last executing test programs:

8.258936827s ago: executing program 1 (id=2735):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000100)}, 0x1f00)
sendmmsg$sock(r1, &(0x7f0000003bc0)=[{{0x0, 0xfe3d, 0x0}}, {{0x0, 0x0, 0x0}}], 0x4000000000002ca, 0x4040014)

7.41404988s ago: executing program 1 (id=2742):
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x3400c0, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa20000000000"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x1b, 0xc, &(0x7f00000004c0)=ANY=[@ANYRESOCT, @ANYRES8=r0], &(0x7f0000000240)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000240)='./file1/file0\x00', 0x200010, &(0x7f0000000340)={[], [{@euid_eq}]}, 0xfe, 0x57a, &(0x7f0000000580)="$eJzs3U1rG0cfAPD/yi95fZ44EELbQzHk0JQ0cmz3JYUe0mNpQwPtPRWyYoLlKFhyiN1AkkNzyaWEQikNlH6A3nsM/QL9FIE2EEow7aEXlZVXjhJJsezItlr9frDJzM6uZ0azM5rRSmwAQ2sy/ScX8WpEfJ1EHGlJG40scXL9uLUnN4rplkS9/tkfSSTZvubxSfb/oSzySkT88lXEqVx7vtWV1YVCuVxayuJTtcWrU9WV1dOXFwvzpfnSlZnZ2bPvzM68/967favrmxf++u7TBx+dvXti7dufHh29l8S5OJyltdbjJdxqjUzGZPaajMW55w6c7kNmgyTZ6wKwLSNZPx+LdAw4EiNZrwf++25GRB0YUon+D0OqOQ9oru37tA7+13j84foCqL3+o+ufjcT+xtro4FryzMooXe9O9CH/NI+ff79/L92if59DAGzq1u2IODM62j7+Jdn4t31nejjm+TyMf7B7HqTzn7c6zX9yG/Of6DD/OdSh727H5v0/96jDaUm/PqVO538fdJz/bty0mhjJYv9rzPnGkkuXy6V0bPt/RJyMsX1p/EX3c86uPax3S2ud/6Vbmn9zLpiV49HovmfPmSvUCi9T51aPb0e81nH+m2y0f9Kh/dPX40KPeRwv3X+9W9rm9d9Z9R8j3mhp/6cpyTOhF9yfnGpcD1PNq6Ldn3eO/9ot/72uf9r+Bzte/xv1n0ha79dWt57HD/v/LnVL2+71P5583giPZ/uuF2q1pemI8eST9v0zT89txpvHp/U/eeLF41+n6/9ARHzRY/3vHLvT9dBBaP+5LbX/1gMPP/7y+27599b+bzdCJ7M9vYx/vRbwZV47AAAAAAAAGDS5iDgcSS6/Ec7l8vn173cci4O5cqVaO3WpsnxlLhq/lZ2IsVzzTveRlu9DTGffh23GZ5rx8fX4bEQcjYhvRg404vlipTy315UHAAAAAAAAAAAAAAAAAACAAXGoy+//U7+NdDxlfHdLCOwoj/yG4bVp/+/Hk56AgbTV9/99O1QOYPdta/5/oP/lAHaf9T8MqbG9LgCwl7z/w/DS/2F46f8wvPR/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KsL58+nW33tyY1iGp+7trK8ULl2eq5UXcgvLhfzxcrS1fx8pTJfLuWLlcXN/l65Urk6PRPL16dqpWptqrqyenGxsnyldvHyYmG+dLHkaUMAAAAAAAAAAAAAAAAAAADQrrqyulAol0tLAoMdGBmMYrQHRgejGL0GbsZAFGNnA3f70Ls7DBbFXR6cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACDzTwAAAP//dzsyzQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
ioctl$AUTOFS_IOC_PROTOSUBVER(r4, 0x80049367, &(0x7f0000000380))
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7140000000000008500000055000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mknodat$loop(r1, &(0x7f0000000400)='./file1/file0\x00', 0xc000, 0x0)

7.228634403s ago: executing program 2 (id=2749):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x59)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f0000000280), 0x3fffffffffffd17, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005", @ANYBLOB, @ANYBLOB], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)

6.218080418s ago: executing program 1 (id=2754):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fsopen(&(0x7f0000000040)='configfs\x00', 0x0)

4.579907442s ago: executing program 2 (id=2766):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095", @ANYRES32=r0, @ANYBLOB="1800000000000000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0900000004000000563c000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="18000000000000c4402d52c16bc98531db8919c9399c942c28ce95a3c1ebade92037385e9d627a2ec37665c32e73428a39dd81aa5c105325f9d97803e1df8acf4bba15dba40da709fe52dedda3", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000040000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000a93fbc2e61b341106f4ec7ec0eeca8e2c6b1e9e805cbaf429aeca74a56a351d50cf118e92a1d434adbb7b799aa1022926aeb1e743a249223574cbad02f3c7d3cbeafcfa2e6858a6d95f0d8484cc67e6258a2fa5ff748e3dcd2eb7bff286d82bb8805c9e08a5f258fb768efbcbd8dd775a68950ed57a5f6c6de", @ANYRES8=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0x2, 0x300)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r3}, &(0x7f0000000000), &(0x7f00000005c0)=r4}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r4, 0x0, 0xa26}, 0x18)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r5)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}}, 0x4000054)

4.417886495s ago: executing program 2 (id=2769):
r0 = socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='cpuacct.usage_user\x00', 0x275a, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x8011}, 0x0)

4.417412175s ago: executing program 4 (id=2770):
set_mempolicy(0x3, &(0x7f00000000c0)=0x5, 0xa)
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0xffa8)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000000000), 0x4)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f00000002c0)={0x1, 0x4, 0xb, 0x0, @vifc_lcl_addr=@empty, @remote}, 0x10)
perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x81b0, 0xe0a10, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, @perf_bp={&(0x7f0000000100), 0x1}, 0xc003, 0xffffffff, 0x2, 0x7, 0x4, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0xc)
r3 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x890b, &(0x7f0000000000)={r3})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x5, 0x3, &(0x7f0000000500)=ANY=[], &(0x7f0000000c00)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet6(0xa, 0x1, 0x0)
mount(0x0, 0x0, 0x0, 0x1100010, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2a, 0x0, 0x0)
rt_sigaction(0x19, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000240)='./file0\x00', 0x18000, &(0x7f0000002f40)=ANY=[@ANYRES8=0x0, @ANYRES64, @ANYRES16=0x0, @ANYRESDEC, @ANYRES32, @ANYRES32], 0x1, 0x2ee, &(0x7f00000006c0)="$eJzs3M9PE1sUwPHTH5S2BMri5b28l7xwoxvdTKC6VhoDibGJBKnxR2IywFSbji2ZaTA1RnTl1vhHuCAs2ZEo/wAbd7px446NiQtZGMd0OkNpGUBKaRG+n4TMYe49nXtnBnLuhGHzzuvHxbyt5fWKhONKQiIiWyLDEhZfyNuG3TgmO72QiwPfPv5/6+69G5lsdmJaqcnMzKW0Umpo5N2TZwmv21q/bAw/2Pya/rLx98a/mz9nHhVsVbBVqVxRupotf67os6ah5gt2UVNqyjR021CFkm1Y9fZyvT1vlhcWqkovzQ8mFyzDtpVeqqqiUVWVsqpYVRV5qBdKStM0NZgUHCS3PD2tZ9pMnuvwYHBMLCujR0Qksaslt9yTAQEAgJ5qrf/DojpZ/6+cW68M3F4d8ur/tVhQ/X/5U/2zmur/uIgE1v/+8QPrf/1w9f/uiuhsOVL9j5NhJLZrV6gR1hqtjJ70fn5dL++vjLoB9T8AAAAAAAAAAAAAAAAAAAAAAH+CLcdJOY6T8rf+V7+IxEXE/z4gNSIiV3swZHTQEa4/ToHGi3vRIRHz1WJuMVffeh3WRcQUQ0YlJT/c+8FTi/03j1TNsLw3l7z8pcVcxG3J5KXg5o9Jqk9a8x1n8np2YkzVNef3SXJnflpS8ldwfjowPyYXzu/I1yQlH+akLKbMu+No5D8fU+razWxLfsLtBwAAAADAaaCpbYHrd03bq72ev72+bn0+EGmsr0cD1+dR+S/a27kDAAAAAHBW2NWnRd00DWufICEH92k/iB7TJ/sz/N0s/28Zjm+m+wT+wZua4t7Ojp+W0CFOyx5BWNrJGqnNRh11Fv5jo736yNR4965g0zD+efP2e+cOcWU1fsBM2w8i+98AfV37BQQAAACgaxpFv79nvLcDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgDOrGv0nr9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JXAAAA//+qDgR1")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r5, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)

4.302665356s ago: executing program 2 (id=2771):
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x3400c0, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa20000000000"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x1b, 0xc, &(0x7f00000004c0)=ANY=[@ANYRESOCT, @ANYRES8=r0], &(0x7f0000000240)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000240)='./file1/file0\x00', 0x200010, &(0x7f0000000340)={[], [{@euid_eq}]}, 0xfe, 0x57a, &(0x7f0000000580)="$eJzs3U1rG0cfAPD/yi95fZ44EELbQzHk0JQ0cmz3JYUe0mNpQwPtPRWyYoLlKFhyiN1AkkNzyaWEQikNlH6A3nsM/QL9FIE2EEow7aEXlZVXjhJJsezItlr9frDJzM6uZ0azM5rRSmwAQ2sy/ScX8WpEfJ1EHGlJG40scXL9uLUnN4rplkS9/tkfSSTZvubxSfb/oSzySkT88lXEqVx7vtWV1YVCuVxayuJTtcWrU9WV1dOXFwvzpfnSlZnZ2bPvzM68/967favrmxf++u7TBx+dvXti7dufHh29l8S5OJyltdbjJdxqjUzGZPaajMW55w6c7kNmgyTZ6wKwLSNZPx+LdAw4EiNZrwf++25GRB0YUon+D0OqOQ9oru37tA7+13j84foCqL3+o+ufjcT+xtro4FryzMooXe9O9CH/NI+ff79/L92if59DAGzq1u2IODM62j7+Jdn4t31nejjm+TyMf7B7HqTzn7c6zX9yG/Of6DD/OdSh727H5v0/96jDaUm/PqVO538fdJz/bty0mhjJYv9rzPnGkkuXy6V0bPt/RJyMsX1p/EX3c86uPax3S2ud/6Vbmn9zLpiV49HovmfPmSvUCi9T51aPb0e81nH+m2y0f9Kh/dPX40KPeRwv3X+9W9rm9d9Z9R8j3mhp/6cpyTOhF9yfnGpcD1PNq6Ldn3eO/9ot/72uf9r+Bzte/xv1n0ha79dWt57HD/v/LnVL2+71P5583giPZ/uuF2q1pemI8eST9v0zT89txpvHp/U/eeLF41+n6/9ARHzRY/3vHLvT9dBBaP+5LbX/1gMPP/7y+27599b+bzdCJ7M9vYx/vRbwZV47AAAAAAAAGDS5iDgcSS6/Ec7l8vn173cci4O5cqVaO3WpsnxlLhq/lZ2IsVzzTveRlu9DTGffh23GZ5rx8fX4bEQcjYhvRg404vlipTy315UHAAAAAAAAAAAAAAAAAACAAXGoy+//U7+NdDxlfHdLCOwoj/yG4bVp/+/Hk56AgbTV9/99O1QOYPdta/5/oP/lAHaf9T8MqbG9LgCwl7z/w/DS/2F46f8wvPR/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KsL58+nW33tyY1iGp+7trK8ULl2eq5UXcgvLhfzxcrS1fx8pTJfLuWLlcXN/l65Urk6PRPL16dqpWptqrqyenGxsnyldvHyYmG+dLHkaUMAAAAAAAAAAAAAAAAAAADQrrqyulAol0tLAoMdGBmMYrQHRgejGL0GbsZAFGNnA3f70Ls7DBbFXR6cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACDzTwAAAP//dzsyzQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
ioctl$AUTOFS_IOC_PROTOSUBVER(r4, 0x80049367, &(0x7f0000000380))
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7140000000000008500000055000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mknodat$loop(r1, &(0x7f0000000400)='./file1/file0\x00', 0xc000, 0x0)

4.254183297s ago: executing program 1 (id=2773):
set_mempolicy(0x3, &(0x7f00000000c0)=0x5, 0xa)
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0xffa8)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000000000), 0x4)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f00000002c0)={0x1, 0x4, 0xb, 0x0, @vifc_lcl_addr=@empty, @remote}, 0x10)
perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x81b0, 0xe0a10, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, @perf_bp={&(0x7f0000000100), 0x1}, 0xc003, 0xffffffff, 0x2, 0x7, 0x4, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0xc)
r3 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x890b, &(0x7f0000000000)={r3})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x5, 0x3, &(0x7f0000000500)=ANY=[], &(0x7f0000000c00)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet6(0xa, 0x1, 0x0)
mount(0x0, 0x0, 0x0, 0x1100010, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2a, 0x0, 0x0)
rt_sigaction(0x19, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000240)='./file0\x00', 0x18000, &(0x7f0000002f40)=ANY=[@ANYRES8=0x0, @ANYRES64, @ANYRES16=0x0, @ANYRESDEC, @ANYRES32, @ANYRES32], 0x1, 0x2ee, &(0x7f00000006c0)="$eJzs3M9PE1sUwPHTH5S2BMri5b28l7xwoxvdTKC6VhoDibGJBKnxR2IywFSbji2ZaTA1RnTl1vhHuCAs2ZEo/wAbd7px446NiQtZGMd0OkNpGUBKaRG+n4TMYe49nXtnBnLuhGHzzuvHxbyt5fWKhONKQiIiWyLDEhZfyNuG3TgmO72QiwPfPv5/6+69G5lsdmJaqcnMzKW0Umpo5N2TZwmv21q/bAw/2Pya/rLx98a/mz9nHhVsVbBVqVxRupotf67os6ah5gt2UVNqyjR021CFkm1Y9fZyvT1vlhcWqkovzQ8mFyzDtpVeqqqiUVWVsqpYVRV5qBdKStM0NZgUHCS3PD2tZ9pMnuvwYHBMLCujR0Qksaslt9yTAQEAgJ5qrf/DojpZ/6+cW68M3F4d8ur/tVhQ/X/5U/2zmur/uIgE1v/+8QPrf/1w9f/uiuhsOVL9j5NhJLZrV6gR1hqtjJ70fn5dL++vjLoB9T8AAAAAAAAAAAAAAAAAAAAAAH+CLcdJOY6T8rf+V7+IxEXE/z4gNSIiV3swZHTQEa4/ToHGi3vRIRHz1WJuMVffeh3WRcQUQ0YlJT/c+8FTi/03j1TNsLw3l7z8pcVcxG3J5KXg5o9Jqk9a8x1n8np2YkzVNef3SXJnflpS8ldwfjowPyYXzu/I1yQlH+akLKbMu+No5D8fU+razWxLfsLtBwAAAADAaaCpbYHrd03bq72ev72+bn0+EGmsr0cD1+dR+S/a27kDAAAAAHBW2NWnRd00DWufICEH92k/iB7TJ/sz/N0s/28Zjm+m+wT+wZua4t7Ojp+W0CFOyx5BWNrJGqnNRh11Fv5jo736yNR4965g0zD+efP2e+cOcWU1fsBM2w8i+98AfV37BQQAAACgaxpFv79nvLcDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgDOrGv0nr9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JXAAAA//+qDgR1")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r4, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)

3.38625255s ago: executing program 2 (id=2775):
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000008500000072000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYRESDEC=r2], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
write$selinux_load(0xffffffffffffffff, &(0x7f0000000340)=ANY=[], 0x43)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
syz_emit_ethernet(0xfffffffffffffde8, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000140)={0x0, 0x1}, &(0x7f00000001c0)=0x8)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x8, 0x0, 0x40040}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r5}, 0x18)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r6, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f00000002c0)={<r8=>0x0, 0x9}, &(0x7f0000000300)=0x8)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000380)={r8, 0xfff}, &(0x7f00000003c0)=0x8)

3.317875641s ago: executing program 1 (id=2777):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x59)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f0000000280), 0x3fffffffffffd17, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005", @ANYBLOB, @ANYBLOB], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)

3.300223481s ago: executing program 4 (id=2778):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d40)={&(0x7f00000009c0)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000100)='./bus\x00', &(0x7f0000000200)='system.posix_acl_default\x00', &(0x7f0000000340), 0x24, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000100000000"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
pipe2$9p(&(0x7f0000000240), 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x9801}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @dev}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0x3f}]}}}]}, 0x40}}, 0x0)

3.243329972s ago: executing program 3 (id=2779):
r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x6)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r1, &(0x7f00000003c0)='./file0\x00')

3.098286524s ago: executing program 3 (id=2780):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
r0 = socket$igmp(0x2, 0x3, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = open(&(0x7f0000000540)='./file0\x00', 0x60840, 0x81)
fcntl$setlease(r1, 0x400, 0x200000000000000)
fcntl$setlease(r1, 0x400, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="200000003e000701fcf7fffffedbdf25017c00000c000480"], 0x20}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000360007012bbd7000fedbdf2503"], 0x18}, 0x1, 0x0, 0x0, 0x408d0}, 0x20008010)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg1\x00', 0xe511})
close(0xffffffffffffffff)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x4058534c, &(0x7f0000000100)={0x101, 0x81, 0x7ff, 0x2, 0x9, 0xf})
ioctl$sock_TIOCOUTQ(r0, 0x5411, &(0x7f00000000c0))
open(&(0x7f0000000080)='./file0\x00', 0x82, 0x64)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)

2.598831711s ago: executing program 0 (id=2782):
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x8}, 0x100002, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2, 0x0, 0x400000000}, 0x18)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000004400)='./file0\x00', 0x0, &(0x7f0000000080)={[{@usrquota}, {@noblock_validity}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@debug}, {@inlinecrypt}]}, 0x6, 0x5fc, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x41, &(0x7f0000000880)={[{@bsdgroups}, {@nodiscard}, {@usrjquota}, {@grpjquota}, {@grpjquota}, {@minixdf}, {@prjquota}, {@noload}, {@block_validity}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1aca421, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))

