last executing test programs:

3.194049183s ago: executing program 2 (id=1517):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000240), 0x1, 0x4bf, &(0x7f0000000540)="$eJzs3c9vG1kdAPDvTJImm81usrASPwRsWRYKqtZO3N1otaflAkKrlRArThzakLhRFDuOYqc0oYf0f0CiEif4EzggcUDqiTs3uCGkckAqUIEaJA5GM56kaWqnEU08Vfz5SE8zb57t73tt573pt41fACPrckTsRcSliLgREbPF9aQo8VGvZK97/OjO8v6jO8tJdLuf/iPJ27NrceQ9mVeLz5yKiB98N+LHybNx2zu760uNRn2rqFc7zc1qe2f3L2vNpdX6an2jVltcWJz/4Nr7tTMb61vNXz/8ztrHP/zdb7/84A973/pp1q2Zou3oOM5Sb+gTh3Ey4xHx8XkEK8FYMZ5LZXeE/0saEZ+JiLez+79bdm8AgGHodmejO3u0DgBcdGmeA0vSSpELmIk0rVR6Obw3YzpttNqdqzdb2xsrvVzZXEykN9ca9fkiVzgXE0lWX8jPn9Rrx+rXIuKNiPjZ5Ct5vbLcaqyU+eADACPs1WPr/78ne+s/AHDBTZXdAQBg6Kz/ADB6rP8AMHqs/wAweqz/ADB6rP8AMHqs/wAwUr7/ySdZ6e4X33+9cmtne711692Venu90txeriy3tjYrq63Wav6dPc3nfV6j1dpceC+2b1c79Xan2t7Zvd5sbW90ruff6329PjGUUQEAJ3njrft/SiJi78NX8hJH9nKwVsPFlpbdAaA0Y2V3ACjNeNkdAErj7/hAny16nzLwvwjdG/gWUwu85K58Qf4fRpX8P4wu+X8YXfL/MLq63cSe/wAwYuT4gXP4938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC48GbykqSVYi/wmUjTSiXitYiYi4nk5lqjPh8Rr0fEHycnJrP6QtmdBgBeUPq3pNj/68rsOzPHWy8l/5nMjxHxk198+vPbS53O1kJ2/Z+H1zv3iuu1EwPZahAASnKwTh+s4wceP7qzfFCG2Z+H3+5tLprF3S9Kr2U8xvPjVP7gMP2vpKj3ZM8rY2cQf+9uRHy+3/iTPDcyV+x8ejx+Fvu1ocZPn4qf5m29Y/Zr8dkz6AuMmvvZ/PNRv/svjcv5sf/9P5XPUC/uYP7bf2b+Sw/nv7EB89/l08Z47/ffG9h2N+KL4/3iJ4fxkwHx3zll/D9/6StvD2rr/jLiSvSPfzRWtdPcrLZ3dt9day6t1lfrG7Xa4sLi/AfX3q9V8xx19SBT/ay/f3j19ZPGPz0g/tRzxv/1U47/V/+98aOvnhD/m1/r//v/5gnxszXxG6eMvzT9m4Hbd2fxV/qPv3jP4PFfPWX8B3/dXTnlSwGAIWjv7K4vNRr1LSdDO8me3V6Cbjgp7ST7E3AWn/O5c+xq2TMTcN6e3PRl9wQAAAAAAAAAAAAAABhkGD/wVPYYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+FwAA//+vctdr")
openat(0xffffffffffffff9c, 0x0, 0x101042, 0x15)
r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f00000000c0), 0x0, 0x9000)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{}, &(0x7f0000000340), &(0x7f0000000380)}, 0x20)
lseek(r2, 0x5, 0x4)

3.120240638s ago: executing program 2 (id=1520):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000800000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x8, 0x0, 0xa, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, @perf_config_ext={0x3ff, 0x100000001}, 0x46d8, 0x10000, 0x0, 0x1, 0x8, 0x2000a, 0xb, 0x0, 0x0, 0x0, 0x8000000000000002}, 0x0, 0xffffffdfffffffff, 0xffffffffffffffff, 0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), r2)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01032757c38d085641a7260000000c000180080001"], 0x20}, 0x1, 0x0, 0x0, 0x20040005}, 0x8840)

3.071797912s ago: executing program 2 (id=1522):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800002, &(0x7f0000000000)={[{@noblock_validity}, {@dioread_nolock}, {@errors_remount}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x22}, 0x84, 0x464, &(0x7f0000000ac0)="$eJzs3EtvG0UcAPD/bpq+S0Ipjz6AQEFEPJImLdADFxBIvSAhwaEcQ5pWpWmDmiDRKqIpQuWI+gmAIxKfgBNcEHACcYU7QqpQLgQOaNHau6lx7GAncZ3g30/aeGZ31jt/7449O2MngJ41lP9JIvZGxM8RMRARffUFhqoPS4vzk38uzk8mkWWv/57ku8Ufi/OTZdGkeNxTZIbTiPTDJA43OO7slasXJqanpy4X+dG5i++Mzl65+sz5ixPnps5NXRo/efLE8bHnnxt/dkPi3JfX9dD7M0cOnnrz5quTp2++9d0XeX33Fttr46gaXPcxh2Jo+TWp9/i6n31z2VeTTrZ1sSK0JW/r+enqr7T/geiL2ydvIF75oKuVAzoqy7Jsx4q1yz2AhQz4H0ui2zUAuqP8oM/vf8vlDnY/uu7Wi9UboDzupWKpbtkWaVGmv+7+diMNRcTphb8+yZdoOA4BALCxvsr7P0836v+lcV9NubuKuaHBiLg7IvZHxD0RcSAi7o2olL0/Ih5o8/hDdfmV/Z8fd60psBbl/b8Xirmtf/f/yt5fDPYVuX2V+PuTs+enp44Vr8lw9O/I82OrHOPrl3/6uNm22v5fviz1x2TZFyzq8du2ugG6MxNzE+uJudat65UxwGsr40+WZwKSiDgYEYfW8Pw7I+L8k58fabZ9RfyL83Xxr2ID5pmyzyKeqJ7/haiLv5SsPj85ujOmp46NllfFSt//cOO1ZsdfV/wbID//uxte/8vxDya187Wz7R/jxi8fNb2n+e/4G1//25M3Kuntxbr3JubmLo9FbE8WVq4fv71vmS/L5/EPH23c/vdH/P1psd/hiMgv4gcj4qGIeLio+yMR8WhEHF0l/m9feuzttcffWXn8Z9o6/+0n+i5882Wz47d2/k9UUsPFmlbe/1qt4HpeOwAAANgq0sp34JN0ZDmdpiMj1e/wH4jd6fTM7NxTZ2fevXSm+l35wehPy5GugZrx0LFibLjMj9flj1fGjbMsy3ZV8iOTM9OdmlMHWrOnSfvP/drX7doBHdfWPFqzX7QBW5Lfa0Lv0v6hd2n/0Lu0f+hdjdr/tYilVXe63rHqAHeQz3/oXdo/9C7tH3qX9g89aT2/618tsf9Ua4XLf0DYoWpsgUTf5qhG24lIN0U11pZIN0c1qokdEdFq4Wt3rKV0+Y0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/wTAAD//7YA6Ok=")
r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
open_by_handle_at(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(r0, 0x40089416, &(0x7f0000000000))
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
fdatasync(r4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000f40)={0x11, 0xd, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000220000000000000000000000850000006d00000018110000", @ANYRESDEC, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000a00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES16=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000400)={'batadv_slave_0\x00', <r6=>0x0})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000600)={'ip_vti0\x00', &(0x7f0000000580)={'syztnl1\x00', <r7=>0x0, 0x20, 0x1, 0x5, 0x4, {{0x18, 0x4, 0x1, 0x7, 0x60, 0x66, 0x0, 0x6, 0x2f, 0x0, @loopback, @multicast2, {[@timestamp_prespec={0x44, 0x24, 0x3f, 0x3, 0x8, [{@private=0xa000101}, {@loopback, 0x8437}, {@local}, {@loopback, 0x4}]}, @noop, @timestamp_addr={0x44, 0x24, 0x43, 0x1, 0xa, [{@dev={0xac, 0x14, 0x14, 0x1e}, 0x8000}, {@broadcast, 0x34da}, {@dev={0xac, 0x14, 0x14, 0x17}, 0x3}, {@multicast1, 0x1}]}]}}}}})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000680)={'batadv_slave_0\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), r9)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r9, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r10=>0x0})
sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000700)={&(0x7f0000000200), 0xc, &(0x7f00000006c0)={&(0x7f0000001140)=ANY=[@ANYBLOB="84010000", @ANYRES16=0x0, @ANYBLOB="00022cbd7000fbdbdf25190000001400018008000100", @ANYRES32=0x0, @ANYBLOB="0000fc83", @ANYRES32=0x0, @ANYBLOB="4c00018008000100", @ANYRES32=0x0, @ANYBLOB="140002006e65747063693000000000000000000008000300000000001400020077673000000000000000000000000000080003000300000008000100", @ANYRES32=0x0, @ANYBLOB="60000180140002007663616e30000000000000000000000008000100", @ANYRES32=r6, @ANYBLOB="140002006e657464657673696d300000000000000800030000000000080003000000000008000300000000001400020070696d726567000000000000000000006000018008000300010000000800030003000000140002006e7230000000000000000000000000001400020070696d7265673000000000000000000008000100", @ANYRES32=r7, @ANYBLOB="08000300030000001400020067656e65766531000000000000000000500001801400020073797a6b616c6c65723100000000000008000100", @ANYRES32=r8, @ANYBLOB="08000100", @ANYRES32=r10, @ANYBLOB="14000200697036746e6c30000000000000000000140002006261746164765f736c6176655f310000"], 0x184}, 0x1, 0x0, 0x0, 0x40000}, 0x880)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='mm_page_free\x00', r5}, 0x18)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)

2.380615628s ago: executing program 4 (id=1527):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[@ANYBLOB="2c00000026000506"], 0x2c}}, 0x0) (fail_nth: 6)

2.269357017s ago: executing program 2 (id=1529):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0xfffd, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000005c0)=@newqdisc={0x44, 0x24, 0xd0f, 0x70bd2c, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffe0, 0xa}, {0x1, 0xe}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x14, 0x2, [@TCA_CODEL_INTERVAL={0x8, 0x3, 0x9}, @TCA_CODEL_TARGET={0x8, 0x1, 0x2}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x55}, 0xc010)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0x2f9, 0x543, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe100004000632177fb7f0200017f020001be3e7d2a182fff", 0x0, 0x3e8, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28)
r5 = syz_open_dev$loop(&(0x7f0000000300), 0xe18fa05, 0x80)
ioctl$LOOP_SET_CAPACITY(r5, 0x4c07)
getrandom(&(0x7f0000000600)=""/274, 0xffffff4f, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e21, @local}], 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r7}, 0x10)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380), 0x84d03, 0x0)

2.000496128s ago: executing program 4 (id=1531):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x4000002}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x1000000000000}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="75ad60fff7f85c743e62ad237ec94b4069d60201b94923f9b36870d2a29654d6a9fb19454b63bee404fddaf847e539919c60a80b9d0d60f79854067b21fbf0e38cd36222122941dbde9726aa0c6840f94bd12637eb68936d258301b7ddde3691485fe497b4355286ed1dd851836efdf93a24a43ec34d6bb75669dbbd13d43b2f9be4de8bedbc6285e309cffef267597419091015b9ad7cbde324bdcd29902f5bafeaf06cb1c200000000000000"], 0x0, 0x28}, 0x28)
r1 = msgget$private(0x0, 0x790)
msgsnd(r1, &(0x7f0000000d00)=ANY=[@ANYRES8], 0x401, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_flowlabel\x00')
ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000280)={0x6, &(0x7f0000000100)=[{0x1, 0x4, 0x9, 0x2}, {0x20, 0x2, 0xd1, 0xbe}, {0x80, 0x2, 0xd, 0x3}, {0xfffd, 0x7, 0x9, 0x7d}, {0x2, 0x3, 0xff, 0x4}, {0x196, 0xc7, 0xfd, 0xf}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$TIOCSSOFTCAR(0xffffffffffffffff, 0x541a, &(0x7f0000000000)=0x2)
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r3, &(0x7f0000001240)=""/102400, 0x200000, 0x0)
syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1818e58, &(0x7f00000003c0), 0x22, 0x63f, &(0x7f0000000d80)="$eJzs3c9rXFsdAPDvvZPkJWl86RMRX1AMuHgP5KVJfVh1Y1sXdlGwYBciLhqapIZOf5CkYGvBBFwoKIi4LdKN/4B76d6dCOrOtVBFKha0dB73zp1mMplfaTIzSe7nA5M599wzOeebOyf33HvnzA2gtOazH2nE+xGvbyQRs03rZqK+cr4o9+Lfj29mjyRqte/+K4mkyGuUT4rnM8XCZET86XLEpyv76918+Oj2crVW95OIc1t37p/bfPjoo/U7y7dWb63eXTr/tY8vLH596eOlpoa+vTPF85Wr3/n8L3/6w6+u/bn6URIX4/r4j1eiJY6jMh/z8boIsTl/LCIuZIk2f5eT5hSEUGqV4v04HhGfjdmo5Et1s7H+i5E2DhioWiWi1l3SqwBwUuneUFaNcUDj2L6/4+DrAx6VDM/zS/UDoP3xjxWnHCbzY6PpF0nTkVH93MbZI6g/q+PV48knrx7PPYk95yFevtk6Y0dQTyfbOxHxuXbxJ3nbzuaRZvGne47104hYjIiJon3fOkQbkqb0IM7DdHOQ+Ju3Qxb/xeI5y7/8lvW3ntYadvwAlNOzS8WOfDtb2t3/ZWOPxvgn2ox/Zg5/SSY36v1f5/FfY38/mY970pZxWDZmudb+V463Zvz951d+3an++vhv7knjkdXfGAsOw/OdiLmW+H+WBVuMf7L4kzbbPyty42J/dXz7L/+80mndqOOvPY34oO3xz+6oNEt1uT55bm29urpY/9m2jj/88Qe/61R/+/jfGUCk7WXbf7pD/E3bP219XfY3ud/+V+60Zvz+2tM7neqf6bn9039MJPXjzYki50c7W1sbSxETydWiSJG/vLW1cb57vPUyL2v581I9/g+/1L7/73n/t0Q11fiX2Yf737v9otO6t3n/N11Mfl3rsw2dZPGv9N7++/p/lverPuv47/cffKHTum7xTx0mMAAAAAAAACihNL8Gm6QLb9JpurBQny/7mZhOq/c2t768du/B3ZWID/PPQ46nkSb5R0Zm68vJ2np1dan4PGxj+XzL8lci4r2I+E1lKl9euHmvujLq4AEAAAAAAAAAAAAAAAAAAOCYOFPM/2/cp/o/lfr8f6Aket9gbt/9H4BTYpA3mASOt7z/d9vFvzu8tgDDZf8P5aX/Q3np/1Be+j+Ul/4P5aX/Q3np/1Be+j8AAAAAnErvffHZ35KI2P7GVP7ITBTrTPqF0238QKUrA2sHMHx6NJTXm0v/BvtQOn2N//9XfDng4JsDjEDSLjMfHNS6d/5nbV+5a+fwbQMAAAAAAAAAAAAA6j54v/P8/4PNDQZOGtP+oLwOMf/fVwfACeer/6G8HOMDPWbxx2SnFb3m/wMAAAAAAAAAAAAAR2YmfyTpQjEXeCbSdGEh4lMRcTbGk7X16upiRLwbEX+tjL+TLS+NutEAAAAAAAAAAAAAAAAAAABwymw+fHR7uVpd3WhO/H9fzulONO6C2rtwrY8yXRPfjAO+KpLh/1mmImLkG2VgibGmnCRiO9vyx6JhG5txPJqRJ0b8jwkAAAAAAAAAAAAAAAAAAEqoae5xe3O/HXKLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGD4du//3yOxMl1/QV+F9yZGHSMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcDJ9EgAA//+YYDw3")
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000300)={0x0, 0x3a, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380100000001010400000001141a00000200ffff0800074000000001240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c000280050001000000000024000e800c00028005000100930000001400018008000100ac1414bb080002006401010208000340000000008400068014000500ff020000000000000000000000000001080002007f0000010800020000000000080001000000000008000100e0000002080001007f00000108000200e0000002140005000000000000000000000000000000000114000380060002"], 0x138}}, 0x0)

1.973649161s ago: executing program 0 (id=1532):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

1.875752389s ago: executing program 0 (id=1537):
r0 = open(&(0x7f0000000400)='./file0\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000100)='kfree\x00', r1}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa40}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000180)='mm_page_free\x00', r2, 0x0, 0x1000000}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000003180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf84, 0x8003}, 0x1c)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
fcntl$dupfd(r4, 0x0, r4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x20, 0x4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040040}, 0x0)
close(r3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
r7 = dup(0xffffffffffffffff)
sendfile(r7, r0, 0x0, 0x8000fffffffc)

1.539544976s ago: executing program 3 (id=1538):
r0 = open(&(0x7f0000000400)='./file0\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000100)='kfree\x00', r1}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa40}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000180)='mm_page_free\x00', r2, 0x0, 0x1000000}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000003180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf84, 0x8003}, 0x1c)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
fcntl$dupfd(r4, 0x0, r4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x20, 0x4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040040}, 0x0)
close(r3)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x143a82, 0x8)
openat$autofs(0xffffffffffffff9c, &(0x7f00000014c0), 0x20042, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
r8 = dup(r6)
sendfile(r8, r0, 0x0, 0x8000fffffffc)

