-fs (loop4): 1 truncate cleaned up
[  162.147166][ T9048] netlink: 'syz.0.1824': attribute type 7 has an invalid length.
[  162.244055][ T9052] loop4: detected capacity change from 0 to 1024
[  162.251750][ T9052] EXT4-fs: Ignoring removed orlov option
[  162.272617][ T9052] EXT4-fs mount: 116 callbacks suppressed
[  162.272633][ T9052] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.466540][ T9079] loop1: detected capacity change from 0 to 512
[  162.489864][ T9079] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  162.502139][ T9079] EXT4-fs (loop1): orphan cleanup on readonly fs
[  162.510974][ T9083] lo speed is unknown, defaulting to 1000
[  162.519205][ T9079] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1838: corrupted inode contents
[  162.542188][ T9079] EXT4-fs (loop1): Remounting filesystem read-only
[  162.587169][ T9079] EXT4-fs (loop1): 1 truncate cleaned up
[  162.593531][   T51] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  162.604141][   T51] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  162.619175][   T51] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  162.630068][ T9079] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  162.662701][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.751152][ T9097] netlink: 'syz.2.1846': attribute type 10 has an invalid length.
[  162.769624][ T9095] netlink: 'syz.1.1844': attribute type 7 has an invalid length.
[  162.777475][ T9095] __nla_validate_parse: 3 callbacks suppressed
[  162.777492][ T9095] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1844'.
[  162.881643][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.909769][ T9110] loop3: detected capacity change from 0 to 512
[  162.917446][ T9110] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  162.964484][ T9119] loop1: detected capacity change from 0 to 512
[  162.965273][ T9110] EXT4-fs (loop3): 1 truncate cleaned up
[  162.977563][ T9119] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  163.001360][ T9110] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.040570][ T9119] EXT4-fs (loop1): 1 truncate cleaned up
[  163.048046][ T9122] loop4: detected capacity change from 0 to 512
[  163.057637][ T9119] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.088113][ T9122] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  163.104717][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.116409][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.129593][ T9122] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.162966][ T9122] ext4 filesystem being mounted at /366/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  163.210151][ T9122] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.235354][ T9142] netlink: 4436 bytes leftover after parsing attributes in process `syz.0.1865'.
[  163.239469][ T9143] netlink: 'syz.3.1866': attribute type 10 has an invalid length.
[  163.245007][ T9142] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  163.286617][ T9139] lo speed is unknown, defaulting to 1000
[  163.638713][ T9159] lo speed is unknown, defaulting to 1000
[  163.914989][ T9177] netlink: 'syz.2.1877': attribute type 10 has an invalid length.
[  163.958559][ T9175] cgroup: Invalid name
[  163.963098][ T9175] cgroup: Invalid name
[  164.522542][ T9221] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1894'.
[  164.869069][ T9244] loop3: detected capacity change from 0 to 4096
[  164.880692][ T9244] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.906824][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.932374][ T9250] validate_nla: 1 callbacks suppressed
[  164.932396][ T9250] netlink: 'syz.3.1906': attribute type 10 has an invalid length.
[  165.031121][ T9263] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1913'.
[  165.040191][ T9263] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1913'.
[  165.117441][ T9272] lo speed is unknown, defaulting to 1000
[  165.147252][ T9278] loop1: detected capacity change from 0 to 4096
[  165.157619][ T9278] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.182862][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.213916][ T9282] loop1: detected capacity change from 0 to 512
[  165.221121][ T9282] EXT4-fs: Ignoring removed mblk_io_submit option
[  165.228420][ T9282] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  165.246447][ T9282] EXT4-fs (loop1): 1 truncate cleaned up
[  165.252695][ T9282] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.299845][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.392060][ T9298] netlink: 88 bytes leftover after parsing attributes in process `syz.4.1928'.
[  165.401192][ T9298] netlink: 88 bytes leftover after parsing attributes in process `syz.4.1928'.
[  165.406071][ T9300] netlink: 'syz.1.1929': attribute type 10 has an invalid length.
[  165.567851][ T9316] netlink: 'syz.1.1936': attribute type 10 has an invalid length.
[  165.762106][ T9334] lo speed is unknown, defaulting to 1000
[  165.768485][ T9336] lo speed is unknown, defaulting to 1000
[  165.824677][ T9338] loop1: detected capacity change from 0 to 512
[  165.834185][ T9338] EXT4-fs: Ignoring removed mblk_io_submit option
[  165.857416][ T9340] netlink: 'syz.3.1946': attribute type 10 has an invalid length.
[  165.877650][ T9338] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.890405][ T9338] ext4 filesystem being mounted at /390/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  165.926294][ T9338] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.1945: corrupted xattr block 33: e_value out of bounds
[  165.951135][ T9338] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[  165.961282][ T9346] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1947'.
[  165.967900][ T9338] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.1945: corrupted xattr block 33: e_value out of bounds
[  165.989980][ T9338] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[  166.000832][ T9338] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  166.015588][ T9338] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2962: inode #15: comm syz.1.1945: corrupted xattr block 33: e_value out of bounds
[  166.035432][ T9338] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117)
[  166.126893][ T9360] netlink: 'syz.2.1953': attribute type 10 has an invalid length.
[  166.152540][ T9362] loop3: detected capacity change from 0 to 4096
[  166.161841][ T9362] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.187216][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.199897][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.229753][ T9370] loop3: detected capacity change from 0 to 2048
[  166.236602][ T9370] ext3: Unknown parameter 'fowner>00000000000000000000'
[  166.337399][ T9384] netlink: 'syz.3.1961': attribute type 10 has an invalid length.
[  166.518125][ T9404] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1971'.
[  166.533612][ T9404] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1971'.
[  166.543743][ T9406] netlink: 'syz.3.1972': attribute type 10 has an invalid length.
[  166.590212][   T29] kauditd_printk_skb: 1060 callbacks suppressed
[  166.590231][   T29] audit: type=1326 audit(1759497919.471:12420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9409 comm="syz.2.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  166.645273][   T29] audit: type=1326 audit(1759497919.501:12421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9409 comm="syz.2.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  166.668927][   T29] audit: type=1326 audit(1759497919.501:12422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9409 comm="syz.2.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  166.692514][   T29] audit: type=1326 audit(1759497919.501:12423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9409 comm="syz.2.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  166.716282][   T29] audit: type=1326 audit(1759497919.501:12424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9409 comm="syz.2.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  166.739895][   T29] audit: type=1326 audit(1759497919.501:12425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9409 comm="syz.2.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  166.763496][   T29] audit: type=1326 audit(1759497919.501:12426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9409 comm="syz.2.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  166.787130][   T29] audit: type=1326 audit(1759497919.501:12427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9409 comm="syz.2.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  166.810725][   T29] audit: type=1326 audit(1759497919.501:12428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9409 comm="syz.2.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  166.834257][   T29] audit: type=1326 audit(1759497919.501:12429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9409 comm="syz.2.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  166.916690][ T9423] FAULT_INJECTION: forcing a failure.
[  166.916690][ T9423] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  166.929802][ T9423] CPU: 0 UID: 0 PID: 9423 Comm: syz.2.1978 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  166.929857][ T9423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  166.929874][ T9423] Call Trace:
[  166.929883][ T9423]  <TASK>
[  166.929893][ T9423]  __dump_stack+0x1d/0x30
[  166.929990][ T9423]  dump_stack_lvl+0xe8/0x140
[  166.930098][ T9423]  dump_stack+0x15/0x1b
[  166.930132][ T9423]  should_fail_ex+0x265/0x280
[  166.930313][ T9423]  should_fail+0xb/0x20
[  166.930424][ T9423]  should_fail_usercopy+0x1a/0x20
[  166.930467][ T9423]  _copy_from_user+0x1c/0xb0
[  166.930536][ T9423]  ___sys_sendmsg+0xc1/0x1d0
[  166.930591][ T9423]  __x64_sys_sendmsg+0xd4/0x160
[  166.930633][ T9423]  x64_sys_call+0x191e/0x3000
[  166.930655][ T9423]  do_syscall_64+0xd2/0x200
[  166.930684][ T9423]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  166.930716][ T9423]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  166.930760][ T9423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.930858][ T9423] RIP: 0033:0x7efd58eaeec9
[  166.930875][ T9423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.930895][ T9423] RSP: 002b:00007efd57917038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  166.930919][ T9423] RAX: ffffffffffffffda RBX: 00007efd59105fa0 RCX: 00007efd58eaeec9
[  166.930936][ T9423] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  166.930953][ T9423] RBP: 00007efd57917090 R08: 0000000000000000 R09: 0000000000000000
[  166.930971][ T9423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.931023][ T9423] R13: 00007efd59106038 R14: 00007efd59105fa0 R15: 00007fffccc434f8
[  166.931049][ T9423]  </TASK>
[  166.953967][ T9425] loop3: detected capacity change from 0 to 4096
[  167.138824][ T9425] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.206934][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.232980][ T9440] loop1: detected capacity change from 0 to 1024
[  167.254517][ T9440] ext2: Unknown parameter 'silent'
[  167.263906][ T9449] netlink: 'syz.4.1989': attribute type 10 has an invalid length.