2.114041289s ago: executing program 4 (id=2783):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000980), 0x0, 0x2f, 0xe8034000, 0x0, 0x0, 0x0, 0x0, 0x5dc}, 0x50)
perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20408, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, @perf_config_ext={0x8, 0x5}, 0x0, 0x101, 0x0, 0x0, 0xfffffffffff7bbfe, 0x0, 0xfffd, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES16=r0], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x100)
ioctl$SNDRV_TIMER_IOCTL_STATUS32(r2, 0xc0f85403, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1d00000004000000080200002100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000bf00006cd5fb8ff5b6fda9bbcb23c7dc6d09e4fcb636651baf868f48934b2b4b1569977635a120139601074272f34cf9c25b5b7eda47ec0eb379969b3ea9aa7a8f00de496197c0431956006b626819bff61cb91937c5e15570992d4e5839729b587f568bb25582029e1f6b48888d6e807b208cc6f0dbc276b91c5b32a23df86d68fe622f9287b89ab60975d0ccb01421bcf231c91ad3e72c130926d66d205d3d91c7e38aedf91b1ad67b3be0b8c0b3e909"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x2000c8d0)
r3 = open(&(0x7f0000000300)='.\x00', 0x0, 0x2)
r4 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r4, 0x1)
r5 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r5, 0x0, 0xffffffffdffffff7}, 0x18)
flock(r3, 0x2)
flock(r3, 0x1)
close_range(r3, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x14, &(0x7f0000001440)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000ff0300007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000009000000850000008200000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b0000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2002, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001140)={0x0, 0x20000000000003c3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00', r7}, 0x18)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r8}, 0x18)

2.077085259s ago: executing program 3 (id=2784):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000100)=[{0x0}], 0x1}, 0x1f00)
sendmmsg$sock(r1, &(0x7f0000003bc0)=[{{0x0, 0xfe3d, 0x0}}, {{0x0, 0x0, 0x0}}], 0x4000000000002ca, 0x4040014)

1.99777792s ago: executing program 0 (id=2785):
r0 = syz_open_dev$loop(&(0x7f00000005c0), 0x9, 0x12d600)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="0134014010ff"})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000001000), 0xe09)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="180600000000000000002000000000181200", @ANYRES32, @ANYBLOB="0000000000000000b70300000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000300)={{0x0, 0x2, 0x0, 0x0, 0x8000}})
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000000)={{0x0, 0x3, 0xfffffff9, 0x1, 0xaf97}})
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000000)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100000}}, {@resuid}, {@jqfmt_vfsv1}, {@errors_remount}, {@nobh}, {@usrjquota, 0x2e}], [], 0x2e}, 0x1, 0x46f, &(0x7f0000000580)="$eJzs289vFFUcAPDvbLvlt62IP/ihVtHY+KOlBZWDF40mXExM9IDHWgpBCjW0JkKIVGPwaPgL1KOJf4EnvRj1pPGqiRcTY0IMF9GDGTO7M7C0u+v+ahfczycZeG/mTd/7zszbfTNvJ4CBNZ79k0Rsj4ifRiJGq9mbC4xX/7t29cLcX1cvzCWRpq/+kVTK/Xn1wlxRtNhvW56ZKEWUPkhib516l86dPzW7sDB/Ns9PLZ9+a2rp3PmnTp6ePTF/Yv7MzOHDhw5OP/vMzNM9iXNH1tY97y7u233k9csvzx29/Ma3n2frt+fba+OoGuu6zvEYv/lY1ng04tc0Tbuu41axoyadDPexIbRlKCKy01XO+n+MxlDcOHmj8dL7fW0csK7SNE03rVk7VCRWUuB/LIl+twDoj+KLPrv/LZYNHH703ZXnqzdAWdzX8qW6ZThKeZnyqvvbXhqPiKMrf3+cLVH3OQQAQG99mY1/nqw3/ivFPTXl7ojq3NBYRNwZETsj4q6I2BURd0dUyt4bEfe1Wf/4qvza8c8PWzoKrEXZ+O+5fG7r5vFfMfqLsaE8t6MSfzk5fnJh/kB+TCaivCnLTzep46sXf/yo0bba8V+2ZPUXY8G8Hb8Pr3pAd2x2ebabmGtdeS9iz3C9+JPrMwFJROyOiD0d/P3smJ18/LN9jbb/d/xN9GCeKf004rHq+V+JVfEXkubzk1ObY2H+wFRxVaz13feXXmlUf1fx90B2/rfWvf6vxz+W1M7XLrVfx6WfP2x4T9Pp9T+SvFZJj+Tr3pldXj47HTGSrKxdP3Nj3yJflM/in9hfv//vjPjnk3y/vRGRXcT3R8QDEfFg3vaHIuLhiNjfJP5vXnjkzc7jX19Z/MfaOv/tJ4ZOff1Fo/pbO/+HKqmJfE0rn3+tNrCbYwcAAAC3i1LlN/BJafJ6ulSanKz+hn9XbC0tLC4tP3F88e0zx6q/lR+Lcql40jVa8zx0On82XORnVuUPVp4bp2mabqnkJ+cWF9ZrTh1ozbYG/T/z21C/Wwesu7bm0Rq90QbclryvCYNL/4fB1Wr/L69zO4CN5/sfBle9/n8x4lofmgJsMN//MLj0fxhc+j8MLv0fBlI37/U3S+w80vHuaVe1b84D63D3X9blaDRLDG1gXb1MRKnupnJE3CItbJIo3RrNqCY2RUSrhS92emG3nejzBxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECP/BsAAP//cGjokQ==")
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1ae96d01030100", 0x7)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r3, 0x84, 0x17, &(0x7f0000000740)=ANY=[], 0xffc9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00'/12, @ANYRES32, @ANYBLOB="0d00ff0000000000830000000000000045"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89f3, &(0x7f0000000080))
recvmmsg(r1, &(0x7f0000001800)=[{{&(0x7f0000000000)=@ax25={{0x3, @null}, [@rose, @remote, @rose, @rose, @rose, @rose, @default, @bcast]}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000080)=""/129, 0x81}], 0x1, &(0x7f0000000180)}}, {{&(0x7f0000000240)=@pptp={0x18, 0x2, {0x0, @loopback}}, 0x80, &(0x7f0000001740)=[{&(0x7f0000000400)=""/126, 0x7e}, {&(0x7f0000000600)=""/4096, 0x1000}, {&(0x7f0000000480)=""/173, 0xad}, {&(0x7f0000001600)=""/197, 0xc5}, {&(0x7f0000000540)=""/109, 0x6d}, {&(0x7f00000001c0)}, {&(0x7f0000001700)=""/54, 0x36}], 0x7, &(0x7f00000017c0)=""/21, 0x15}, 0x3}], 0x2, 0x60, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x1000, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee87fabfc179fd1f8a0e94a64ca86bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0155aaffffffffff07000400", "2809e85397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac0000000000000000000400", "90010000009265406c09306903d800", [0x0, 0x1]}})

1.923011752s ago: executing program 4 (id=2786):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x80}, 0x0)
pipe2$9p(&(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x21004a, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_u}]}})

1.888431812s ago: executing program 4 (id=2787):
set_mempolicy(0x3, &(0x7f00000000c0)=0x5, 0xa)
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0xffa8)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000000000), 0x4)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f00000002c0)={0x1, 0x4, 0xb, 0x0, @vifc_lcl_addr=@empty, @remote}, 0x10)
perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x81b0, 0xe0a10, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, @perf_bp={&(0x7f0000000100), 0x1}, 0xc003, 0xffffffff, 0x2, 0x7, 0x4, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0xc)
r3 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x890b, &(0x7f0000000000)={r3})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x5, 0x3, &(0x7f0000000500)=ANY=[], &(0x7f0000000c00)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet6(0xa, 0x1, 0x0)
mount(0x0, 0x0, 0x0, 0x1100010, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2a, 0x0, 0x0)
rt_sigaction(0x19, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000240)='./file0\x00', 0x18000, &(0x7f0000002f40)=ANY=[@ANYRES8=0x0, @ANYRES64, @ANYRES16=0x0, @ANYRESDEC, @ANYRES32, @ANYRES32], 0x1, 0x2ee, &(0x7f00000006c0)="$eJzs3M9PE1sUwPHTH5S2BMri5b28l7xwoxvdTKC6VhoDibGJBKnxR2IywFSbji2ZaTA1RnTl1vhHuCAs2ZEo/wAbd7px446NiQtZGMd0OkNpGUBKaRG+n4TMYe49nXtnBnLuhGHzzuvHxbyt5fWKhONKQiIiWyLDEhZfyNuG3TgmO72QiwPfPv5/6+69G5lsdmJaqcnMzKW0Umpo5N2TZwmv21q/bAw/2Pya/rLx98a/mz9nHhVsVbBVqVxRupotf67os6ah5gt2UVNqyjR021CFkm1Y9fZyvT1vlhcWqkovzQ8mFyzDtpVeqqqiUVWVsqpYVRV5qBdKStM0NZgUHCS3PD2tZ9pMnuvwYHBMLCujR0Qksaslt9yTAQEAgJ5qrf/DojpZ/6+cW68M3F4d8ur/tVhQ/X/5U/2zmur/uIgE1v/+8QPrf/1w9f/uiuhsOVL9j5NhJLZrV6gR1hqtjJ70fn5dL++vjLoB9T8AAAAAAAAAAAAAAAAAAAAAAH+CLcdJOY6T8rf+V7+IxEXE/z4gNSIiV3swZHTQEa4/ToHGi3vRIRHz1WJuMVffeh3WRcQUQ0YlJT/c+8FTi/03j1TNsLw3l7z8pcVcxG3J5KXg5o9Jqk9a8x1n8np2YkzVNef3SXJnflpS8ldwfjowPyYXzu/I1yQlH+akLKbMu+No5D8fU+razWxLfsLtBwAAAADAaaCpbYHrd03bq72ev72+bn0+EGmsr0cD1+dR+S/a27kDAAAAAHBW2NWnRd00DWufICEH92k/iB7TJ/sz/N0s/28Zjm+m+wT+wZua4t7Ojp+W0CFOyx5BWNrJGqnNRh11Fv5jo736yNR4965g0zD+efP2e+cOcWU1fsBM2w8i+98AfV37BQQAAACgaxpFv79nvLcDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgDOrGv0nr9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JXAAAA//+qDgR1")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r4, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)

1.611172556s ago: executing program 0 (id=2788):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/keys\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
io_uring_setup(0x2ed8, &(0x7f0000000280)={0x0, 0x683e, 0x800, 0x1, 0x12})
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f0000000300)={0xf, 0x4, 0x401, 0xf5d, 0xf, "914cc9d9ced8ab1dcf25f82ae1105231243bd1", 0x7fffffff, 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x100006, 0x220104, 0xe2a4, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000001940), 0x2000cc0, r2}, 0x38)

1.578074897s ago: executing program 2 (id=2789):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x123e00, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0000000400000002000000000000000000000015", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x4, @perf_config_ext={0x5, 0x9}, 0x4110, 0x0, 0x0, 0x5, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x41980100, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TCSBRKP(r0, 0x5425, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000002c0), 0x8600, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r4}, &(0x7f0000bbdffc))
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000ac0)={<r6=>0x0, 0x6}, &(0x7f0000000e00)=0x8)
sendmsg$inet_sctp(r5, &(0x7f0000000ec0)={&(0x7f0000000300)=@in={0x2, 0x4e20, @multicast2}, 0x10, &(0x7f0000000d40)=[{&(0x7f0000000400)="7a8f3ed849a096aca3307e2543a0dadc89b7a220f4cad4ae8ecd9ac71080edeb698ff021a531b206a4695aabe841fca774177706445ede1280af78f53f8ee97003b99ca352ef13ca619bbb31b5284d927ee7f25271344f775344dee6b4d80db8cff7e7c5637f94a28efcc0435aa9af95bc4db1dc0ed1a595fece889b6c72df3f209ed22ebfe121bb43a51665f40ff04352284909d0246f3deca579e9cc26da994322956752859001a50bff32e12468bc1b42f5237a1a3925d52fa0e2a5", 0xbd}, {&(0x7f00000004c0)}, {&(0x7f0000000500)="81090e34d1b2a86541ea0e2f871269f73fa50ee2ce894176", 0x18}, {&(0x7f0000000580)="ad01f9d3abc7e5718642b3ff625dc32aecf4615e62bbb7f56698d4a87fd23afde6d06dc69e1a40265cbec303623eaa8f916a609497cf6fd1c85379ef1e936e82ca644fdf111647965f59960c8ba45335c544d7077bb75f2e63eae131b52608", 0x5f}, {&(0x7f0000000600)="1fcfd0dd9967ed", 0x7}, {&(0x7f0000000680)="0d55110e8187b461bba483a74650a5e232db11eee8209a6d5f900ab8025bc1e31809a913682f65aeec2b7e5dd074d13d087fe6fdbbdf865d81a2c8b64517c0f632ccf293e0c0243315cf91c8e7e4dacf972a88cdefa17f34bd755d9fc9f4a8877dcd202c5406dda52c56944b15d0a2775f97c0f898c3dab24d7fa8f76d1e438a054d683e8c018b06f6b536bfbe13210e1003af04fa2b6d8a26273e443796399603030524b50da6aabfc0bec84498", 0xae}, {&(0x7f0000000740)="5e4ac750e62fe3f825076375ed19c724f143136fed98116e3db7a23ecfa214b2e2924073bc3e046920788e73c76ad4483a5c497e47a090bad951f3856d3d46b5855f029dfae13923fab868a56dc44fb84ae65566dd8e578be2c2fe2230ad3dd1c06a77ccfc16f33904441a53ea802407757cecca72d73c8e545ade6690295caa288996fed1be56cf915c306374dd2ce9f1c0e3a530f6fe64c601a6c8c5c738eb725adb03e379c1d667bea592497f96014c52d65f6e8872862eaaad161d38866d31a52de524fdc56b90d628eda3cc62bab9406f8d55118c8e5b514e8c6beccc2671bf487dada05e34b697587a02b937740513a0474d53", 0xf6}, {&(0x7f00000009c0)="4cad82243bb27fd029e0bdf9303c1112454ec9eaa3d23bd882b3846c282506734041884a1cb9aac98c014927beb192784bec74f07807559df1c2c7862536440f2f5a5cfc08e16ccd9a094b771a4c58a04ad736396c9fa479b04cf7ff5944f5daf01e007a154321f247cd26d4a32d71cc091fbce6330f7b7c50fbe12c90aec2a8d60d6dcdd99eb876f746511a51e853d5ebba38fc9db500fd5d4fdbd6d9390d2fc0bf1a45a59253f1d2a2ebc500c6dcfe2eee889574d48efd81dc62b84434655a0e04f5382bb172123b3bf6fadce80390e6ad09d800509016450e5d4ad2eaf0e9eea69dbee1d5e1a1b7fc4e14b2932e571296664d621f99", 0xf7}, {&(0x7f0000000bc0)="08a2e0b62dc67e7f3c55d15061fdd30241c781102cf19715a22babb880a0fc7ee69b9e5c92a55d5b1e6b610269fbd01b775e1e76a4af6aad5fccd5210712081903d42db567c937090095ff880b05a1ebed35104c5d835467f195920ce472f14f17f121da0d17688f6f094262fdef40013226e2526afc3d650c19423a346506b6babfe5126a296f47ee5ffbe6f10ebcc4b82031f9ce3b374ad4d8a122d914bf75", 0xa0}, {&(0x7f0000000c80)="0cc1a4c871277543523a5f00fa49bc10fc34c697662dde945edd3946397f791c8ba99efc511f35d24695f8744dd879ab7e39aa7562ef755d3326eeff05adce376a3c5e6f4d3d3335ab791aad43e01ca1a27c4c1a521a7aeacbc7a2855c2c4512165930fedb5c2d854e91f4f409838263b61deb6c11c8bbebd29db4d33271c93a083fd79fae33dab219ea26cee1a2e4600aec69ce4affebcd1cbcaa6b5d7088ebadd2f6fdf7194b98fc93c7", 0xab}], 0xa, &(0x7f0000000f00)=ANY=[@ANYBLOB="18000000000000008400000000000000000003000900060018000000000000008400000000000000f8ff030007000800b7c930000000000000008400000001000000fd1d0008008000000700000038040000160000000100000009000000", @ANYRES32, @ANYBLOB="20000000000000008400000002000000040001000800000081000000", @ANYRES32=r6], 0x80, 0x14}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x18)
r9 = add_key$keyring(0x0, &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
request_key(&(0x7f0000000240)='user\x00', &(0x7f0000000280)={'syz', 0x0}, &(0x7f00000002c0)='/selinux/user\x00', r9)
r10 = syz_open_dev$usbfs(&(0x7f0000000080), 0x72, 0x101301)
ioctl$USBDEVFS_IOCTL(r10, 0xc0105512, &(0x7f0000000000))
ioctl$USBDEVFS_IOCTL(r10, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
r11 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000840), 0x2, 0x0)
write$selinux_user(r11, &(0x7f0000000080)=ANY=[@ANYBLOB='system_u:object_r:auth_cache_t root'], 0x27)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$TCSETSW2(r3, 0x5408, &(0x7f0000000540)={0xff, 0x3eb, 0xfffffffe, 0x7fffffef, 0x0, "dcff7f00", 0x1002, 0x2})

1.500764007s ago: executing program 4 (id=2790):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
syz_open_dev$evdev(&(0x7f00000000c0), 0x200000000000000, 0x820b01)
modify_ldt$write(0x1, &(0x7f00000003c0)={0x5, 0x1000, 0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x1)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
write$cgroup_subtree(r0, 0x0, 0xfe33)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, 0x0, 0x0, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100))
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
pipe(&(0x7f00000002c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r1, 0x0, r4, 0x0, 0xa86, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r4, 0xc04c5349, &(0x7f0000000100)={0x3, 0x8, 0x1})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0xfc, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x40, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000080)}, 0x10010, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

1.438174859s ago: executing program 0 (id=2791):
r0 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x6)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r1, &(0x7f00000003c0)='./file0\x00')