1.440049584s ago: executing program 0 (id=1539):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800002, &(0x7f0000000000)={[{@noblock_validity}, {@dioread_nolock}, {@errors_remount}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x22}, 0x84, 0x464, &(0x7f0000000ac0)="$eJzs3EtvG0UcAPD/bpq+S0Ipjz6AQEFEPJImLdADFxBIvSAhwaEcQ5pWpWmDmiDRKqIpQuWI+gmAIxKfgBNcEHACcYU7QqpQLgQOaNHau6lx7GAncZ3g30/aeGZ31jt/7449O2MngJ41lP9JIvZGxM8RMRARffUFhqoPS4vzk38uzk8mkWWv/57ku8Ufi/OTZdGkeNxTZIbTiPTDJA43OO7slasXJqanpy4X+dG5i++Mzl65+sz5ixPnps5NXRo/efLE8bHnnxt/dkPi3JfX9dD7M0cOnnrz5quTp2++9d0XeX33Fttr46gaXPcxh2Jo+TWp9/i6n31z2VeTTrZ1sSK0JW/r+enqr7T/geiL2ydvIF75oKuVAzoqy7Jsx4q1yz2AhQz4H0ui2zUAuqP8oM/vf8vlDnY/uu7Wi9UboDzupWKpbtkWaVGmv+7+diMNRcTphb8+yZdoOA4BALCxvsr7P0836v+lcV9NubuKuaHBiLg7IvZHxD0RcSAi7o2olL0/Ih5o8/hDdfmV/Z8fd60psBbl/b8Xirmtf/f/yt5fDPYVuX2V+PuTs+enp44Vr8lw9O/I82OrHOPrl3/6uNm22v5fviz1x2TZFyzq8du2ugG6MxNzE+uJudat65UxwGsr40+WZwKSiDgYEYfW8Pw7I+L8k58fabZ9RfyL83Xxr2ID5pmyzyKeqJ7/haiLv5SsPj85ujOmp46NllfFSt//cOO1ZsdfV/wbID//uxte/8vxDya187Wz7R/jxi8fNb2n+e/4G1//25M3Kuntxbr3JubmLo9FbE8WVq4fv71vmS/L5/EPH23c/vdH/P1psd/hiMgv4gcj4qGIeLio+yMR8WhEHF0l/m9feuzttcffWXn8Z9o6/+0n+i5882Wz47d2/k9UUsPFmlbe/1qt4HpeOwAAANgq0sp34JN0ZDmdpiMj1e/wH4jd6fTM7NxTZ2fevXSm+l35wehPy5GugZrx0LFibLjMj9flj1fGjbMsy3ZV8iOTM9OdmlMHWrOnSfvP/drX7doBHdfWPFqzX7QBW5Lfa0Lv0v6hd2n/0Lu0f+hdjdr/tYilVXe63rHqAHeQz3/oXdo/9C7tH3qX9g89aT2/618tsf9Ua4XLf0DYoWpsgUTf5qhG24lIN0U11pZIN0c1qokdEdFq4Wt3rKV0+Y0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/wTAAD//7YA6Ok=")
r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
open_by_handle_at(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(r0, 0x40089416, &(0x7f0000000000))
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
fdatasync(r4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000f40)={0x11, 0xd, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000220000000000000000000000850000006d00000018110000", @ANYRESDEC, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000a00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES16=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000400)={'batadv_slave_0\x00', <r6=>0x0})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000600)={'ip_vti0\x00', &(0x7f0000000580)={'syztnl1\x00', <r7=>0x0, 0x20, 0x1, 0x5, 0x4, {{0x18, 0x4, 0x1, 0x7, 0x60, 0x66, 0x0, 0x6, 0x2f, 0x0, @loopback, @multicast2, {[@timestamp_prespec={0x44, 0x24, 0x3f, 0x3, 0x8, [{@private=0xa000101}, {@loopback, 0x8437}, {@local}, {@loopback, 0x4}]}, @noop, @timestamp_addr={0x44, 0x24, 0x43, 0x1, 0xa, [{@dev={0xac, 0x14, 0x14, 0x1e}, 0x8000}, {@broadcast, 0x34da}, {@dev={0xac, 0x14, 0x14, 0x17}, 0x3}, {@multicast1, 0x1}]}]}}}}})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000680)={'batadv_slave_0\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), r9)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r9, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r10=>0x0})
sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000700)={&(0x7f0000000200), 0xc, &(0x7f00000006c0)={&(0x7f0000001140)=ANY=[@ANYBLOB="84010000", @ANYRES16=0x0, @ANYBLOB="00022cbd7000fbdbdf25190000001400018008000100", @ANYRES32=0x0, @ANYBLOB="0000fc83", @ANYRES32=0x0, @ANYBLOB="4c00018008000100", @ANYRES32=0x0, @ANYBLOB="140002006e65747063693000000000000000000008000300000000001400020077673000000000000000000000000000080003000300000008000100", @ANYRES32=0x0, @ANYBLOB="60000180140002007663616e30000000000000000000000008000100", @ANYRES32=r6, @ANYBLOB="140002006e657464657673696d300000000000000800030000000000080003000000000008000300000000001400020070696d726567000000000000000000006000018008000300010000000800030003000000140002006e7230000000000000000000000000001400020070696d7265673000000000000000000008000100", @ANYRES32=r7, @ANYBLOB="08000300030000001400020067656e65766531000000000000000000500001801400020073797a6b616c6c65723100000000000008000100", @ANYRES32=r8, @ANYBLOB="08000100", @ANYRES32=r10, @ANYBLOB="14000200697036746e6c30000000000000000000140002006261746164765f736c6176655f310000"], 0x184}, 0x1, 0x0, 0x0, 0x40000}, 0x880)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='mm_page_free\x00', r5}, 0x18)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)

1.408731656s ago: executing program 0 (id=1540):
r0 = open(&(0x7f0000000400)='./file0\x00', 0x64842, 0x2)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x143a82, 0x8)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000010000008500000086000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
r4 = dup(r1)
sendfile(r4, r0, 0x0, 0x8000fffffffc)

1.164700516s ago: executing program 2 (id=1541):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x24000040)
r3 = getpid()
fsopen(&(0x7f0000000040)='ocfs2_dlmfs\x00', 0x0)
r4 = syz_pidfd_open(r3, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000340), 0x48000)
r6 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$vga_arbiter(r6, &(0x7f0000000040)=@target={'target ', {'PCI:', '0', ':', 'f', ':', '3', '.', '8'}}, 0x13)
listen(0xffffffffffffffff, 0x208)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r8, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r5, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x0, 'queue0\x00'})
close_range(r4, 0xffffffffffffffff, 0x0)

1.140072068s ago: executing program 0 (id=1542):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
syslog(0x2, &(0x7f0000000a00)=""/4096, 0x1000)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001f80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x40}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa2}, 0x94)
mknodat(0xffffffffffffff9c, 0x0, 0x800, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r2, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x14000, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$sock_buf(r4, 0x1, 0x19, 0x0, &(0x7f0000000280))
mprotect(&(0x7f00006d3000/0x2000)=nil, 0x2000, 0x1)

1.11612727s ago: executing program 4 (id=1543):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

999.270559ms ago: executing program 1 (id=1544):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10021, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x11c167, 0x0, 0xfffffffc, 0xb95b5ec032cc8e84, 0xfffffffffffff801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7c, 0x7c, 0x7, [@typedef={0x6, 0x0, 0x0, 0x8, 0x4}, @enum={0x6, 0x5, 0x0, 0x6, 0x4, [{0xe, 0x8000}, {0x6, 0x8}, {0x9, 0xffff}, {0x8, 0x5}, {0x6}]}, @struct={0x2, 0x4, 0x0, 0x4, 0x1, 0x1, [{0x0, 0x5, 0xa4ed}, {0x5, 0x2}, {0xf, 0x4, 0x1d4}, {0x5, 0x4, 0x1}]}]}, {0x0, [0x5f, 0x5f, 0x30, 0x2e, 0x0]}}, &(0x7f0000000040)=""/91, 0x9b, 0x5b, 0x0, 0x3f}, 0x28)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r4}, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r5, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback, 0x4}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_256={{0x304}, "0002002000", "07f217bd74511e465bbbd5de01000000f9044677d4d588363d63af84db44be59", "dc41ffe1", "8ce63ecbc640735f"}, 0x38)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_256={{0x304}, "0000004a650600", "af193cff4810ba5ac120d096eb00000052095b4285514ca312c52e3a08756735", '8\x00', "bc3a20b10f4ad11e"}, 0x38)
close(r5)
bpf$PROG_LOAD(0x5, &(0x7f0000003b00)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r6}, 0x10)
chdir(&(0x7f0000000000)='./file1\x00')
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x84, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x24, 0x1, 0x0, 0x1, @tproxy={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_TPROXY_REG_PORT={0x8, 0x3, 0x1, 0x0, 0x11}, @NFTA_TPROXY_FAMILY={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xf8}}, 0x0)

954.348833ms ago: executing program 1 (id=1545):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x8, 0x0, 0xa, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, @perf_config_ext={0x3ff, 0x100000001}, 0x46d8, 0x10000, 0x0, 0x1, 0x8, 0x2000a, 0xb, 0x0, 0x0, 0x0, 0x8000000000000002}, 0x0, 0xffffffdfffffffff, 0xffffffffffffffff, 0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), r2)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01032757c38d085641a7260000000c000180080001"], 0x20}, 0x1, 0x0, 0x0, 0x20040005}, 0x8840)

953.953723ms ago: executing program 0 (id=1546):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0xfffd, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000005c0)=@newqdisc={0x44, 0x24, 0xd0f, 0x70bd2c, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffe0, 0xa}, {0x1, 0xe}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x14, 0x2, [@TCA_CODEL_INTERVAL={0x8, 0x3, 0x9}, @TCA_CODEL_TARGET={0x8, 0x1, 0x2}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x55}, 0xc010)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430d"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0x2f9, 0x543, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe100004000632177fb7f0200017f020001be3e7d2a182fff", 0x0, 0x3e8, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28)
r5 = syz_open_dev$loop(&(0x7f0000000300), 0xe18fa05, 0x80)
ioctl$LOOP_SET_CAPACITY(r5, 0x4c07)
getrandom(&(0x7f0000000600)=""/274, 0xffffff4f, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e21, @local}], 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r8}, 0x10)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380), 0x84d03, 0x0)

953.088203ms ago: executing program 3 (id=1547):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1, 0x8, 0x10001, 0x9, 0x1}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x10)

884.145589ms ago: executing program 3 (id=1548):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r2, 0x560a, &(0x7f0000000240)={0x19, 0x3d24, 0x1575, 0x0, 0x0, 0xfffe})

857.789921ms ago: executing program 1 (id=1549):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc9ffe}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffff7ffffffd]}, 0x0, 0x8)
r2 = gettid()
tkill(r2, 0x12)
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff8]}, 0x0, 0x0, 0x8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kfree\x00', r3}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x80, 0x1)
r4 = perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x67a, 0x1, 0xfffffffe, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
syz_open_procfs(0x0, &(0x7f00000005c0)='smaps_rollup\x00')

781.027167ms ago: executing program 4 (id=1550):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$key(0xf, 0x3, 0x2)
connect(r2, &(0x7f00000000c0)=@ieee802154={0x24, @short={0x2, 0xffff, 0xaaa1}}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)={0x114, 0x28, 0x1, 0x4, 0x25dfdbf8, "", [@nested={0x103, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2d}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be", @typed={0x4, 0xe9}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

771.237268ms ago: executing program 1 (id=1551):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000f1ffff070000000000000000f0057fdf0000000000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x10, 0x7fff0000}]})
name_to_handle_at(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0x2}, {0xffff, 0xffff}, {0x7}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x18, 0x1e, &(0x7f0000000600)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0xa5}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@map_idx_val={0x18, 0x5, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0xc00000}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='syzkaller\x00', 0x5, 0xc3, &(0x7f0000000700)=""/195, 0x41000, 0x19, '\x00', r4, 0x0, r2, 0x8, &(0x7f0000000100)={0x8, 0x5}, 0x8, 0x10, &(0x7f0000000280)={0x1, 0x6, 0x8}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000300)=[r0, r0, r2, r2], &(0x7f0000000340)=[{0x4, 0x2, 0xb, 0x3}], 0x10, 0x6}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x73, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000580), r3)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r5, &(0x7f0000000980)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000940)={&(0x7f00000008c0)={0x1c, r8, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000001}, 0x4040880)
mmap$xdp(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x20010, r3, 0x80000000)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x1}, 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r10}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x6, 0x4, 0x8000, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffe}, 0x48)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000040)={r9}, 0xc)
unshare(0x6020400)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r11=>0xffffffffffffffff})
r12 = socket$kcm(0x29, 0x5, 0x0)
r13 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x533201, 0x80)
ioctl$sock_kcm_SIOCKCMATTACH(r12, 0x89e0, &(0x7f0000000140)={r11, r13})
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[], 0x40}}, 0x0)

690.598604ms ago: executing program 3 (id=1552):
r0 = open(&(0x7f0000000400)='./file0\x00', 0x64842, 0x2)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x143a82, 0x8)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000010000008500000086000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
r4 = dup(r1)
sendfile(r4, r0, 0x0, 0x8000fffffffc)

497.72688ms ago: executing program 4 (id=1553):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES8=r0, @ANYRES32=r0], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x80000008, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
keyctl$session_to_parent(0x12)
execve(0x0, 0x0, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="020906894d069ca55a64174cec0568020900000000000800dbdf2553ea1c34dc39bdae574d0200ee0ce448de5f6d725a5e5b2b716523ad2ac288473ad2ccd0cb7a8ea16ab2a146804f2ef45624978eb25e9203d03c0d5e5fed0a077b7d2a925e749ebaae11eadade78f43a8726451e384d31adf6"], 0x10}}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getsockopt$MISDN_TIME_STAMP(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000080), &(0x7f0000000140)=0x4)
socket$inet_sctp(0x2, 0x1, 0x84)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010100, 0x4e20, 0x3, 'lc\x00', 0x8, 0x323b, 0x55}, {@private=0xa010102, 0x4e23, 0x2000, 0x1000000, 0x12d5c, 0x12d5c}}, 0x44)

431.961785ms ago: executing program 4 (id=1554):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={0x0, r0}, 0x18)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYRESHEX=r0], 0x0, 0xfffffffe, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r3}, 0x18)
fcntl$F_GET_RW_HINT(r2, 0x40b, &(0x7f0000000280))
r4 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x80800, 0x8)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r4, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
pipe2$watch_queue(&(0x7f00000002c0), 0x80)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r5)
symlink(0x0, &(0x7f00000017c0)='./file0\x00')
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r8}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="796100000000000000007e3f7aeb5b7765ededf57eb41f46209ca0d32b64499c1ba6b3a2e399d9aa0e3838"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x24004044)
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$bt_BT_FLUSHABLE(r9, 0x112, 0x8, 0x0, 0x0)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r10, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0xffffffffffffff56, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x15, 0x200000000000023c, &(0x7f0000000c00)=ANY=[@ANYRESHEX=r1, @ANYBLOB="2701241299d9127c6ab52331623b9a05fe39cb70d617cb4841ae49e74a36486f518c02be88edb3e3d93af8c081b40076042a51b3bca82d8258cdd59291852d6bced199bceee375dceb01eeb065867b3a09a83821b771b5440c6de5cd807e324f39852a1c998e9ce100a9403e516f7a59e0cfaa6627fbd9d481216f597c19ff999c3d913f3781433ea0fa9fd00000000000c8ca939ffe57a559e41953f94735ed7302cd7947baaf83bd775872fdb1d2c04785d472de358150d3a97d69e93af820c8df8c263b20736d62c36fcff112caf0eb27ce48652153871de6705701baf9d7a6ac16f7a15f918f0a141b1a20cf909c9de963b2e30fa74c9f99726bef7ea3a5e6b22ee54b82d6eee1c7b70a72c7276b6178a9453d4206a41c216fb24b9feaaafc4219db9d241877d24241c3a844b312b284e0ca053f6271fd8257cfb711b0c57a653eca61218f", @ANYRES32], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r11}, 0x10)
r12 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r13 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r13, &(0x7f0000004200)='t', 0x1)
sendfile(r13, r12, 0x0, 0x3ffff)
sendfile(r13, r12, 0x0, 0x7ffff000)

430.574475ms ago: executing program 1 (id=1555):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000580)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
request_key(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={'syz', 0x3}, 0x0, r2)

415.531306ms ago: executing program 1 (id=1556):
r0 = socket$isdn_base(0x22, 0x3, 0x0)
r1 = fspick(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x1)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r3 = accept(0xffffffffffffffff, 0x0, &(0x7f00000000c0))
poll(&(0x7f0000000180)=[{0xffffffffffffffff, 0x500}, {r0, 0xa000}, {r1}, {r2, 0x86}, {r3, 0x5001}, {0xffffffffffffffff, 0x9004}, {0xffffffffffffffff, 0x105}, {0xffffffffffffffff, 0x8d78}], 0x8, 0x8001)

274.223988ms ago: executing program 2 (id=1557):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd2d, 0x20000000, {0x0, 0x0, 0x0, 0x0, {0x5, 0x2}, {}, {0x5, 0xffe0}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_CLASSID={0x8, 0x1, {0x0, 0x1}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8005}, 0x4008810)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000500)={&(0x7f0000000b00)={0xc4, 0x0, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x4000}, 0xc800)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[], 0xb0}}, 0x74800)
r1 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
r2 = add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x1}, &(0x7f00000003c0)="ae", 0x1, r1)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000000)=@keyring={'key_or_keyring:', r2})
keyctl$link(0x8, r2, r1)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='rdma.current\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000000c0)=ANY=[], 0x118)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)

81.660123ms ago: executing program 3 (id=1558):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x8cffffff)
fcntl$setlease(r0, 0x400, 0x2)
socket$nl_route(0x10, 0x3, 0x0)