[  167.270201][ T9440] FAULT_INJECTION: forcing a failure.
[  167.270201][ T9440] name failslab, interval 1, probability 0, space 0, times 0
[  167.284566][ T9440] CPU: 1 UID: 0 PID: 9440 Comm: syz.1.1985 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  167.284597][ T9440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  167.284613][ T9440] Call Trace:
[  167.284621][ T9440]  <TASK>
[  167.284629][ T9440]  __dump_stack+0x1d/0x30
[  167.284744][ T9440]  dump_stack_lvl+0xe8/0x140
[  167.284781][ T9440]  dump_stack+0x15/0x1b
[  167.284869][ T9440]  should_fail_ex+0x265/0x280
[  167.284901][ T9440]  ? audit_log_d_path+0x8d/0x150
[  167.284922][ T9440]  should_failslab+0x8c/0xb0
[  167.284950][ T9440]  __kmalloc_cache_noprof+0x4c/0x4a0
[  167.284996][ T9440]  audit_log_d_path+0x8d/0x150
[  167.285017][ T9440]  audit_log_d_path_exe+0x42/0x70
[  167.285051][ T9440]  audit_log_task+0x1e9/0x250
[  167.285136][ T9440]  ? kstrtouint+0x76/0xc0
[  167.285166][ T9440]  audit_seccomp+0x61/0x100
[  167.285206][ T9440]  ? __seccomp_filter+0x82d/0x1250
[  167.285244][ T9440]  __seccomp_filter+0x83e/0x1250
[  167.285273][ T9440]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  167.285306][ T9440]  ? vfs_write+0x7e8/0x960
[  167.285353][ T9440]  __secure_computing+0x82/0x150
[  167.285380][ T9440]  syscall_trace_enter+0xcf/0x1e0
[  167.285410][ T9440]  do_syscall_64+0xac/0x200
[  167.285470][ T9440]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  167.285498][ T9440]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  167.285534][ T9440]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.285557][ T9440] RIP: 0033:0x7ffb2076eec9
[  167.285574][ T9440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.285670][ T9440] RSP: 002b:00007ffb1f1cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000067
[  167.285690][ T9440] RAX: ffffffffffffffda RBX: 00007ffb209c5fa0 RCX: 00007ffb2076eec9
[  167.285704][ T9440] RDX: 00000000000000c2 RSI: 0000200000000fc0 RDI: 0000000000000002
[  167.285717][ T9440] RBP: 00007ffb1f1cf090 R08: 0000000000000000 R09: 0000000000000000
[  167.285731][ T9440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.285761][ T9440] R13: 00007ffb209c6038 R14: 00007ffb209c5fa0 R15: 00007ffe616a4f68
[  167.285782][ T9440]  </TASK>
[  167.582885][ T9465] loop1: detected capacity change from 0 to 2048
[  167.629209][ T9465] Alternate GPT is invalid, using primary GPT.
[  167.635606][ T9465]  loop1: p1 p2 p3
[  167.639407][ T9465] loop1: partition table partially beyond EOD, truncated
[  167.710695][ T9471] Falling back ldisc for ptm0.
[  167.713724][ T9478] loop1: detected capacity change from 0 to 512
[  167.729577][ T9478] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  167.739571][ T9478] EXT4-fs (loop1): orphan cleanup on readonly fs
[  167.753325][ T9478] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1999: corrupted inode contents
[  167.768530][ T9478] EXT4-fs (loop1): Remounting filesystem read-only
[  167.775219][ T9478] EXT4-fs (loop1): 1 truncate cleaned up
[  167.781566][ T5591] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  167.792210][ T5591] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  167.802955][ T5591] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  167.813875][ T9478] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  167.839890][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.966334][ T9497] loop1: detected capacity change from 0 to 4096
[  167.983420][ T9497] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  168.002046][ T9497] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.032484][ T9497] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.183710][ T9516] FAULT_INJECTION: forcing a failure.
[  168.183710][ T9516] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  168.196861][ T9516] CPU: 1 UID: 0 PID: 9516 Comm: syz.3.2013 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  168.196898][ T9516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  168.196915][ T9516] Call Trace:
[  168.196922][ T9516]  <TASK>
[  168.196931][ T9516]  __dump_stack+0x1d/0x30
[  168.197012][ T9516]  dump_stack_lvl+0xe8/0x140
[  168.197046][ T9516]  dump_stack+0x15/0x1b
[  168.197247][ T9516]  should_fail_ex+0x265/0x280
[  168.197278][ T9516]  should_fail+0xb/0x20
[  168.197310][ T9516]  should_fail_usercopy+0x1a/0x20
[  168.197392][ T9516]  _copy_from_iter+0xd2/0xe80
[  168.197495][ T9516]  ? __build_skb_around+0x1ab/0x200
[  168.197528][ T9516]  ? __alloc_skb+0x223/0x320
[  168.197577][ T9516]  netlink_sendmsg+0x471/0x6b0
[  168.197739][ T9516]  ? __pfx_netlink_sendmsg+0x10/0x10
[  168.197778][ T9516]  __sock_sendmsg+0x142/0x180
[  168.197802][ T9516]  ____sys_sendmsg+0x31e/0x4e0
[  168.197837][ T9516]  ___sys_sendmsg+0x17b/0x1d0
[  168.197944][ T9516]  __x64_sys_sendmsg+0xd4/0x160
[  168.198024][ T9516]  x64_sys_call+0x191e/0x3000
[  168.198054][ T9516]  do_syscall_64+0xd2/0x200
[  168.198081][ T9516]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  168.198145][ T9516]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  168.198184][ T9516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.198225][ T9516] RIP: 0033:0x7f86aafbeec9
[  168.198245][ T9516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.198270][ T9516] RSP: 002b:00007f86a9a1f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  168.198295][ T9516] RAX: ffffffffffffffda RBX: 00007f86ab215fa0 RCX: 00007f86aafbeec9
[  168.198313][ T9516] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  168.198329][ T9516] RBP: 00007f86a9a1f090 R08: 0000000000000000 R09: 0000000000000000
[  168.198427][ T9516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  168.198444][ T9516] R13: 00007f86ab216038 R14: 00007f86ab215fa0 R15: 00007ffd2a4b5b08
[  168.198533][ T9516]  </TASK>
[  168.402803][ T9510] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  168.416812][ T9510] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  168.512191][ T9528] loop1: detected capacity change from 0 to 4096
[  168.530996][ T9528] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.546622][ T9539] __nla_validate_parse: 1 callbacks suppressed
[  168.546640][ T9539] netlink: 20 bytes leftover after parsing attributes in process `+}[@'.
[  168.564691][ T9539] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1025 sclass=netlink_route_socket pid=9539 comm=+}[@
[  168.579582][ T9539] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  168.588531][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.737238][ T9556] lo speed is unknown, defaulting to 1000
[  168.743572][ T9559] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2031'.
[  168.759161][ T9559] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  168.988184][ T9575] FAULT_INJECTION: forcing a failure.
[  168.988184][ T9575] name failslab, interval 1, probability 0, space 0, times 0
[  169.000939][ T9575] CPU: 0 UID: 0 PID: 9575 Comm: GPL Not tainted syzkaller #0 PREEMPT(voluntary) 
[  169.000974][ T9575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  169.000992][ T9575] Call Trace:
[  169.001047][ T9575]  <TASK>
[  169.001056][ T9575]  __dump_stack+0x1d/0x30
[  169.001090][ T9575]  dump_stack_lvl+0xe8/0x140
[  169.001184][ T9575]  dump_stack+0x15/0x1b
[  169.001333][ T9575]  should_fail_ex+0x265/0x280
[  169.001373][ T9575]  should_failslab+0x8c/0xb0
[  169.001406][ T9575]  kmem_cache_alloc_noprof+0x50/0x480
[  169.001440][ T9575]  ? locks_get_lock_context+0x89/0x210
[  169.001474][ T9575]  ? __kmalloc_cache_noprof+0x3b4/0x4a0
[  169.001505][ T9575]  locks_get_lock_context+0x89/0x210
[  169.001545][ T9575]  generic_setlease+0x27a/0xe40
[  169.001630][ T9575]  ? __srcu_read_unlock+0x1f/0x40
[  169.001669][ T9575]  vfs_setlease+0x1e8/0x200
[  169.001702][ T9575]  fcntl_setlease+0x259/0x300
[  169.001735][ T9575]  do_fcntl+0x524/0xdf0
[  169.001770][ T9575]  ? selinux_file_fcntl+0x1b4/0x1e0
[  169.001830][ T9575]  __se_sys_fcntl+0xb1/0x120
[  169.001861][ T9575]  __x64_sys_fcntl+0x43/0x50
[  169.001988][ T9575]  x64_sys_call+0x29a4/0x3000
[  169.002023][ T9575]  do_syscall_64+0xd2/0x200
[  169.002042][ T9575]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  169.002067][ T9575]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  169.002158][ T9575]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.002204][ T9575] RIP: 0033:0x7efd58eaeec9
[  169.002218][ T9575] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.002307][ T9575] RSP: 002b:00007efd57917038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  169.002380][ T9575] RAX: ffffffffffffffda RBX: 00007efd59105fa0 RCX: 00007efd58eaeec9
[  169.002392][ T9575] RDX: 0000000000000000 RSI: 0000000000000400 RDI: 0000000000000004
[  169.002440][ T9575] RBP: 00007efd57917090 R08: 0000000000000000 R09: 0000000000000000
[  169.002451][ T9575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.002463][ T9575] R13: 00007efd59106038 R14: 00007efd59105fa0 R15: 00007fffccc434f8
[  169.002482][ T9575]  </TASK>
[  169.380629][ T9587] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2042'.