1.326566251s ago: executing program 0 (id=2792):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x123e00, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0000000400000002000000000000000000000015", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x4, @perf_config_ext={0x5, 0x9}, 0x4110, 0x0, 0x0, 0x5, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x41980100, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TCSBRKP(r0, 0x5425, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000002c0), 0x8600, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r3}, &(0x7f0000bbdffc))
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000880)={<r5=>0x0, 0x40}, &(0x7f00000008c0)=0x8)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000ac0)={<r6=>0x0, 0x6}, &(0x7f0000000e00)=0x8)
sendmsg$inet_sctp(r4, &(0x7f0000000ec0)={&(0x7f0000000300)=@in={0x2, 0x4e20, @multicast2}, 0x10, &(0x7f0000000d40)=[{&(0x7f0000000400)="7a8f3ed849a096aca3307e2543a0dadc89b7a220f4cad4ae8ecd9ac71080edeb698ff021a531b206a4695aabe841fca774177706445ede1280af78f53f8ee97003b99ca352ef13ca619bbb31b5284d927ee7f25271344f775344dee6b4d80db8cff7e7c5637f94a28efcc0435aa9af95bc4db1dc0ed1a595fece889b6c72df3f209ed22ebfe121bb43a51665f40ff04352284909d0246f3deca579e9cc26da994322956752859001a50bff32e12468bc1b42f5237a1a3925d52fa0e2a5", 0xbd}, {&(0x7f00000004c0)}, {&(0x7f0000000500)="81090e34d1b2a86541ea0e2f871269f73fa50ee2ce894176", 0x18}, {&(0x7f0000000580)="ad01f9d3abc7e5718642b3ff625dc32aecf4615e62bbb7f56698d4a87fd23afde6d06dc69e1a40265cbec303623eaa8f916a609497cf6fd1c85379ef1e936e82ca644fdf111647965f59960c8ba45335c544d7077bb75f2e63eae131b52608", 0x5f}, {&(0x7f0000000600)="1fcfd0dd9967ed", 0x7}, {&(0x7f0000000680)="0d55110e8187b461bba483a74650a5e232db11eee8209a6d5f900ab8025bc1e31809a913682f65aeec2b7e5dd074d13d087fe6fdbbdf865d81a2c8b64517c0f632ccf293e0c0243315cf91c8e7e4dacf972a88cdefa17f34bd755d9fc9f4a8877dcd202c5406dda52c56944b15d0a2775f97c0f898c3dab24d7fa8f76d1e438a054d683e8c018b06f6b536bfbe13210e1003af04fa2b6d8a26273e443796399603030524b50da6aabfc0bec84498", 0xae}, {&(0x7f0000000740)="5e4ac750e62fe3f825076375ed19c724f143136fed98116e3db7a23ecfa214b2e2924073bc3e046920788e73c76ad4483a5c497e47a090bad951f3856d3d46b5855f029dfae13923fab868a56dc44fb84ae65566dd8e578be2c2fe2230ad3dd1c06a77ccfc16f33904441a53ea802407757cecca72d73c8e545ade6690295caa288996fed1be56cf915c306374dd2ce9f1c0e3a530f6fe64c601a6c8c5c738eb725adb03e379c1d667bea592497f96014c52d65f6e8872862eaaad161d38866d31a52de524fdc56b90d628eda3cc62bab9406f8d55118c8e5b514e8c6beccc2671bf487dada05e34b697587a02b937740513a0474d53", 0xf6}, {&(0x7f00000009c0)="4cad82243bb27fd029e0bdf9303c1112454ec9eaa3d23bd882b3846c282506734041884a1cb9aac98c014927beb192784bec74f07807559df1c2c7862536440f2f5a5cfc08e16ccd9a094b771a4c58a04ad736396c9fa479b04cf7ff5944f5daf01e007a154321f247cd26d4a32d71cc091fbce6330f7b7c50fbe12c90aec2a8d60d6dcdd99eb876f746511a51e853d5ebba38fc9db500fd5d4fdbd6d9390d2fc0bf1a45a59253f1d2a2ebc500c6dcfe2eee889574d48efd81dc62b84434655a0e04f5382bb172123b3bf6fadce80390e6ad09d800509016450e5d4ad2eaf0e9eea69dbee1d5e1a1b7fc4e14b2932e571296664d621f99", 0xf7}, {&(0x7f0000000bc0)="08a2e0b62dc67e7f3c55d15061fdd30241c781102cf19715a22babb880a0fc7ee69b9e5c92a55d5b1e6b610269fbd01b775e1e76a4af6aad5fccd5210712081903d42db567c937090095ff880b05a1ebed35104c5d835467f195920ce472f14f17f121da0d17688f6f094262fdef40013226e2526afc3d650c19423a346506b6babfe5126a296f47ee5ffbe6f10ebcc4b82031f9ce3b374ad4d8a122d914bf75", 0xa0}, {&(0x7f0000000c80)="0cc1a4c871277543523a5f00fa49bc10fc34c697662dde945edd3946397f791c8ba99efc511f35d24695f8744dd879ab7e39aa7562ef755d3326eeff05adce376a3c5e6f4d3d3335ab791aad43e01ca1a27c4c1a521a7aeacbc7a2855c2c4512165930fedb5c2d854e91f4f409838263b61deb6c11c8bbebd29db4d33271c93a083fd79fae33dab219ea26cee1a2e4600aec69ce4affebcd1cbcaa6b5d7088ebadd2f6fdf7194b98fc93c7", 0xab}], 0xa, &(0x7f0000000f00)=ANY=[@ANYBLOB="18000000000000008400000000000000000003000900060018000000000000008400000000000000f8ff030007000800b7c930000000000000008400000001000000fd1d0008008000000700000038040000160000000100000009000000", @ANYRES32=r5, @ANYBLOB="20000000000000008400000002000000040001000800000081000000", @ANYRES32=r6], 0x80, 0x14}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x18)
r9 = add_key$keyring(0x0, &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, 0x0, 0x0, r9)
request_key(&(0x7f0000000240)='user\x00', &(0x7f0000000280)={'syz', 0x0}, &(0x7f00000002c0)='/selinux/user\x00', r9)
r10 = syz_open_dev$usbfs(&(0x7f0000000080), 0x72, 0x101301)
ioctl$USBDEVFS_IOCTL(r10, 0xc0105512, &(0x7f0000000000))
ioctl$USBDEVFS_IOCTL(r10, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
r11 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000840), 0x2, 0x0)
write$selinux_user(r11, &(0x7f0000000080)=ANY=[@ANYBLOB='system_u:object_r:auth_cache_t root'], 0x27)
socket$inet_tcp(0x2, 0x1, 0x0)

1.145023673s ago: executing program 3 (id=2793):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d40)={&(0x7f00000009c0)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000100)='./bus\x00', &(0x7f0000000200)='system.posix_acl_default\x00', &(0x7f0000000340), 0x24, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000100000000"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
pipe2$9p(&(0x7f0000000240), 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x9801}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @dev}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0x3f}]}}}]}, 0x40}}, 0x0)

161.012148ms ago: executing program 3 (id=2794):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f00000000c0), 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = socket$caif_seqpacket(0x25, 0x5, 0x3)
ioctl$sock_inet_SIOCSIFBRDADDR(r1, 0x891a, &(0x7f0000000040)={'tunl0\x00', {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x2a}}})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000003"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1d, 0xc, &(0x7f0000000ac0)=ANY=[@ANYRESOCT, @ANYBLOB="fffc76051f9484df5bfc6554f9a044b6414ccd59d6496b8ce35d71dbad0668cdc511d5ec02162c0e4bb5ed21703dff306723c010322b68a2a9afdc1fc288415b51b3e9d1303113af6042f96503491e7fc2727ed35ed1f41606792df3b33bb10254734f1d95b14806e314b766906a78faaf6b208880711ce3cad88815b50514afb19de20a529bbcbc42cd40cbef17d5345c539aadf46c541fc0f1", @ANYRES16=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021", @ANYBLOB], 0x50)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0xae, &(0x7f0000000440)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd60f4adf700382900000000000000000000f9000000000000ff020000000000000000000000000001"], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r6}, 0x10)
bpf$MAP_CREATE(0x700000000000000, &(0x7f00000008c0)=ANY=[@ANYBLOB="1d000000040000658000009f2280d7b1dc58f92651fccb3dffa6fcdd39a54f2559a0ffc9eb6378fec355f2401d93822d1e9a42d81204ebe41f3049a24cf6722f2799e036a733ec05cdc30b7df94d3d104996b75a51293866aac3c90c6e724e546d91131f3a2b5d7ed3980c4ae54831ab1e286a223a0c176d511b68423aafa027e73b213181d0f70500000081af4a676da3", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0100000005001000"/28], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r5}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r7}, 0x18)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(0xffffffffffffffff, 0x0, 0x6)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r8, &(0x7f00000003c0)='./file0\x00')

21.817029ms ago: executing program 3 (id=2795):
r0 = socket$inet(0x2, 0x1, 0x0)
listen(r0, 0xb)
socket$inet(0x2, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r1, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
socket$inet6_icmp(0xa, 0x2, 0x11)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xf3a, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYRESOCT, @ANYRES32, @ANYBLOB='\x00'/18, @ANYBLOB="1f0fa42c62442a58600ce43ebdf9221d6f96e26f7545b54c56ccc3a990880b7cb6c7b9f145dac7f496f4743aea64754db5b7bcadf42b449439d0749117b7ca8b00afb4abc4ef65962b20f3dd67dc4794b0afc51d0c0fd1b5fdd4f9294901e8806602de68280076d5fc2d3026055aec9b6be30bc0dbe4c176ed3cdab02c5c59c1d26427670560047a7634fb0331c1e438e45711e21d39755c706061e6f7027ff59a71836f578fca9ea53bee65", @ANYRES32], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000500)=ANY=[@ANYRES8=r2, @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000030000008500000086000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x24)
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)

18.89823ms ago: executing program 0 (id=2796):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x123e00, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0000000400000002000000000000000000000015", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x4, @perf_config_ext={0x5, 0x9}, 0x4110, 0x0, 0x0, 0x5, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x41980100, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TCSBRKP(r0, 0x5425, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000002c0), 0x8600, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4}, &(0x7f0000bbdffc))
socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000880)={0x0, 0x40}, &(0x7f00000008c0)=0x8)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000ac0)={0x0, 0x6}, &(0x7f0000000e00)=0x8)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, 0x0, 0x0, 0x0)
request_key(&(0x7f0000000240)='user\x00', &(0x7f0000000280)={'syz', 0x0}, &(0x7f00000002c0)='/selinux/user\x00', 0x0)
r5 = syz_open_dev$usbfs(&(0x7f0000000080), 0x72, 0x101301)
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000000))
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000840), 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)

0s ago: executing program 1 (id=2797):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x80}, 0x0)
pipe2$9p(&(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x21004a, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_u}]}})

kernel console output (not intermixed with test programs):