0s ago: executing program 3 (id=1559):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="7a0af8ff75257075bfa100000000000007010000f9ffffffb702000005000000bf130000000000008500000071000000b7000000000000009500000000000000b2595285faa6ead0169191d54f8196217fc560e2fc91f6da4dad4fdc2eb1b257183fa3bcd48666d1ddd73f3047d248df061222193165274bc7f2382f6cda4bfdd45be583823c0f09601f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000000db453620ce7243d1aebd00000000000000005839c77edf2d34b12cd48a0c20fb7dd843267e0331759f4ec6b5b0af58e604f4942eb613eff289026d5045ef76d7d864409eb2dcc718a09f4886afc26abba34635d0e8b54bc76be40d435aa8b5202db761014b1b999a12df6bee431a666100"/296], &(0x7f0000000100)='GPL\x00'}, 0x48)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4)
timer_create(0x6, &(0x7f00000000c0)={0x0, 0x29, 0x2, @thr={&(0x7f00000001c0)="3c98fc041714c7dc24e5d66e11ab15b855cd78fe46eb0dfd34413edb6b21a4fefce03ac27b1b589844cf651cf95c5684ead31080d6f96c6a5c9933b074a58447bfc6ac10840091a773c7083c428fd8f0dab1da6f5d94ff7749cdbb0af06950f03415ed09fcbd521dd6a6a7a4d8dc50b24c25ed0c4c49fada4a80dfb5ff161129b9d623fba40c3904362d998180a528f42e3354adf86635ab3268b5c1354205f51d6b5c13544bae5d669daf64fdcfd8f32816c028a08aec0f46a12928192007287329ca611542dd87bc54329928bcbd", &(0x7f0000000580)="1baa513a3303e8a49b36068352f770eee00b6aea92967bb287fbc6d4124c3d763359780c05b50dc4d9711c783f327867cc59a04ed6ceec63c0facfb0c38522654e60e8f8489bca9a81f8ff046ba09962ef0a2e58444d2bbde3288aceb5ec004602d74f6b1be108b6f17b271390b62b7ec0fce0c7f12bf95c3c517bccc02dee21738337e3788ef4149830d00dfae8309986eb7fd5f078a3d7af0379c8728b18eb11f987718898fb222ff1bef2a48ca1"}}, &(0x7f00000002c0)=<r2=>0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800e00010069703665727370616e000000140002800600020030000000080004000009"], 0x48}}, 0x0)
clock_gettime(0x0, &(0x7f0000000380)={<r4=>0x0, <r5=>0x0})
timer_settime(r2, 0x0, &(0x7f00000003c0)={{}, {r4, r5+10000000}}, &(0x7f0000000540))
sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x12a6, &(0x7f0000001340)=[{&(0x7f0000000040)="2e00000011008188040f46ecdb4cb9cca7480ef42b000081e3bd6efb010511000b0003000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x0)

kernel console output (not intermixed with test programs):