[  169.559812][ T9609] SELinux:  Context system_u: is not valid (left unmapped).
[  169.766774][ T9628] netlink: 'syz.1.2061': attribute type 7 has an invalid length.
[  169.774605][ T9628] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2061'.
[  170.262027][ T9691] netlink: 'syz.1.2088': attribute type 7 has an invalid length.
[  170.270188][ T9691] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2088'.
[  170.352108][ T9700] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  170.360682][ T9685] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  170.361304][ T9700] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  170.371066][ T9685] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  170.618933][ T9713] loop1: detected capacity change from 0 to 512
[  170.635463][ T9713] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  170.661283][ T9713] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.686802][ T9713] ext4 filesystem being mounted at /419/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  170.703413][ T9713] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.799601][ T9728] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2103'.
[  171.027930][ T9760] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2118'.
[  171.129015][ T9773] netlink: 'syz.1.2125': attribute type 10 has an invalid length.
[  171.237571][ T9791] netlink: 'syz.2.2133': attribute type 30 has an invalid length.
[  171.253087][ T9797] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2135'.
[  171.352193][ T9774] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  171.371481][ T9774] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  171.396232][ T9819] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  171.423433][ T9819] loop3: detected capacity change from 0 to 1024
[  171.440498][ T9819] EXT4-fs: Ignoring removed orlov option
[  171.452928][ T9819] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.660536][   T29] kauditd_printk_skb: 975 callbacks suppressed
[  171.660555][   T29] audit: type=1326 audit(1759497924.541:13398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9852 comm="syz.4.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0fe0eec9 code=0x7ffc0000
[  171.737803][   T29] audit: type=1326 audit(1759497924.541:13399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9852 comm="syz.4.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0fe0eec9 code=0x7ffc0000
[  171.761490][   T29] audit: type=1326 audit(1759497924.571:13400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9852 comm="syz.4.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7fcb0fe0eec9 code=0x7ffc0000
[  171.785078][   T29] audit: type=1326 audit(1759497924.571:13401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9852 comm="syz.4.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0fe0eec9 code=0x7ffc0000
[  171.808672][   T29] audit: type=1326 audit(1759497924.571:13402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9852 comm="syz.4.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0fe0eec9 code=0x7ffc0000
[  171.832351][   T29] audit: type=1326 audit(1759497924.571:13403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9852 comm="syz.4.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcb0fe0eec9 code=0x7ffc0000
[  171.856137][   T29] audit: type=1326 audit(1759497924.571:13404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9852 comm="syz.4.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0fe0eec9 code=0x7ffc0000
[  171.871513][ T9849] SELinux: failed to load policy
[  171.879742][   T29] audit: type=1326 audit(1759497924.571:13405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9852 comm="syz.4.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0fe0eec9 code=0x7ffc0000
[  171.908326][   T29] audit: type=1326 audit(1759497924.581:13406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9852 comm="syz.4.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb0fe0eec9 code=0x7ffc0000
[  171.931943][   T29] audit: type=1326 audit(1759497924.581:13407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9852 comm="syz.4.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0fe0eec9 code=0x7ffc0000
[  171.959149][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.135157][ T9877] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  172.409094][ T9887] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  172.417803][ T9887] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  172.603831][ T9917] FAULT_INJECTION: forcing a failure.
[  172.603831][ T9917] name failslab, interval 1, probability 0, space 0, times 0
[  172.616787][ T9917] CPU: 1 UID: 0 PID: 9917 Comm: syz.2.2185 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  172.616824][ T9917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  172.616857][ T9917] Call Trace:
[  172.616866][ T9917]  <TASK>
[  172.616947][ T9917]  __dump_stack+0x1d/0x30
[  172.616990][ T9917]  dump_stack_lvl+0xe8/0x140
[  172.617104][ T9917]  dump_stack+0x15/0x1b
[  172.617179][ T9917]  should_fail_ex+0x265/0x280
[  172.617217][ T9917]  should_failslab+0x8c/0xb0
[  172.617247][ T9917]  kmem_cache_alloc_noprof+0x50/0x480
[  172.617302][ T9917]  ? audit_log_start+0x342/0x720
[  172.617344][ T9917]  ? cmp_ex_search+0x25/0x40
[  172.617435][ T9917]  audit_log_start+0x342/0x720
[  172.617476][ T9917]  ? search_extable+0x53/0x80
[  172.617500][ T9917]  ? __put_user_8+0xd/0x20
[  172.617540][ T9917]  ? __put_user_8+0xd/0x20
[  172.617564][ T9917]  audit_seccomp+0x48/0x100
[  172.617595][ T9917]  ? __seccomp_filter+0x82d/0x1250
[  172.617656][ T9917]  __seccomp_filter+0x83e/0x1250
[  172.617753][ T9917]  ? kernelmode_fixup_or_oops+0x59/0xb0
[  172.617779][ T9917]  ? exc_page_fault+0x62/0xa0
[  172.617868][ T9917]  __secure_computing+0x82/0x150
[  172.617894][ T9917]  syscall_trace_enter+0xcf/0x1e0
[  172.617947][ T9917]  do_syscall_64+0xac/0x200
[  172.617974][ T9917]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  172.618010][ T9917]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  172.618059][ T9917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.618096][ T9917] RIP: 0033:0x7efd58ead8dc
[  172.618112][ T9917] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  172.618130][ T9917] RSP: 002b:00007efd57917030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  172.618151][ T9917] RAX: ffffffffffffffda RBX: 00007efd59105fa0 RCX: 00007efd58ead8dc
[  172.618174][ T9917] RDX: 000000000000000f RSI: 00007efd579170a0 RDI: 0000000000000006
[  172.618330][ T9917] RBP: 00007efd57917090 R08: 0000000000000000 R09: 0000000000000000
[  172.618347][ T9917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  172.618364][ T9917] R13: 00007efd59106038 R14: 00007efd59105fa0 R15: 00007fffccc434f8
[  172.618391][ T9917]  </TASK>
[  172.906406][ T9923] netlink: 'syz.2.2188': attribute type 7 has an invalid length.
[  173.007419][ T9927] loop3: detected capacity change from 0 to 2048
[  173.081069][ T9927] Alternate GPT is invalid, using primary GPT.
[  173.087411][ T9939] FAULT_INJECTION: forcing a failure.
[  173.087411][ T9939] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  173.087584][ T9927]  loop3: p1 p2 p3
[  173.101626][ T9939] CPU: 0 UID: 0 PID: 9939 Comm: syz.2.2195 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  173.101667][ T9939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  173.101684][ T9939] Call Trace:
[  173.101692][ T9939]  <TASK>
[  173.101710][ T9939]  __dump_stack+0x1d/0x30
[  173.101765][ T9939]  dump_stack_lvl+0xe8/0x140
[  173.101816][ T9939]  dump_stack+0x15/0x1b
[  173.101863][ T9939]  should_fail_ex+0x265/0x280
[  173.101982][ T9939]  should_fail+0xb/0x20
[  173.102020][ T9939]  should_fail_usercopy+0x1a/0x20
[  173.102083][ T9939]  _copy_from_iter+0xd2/0xe80
[  173.102131][ T9939]  ? __build_skb_around+0x1ab/0x200
[  173.102184][ T9939]  ? __alloc_skb+0x223/0x320
[  173.102222][ T9939]  netlink_sendmsg+0x471/0x6b0
[  173.102269][ T9939]  ? __pfx_netlink_sendmsg+0x10/0x10
[  173.102324][ T9939]  __sock_sendmsg+0x142/0x180
[  173.102452][ T9939]  ____sys_sendmsg+0x31e/0x4e0
[  173.102500][ T9939]  ___sys_sendmsg+0x17b/0x1d0
[  173.102623][ T9939]  __x64_sys_sendmsg+0xd4/0x160
[  173.102681][ T9939]  x64_sys_call+0x191e/0x3000
[  173.102711][ T9939]  do_syscall_64+0xd2/0x200
[  173.102761][ T9939]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  173.102800][ T9939]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  173.102850][ T9939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.102881][ T9939] RIP: 0033:0x7efd58eaeec9
[  173.102904][ T9939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.102977][ T9939] RSP: 002b:00007efd57917038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  173.103006][ T9939] RAX: ffffffffffffffda RBX: 00007efd59105fa0 RCX: 00007efd58eaeec9
[  173.103025][ T9939] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  173.103043][ T9939] RBP: 00007efd57917090 R08: 0000000000000000 R09: 0000000000000000
[  173.103061][ T9939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.103079][ T9939] R13: 00007efd59106038 R14: 00007efd59105fa0 R15: 00007fffccc434f8
[  173.103109][ T9939]  </TASK>
[  173.306182][ T9927] loop3: partition table partially beyond EOD, truncated
[  173.378503][ T9952] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  173.470963][ T9967] loop3: detected capacity change from 0 to 512
[  173.485658][ T9967] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  173.508659][ T9967] EXT4-fs (loop3): 1 truncate cleaned up
[  173.519620][ T9967] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.561545][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.574863][ T9950] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  173.589235][ T9950] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  173.695053][ T9980] netlink: 'syz.2.2211': attribute type 7 has an invalid length.