[  335.610726][ T3785] kworker/u8:8: attempt to access beyond end of device
[  335.610726][ T3785] loop4: rw=1, sector=305, nr_sectors = 8 limit=128
[  335.629891][ T3785] kworker/u8:8: attempt to access beyond end of device
[  335.629891][ T3785] loop4: rw=1, sector=321, nr_sectors = 8 limit=128
[  335.645429][   T29] kauditd_printk_skb: 48 callbacks suppressed
[  335.645444][   T29] audit: type=1326 audit(1749737778.234:4146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11137 comm="syz.1.2260" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f82b0d3e929 code=0x0
[  335.653328][ T3785] kworker/u8:8: attempt to access beyond end of device
[  335.653328][ T3785] loop4: rw=1, sector=337, nr_sectors = 8 limit=128
[  335.789936][ T3785] kworker/u8:8: attempt to access beyond end of device
[  335.789936][ T3785] loop4: rw=1, sector=353, nr_sectors = 8 limit=128
[  335.807316][ T3785] kworker/u8:8: attempt to access beyond end of device
[  335.807316][ T3785] loop4: rw=1, sector=369, nr_sectors = 8 limit=128
[  335.832345][ T3785] kworker/u8:8: attempt to access beyond end of device
[  335.832345][ T3785] loop4: rw=1, sector=385, nr_sectors = 8 limit=128
[  335.863694][ T3785] kworker/u8:8: attempt to access beyond end of device
[  335.863694][ T3785] loop4: rw=1, sector=401, nr_sectors = 8 limit=128
[  335.900379][ T3785] kworker/u8:8: attempt to access beyond end of device
[  335.900379][ T3785] loop4: rw=1, sector=417, nr_sectors = 8 limit=128
[  335.931000][ T3785] kworker/u8:8: attempt to access beyond end of device
[  335.931000][ T3785] loop4: rw=1, sector=433, nr_sectors = 8 limit=128
[  336.134943][T11152] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2264'.
[  336.179331][T11152] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11152 comm=syz.4.2264
[  336.585424][T11167] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[  336.592063][T11167] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  336.599821][T11167] vhci_hcd vhci_hcd.0: Device attached
[  336.636059][T11167] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(13)
[  336.642737][T11167] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  336.650450][T11167] vhci_hcd vhci_hcd.0: Device attached
[  336.690277][T11167] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(15)
[  336.696908][T11167] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  336.704633][T11167] vhci_hcd vhci_hcd.0: Device attached
[  336.734019][   T29] audit: type=1400 audit(2000000001.020:4147): avc:  denied  { watch watch_reads } for  pid=11166 comm="syz.4.2270" path="/466/file0" dev="tmpfs" ino=2546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  336.783556][T11181] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  336.810122][T11181] vhci_hcd vhci_hcd.0: pdev(4) rhport(4) sockfd(26)
[  336.816789][T11181] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  336.824331][T11181] vhci_hcd vhci_hcd.0: Device attached
[  336.845985][T11167] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(28)
[  336.852655][T11167] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  336.860411][T11167] vhci_hcd vhci_hcd.0: Device attached
[  336.889687][T11167] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  336.899341][T11167] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  336.908960][T11185] vhci_hcd: connection closed
[  336.909443][T11168] vhci_hcd: connection closed
[  336.909795][T11171] vhci_hcd: connection closed
[  336.919111][T11176] vhci_hcd: connection closed
[  336.922476][T11190] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  336.924968][ T3785] vhci_hcd: stop threads
[  336.928673][T11190] SELinux: failed to load policy
[  336.938227][ T3785] vhci_hcd: release socket
[  336.942514][T11182] vhci_hcd: connection closed
[  336.947439][ T3785] vhci_hcd: disconnect device
[  336.948618][ T3785] vhci_hcd: stop threads
[  336.965811][ T3785] vhci_hcd: release socket
[  336.970386][ T3785] vhci_hcd: disconnect device
[  337.018560][ T3785] vhci_hcd: stop threads
[  337.023000][ T3785] vhci_hcd: release socket
[  337.027427][ T3785] vhci_hcd: disconnect device
[  337.053812][ T3785] vhci_hcd: stop threads
[  337.058102][ T3785] vhci_hcd: release socket
[  337.062554][ T3785] vhci_hcd: disconnect device
[  337.067459][ T3785] vhci_hcd: stop threads
[  337.071779][ T3785] vhci_hcd: release socket
[  337.076195][ T3785] vhci_hcd: disconnect device
[  337.110153][T11188] loop3: detected capacity change from 0 to 128
[  337.392060][T11198] loop3: detected capacity change from 0 to 2048
[  337.523108][T11201] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2276'.
[  337.620819][T11201] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11201 comm=syz.4.2276
[  337.626047][T11205] loop3: detected capacity change from 0 to 2048
[  337.677675][T11205] loop3: detected capacity change from 0 to 1024
[  337.697677][T11205] ext4: Unknown parameter 'euid'
[  337.716291][T11210] netlink: 332 bytes leftover after parsing attributes in process `syz.4.2280'.
[  337.746797][T11210] netlink: 'syz.4.2280': attribute type 9 has an invalid length.
[  337.754760][T11210] netlink: 108 bytes leftover after parsing attributes in process `syz.4.2280'.
[  337.764253][T11210] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2280'.
[  338.154764][T11228] vhci_hcd: invalid port number 96
[  338.159928][T11228] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  338.410580][   T29] audit: type=1326 audit(2000000002.690:4148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11229 comm="syz.1.2286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  338.434133][   T29] audit: type=1326 audit(2000000002.690:4149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11229 comm="syz.1.2286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  338.457679][   T29] audit: type=1326 audit(2000000002.690:4150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11229 comm="syz.1.2286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  338.481294][   T29] audit: type=1326 audit(2000000002.690:4151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11229 comm="syz.1.2286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  338.504844][   T29] audit: type=1326 audit(2000000002.690:4152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11229 comm="syz.1.2286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  338.528515][   T29] audit: type=1326 audit(2000000002.690:4153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11229 comm="syz.1.2286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  338.552161][   T29] audit: type=1326 audit(2000000002.690:4154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11229 comm="syz.1.2286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  338.575977][   T29] audit: type=1326 audit(2000000002.690:4155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11229 comm="syz.1.2286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f82b0d40847 code=0x7ffc0000
[  338.842878][T11250] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2291'.
[  338.942240][T11250] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11250 comm=syz.4.2291
[  339.436300][T11277] SELinux: failed to load policy
[  339.443098][T11279] vhci_hcd: invalid port number 96
[  339.448422][T11279] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  339.457850][T11277] pimreg: entered allmulticast mode
[  339.480773][T11276] pimreg: left allmulticast mode
[  339.567713][T11292] lo speed is unknown, defaulting to 1000
[  339.689130][T11292] SELinux: syz.0.2303 (11292) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  339.948108][T11299] lo speed is unknown, defaulting to 1000
[  340.100156][T11305] loop4: detected capacity change from 0 to 2048
[  340.233797][T11305] loop4: detected capacity change from 0 to 1024
[  340.289300][T11305] ext4: Unknown parameter 'euid'
[  341.685794][T11319] ALSA: seq fatal error: cannot create timer (-22)
[  343.003669][T11325] loop3: detected capacity change from 0 to 512
[  343.032559][T11329] openvswitch: netlink: Message has 6 unknown bytes.
[  343.093757][T11329] FAULT_INJECTION: forcing a failure.
[  343.093757][T11329] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  343.106866][T11329] CPU: 0 UID: 0 PID: 11329 Comm: syz.1.2313 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(voluntary) 
[  343.106963][T11329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  343.107055][T11329] Call Trace:
[  343.107063][T11329]  <TASK>
[  343.107071][T11329]  __dump_stack+0x1d/0x30
[  343.107090][T11329]  dump_stack_lvl+0xe8/0x140
[  343.107137][T11329]  dump_stack+0x15/0x1b
[  343.107154][T11329]  should_fail_ex+0x265/0x280
[  343.107185][T11329]  should_fail+0xb/0x20
[  343.107213][T11329]  should_fail_usercopy+0x1a/0x20
[  343.107277][T11329]  _copy_from_user+0x1c/0xb0
[  343.107305][T11329]  ___sys_sendmsg+0xc1/0x1d0
[  343.107395][T11329]  __x64_sys_sendmsg+0xd4/0x160
[  343.107422][T11329]  x64_sys_call+0x2999/0x2fb0
[  343.107447][T11329]  do_syscall_64+0xd2/0x200
[  343.107492][T11329]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  343.107517][T11329]  ? clear_bhb_loop+0x40/0x90
[  343.107541][T11329]  ? clear_bhb_loop+0x40/0x90
[  343.107619][T11329]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.107638][T11329] RIP: 0033:0x7f82b0d3e929
[  343.107651][T11329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  343.107669][T11329] RSP: 002b:00007f82af3a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  343.107689][T11329] RAX: ffffffffffffffda RBX: 00007f82b0f65fa0 RCX: 00007f82b0d3e929
[  343.107703][T11329] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000009
[  343.107780][T11329] RBP: 00007f82af3a7090 R08: 0000000000000000 R09: 0000000000000000
[  343.107791][T11329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  343.107804][T11329] R13: 0000000000000000 R14: 00007f82b0f65fa0 R15: 00007ffcf59603d8
[  343.107825][T11329]  </TASK>
[  343.901581][T11340] lo speed is unknown, defaulting to 1000
[  343.971531][T11325] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  343.984111][T11325] ext4 filesystem being mounted at /436/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  345.247594][T11340] SELinux: syz.4.2316 (11340) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  345.284066][   T29] kauditd_printk_skb: 31 callbacks suppressed
[  345.284080][   T29] audit: type=1400 audit(2000000009.570:4187): avc:  denied  { write } for  pid=11359 comm="syz.2.2319" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  345.313635][   T29] audit: type=1400 audit(2000000009.570:4188): avc:  denied  { open } for  pid=11359 comm="syz.2.2319" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  345.354191][T11361] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  345.394980][T11361] SELinux: failed to load policy
[  345.402528][T11362] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2314'.
[  345.439184][T11357] pimreg: entered allmulticast mode
[  345.515860][   T29] audit: type=1400 audit(2000000009.670:4189): avc:  denied  { setopt } for  pid=11347 comm="syz.0.2314" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  345.519671][T11356] pimreg: left allmulticast mode
[  345.560390][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.717723][T11372] ALSA: seq fatal error: cannot create timer (-22)
[  347.112623][T11376] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  347.146116][T11376] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  347.237026][T11378] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.324444][T11383] SELinux: failed to load policy
[  347.343229][T11378] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.378371][T11383] pimreg: entered allmulticast mode
[  347.471373][T11382] pimreg: left allmulticast mode
[  347.512899][T11378] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.685609][T11378] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.465866][T11399] vhci_hcd: invalid port number 96
[  348.471169][T11399] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  348.621906][T11378] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  348.643338][T11404] FAULT_INJECTION: forcing a failure.
[  348.643338][T11404] name failslab, interval 1, probability 0, space 0, times 0
[  348.656067][T11404] CPU: 1 UID: 0 PID: 11404 Comm: syz.0.2330 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(voluntary) 
[  348.656093][T11404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  348.656105][T11404] Call Trace:
[  348.656111][T11404]  <TASK>
[  348.656186][T11404]  __dump_stack+0x1d/0x30
[  348.656206][T11404]  dump_stack_lvl+0xe8/0x140
[  348.656225][T11404]  dump_stack+0x15/0x1b
[  348.656314][T11404]  should_fail_ex+0x265/0x280
[  348.656347][T11404]  should_failslab+0x8c/0xb0
[  348.656448][T11404]  kmem_cache_alloc_node_noprof+0x57/0x320
[  348.656474][T11404]  ? __alloc_skb+0x101/0x320
[  348.656508][T11404]  __alloc_skb+0x101/0x320
[  348.656611][T11404]  netlink_alloc_large_skb+0xba/0xf0
[  348.656649][T11404]  netlink_sendmsg+0x3cf/0x6b0
[  348.656671][T11404]  ? __pfx_netlink_sendmsg+0x10/0x10
[  348.656738][T11404]  __sock_sendmsg+0x142/0x180
[  348.656834][T11404]  ____sys_sendmsg+0x31e/0x4e0
[  348.656858][T11404]  ___sys_sendmsg+0x17b/0x1d0
[  348.656894][T11404]  __x64_sys_sendmsg+0xd4/0x160
[  348.656958][T11404]  x64_sys_call+0x2999/0x2fb0
[  348.656988][T11404]  do_syscall_64+0xd2/0x200
[  348.657089][T11404]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  348.657122][T11404]  ? clear_bhb_loop+0x40/0x90
[  348.657147][T11404]  ? clear_bhb_loop+0x40/0x90
[  348.657168][T11404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.657246][T11404] RIP: 0033:0x7fab1586e929
[  348.657259][T11404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  348.657275][T11404] RSP: 002b:00007fab13ed7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  348.657292][T11404] RAX: ffffffffffffffda RBX: 00007fab15a95fa0 RCX: 00007fab1586e929
[  348.657304][T11404] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  348.657315][T11404] RBP: 00007fab13ed7090 R08: 0000000000000000 R09: 0000000000000000
[  348.657376][T11404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  348.657390][T11404] R13: 0000000000000000 R14: 00007fab15a95fa0 R15: 00007ffd95311f68
[  348.657446][T11404]  </TASK>
[  348.953536][T11378] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  348.975011][T11378] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  349.078001][T11378] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  349.742551][T11418] SELinux: failed to load policy
[  349.755457][T11420] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  349.768748][T11420] SELinux: failed to load policy
[  350.381266][T11420] loop3: detected capacity change from 0 to 128
[  350.412606][T11418] pimreg: entered allmulticast mode
[  350.783661][T11417] pimreg: left allmulticast mode
[  351.631579][ T1456] bio_check_eod: 139 callbacks suppressed
[  351.631592][ T1456] kworker/u8:7: attempt to access beyond end of device
[  351.631592][ T1456] loop3: rw=1, sector=145, nr_sectors = 152 limit=128
[  351.652735][ T1456] kworker/u8:7: attempt to access beyond end of device
[  351.652735][ T1456] loop3: rw=1, sector=305, nr_sectors = 8 limit=128
[  351.666571][ T1456] kworker/u8:7: attempt to access beyond end of device
[  351.666571][ T1456] loop3: rw=1, sector=321, nr_sectors = 8 limit=128
[  351.680937][ T1456] kworker/u8:7: attempt to access beyond end of device
[  351.680937][ T1456] loop3: rw=1, sector=337, nr_sectors = 8 limit=128
[  351.694296][ T1456] kworker/u8:7: attempt to access beyond end of device
[  351.694296][ T1456] loop3: rw=1, sector=353, nr_sectors = 8 limit=128
[  351.707919][ T1456] kworker/u8:7: attempt to access beyond end of device
[  351.707919][ T1456] loop3: rw=1, sector=369, nr_sectors = 8 limit=128
[  351.716465][T11443] loop9: detected capacity change from 0 to 7
[  351.721500][ T1456] kworker/u8:7: attempt to access beyond end of device
[  351.721500][ T1456] loop3: rw=1, sector=385, nr_sectors = 8 limit=128
[  351.729358][ T3300] buffer_io_error: 2 callbacks suppressed
[  351.729399][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  351.740822][ T1456] kworker/u8:7: attempt to access beyond end of device
[  351.740822][ T1456] loop3: rw=1, sector=401, nr_sectors = 8 limit=128
[  351.747440][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  351.754598][ T1456] kworker/u8:7: attempt to access beyond end of device
[  351.754598][ T1456] loop3: rw=1, sector=417, nr_sectors = 8 limit=128
[  351.767635][ T3300]  loop9: unable to read partition table
[  351.775440][ T1456] kworker/u8:7: attempt to access beyond end of device
[  351.775440][ T1456] loop3: rw=1, sector=433, nr_sectors = 8 limit=128
[  351.794605][T11443] Buffer I/O error on dev loop9, logical block 0, async page read
[  351.837910][T11448] loop3: detected capacity change from 0 to 512
[  351.847413][T11443] Buffer I/O error on dev loop9, logical block 0, async page read
[  351.855427][T11443]  loop9: unable to read partition table
[  351.862898][T11443] loop_reread_partitions: partition scan of loop9 (���������Jdʆ�dƤ����ݡ�����
[  351.862898][T11443] 
U������) failed (rc=-5)
[  351.863823][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  351.885683][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  351.887477][   T29] audit: type=1326 audit(2000000016.170:4190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11439 comm="syz.4.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb17e0ce929 code=0x7ffc0000
[  351.893646][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  351.917097][   T29] audit: type=1326 audit(2000000016.170:4191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11439 comm="syz.4.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7fb17e0ce929 code=0x7ffc0000
[  351.924996][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  351.956266][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  351.964284][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  351.975574][   T29] audit: type=1326 audit(2000000016.240:4192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11439 comm="syz.4.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb17e0ce929 code=0x7ffc0000
[  351.999250][   T29] audit: type=1326 audit(2000000016.240:4193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11439 comm="syz.4.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb17e0ce929 code=0x7ffc0000
[  352.022769][   T29] audit: type=1326 audit(2000000016.240:4194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11439 comm="syz.4.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb17e0ce929 code=0x7ffc0000
[  352.046202][   T29] audit: type=1326 audit(2000000016.240:4195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11439 comm="syz.4.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb17e0ce929 code=0x7ffc0000
[  352.049692][T11448] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  352.069849][   T29] audit: type=1326 audit(2000000016.240:4196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11439 comm="syz.4.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb17e0ce929 code=0x7ffc0000
[  352.069882][   T29] audit: type=1326 audit(2000000016.240:4197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11439 comm="syz.4.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb17e0ce929 code=0x7ffc0000
[  352.083757][T11448] ext4 filesystem being mounted at /439/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  352.105762][   T29] audit: type=1326 audit(2000000016.240:4198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11439 comm="syz.4.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb17e0ce929 code=0x7ffc0000
[  352.162994][T11460] lo speed is unknown, defaulting to 1000
[  352.168853][   T29] audit: type=1326 audit(2000000016.240:4199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11439 comm="syz.4.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb17e0ce929 code=0x7ffc0000
[  352.195251][T11462] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm syz.3.2339: corrupted inode contents
[  352.211394][T11462] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #18: comm syz.3.2339: mark_inode_dirty error
[  352.223058][T11462] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm syz.3.2339: corrupted inode contents
[  352.240192][T11462] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #18: comm syz.3.2339: mark_inode_dirty error
[  352.259090][T11462] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #18: comm syz.3.2339: mark inode dirty (error -117)
[  352.272728][T11462] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  352.304733][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.368749][T11465] hub 4-0:1.0: USB hub found
[  352.384125][T11465] hub 4-0:1.0: 8 ports detected
[  353.200728][T11472] loop3: detected capacity change from 0 to 512
[  353.278589][T11472] EXT4-fs: Ignoring removed nobh option
[  353.403739][T11472] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  353.428178][T11472] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.2347: attempt to clear invalid blocks 2 len 1
[  353.462124][T11472] EXT4-fs (loop3): Remounting filesystem read-only
[  353.483252][T11472] EXT4-fs (loop3): 1 truncate cleaned up
[  353.492785][T11482] loop4: detected capacity change from 0 to 1024
[  353.499522][T11472] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.521515][T11482] EXT4-fs: Ignoring removed bh option
[  353.542156][T11482] EXT4-fs: inline encryption not supported
[  353.577839][T11482] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  353.681078][T11472] loop9: detected capacity change from 0 to 7
[  353.688838][T11472]  loop9: unable to read partition table
[  353.696024][T11472] loop_reread_partitions: partition scan of loop9 (���������Jdʆ�dƤ����ݡ�����
[  353.696024][T11472] 
U������) failed (rc=-5)
[  353.740637][T11482] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  353.866742][T11482] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 2: comm syz.4.2351: lblock 2 mapped to illegal pblock 2 (length 1)
[  353.907933][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.957137][T11482] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 48: comm syz.4.2351: lblock 0 mapped to illegal pblock 48 (length 1)
[  354.007008][T11482] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.2351: Failed to acquire dquot type 0
[  354.044466][T11482] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  354.151804][T11482] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.2351: mark_inode_dirty error