 ? __alloc_skb+0x101/0x320
[   95.351425][ T6224]  __alloc_skb+0x101/0x320
[   95.351548][ T6224]  netlink_alloc_large_skb+0xba/0xf0
[   95.351640][ T6224]  netlink_sendmsg+0x3cf/0x6b0
[   95.351663][ T6224]  ? __pfx_netlink_sendmsg+0x10/0x10
[   95.351684][ T6224]  __sock_sendmsg+0x145/0x180
[   95.351711][ T6224]  ____sys_sendmsg+0x31e/0x4e0
[   95.351732][ T6224]  ___sys_sendmsg+0x17b/0x1d0
[   95.351891][ T6224]  __x64_sys_sendmsg+0xd4/0x160
[   95.351910][ T6224]  x64_sys_call+0x191e/0x2ff0
[   95.351927][ T6224]  do_syscall_64+0xd2/0x200
[   95.351949][ T6224]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   95.352004][ T6224]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   95.352025][ T6224]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.352042][ T6224] RIP: 0033:0x7fcba253ebe9
[   95.352095][ T6224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.352142][ T6224] RSP: 002b:00007fcba0f9f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   95.352160][ T6224] RAX: ffffffffffffffda RBX: 00007fcba2765fa0 RCX: 00007fcba253ebe9
[   95.352171][ T6224] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004
[   95.352183][ T6224] RBP: 00007fcba0f9f090 R08: 0000000000000000 R09: 0000000000000000
[   95.352196][ T6224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.352209][ T6224] R13: 00007fcba2766038 R14: 00007fcba2765fa0 R15: 00007ffe33f98ba8
[   95.352229][ T6224]  </TASK>
[   95.597762][ T6230] netlink: 4 bytes leftover after parsing attributes in process `syz.0.922'.
[   95.696313][ T6235] FAULT_INJECTION: forcing a failure.
[   95.696313][ T6235] name failslab, interval 1, probability 0, space 0, times 0
[   95.709149][ T6235] CPU: 0 UID: 0 PID: 6235 Comm: syz.0.924 Not tainted 6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[   95.709177][ T6235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   95.709190][ T6235] Call Trace:
[   95.709196][ T6235]  <TASK>
[   95.709204][ T6235]  __dump_stack+0x1d/0x30
[   95.709225][ T6235]  dump_stack_lvl+0xe8/0x140
[   95.709245][ T6235]  dump_stack+0x15/0x1b
[   95.709262][ T6235]  should_fail_ex+0x265/0x280
[   95.709288][ T6235]  should_failslab+0x8c/0xb0
[   95.709313][ T6235]  kmem_cache_alloc_node_noprof+0x57/0x320
[   95.709339][ T6235]  ? __alloc_skb+0x101/0x320
[   95.709435][ T6235]  __alloc_skb+0x101/0x320
[   95.709460][ T6235]  alloc_skb_with_frags+0x7d/0x470
[   95.709515][ T6235]  ? selinux_file_open+0x2df/0x330
[   95.709537][ T6235]  ? should_fail_ex+0xdb/0x280
[   95.709556][ T6235]  sock_alloc_send_pskb+0x43a/0x4f0
[   95.709583][ T6235]  tun_get_user+0x9b3/0x2680
[   95.709614][ T6235]  ? ref_tracker_alloc+0x1f2/0x2f0
[   95.709666][ T6235]  ? selinux_file_permission+0x1e4/0x320
[   95.709688][ T6235]  tun_chr_write_iter+0x15e/0x210
[   95.709717][ T6235]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   95.709743][ T6235]  vfs_write+0x527/0x960
[   95.709847][ T6235]  ksys_write+0xda/0x1a0
[   95.709866][ T6235]  __x64_sys_write+0x40/0x50
[   95.709888][ T6235]  x64_sys_call+0x27fe/0x2ff0
[   95.709910][ T6235]  do_syscall_64+0xd2/0x200
[   95.709949][ T6235]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   95.710030][ T6235]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   95.710114][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.710137][ T6235] RIP: 0033:0x7fdcf1dcebe9
[   95.710151][ T6235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.710223][ T6235] RSP: 002b:00007fdcf082f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   95.710243][ T6235] RAX: ffffffffffffffda RBX: 00007fdcf1ff5fa0 RCX: 00007fdcf1dcebe9
[   95.710257][ T6235] RDX: 000000000000fdef RSI: 0000200000000140 RDI: 0000000000000004
[   95.710268][ T6235] RBP: 00007fdcf082f090 R08: 0000000000000000 R09: 0000000000000000
[   95.710278][ T6235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.710289][ T6235] R13: 00007fdcf1ff6038 R14: 00007fdcf1ff5fa0 R15: 00007ffe82a93778
[   95.710303][ T6235]  </TASK>
[   95.968995][ T6238] loop3: detected capacity change from 0 to 512
[   95.993618][ T6246] FAULT_INJECTION: forcing a failure.
[   95.993618][ T6246] name failslab, interval 1, probability 0, space 0, times 0
[   95.994880][ T6238] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.006296][ T6246] CPU: 1 UID: 0 PID: 6246 Comm: syz.1.929 Not tainted 6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[   96.006331][ T6246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   96.006343][ T6246] Call Trace:
[   96.006348][ T6246]  <TASK>
[   96.006356][ T6246]  __dump_stack+0x1d/0x30
[   96.006389][ T6246]  dump_stack_lvl+0xe8/0x140
[   96.006474][ T6246]  dump_stack+0x15/0x1b
[   96.006489][ T6246]  should_fail_ex+0x265/0x280
[   96.006510][ T6246]  should_failslab+0x8c/0xb0
[   96.006533][ T6246]  kmem_cache_alloc_node_noprof+0x57/0x320
[   96.006606][ T6246]  ? alloc_vmap_area+0x231/0xe50
[   96.006633][ T6246]  alloc_vmap_area+0x231/0xe50
[   96.006661][ T6246]  ? should_failslab+0x8c/0xb0
[   96.006747][ T6246]  ? __kmalloc_cache_node_noprof+0x18a/0x320
[   96.006779][ T6246]  __get_vm_area_node+0x173/0x1d0
[   96.006808][ T6246]  __vmalloc_node_range_noprof+0x273/0xe00
[   96.006838][ T6246]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[   96.006877][ T6246]  ? avc_has_perm_noaudit+0x1b1/0x200
[   96.006903][ T6246]  ? cred_has_capability+0x210/0x280
[   96.006964][ T6246]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[   96.006989][ T6246]  __vmalloc_noprof+0x83/0xc0
[   96.007078][ T6246]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[   96.007108][ T6246]  bpf_prog_alloc_no_stats+0x47/0x3a0
[   96.007132][ T6246]  ? bpf_prog_alloc+0x2a/0x150
[   96.007156][ T6246]  bpf_prog_alloc+0x3c/0x150
[   96.007183][ T6246]  bpf_prog_load+0x514/0x1070
[   96.007215][ T6246]  ? security_bpf+0x2b/0x90
[   96.007301][ T6246]  __sys_bpf+0x462/0x7b0
[   96.007330][ T6246]  __x64_sys_bpf+0x41/0x50
[   96.007367][ T6246]  x64_sys_call+0x2aea/0x2ff0
[   96.007441][ T6246]  do_syscall_64+0xd2/0x200
[   96.007465][ T6246]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   96.007489][ T6246]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   96.007512][ T6246]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.007559][ T6246] RIP: 0033:0x7ff8333febe9
[   96.007575][ T6246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.007592][ T6246] RSP: 002b:00007ff831e67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   96.007610][ T6246] RAX: ffffffffffffffda RBX: 00007ff833625fa0 RCX: 00007ff8333febe9
[   96.007623][ T6246] RDX: 0000000000000094 RSI: 00002000000000c0 RDI: 0000000000000005
[   96.007635][ T6246] RBP: 00007ff831e67090 R08: 0000000000000000 R09: 0000000000000000
[   96.007697][ T6246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.007708][ T6246] R13: 00007ff833626038 R14: 00007ff833625fa0 R15: 00007fffa1a7ee18
[   96.007781][ T6246]  </TASK>
[   96.007790][ T6246] syz.1.929: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null)
[   96.018980][ T6238] ext4 filesystem being mounted at /182/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.031204][ T6246] ,cpuset=/,mems_allowed=0
[   96.200640][ T6259] FAULT_INJECTION: forcing a failure.
[   96.200640][ T6259] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   96.203296][ T6246] CPU: 1 UID: 0 PID: 6246 Comm: syz.1.929 Not tainted 6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[   96.203321][ T6246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   96.203332][ T6246] Call Trace:
[   96.203339][ T6246]  <TASK>
[   96.203347][ T6246]  __dump_stack+0x1d/0x30
[   96.203369][ T6246]  dump_stack_lvl+0xe8/0x140
[   96.203456][ T6246]  dump_stack+0x15/0x1b
[   96.203499][ T6246]  warn_alloc+0x12b/0x1a0
[   96.203532][ T6246]  __vmalloc_node_range_noprof+0x297/0xe00
[   96.203565][ T6246]  ? avc_has_perm_noaudit+0x1b1/0x200
[   96.203591][ T6246]  ? cred_has_capability+0x210/0x280
[   96.203614][ T6246]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[   96.203640][ T6246]  __vmalloc_noprof+0x83/0xc0
[   96.203706][ T6246]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[   96.203744][ T6246]  bpf_prog_alloc_no_stats+0x47/0x3a0
[   96.203860][ T6246]  ? bpf_prog_alloc+0x2a/0x150
[   96.203932][ T6246]  bpf_prog_alloc+0x3c/0x150
[   96.203956][ T6246]  bpf_prog_load+0x514/0x1070
[   96.204057][ T6246]  ? security_bpf+0x2b/0x90
[   96.204087][ T6246]  __sys_bpf+0x462/0x7b0
[   96.204128][ T6246]  __x64_sys_bpf+0x41/0x50
[   96.204151][ T6246]  x64_sys_call+0x2aea/0x2ff0
[   96.204171][ T6246]  do_syscall_64+0xd2/0x200
[   96.204212][ T6246]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   96.204235][ T6246]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   96.204258][ T6246]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.204303][ T6246] RIP: 0033:0x7ff8333febe9
[   96.204318][ T6246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.204335][ T6246] RSP: 002b:00007ff831e67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   96.204382][ T6246] RAX: ffffffffffffffda RBX: 00007ff833625fa0 RCX: 00007ff8333febe9
[   96.204395][ T6246] RDX: 0000000000000094 RSI: 00002000000000c0 RDI: 0000000000000005
[   96.204442][ T6246] RBP: 00007ff831e67090 R08: 0000000000000000 R09: 0000000000000000
[   96.204455][ T6246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.204467][ T6246] R13: 00007ff833626038 R14: 00007ff833625fa0 R15: 00007fffa1a7ee18
[   96.204485][ T6246]  </TASK>
[   96.204504][ T6246] Mem-Info:
[   96.223016][ T6259] CPU: 0 UID: 0 PID: 6259 Comm: syz.2.934 Not tainted 6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[   96.223045][ T6259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   96.223057][ T6259] Call Trace:
[   96.223179][ T6259]  <TASK>
[   96.223187][ T6259]  __dump_stack+0x1d/0x30
[   96.223208][ T6259]  dump_stack_lvl+0xe8/0x140
[   96.223256][ T6259]  dump_stack+0x15/0x1b
[   96.223271][ T6259]  should_fail_ex+0x265/0x280
[   96.223292][ T6259]  should_fail+0xb/0x20
[   96.223308][ T6259]  should_fail_usercopy+0x1a/0x20
[   96.223329][ T6259]  _copy_to_user+0x20/0xa0
[   96.223399][ T6259]  simple_read_from_buffer+0xb5/0x130
[   96.223421][ T6259]  proc_fail_nth_read+0x10e/0x150
[   96.223520][ T6259]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   96.223616][ T6259]  vfs_read+0x1a5/0x770
[   96.223635][ T6259]  ? __rcu_read_unlock+0x4f/0x70
[   96.223656][ T6259]  ? __fget_files+0x184/0x1c0
[   96.223691][ T6259]  ksys_read+0xda/0x1a0
[   96.223734][ T6259]  __x64_sys_read+0x40/0x50
[   96.223823][ T6259]  x64_sys_call+0x27bc/0x2ff0
[   96.223843][ T6259]  do_syscall_64+0xd2/0x200
[   96.223868][ T6259]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   96.223890][ T6259]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   96.223931][ T6259]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.223951][ T6259] RIP: 0033:0x7fcba253d5fc
[   96.223965][ T6259] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   96.223998][ T6259] RSP: 002b:00007fcba0f9f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   96.224017][ T6259] RAX: ffffffffffffffda RBX: 00007fcba2765fa0 RCX: 00007fcba253d5fc
[   96.224030][ T6259] RDX: 000000000000000f RSI: 00007fcba0f9f0a0 RDI: 0000000000000004
[   96.224041][ T6259] RBP: 00007fcba0f9f090 R08: 0000000000000000 R09: 0000000000000000
[   96.224053][ T6259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.224065][ T6259] R13: 00007fcba2766038 R14: 00007fcba2765fa0 R15: 00007ffe33f98ba8
[   96.224113][ T6259]  </TASK>
[   96.262052][ T6262] loop2: detected capacity change from 0 to 128
[   96.263521][ T6246] active_anon:3832 inactive_anon:0 isolated_anon:0
[   96.263521][ T6246]  active_file:19826 inactive_file:2221 isolated_file:0
[   96.263521][ T6246]  unevictable:1027 dirty:355 writeback:0
[   96.263521][ T6246]  slab_reclaimable:3246 slab_unreclaimable:43493
[   96.263521][ T6246]  mapped:30200 shmem:236 pagetables:1098
[   96.263521][ T6246]  sec_pagetables:0 bounce:0
[   96.263521][ T6246]  kernel_misc_reclaimable:0
[   96.263521][ T6246]  free:1856750 free_pcp:14048 free_cma:0
[   96.275103][ T6262] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   96.288438][ T6246] Node 0 active_anon:15328kB inactive_anon:0kB active_file:79304kB inactive_file:8884kB unevictable:4108kB isolated(anon):0kB isolated(file):0kB mapped:120800kB dirty:1420kB writeback:0kB shmem:944kB kernel_stack:3280kB pagetables:4392kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   96.299037][ T6262] FAT-fs (loop2): Filesystem has been set read-only
[   96.303317][ T6246] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   96.317448][ T6262] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   96.328880][ T6246] lowmem_reserve[]:
[   96.339209][ T6262] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   96.342481][ T6246]  0 2883 7862 7862
[   96.342507][ T6246] Node 0 DMA32 free:2949212kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952844kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:3532kB free_cma:0kB
[   96.909293][ T6246] lowmem_reserve[]: 0 0 4978 4978
[   96.914533][ T6246] Node 0 Normal free:4462428kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:15428kB inactive_anon:0kB active_file:79308kB inactive_file:9004kB unevictable:4140kB writepending:1372kB present:5242880kB managed:5098240kB mlocked:4140kB bounce:0kB free_pcp:52584kB local_pcp:25272kB free_cma:0kB
[   96.947377][ T6246] lowmem_reserve[]: 0 0 0 0
[   96.951967][ T6246] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   96.964964][ T6246] Node 0 DMA32: 3*4kB (M) 2*8kB (M) 2*16kB (M) 3*32kB (M) 3*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949212kB
[   96.981325][ T6246] Node 0 Normal: 233*4kB (UME) 220*8kB (UME) 92*16kB (UME) 225*32kB (UME) 164*64kB (UME) 119*128kB (UME) 88*256kB (UM) 32*512kB (UME) 34*1024kB (UME) 26*2048kB (UME) 1049*4096kB (UM) = 4460772kB
[   97.001034][ T6246] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   97.010419][ T6246] 22326 total pagecache pages
[   97.015113][ T6246] 0 pages in swap cache
[   97.019316][ T6246] Free swap  = 124996kB
[   97.023530][ T6246] Total swap = 124996kB
[   97.024999][ T6267] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[   97.027672][ T6246] 2097051 pages RAM
[   97.027680][ T6246] 0 pages HighMem/MovableOnly
[   97.043807][ T6246] 80440 pages reserved
[   97.063538][ T6269] loop4: detected capacity change from 0 to 128
[   97.071321][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.143611][ T6276] random: crng reseeded on system resumption
[   97.148534][ T6279] loop3: detected capacity change from 0 to 512
[   97.193214][ T6280] bio_check_eod: 208498 callbacks suppressed
[   97.193231][ T6280] syz.4.938: attempt to access beyond end of device
[   97.193231][ T6280] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[   97.216352][ T6280] syz.4.938: attempt to access beyond end of device
[   97.216352][ T6280] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[   97.233114][ T6280] syz.4.938: attempt to access beyond end of device
[   97.233114][ T6280] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[   97.247171][ T6280] syz.4.938: attempt to access beyond end of device
[   97.247171][ T6280] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[   97.274496][ T6280] syz.4.938: attempt to access beyond end of device
[   97.274496][ T6280] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[   97.294407][ T6280] syz.4.938: attempt to access beyond end of device
[   97.294407][ T6280] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[   97.307685][ T6280] syz.4.938: attempt to access beyond end of device
[   97.307685][ T6280] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[   97.331328][ T6280] syz.4.938: attempt to access beyond end of device
[   97.331328][ T6280] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[   97.404993][ T6280] syz.4.938: attempt to access beyond end of device
[   97.404993][ T6280] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[   97.431327][ T6280] syz.4.938: attempt to access beyond end of device
[   97.431327][ T6280] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[   97.651470][ T6279] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[   97.660147][ T6279] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.942: invalid indirect mapped block 2683928664 (level 1)
[   97.696227][ T6279] EXT4-fs (loop3): Remounting filesystem read-only
[   97.718081][ T6279] EXT4-fs (loop3): 1 truncate cleaned up
[   97.735120][ T6279] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.843679][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.885118][ T6295] netlink: 4 bytes leftover after parsing attributes in process `syz.3.946'.
[   97.906930][ T6290] lo speed is unknown, defaulting to 1000
[   97.962670][ T6302] netlink: 44 bytes leftover after parsing attributes in process `syz.0.948'.
[   97.971773][ T6302] netlink: 84 bytes leftover after parsing attributes in process `syz.0.948'.
[   98.085563][ T6306] netlink: 12 bytes leftover after parsing attributes in process `syz.1.950'.
[   98.106987][ T6308] loop3: detected capacity change from 0 to 128
[   98.140148][ T6310] lo speed is unknown, defaulting to 1000
[   98.166678][ T6310] siw: device registration error -23
[   98.179297][ T6308] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   98.179385][ T6308] FAT-fs (loop3): Filesystem has been set read-only
[   98.179442][ T6308] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   98.179457][ T6308] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   98.220591][ T6325] buffer_io_error: 192734 callbacks suppressed
[   98.220606][ T6325] Buffer I/O error on dev loop3, logical block 2065, async page read
[   98.222180][ T6317] netlink: 48 bytes leftover after parsing attributes in process `syz.4.952'.
[   98.226861][ T6325] Buffer I/O error on dev loop3, logical block 2066, async page read
[   98.254251][ T6325] Buffer I/O error on dev loop3, logical block 2067, async page read
[   98.262992][ T6325] Buffer I/O error on dev loop3, logical block 2068, async page read
[   98.271314][ T6325] Buffer I/O error on dev loop3, logical block 2069, async page read
[   98.279576][ T6325] Buffer I/O error on dev loop3, logical block 2070, async page read
[   98.293888][ T6325] Buffer I/O error on dev loop3, logical block 2071, async page read
[   98.293911][ T6325] Buffer I/O error on dev loop3, logical block 2072, async page read
[   98.293967][ T6325] Buffer I/O error on dev loop3, logical block 2065, async page read
[   98.294054][ T6325] Buffer I/O error on dev loop3, logical block 2066, async page read
[   98.347729][ T6331] loop4: detected capacity change from 0 to 512
[   98.349611][ T6331] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[   98.349760][ T6331] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.956: invalid indirect mapped block 2683928664 (level 1)
[   98.349914][ T6331] EXT4-fs (loop4): Remounting filesystem read-only
[   98.349995][ T6331] EXT4-fs (loop4): 1 truncate cleaned up
[   98.455750][ T6331] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.634062][   T29] kauditd_printk_skb: 515 callbacks suppressed
[   98.634074][   T29] audit: type=1326 audit(1755297420.148:7195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz.2.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcba253ebe9 code=0x7ffc0000
[   98.634166][   T29] audit: type=1326 audit(1755297420.148:7196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz.2.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcba253ebe9 code=0x7ffc0000
[   98.634366][   T29] audit: type=1326 audit(1755297420.148:7197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz.2.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fcba253ebe9 code=0x7ffc0000
[   98.634445][   T29] audit: type=1326 audit(1755297420.148:7198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz.2.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcba253ebe9 code=0x7ffc0000
[   98.634570][   T29] audit: type=1326 audit(1755297420.148:7199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz.2.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcba253ebe9 code=0x7ffc0000
[   98.634761][   T29] audit: type=1326 audit(1755297420.148:7200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz.2.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcba253ebe9 code=0x7ffc0000
[   98.634876][   T29] audit: type=1326 audit(1755297420.148:7201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz.2.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcba253ebe9 code=0x7ffc0000
[   98.635134][   T29] audit: type=1326 audit(1755297420.148:7202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz.2.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcba253ebe9 code=0x7ffc0000
[   98.635192][   T29] audit: type=1326 audit(1755297420.148:7203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz.2.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcba253ebe9 code=0x7ffc0000
[   98.642228][   T29] audit: type=1326 audit(1755297420.148:7204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz.2.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcba253ebe9 code=0x7ffc0000
[   98.745397][ T6345] FAULT_INJECTION: forcing a failure.
[   98.745397][ T6345] name failslab, interval 1, probability 0, space 0, times 0
[   98.745425][ T6345] CPU: 0 UID: 0 PID: 6345 Comm: syz.2.961 Not tainted 6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[   98.745453][ T6345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   98.745479][ T6345] Call Trace:
[   98.745487][ T6345]  <TASK>
[   98.745570][ T6345]  __dump_stack+0x1d/0x30
[   98.745596][ T6345]  dump_stack_lvl+0xe8/0x140
[   98.745615][ T6345]  dump_stack+0x15/0x1b
[   98.745630][ T6345]  should_fail_ex+0x265/0x280
[   98.745647][ T6345]  should_failslab+0x8c/0xb0
[   98.745682][ T6345]  __kvmalloc_node_noprof+0x123/0x4e0
[   98.745711][ T6345]  ? io_sqe_buffers_register+0xc2/0x530
[   98.745777][ T6345]  io_sqe_buffers_register+0xc2/0x530
[   98.745843][ T6345]  ? __fget_files+0x184/0x1c0
[   98.745886][ T6345]  __se_sys_io_uring_register+0xa9f/0xeb0
[   98.745908][ T6345]  ? fput+0x8f/0xc0
[   98.745933][ T6345]  ? ksys_write+0x192/0x1a0
[   98.745951][ T6345]  __x64_sys_io_uring_register+0x55/0x70
[   98.746010][ T6345]  x64_sys_call+0x18a3/0x2ff0
[   98.746031][ T6345]  do_syscall_64+0xd2/0x200