[  173.703009][ T9980] __nla_validate_parse: 7 callbacks suppressed
[  173.703023][ T9980] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2211'.
[  173.808382][ T9983] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2212'.
[  173.822640][ T9974] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  173.842097][ T9974] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  174.293606][T10006] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2223'.
[  174.335566][T10010] lo speed is unknown, defaulting to 1000
[  174.464121][T10023] FAULT_INJECTION: forcing a failure.
[  174.464121][T10023] name failslab, interval 1, probability 0, space 0, times 0
[  174.476892][T10023] CPU: 0 UID: 0 PID: 10023 Comm: syz.2.2231 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  174.476927][T10023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  174.476944][T10023] Call Trace:
[  174.476953][T10023]  <TASK>
[  174.476962][T10023]  __dump_stack+0x1d/0x30
[  174.477006][T10023]  dump_stack_lvl+0xe8/0x140
[  174.477112][T10023]  dump_stack+0x15/0x1b
[  174.477151][T10023]  should_fail_ex+0x265/0x280
[  174.477216][T10023]  should_failslab+0x8c/0xb0
[  174.477364][T10023]  kmem_cache_alloc_noprof+0x50/0x480
[  174.477396][T10023]  ? getname_flags+0x80/0x3b0
[  174.477525][T10023]  getname_flags+0x80/0x3b0
[  174.477566][T10023]  user_path_at+0x28/0x130
[  174.477605][T10023]  do_fchmodat+0x9c/0x180
[  174.477630][T10023]  __x64_sys_chmod+0x38/0x50
[  174.477663][T10023]  x64_sys_call+0x2920/0x3000
[  174.477691][T10023]  do_syscall_64+0xd2/0x200
[  174.477717][T10023]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  174.477862][T10023]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  174.477907][T10023]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.478050][T10023] RIP: 0033:0x7efd58eaeec9
[  174.478071][T10023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.478096][T10023] RSP: 002b:00007efd57917038 EFLAGS: 00000246 ORIG_RAX: 000000000000005a
[  174.478121][T10023] RAX: ffffffffffffffda RBX: 00007efd59105fa0 RCX: 00007efd58eaeec9
[  174.478138][T10023] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000340
[  174.478194][T10023] RBP: 00007efd57917090 R08: 0000000000000000 R09: 0000000000000000
[  174.478210][T10023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  174.478280][T10023] R13: 00007efd59106038 R14: 00007efd59105fa0 R15: 00007fffccc434f8
[  174.478307][T10023]  </TASK>
[  174.492564][T10025] netlink: 4436 bytes leftover after parsing attributes in process `syz.1.2232'.
[  174.679677][T10025] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  174.690542][T10029] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  174.773200][T10037] netlink: 'syz.2.2236': attribute type 7 has an invalid length.
[  174.781053][T10037] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2236'.
[  175.143922][T10056] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2245'.
[  175.178451][T10056] netlink: 22 bytes leftover after parsing attributes in process `syz.0.2245'.
[  175.203215][T10058] lo speed is unknown, defaulting to 1000
[  175.221585][T10056] sg_write: process 1154 (syz.0.2245) changed security contexts after opening file descriptor, this is not allowed.
[  175.243707][T10062] loop3: detected capacity change from 0 to 128
[  175.255639][T10062] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  175.263688][T10062] FAT-fs (loop3): Filesystem has been set read-only
[  175.271801][T10062] bio_check_eod: 6070 callbacks suppressed
[  175.271817][T10062] syz.3.2248: attempt to access beyond end of device
[  175.271817][T10062] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  175.292227][T10062] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  175.300088][T10062] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  175.321521][T10062] syz.3.2248: attempt to access beyond end of device
[  175.321521][T10062] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  175.335420][T10062] syz.3.2248: attempt to access beyond end of device
[  175.335420][T10062] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  175.348984][T10062] syz.3.2248: attempt to access beyond end of device
[  175.348984][T10062] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  175.362366][T10062] syz.3.2248: attempt to access beyond end of device
[  175.362366][T10062] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  175.375733][T10062] syz.3.2248: attempt to access beyond end of device
[  175.375733][T10062] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  175.415512][T10062] syz.3.2248: attempt to access beyond end of device
[  175.415512][T10062] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  175.443571][T10062] syz.3.2248: attempt to access beyond end of device
[  175.443571][T10062] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  175.506645][T10062] syz.3.2248: attempt to access beyond end of device
[  175.506645][T10062] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  175.524120][T10062] syz.3.2248: attempt to access beyond end of device
[  175.524120][T10062] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  175.692351][T10088] netlink: 'syz.2.2258': attribute type 10 has an invalid length.
[  176.463906][T10120] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  176.489724][T10120] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  176.697552][   T29] kauditd_printk_skb: 401 callbacks suppressed
[  176.697567][   T29] audit: type=1400 audit(1759497929.571:13807): avc:  denied  { mounton } for  pid=10133 comm="syz.0.2277" path="/455/file0" dev="tmpfs" ino=2460 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  176.745785][   T29] audit: type=1400 audit(1759497929.611:13808): avc:  denied  { mount } for  pid=10133 comm="syz.0.2277" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  176.768499][   T29] audit: type=1400 audit(1759497929.611:13809): avc:  denied  { mounton } for  pid=10133 comm="syz.0.2277" path="/455/file0" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:devpts_t tclass=dir permissive=1
[  176.791190][   T29] audit: type=1400 audit(1759497929.611:13810): avc:  denied  { mount } for  pid=10133 comm="syz.0.2277" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  176.813399][   T29] audit: type=1400 audit(1759497929.611:13811): avc:  denied  { unmount } for  pid=10133 comm="syz.0.2277" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  176.833770][   T29] audit: type=1400 audit(1759497929.621:13812): avc:  denied  { unmount } for  pid=3303 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  176.873487][   T29] audit: type=1400 audit(1759497929.751:13813): avc:  denied  { create } for  pid=10138 comm="syz.0.2278" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  176.893396][   T29] audit: type=1326 audit(1759497929.751:13814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10136 comm="syz.2.2279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  176.917024][   T29] audit: type=1326 audit(1759497929.751:13815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10136 comm="syz.2.2279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  176.964265][   T29] audit: type=1326 audit(1759497929.771:13816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10136 comm="syz.2.2279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  177.044010][T10151] ALSA: seq fatal error: cannot create timer (-19)
[  177.143891][T10162] lo speed is unknown, defaulting to 1000
[  177.401046][T10185] loop3: detected capacity change from 0 to 128
[  177.503733][T10190] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2301'.
[  177.549521][T10190] 8021q: adding VLAN 0 to HW filter on device bond2
[  177.586402][T10192] bond2 (unregistering): Released all slaves
[  177.830054][T10204] loop3: detected capacity change from 0 to 128
[  177.870235][T10204] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  177.878221][T10204] FAT-fs (loop3): Filesystem has been set read-only
[  177.885128][T10204] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  177.893038][T10204] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  178.154321][T10227] lo speed is unknown, defaulting to 1000
[  178.366922][T10248] netlink: 'syz.0.2325': attribute type 3 has an invalid length.
[  178.375433][T10248] netlink: 'syz.0.2325': attribute type 3 has an invalid length.
[  178.659776][T10281] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2340'.
[  178.748862][T10291] lo speed is unknown, defaulting to 1000
[  178.807772][T10302] loop3: detected capacity change from 0 to 512
[  178.824379][T10302] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  178.846266][T10302] EXT4-fs (loop3): 1 truncate cleaned up
[  178.861247][T10302] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.897307][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.925088][T10314] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2354'.
[  178.975622][T10316] loop3: detected capacity change from 0 to 2048
[  179.080459][T10316] Alternate GPT is invalid, using primary GPT.