[  354.227187][T11506] netlink: 'syz.0.2357': attribute type 11 has an invalid length.
[  354.235199][T11506] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2357'.
[  354.257856][T11482] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  354.350239][T11482] EXT4-fs (loop4): 1 orphan inode deleted
[  354.370245][ T1456] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:7: lblock 1 mapped to illegal pblock 1 (length 1)
[  354.399345][T11482] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  354.413001][ T1456] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 0
[  354.510284][T11482] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  354.535101][T11514] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2356'.
[  354.623782][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.642593][T11518] loop3: detected capacity change from 0 to 1024
[  354.652869][T11518] EXT4-fs: Ignoring removed bh option
[  354.694223][T11518] EXT4-fs: inline encryption not supported
[  354.723737][T11518] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  354.758198][T11518] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  354.782526][T11518] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 2: comm syz.3.2361: lblock 2 mapped to illegal pblock 2 (length 1)
[  354.907891][T11518] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 48: comm syz.3.2361: lblock 0 mapped to illegal pblock 48 (length 1)
[  354.965212][T11518] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2361: Failed to acquire dquot type 0
[  354.994906][T11518] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  355.005041][T11524] netlink: 'syz.2.2363': attribute type 13 has an invalid length.
[  355.021657][T11518] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.2361: mark_inode_dirty error
[  355.055777][T11518] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  355.073333][T11526] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2364'.
[  355.091326][T11518] EXT4-fs (loop3): 1 orphan inode deleted
[  355.104732][T11518] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  355.118230][   T12] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1)
[  355.140406][   T12] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 0
[  355.172406][T11526] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11526 comm=syz.2.2364
[  355.192359][T11518] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 48: comm syz.3.2361: lblock 0 mapped to illegal pblock 48 (length 1)
[  355.258317][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.328448][T11532] loop9: detected capacity change from 0 to 7
[  355.349767][T11532]  loop9: unable to read partition table
[  355.364930][T11533] lo speed is unknown, defaulting to 1000
[  355.380104][T11532] loop_reread_partitions: partition scan of loop9 (���������Jdʆ�dƤ����ݡ�����
[  355.380104][T11532] 
U������) failed (rc=-5)
[  355.614460][T11533] hub 4-0:1.0: USB hub found
[  355.640735][T11533] hub 4-0:1.0: 8 ports detected
[  355.671687][T11533] SELinux: syz.0.2368 (11533) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  355.769087][T11549] loop3: detected capacity change from 0 to 1024
[  355.780781][T11552] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2372'.
[  355.787068][T11549] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  355.853896][T11549] netlink: 'syz.3.2365': attribute type 1 has an invalid length.
[  355.966452][T11557] loop3: detected capacity change from 0 to 512
[  356.686468][T11550] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2371'.
[  356.725436][T11575] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2377'.
[  356.735298][T11550] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2371'.
[  356.792003][T11575] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11575 comm=syz.2.2377
[  356.911333][   T29] kauditd_printk_skb: 75 callbacks suppressed
[  356.911399][   T29] audit: type=1326 audit(2000000021.200:4268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11584 comm="syz.0.2381" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fab1586e929 code=0x0
[  357.050847][T11592] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2383'.
[  357.243164][T11602] vhci_hcd: invalid port number 96
[  357.248331][T11602] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  357.317429][T11606] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  357.327573][T11606] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  357.455180][T11608] loop3: detected capacity change from 0 to 1024
[  357.465866][T11608] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  357.474760][T11608] netlink: 'syz.3.2389': attribute type 1 has an invalid length.
[  357.498405][T11610] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2390'.
[  357.521945][T11610] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11610 comm=syz.3.2390
[  357.554531][T11614] netlink: 'syz.3.2392': attribute type 13 has an invalid length.
[  357.595444][T11615] loop4: detected capacity change from 0 to 512
[  357.612414][T11615] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  357.625327][T11615] ext4 filesystem being mounted at /486/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  357.683890][T11614] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  357.692442][T11614] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  357.700886][T11614] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  357.709425][T11614] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  357.754043][T11621] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2393'.
[  357.845551][T11625] loop9: detected capacity change from 0 to 7
[  357.866182][T11625] buffer_io_error: 28 callbacks suppressed
[  357.866195][T11625] Buffer I/O error on dev loop9, logical block 0, async page read
[  357.884001][T11625] Buffer I/O error on dev loop9, logical block 0, async page read
[  357.892056][T11625]  loop9: unable to read partition table
[  357.897806][T11625] loop_reread_partitions: partition scan of loop9 (���������Jdʆ�dƤ����ݡ�����
[  357.897806][T11625] 
U������) failed (rc=-5)
[  357.912699][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  357.924425][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  357.934223][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  357.947268][T11629] netlink: 'syz.1.2397': attribute type 1 has an invalid length.
[  357.960236][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  357.975714][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  358.024184][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  358.033682][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  358.042678][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  358.059884][T11639] netlink: 'syz.3.2402': attribute type 1 has an invalid length.
[  358.100760][   T29] audit: type=1326 audit(2000000022.390:4269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11640 comm="syz.3.2403" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcf41abe929 code=0x0
[  358.207389][T11645] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  358.215952][T11645] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  358.378905][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.396485][T11647] netlink: 'syz.4.2405': attribute type 13 has an invalid length.
[  358.511835][T11653] lo speed is unknown, defaulting to 1000
[  358.636281][T11655] hub 4-0:1.0: USB hub found
[  358.641239][T11655] hub 4-0:1.0: 8 ports detected
[  358.653220][T11655] SELinux: syz.4.2408 (11655) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  358.755341][T11657] FAULT_INJECTION: forcing a failure.
[  358.755341][T11657] name failslab, interval 1, probability 0, space 0, times 0
[  358.768882][T11657] CPU: 0 UID: 0 PID: 11657 Comm: syz.0.2409 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(voluntary) 
[  358.768911][T11657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  358.768985][T11657] Call Trace:
[  358.768991][T11657]  <TASK>
[  358.768999][T11657]  __dump_stack+0x1d/0x30
[  358.769021][T11657]  dump_stack_lvl+0xe8/0x140
[  358.769042][T11657]  dump_stack+0x15/0x1b
[  358.769060][T11657]  should_fail_ex+0x265/0x280
[  358.769170][T11657]  ? __hw_addr_add_ex+0x162/0x440
[  358.769204][T11657]  should_failslab+0x8c/0xb0
[  358.769229][T11657]  __kmalloc_cache_noprof+0x4c/0x320
[  358.769257][T11657]  __hw_addr_add_ex+0x162/0x440
[  358.769346][T11657]  dev_addr_init+0xb1/0x120
[  358.769456][T11657]  alloc_netdev_mqs+0x212/0xab0
[  358.769476][T11657]  ? __pfx_wg_setup+0x10/0x10
[  358.769508][T11657]  rtnl_create_link+0x239/0x710
[  358.769601][T11657]  rtnl_newlink_create+0x14c/0x620
[  358.769739][T11657]  ? security_capable+0x83/0x90
[  358.769791][T11657]  ? netlink_ns_capable+0x86/0xa0
[  358.769886][T11657]  rtnl_newlink+0xf29/0x12d0
[  358.769916][T11657]  ? bsearch+0x95/0xc0
[  358.769945][T11657]  ? __pfx_cmp_ex_search+0x10/0x10
[  358.769991][T11657]  ? __get_user_nocheck_8+0x6/0x20
[  358.770049][T11657]  ? search_extable+0x53/0x80
[  358.770103][T11657]  ? __get_user_nocheck_8+0x6/0x20
[  358.770132][T11657]  ? __get_user_nocheck_8+0x6/0x20
[  358.770171][T11657]  ? fixup_exception+0x72e/0xd00
[  358.770212][T11657]  ? __rcu_read_unlock+0x4f/0x70
[  358.770236][T11657]  ? avc_has_perm_noaudit+0x1b1/0x200
[  358.770270][T11657]  ? selinux_capable+0x1f9/0x270
[  358.770364][T11657]  ? sysvec_apic_timer_interrupt+0x44/0x80
[  358.770460][T11657]  ? rtnetlink_rcv_msg+0x15a/0x6d0
[  358.770549][T11657]  ? __pfx_rtnl_newlink+0x10/0x10
[  358.770577][T11657]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  358.770608][T11657]  ? __tsan_read4+0x102/0x190
[  358.770646][T11657]  netlink_rcv_skb+0x120/0x220
[  358.770663][T11657]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  358.770694][T11657]  rtnetlink_rcv+0x1c/0x30
[  358.770777][T11657]  netlink_unicast+0x5a1/0x670
[  358.770810][T11657]  netlink_sendmsg+0x58b/0x6b0
[  358.770832][T11657]  ? __pfx_netlink_sendmsg+0x10/0x10
[  358.770933][T11657]  __sock_sendmsg+0x142/0x180
[  358.770958][T11657]  ____sys_sendmsg+0x31e/0x4e0
[  358.770983][T11657]  ___sys_sendmsg+0x17b/0x1d0
[  358.771018][T11657]  __x64_sys_sendmsg+0xd4/0x160
[  358.771082][T11657]  x64_sys_call+0x2999/0x2fb0
[  358.771196][T11657]  do_syscall_64+0xd2/0x200
[  358.771238][T11657]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  358.771275][T11657]  ? clear_bhb_loop+0x40/0x90
[  358.771298][T11657]  ? clear_bhb_loop+0x40/0x90
[  358.771397][T11657]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.771418][T11657] RIP: 0033:0x7fab1586e929
[  358.771435][T11657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  358.771452][T11657] RSP: 002b:00007fab13ed7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  358.771469][T11657] RAX: ffffffffffffffda RBX: 00007fab15a95fa0 RCX: 00007fab1586e929
[  358.771480][T11657] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000005
[  358.771491][T11657] RBP: 00007fab13ed7090 R08: 0000000000000000 R09: 0000000000000000
[  358.771572][T11657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  358.771585][T11657] R13: 0000000000000000 R14: 00007fab15a95fa0 R15: 00007ffd95311f68
[  358.771602][T11657]  </TASK>
[  359.156359][T11664] loop9: detected capacity change from 0 to 7
[  359.171243][T11664]  loop9: unable to read partition table
[  359.180450][T11664] loop_reread_partitions: partition scan of loop9 (���������Jdʆ�dƤ����ݡ�����
[  359.180450][T11664] 
U������) failed (rc=-5)
[  359.207654][   T29] audit: type=1400 audit(2000000023.490:4270): avc:  denied  { read } for  pid=11665 comm="syz.3.2413" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  359.290644][T11675] netlink: 'syz.3.2417': attribute type 13 has an invalid length.
[  359.968301][T11687] netlink: 'syz.2.2420': attribute type 1 has an invalid length.
[  360.071333][T11690] loop4: detected capacity change from 0 to 512
[  360.268662][T11697] netlink: 'syz.2.2424': attribute type 1 has an invalid length.
[  360.276506][T11697] __nla_validate_parse: 1 callbacks suppressed
[  360.276517][T11697] netlink: 216 bytes leftover after parsing attributes in process `syz.2.2424'.
[  360.299656][T11694] lo speed is unknown, defaulting to 1000
[  360.545115][T11690] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  360.728697][T11690] ext4 filesystem being mounted at /492/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  360.823793][T11694] hub 4-0:1.0: USB hub found
[  360.871591][T11698] SELinux: syz.1.2423 (11698) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  360.962465][T11694] hub 4-0:1.0: 8 ports detected
[  361.760785][T11718] SELinux: failed to load policy
[  361.821632][T11718] pimreg: entered allmulticast mode
[  361.872329][T11716] pimreg: left allmulticast mode
[  361.954080][T11730] lo speed is unknown, defaulting to 1000
[  362.114462][T11730] SELinux: syz.0.2430 (11730) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  362.321622][T11737] netlink: 'syz.0.2432': attribute type 1 has an invalid length.
[  362.573408][T11742] loop3: detected capacity change from 0 to 512
[  362.617872][T11742] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  362.670184][T11742] ext4 filesystem being mounted at /459/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  362.704730][T11742] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm syz.3.2434: corrupted inode contents
[  362.741198][T11742] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #18: comm syz.3.2434: mark_inode_dirty error
[  362.790388][T11742] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm syz.3.2434: corrupted inode contents
[  362.832858][T11742] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #18: comm syz.3.2434: mark_inode_dirty error
[  362.881376][T11742] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #18: comm syz.3.2434: mark inode dirty (error -117)
[  362.930193][T11742] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  362.982512][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.025567][T11746] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2435'.
[  363.086637][T11747] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11747 comm=syz.3.2435
[  363.170498][   T29] audit: type=1400 audit(2000000027.460:4271): avc:  denied  { setopt } for  pid=11748 comm="syz.3.2436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  363.277103][T11754] netlink: 'syz.3.2438': attribute type 13 has an invalid length.
[  363.387151][T11758] loop3: detected capacity change from 0 to 2048
[  363.442112][ T3300]  loop3: p1 < > p4
[  363.452934][ T3300] loop3: p4 size 8388608 extends beyond EOD, truncated
[  363.482016][T11758]  loop3: p1 < > p4
[  363.486530][T11758] loop3: p4 size 8388608 extends beyond EOD, truncated
[  363.534875][   T29] audit: type=1326 audit(2000000027.820:4272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11755 comm="syz.0.2437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  363.558580][   T29] audit: type=1326 audit(2000000027.820:4273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11755 comm="syz.0.2437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  363.580085][T11758] FAULT_INJECTION: forcing a failure.
[  363.580085][T11758] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  363.582091][   T29] audit: type=1326 audit(2000000027.820:4274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11755 comm="syz.0.2437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  363.595271][T11758] CPU: 1 UID: 0 PID: 11758 Comm: syz.3.2439 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(voluntary) 
[  363.595321][T11758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  363.595333][T11758] Call Trace:
[  363.595340][T11758]  <TASK>
[  363.595349][T11758]  __dump_stack+0x1d/0x30
[  363.595372][T11758]  dump_stack_lvl+0xe8/0x140
[  363.595393][T11758]  dump_stack+0x15/0x1b
[  363.595410][T11758]  should_fail_ex+0x265/0x280
[  363.595491][T11758]  should_fail_alloc_page+0xf2/0x100
[  363.595518][T11758]  __alloc_frozen_pages_noprof+0xff/0x360
[  363.595623][T11758]  alloc_pages_mpol+0xb3/0x250
[  363.595654][T11758]  vma_alloc_folio_noprof+0x1aa/0x300
[  363.595694][T11758]  do_wp_page+0x673/0x2400
[  363.595716][T11758]  ? security_inode_alloc+0x37/0x100
[  363.595773][T11758]  ? should_fail_ex+0x30/0x280
[  363.595889][T11758]  ? __rcu_read_lock+0x37/0x50
[  363.595922][T11758]  handle_mm_fault+0x77d/0x2be0
[  363.595961][T11758]  ? __rcu_read_unlock+0x4f/0x70
[  363.596042][T11758]  do_user_addr_fault+0x3fe/0x1090
[  363.596148][T11758]  ? _raw_spin_unlock+0x26/0x50
[  363.596177][T11758]  exc_page_fault+0x62/0xa0
[  363.596209][T11758]  asm_exc_page_fault+0x26/0x30
[  363.596230][T11758] RIP: 0010:rep_movs_alternative+0x33/0x90
[  363.596290][T11758] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 4d eb 01 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb
[  363.596309][T11758] RSP: 0000:ffffc90000eb3cf0 EFLAGS: 00050212
[  363.596325][T11758] RAX: 0000002000000001 RBX: 0000000000000010 RCX: 0000000000000010
[  363.596338][T11758] RDX: 0000000000000000 RSI: ffffc90000eb3d90 RDI: 0000200000000100
[  363.596352][T11758] RBP: 0000000000000001 R08: 000000000000029c R09: 0000000000000000
[  363.596365][T11758] R10: 0001c90000eb3d90 R11: 0001c90000eb3d9f R12: 0000200000000110
[  363.596503][T11758] R13: 00007ffffffff000 R14: 0000200000000100 R15: ffffc90000eb3d90
[  363.596523][T11758]  _copy_to_user+0x7c/0xa0
[  363.596549][T11758]  inotify_read+0x1d9/0x600
[  363.596571][T11758]  ? __pfx_woken_wake_function+0x10/0x10
[  363.596685][T11758]  ? __pfx_inotify_read+0x10/0x10
[  363.596706][T11758]  vfs_read+0x19d/0x6f0
[  363.596736][T11758]  ? __rcu_read_unlock+0x4f/0x70
[  363.596757][T11758]  ? __fget_files+0x184/0x1c0
[  363.596784][T11758]  ksys_read+0xda/0x1a0
[  363.596806][T11758]  __x64_sys_read+0x40/0x50
[  363.596826][T11758]  x64_sys_call+0x2d77/0x2fb0
[  363.596882][T11758]  do_syscall_64+0xd2/0x200
[  363.596959][T11758]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  363.596986][T11758]  ? clear_bhb_loop+0x40/0x90
[  363.597007][T11758]  ? clear_bhb_loop+0x40/0x90
[  363.597031][T11758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.597066][T11758] RIP: 0033:0x7fcf41abe929
[  363.597149][T11758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  363.597240][T11758] RSP: 002b:00007fcf40127038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  363.597259][T11758] RAX: ffffffffffffffda RBX: 00007fcf41ce5fa0 RCX: 00007fcf41abe929
[  363.597271][T11758] RDX: 00000000000000d0 RSI: 0000200000000100 RDI: 0000000000000003
[  363.597284][T11758] RBP: 00007fcf40127090 R08: 0000000000000000 R09: 0000000000000000
[  363.597354][T11758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  363.597378][T11758] R13: 0000000000000000 R14: 00007fcf41ce5fa0 R15: 00007ffea1f8b488
[  363.597397][T11758]  </TASK>
[  363.854115][ T3739] udevd[3739]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  363.858192][   T29] audit: type=1326 audit(2000000027.820:4275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11755 comm="syz.0.2437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  363.865635][ T3300] udevd[3300]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  363.868909][   T29] audit: type=1326 audit(2000000027.820:4276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11755 comm="syz.0.2437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  364.021532][   T29] audit: type=1326 audit(2000000027.820:4277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11755 comm="syz.0.2437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  364.045038][   T29] audit: type=1326 audit(2000000027.820:4278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11755 comm="syz.0.2437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  364.068548][   T29] audit: type=1326 audit(2000000027.820:4279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11755 comm="syz.0.2437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fab15870847 code=0x7ffc0000
[  364.091972][   T29] audit: type=1326 audit(2000000027.820:4280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11755 comm="syz.0.2437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fab158707bc code=0x7ffc0000
[  364.224072][T11774] loop3: detected capacity change from 0 to 512
[  364.452928][T11774] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  364.465699][T11774] ext4 filesystem being mounted at /464/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  366.574086][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.952342][T11845] vhci_hcd: invalid port number 96
[  368.957602][T11845] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  369.178405][T11857] loop9: detected capacity change from 0 to 7
[  369.197460][T11857] buffer_io_error: 14 callbacks suppressed
[  369.197474][T11857] Buffer I/O error on dev loop9, logical block 0, async page read
[  369.228467][T11857] Buffer I/O error on dev loop9, logical block 0, async page read
[  369.236452][T11857]  loop9: unable to read partition table
[  369.260205][T11857] loop_reread_partitions: partition scan of loop9 (���������Jdʆ�dƤ����ݡ�����
[  369.260205][T11857] 
U������) failed (rc=-5)
[  369.276210][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  369.291076][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  369.311472][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  369.352821][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  369.380963][   T29] kauditd_printk_skb: 59 callbacks suppressed
[  369.381068][   T29] audit: type=1326 audit(2000000033.650:4340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11854 comm="syz.3.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  369.412855][   T29] audit: type=1326 audit(2000000033.650:4341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11854 comm="syz.3.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  369.437264][   T29] audit: type=1326 audit(2000000033.650:4342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11854 comm="syz.3.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  369.465693][   T29] audit: type=1326 audit(2000000033.650:4343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11854 comm="syz.3.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  369.490595][   T29] audit: type=1326 audit(2000000033.650:4344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11854 comm="syz.3.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  369.514360][   T29] audit: type=1326 audit(2000000033.650:4345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11854 comm="syz.3.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  369.538554][   T29] audit: type=1326 audit(2000000033.650:4346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11854 comm="syz.3.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  369.562153][   T29] audit: type=1326 audit(2000000033.650:4347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11854 comm="syz.3.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  369.586556][   T29] audit: type=1326 audit(2000000033.650:4348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11854 comm="syz.3.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcf41ac0847 code=0x7ffc0000