[   98.746090][ T6345]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   98.746109][ T6345]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   98.746129][ T6345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.746148][ T6345] RIP: 0033:0x7fcba253ebe9
[   98.746160][ T6345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.746175][ T6345] RSP: 002b:00007fcba0f9f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[   98.746241][ T6345] RAX: ffffffffffffffda RBX: 00007fcba2765fa0 RCX: 00007fcba253ebe9
[   98.746253][ T6345] RDX: 00002000000002c0 RSI: 0000000000000000 RDI: 0000000000000006
[   98.746266][ T6345] RBP: 00007fcba0f9f090 R08: 0000000000000000 R09: 0000000000000000
[   98.746280][ T6345] R10: 100000000000011a R11: 0000000000000246 R12: 0000000000000001
[   98.746293][ T6345] R13: 00007fcba2766038 R14: 00007fcba2765fa0 R15: 00007ffe33f98ba8
[   98.746312][ T6345]  </TASK>
[   98.827209][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.985115][ T6354] netlink: 48 bytes leftover after parsing attributes in process `syz.0.965'.
[   99.021537][ T6365] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[   99.104476][ T6368] random: crng reseeded on system resumption
[   99.324231][ T6348] capability: warning: `syz.4.962' uses deprecated v2 capabilities in a way that may be insecure
[   99.662081][ T6390] loop4: detected capacity change from 0 to 128
[  100.683544][ T6420] netlink: 108 bytes leftover after parsing attributes in process `syz.0.979'.
[  100.692755][ T6420] netlink: 108 bytes leftover after parsing attributes in process `syz.0.979'.
[  100.701713][ T6420] netlink: 108 bytes leftover after parsing attributes in process `syz.0.979'.
[  100.855575][ T6423] netlink: 4 bytes leftover after parsing attributes in process `syz.4.982'.
[  101.169097][ T6435] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  101.316430][ T6442] lo speed is unknown, defaulting to 1000
[  101.402747][ T6439] random: crng reseeded on system resumption
[  101.994133][ T6451] team0: Port device geneve1 removed
[  102.164641][ T6460] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  102.333616][ T6466] random: crng reseeded on system resumption
[  102.518959][ T6477] lo speed is unknown, defaulting to 1000
[  102.555938][ T6477] siw: device registration error -23
[  103.028738][ T6497] __nla_validate_parse: 5 callbacks suppressed
[  103.028753][ T6497] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1007'.
[  103.118462][ T6509] loop2: detected capacity change from 0 to 128
[  103.118728][ T6510] loop4: detected capacity change from 0 to 128
[  103.139184][ T6510] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  103.155404][ T6510] ext4 filesystem being mounted at /193/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  103.221419][ T3307] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  103.250235][ T6522] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1014'.
[  103.259529][ T6522] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1014'.
[  103.268491][ T6522] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1014'.
[  103.330651][ T6536] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1022'.
[  103.360571][ T6534] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  103.446319][ T6546] random: crng reseeded on system resumption
[  103.522748][ T6555] sctp: [Deprecated]: +}[@ (pid 6555) Use of struct sctp_assoc_value in delayed_ack socket option.
[  103.522748][ T6555] Use struct sctp_sack_info instead
[  103.615273][ T6568] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1036'.
[  103.644317][   T29] kauditd_printk_skb: 370 callbacks suppressed
[  103.644332][   T29] audit: type=1326 audit(1755297425.158:7575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6565 comm="syz.2.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fcba253ebe9 code=0x7ffc0000
[  103.684176][ T6566] loop2: detected capacity change from 0 to 128
[  103.703621][ T6566] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  103.711480][ T6566] FAT-fs (loop2): Filesystem has been set read-only
[  103.736442][   T29] audit: type=1326 audit(1755297425.188:7576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6565 comm="syz.2.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fcba253ec23 code=0x7ffc0000
[  103.759802][   T29] audit: type=1326 audit(1755297425.188:7577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6565 comm="syz.2.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fcba253d69f code=0x7ffc0000
[  103.760012][ T6566] bio_check_eod: 76603 callbacks suppressed
[  103.760024][ T6566] syz.2.1035: attempt to access beyond end of device
[  103.760024][ T6566] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  103.783127][   T29] audit: type=1326 audit(1755297425.188:7578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6565 comm="syz.2.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fcba253ec77 code=0x7ffc0000
[  103.826184][   T29] audit: type=1326 audit(1755297425.198:7579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6565 comm="syz.2.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcba253d550 code=0x7ffc0000
[  103.840708][ T6566] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  103.849601][   T29] audit: type=1326 audit(1755297425.198:7580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6565 comm="syz.2.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcba253e7eb code=0x7ffc0000
[  103.857408][ T6566] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  103.880692][   T29] audit: type=1326 audit(1755297425.208:7581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6565 comm="syz.2.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fcba253d84a code=0x7ffc0000
[  103.911869][   T29] audit: type=1326 audit(1755297425.208:7582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6565 comm="syz.2.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fcba253d84a code=0x7ffc0000
[  103.935183][   T29] audit: type=1326 audit(1755297425.208:7583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6565 comm="syz.2.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fcba253d457 code=0x7ffc0000
[  103.935287][ T6566] syz.2.1035: attempt to access beyond end of device
[  103.935287][ T6566] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  103.958755][   T29] audit: type=1326 audit(1755297425.208:7584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6565 comm="syz.2.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fcba254038a code=0x7ffc0000
[  104.023186][ T6566] syz.2.1035: attempt to access beyond end of device
[  104.023186][ T6566] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  104.043337][ T6580] syz.2.1035: attempt to access beyond end of device
[  104.043337][ T6580] loop2: rw=0, sector=2065, nr_sectors = 1 limit=128
[  104.056725][ T6580] buffer_io_error: 56086 callbacks suppressed
[  104.056739][ T6580] Buffer I/O error on dev loop2, logical block 2065, async page read
[  104.108183][ T6580] syz.2.1035: attempt to access beyond end of device
[  104.108183][ T6580] loop2: rw=0, sector=2066, nr_sectors = 1 limit=128
[  104.121705][ T6580] Buffer I/O error on dev loop2, logical block 2066, async page read
[  104.230382][ T6580] syz.2.1035: attempt to access beyond end of device
[  104.230382][ T6580] loop2: rw=0, sector=2067, nr_sectors = 1 limit=128
[  104.243762][ T6580] Buffer I/O error on dev loop2, logical block 2067, async page read
[  104.263156][ T6580] syz.2.1035: attempt to access beyond end of device
[  104.263156][ T6580] loop2: rw=0, sector=2068, nr_sectors = 1 limit=128
[  104.266563][ T6593] netlink: 3752 bytes leftover after parsing attributes in process `syz.4.1045'.
[  104.276516][ T6580] Buffer I/O error on dev loop2, logical block 2068, async page read
[  104.325977][ T6580] syz.2.1035: attempt to access beyond end of device
[  104.325977][ T6580] loop2: rw=0, sector=2069, nr_sectors = 1 limit=128
[  104.339349][ T6580] Buffer I/O error on dev loop2, logical block 2069, async page read
[  104.368507][ T6580] syz.2.1035: attempt to access beyond end of device
[  104.368507][ T6580] loop2: rw=0, sector=2070, nr_sectors = 1 limit=128
[  104.382093][ T6580] Buffer I/O error on dev loop2, logical block 2070, async page read
[  104.391467][ T6580] syz.2.1035: attempt to access beyond end of device
[  104.391467][ T6580] loop2: rw=0, sector=2071, nr_sectors = 1 limit=128
[  104.404866][ T6580] Buffer I/O error on dev loop2, logical block 2071, async page read
[  104.428757][ T6587] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1043'.
[  104.438634][ T6580] Buffer I/O error on dev loop2, logical block 2072, async page read
[  104.451022][ T6566] Buffer I/O error on dev loop2, logical block 2065, async page read
[  104.459300][ T6566] Buffer I/O error on dev loop2, logical block 2066, async page read
[  104.482953][ T6607] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1049'.
[  104.483690][ T6590] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1044'.
[  104.562476][ T6612] loop3: detected capacity change from 0 to 128
[  104.622676][ T6627] syz_tun: entered allmulticast mode
[  104.696674][ T6638] netlink: 'syz.1.1061': attribute type 1 has an invalid length.
[  104.716284][ T6639] lo speed is unknown, defaulting to 1000
[  104.757340][ T6627] FAULT_INJECTION: forcing a failure.
[  104.757340][ T6627] name failslab, interval 1, probability 0, space 0, times 0
[  104.770004][ T6627] CPU: 0 UID: 0 PID: 6627 Comm: syz.2.1058 Not tainted 6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[  104.770029][ T6627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  104.770039][ T6627] Call Trace:
[  104.770045][ T6627]  <TASK>
[  104.770053][ T6627]  __dump_stack+0x1d/0x30
[  104.770074][ T6627]  dump_stack_lvl+0xe8/0x140
[  104.770089][ T6627]  dump_stack+0x15/0x1b
[  104.770134][ T6627]  should_fail_ex+0x265/0x280
[  104.770152][ T6627]  should_failslab+0x8c/0xb0
[  104.770230][ T6627]  kmem_cache_alloc_node_noprof+0x57/0x320
[  104.770259][ T6627]  ? __alloc_skb+0x101/0x320
[  104.770315][ T6627]  __alloc_skb+0x101/0x320
[  104.770345][ T6627]  mroute_netlink_event+0x7b/0x110
[  104.770373][ T6627]  ipmr_mfc_add+0x133b/0x1530
[  104.770402][ T6627]  ip_mroute_setsockopt+0x739/0x960
[  104.770426][ T6627]  do_ip_setsockopt+0xcea/0x2240
[  104.770529][ T6627]  ip_setsockopt+0x58/0x110
[  104.770558][ T6627]  raw_setsockopt+0xbd/0x150
[  104.770576][ T6627]  sock_common_setsockopt+0x66/0x80
[  104.770598][ T6627]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  104.770658][ T6627]  __sys_setsockopt+0x184/0x200
[  104.770724][ T6627]  __x64_sys_setsockopt+0x64/0x80
[  104.770740][ T6627]  x64_sys_call+0x20ec/0x2ff0
[  104.770763][ T6627]  do_syscall_64+0xd2/0x200
[  104.770815][ T6627]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  104.770834][ T6627]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  104.770854][ T6627]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.770947][ T6627] RIP: 0033:0x7fcba253ebe9
[  104.770963][ T6627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.770981][ T6627] RSP: 002b:00007fcba0f9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  104.771000][ T6627] RAX: ffffffffffffffda RBX: 00007fcba2765fa0 RCX: 00007fcba253ebe9
[  104.771037][ T6627] RDX: 00000000000000d2 RSI: 0000000000000000 RDI: 0000000000000004
[  104.771047][ T6627] RBP: 00007fcba0f9f090 R08: 000000000000003c R09: 0000000000000000
[  104.771058][ T6627] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000001
[  104.771069][ T6627] R13: 00007fcba2766038 R14: 00007fcba2765fa0 R15: 00007ffe33f98ba8
[  104.771085][ T6627]  </TASK>
[  105.083946][ T6645] loop4: detected capacity change from 0 to 1024
[  105.106291][ T6647] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  105.116385][ T6645] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.148691][ T6626] syz_tun: left allmulticast mode
[  105.381223][ T6647] random: crng reseeded on system resumption
[  105.747577][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.012191][ T6701] netlink: 'syz.0.1083': attribute type 1 has an invalid length.
[  106.187370][ T6720] loop3: detected capacity change from 0 to 1024
[  106.204690][ T6720] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.323708][ T6728] lo speed is unknown, defaulting to 1000
[  106.423800][ T6731] lo speed is unknown, defaulting to 1000
[  106.449997][ T6731] siw: device registration error -23
[  106.937723][ T6739] loop2: detected capacity change from 0 to 128
[  106.999308][ T6742] loop4: detected capacity change from 0 to 128
[  107.077599][ T6747] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  107.155803][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.202625][ T6755] loop4: detected capacity change from 0 to 128
[  107.256185][ T6759] random: crng reseeded on system resumption
[  107.355644][ T6755] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  107.363523][ T6755] FAT-fs (loop4): Filesystem has been set read-only
[  107.386383][ T6755] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  107.394425][ T6755] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  107.914324][ T6773] syz_tun: entered allmulticast mode
[  108.035371][ T6790] loop3: detected capacity change from 0 to 128
[  108.074115][ T6794] __nla_validate_parse: 11 callbacks suppressed
[  108.074166][ T6794] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1111'.
[  108.110242][ T6794] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1111'.
[  108.121724][ T6798] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1112'.
[  108.140941][ T6798] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1112'.
[  108.158641][ T6800] loop4: detected capacity change from 0 to 2048
[  108.229270][ T6772] syz_tun: left allmulticast mode
[  108.246912][ T6800]  loop4: p2 p3 p7
[  108.315807][ T6813] lo speed is unknown, defaulting to 1000
[  108.341666][ T6813] siw: device registration error -23
[  108.405537][ T6817] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  108.421183][ T6821] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1119'.
[  108.556514][ T6823] random: crng reseeded on system resumption
[  108.613140][ T6841] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1121'.
[  108.852860][ T6858] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1131'.
[  108.954643][   T29] kauditd_printk_skb: 628 callbacks suppressed
[  108.954659][   T29] audit: type=1400 audit(1755297430.468:8213): avc:  denied  { write } for  pid=6860 comm="syz.0.1133" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  109.308859][ T6881] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1135'.
[  109.317999][ T6881] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1135'.
[  109.327037][ T6881] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1135'.
[  109.649509][   T29] audit: type=1400 audit(1755297431.158:8214): avc:  denied  { checkpoint_restore } for  pid=6860 comm="syz.0.1133" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  109.724518][   T29] audit: type=1326 audit(1755297431.228:8215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6890 comm="syz.2.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcba253ebe9 code=0x7ffc0000
[  109.748032][   T29] audit: type=1326 audit(1755297431.228:8216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6890 comm="syz.2.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcba253ebe9 code=0x7ffc0000
[  109.758514][ T6891] loop2: detected capacity change from 0 to 128
[  109.771611][   T29] audit: type=1326 audit(1755297431.228:8217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6890 comm="syz.2.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcba253ebe9 code=0x7ffc0000
[  109.800882][ T6891] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  109.801406][   T29] audit: type=1326 audit(1755297431.228:8218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6890 comm="syz.2.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcba253ebe9 code=0x7ffc0000
[  109.809218][ T6891] FAT-fs (loop2): Filesystem has been set read-only
[  109.832562][   T29] audit: type=1326 audit(1755297431.228:8219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6890 comm="syz.2.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcba253ebe9 code=0x7ffc0000
[  109.832588][   T29] audit: type=1326 audit(1755297431.228:8220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6890 comm="syz.2.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7fcba253ebe9 code=0x7ffc0000
[  109.886114][   T29] audit: type=1326 audit(1755297431.228:8221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6890 comm="syz.2.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcba253ebe9 code=0x7ffc0000
[  109.909575][   T29] audit: type=1326 audit(1755297431.228:8222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6890 comm="syz.2.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcba253ebe9 code=0x7ffc0000
[  109.958913][ T6891] bio_check_eod: 38207 callbacks suppressed
[  109.958927][ T6891] syz.2.1136: attempt to access beyond end of device
[  109.958927][ T6891] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  109.978560][ T6891] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  109.986380][ T6891] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  110.000978][ T6891] syz.2.1136: attempt to access beyond end of device
[  110.000978][ T6891] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  110.016081][ T6891] syz.2.1136: attempt to access beyond end of device
[  110.016081][ T6891] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  110.029402][ T6891] syz.2.1136: attempt to access beyond end of device
[  110.029402][ T6891] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  110.042957][ T6891] syz.2.1136: attempt to access beyond end of device
[  110.042957][ T6891] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  110.056691][ T6891] syz.2.1136: attempt to access beyond end of device
[  110.056691][ T6891] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  110.070054][ T6891] syz.2.1136: attempt to access beyond end of device
[  110.070054][ T6891] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  110.083841][ T6891] syz.2.1136: attempt to access beyond end of device
[  110.083841][ T6891] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  110.097440][ T6891] syz.2.1136: attempt to access beyond end of device
[  110.097440][ T6891] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  110.111173][ T6891] syz.2.1136: attempt to access beyond end of device
[  110.111173][ T6891] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  110.160156][ T6894] buffer_io_error: 20086 callbacks suppressed
[  110.160171][ T6894] Buffer I/O error on dev loop2, logical block 2065, async page read
[  110.179617][ T6894] Buffer I/O error on dev loop2, logical block 2066, async page read
[  110.223296][ T6894] Buffer I/O error on dev loop2, logical block 2067, async page read
[  110.235091][ T6894] Buffer I/O error on dev loop2, logical block 2068, async page read
[  110.247076][ T6894] Buffer I/O error on dev loop2, logical block 2069, async page read
[  110.261754][ T6894] Buffer I/O error on dev loop2, logical block 2070, async page read
[  110.270409][ T6894] Buffer I/O error on dev loop2, logical block 2071, async page read
[  110.280308][ T6894] Buffer I/O error on dev loop2, logical block 2072, async page read
[  110.297988][ T6894] Buffer I/O error on dev loop2, logical block 2065, async page read
[  110.306528][ T6894] Buffer I/O error on dev loop2, logical block 2066, async page read
[  110.630138][ T6975] 9pnet: Could not find request transport: t7“2õÓ<�Ïy•1<	Þ
[  110.665309][ T6975] loop2: detected capacity change from 0 to 512
[  110.705086][ T6975] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843e018, mo2=0002]
[  110.742332][ T6975] System zones: 1-12
[  110.759570][ T6975] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1163: invalid indirect mapped block 8 (level 2)
[  110.795854][ T6975] EXT4-fs (loop2): 1 truncate cleaned up
[  110.801989][ T6975] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.921491][ T7003] loop4: detected capacity change from 0 to 128
[  110.930673][ T7003] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  110.933923][ T3300] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.938690][ T7003] FAT-fs (loop4): Filesystem has been set read-only
[  110.963227][ T7003] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  110.971379][ T7003] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  111.019639][ T7011] FAULT_INJECTION: forcing a failure.
[  111.019639][ T7011] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  111.033001][ T7011] CPU: 0 UID: 0 PID: 7011 Comm: syz.0.1172 Not tainted 6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[  111.033047][ T7011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  111.033100][ T7011] Call Trace:
[  111.033106][ T7011]  <TASK>
[  111.033112][ T7011]  __dump_stack+0x1d/0x30
[  111.033132][ T7011]  dump_stack_lvl+0xe8/0x140
[  111.033149][ T7011]  dump_stack+0x15/0x1b
[  111.033164][ T7011]  should_fail_ex+0x265/0x280
[  111.033190][ T7011]  should_fail+0xb/0x20
[  111.033206][ T7011]  should_fail_usercopy+0x1a/0x20
[  111.033305][ T7011]  _copy_to_user+0x20/0xa0
[  111.033328][ T7011]  bpf_prog_test_run_syscall+0x29a/0x350
[  111.033350][ T7011]  ? __pfx_bpf_prog_test_run_syscall+0x10/0x10
[  111.033424][ T7011]  bpf_prog_test_run+0x22a/0x390
[  111.033455][ T7011]  __sys_bpf+0x4b9/0x7b0
[  111.033530][ T7011]  __x64_sys_bpf+0x41/0x50
[  111.033570][ T7011]  x64_sys_call+0x2aea/0x2ff0
[  111.033591][ T7011]  do_syscall_64+0xd2/0x200
[  111.033613][ T7011]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  111.033642][ T7011]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  111.033664][ T7011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.033684][ T7011] RIP: 0033:0x7fdcf1dcebe9
[  111.033728][ T7011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.033745][ T7011] RSP: 002b:00007fdcf082f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  111.033763][ T7011] RAX: ffffffffffffffda RBX: 00007fdcf1ff5fa0 RCX: 00007fdcf1dcebe9
[  111.033777][ T7011] RDX: 000000000000000c RSI: 00002000000004c0 RDI: 000000000000000a