[  179.086792][T10316]  loop3: p1 p2 p3
[  179.090561][T10316] loop3: partition table partially beyond EOD, truncated
[  179.181990][T10346] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2367'.
[  179.236158][T10356] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2373'.
[  179.245317][T10356] IPVS: Error connecting to the multicast addr
[  179.273150][T10361] loop3: detected capacity change from 0 to 128
[  179.285815][T10361] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  179.293890][T10361] FAT-fs (loop3): Filesystem has been set read-only
[  179.301012][T10361] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  179.308879][T10361] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  179.413123][T10380] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2382'.
[  179.478576][T10387] netlink: 'syz.1.2386': attribute type 7 has an invalid length.
[  179.486508][T10387] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2386'.
[  179.529227][T10395] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2390'.
[  179.671990][T10395] 8021q: adding VLAN 0 to HW filter on device bond2
[  179.696750][T10400] bond2 (unregistering): Released all slaves
[  180.187771][T10405] bridge: RTM_NEWNEIGH with invalid ether address
[  180.383140][T10423] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2398'.
[  180.518852][T10443] lo speed is unknown, defaulting to 1000
[  180.715957][T10465] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2414'.
[  180.891540][T10497] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2430'.
[  180.922930][T10504] netlink: 3 bytes leftover after parsing attributes in process `syz.0.2432'.
[  180.932648][T10504] 1ªX¹¦À: renamed from 
60ªX¹¦À
[  180.940806][T10504] A link change request failed with some changes committed already. Interface 
61ªX¹¦À may have been left with an inconsistent configuration, please check.
[  181.067410][T10520] loop3: detected capacity change from 0 to 512
[  181.094265][T10520] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  181.117852][T10520] EXT4-fs (loop3): orphan cleanup on readonly fs
[  181.149918][T10520] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.2438: corrupted inode contents
[  181.170430][T10520] EXT4-fs (loop3): Remounting filesystem read-only
[  181.178839][T10520] EXT4-fs (loop3): 1 truncate cleaned up
[  181.187470][ T5604] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  181.198130][ T5604] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  181.222808][ T5604] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  181.237210][T10520] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  181.264769][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.350114][T10555] IPVS: Unknown mcast interface: ipvlan1
[  181.470478][T10571] FAULT_INJECTION: forcing a failure.
[  181.470478][T10571] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  181.483593][T10571] CPU: 1 UID: 0 PID: 10571 Comm: syz.0.2456 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  181.483689][T10571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  181.483703][T10571] Call Trace:
[  181.483708][T10571]  <TASK>
[  181.483718][T10571]  __dump_stack+0x1d/0x30
[  181.483828][T10571]  dump_stack_lvl+0xe8/0x140
[  181.483872][T10571]  dump_stack+0x15/0x1b
[  181.483922][T10571]  should_fail_ex+0x265/0x280
[  181.483976][T10571]  should_fail+0xb/0x20
[  181.484095][T10571]  should_fail_usercopy+0x1a/0x20
[  181.484136][T10571]  _copy_from_user+0x1c/0xb0
[  181.484163][T10571]  get_user_ifreq+0x53/0x110
[  181.484206][T10571]  sock_ioctl+0x54e/0x610
[  181.484322][T10571]  ? __pfx_sock_ioctl+0x10/0x10
[  181.484364][T10571]  __se_sys_ioctl+0xcb/0x140
[  181.484391][T10571]  __x64_sys_ioctl+0x43/0x50
[  181.484417][T10571]  x64_sys_call+0x1816/0x3000
[  181.484449][T10571]  do_syscall_64+0xd2/0x200
[  181.484494][T10571]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  181.484530][T10571]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  181.484640][T10571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.484667][T10571] RIP: 0033:0x7f4c6d05eec9
[  181.484688][T10571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  181.484712][T10571] RSP: 002b:00007f4c6baa6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  181.484800][T10571] RAX: ffffffffffffffda RBX: 00007f4c6d2b6090 RCX: 00007f4c6d05eec9
[  181.484845][T10571] RDX: 0000200000000680 RSI: 00000000000089f2 RDI: 0000000000000003
[  181.484862][T10571] RBP: 00007f4c6baa6090 R08: 0000000000000000 R09: 0000000000000000
[  181.484879][T10571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  181.484922][T10571] R13: 00007f4c6d2b6128 R14: 00007f4c6d2b6090 R15: 00007ffc03a2f218
[  181.484960][T10571]  </TASK>
[  181.759142][T10581] lo speed is unknown, defaulting to 1000
[  181.771523][   T29] kauditd_printk_skb: 576 callbacks suppressed
[  181.771541][   T29] audit: type=1400 audit(1759497934.651:14387): avc:  denied  { watch } for  pid=10583 comm="syz.0.2465" path="/491" dev="tmpfs" ino=2642 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  181.810409][   T29] audit: type=1400 audit(1759497934.691:14388): avc:  denied  { connect } for  pid=10583 comm="syz.0.2465" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  181.830318][   T29] audit: type=1400 audit(1759497934.691:14389): avc:  denied  { create } for  pid=10589 comm="syz.4.2467" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  181.864291][   T29] audit: type=1400 audit(1759497934.741:14390): avc:  denied  { ioctl } for  pid=10589 comm="syz.4.2467" path="socket:[30232]" dev="sockfs" ino=30232 ioctlcmd=0x581f scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  181.975321][T10609] FAULT_INJECTION: forcing a failure.
[  181.975321][T10609] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  181.989035][T10609] CPU: 1 UID: 0 PID: 10609 Comm: syz.4.2472 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  181.989068][T10609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  181.989084][T10609] Call Trace:
[  181.989092][T10609]  <TASK>
[  181.989101][T10609]  __dump_stack+0x1d/0x30
[  181.989146][T10609]  dump_stack_lvl+0xe8/0x140
[  181.989215][T10609]  dump_stack+0x15/0x1b
[  181.989246][T10609]  should_fail_ex+0x265/0x280
[  181.989277][T10609]  should_fail+0xb/0x20
[  181.989369][T10609]  should_fail_usercopy+0x1a/0x20
[  181.989411][T10609]  _copy_from_user+0x1c/0xb0
[  181.989440][T10609]  ___sys_sendmsg+0xc1/0x1d0
[  181.989493][T10609]  __x64_sys_sendmsg+0xd4/0x160
[  181.989595][T10609]  x64_sys_call+0x191e/0x3000
[  181.989623][T10609]  do_syscall_64+0xd2/0x200
[  181.989645][T10609]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  181.989672][T10609]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  181.989751][T10609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.989773][T10609] RIP: 0033:0x7fcb0fe0eec9
[  181.989789][T10609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  181.989808][T10609] RSP: 002b:00007fcb0e877038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  181.989828][T10609] RAX: ffffffffffffffda RBX: 00007fcb10065fa0 RCX: 00007fcb0fe0eec9
[  181.989845][T10609] RDX: 0000000004044004 RSI: 0000200000000280 RDI: 0000000000000003
[  181.989874][T10609] RBP: 00007fcb0e877090 R08: 0000000000000000 R09: 0000000000000000
[  181.989887][T10609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  181.989956][T10609] R13: 00007fcb10066038 R14: 00007fcb10065fa0 R15: 00007ffd009bc148
[  181.989983][T10609]  </TASK>
[  182.244998][   T29] audit: type=1326 audit(1759497935.121:14391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10623 comm="syz.2.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  182.268827][   T29] audit: type=1326 audit(1759497935.121:14392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10623 comm="syz.2.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  182.292963][   T29] audit: type=1326 audit(1759497935.151:14393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10623 comm="syz.2.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  182.316646][   T29] audit: type=1326 audit(1759497935.151:14394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10623 comm="syz.2.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  182.340504][   T29] audit: type=1326 audit(1759497935.151:14395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10623 comm="syz.2.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  182.364152][   T29] audit: type=1326 audit(1759497935.151:14396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10623 comm="syz.2.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd58eaeec9 code=0x7ffc0000
[  182.615052][T10642] netlink: 'syz.2.2488': attribute type 39 has an invalid length.
[  182.984286][T10700] FAULT_INJECTION: forcing a failure.