[  369.611146][   T29] audit: type=1326 audit(2000000033.650:4349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11854 comm="syz.3.2465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fcf41ac07bc code=0x7ffc0000
[  369.880096][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  369.888344][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  369.897163][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  369.905190][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  369.986414][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.762206][T11881] netlink: 'syz.1.2473': attribute type 1 has an invalid length.
[  371.885375][T11901] loop3: detected capacity change from 0 to 512
[  372.142717][T11901] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  372.156110][T11901] ext4 filesystem being mounted at /472/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  372.197709][T11907] pimreg: entered allmulticast mode
[  372.325333][T11903] SELinux: failed to load policy
[  372.904630][T11902] pimreg: left allmulticast mode
[  373.605548][T11928] loop4: detected capacity change from 0 to 512
[  373.652495][T11930] lo speed is unknown, defaulting to 1000
[  373.661709][T11928] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  373.680617][T11928] ext4 filesystem being mounted at /495/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  373.711139][T11928] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm syz.4.2487: corrupted inode contents
[  373.811730][T11928] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #18: comm syz.4.2487: mark_inode_dirty error
[  373.826684][T11930] hub 4-0:1.0: USB hub found
[  373.969987][T11928] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm syz.4.2487: corrupted inode contents
[  373.971176][T11933] SELinux: syz.1.2488 (11933) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  374.010308][T11928] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #18: comm syz.4.2487: mark_inode_dirty error
[  374.012304][T11930] hub 4-0:1.0: 8 ports detected
[  374.029750][T11942] loop9: detected capacity change from 0 to 7
[  374.036257][T11942]  loop9: unable to read partition table
[  374.421251][T11942] loop_reread_partitions: partition scan of loop9 (���������Jdʆ�dƤ����ݡ�����
[  374.421251][T11942] 
U������) failed (rc=-5)
[  374.439407][ T3300] buffer_io_error: 4 callbacks suppressed
[  374.439421][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  374.455271][T11928] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #18: comm syz.4.2487: mark inode dirty (error -117)
[  374.471853][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.494761][T11928] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  374.508512][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  374.539557][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  374.591423][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  374.599744][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  374.625877][T11945] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2493'.
[  374.630504][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  374.644384][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  374.655533][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  374.665461][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  374.667789][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.674511][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  374.702146][T11945] bridge0: port 3(macvlan0) entered blocking state
[  374.709641][T11945] bridge0: port 3(macvlan0) entered disabled state
[  374.749271][T11945] macvlan0: entered allmulticast mode
[  374.754831][T11945] bridge0: entered allmulticast mode
[  374.792212][T11955] loop4: detected capacity change from 0 to 512
[  374.798884][T11945] macvlan0: left allmulticast mode
[  374.804164][T11945] bridge0: left allmulticast mode
[  375.174602][T11966] vhci_hcd: invalid port number 96
[  375.180113][T11966] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  375.322916][   T29] kauditd_printk_skb: 37 callbacks suppressed
[  375.322952][   T29] audit: type=1326 audit(2000000039.560:4387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11949 comm="syz.1.2495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  375.354056][   T29] audit: type=1326 audit(2000000039.560:4388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11949 comm="syz.1.2495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  375.378824][   T29] audit: type=1326 audit(2000000039.560:4389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11949 comm="syz.1.2495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  375.402783][   T29] audit: type=1326 audit(2000000039.560:4390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11949 comm="syz.1.2495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  375.426578][   T29] audit: type=1326 audit(2000000039.560:4391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11949 comm="syz.1.2495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  375.450805][   T29] audit: type=1326 audit(2000000039.560:4392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11949 comm="syz.1.2495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  375.475387][   T29] audit: type=1326 audit(2000000039.570:4393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11949 comm="syz.1.2495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  375.501394][   T29] audit: type=1326 audit(2000000039.570:4394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11949 comm="syz.1.2495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  375.526508][   T29] audit: type=1326 audit(2000000039.570:4395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11949 comm="syz.1.2495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  375.550858][   T29] audit: type=1326 audit(2000000039.570:4396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11949 comm="syz.1.2495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  375.606662][T11967] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  376.038010][T11976] loop3: detected capacity change from 0 to 2048
[  377.076163][T11976] loop3: detected capacity change from 0 to 1024
[  377.469632][T11976] ext4: Unknown parameter 'euid'
[  377.821216][T11984] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  377.853159][T11991] loop9: detected capacity change from 0 to 7
[  377.907403][T11991]  loop9: unable to read partition table
[  377.946421][T11993] lo speed is unknown, defaulting to 1000
[  377.953174][T11991] loop_reread_partitions: partition scan of loop9 (���������Jdʆ�dƤ����ݡ�����
[  377.953174][T11991] 
U������) failed (rc=-5)
[  377.983564][T11987] pimreg: entered allmulticast mode
[  378.009254][T11984] SELinux: failed to load policy
[  378.048787][T12004] SELinux: syz.4.2502 (12004) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  378.095458][T12007] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2506'.
[  378.106903][T12008] netlink: 'syz.2.2507': attribute type 1 has an invalid length.
[  378.175040][T12011] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2508'.
[  378.211858][T12007] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=12007 comm=syz.0.2506
[  378.260659][T12011] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=12011 comm=syz.3.2508
[  378.292168][T11983] pimreg: left allmulticast mode
[  378.334976][T12018] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2511'.
[  378.344371][T12018] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2511'.
[  378.380270][T12018] bond0: entered promiscuous mode
[  378.387660][T12018] batadv0: entered promiscuous mode
[  378.401596][T12018] bond0: left promiscuous mode
[  378.407648][T12018] batadv0: left promiscuous mode
[  378.718938][T12051] vhci_hcd: invalid port number 96
[  378.724193][T12051] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  378.769553][T12055] loop4: detected capacity change from 0 to 2048
[  378.794065][T12055] loop4: detected capacity change from 0 to 1024
[  378.802450][T12055] ext4: Unknown parameter 'euid'
[  379.560919][T12065] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2520'.
[  379.640036][T12065] netlink: 'syz.2.2520': attribute type 3 has an invalid length.
[  379.654121][T12067] lo speed is unknown, defaulting to 1000
[  379.693935][T12071] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2522'.
[  379.820981][T12067] hub 4-0:1.0: USB hub found
[  379.830329][T12067] hub 4-0:1.0: 8 ports detected
[  379.845444][T12067] SELinux: syz.0.2521 (12067) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  380.079264][T12087] lo speed is unknown, defaulting to 1000
[  380.281173][T12087] hub 4-0:1.0: USB hub found
[  380.295542][T12087] hub 4-0:1.0: 8 ports detected
[  380.996450][T12108] loop4: detected capacity change from 0 to 512
[  381.546735][T12110] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2534'.
[  381.632440][T12110] netlink: 'syz.2.2534': attribute type 3 has an invalid length.
[  381.641688][T12113] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2535'.
[  381.733906][T12115] bond1: entered promiscuous mode
[  381.739645][T12115] bond1: entered allmulticast mode
[  381.818190][T12120] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2537'.
[  381.863189][T12115] 8021q: adding VLAN 0 to HW filter on device bond1
[  381.896048][T12115] bond1 (unregistering): Released all slaves
[  381.924522][T12123] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=12123 comm=syz.2.2537
[  382.195750][   T29] kauditd_printk_skb: 100 callbacks suppressed
[  382.195764][   T29] audit: type=1326 audit(2000000046.480:4497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12129 comm="syz.2.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1cdee929 code=0x7ffc0000
[  382.226610][   T29] audit: type=1326 audit(2000000046.480:4498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12129 comm="syz.2.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1cdee929 code=0x7ffc0000
[  382.250982][   T29] audit: type=1326 audit(2000000046.480:4499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12129 comm="syz.2.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7fea1cdee929 code=0x7ffc0000
[  382.274789][   T29] audit: type=1326 audit(2000000046.480:4500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12129 comm="syz.2.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1cdee929 code=0x7ffc0000
[  382.298687][   T29] audit: type=1326 audit(2000000046.480:4501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12129 comm="syz.2.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fea1cdee929 code=0x7ffc0000
[  382.322525][   T29] audit: type=1326 audit(2000000046.480:4502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12129 comm="syz.2.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1cdee929 code=0x7ffc0000
[  382.346630][   T29] audit: type=1326 audit(2000000046.480:4503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12129 comm="syz.2.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fea1cdf0847 code=0x7ffc0000
[  382.371691][   T29] audit: type=1326 audit(2000000046.480:4504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12129 comm="syz.2.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fea1cdf07bc code=0x7ffc0000
[  382.397249][   T29] audit: type=1326 audit(2000000046.480:4505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12129 comm="syz.2.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fea1cdf06f4 code=0x7ffc0000
[  382.421181][   T29] audit: type=1326 audit(2000000046.480:4506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12129 comm="syz.2.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fea1cdf06f4 code=0x7ffc0000
[  382.535295][T12147] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2544'.
[  382.546354][T12147] netlink: 'syz.2.2544': attribute type 3 has an invalid length.
[  383.504609][T12158] netlink: 'syz.3.2546': attribute type 13 has an invalid length.
[  383.521510][T12160] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2547'.
[  383.540571][T12160] netlink: 'syz.2.2547': attribute type 3 has an invalid length.
[  383.646374][T12164] loop4: detected capacity change from 0 to 512
[  383.657060][T12162] lo speed is unknown, defaulting to 1000
[  383.666388][T12166] loop3: detected capacity change from 0 to 1024
[  383.686037][T12166] EXT4-fs: Ignoring removed bh option
[  383.725132][T12166] EXT4-fs: inline encryption not supported
[  383.737820][T12166] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  383.767365][T12172] hub 4-0:1.0: USB hub found
[  383.779669][T12164] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  383.800944][T12172] hub 4-0:1.0: 8 ports detected
[  383.807539][T12164] ext4 filesystem being mounted at /506/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  383.819809][T12166] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  383.824352][T12162] SELinux: syz.1.2549 (12162) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  383.829353][T12168] netlink: 'syz.0.2551': attribute type 10 has an invalid length.
[  383.851739][T12168] batman_adv: batadv0: Adding interface: team0
[  383.852410][T12166] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 2: comm syz.3.2548: lblock 2 mapped to illegal pblock 2 (length 1)
[  383.858255][T12168] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  383.899847][T12168] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  383.903991][T12166] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 48: comm syz.3.2548: lblock 0 mapped to illegal pblock 48 (length 1)
[  383.911221][T12171] netlink: 'syz.0.2551': attribute type 10 has an invalid length.
[  383.935566][T12171] netlink: 2 bytes leftover after parsing attributes in process `syz.0.2551'.
[  383.946943][T12166] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2548: Failed to acquire dquot type 0
[  383.961220][T12183] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm syz.4.2550: corrupted inode contents
[  383.981187][T12183] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #18: comm syz.4.2550: mark_inode_dirty error
[  384.010291][T12166] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  384.022797][T12183] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm syz.4.2550: corrupted inode contents
[  384.037256][T12166] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.2548: mark_inode_dirty error
[  384.059901][T12166] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  384.072163][T12183] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #18: comm syz.4.2550: mark_inode_dirty error
[  384.086307][T12166] EXT4-fs (loop3): 1 orphan inode deleted
[  384.093148][T12183] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #18: comm syz.4.2550: mark inode dirty (error -117)
[  384.106723][   T59] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1)
[  384.112752][T12166] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  384.140146][T12171] team0: entered promiscuous mode
[  384.145397][T12171] team_slave_0: entered promiscuous mode
[  384.145629][   T59] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 0
[  384.151283][T12171] team_slave_1: entered promiscuous mode
[  384.168797][T12183] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  384.179215][T12171] 8021q: adding VLAN 0 to HW filter on device team0
[  384.213098][T12171] batman_adv: batadv0: Interface activated: team0
[  384.220071][T12171] batman_adv: batadv0: Interface deactivated: team0
[  384.227626][T12171] batman_adv: batadv0: Removing interface: team0
[  384.281402][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.302088][T12166] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 48: comm syz.3.2548: lblock 0 mapped to illegal pblock 48 (length 1)
[  384.411833][T12171] bridge0: port 3(team0) entered blocking state
[  384.419163][T12171] bridge0: port 3(team0) entered disabled state
[  384.508289][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.678767][T12171] team0: entered allmulticast mode
[  384.803833][T12171] team_slave_0: entered allmulticast mode
[  384.811815][T12171] team_slave_1: entered allmulticast mode
[  385.077387][T12195] netlink: 'syz.0.2558': attribute type 1 has an invalid length.
[  385.418043][T12202] loop3: detected capacity change from 0 to 512
[  385.455770][T12202] EXT4-fs: Ignoring removed nobh option
[  386.217950][T12202] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  386.256882][T12202] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.2556: attempt to clear invalid blocks 2 len 1
[  387.038779][T12202] EXT4-fs (loop3): Remounting filesystem read-only
[  387.122317][T12202] EXT4-fs (loop3): 1 truncate cleaned up
[  387.173508][T12202] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  387.265452][T12217] loop9: detected capacity change from 0 to 7
[  387.280417][T12217] buffer_io_error: 12 callbacks suppressed
[  387.280430][T12217] Buffer I/O error on dev loop9, logical block 0, async page read
[  387.344539][T12218] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2564'.
[  387.359120][T12220] loop4: detected capacity change from 0 to 512
[  387.366538][T12217] Buffer I/O error on dev loop9, logical block 0, async page read
[  387.375101][T12217]  loop9: unable to read partition table
[  387.437391][T12217] loop_reread_partitions: partition scan of loop9 (���������Jdʆ�dƤ����ݡ�����
[  387.437391][T12217] 
U������) failed (rc=-5)
[  387.456715][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  387.476668][T12220] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  387.500928][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  387.536076][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  387.547906][T12220] ext4 filesystem being mounted at /509/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  387.581905][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  387.613484][T12220] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm syz.4.2565: corrupted inode contents
[  387.630509][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  387.638813][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  387.668824][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  387.680876][T12220] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #18: comm syz.4.2565: mark_inode_dirty error
[  387.708725][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  387.749150][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  387.760833][T12220] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm syz.4.2565: corrupted inode contents
[  387.810344][T12220] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #18: comm syz.4.2565: mark_inode_dirty error
[  387.850608][T12220] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #18: comm syz.4.2565: mark inode dirty (error -117)
[  387.887161][T12226] FAULT_INJECTION: forcing a failure.
[  387.887161][T12226] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  387.901264][T12226] CPU: 0 UID: 0 PID: 12226 Comm: syz.1.2568 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(voluntary) 
[  387.901291][T12226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  387.901305][T12226] Call Trace:
[  387.901311][T12226]  <TASK>
[  387.901318][T12226]  __dump_stack+0x1d/0x30
[  387.901339][T12226]  dump_stack_lvl+0xe8/0x140
[  387.901374][T12226]  dump_stack+0x15/0x1b
[  387.901391][T12226]  should_fail_ex+0x265/0x280
[  387.901480][T12226]  should_fail+0xb/0x20
[  387.901508][T12226]  should_fail_usercopy+0x1a/0x20
[  387.901530][T12226]  _copy_from_user+0x1c/0xb0
[  387.901557][T12226]  sg_new_write+0x71a/0x890
[  387.901667][T12226]  sg_ioctl+0xb81/0x1360
[  387.901698][T12226]  ? __pfx_sg_ioctl+0x10/0x10
[  387.901817][T12226]  __se_sys_ioctl+0xce/0x140
[  387.901845][T12226]  __x64_sys_ioctl+0x43/0x50
[  387.901878][T12226]  x64_sys_call+0x19a8/0x2fb0
[  387.901911][T12226]  do_syscall_64+0xd2/0x200
[  387.901932][T12226]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  387.902054][T12226]  ? clear_bhb_loop+0x40/0x90
[  387.902080][T12226]  ? clear_bhb_loop+0x40/0x90
[  387.902105][T12226]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  387.902180][T12226] RIP: 0033:0x7f82b0d3e929
[  387.902195][T12226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  387.902211][T12226] RSP: 002b:00007f82af3a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  387.902232][T12226] RAX: ffffffffffffffda RBX: 00007f82b0f65fa0 RCX: 00007f82b0d3e929
[  387.902315][T12226] RDX: 0000200000000040 RSI: 0000000000002285 RDI: 0000000000000007
[  387.902328][T12226] RBP: 00007f82af3a7090 R08: 0000000000000000 R09: 0000000000000000
[  387.902340][T12226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  387.902354][T12226] R13: 0000000000000000 R14: 00007f82b0f65fa0 R15: 00007ffcf59603d8
[  387.902394][T12226]  </TASK>
[  388.201398][T12230] usb usb9: usbfs: process 12230 (syz.3.2566) did not claim interface 0 before use
[  388.227575][T12230] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  388.254224][T12220] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  388.264990][T12230] loop3: detected capacity change from 0 to 1024
[  388.284396][T12230] EXT4-fs: Ignoring removed bh option
[  388.304820][T12230] EXT4-fs: inline encryption not supported
[  388.381170][T12230] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  388.398699][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  388.557047][T12230] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  388.567421][T12230] EXT4-fs error (device loop3): ext4_free_blocks:6587: comm syz.3.2566: Freeing blocks not in datazone - block = 0, count = 4096
[  388.582649][T12230] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.2566: Invalid inode bitmap blk 0 in block_group 0
[  388.595975][T12230] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[  388.607654][T12230] EXT4-fs (loop3): 1 orphan inode deleted
[  388.614366][T12230] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  388.645864][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  388.703773][   T29] kauditd_printk_skb: 17 callbacks suppressed