[  111.033790][ T7011] RBP: 00007fdcf082f090 R08: 0000000000000000 R09: 0000000000000000
[  111.033802][ T7011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.033813][ T7011] R13: 00007fdcf1ff6038 R14: 00007fdcf1ff5fa0 R15: 00007ffe82a93778
[  111.033974][ T7011]  </TASK>
[  112.657163][ T7070] wireguard0: entered promiscuous mode
[  112.662742][ T7070] wireguard0: entered allmulticast mode
[  112.884532][ T7088] loop3: detected capacity change from 0 to 128
[  112.917261][ T7088] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  112.925161][ T7088] FAT-fs (loop3): Filesystem has been set read-only
[  112.932081][ T7088] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  112.939936][ T7088] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  112.980686][ T7102] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  113.254887][ T7115] __nla_validate_parse: 20 callbacks suppressed
[  113.254901][ T7115] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1206'.
[  113.270292][ T7115] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1206'.
[  113.279548][ T7115] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1206'.
[  113.372421][ T7108] random: crng reseeded on system resumption
[  113.476927][ T7122] FAULT_INJECTION: forcing a failure.
[  113.476927][ T7122] name failslab, interval 1, probability 0, space 0, times 0
[  113.489697][ T7122] CPU: 1 UID: 0 PID: 7122 Comm: syz.0.1210 Not tainted 6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[  113.489731][ T7122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  113.489741][ T7122] Call Trace:
[  113.489748][ T7122]  <TASK>
[  113.489755][ T7122]  __dump_stack+0x1d/0x30
[  113.489774][ T7122]  dump_stack_lvl+0xe8/0x140
[  113.489791][ T7122]  dump_stack+0x15/0x1b
[  113.489825][ T7122]  should_fail_ex+0x265/0x280
[  113.489843][ T7122]  should_failslab+0x8c/0xb0
[  113.489862][ T7122]  __kmalloc_noprof+0xa5/0x3e0
[  113.489912][ T7122]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[  113.489947][ T7122]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[  113.489977][ T7122]  genl_start+0xe0/0x390
[  113.490075][ T7122]  __netlink_dump_start+0x331/0x520
[  113.490094][ T7122]  genl_family_rcv_msg_dumpit+0x115/0x180
[  113.490121][ T7122]  ? __pfx_genl_start+0x10/0x10
[  113.490142][ T7122]  ? __pfx_genl_dumpit+0x10/0x10
[  113.490213][ T7122]  ? __pfx_genl_done+0x10/0x10
[  113.490241][ T7122]  genl_rcv_msg+0x3f0/0x460
[  113.490266][ T7122]  ? __pfx_ethnl_default_start+0x10/0x10
[  113.490284][ T7122]  ? __pfx_ethnl_default_dumpit+0x10/0x10
[  113.490377][ T7122]  ? __pfx_ethnl_default_done+0x10/0x10
[  113.490496][ T7122]  netlink_rcv_skb+0x120/0x220
[  113.490511][ T7122]  ? __pfx_genl_rcv_msg+0x10/0x10
[  113.490540][ T7122]  genl_rcv+0x28/0x40
[  113.490560][ T7122]  netlink_unicast+0x5c0/0x690
[  113.490643][ T7122]  netlink_sendmsg+0x58b/0x6b0
[  113.490709][ T7122]  ? __pfx_netlink_sendmsg+0x10/0x10
[  113.490809][ T7122]  __sock_sendmsg+0x145/0x180
[  113.490840][ T7122]  ____sys_sendmsg+0x31e/0x4e0
[  113.490864][ T7122]  ___sys_sendmsg+0x17b/0x1d0
[  113.490924][ T7122]  __x64_sys_sendmsg+0xd4/0x160
[  113.490945][ T7122]  x64_sys_call+0x191e/0x2ff0
[  113.490962][ T7122]  do_syscall_64+0xd2/0x200
[  113.491050][ T7122]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  113.491097][ T7122]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  113.491122][ T7122]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.491142][ T7122] RIP: 0033:0x7fdcf1dcebe9
[  113.491202][ T7122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.491217][ T7122] RSP: 002b:00007fdcf082f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  113.491233][ T7122] RAX: ffffffffffffffda RBX: 00007fdcf1ff5fa0 RCX: 00007fdcf1dcebe9
[  113.491244][ T7122] RDX: 0000000000044800 RSI: 00002000000011c0 RDI: 0000000000000005
[  113.491255][ T7122] RBP: 00007fdcf082f090 R08: 0000000000000000 R09: 0000000000000000
[  113.491266][ T7122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.491276][ T7122] R13: 00007fdcf1ff6038 R14: 00007fdcf1ff5fa0 R15: 00007ffe82a93778
[  113.491327][ T7122]  </TASK>
[  113.929071][ T7135] lo speed is unknown, defaulting to 1000
[  113.978258][ T7134] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1216'.
[  114.007987][   T29] kauditd_printk_skb: 213 callbacks suppressed
[  114.008000][   T29] audit: type=1400 audit(1755297435.518:8436): avc:  denied  { tracepoint } for  pid=7131 comm="syz.3.1215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  114.090765][   T29] audit: type=1400 audit(1755297435.568:8437): avc:  denied  { write } for  pid=7131 comm="syz.3.1215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  114.261289][   T29] audit: type=1107 audit(1755297435.758:8438): pid=7148 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  114.274808][   T29] audit: type=1400 audit(1755297435.768:8439): avc:  denied  { mount } for  pid=7149 comm="syz.1.1221" name="/" dev="autofs" ino=15962 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  114.305424][   T29] audit: type=1400 audit(1755297435.808:8440): avc:  denied  { mounton } for  pid=7149 comm="syz.1.1221" path="/255/file0" dev="tmpfs" ino=1402 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  114.328222][   T29] audit: type=1400 audit(1755297435.808:8441): avc:  denied  { mount } for  pid=7149 comm="syz.1.1221" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  114.378259][   T29] audit: type=1400 audit(1755297435.888:8442): avc:  denied  { create } for  pid=7156 comm="syz.2.1224" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  114.399555][   T29] audit: type=1400 audit(1755297435.888:8443): avc:  denied  { unmount } for  pid=3299 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  114.419925][   T29] audit: type=1400 audit(1755297435.888:8444): avc:  denied  { write } for  pid=7156 comm="syz.2.1224" name="file0" dev="tmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  114.442943][   T29] audit: type=1400 audit(1755297435.888:8445): avc:  denied  { open } for  pid=7156 comm="syz.2.1224" path="/234/file0" dev="tmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  114.483035][ T7165] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  114.610758][ T7169] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1226'.
[  114.619855][ T7169] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1226'.
[  114.628905][ T7169] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1226'.
[  114.749297][ T7177] loop4: detected capacity change from 0 to 128
[  114.780121][ T7174] random: crng reseeded on system resumption
[  114.882978][ T7182] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1233'.
[  114.956636][ T7189] netlink: 'syz.1.1236': attribute type 4 has an invalid length.
[  114.966630][ T7177] bio_check_eod: 60594 callbacks suppressed
[  114.966645][ T7177] syz.4.1232: attempt to access beyond end of device
[  114.966645][ T7177] loop4: rw=524288, sector=145, nr_sectors = 16 limit=128
[  114.986819][ T7177] syz.4.1232: attempt to access beyond end of device
[  114.986819][ T7177] loop4: rw=524288, sector=169, nr_sectors = 8 limit=128
[  114.989676][ T7189] netlink: 'syz.1.1236': attribute type 4 has an invalid length.
[  115.000664][ T7177] syz.4.1232: attempt to access beyond end of device
[  115.000664][ T7177] loop4: rw=524288, sector=185, nr_sectors = 8 limit=128
[  115.024419][ T7177] syz.4.1232: attempt to access beyond end of device
[  115.024419][ T7177] loop4: rw=524288, sector=201, nr_sectors = 8 limit=128
[  115.038246][ T7177] syz.4.1232: attempt to access beyond end of device
[  115.038246][ T7177] loop4: rw=524288, sector=217, nr_sectors = 8 limit=128
[  115.052321][ T7177] syz.4.1232: attempt to access beyond end of device
[  115.052321][ T7177] loop4: rw=524288, sector=233, nr_sectors = 8 limit=128
[  115.066131][ T7177] syz.4.1232: attempt to access beyond end of device
[  115.066131][ T7177] loop4: rw=524288, sector=249, nr_sectors = 8 limit=128
[  115.079806][ T7177] syz.4.1232: attempt to access beyond end of device
[  115.079806][ T7177] loop4: rw=524288, sector=265, nr_sectors = 8 limit=128
[  115.093549][ T7177] syz.4.1232: attempt to access beyond end of device
[  115.093549][ T7177] loop4: rw=524288, sector=281, nr_sectors = 8 limit=128
[  115.118777][ T7189] serio: Serial port ttyS3
[  115.124153][ T7177] syz.4.1232: attempt to access beyond end of device
[  115.124153][ T7177] loop4: rw=524288, sector=297, nr_sectors = 8 limit=128
[  115.391384][ T7204] loop3: detected capacity change from 0 to 1024
[  115.412198][ T7204] EXT4-fs: Ignoring removed nomblk_io_submit option
[  115.444785][ T7204] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.506981][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.565121][ T7218] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1247'.
[  115.640757][ T7221] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1248'.
[  115.670310][ T7225] loop3: detected capacity change from 0 to 128
[  115.687074][ T7225] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  115.695021][ T7225] FAT-fs (loop3): Filesystem has been set read-only
[  115.714823][ T7235] FAULT_INJECTION: forcing a failure.
[  115.714823][ T7235] name failslab, interval 1, probability 0, space 0, times 0
[  115.720223][ T7225] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  115.727544][ T7235] CPU: 0 UID: 0 PID: 7235 Comm: syz.1.1253 Not tainted 6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[  115.727571][ T7235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  115.727589][ T7235] Call Trace:
[  115.727622][ T7235]  <TASK>
[  115.727630][ T7235]  __dump_stack+0x1d/0x30
[  115.727651][ T7235]  dump_stack_lvl+0xe8/0x140
[  115.727669][ T7235]  dump_stack+0x15/0x1b
[  115.727737][ T7235]  should_fail_ex+0x265/0x280
[  115.727757][ T7235]  ? __pfx_cond_bools_destroy+0x10/0x10
[  115.727782][ T7235]  should_failslab+0x8c/0xb0
[  115.727839][ T7235]  kmem_cache_alloc_noprof+0x50/0x310
[  115.727897][ T7235]  ? hashtab_duplicate+0xfe/0x360
[  115.727927][ T7235]  ? __pfx_cond_bools_destroy+0x10/0x10
[  115.727981][ T7235]  hashtab_duplicate+0xfe/0x360
[  115.728011][ T7235]  ? __pfx_cond_bools_copy+0x10/0x10
[  115.728162][ T7235]  cond_policydb_dup+0xd2/0x4e0
[  115.728189][ T7235]  security_set_bools+0xa0/0x340
[  115.728212][ T7235]  sel_commit_bools_write+0x1ea/0x270
[  115.728294][ T7235]  vfs_writev+0x403/0x8b0
[  115.728320][ T7235]  ? __pfx_sel_commit_bools_write+0x10/0x10
[  115.728350][ T7235]  ? mutex_lock+0xd/0x30
[  115.728424][ T7235]  do_writev+0xe7/0x210
[  115.728451][ T7235]  __x64_sys_writev+0x45/0x50
[  115.728473][ T7235]  x64_sys_call+0x1e9a/0x2ff0
[  115.728493][ T7235]  do_syscall_64+0xd2/0x200
[  115.728569][ T7235]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  115.728642][ T7235]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  115.728665][ T7235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.728685][ T7235] RIP: 0033:0x7ff8333febe9
[  115.728765][ T7235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.728782][ T7235] RSP: 002b:00007ff831e67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  115.728801][ T7235] RAX: ffffffffffffffda RBX: 00007ff833625fa0 RCX: 00007ff8333febe9
[  115.728813][ T7235] RDX: 0000000000000001 RSI: 00002000000025c0 RDI: 0000000000000004
[  115.728826][ T7235] RBP: 00007ff831e67090 R08: 0000000000000000 R09: 0000000000000000
[  115.728838][ T7235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  115.728928][ T7235] R13: 00007ff833626038 R14: 00007ff833625fa0 R15: 00007fffa1a7ee18
[  115.728958][ T7235]  </TASK>
[  115.959855][ T7225] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  115.968619][ T7243] buffer_io_error: 59606 callbacks suppressed
[  115.968633][ T7243] Buffer I/O error on dev loop3, logical block 2065, async page read
[  115.984031][ T7243] Buffer I/O error on dev loop3, logical block 2066, async page read
[  116.000690][ T7241] loop4: detected capacity change from 0 to 1024
[  116.012286][ T7241] EXT4-fs: Ignoring removed nomblk_io_submit option
[  116.019502][ T7243] Buffer I/O error on dev loop3, logical block 2067, async page read
[  116.027693][ T7243] Buffer I/O error on dev loop3, logical block 2068, async page read
[  116.036818][ T7243] Buffer I/O error on dev loop3, logical block 2069, async page read
[  116.045056][ T7243] Buffer I/O error on dev loop3, logical block 2070, async page read
[  116.059721][ T7243] Buffer I/O error on dev loop3, logical block 2071, async page read
[  116.087371][ T7243] Buffer I/O error on dev loop3, logical block 2072, async page read
[  116.096665][ T7225] Buffer I/O error on dev loop3, logical block 2065, async page read
[  116.104956][ T7225] Buffer I/O error on dev loop3, logical block 2066, async page read
[  116.123648][ T7241] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.159133][ T7263] loop2: detected capacity change from 0 to 128
[  116.173035][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.184241][ T7263] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  116.235451][ T7263] ext4 filesystem being mounted at /240/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  116.286740][ T3300] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  116.552769][ T7295] loop2: detected capacity change from 0 to 512
[  116.623391][ T7295] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  116.631622][ T7295] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.1271: invalid indirect mapped block 2683928664 (level 1)
[  116.668099][ T7295] EXT4-fs (loop2): Remounting filesystem read-only
[  116.674945][ T7295] EXT4-fs (loop2): 1 truncate cleaned up
[  116.675212][ T7295] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.758646][ T7306] lo speed is unknown, defaulting to 1000
[  116.855579][ T3300] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.925433][ T7314] loop3: detected capacity change from 0 to 1024
[  116.955323][ T7314] EXT4-fs: Ignoring removed orlov option
[  116.961063][ T7314] EXT4-fs: Ignoring removed nobh option
[  116.995578][ T7314] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.119626][ T7323] loop2: detected capacity change from 0 to 128
[  117.156731][ T7323] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  117.164710][ T7323] FAT-fs (loop2): Filesystem has been set read-only
[  117.197028][ T7323] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  117.204956][ T7323] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  117.348518][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.545632][ T7366] loop3: detected capacity change from 0 to 128
[  117.590804][ T7366] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  117.603174][ T7366] ext4 filesystem being mounted at /251/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  117.686953][ T3306] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  117.853214][ T7381] FAULT_INJECTION: forcing a failure.
[  117.853214][ T7381] name failslab, interval 1, probability 0, space 0, times 0
[  117.865897][ T7381] CPU: 0 UID: 0 PID: 7381 Comm: syz.0.1295 Not tainted 6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[  117.865925][ T7381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  117.865937][ T7381] Call Trace:
[  117.865944][ T7381]  <TASK>
[  117.865952][ T7381]  __dump_stack+0x1d/0x30
[  117.865973][ T7381]  dump_stack_lvl+0xe8/0x140
[  117.865992][ T7381]  dump_stack+0x15/0x1b
[  117.866050][ T7381]  should_fail_ex+0x265/0x280
[  117.866085][ T7381]  should_failslab+0x8c/0xb0
[  117.866108][ T7381]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  117.866186][ T7381]  ? security_context_to_sid_core+0x69/0x3b0
[  117.866209][ T7381]  kmemdup_nul+0x36/0xc0
[  117.866282][ T7381]  security_context_to_sid_core+0x69/0x3b0
[  117.866307][ T7381]  security_context_str_to_sid+0x33/0x40
[  117.866327][ T7381]  sel_write_create+0x354/0x4f0
[  117.866353][ T7381]  selinux_transaction_write+0xc3/0x110
[  117.866523][ T7381]  ? __pfx_selinux_transaction_write+0x10/0x10
[  117.866548][ T7381]  vfs_write+0x266/0x960
[  117.866568][ T7381]  ? __rcu_read_unlock+0x4f/0x70
[  117.866589][ T7381]  ? __fget_files+0x184/0x1c0
[  117.866664][ T7381]  ksys_write+0xda/0x1a0
[  117.866686][ T7381]  __x64_sys_write+0x40/0x50
[  117.866707][ T7381]  x64_sys_call+0x27fe/0x2ff0
[  117.866727][ T7381]  do_syscall_64+0xd2/0x200
[  117.866824][ T7381]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  117.866870][ T7381]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.866935][ T7381] RIP: 0033:0x7fdcf1dcebe9
[  117.866951][ T7381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.866968][ T7381] RSP: 002b:00007fdcf082f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  117.866987][ T7381] RAX: ffffffffffffffda RBX: 00007fdcf1ff5fa0 RCX: 00007fdcf1dcebe9
[  117.867000][ T7381] RDX: 0000000000000059 RSI: 0000200000000200 RDI: 0000000000000004
[  117.867013][ T7381] RBP: 00007fdcf082f090 R08: 0000000000000000 R09: 0000000000000000
[  117.867025][ T7381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  117.867077][ T7381] R13: 00007fdcf1ff6038 R14: 00007fdcf1ff5fa0 R15: 00007ffe82a93778
[  117.867096][ T7381]  </TASK>
[  118.145035][ T7389] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  118.459387][ T7408] random: crng reseeded on system resumption
[  118.771846][ T7446] __nla_validate_parse: 6 callbacks suppressed
[  118.771861][ T7446] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1310'.
[  119.012039][ T7433] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  119.023604][   T29] kauditd_printk_skb: 504 callbacks suppressed
[  119.023620][   T29] audit: type=1326 audit(1755297440.538:8950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7432 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcf1dcebe9 code=0x7ffc0000
[  119.053024][   T29] audit: type=1326 audit(1755297440.538:8951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7432 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcf1dcebe9 code=0x7ffc0000
[  119.165398][   T29] audit: type=1400 audit(1755297440.618:8952): avc:  denied  { checkpoint_restore } for  pid=7457 comm="syz.2.1314" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  119.187430][   T29] audit: type=1400 audit(1755297440.628:8953): avc:  denied  { name_bind } for  pid=7469 comm="syz.1.1317" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  119.209185][   T29] audit: type=1400 audit(1755297440.628:8954): avc:  denied  { node_bind } for  pid=7469 comm="syz.1.1317" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  119.229895][   T29] audit: type=1400 audit(1755297440.638:8955): avc:  denied  { watch } for  pid=7473 comm="syz.4.1319" path="/227" dev="tmpfs" ino=1251 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  119.230560][ T7487] loop4: detected capacity change from 0 to 128
[  119.279372][   T29] audit: type=1400 audit(1755297440.678:8956): avc:  denied  { create } for  pid=7482 comm="syz.4.1320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  119.298892][   T29] audit: type=1400 audit(1755297440.708:8957): avc:  denied  { create } for  pid=7482 comm="syz.4.1320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  119.318514][   T29] audit: type=1326 audit(1755297440.708:8958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7482 comm="syz.4.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05988cebe9 code=0x7ffc0000
[  119.342093][   T29] audit: type=1326 audit(1755297440.708:8959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7482 comm="syz.4.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05988cebe9 code=0x7ffc0000
[  119.412317][ T7487] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  119.420432][ T7487] FAT-fs (loop4): Filesystem has been set read-only
[  119.427219][ T7487] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  119.435109][ T7487] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  119.496724][ T7510] can: request_module (can-proto-0) failed.
[  119.600701][ T7523] lo speed is unknown, defaulting to 1000
[  119.988008][ T7487] bio_check_eod: 91386 callbacks suppressed
[  119.988025][ T7487] syz.4.1320: attempt to access beyond end of device
[  119.988025][ T7487] loop4: rw=0, sector=2065, nr_sectors = 1 limit=128
[  120.066732][ T7487] syz.4.1320: attempt to access beyond end of device
[  120.066732][ T7487] loop4: rw=0, sector=2066, nr_sectors = 1 limit=128
[  120.080162][ T7487] syz.4.1320: attempt to access beyond end of device
[  120.080162][ T7487] loop4: rw=0, sector=2067, nr_sectors = 1 limit=128
[  120.093612][ T7487] syz.4.1320: attempt to access beyond end of device
[  120.093612][ T7487] loop4: rw=0, sector=2068, nr_sectors = 1 limit=128
[  120.107129][ T7487] syz.4.1320: attempt to access beyond end of device
[  120.107129][ T7487] loop4: rw=0, sector=2069, nr_sectors = 1 limit=128
[  120.120388][ T7487] syz.4.1320: attempt to access beyond end of device
[  120.120388][ T7487] loop4: rw=0, sector=2070, nr_sectors = 1 limit=128
[  120.133722][ T7487] syz.4.1320: attempt to access beyond end of device
[  120.133722][ T7487] loop4: rw=0, sector=2071, nr_sectors = 1 limit=128
[  120.147082][ T7487] syz.4.1320: attempt to access beyond end of device
[  120.147082][ T7487] loop4: rw=0, sector=2072, nr_sectors = 1 limit=128
[  120.210581][ T7537] FAULT_INJECTION: forcing a failure.
[  120.210581][ T7537] name failslab, interval 1, probability 0, space 0, times 0
[  120.223353][ T7537] CPU: 0 UID: 0 PID: 7537 Comm: syz.4.1335 Not tainted 6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[  120.223381][ T7537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  120.223406][ T7537] Call Trace:
[  120.223412][ T7537]  <TASK>
[  120.223418][ T7537]  __dump_stack+0x1d/0x30
[  120.223436][ T7537]  dump_stack_lvl+0xe8/0x140
[  120.223458][ T7537]  dump_stack+0x15/0x1b
[  120.223472][ T7537]  should_fail_ex+0x265/0x280
[  120.223542][ T7537]  should_failslab+0x8c/0xb0
[  120.223563][ T7537]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  120.223586][ T7537]  ? __d_alloc+0x3d/0x340
[  120.223620][ T7537]  __d_alloc+0x3d/0x340
[  120.223643][ T7537]  d_alloc_parallel+0x53/0xc60
[  120.223666][ T7537]  ? __rcu_read_unlock+0x4f/0x70
[  120.223683][ T7537]  ? __d_lookup+0x316/0x340
[  120.223706][ T7537]  ? try_to_unlazy+0x25e/0x3a0
[  120.223780][ T7537]  path_openat+0x6b5/0x2170
[  120.223803][ T7537]  do_filp_open+0x109/0x230