[  182.984286][T10700] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  182.997472][T10700] CPU: 1 UID: 0 PID: 10700 Comm: syz.0.2510 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  182.997501][T10700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  182.997515][T10700] Call Trace:
[  182.997524][T10700]  <TASK>
[  182.997534][T10700]  __dump_stack+0x1d/0x30
[  182.997635][T10700]  dump_stack_lvl+0xe8/0x140
[  182.997778][T10700]  dump_stack+0x15/0x1b
[  182.997816][T10700]  should_fail_ex+0x265/0x280
[  182.997856][T10700]  should_fail+0xb/0x20
[  182.997897][T10700]  should_fail_usercopy+0x1a/0x20
[  182.997930][T10700]  _copy_from_user+0x1c/0xb0
[  182.997980][T10700]  ___sys_sendmsg+0xc1/0x1d0
[  182.998043][T10700]  __x64_sys_sendmsg+0xd4/0x160
[  182.998079][T10700]  x64_sys_call+0x191e/0x3000
[  182.998100][T10700]  do_syscall_64+0xd2/0x200
[  182.998124][T10700]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  182.998230][T10700]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  182.998274][T10700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.998299][T10700] RIP: 0033:0x7f4c6d05eec9
[  182.998314][T10700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  182.998338][T10700] RSP: 002b:00007f4c6bac7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  182.998360][T10700] RAX: ffffffffffffffda RBX: 00007f4c6d2b5fa0 RCX: 00007f4c6d05eec9
[  182.998373][T10700] RDX: 0000000000000000 RSI: 0000200000001ac0 RDI: 0000000000000004
[  182.998390][T10700] RBP: 00007f4c6bac7090 R08: 0000000000000000 R09: 0000000000000000
[  182.998406][T10700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  182.998423][T10700] R13: 00007f4c6d2b6038 R14: 00007f4c6d2b5fa0 R15: 00007ffc03a2f218
[  182.998515][T10700]  </TASK>
[  183.347122][T10725] netlink: 'syz.1.2517': attribute type 7 has an invalid length.
[  183.436303][T10737] lo speed is unknown, defaulting to 1000
[  184.205889][T10863] FAULT_INJECTION: forcing a failure.
[  184.205889][T10863] name failslab, interval 1, probability 0, space 0, times 0
[  184.218619][T10863] CPU: 0 UID: 0 PID: 10863 Comm: syz.4.2537 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  184.218657][T10863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  184.218724][T10863] Call Trace:
[  184.218733][T10863]  <TASK>
[  184.218799][T10863]  __dump_stack+0x1d/0x30
[  184.218878][T10863]  dump_stack_lvl+0xe8/0x140
[  184.218931][T10863]  dump_stack+0x15/0x1b
[  184.219045][T10863]  should_fail_ex+0x265/0x280
[  184.219085][T10863]  ? audit_log_d_path+0x8d/0x150
[  184.219112][T10863]  should_failslab+0x8c/0xb0
[  184.219148][T10863]  __kmalloc_cache_noprof+0x4c/0x4a0
[  184.219236][T10863]  audit_log_d_path+0x8d/0x150
[  184.219300][T10863]  audit_log_d_path_exe+0x42/0x70
[  184.219321][T10863]  audit_log_task+0x1e9/0x250
[  184.219363][T10863]  ? kstrtouint+0x76/0xc0
[  184.219401][T10863]  audit_seccomp+0x61/0x100
[  184.219516][T10863]  ? __seccomp_filter+0x82d/0x1250
[  184.219643][T10863]  __seccomp_filter+0x83e/0x1250
[  184.219681][T10863]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  184.219736][T10863]  ? vfs_write+0x7e8/0x960
[  184.219837][T10863]  ? __rcu_read_unlock+0x4f/0x70
[  184.219869][T10863]  ? __fget_files+0x184/0x1c0
[  184.219950][T10863]  __secure_computing+0x82/0x150
[  184.219978][T10863]  syscall_trace_enter+0xcf/0x1e0
[  184.220016][T10863]  do_syscall_64+0xac/0x200
[  184.220132][T10863]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  184.220228][T10863]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  184.220271][T10863]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.220300][T10863] RIP: 0033:0x7fcb0fe0eec9
[  184.220320][T10863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.220392][T10863] RSP: 002b:00007fcb0e877038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c2
[  184.220418][T10863] RAX: ffffffffffffffda RBX: 00007fcb10065fa0 RCX: 00007fcb0fe0eec9
[  184.220435][T10863] RDX: 0000000000000055 RSI: 00002000000004c0 RDI: 0000200000000480
[  184.220452][T10863] RBP: 00007fcb0e877090 R08: 0000000000000000 R09: 0000000000000000
[  184.220476][T10863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.220492][T10863] R13: 00007fcb10066038 R14: 00007fcb10065fa0 R15: 00007ffd009bc148
[  184.220520][T10863]  </TASK>
[  184.521543][T10898] lo speed is unknown, defaulting to 1000
[  184.558711][T10906] random: crng reseeded on system resumption
[  184.571931][T10906] Restarting kernel threads ...
[  184.578381][T10906] Done restarting kernel threads.
[  184.951603][T10926] FAULT_INJECTION: forcing a failure.
[  184.951603][T10926] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  184.964754][T10926] CPU: 0 UID: 0 PID: 10926 Comm: syz.1.2552 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  184.964789][T10926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  184.964804][T10926] Call Trace:
[  184.964810][T10926]  <TASK>
[  184.964817][T10926]  __dump_stack+0x1d/0x30
[  184.964935][T10926]  dump_stack_lvl+0xe8/0x140
[  184.964987][T10926]  dump_stack+0x15/0x1b
[  184.965023][T10926]  should_fail_ex+0x265/0x280
[  184.965067][T10926]  should_fail+0xb/0x20
[  184.965103][T10926]  should_fail_usercopy+0x1a/0x20
[  184.965142][T10926]  _copy_from_iter+0xd2/0xe80
[  184.965204][T10926]  ? __build_skb_around+0x1ab/0x200
[  184.965238][T10926]  ? __alloc_skb+0x223/0x320
[  184.965268][T10926]  netlink_sendmsg+0x471/0x6b0
[  184.965301][T10926]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.965351][T10926]  __sock_sendmsg+0x142/0x180
[  184.965392][T10926]  ____sys_sendmsg+0x31e/0x4e0
[  184.965520][T10926]  ___sys_sendmsg+0x17b/0x1d0
[  184.965565][T10926]  __x64_sys_sendmsg+0xd4/0x160
[  184.965657][T10926]  x64_sys_call+0x191e/0x3000
[  184.965678][T10926]  do_syscall_64+0xd2/0x200
[  184.965699][T10926]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  184.965734][T10926]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  184.965820][T10926]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.965902][T10926] RIP: 0033:0x7ffb2076eec9
[  184.965922][T10926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.965943][T10926] RSP: 002b:00007ffb1f1cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  184.966013][T10926] RAX: ffffffffffffffda RBX: 00007ffb209c5fa0 RCX: 00007ffb2076eec9
[  184.966027][T10926] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  184.966039][T10926] RBP: 00007ffb1f1cf090 R08: 0000000000000000 R09: 0000000000000000
[  184.966051][T10926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.966063][T10926] R13: 00007ffb209c6038 R14: 00007ffb209c5fa0 R15: 00007ffe616a4f68
[  184.966145][T10926]  </TASK>
[  185.323777][T10933] netlink: '+}[@': attribute type 30 has an invalid length.
[  185.550913][T10938] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  185.566043][T10938] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  186.133645][T10941] bridge: RTM_NEWNEIGH with invalid ether address
[  186.198349][T10950] random: crng reseeded on system resumption
[  186.209670][T10949] lo speed is unknown, defaulting to 1000
[  186.228458][T10950] Restarting kernel threads ...
[  186.235713][T10950] Done restarting kernel threads.
[  186.263392][T10950] FAULT_INJECTION: forcing a failure.
[  186.263392][T10950] name failslab, interval 1, probability 0, space 0, times 0
[  186.276119][T10950] CPU: 1 UID: 0 PID: 10950 Comm: syz.3.2559 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  186.276201][T10950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  186.276216][T10950] Call Trace:
[  186.276225][T10950]  <TASK>
[  186.276234][T10950]  __dump_stack+0x1d/0x30
[  186.276273][T10950]  dump_stack_lvl+0xe8/0x140
[  186.276330][T10950]  dump_stack+0x15/0x1b
[  186.276372][T10950]  should_fail_ex+0x265/0x280
[  186.276412][T10950]  should_failslab+0x8c/0xb0
[  186.276497][T10950]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  186.276534][T10950]  ? __alloc_skb+0x101/0x320
[  186.276647][T10950]  __alloc_skb+0x101/0x320
[  186.276681][T10950]  ? __account_obj_stock+0x1f6/0x350
[  186.276774][T10950]  netlink_dump+0x10d/0x8a0
[  186.276811][T10950]  __netlink_dump_start+0x43e/0x520
[  186.276846][T10950]  vsock_diag_handler_dump+0xcf/0x110
[  186.276886][T10950]  ? __pfx_vsock_diag_dump+0x10/0x10
[  186.276959][T10950]  ? __pfx_vsock_diag_handler_dump+0x10/0x10
[  186.277029][T10950]  sock_diag_rcv_msg+0x288/0x2c0
[  186.277062][T10950]  netlink_rcv_skb+0x120/0x220
[  186.277165][T10950]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  186.277215][T10950]  sock_diag_rcv+0x1c/0x30
[  186.277318][T10950]  netlink_unicast+0x5c0/0x690
[  186.277383][T10950]  netlink_sendmsg+0x58b/0x6b0
[  186.277420][T10950]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.277449][T10950]  __sock_sendmsg+0x142/0x180
[  186.277482][T10950]  ____sys_sendmsg+0x31e/0x4e0
[  186.277558][T10950]  ___sys_sendmsg+0x17b/0x1d0
[  186.277610][T10950]  __x64_sys_sendmsg+0xd4/0x160
[  186.277655][T10950]  x64_sys_call+0x191e/0x3000
[  186.277686][T10950]  do_syscall_64+0xd2/0x200
[  186.277788][T10950]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  186.277823][T10950]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  186.277867][T10950]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.277910][T10950] RIP: 0033:0x7f86aafbeec9
[  186.277929][T10950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.277951][T10950] RSP: 002b:00007f86a99fe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  186.277971][T10950] RAX: ffffffffffffffda RBX: 00007f86ab216090 RCX: 00007f86aafbeec9
[  186.278005][T10950] RDX: 0000000000004080 RSI: 00002000000000c0 RDI: 0000000000000006
[  186.278017][T10950] RBP: 00007f86a99fe090 R08: 0000000000000000 R09: 0000000000000000
[  186.278033][T10950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  186.278050][T10950] R13: 00007f86ab216128 R14: 00007f86ab216090 R15: 00007ffd2a4b5b08
[  186.278074][T10950]  </TASK>
[  186.573755][T10965] __nla_validate_parse: 3 callbacks suppressed
[  186.573773][T10965] netlink: 4436 bytes leftover after parsing attributes in process `syz.0.2565'.