[  388.703787][   T29] audit: type=1326 audit(2000000052.990:4520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12240 comm="syz.3.2572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  388.741345][   T29] audit: type=1326 audit(2000000052.990:4521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12240 comm="syz.3.2572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  388.748230][T12244] netlink: 'syz.4.2570': attribute type 1 has an invalid length.
[  388.766615][   T29] audit: type=1326 audit(2000000053.030:4522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12240 comm="syz.3.2572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  388.794406][T12242] FAULT_INJECTION: forcing a failure.
[  388.794406][T12242] name failslab, interval 1, probability 0, space 0, times 0
[  388.799674][   T29] audit: type=1326 audit(2000000053.030:4523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12240 comm="syz.3.2572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  388.812421][T12242] CPU: 1 UID: 0 PID: 12242 Comm: syz.3.2572 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(voluntary) 
[  388.812451][T12242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  388.812463][T12242] Call Trace:
[  388.812471][T12242]  <TASK>
[  388.812480][T12242]  __dump_stack+0x1d/0x30
[  388.812504][T12242]  dump_stack_lvl+0xe8/0x140
[  388.812587][T12242]  dump_stack+0x15/0x1b
[  388.812605][T12242]  should_fail_ex+0x265/0x280
[  388.812764][T12242]  ? audit_log_d_path+0x8d/0x150
[  388.812795][T12242]  should_failslab+0x8c/0xb0
[  388.812820][T12242]  __kmalloc_cache_noprof+0x4c/0x320
[  388.812872][T12242]  audit_log_d_path+0x8d/0x150
[  388.812905][T12242]  audit_log_d_path_exe+0x42/0x70
[  388.812994][T12242]  audit_log_task+0x1e9/0x250
[  388.813027][T12242]  audit_seccomp+0x61/0x100
[  388.813053][T12242]  ? __seccomp_filter+0x68c/0x10d0
[  388.813078][T12242]  __seccomp_filter+0x69d/0x10d0
[  388.813149][T12242]  ? __fget_files+0x184/0x1c0
[  388.813183][T12242]  __secure_computing+0x82/0x150
[  388.813208][T12242]  syscall_trace_enter+0xcf/0x1e0
[  388.813239][T12242]  do_syscall_64+0xac/0x200
[  388.813262][T12242]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  388.813338][T12242]  ? clear_bhb_loop+0x40/0x90
[  388.813366][T12242]  ? clear_bhb_loop+0x40/0x90
[  388.813390][T12242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.813413][T12242] RIP: 0033:0x7fcf41abd33c
[  388.813453][T12242] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  388.813473][T12242] RSP: 002b:00007fcf40127030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  388.813492][T12242] RAX: ffffffffffffffda RBX: 00007fcf41ce5fa0 RCX: 00007fcf41abd33c
[  388.813505][T12242] RDX: 000000000000000f RSI: 00007fcf401270a0 RDI: 0000000000000006
[  388.813519][T12242] RBP: 00007fcf40127090 R08: 0000000000000000 R09: 0000000000000000
[  388.813532][T12242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  388.813621][T12242] R13: 0000000000000000 R14: 00007fcf41ce5fa0 R15: 00007ffea1f8b488
[  388.813709][T12242]  </TASK>
[  389.065919][   T29] audit: type=1326 audit(2000000053.030:4524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12240 comm="syz.3.2572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  389.089921][   T29] audit: type=1326 audit(2000000053.030:4525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12240 comm="syz.3.2572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  389.117283][   T29] audit: type=1326 audit(2000000053.030:4526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12240 comm="syz.3.2572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  389.143293][   T29] audit: type=1326 audit(2000000053.030:4527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12240 comm="syz.3.2572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  389.167063][   T29] audit: type=1326 audit(2000000053.080:4528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12240 comm="syz.3.2572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  389.191378][   T29] audit: type=1326 audit(2000000053.080:4529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12240 comm="syz.3.2572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  389.347210][T12263] loop9: detected capacity change from 0 to 7
[  389.360370][T12263]  loop9: unable to read partition table
[  389.366343][T12263] loop_reread_partitions: partition scan of loop9 (���������Jdʆ�dƤ����ݡ�����
[  389.366343][T12263] 
U������) failed (rc=-5)
[  389.388516][T12251] netlink: 'syz.4.2575': attribute type 10 has an invalid length.
[  389.398967][T12264] netlink: 'syz.3.2577': attribute type 10 has an invalid length.
[  390.337348][T12278] netlink: 'syz.4.2586': attribute type 1 has an invalid length.
[  390.481204][T12291] loop4: detected capacity change from 0 to 1024
[  390.566883][T12291] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  390.588366][T12291] ext4 filesystem being mounted at /513/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  391.718909][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  392.475159][T12314] lo speed is unknown, defaulting to 1000
[  392.726234][T12317] hub 4-0:1.0: USB hub found
[  392.768712][T12317] hub 4-0:1.0: 8 ports detected
[  392.795971][T12316] SELinux: syz.1.2597 (12316) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  392.814677][T12321] loop3: detected capacity change from 0 to 512
[  392.852123][T12321] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  392.897996][T12321] ext4 filesystem being mounted at /491/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  392.951172][T12321] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm syz.3.2598: corrupted inode contents
[  392.984446][T12321] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #18: comm syz.3.2598: mark_inode_dirty error
[  393.027129][T12321] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm syz.3.2598: corrupted inode contents
[  393.066846][T12321] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #18: comm syz.3.2598: mark_inode_dirty error
[  393.090511][T12321] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #18: comm syz.3.2598: mark inode dirty (error -117)
[  393.118916][T12327] netlink: 'syz.4.2596': attribute type 10 has an invalid length.
[  393.149271][T12321] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  393.188965][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  394.060253][T12349] loop3: detected capacity change from 0 to 1024
[  394.108227][T12349] EXT4-fs: Ignoring removed bh option
[  394.145916][T12349] EXT4-fs: inline encryption not supported
[  394.196530][T12349] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  394.218943][T12349] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  394.260878][T12349] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 2: comm syz.3.2603: lblock 2 mapped to illegal pblock 2 (length 1)
[  394.309092][T12349] __quota_error: 99 callbacks suppressed
[  394.309108][T12349] Quota error (device loop3): qtree_write_dquot: dquota write failed
[  394.345257][T12349] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 48: comm syz.3.2603: lblock 0 mapped to illegal pblock 48 (length 1)
[  394.380984][T12349] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  394.390053][T12349] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2603: Failed to acquire dquot type 0
[  394.444067][T12349] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  394.474566][T12349] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.2603: mark_inode_dirty error
[  394.510249][T12349] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  394.549471][T12349] EXT4-fs (loop3): 1 orphan inode deleted
[  394.566634][ T3785] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:8: lblock 1 mapped to illegal pblock 1 (length 1)
[  394.601402][T12349] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  394.648415][ T3785] Quota error (device loop3): remove_tree: Can't read quota data block 1
[  394.657263][ T3785] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 0
[  394.759099][T12349] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 48: comm syz.3.2603: lblock 0 mapped to illegal pblock 48 (length 1)
[  394.820296][T12365] netlink: 'syz.0.2614': attribute type 1 has an invalid length.
[  394.828892][T12349] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=-117
[  394.943961][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  396.243992][T12374] loop3: detected capacity change from 0 to 512
[  396.485442][   T29] audit: type=1326 audit(2000000060.770:4629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12379 comm="syz.0.2620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  396.633782][   T29] audit: type=1326 audit(2000000060.800:4630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12379 comm="syz.0.2620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  396.658489][   T29] audit: type=1326 audit(2000000060.800:4631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12379 comm="syz.0.2620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  396.682852][   T29] audit: type=1326 audit(2000000060.810:4632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12379 comm="syz.0.2620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  396.707231][   T29] audit: type=1326 audit(2000000060.810:4633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12379 comm="syz.0.2620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  396.731738][   T29] audit: type=1326 audit(2000000060.810:4634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12379 comm="syz.0.2620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  397.226459][T12400] netlink: 'syz.2.2627': attribute type 1 has an invalid length.
[  397.260823][T12402] loop9: detected capacity change from 0 to 7
[  397.270785][ T3300] buffer_io_error: 14 callbacks suppressed
[  397.270798][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  397.287721][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  397.295892][ T3300]  loop9: unable to read partition table
[  397.323377][T12402] Buffer I/O error on dev loop9, logical block 0, async page read
[  397.345402][T12402] Buffer I/O error on dev loop9, logical block 0, async page read
[  397.353899][T12402]  loop9: unable to read partition table
[  397.410821][T12402] loop_reread_partitions: partition scan of loop9 (���������Jdʆ�dƤ����ݡ�����
[  397.410821][T12402] 
U������) failed (rc=-5)
[  397.439296][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  397.449631][T12407] SELinux: failed to load policy
[  397.463196][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  397.484239][T12413] loop3: detected capacity change from 0 to 512
[  397.520500][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  397.529078][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  397.538024][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  397.546829][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  397.582348][T12407] loop4: detected capacity change from 0 to 128
[  397.689731][T12413] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  397.702787][T12413] ext4 filesystem being mounted at /494/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  398.634659][   T41] bio_check_eod: 84 callbacks suppressed
[  398.634727][   T41] kworker/u8:2: attempt to access beyond end of device
[  398.634727][   T41] loop4: rw=1, sector=145, nr_sectors = 152 limit=128
[  398.689433][   T41] kworker/u8:2: attempt to access beyond end of device
[  398.689433][   T41] loop4: rw=1, sector=305, nr_sectors = 8 limit=128
[  398.767093][   T41] kworker/u8:2: attempt to access beyond end of device
[  398.767093][   T41] loop4: rw=1, sector=321, nr_sectors = 8 limit=128
[  398.826376][   T41] kworker/u8:2: attempt to access beyond end of device
[  398.826376][   T41] loop4: rw=1, sector=337, nr_sectors = 8 limit=128
[  398.875108][   T41] kworker/u8:2: attempt to access beyond end of device
[  398.875108][   T41] loop4: rw=1, sector=353, nr_sectors = 8 limit=128
[  398.903562][T12444] gtp0: entered promiscuous mode
[  398.909686][T12444] gtp0: entered allmulticast mode
[  398.924526][   T41] kworker/u8:2: attempt to access beyond end of device
[  398.924526][   T41] loop4: rw=1, sector=369, nr_sectors = 8 limit=128
[  398.968526][   T41] kworker/u8:2: attempt to access beyond end of device
[  398.968526][   T41] loop4: rw=1, sector=385, nr_sectors = 8 limit=128
[  399.015401][   T41] kworker/u8:2: attempt to access beyond end of device
[  399.015401][   T41] loop4: rw=1, sector=401, nr_sectors = 8 limit=128
[  399.047747][   T41] kworker/u8:2: attempt to access beyond end of device
[  399.047747][   T41] loop4: rw=1, sector=417, nr_sectors = 8 limit=128
[  399.063517][   T41] kworker/u8:2: attempt to access beyond end of device
[  399.063517][   T41] loop4: rw=1, sector=433, nr_sectors = 8 limit=128
[  399.183899][T12447] netlink: 'syz.1.2637': attribute type 10 has an invalid length.
[  399.841043][T12452] loop4: detected capacity change from 0 to 128
[  400.289046][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  400.311350][T12452] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  400.329546][T12452] ext4 filesystem being mounted at /520/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  400.524937][T12463] loop9: detected capacity change from 0 to 7
[  400.532167][ T3300]  loop9: unable to read partition table
[  401.220680][T12470] SELinux: failed to load policy
[  401.249624][T12463]  loop9: unable to read partition table
[  401.257250][T12463] loop_reread_partitions: partition scan of loop9 (���������Jdʆ�dƤ����ݡ�����
[  401.257250][T12463] 
U������) failed (rc=-5)
[  401.286031][T12476] loop3: detected capacity change from 0 to 128
[  401.302407][T12477] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  401.354412][T12477] SELinux: failed to load policy
[  401.389291][T12477] pimreg: entered allmulticast mode
[  401.490443][   T29] kauditd_printk_skb: 22 callbacks suppressed
[  401.490458][   T29] audit: type=1326 audit(2000000065.760:4657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12483 comm="syz.2.2653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1cdee929 code=0x7ffc0000
[  401.523075][   T29] audit: type=1326 audit(2000000065.760:4658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12483 comm="syz.2.2653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1cdee929 code=0x7ffc0000
[  401.549559][   T29] audit: type=1326 audit(2000000065.760:4659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12483 comm="syz.2.2653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea1cdee929 code=0x7ffc0000
[  401.574073][   T29] audit: type=1326 audit(2000000065.760:4660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12483 comm="syz.2.2653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1cdee929 code=0x7ffc0000
[  401.600110][   T29] audit: type=1326 audit(2000000065.760:4661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12483 comm="syz.2.2653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7fea1cdee929 code=0x7ffc0000
[  401.626847][   T29] audit: type=1326 audit(2000000065.760:4662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12483 comm="syz.2.2653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1cdee929 code=0x7ffc0000
[  401.652988][   T29] audit: type=1326 audit(2000000065.760:4663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12483 comm="syz.2.2653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1cdee929 code=0x7ffc0000
[  401.885990][T12473] pimreg: left allmulticast mode
[  401.913922][ T3307] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  402.104238][T12496] netlink: 'syz.4.2656': attribute type 13 has an invalid length.
[  402.249039][T12498] lo speed is unknown, defaulting to 1000
[  402.501027][T12502] hub 4-0:1.0: USB hub found
[  402.572919][T12502] hub 4-0:1.0: 8 ports detected
[  404.120175][T12517] lo speed is unknown, defaulting to 1000
[  404.642459][T12519] loop4: detected capacity change from 0 to 512
[  405.144829][T12519] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  405.159414][T12519] ext4 filesystem being mounted at /522/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  405.488776][T12517] hub 4-0:1.0: USB hub found
[  405.537112][T12517] hub 4-0:1.0: 8 ports detected
[  405.571762][T12520] SELinux: syz.2.2661 (12520) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  405.840036][   T29] audit: type=1326 audit(2000000070.120:4664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12533 comm="syz.2.2664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1cdee929 code=0x7ffc0000
[  405.878241][   T29] audit: type=1326 audit(2000000070.130:4665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12533 comm="syz.2.2664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1cdee929 code=0x7ffc0000
[  405.994513][T12539] lo speed is unknown, defaulting to 1000
[  406.763310][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.775138][T12543] SELinux: failed to load policy
[  406.848663][T12548] pimreg: entered allmulticast mode
[  406.988334][T12542] pimreg: left allmulticast mode
[  407.106625][T12556] lo speed is unknown, defaulting to 1000
[  407.152313][T12539] hub 4-0:1.0: USB hub found
[  407.228965][T12539] hub 4-0:1.0: 8 ports detected
[  407.253214][T12544] SELinux: syz.3.2665 (12544) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  408.296481][T12573] lo speed is unknown, defaulting to 1000
[  408.498533][T12577] hub 4-0:1.0: USB hub found
[  408.563778][T12577] hub 4-0:1.0: 8 ports detected
[  408.637020][T12573] SELinux: syz.1.2672 (12573) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  408.662097][T12580] netlink: 'syz.3.2674': attribute type 3 has an invalid length.
[  408.927691][T12590] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  408.998920][T12593] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2678'.
[  409.076636][T12588] pimreg: entered allmulticast mode
[  409.130513][T12590] SELinux: failed to load policy
[  409.145099][T12601] loop4: detected capacity change from 0 to 1024
[  409.171068][   T29] audit: type=1326 audit(2000000073.380:4666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12583 comm="syz.3.2677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  409.200095][   T29] audit: type=1326 audit(2000000073.380:4667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12583 comm="syz.3.2677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  409.226605][   T29] audit: type=1326 audit(2000000073.380:4668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12583 comm="syz.3.2677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  409.255095][   T29] audit: type=1326 audit(2000000073.380:4669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12583 comm="syz.3.2677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  409.283336][   T29] audit: type=1326 audit(2000000073.380:4670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12583 comm="syz.3.2677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  409.308673][   T29] audit: type=1326 audit(2000000073.380:4671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12583 comm="syz.3.2677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  409.336601][   T29] audit: type=1326 audit(2000000073.380:4672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12583 comm="syz.3.2677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  409.364548][   T29] audit: type=1326 audit(2000000073.380:4673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12583 comm="syz.3.2677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf41abe929 code=0x7ffc0000
[  409.392497][   T29] audit: type=1326 audit(2000000073.380:4674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12583 comm="syz.3.2677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcf41ac0847 code=0x7ffc0000
[  409.423126][   T29] audit: type=1326 audit(2000000073.380:4675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12583 comm="syz.3.2677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fcf41ac07bc code=0x7ffc0000
[  409.650238][T12601] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  409.740193][T12601] ext4 filesystem being mounted at /525/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  409.922638][T12620] loop3: detected capacity change from 0 to 512
[  409.986672][T12620] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  410.002696][T12620] ext4 filesystem being mounted at /501/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  410.270314][T12593] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2678'.
[  410.458690][T12593] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2678'.
[  411.237405][T12593] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2678'.
[  411.406021][T12587] pimreg: left allmulticast mode
[  411.672609][T12593] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2678'.
[  411.685354][T12635] gtp0: entered promiscuous mode
[  411.690941][T12635] gtp0: entered allmulticast mode
[  411.832865][T12593] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2678'.
[  411.941886][T12593] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2678'.
[  412.040063][T12593] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2678'.
[  412.191458][T12593] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2678'.
[  412.300117][T12593] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2678'.
[  413.349027][T12649] hub 4-0:1.0: USB hub found
[  413.585588][T12643] SELinux: syz.1.2689 (12643) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  413.633057][T12640] lo speed is unknown, defaulting to 1000
[  413.660129][T12649] hub 4-0:1.0: 8 ports detected
[  413.681186][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  414.222119][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  414.346773][T12661] loop3: detected capacity change from 0 to 2048
[  414.444104][T12661] loop3: detected capacity change from 0 to 1024
[  414.514180][T12661] ext4: Unknown parameter 'euid'
[  415.601504][T12682] loop9: detected capacity change from 0 to 7
[  415.637039][T12682] buffer_io_error: 18 callbacks suppressed
[  415.637056][T12682] Buffer I/O error on dev loop9, logical block 0, async page read
[  415.641813][   T29] kauditd_printk_skb: 22 callbacks suppressed
[  415.641831][   T29] audit: type=1326 audit(2000000079.900:4698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12671 comm="syz.1.2698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  415.650180][T12682] Buffer I/O error on dev loop9, logical block 0, async page read