[  120.223859][ T7537]  ? __pfx_kfree_link+0x10/0x10
[  120.223880][ T7537]  do_sys_openat2+0xa6/0x110
[  120.223906][ T7537]  __x64_sys_openat+0xf2/0x120
[  120.223992][ T7537]  x64_sys_call+0x2e9c/0x2ff0
[  120.224010][ T7537]  do_syscall_64+0xd2/0x200
[  120.224032][ T7537]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  120.224112][ T7537]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  120.224132][ T7537]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.224150][ T7537] RIP: 0033:0x7f05988cd550
[  120.224163][ T7537] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  120.224231][ T7537] RSP: 002b:00007f059732ef10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  120.224247][ T7537] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f05988cd550
[  120.224334][ T7537] RDX: 0000000000000002 RSI: 00007f059732efa0 RDI: 00000000ffffff9c
[  120.224344][ T7537] RBP: 00007f059732efa0 R08: 0000000000000000 R09: 0000000000000000
[  120.224356][ T7537] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  120.224366][ T7537] R13: 00007f0598af6038 R14: 00007f0598af5fa0 R15: 00007ffc365118c8
[  120.224405][ T7537]  </TASK>
[  120.505457][ T7515] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  120.517809][ T7548] FAULT_INJECTION: forcing a failure.
[  120.517809][ T7548] name failslab, interval 1, probability 0, space 0, times 0
[  120.530732][ T7548] CPU: 1 UID: 0 PID: 7548 Comm: +}[@ Not tainted 6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[  120.530787][ T7548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  120.530797][ T7548] Call Trace:
[  120.530803][ T7548]  <TASK>
[  120.530821][ T7548]  __dump_stack+0x1d/0x30
[  120.530840][ T7548]  dump_stack_lvl+0xe8/0x140
[  120.530883][ T7548]  dump_stack+0x15/0x1b
[  120.530900][ T7548]  should_fail_ex+0x265/0x280
[  120.530991][ T7548]  ? __pfx_cond_bools_destroy+0x10/0x10
[  120.531015][ T7548]  should_failslab+0x8c/0xb0
[  120.531076][ T7548]  __kmalloc_noprof+0xa5/0x3e0
[  120.531100][ T7548]  ? hashtab_duplicate+0x55/0x360
[  120.531126][ T7548]  ? __pfx_cond_bools_destroy+0x10/0x10
[  120.531151][ T7548]  hashtab_duplicate+0x55/0x360
[  120.531256][ T7548]  ? __kmalloc_noprof+0x1dd/0x3e0
[  120.531278][ T7548]  ? cond_policydb_dup+0xa3/0x4e0
[  120.531499][ T7548]  ? __pfx_cond_bools_copy+0x10/0x10
[  120.531522][ T7548]  cond_policydb_dup+0xd2/0x4e0
[  120.531549][ T7548]  security_set_bools+0xa0/0x340
[  120.531569][ T7548]  sel_commit_bools_write+0x1ea/0x270
[  120.531631][ T7548]  vfs_writev+0x403/0x8b0
[  120.531657][ T7548]  ? __pfx_sel_commit_bools_write+0x10/0x10
[  120.531761][ T7548]  ? mutex_lock+0xd/0x30
[  120.531782][ T7548]  do_writev+0xe7/0x210
[  120.531809][ T7548]  __x64_sys_writev+0x45/0x50
[  120.531898][ T7548]  x64_sys_call+0x1e9a/0x2ff0
[  120.531916][ T7548]  do_syscall_64+0xd2/0x200
[  120.532004][ T7548]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  120.532025][ T7548]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  120.532091][ T7548]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.532155][ T7548] RIP: 0033:0x7ff375c6ebe9
[  120.532176][ T7548] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.532192][ T7548] RSP: 002b:00007ff3746cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  120.532209][ T7548] RAX: ffffffffffffffda RBX: 00007ff375e95fa0 RCX: 00007ff375c6ebe9
[  120.532222][ T7548] RDX: 0000000000000002 RSI: 00002000000025c0 RDI: 0000000000000003
[  120.532261][ T7548] RBP: 00007ff3746cf090 R08: 0000000000000000 R09: 0000000000000000
[  120.532274][ T7548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.532286][ T7548] R13: 00007ff375e96038 R14: 00007ff375e95fa0 R15: 00007ffceb27e3f8
[  120.532304][ T7548]  </TASK>
[  120.860305][ T7562] loop4: detected capacity change from 0 to 128
[  120.941066][ T7573] syz.4.1343: attempt to access beyond end of device
[  120.941066][ T7573] loop4: rw=2049, sector=145, nr_sectors = 16 limit=128
[  120.963270][ T7573] syz.4.1343: attempt to access beyond end of device
[  120.963270][ T7573] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128
[  121.044316][ T7579] netlink: 'syz.2.1348': attribute type 13 has an invalid length.
[  121.068275][ T7579] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  121.079273][ T7579] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  121.087283][ T7579] gretap1: entered promiscuous mode
[  121.092507][ T7579] gretap1: entered allmulticast mode
[  121.099095][ T7583] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=27 sclass=netlink_route_socket pid=7583 comm=syz.2.1348
[  121.119326][ T7581] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1349'.
[  121.128431][ T7581] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1349'.
[  122.408303][ T7627] FAULT_INJECTION: forcing a failure.
[  122.408303][ T7627] name failslab, interval 1, probability 0, space 0, times 0
[  122.421123][ T7627] CPU: 0 UID: 0 PID: 7627 Comm: syz.3.1362 Not tainted 6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[  122.421149][ T7627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  122.421167][ T7627] Call Trace:
[  122.421173][ T7627]  <TASK>
[  122.421181][ T7627]  __dump_stack+0x1d/0x30
[  122.421216][ T7627]  dump_stack_lvl+0xe8/0x140
[  122.421235][ T7627]  dump_stack+0x15/0x1b
[  122.421251][ T7627]  should_fail_ex+0x265/0x280
[  122.421272][ T7627]  ? __se_sys_mount+0xef/0x2e0
[  122.421332][ T7627]  should_failslab+0x8c/0xb0
[  122.421394][ T7627]  __kmalloc_cache_noprof+0x4c/0x320
[  122.421421][ T7627]  ? __fget_files+0x184/0x1c0
[  122.421445][ T7627]  __se_sys_mount+0xef/0x2e0
[  122.421499][ T7627]  ? fput+0x8f/0xc0
[  122.421521][ T7627]  ? ksys_write+0x192/0x1a0
[  122.421540][ T7627]  __x64_sys_mount+0x67/0x80
[  122.421562][ T7627]  x64_sys_call+0x2b4d/0x2ff0
[  122.421613][ T7627]  do_syscall_64+0xd2/0x200
[  122.421634][ T7627]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  122.421656][ T7627]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  122.421680][ T7627]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.421714][ T7627] RIP: 0033:0x7ff375c6ebe9
[  122.421779][ T7627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.421793][ T7627] RSP: 002b:00007ff3746cf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  122.421840][ T7627] RAX: ffffffffffffffda RBX: 00007ff375e95fa0 RCX: 00007ff375c6ebe9
[  122.421880][ T7627] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000000
[  122.421927][ T7627] RBP: 00007ff3746cf090 R08: 0000200000000000 R09: 0000000000000000
[  122.421940][ T7627] R10: 0000000000000021 R11: 0000000000000246 R12: 0000000000000001
[  122.421953][ T7627] R13: 00007ff375e96038 R14: 00007ff375e95fa0 R15: 00007ffceb27e3f8
[  122.422020][ T7627]  </TASK>
[  122.625948][ T7630] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1361'.
[  122.785917][ T7638] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1366'.
[  122.836804][ T7644] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7644 comm=syz.4.1370
[  122.967099][ T7657] loop4: detected capacity change from 0 to 128
[  122.978149][ T7657] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  122.986090][ T7657] FAT-fs (loop4): Filesystem has been set read-only
[  123.234081][ T7657] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  123.242091][ T7657] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  123.288344][ T7670] buffer_io_error: 81294 callbacks suppressed
[  123.288360][ T7670] Buffer I/O error on dev loop4, logical block 2065, async page read
[  123.313125][ T7670] Buffer I/O error on dev loop4, logical block 2066, async page read
[  123.321258][ T7670] Buffer I/O error on dev loop4, logical block 2067, async page read
[  123.334746][ T7670] Buffer I/O error on dev loop4, logical block 2068, async page read
[  123.343106][ T7670] Buffer I/O error on dev loop4, logical block 2069, async page read
[  123.351619][ T7670] Buffer I/O error on dev loop4, logical block 2070, async page read
[  123.361935][ T7670] Buffer I/O error on dev loop4, logical block 2071, async page read
[  123.372151][ T7670] Buffer I/O error on dev loop4, logical block 2072, async page read
[  123.383499][ T7657] Buffer I/O error on dev loop4, logical block 2065, async page read
[  123.411615][ T7657] Buffer I/O error on dev loop4, logical block 2066, async page read
[  123.473857][ T7679] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  123.496756][ T7679] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  123.520326][ T7683] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  123.520382][ T7679] IPVS: stopping master sync thread 7683 ...
[  124.040221][   T29] kauditd_printk_skb: 767 callbacks suppressed
[  124.040236][   T29] audit: type=1326 audit(1755297445.548:9727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.4.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05988cebe9 code=0x7ffc0000
[  124.077696][ T7719] loop4: detected capacity change from 0 to 128
[  124.088205][ T7707] loop3: detected capacity change from 0 to 128
[  124.103501][   T29] audit: type=1326 audit(1755297445.578:9728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.4.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05988cebe9 code=0x7ffc0000
[  124.127197][   T29] audit: type=1326 audit(1755297445.578:9729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.4.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05988cebe9 code=0x7ffc0000
[  124.150671][   T29] audit: type=1326 audit(1755297445.578:9730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.4.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f05988cebe9 code=0x7ffc0000
[  124.166008][ T7707] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  124.174044][   T29] audit: type=1326 audit(1755297445.578:9731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.4.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05988cebe9 code=0x7ffc0000
[  124.181851][ T7707] FAT-fs (loop3): Filesystem has been set read-only
[  124.205222][   T29] audit: type=1326 audit(1755297445.578:9732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.4.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05988cebe9 code=0x7ffc0000
[  124.235255][   T29] audit: type=1326 audit(1755297445.578:9733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.4.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05988cebe9 code=0x7ffc0000
[  124.258707][   T29] audit: type=1326 audit(1755297445.578:9734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.4.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05988cebe9 code=0x7ffc0000
[  124.282110][   T29] audit: type=1326 audit(1755297445.578:9735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.4.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05988cebe9 code=0x7ffc0000
[  124.303098][ T7707] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  124.305643][   T29] audit: type=1326 audit(1755297445.578:9736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.4.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05988cebe9 code=0x7ffc0000
[  124.313425][ T7707] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  124.752283][ T7737] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1394'.
[  125.054829][ T7740] loop4: detected capacity change from 0 to 128
[  125.123493][ T7740] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  125.131361][ T7740] FAT-fs (loop4): Filesystem has been set read-only
[  125.138292][ T7740] bio_check_eod: 40825 callbacks suppressed
[  125.138308][ T7740] syz.4.1395: attempt to access beyond end of device
[  125.138308][ T7740] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  125.161109][ T7740] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  125.169107][ T7740] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  125.179908][ T7740] syz.4.1395: attempt to access beyond end of device
[  125.179908][ T7740] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  125.194530][ T7740] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  125.202401][ T7740] syz.4.1395: attempt to access beyond end of device
[  125.202401][ T7740] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  125.216243][ T7740] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  125.224103][ T7740] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  125.232144][ T7740] syz.4.1395: attempt to access beyond end of device
[  125.232144][ T7740] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  125.245752][ T7740] syz.4.1395: attempt to access beyond end of device
[  125.245752][ T7740] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  125.259395][ T7740] syz.4.1395: attempt to access beyond end of device
[  125.259395][ T7740] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  125.273283][ T7740] syz.4.1395: attempt to access beyond end of device
[  125.273283][ T7740] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  125.340782][ T7745] syz.4.1395: attempt to access beyond end of device
[  125.340782][ T7745] loop4: rw=0, sector=2065, nr_sectors = 1 limit=128
[  125.373107][ T7745] syz.4.1395: attempt to access beyond end of device
[  125.373107][ T7745] loop4: rw=0, sector=2066, nr_sectors = 1 limit=128
[  125.404750][ T7745] syz.4.1395: attempt to access beyond end of device
[  125.404750][ T7745] loop4: rw=0, sector=2067, nr_sectors = 1 limit=128
[  125.405618][ T7744] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.496890][ T7744] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.546216][ T7744] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.638241][ T7744] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.667679][ T7769] loop3: detected capacity change from 0 to 128
[  125.711485][   T31] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  125.739973][   T31] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  125.752878][   T31] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  125.796869][   T31] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  125.876787][ T7780] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  126.143573][ T7787] random: crng reseeded on system resumption
[  126.181463][ T7796] loop4: detected capacity change from 0 to 2048
[  126.397341][ T7782] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  126.471352][   T31] syzkaller0: tun_net_xmit 76
[  126.476276][   T31] syzkaller0: tun_net_xmit 48
[  126.485443][ T7804] syzkaller0: create flow: hash 3328507449 index 1
[  126.493412][ T3386] syzkaller0: tun_net_xmit 76
[  126.512787][ T7804] syzkaller0: delete flow: hash 3328507449 index 1
[  126.591395][ T7808] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1413'.
[  126.625410][ T7808] loop3: detected capacity change from 0 to 512
[  126.640810][ T7808] EXT4-fs (loop3): 1 truncate cleaned up
[  126.647121][ T7808] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.678618][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.741909][ T7812] loop3: detected capacity change from 0 to 128
[  126.752505][ T7812] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  126.760433][ T7812] FAT-fs (loop3): Filesystem has been set read-only
[  126.767886][ T7812] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  126.775961][ T7812] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  126.880924][ T7825] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  126.962062][ T7827] random: crng reseeded on system resumption
[  127.152623][ T7843] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  127.188373][ T7841] FAULT_INJECTION: forcing a failure.
[  127.188373][ T7841] name failslab, interval 1, probability 0, space 0, times 0
[  127.201077][ T7841] CPU: 0 UID: 0 PID: 7841 Comm: syz.1.1425 Not tainted 6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[  127.201138][ T7841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  127.201151][ T7841] Call Trace:
[  127.201158][ T7841]  <TASK>
[  127.201166][ T7841]  __dump_stack+0x1d/0x30
[  127.201236][ T7841]  dump_stack_lvl+0xe8/0x140
[  127.201253][ T7841]  dump_stack+0x15/0x1b
[  127.201300][ T7841]  should_fail_ex+0x265/0x280
[  127.201321][ T7841]  ? percpu_ref_init+0x9c/0x250
[  127.201341][ T7841]  should_failslab+0x8c/0xb0
[  127.201364][ T7841]  ? __pfx_free_ioctx_reqs+0x10/0x10
[  127.201453][ T7841]  __kmalloc_cache_noprof+0x4c/0x320
[  127.201483][ T7841]  ? __pfx_free_ioctx_reqs+0x10/0x10
[  127.201509][ T7841]  percpu_ref_init+0x9c/0x250
[  127.201575][ T7841]  ioctx_alloc+0x208/0x4e0
[  127.201594][ T7841]  ? fput+0x8f/0xc0
[  127.201617][ T7841]  __se_sys_io_setup+0x6b/0x1b0
[  127.201636][ T7841]  __x64_sys_io_setup+0x31/0x40
[  127.201701][ T7841]  x64_sys_call+0x2eff/0x2ff0
[  127.201722][ T7841]  do_syscall_64+0xd2/0x200
[  127.201748][ T7841]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  127.201792][ T7841]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  127.201812][ T7841]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.201833][ T7841] RIP: 0033:0x7ff8333febe9
[  127.201849][ T7841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.201873][ T7841] RSP: 002b:00007ff831e46038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  127.201893][ T7841] RAX: ffffffffffffffda RBX: 00007ff833626090 RCX: 00007ff8333febe9
[  127.201907][ T7841] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000aea2
[  127.201920][ T7841] RBP: 00007ff831e46090 R08: 0000000000000000 R09: 0000000000000000
[  127.201991][ T7841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.202004][ T7841] R13: 00007ff833626128 R14: 00007ff833626090 R15: 00007fffa1a7ee18
[  127.202021][ T7841]  </TASK>
[  127.480056][ T7845] random: crng reseeded on system resumption
[  127.920873][ T7858] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.008123][ T7858] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.106015][ T7858] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.158349][ T7864] loop4: detected capacity change from 0 to 1024
[  128.165431][ T7864] EXT4-fs: Ignoring removed nomblk_io_submit option
[  128.175294][ T7864] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.176113][ T7858] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.210700][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.235873][ T7874] FAULT_INJECTION: forcing a failure.
[  128.235873][ T7874] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  128.248985][ T7874] CPU: 0 UID: 0 PID: 7874 Comm: syz.1.1435 Not tainted 6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[  128.249041][ T7874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  128.249101][ T7874] Call Trace:
[  128.249107][ T7874]  <TASK>
[  128.249116][ T7874]  __dump_stack+0x1d/0x30
[  128.249137][ T7874]  dump_stack_lvl+0xe8/0x140
[  128.249201][ T7874]  dump_stack+0x15/0x1b
[  128.249218][ T7874]  should_fail_ex+0x265/0x280
[  128.249282][ T7874]  should_fail+0xb/0x20
[  128.249298][ T7874]  should_fail_usercopy+0x1a/0x20
[  128.249318][ T7874]  _copy_from_user+0x1c/0xb0
[  128.249341][ T7874]  ipv6_set_opt_hdr+0x286/0x600
[  128.249361][ T7874]  do_ipv6_setsockopt+0x10b9/0x2160
[  128.249380][ T7874]  ? kstrtoull+0x111/0x140
[  128.249398][ T7874]  ? __rcu_read_unlock+0x4f/0x70
[  128.249417][ T7874]  ? avc_has_perm_noaudit+0x1b1/0x200
[  128.249480][ T7874]  ? selinux_netlbl_socket_setsockopt+0x1f9/0x2d0
[  128.249509][ T7874]  ipv6_setsockopt+0x59/0x130
[  128.249557][ T7874]  tcp_setsockopt+0x98/0xb0
[  128.249575][ T7874]  sock_common_setsockopt+0x66/0x80
[  128.249606][ T7874]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  128.249628][ T7874]  __sys_setsockopt+0x184/0x200
[  128.249701][ T7874]  __x64_sys_setsockopt+0x64/0x80
[  128.249778][ T7874]  x64_sys_call+0x20ec/0x2ff0
[  128.249828][ T7874]  do_syscall_64+0xd2/0x200
[  128.249904][ T7874]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  128.249924][ T7874]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  128.249948][ T7874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.249997][ T7874] RIP: 0033:0x7ff8333febe9
[  128.250013][ T7874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.250030][ T7874] RSP: 002b:00007ff831e67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  128.250047][ T7874] RAX: ffffffffffffffda RBX: 00007ff833625fa0 RCX: 00007ff8333febe9
[  128.250075][ T7874] RDX: 0000000000000039 RSI: 0000000000000029 RDI: 0000000000000003
[  128.250086][ T7874] RBP: 00007ff831e67090 R08: 0000000000000008 R09: 0000000000000000
[  128.250100][ T7874] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000001
[  128.250113][ T7874] R13: 00007ff833626038 R14: 00007ff833625fa0 R15: 00007fffa1a7ee18
[  128.250131][ T7874]  </TASK>
[  128.288574][ T7878] loop4: detected capacity change from 0 to 128
[  128.349296][ T7884] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1440'.
[  128.507153][ T7878] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  128.515057][ T7878] FAT-fs (loop4): Filesystem has been set read-only
[  128.530978][   T31] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  128.541679][ T7878] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  128.549604][ T7878] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  128.554518][   T31] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  128.592948][   T31] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  128.612143][ T7891] buffer_io_error: 107894 callbacks suppressed
[  128.612136][   T31] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  128.612158][ T7891] Buffer I/O error on dev loop4, logical block 2065, async page read
[  128.612179][ T7891] Buffer I/O error on dev loop4, logical block 2066, async page read
[  128.648891][ T7888] loop3: detected capacity change from 0 to 512
[  128.656322][ T7891] Buffer I/O error on dev loop4, logical block 2067, async page read
[  128.664524][ T7891] Buffer I/O error on dev loop4, logical block 2068, async page read
[  128.672718][ T7891] Buffer I/O error on dev loop4, logical block 2069, async page read
[  128.680871][ T7891] Buffer I/O error on dev loop4, logical block 2070, async page read
[  128.689177][ T7891] Buffer I/O error on dev loop4, logical block 2071, async page read
[  128.697302][ T7891] Buffer I/O error on dev loop4, logical block 2072, async page read
[  128.705769][ T7878] Buffer I/O error on dev loop4, logical block 2065, async page read
[  128.713881][ T7878] Buffer I/O error on dev loop4, logical block 2066, async page read