[  186.625730][T10965] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  186.654479][T10970] netlink: 'syz.4.2568': attribute type 4 has an invalid length.
[  186.800064][T10972] netlink: 'syz.4.2569': attribute type 7 has an invalid length.
[  186.807929][T10972] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2569'.
[  186.979278][T10983] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2572'.
[  186.992505][T10983] IPVS: Unknown mcast interface: vcan0
[  187.075804][T10986] bridge: RTM_NEWNEIGH with invalid ether address
[  187.857040][   T29] kauditd_printk_skb: 186 callbacks suppressed
[  187.857058][   T29] audit: type=1400 audit(1759497940.731:14583): avc:  denied  { create } for  pid=10989 comm="syz.4.2573" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  187.892941][T10994] loop3: detected capacity change from 0 to 2048
[  187.919160][   T29] audit: type=1400 audit(1759497940.781:14584): avc:  denied  { write } for  pid=10989 comm="syz.4.2573" name="file0" dev="tmpfs" ino=2876 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  187.941907][   T29] audit: type=1400 audit(1759497940.781:14585): avc:  denied  { mounton } for  pid=10989 comm="syz.4.2573" path="/536/file0" dev="tmpfs" ino=2876 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  187.979423][T10994] Alternate GPT is invalid, using primary GPT.
[  187.985861][T10994]  loop3: p1 p2 p3
[  187.989663][T10994] loop3: partition table partially beyond EOD, truncated
[  188.046297][T11003] loop3: detected capacity change from 0 to 512
[  188.068812][   T29] audit: type=1400 audit(1759497940.941:14586): avc:  denied  { unlink } for  pid=3299 comm="syz-executor" name="file0" dev="tmpfs" ino=2876 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  188.108324][T11003] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  188.110039][T11005] lo speed is unknown, defaulting to 1000
[  188.124695][T11003] EXT4-fs (loop3): orphan cleanup on readonly fs
[  188.147867][T11003] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.2579: corrupted inode contents
[  188.170612][T11003] EXT4-fs (loop3): Remounting filesystem read-only
[  188.177323][T11003] EXT4-fs (loop3): 1 truncate cleaned up
[  188.183799][ T5577] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  188.194355][ T5577] Quota error (device loop3): write_blk: dquota write failed
[  188.201783][ T5577] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries
[  188.211839][ T5577] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  188.222718][ T5577] Quota error (device loop3): write_blk: dquota write failed
[  188.230206][ T5577] Quota error (device loop3): free_dqentry: Can't move quota data block (5) to free list
[  188.240249][ T5577] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  188.250427][ T5577] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  188.259349][ T5577] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  188.278454][T11003] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  188.308076][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.762435][T11027] bridge: RTM_NEWNEIGH with invalid ether address
[  188.788180][T11036] lo speed is unknown, defaulting to 1000
[  189.339592][T11055] netlink: 'syz.4.2600': attribute type 4 has an invalid length.
[  189.362774][T11055] netlink: 'syz.4.2600': attribute type 3 has an invalid length.
[  189.605074][T11081] lo speed is unknown, defaulting to 1000
[  190.035649][T11122] FAULT_INJECTION: forcing a failure.
[  190.035649][T11122] name failslab, interval 1, probability 0, space 0, times 0
[  190.048409][T11122] CPU: 0 UID: 0 PID: 11122 Comm: syz.3.2629 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  190.048437][T11122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  190.048450][T11122] Call Trace:
[  190.048456][T11122]  <TASK>
[  190.048466][T11122]  __dump_stack+0x1d/0x30
[  190.048559][T11122]  dump_stack_lvl+0xe8/0x140
[  190.048648][T11122]  dump_stack+0x15/0x1b
[  190.048694][T11122]  should_fail_ex+0x265/0x280
[  190.048725][T11122]  should_failslab+0x8c/0xb0
[  190.048759][T11122]  kmem_cache_alloc_noprof+0x50/0x480
[  190.048862][T11122]  ? audit_log_start+0x342/0x720
[  190.048908][T11122]  audit_log_start+0x342/0x720
[  190.048949][T11122]  ? kstrtouint+0x76/0xc0
[  190.049017][T11122]  audit_seccomp+0x48/0x100
[  190.049055][T11122]  ? __seccomp_filter+0x82d/0x1250
[  190.049084][T11122]  __seccomp_filter+0x83e/0x1250
[  190.049159][T11122]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  190.049199][T11122]  ? vfs_write+0x7e8/0x960
[  190.049224][T11122]  ? __rcu_read_unlock+0x4f/0x70
[  190.049270][T11122]  ? __fget_files+0x184/0x1c0
[  190.049309][T11122]  __secure_computing+0x82/0x150
[  190.049343][T11122]  syscall_trace_enter+0xcf/0x1e0
[  190.049377][T11122]  do_syscall_64+0xac/0x200
[  190.049401][T11122]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  190.049463][T11122]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  190.049497][T11122]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.049538][T11122] RIP: 0033:0x7f86aafbeec9
[  190.049558][T11122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.049650][T11122] RSP: 002b:00007f86a9a1f038 EFLAGS: 00000246 ORIG_RAX: 000000000000014c
[  190.049675][T11122] RAX: ffffffffffffffda RBX: 00007f86ab215fa0 RCX: 00007f86aafbeec9
[  190.049693][T11122] RDX: 0000000000007100 RSI: 0000000000000000 RDI: ffffffffffffffff
[  190.049710][T11122] RBP: 00007f86a9a1f090 R08: 0000000000000000 R09: 0000000000000000
[  190.049727][T11122] R10: 00000000000007ff R11: 0000000000000246 R12: 0000000000000001
[  190.049743][T11122] R13: 00007f86ab216038 R14: 00007f86ab215fa0 R15: 00007ffd2a4b5b08
[  190.049769][T11122]  </TASK>
[  190.271822][T11128] netlink: 4436 bytes leftover after parsing attributes in process `syz.1.2631'.
[  190.285703][T11128] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  190.389137][T11133] SELinux:  Context system_u:object_r:unconfined_execmem_exec_t:s0 is not valid (left unmapped).
[  190.516107][T11127] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  190.538019][T11127] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  190.752439][T11170] loop3: detected capacity change from 0 to 128
[  190.781610][T11170] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  190.789525][T11170] FAT-fs (loop3): Filesystem has been set read-only
[  190.802313][T11174] lo speed is unknown, defaulting to 1000
[  190.810226][T11170] bio_check_eod: 35342 callbacks suppressed
[  190.810239][T11170] syz.3.2646: attempt to access beyond end of device
[  190.810239][T11170] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  190.832019][T11173] lo speed is unknown, defaulting to 1000
[  190.834112][T11175] random: crng reseeded on system resumption
[  190.862070][T11170] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  190.869964][T11170] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  190.873102][T11175] Restarting kernel threads ...
[  190.886469][T11170] syz.3.2646: attempt to access beyond end of device
[  190.886469][T11170] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  190.899986][T11175] Done restarting kernel threads.
[  190.908595][T11176] FAULT_INJECTION: forcing a failure.