[  415.652918][   T29] audit: type=1326 audit(2000000079.900:4699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12671 comm="syz.1.2698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  415.659587][T12682]  loop9: unable to read partition table
[  415.692649][   T29] audit: type=1326 audit(2000000079.900:4700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12671 comm="syz.1.2698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  415.739723][T12682] loop_reread_partitions: partition scan of loop9 (���������Jdʆ�dƤ����ݡ�����
[  415.739723][T12682] 
U������) failed (rc=-5)
[  415.764694][   T29] audit: type=1326 audit(2000000079.900:4701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12671 comm="syz.1.2698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  415.792769][ T3739] Buffer I/O error on dev loop9, logical block 0, async page read
[  415.806340][   T29] audit: type=1326 audit(2000000079.900:4702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12671 comm="syz.1.2698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  415.841384][   T29] audit: type=1326 audit(2000000079.900:4703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12671 comm="syz.1.2698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  415.872700][   T29] audit: type=1326 audit(2000000079.900:4704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12671 comm="syz.1.2698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  415.875437][ T3739] Buffer I/O error on dev loop9, logical block 0, async page read
[  415.898899][   T29] audit: type=1326 audit(2000000079.900:4705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12671 comm="syz.1.2698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82b0d3e929 code=0x7ffc0000
[  415.932985][   T29] audit: type=1326 audit(2000000079.900:4706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12671 comm="syz.1.2698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f82b0d40847 code=0x7ffc0000
[  415.958373][   T29] audit: type=1326 audit(2000000079.900:4707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12671 comm="syz.1.2698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f82b0d407bc code=0x7ffc0000
[  415.982139][ T3739] Buffer I/O error on dev loop9, logical block 0, async page read
[  416.038885][ T3739] Buffer I/O error on dev loop9, logical block 0, async page read
[  416.056694][T12697] netlink: 'syz.4.2705': attribute type 3 has an invalid length.
[  416.179881][ T3739] Buffer I/O error on dev loop9, logical block 0, async page read
[  416.188653][ T3739] Buffer I/O error on dev loop9, logical block 0, async page read
[  416.198340][ T3739] Buffer I/O error on dev loop9, logical block 0, async page read
[  416.249342][ T3739] Buffer I/O error on dev loop9, logical block 0, async page read
[  417.363305][T12721] loop3: detected capacity change from 0 to 1024
[  417.374792][T12722] loop4: detected capacity change from 0 to 2048
[  417.382074][T12721] EXT4-fs: Ignoring removed bh option
[  417.412112][T12721] EXT4-fs: inline encryption not supported
[  417.432654][T12722] loop4: detected capacity change from 0 to 1024
[  417.444710][T12721] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  417.457550][T12722] ext4: Unknown parameter 'euid'
[  418.156722][T12721] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  418.171135][T12721] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 2: comm syz.3.2711: lblock 2 mapped to illegal pblock 2 (length 1)
[  418.243516][T12721] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 48: comm syz.3.2711: lblock 0 mapped to illegal pblock 48 (length 1)
[  418.258714][T12721] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2711: Failed to acquire dquot type 0
[  418.272918][T12728] netlink: 'syz.0.2712': attribute type 1 has an invalid length.
[  418.299210][T12731] loop4: detected capacity change from 0 to 128
[  418.320219][T12721] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  418.347759][T12734] __nla_validate_parse: 38 callbacks suppressed
[  418.347775][T12734] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2715'.
[  418.374171][T12721] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.2711: mark_inode_dirty error
[  418.394278][T12731] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  418.407616][T12721] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  418.422727][T12731] ext4 filesystem being mounted at /529/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  418.457346][T12721] EXT4-fs (loop3): 1 orphan inode deleted
[  418.464890][T12721] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  418.477467][   T41] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1)
[  418.500212][   T41] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 0
[  418.531098][T12731] FAULT_INJECTION: forcing a failure.
[  418.531098][T12731] name failslab, interval 1, probability 0, space 0, times 0
[  418.544798][T12731] CPU: 0 UID: 0 PID: 12731 Comm: syz.4.2714 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(voluntary) 
[  418.544880][T12731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  418.544894][T12731] Call Trace:
[  418.544919][T12731]  <TASK>
[  418.544927][T12731]  __dump_stack+0x1d/0x30
[  418.545020][T12731]  dump_stack_lvl+0xe8/0x140
[  418.545043][T12731]  dump_stack+0x15/0x1b
[  418.545131][T12731]  should_fail_ex+0x265/0x280
[  418.545237][T12731]  should_failslab+0x8c/0xb0
[  418.545259][T12731]  kmem_cache_alloc_noprof+0x50/0x310
[  418.545284][T12731]  ? mb_cache_entry_create+0xf0/0x540
[  418.545308][T12731]  ? check_xattrs+0x5e3/0x7d0
[  418.545404][T12731]  mb_cache_entry_create+0xf0/0x540
[  418.545482][T12731]  ext4_xattr_get+0x298/0x470
[  418.545504][T12731]  ext4_xattr_security_get+0x32/0x40
[  418.545532][T12731]  ? __pfx_ext4_xattr_security_get+0x10/0x10
[  418.545635][T12731]  __vfs_getxattr+0x2ad/0x2c0
[  418.545657][T12731]  cap_inode_need_killpriv+0x2e/0x50
[  418.545684][T12731]  security_inode_need_killpriv+0x36/0x70
[  418.545772][T12731]  file_remove_privs_flags+0x123/0x320
[  418.545834][T12731]  ? generic_write_checks_count+0xe1/0x2c0
[  418.545936][T12731]  ? __tsan_unaligned_write8+0x11e/0x190
[  418.546050][T12731]  file_modified_flags+0x32/0x350
[  418.546080][T12731]  file_modified+0x17/0x20
[  418.546104][T12731]  ext4_buffered_write_iter+0x1d0/0x3c0
[  418.546174][T12731]  ? ext4_file_write_iter+0xfe/0xf00
[  418.546211][T12731]  ext4_file_write_iter+0x383/0xf00
[  418.546238][T12731]  ? _parse_integer_limit+0x170/0x190
[  418.546334][T12731]  do_iter_readv_writev+0x41e/0x4c0
[  418.546364][T12731]  vfs_writev+0x2df/0x8b0
[  418.546441][T12731]  __se_sys_pwritev2+0xfc/0x1c0
[  418.546464][T12731]  __x64_sys_pwritev2+0x67/0x80
[  418.546554][T12731]  x64_sys_call+0x1cea/0x2fb0
[  418.546649][T12731]  do_syscall_64+0xd2/0x200
[  418.546668][T12731]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  418.546698][T12731]  ? clear_bhb_loop+0x40/0x90
[  418.546721][T12731]  ? clear_bhb_loop+0x40/0x90
[  418.546762][T12731]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.546786][T12731] RIP: 0033:0x7fb17e0ce929
[  418.546804][T12731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  418.546821][T12731] RSP: 002b:00007fb17c737038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  418.546839][T12731] RAX: ffffffffffffffda RBX: 00007fb17e2f5fa0 RCX: 00007fb17e0ce929
[  418.546920][T12731] RDX: 0000000000000001 RSI: 00002000000001c0 RDI: 0000000000000006
[  418.546931][T12731] RBP: 00007fb17c737090 R08: 0000000000000000 R09: 0000000000000001
[  418.546943][T12731] R10: 0000000000000e7b R11: 0000000000000246 R12: 0000000000000001
[  418.546955][T12731] R13: 0000000000000000 R14: 00007fb17e2f5fa0 R15: 00007ffd970608a8
[  418.546972][T12731]  </TASK>
[  418.915785][T12721] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 48: comm syz.3.2711: lblock 0 mapped to illegal pblock 48 (length 1)
[  419.001593][ T3307] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  419.014547][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  419.075201][T12748] loop4: detected capacity change from 0 to 512
[  419.172850][T12754] SELinux: failed to load policy
[  419.178932][T12762] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  419.190774][T12748] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  419.203853][T12762] SELinux: failed to load policy
[  419.209712][T12748] ext4 filesystem being mounted at /531/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  419.225135][T12754] loop3: detected capacity change from 0 to 128
[  419.266405][T12772] pimreg: entered allmulticast mode
[  419.358308][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  419.530307][  T413] bio_check_eod: 79 callbacks suppressed
[  419.530324][  T413] kworker/u8:6: attempt to access beyond end of device
[  419.530324][  T413] loop3: rw=1, sector=145, nr_sectors = 152 limit=128
[  419.586871][  T413] kworker/u8:6: attempt to access beyond end of device
[  419.586871][  T413] loop3: rw=1, sector=305, nr_sectors = 8 limit=128
[  419.636341][  T413] kworker/u8:6: attempt to access beyond end of device
[  419.636341][  T413] loop3: rw=1, sector=321, nr_sectors = 8 limit=128
[  419.686358][  T413] kworker/u8:6: attempt to access beyond end of device
[  419.686358][  T413] loop3: rw=1, sector=337, nr_sectors = 8 limit=128
[  419.737477][  T413] kworker/u8:6: attempt to access beyond end of device
[  419.737477][  T413] loop3: rw=1, sector=353, nr_sectors = 8 limit=128
[  419.787527][  T413] kworker/u8:6: attempt to access beyond end of device
[  419.787527][  T413] loop3: rw=1, sector=369, nr_sectors = 8 limit=128
[  419.832422][  T413] kworker/u8:6: attempt to access beyond end of device
[  419.832422][  T413] loop3: rw=1, sector=385, nr_sectors = 8 limit=128
[  419.882435][  T413] kworker/u8:6: attempt to access beyond end of device
[  419.882435][  T413] loop3: rw=1, sector=401, nr_sectors = 8 limit=128
[  419.937261][  T413] kworker/u8:6: attempt to access beyond end of device
[  419.937261][  T413] loop3: rw=1, sector=417, nr_sectors = 8 limit=128
[  419.961601][T12759] pimreg: left allmulticast mode
[  419.968031][  T413] kworker/u8:6: attempt to access beyond end of device
[  419.968031][  T413] loop3: rw=1, sector=433, nr_sectors = 8 limit=128
[  420.088675][T12780] loop3: detected capacity change from 0 to 512
[  420.305491][T12784] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2727'.
[  420.658010][   T29] kauditd_printk_skb: 92 callbacks suppressed
[  420.658026][   T29] audit: type=1326 audit(2000000084.940:4796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12808 comm="syz.0.2736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  420.771878][   T29] audit: type=1326 audit(2000000084.990:4797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12808 comm="syz.0.2736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  420.798945][   T29] audit: type=1326 audit(2000000084.990:4798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12808 comm="syz.0.2736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  420.825244][   T29] audit: type=1326 audit(2000000084.990:4799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12808 comm="syz.0.2736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  420.852899][   T29] audit: type=1326 audit(2000000084.990:4800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12808 comm="syz.0.2736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  420.878299][   T29] audit: type=1326 audit(2000000084.990:4801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12808 comm="syz.0.2736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  420.904356][   T29] audit: type=1326 audit(2000000084.990:4802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12808 comm="syz.0.2736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  420.930201][   T29] audit: type=1326 audit(2000000084.990:4803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12808 comm="syz.0.2736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  420.954758][   T29] audit: type=1326 audit(2000000085.040:4804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12808 comm="syz.0.2736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  420.978634][   T29] audit: type=1326 audit(2000000085.040:4805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12808 comm="syz.0.2736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1586e929 code=0x7ffc0000
[  421.184137][T12816] loop3: detected capacity change from 0 to 512
[  421.239689][T12820] FAULT_INJECTION: forcing a failure.
[  421.239689][T12820] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  421.241634][T12816] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  421.253534][T12820] CPU: 1 UID: 0 PID: 12820 Comm: syz.2.2739 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(voluntary) 
[  421.253573][T12820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  421.253587][T12820] Call Trace:
[  421.253593][T12820]  <TASK>
[  421.253603][T12820]  __dump_stack+0x1d/0x30
[  421.253648][T12820]  dump_stack_lvl+0xe8/0x140
[  421.253669][T12820]  dump_stack+0x15/0x1b
[  421.253686][T12820]  should_fail_ex+0x265/0x280
[  421.253724][T12820]  should_fail+0xb/0x20
[  421.253790][T12820]  should_fail_usercopy+0x1a/0x20
[  421.253812][T12820]  _copy_from_iter+0xcf/0xe40
[  421.253834][T12820]  ? __build_skb_around+0x1a0/0x200
[  421.253956][T12820]  ? __alloc_skb+0x223/0x320
[  421.253992][T12820]  netlink_sendmsg+0x471/0x6b0
[  421.254034][T12820]  ? __pfx_netlink_sendmsg+0x10/0x10
[  421.254058][T12820]  __sock_sendmsg+0x142/0x180
[  421.254087][T12820]  ____sys_sendmsg+0x31e/0x4e0
[  421.254113][T12820]  ___sys_sendmsg+0x17b/0x1d0
[  421.254162][T12820]  __x64_sys_sendmsg+0xd4/0x160
[  421.254189][T12820]  x64_sys_call+0x2999/0x2fb0
[  421.254271][T12820]  do_syscall_64+0xd2/0x200
[  421.254334][T12820]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  421.254362][T12820]  ? clear_bhb_loop+0x40/0x90
[  421.254392][T12820]  ? clear_bhb_loop+0x40/0x90
[  421.254420][T12820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  421.254444][T12820] RIP: 0033:0x7fea1cdee929
[  421.254462][T12820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  421.254481][T12820] RSP: 002b:00007fea1b457038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  421.254561][T12820] RAX: ffffffffffffffda RBX: 00007fea1d015fa0 RCX: 00007fea1cdee929
[  421.254575][T12820] RDX: 000000002000400c RSI: 00002000000000c0 RDI: 0000000000000003
[  421.254588][T12820] RBP: 00007fea1b457090 R08: 0000000000000000 R09: 0000000000000000
[  421.254634][T12820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  421.254647][T12820] R13: 0000000000000000 R14: 00007fea1d015fa0 R15: 00007ffdab17e518
[  421.254698][T12820]  </TASK>
[  421.373780][T12831] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2741'.
[  421.376129][T12816] ext4 filesystem being mounted at /510/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  421.380790][T12831] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2741'.
[  421.496981][T12840] netlink: 'syz.4.2744': attribute type 3 has an invalid length.
[  421.535244][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  421.600975][T12847] netlink: 'syz.0.2747': attribute type 1 has an invalid length.
[  421.999689][T12863] loop3: detected capacity change from 0 to 128
[  422.050239][T12853] SELinux: failed to load policy
[  422.999847][T12882] loop4: detected capacity change from 0 to 512
[  423.205617][T12889] netlink: 'syz.0.2761': attribute type 1 has an invalid length.
[  423.319833][T12893] netlink: 'syz.4.2762': attribute type 3 has an invalid length.
[  423.476826][T12895] loop9: detected capacity change from 0 to 7
[  423.535539][ T3300] buffer_io_error: 2 callbacks suppressed
[  423.535603][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  423.590869][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  423.600343][ T3300]  loop9: unable to read partition table
[  423.658668][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  423.672547][T12895] Buffer I/O error on dev loop9, logical block 0, async page read
[  423.717584][T12895] Buffer I/O error on dev loop9, logical block 0, async page read
[  423.726994][T12895]  loop9: unable to read partition table
[  423.735543][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  423.748710][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  423.770786][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  423.780213][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  423.830744][T12895] loop_reread_partitions: partition scan of loop9 (���������Jdʆ�dƤ����ݡ�����
[  423.830744][T12895] 
U������) failed (rc=-5)
[  423.831484][ T3300] Buffer I/O error on dev loop9, logical block 0, async page read
[  424.328588][T12902] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2766'.
[  424.379349][T12904] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  424.414305][T12904] SELinux: failed to load policy
[  424.437352][T12904] loop3: detected capacity change from 0 to 128
[  424.459020][T12912] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  424.475787][T12912] SELinux: failed to load policy
[  424.543141][T12912] loop4: detected capacity change from 0 to 128
[  424.568675][   T41] bio_check_eod: 100 callbacks suppressed
[  424.568693][   T41] kworker/u8:2: attempt to access beyond end of device
[  424.568693][   T41] loop3: rw=1, sector=145, nr_sectors = 152 limit=128
[  424.602931][   T41] kworker/u8:2: attempt to access beyond end of device
[  424.602931][   T41] loop3: rw=1, sector=305, nr_sectors = 8 limit=128
[  424.619683][   T41] kworker/u8:2: attempt to access beyond end of device
[  424.619683][   T41] loop3: rw=1, sector=321, nr_sectors = 8 limit=128
[  424.677492][   T41] kworker/u8:2: attempt to access beyond end of device
[  424.677492][   T41] loop3: rw=1, sector=337, nr_sectors = 8 limit=128
[  424.701688][T12922] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  424.722621][T12922] SELinux: failed to load policy
[  424.760899][   T41] kworker/u8:2: attempt to access beyond end of device
[  424.760899][   T41] loop3: rw=1, sector=353, nr_sectors = 8 limit=128
[  424.775473][   T41] kworker/u8:2: attempt to access beyond end of device
[  424.775473][   T41] loop3: rw=1, sector=369, nr_sectors = 8 limit=128
[  424.826855][T12922] pimreg: entered allmulticast mode
[  424.894967][   T41] kworker/u8:2: attempt to access beyond end of device
[  424.894967][   T41] loop3: rw=1, sector=385, nr_sectors = 8 limit=128
[  424.911025][   T41] kworker/u8:2: attempt to access beyond end of device
[  424.911025][   T41] loop3: rw=1, sector=401, nr_sectors = 8 limit=128
[  425.147797][   T41] kworker/u8:2: attempt to access beyond end of device
[  425.147797][   T41] loop3: rw=1, sector=417, nr_sectors = 8 limit=128
[  425.214058][T12929] netlink: 'syz.0.2774': attribute type 1 has an invalid length.
[  425.281141][   T41] kworker/u8:2: attempt to access beyond end of device
[  425.281141][   T41] loop3: rw=1, sector=433, nr_sectors = 8 limit=128
[  425.419347][T12920] pimreg: left allmulticast mode
[  425.516290][T12931] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2772'.
[  425.596575][T12936] SELinux:  Context system_u:object is not valid (left unmapped).
[  426.909053][T12962] loop9: detected capacity change from 0 to 7
[  426.934030][ T3739]  loop9: unable to read partition table
[  426.942022][T12953] netlink: 'syz.2.2775': attribute type 10 has an invalid length.
[  427.070104][T12966] SELinux: failed to load policy
[  427.093525][T12962]  loop9: unable to read partition table
[  427.111562][T12962] loop_reread_partitions: partition scan of loop9 (���������Jdʆ�dƤ����ݡ�����
[  427.111562][T12962] 
U������) failed (rc=-5)
[  427.135252][T12966] loop4: detected capacity change from 0 to 128
[  427.391507][T12974] lo speed is unknown, defaulting to 1000
[  427.495885][T12981] hub 4-0:1.0: USB hub found
[  427.502824][T12981] hub 4-0:1.0: 8 ports detected
[  427.528663][T12981] SELinux: syz.2.2789 (12981) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  427.560177][T12984] lo speed is unknown, defaulting to 1000
[  427.878567][T12988] hub 4-0:1.0: USB hub found
[  428.629827][T12992] SELinux: syz.0.2792 (12992) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  428.719419][T12988] hub 4-0:1.0: 8 ports detected
[  428.854027][ T3314] ==================================================================
[  428.862539][ T3314] BUG: KCSAN: data-race in generic_fillattr / inode_add_bytes
[  428.870395][ T3314] 
[  428.872725][ T3314] read-write to 0xffff8881253a3b28 of 8 bytes by task 12985 on cpu 0:
[  428.881250][ T3314]  inode_add_bytes+0x47/0xe0
[  428.886009][ T3314]  __dquot_alloc_space+0x180/0x8a0
[  428.891322][ T3314]  shmem_inode_acct_blocks+0x129/0x240
[  428.897074][ T3314]  shmem_get_folio_gfp+0x5a7/0xd60
[  428.902917][ T3314]  shmem_write_begin+0xa8/0x190
[  428.908079][ T3314]  generic_perform_write+0x184/0x490
[  428.913869][ T3314]  shmem_file_write_iter+0xc5/0xf0
[  428.919659][ T3314]  __kernel_write_iter+0x253/0x4c0
[  428.925314][ T3314]  dump_user_range+0x407/0x8c0
[  428.930571][ T3314]  elf_core_dump+0x1dc2/0x1f80
[  428.936398][ T3314]  do_coredump+0x1dfd/0x27b0
[  428.941184][ T3314]  get_signal+0xd85/0xf70
[  428.946075][ T3314]  arch_do_signal_or_restart+0x96/0x480
[  428.952200][ T3314]  irqentry_exit_to_user_mode+0x5e/0xa0
[  428.958292][ T3314]  irqentry_exit+0x12/0x50
[  428.963254][ T3314]  asm_exc_page_fault+0x26/0x30
[  428.968485][ T3314] 
[  428.970917][ T3314] read to 0xffff8881253a3b28 of 8 bytes by task 3314 on cpu 1:
[  428.978971][ T3314]  generic_fillattr+0x27d/0x340
[  428.984180][ T3314]  shmem_getattr+0x181/0x200
[  428.989200][ T3314]  vfs_getattr_nosec+0x143/0x1e0
[  428.994347][ T3314]  vfs_statx+0x113/0x390
[  428.998884][ T3314]  vfs_fstatat+0x115/0x170
[  429.003914][ T3314]  __se_sys_newfstatat+0x55/0x260
[  429.009245][ T3314]  __x64_sys_newfstatat+0x55/0x70
[  429.015154][ T3314]  x64_sys_call+0x2c22/0x2fb0
[  429.020243][ T3314]  do_syscall_64+0xd2/0x200
[  429.025022][ T3314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  429.031152][ T3314] 
[  429.033910][ T3314] value changed: 0x0000000000004288 -> 0x0000000000004290
[  429.041930][ T3314] 
[  429.044429][ T3314] Reported by Kernel Concurrency Sanitizer on:
[  429.051069][ T3314] CPU: 1 UID: 0 PID: 3314 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(voluntary) 
[  429.065151][ T3314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  429.075952][ T3314] ==================================================================
[  429.162376][T12999] lo speed is unknown, defaulting to 1000
[  429.253201][T13002] hub 4-0:1.0: USB hub found
[  429.258564][T13002] hub 4-0:1.0: 8 ports detected