[  190.908595][T11176] name failslab, interval 1, probability 0, space 0, times 0
[  190.921288][T11176] CPU: 0 UID: 0 PID: 11176 Comm: syz.2.2648 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  190.921357][T11176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  190.921374][T11176] Call Trace:
[  190.921382][T11176]  <TASK>
[  190.921420][T11176]  __dump_stack+0x1d/0x30
[  190.921467][T11176]  dump_stack_lvl+0xe8/0x140
[  190.921544][T11176]  dump_stack+0x15/0x1b
[  190.921576][T11176]  should_fail_ex+0x265/0x280
[  190.921670][T11176]  should_failslab+0x8c/0xb0
[  190.921761][T11176]  kmem_cache_alloc_noprof+0x50/0x480
[  190.921828][T11176]  ? skb_clone+0x151/0x1f0
[  190.921869][T11176]  skb_clone+0x151/0x1f0
[  190.921907][T11176]  __netlink_deliver_tap+0x2c9/0x500
[  190.921951][T11176]  netlink_unicast+0x66b/0x690
[  190.921978][T11176]  netlink_sendmsg+0x58b/0x6b0
[  190.922017][T11176]  ? __pfx_netlink_sendmsg+0x10/0x10
[  190.922135][T11176]  __sock_sendmsg+0x142/0x180
[  190.922214][T11176]  ____sys_sendmsg+0x31e/0x4e0
[  190.922247][T11176]  ___sys_sendmsg+0x17b/0x1d0
[  190.922351][T11176]  __x64_sys_sendmsg+0xd4/0x160
[  190.922397][T11176]  x64_sys_call+0x191e/0x3000
[  190.922425][T11176]  do_syscall_64+0xd2/0x200
[  190.922445][T11176]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  190.922547][T11176]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  190.922590][T11176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.922620][T11176] RIP: 0033:0x7efd58eaeec9
[  190.922683][T11176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.922707][T11176] RSP: 002b:00007efd578f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  190.922733][T11176] RAX: ffffffffffffffda RBX: 00007efd59106090 RCX: 00007efd58eaeec9
[  190.922750][T11176] RDX: 0000000000004080 RSI: 00002000000000c0 RDI: 0000000000000006
[  190.922767][T11176] RBP: 00007efd578f6090 R08: 0000000000000000 R09: 0000000000000000
[  190.922819][T11176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.922836][T11176] R13: 00007efd59106128 R14: 00007efd59106090 R15: 00007fffccc434f8
[  190.922863][T11176]  </TASK>
[  191.133123][T11170] syz.3.2646: attempt to access beyond end of device
[  191.133123][T11170] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  191.146654][T11170] syz.3.2646: attempt to access beyond end of device
[  191.146654][T11170] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  191.160186][T11170] syz.3.2646: attempt to access beyond end of device
[  191.160186][T11170] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  191.173894][T11170] syz.3.2646: attempt to access beyond end of device
[  191.173894][T11170] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  191.206469][T11170] syz.3.2646: attempt to access beyond end of device
[  191.206469][T11170] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  191.222145][T11170] syz.3.2646: attempt to access beyond end of device
[  191.222145][T11170] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  191.257178][T11170] syz.3.2646: attempt to access beyond end of device
[  191.257178][T11170] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  191.271563][T11170] syz.3.2646: attempt to access beyond end of device
[  191.271563][T11170] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  191.388110][T11192] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.562392][T11201] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2659'.
[  191.592995][T11201] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2659'.
[  191.646992][T11208] netlink: 4436 bytes leftover after parsing attributes in process `syz.3.2662'.
[  191.667410][T11208] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  191.676600][T11209] FAULT_INJECTION: forcing a failure.
[  191.676600][T11209] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  191.689758][T11209] CPU: 1 UID: 0 PID: 11209 Comm: syz.2.2661 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  191.689790][T11209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  191.689834][T11209] Call Trace:
[  191.689843][T11209]  <TASK>
[  191.689853][T11209]  __dump_stack+0x1d/0x30
[  191.689891][T11209]  dump_stack_lvl+0xe8/0x140
[  191.689986][T11209]  dump_stack+0x15/0x1b
[  191.690026][T11209]  should_fail_ex+0x265/0x280
[  191.690084][T11209]  should_fail+0xb/0x20
[  191.690116][T11209]  should_fail_usercopy+0x1a/0x20
[  191.690156][T11209]  _copy_to_user+0x20/0xa0
[  191.690183][T11209]  simple_read_from_buffer+0xb5/0x130
[  191.690264][T11209]  proc_fail_nth_read+0x10e/0x150
[  191.690297][T11209]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  191.690334][T11209]  vfs_read+0x1a5/0x770
[  191.690431][T11209]  ? __rcu_read_unlock+0x4f/0x70
[  191.690457][T11209]  ? __fget_files+0x184/0x1c0
[  191.690491][T11209]  ksys_read+0xda/0x1a0
[  191.690523][T11209]  __x64_sys_read+0x40/0x50
[  191.690631][T11209]  x64_sys_call+0x27c0/0x3000
[  191.690658][T11209]  do_syscall_64+0xd2/0x200
[  191.690720][T11209]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  191.690748][T11209]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  191.690783][T11209]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.690805][T11209] RIP: 0033:0x7efd58ead8dc
[  191.690849][T11209] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  191.690873][T11209] RSP: 002b:00007efd578f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  191.690897][T11209] RAX: ffffffffffffffda RBX: 00007efd59106090 RCX: 00007efd58ead8dc
[  191.690912][T11209] RDX: 000000000000000f RSI: 00007efd578f60a0 RDI: 0000000000000007
[  191.690924][T11209] RBP: 00007efd578f6090 R08: 0000000000000000 R09: 0000000000000000
[  191.690937][T11209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  191.690949][T11209] R13: 00007efd59106128 R14: 00007efd59106090 R15: 00007fffccc434f8
[  191.691017][T11209]  </TASK>
[  191.709545][T11192] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.767979][T11211] loop3: detected capacity change from 0 to 1024
[  191.914020][T11211] EXT4-fs: Ignoring removed orlov option
[  191.922591][T11211] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.954296][T11192] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.054100][T11192] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.115055][T11212] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  192.123818][T11212] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  192.173826][   T51] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  192.186437][   T51] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  192.194901][T11211] ==================================================================
[  192.203024][T11211] BUG: KCSAN: data-race in generic_buffers_fsync_noflush / writeback_single_inode
[  192.204143][   T51] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  192.212257][T11211] 
[  192.212267][T11211] write to 0xffff88811b5e81a0 of 4 bytes by task 11208 on cpu 1:
[  192.212288][T11211]  writeback_single_inode+0x150/0x3f0
[  192.235864][T11211]  sync_inode_metadata+0x5b/0x90
[  192.240829][T11211]  generic_buffers_fsync_noflush+0xd9/0x120
[  192.246739][T11211]  ext4_sync_file+0x1ab/0x690
[  192.251429][T11211]  vfs_fsync_range+0x10a/0x130
[  192.256210][T11211]  ext4_buffered_write_iter+0x34f/0x3c0
[  192.261762][T11211]  ext4_file_write_iter+0x383/0xf00
[  192.266981][T11211]  iter_file_splice_write+0x666/0xa60
[  192.272357][T11211]  direct_splice_actor+0x156/0x2a0
[  192.277471][T11211]  splice_direct_to_actor+0x312/0x680
[  192.282847][T11211]  do_splice_direct+0xda/0x150
[  192.287620][T11211]  do_sendfile+0x380/0x650
[  192.292058][T11211]  __x64_sys_sendfile64+0x105/0x150
[  192.297299][T11211]  x64_sys_call+0x2bb4/0x3000
[  192.301989][T11211]  do_syscall_64+0xd2/0x200
[  192.306503][T11211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.312404][T11211] 
[  192.314732][T11211] read to 0xffff88811b5e81a0 of 4 bytes by task 11211 on cpu 0:
[  192.322363][T11211]  generic_buffers_fsync_noflush+0x80/0x120
[  192.328270][T11211]  ext4_sync_file+0x1ab/0x690
[  192.332977][T11211]  vfs_fsync_range+0x10a/0x130
[  192.337756][T11211]  ext4_buffered_write_iter+0x34f/0x3c0
[  192.343318][T11211]  ext4_file_write_iter+0x383/0xf00
[  192.348539][T11211]  iter_file_splice_write+0x666/0xa60
[  192.353921][T11211]  direct_splice_actor+0x156/0x2a0
[  192.359041][T11211]  splice_direct_to_actor+0x312/0x680
[  192.364423][T11211]  do_splice_direct+0xda/0x150
[  192.369201][T11211]  do_sendfile+0x380/0x650
[  192.373633][T11211]  __x64_sys_sendfile64+0x105/0x150
[  192.378846][T11211]  x64_sys_call+0x2bb4/0x3000
[  192.383532][T11211]  do_syscall_64+0xd2/0x200
[  192.388060][T11211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.393961][T11211] 
[  192.396293][T11211] value changed: 0x00000070 -> 0x00000002
[  192.402011][T11211] 
[  192.404337][T11211] Reported by Kernel Concurrency Sanitizer on:
[  192.410486][T11211] CPU: 0 UID: 0 PID: 11211 Comm: syz.3.2662 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  192.420382][T11211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  192.430440][T11211] ==================================================================
[  192.447876][ T5550] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  192.526495][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.