[  128.714235][ T7888] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.742448][ T7888] ext4 filesystem being mounted at /276/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.792307][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.240211][   T29] kauditd_printk_skb: 527 callbacks suppressed
[  129.240227][   T29] audit: type=1326 audit(1755297450.748:10264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.3.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff375c6ebe9 code=0x7ffc0000
[  129.270191][   T29] audit: type=1326 audit(1755297450.748:10265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.3.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff375c6ebe9 code=0x7ffc0000
[  129.293922][   T29] audit: type=1326 audit(1755297450.748:10266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.3.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff375c6ebe9 code=0x7ffc0000
[  129.317440][   T29] audit: type=1326 audit(1755297450.748:10267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.3.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff375c6ebe9 code=0x7ffc0000
[  129.341089][   T29] audit: type=1326 audit(1755297450.748:10268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.3.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff375c6ebe9 code=0x7ffc0000
[  129.365027][   T29] audit: type=1326 audit(1755297450.748:10269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.3.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff375c6ebe9 code=0x7ffc0000
[  129.388629][   T29] audit: type=1326 audit(1755297450.748:10270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.3.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff375c6ebe9 code=0x7ffc0000
[  129.412375][   T29] audit: type=1326 audit(1755297450.748:10271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.3.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7ff375c6ebe9 code=0x7ffc0000
[  129.435983][   T29] audit: type=1326 audit(1755297450.758:10272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.3.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff375c6ebe9 code=0x7ffc0000
[  129.459570][   T29] audit: type=1326 audit(1755297450.758:10273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.3.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff375c6ebe9 code=0x7ffc0000
[  129.497745][ T7920] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7920 comm=syz.1.1453
[  129.510472][ T7920] netlink: 'syz.1.1453': attribute type 32 has an invalid length.
[  129.518366][ T7920] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1453'.
[  129.527389][ T7920] (unnamed net_device) (uninitialized): option coupled_control: invalid value (110)
[  129.553291][ T7925] loop4: detected capacity change from 0 to 1024
[  129.560572][ T7925] EXT4-fs: Ignoring removed nomblk_io_submit option
[  129.606456][ T7925] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.651770][ T7933] loop3: detected capacity change from 0 to 512
[  129.667030][ T7933] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  129.678736][ T7933] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1458: invalid indirect mapped block 2683928664 (level 1)
[  129.707018][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.724497][ T7933] EXT4-fs (loop3): Remounting filesystem read-only
[  129.731317][ T7933] EXT4-fs (loop3): 1 truncate cleaned up
[  129.737720][ T7933] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.910204][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.925148][ T7947] loop4: detected capacity change from 0 to 512
[  129.926915][ T7949] loop3: detected capacity change from 0 to 128
[  129.938043][ T7947] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  129.939505][ T7949] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  129.959332][ T7947] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.961610][ T7949] ext4 filesystem being mounted at /279/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  130.031884][ T7947] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 3: comm syz.4.1464: path /260/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  130.035248][ T7955] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  130.054151][ T7947] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 12: comm syz.4.1464: path /260/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  130.081590][ T7947] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 13: comm syz.4.1464: path /260/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  130.103226][ T7947] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 14: comm syz.4.1464: path /260/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  130.130153][ T7956] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1466'.
[  130.130171][ T3306] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  130.139338][ T7956] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1466'.
[  130.148383][ T7947] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 15: comm syz.4.1464: path /260/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  130.180104][ T7947] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 16: comm syz.4.1464: path /260/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  130.201518][ T7947] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 17: comm syz.4.1464: path /260/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  130.242959][ T7947] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #2: block 18: comm syz.4.1464: lblock 23 mapped to illegal pblock 18 (length 1)
[  130.263290][ T7947] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 19: comm syz.4.1464: path /260/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  130.294676][ T7957] random: crng reseeded on system resumption
[  130.308000][ T7947] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 20: comm syz.4.1464: path /260/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[  130.417488][ T7966] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  130.432767][ T7963] lo speed is unknown, defaulting to 1000
[  130.441427][ T7966] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  130.481026][ T7966] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  130.489594][ T7966] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  130.768135][ T3307] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  130.784469][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.928873][ T7971] binfmt_misc: register: failed to install interpreter file ./file2
[  130.950615][ T7973] FAULT_INJECTION: forcing a failure.
[  130.950615][ T7973] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.963873][ T7973] CPU: 1 UID: 0 PID: 7973 Comm: syz.4.1472 Not tainted 6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[  130.963899][ T7973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  130.963908][ T7973] Call Trace:
[  130.963993][ T7973]  <TASK>
[  130.964000][ T7973]  __dump_stack+0x1d/0x30
[  130.964020][ T7973]  dump_stack_lvl+0xe8/0x140
[  130.964116][ T7973]  dump_stack+0x15/0x1b
[  130.964132][ T7973]  should_fail_ex+0x265/0x280
[  130.964150][ T7973]  should_fail+0xb/0x20
[  130.964209][ T7973]  should_fail_usercopy+0x1a/0x20
[  130.964256][ T7973]  _copy_from_user+0x1c/0xb0
[  130.964281][ T7973]  ___sys_sendmsg+0xc1/0x1d0
[  130.964367][ T7973]  __x64_sys_sendmsg+0xd4/0x160
[  130.964393][ T7973]  x64_sys_call+0x191e/0x2ff0
[  130.964414][ T7973]  do_syscall_64+0xd2/0x200
[  130.964436][ T7973]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  130.964496][ T7973]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  130.964521][ T7973]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.964543][ T7973] RIP: 0033:0x7f05988cebe9
[  130.964558][ T7973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.964575][ T7973] RSP: 002b:00007f059732f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  130.964654][ T7973] RAX: ffffffffffffffda RBX: 00007f0598af5fa0 RCX: 00007f05988cebe9
[  130.964667][ T7973] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000006
[  130.964678][ T7973] RBP: 00007f059732f090 R08: 0000000000000000 R09: 0000000000000000
[  130.964720][ T7973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.964811][ T7973] R13: 00007f0598af6038 R14: 00007f0598af5fa0 R15: 00007ffc365118c8
[  130.964830][ T7973]  </TASK>
[  131.178310][ T7979] loop3: detected capacity change from 0 to 128
[  131.196469][ T7979] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  131.204362][ T7979] FAT-fs (loop3): Filesystem has been set read-only
[  131.210968][ T7979] bio_check_eod: 141738 callbacks suppressed
[  131.210980][ T7979] syz.3.1475: attempt to access beyond end of device
[  131.210980][ T7979] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  131.231733][ T7982] loop4: detected capacity change from 0 to 128
[  131.239037][ T7979] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  131.246909][ T7979] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  131.260243][ T7979] syz.3.1475: attempt to access beyond end of device
[  131.260243][ T7979] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  131.273671][ T7979] syz.3.1475: attempt to access beyond end of device
[  131.273671][ T7979] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  131.287031][ T7979] syz.3.1475: attempt to access beyond end of device
[  131.287031][ T7979] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  131.300871][ T7979] syz.3.1475: attempt to access beyond end of device
[  131.300871][ T7979] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  131.327052][ T7983] syz.3.1475: attempt to access beyond end of device
[  131.327052][ T7983] loop3: rw=0, sector=2065, nr_sectors = 1 limit=128
[  131.347963][ T7987] loop4: detected capacity change from 0 to 2048
[  131.355167][ T7983] syz.3.1475: attempt to access beyond end of device
[  131.355167][ T7983] loop3: rw=0, sector=2066, nr_sectors = 1 limit=128
[  131.369039][ T7983] syz.3.1475: attempt to access beyond end of device
[  131.369039][ T7983] loop3: rw=0, sector=2067, nr_sectors = 1 limit=128
[  131.382583][ T7983] syz.3.1475: attempt to access beyond end of device
[  131.382583][ T7983] loop3: rw=0, sector=2068, nr_sectors = 1 limit=128
[  131.396295][ T7983] syz.3.1475: attempt to access beyond end of device
[  131.396295][ T7983] loop3: rw=0, sector=2069, nr_sectors = 1 limit=128
[  131.427301][ T7987]  loop4: p2 p3 p7
[  131.492912][ T7996] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  131.500891][ T7994] loop4: detected capacity change from 0 to 512
[  131.556784][ T7994] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.611006][ T7994] ext4 filesystem being mounted at /267/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  131.662708][ T8000] random: crng reseeded on system resumption
[  131.731253][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.900244][ T8009] loop4: detected capacity change from 0 to 1024
[  131.923172][ T8009] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.109902][ T8023] loop3: detected capacity change from 0 to 2048
[  132.176945][ T8023]  loop3: p2 p3 p7
[  132.216083][ T8009] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  132.293410][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.378131][ T8044] loop4: detected capacity change from 0 to 128
[  132.402231][ T8053] FAULT_INJECTION: forcing a failure.
[  132.402231][ T8053] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  132.415518][ T8053] CPU: 1 UID: 0 PID: 8053 Comm: syz.0.1503 Not tainted 6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[  132.415614][ T8053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  132.415624][ T8053] Call Trace:
[  132.415630][ T8053]  <TASK>
[  132.415638][ T8053]  __dump_stack+0x1d/0x30
[  132.415658][ T8053]  dump_stack_lvl+0xe8/0x140
[  132.415674][ T8053]  dump_stack+0x15/0x1b
[  132.415750][ T8053]  should_fail_ex+0x265/0x280
[  132.415771][ T8053]  should_fail_alloc_page+0xf2/0x100
[  132.415798][ T8053]  __alloc_frozen_pages_noprof+0xff/0x360
[  132.415826][ T8053]  alloc_pages_mpol+0xb3/0x250
[  132.415856][ T8053]  folio_alloc_mpol_noprof+0x39/0x80
[  132.415887][ T8053]  shmem_get_folio_gfp+0x3cf/0xd60
[  132.415974][ T8053]  shmem_fallocate+0x57c/0x840
[  132.416003][ T8053]  vfs_fallocate+0x3b3/0x400
[  132.416028][ T8053]  __x64_sys_fallocate+0x7a/0xd0
[  132.416065][ T8053]  x64_sys_call+0x2514/0x2ff0
[  132.416082][ T8053]  do_syscall_64+0xd2/0x200
[  132.416103][ T8053]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  132.416123][ T8053]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  132.416181][ T8053]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.416202][ T8053] RIP: 0033:0x7fdcf1dcebe9
[  132.416217][ T8053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.416234][ T8053] RSP: 002b:00007fdcf082f038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  132.416250][ T8053] RAX: ffffffffffffffda RBX: 00007fdcf1ff5fa0 RCX: 00007fdcf1dcebe9
[  132.416261][ T8053] RDX: 0000000000800657 RSI: 0000000000000000 RDI: 0000000000000004
[  132.416331][ T8053] RBP: 00007fdcf082f090 R08: 0000000000000000 R09: 0000000000000000
[  132.416351][ T8053] R10: 00000000040000b7 R11: 0000000000000246 R12: 0000000000000001
[  132.416364][ T8053] R13: 00007fdcf1ff6038 R14: 00007fdcf1ff5fa0 R15: 00007ffe82a93778
[  132.416381][ T8053]  </TASK>
[  132.668655][ T8051] loop3: detected capacity change from 0 to 1024
[  132.675950][ T8051] EXT4-fs: Ignoring removed orlov option
[  132.685499][ T8051] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.741925][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.794519][ T8076] loop3: detected capacity change from 0 to 128
[  132.904263][ T8084] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8084 comm=syz.0.1507
[  132.924427][ T8084] tmpfs: Unknown parameter '0x0000000000000009'
[  132.934117][ T8084] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  132.942609][ T8084] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  133.227918][ T8103] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  133.287356][ T8100] FAULT_INJECTION: forcing a failure.
[  133.287356][ T8100] name failslab, interval 1, probability 0, space 0, times 0
[  133.300583][ T8100] CPU: 1 UID: 0 PID: 8100 Comm: syz.2.1511 Not tainted 6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[  133.300608][ T8100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  133.300620][ T8100] Call Trace:
[  133.300626][ T8100]  <TASK>
[  133.300633][ T8100]  __dump_stack+0x1d/0x30
[  133.300652][ T8100]  dump_stack_lvl+0xe8/0x140
[  133.300685][ T8100]  dump_stack+0x15/0x1b
[  133.300700][ T8100]  should_fail_ex+0x265/0x280
[  133.300717][ T8100]  ? __se_sys_memfd_create+0x1cc/0x590
[  133.300759][ T8100]  should_failslab+0x8c/0xb0
[  133.300783][ T8100]  __kmalloc_cache_noprof+0x4c/0x320
[  133.300813][ T8100]  __se_sys_memfd_create+0x1cc/0x590
[  133.300879][ T8100]  __x64_sys_memfd_create+0x31/0x40
[  133.300900][ T8100]  x64_sys_call+0x2abe/0x2ff0
[  133.300988][ T8100]  do_syscall_64+0xd2/0x200
[  133.301086][ T8100]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  133.301155][ T8100]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.301212][ T8100] RIP: 0033:0x7fcba253ebe9
[  133.301225][ T8100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.301290][ T8100] RSP: 002b:00007fcba0f9ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  133.301310][ T8100] RAX: ffffffffffffffda RBX: 00000000000005b1 RCX: 00007fcba253ebe9
[  133.301324][ T8100] RDX: 00007fcba0f9eef0 RSI: 0000000000000000 RDI: 00007fcba25c27e8
[  133.301337][ T8100] RBP: 0000200000001000 R08: 00007fcba0f9ebb7 R09: 00007fcba0f9ee40
[  133.301348][ T8100] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[  133.301410][ T8100] R13: 00007fcba0f9eef0 R14: 00007fcba0f9eeb0 R15: 00002000000002c0
[  133.301425][ T8100]  </TASK>
[  133.474912][ T8100] netlink: 'syz.2.1511': attribute type 27 has an invalid length.
[  133.626594][ T8107] random: crng reseeded on system resumption
[  133.720670][ T8117] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1514'.
[  133.952453][ T8100] macsec0: left promiscuous mode
[  133.998217][ T8100] gretap1: left promiscuous mode
[  134.003567][ T8100] gretap1: left allmulticast mode
[  134.134103][  T787] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  134.156481][  T787] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  134.198814][  T787] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  134.241564][  T787] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  134.301367][   T29] kauditd_printk_skb: 391 callbacks suppressed
[  134.301387][   T29] audit: type=1400 audit(1755297455.808:10665): avc:  denied  { ioctl } for  pid=8132 comm="syz.2.1522" path="socket:[18823]" dev="sockfs" ino=18823 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  134.390858][   T29] audit: type=1400 audit(1755297455.858:10666): avc:  denied  { create } for  pid=8135 comm="syz.0.1523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  134.411085][   T29] audit: type=1400 audit(1755297455.858:10667): avc:  denied  { setopt } for  pid=8135 comm="syz.0.1523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  134.430845][   T29] audit: type=1400 audit(1755297455.858:10668): avc:  denied  { create } for  pid=8135 comm="syz.0.1523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  134.450561][   T29] audit: type=1400 audit(1755297455.878:10669): avc:  denied  { sys_module } for  pid=8132 comm="syz.2.1522" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  134.542486][ T8143] FAULT_INJECTION: forcing a failure.
[  134.542486][ T8143] name failslab, interval 1, probability 0, space 0, times 0
[  134.555335][ T8143] CPU: 1 UID: 0 PID: 8143 Comm: syz.0.1524 Not tainted 6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[  134.555383][ T8143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  134.555395][ T8143] Call Trace:
[  134.555457][ T8143]  <TASK>
[  134.555466][ T8143]  __dump_stack+0x1d/0x30
[  134.555484][ T8143]  dump_stack_lvl+0xe8/0x140
[  134.555499][ T8143]  dump_stack+0x15/0x1b
[  134.555530][ T8143]  should_fail_ex+0x265/0x280
[  134.555586][ T8143]  ? __se_sys_mount+0xef/0x2e0
[  134.555604][ T8143]  should_failslab+0x8c/0xb0
[  134.555624][ T8143]  __kmalloc_cache_noprof+0x4c/0x320
[  134.555676][ T8143]  ? memdup_user+0x99/0xd0
[  134.555703][ T8143]  __se_sys_mount+0xef/0x2e0
[  134.555721][ T8143]  ? fput+0x8f/0xc0
[  134.555743][ T8143]  ? ksys_write+0x192/0x1a0
[  134.555810][ T8143]  __x64_sys_mount+0x67/0x80
[  134.555839][ T8143]  x64_sys_call+0x2b4d/0x2ff0
[  134.555860][ T8143]  do_syscall_64+0xd2/0x200
[  134.555884][ T8143]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  134.555903][ T8143]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  134.555999][ T8143]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.556016][ T8143] RIP: 0033:0x7fdcf1dcebe9
[  134.556029][ T8143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.556043][ T8143] RSP: 002b:00007fdcf082f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  134.556143][ T8143] RAX: ffffffffffffffda RBX: 00007fdcf1ff5fa0 RCX: 00007fdcf1dcebe9
[  134.556156][ T8143] RDX: 0000200000000200 RSI: 0000200000000580 RDI: 0000000000000000
[  134.556176][ T8143] RBP: 00007fdcf082f090 R08: 0000200000000240 R09: 0000000000000000
[  134.556216][ T8143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  134.556294][ T8143] R13: 00007fdcf1ff6038 R14: 00007fdcf1ff5fa0 R15: 00007ffe82a93778
[  134.556309][ T8143]  </TASK>
[  134.847327][   T29] audit: type=1400 audit(1755297456.258:10670): avc:  denied  { read write } for  pid=8130 comm="syz.1.1521" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  134.872252][   T29] audit: type=1400 audit(1755297456.258:10671): avc:  denied  { open } for  pid=8130 comm="syz.1.1521" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  134.917344][   T29] audit: type=1400 audit(1755297456.358:10672): avc:  denied  { kexec_image_load } for  pid=8132 comm="syz.2.1522" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  134.937526][   T29] audit: type=1326 audit(1755297456.428:10673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8147 comm="syz.3.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff375c6ebe9 code=0x7ffc0000
[  134.961402][   T29] audit: type=1326 audit(1755297456.428:10674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8147 comm="syz.3.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff375c6ebe9 code=0x7ffc0000
[  134.985467][ T8148] loop3: detected capacity change from 0 to 128
[  134.996429][ T8150] FAULT_INJECTION: forcing a failure.
[  134.996429][ T8150] name failslab, interval 1, probability 0, space 0, times 0
[  135.009275][ T8150] CPU: 0 UID: 0 PID: 8150 Comm: syz.4.1527 Not tainted 6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[  135.009306][ T8150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  135.009316][ T8150] Call Trace:
[  135.009360][ T8150]  <TASK>
[  135.009367][ T8150]  __dump_stack+0x1d/0x30
[  135.009386][ T8150]  dump_stack_lvl+0xe8/0x140
[  135.009401][ T8150]  dump_stack+0x15/0x1b
[  135.009461][ T8150]  should_fail_ex+0x265/0x280
[  135.009483][ T8150]  should_failslab+0x8c/0xb0
[  135.009573][ T8150]  kmem_cache_alloc_node_noprof+0x57/0x320
[  135.009596][ T8150]  ? __alloc_skb+0x101/0x320
[  135.009622][ T8150]  ? __rcu_read_unlock+0x4f/0x70
[  135.009644][ T8150]  __alloc_skb+0x101/0x320
[  135.009728][ T8150]  netlink_dump+0x10d/0x8a0
[  135.009744][ T8150]  ? __kfree_skb+0x109/0x150
[  135.009758][ T8150]  ? nlmon_xmit+0x4f/0x60
[  135.009844][ T8150]  ? consume_skb+0x49/0x150
[  135.009866][ T8150]  __netlink_dump_start+0x43e/0x520
[  135.009882][ T8150]  ? __pfx_tc_dump_qdisc+0x10/0x10
[  135.009903][ T8150]  rtnetlink_rcv_msg+0x552/0x6d0
[  135.009962][ T8150]  ? __pfx_tc_dump_qdisc+0x10/0x10
[  135.010030][ T8150]  ? __pfx_rtnl_dumpit+0x10/0x10
[  135.010053][ T8150]  ? __pfx_tc_dump_qdisc+0x10/0x10
[  135.010081][ T8150]  netlink_rcv_skb+0x120/0x220
[  135.010149][ T8150]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  135.010174][ T8150]  rtnetlink_rcv+0x1c/0x30
[  135.010197][ T8150]  netlink_unicast+0x5c0/0x690
[  135.010237][ T8150]  netlink_sendmsg+0x58b/0x6b0
[  135.010260][ T8150]  ? __pfx_netlink_sendmsg+0x10/0x10
[  135.010326][ T8150]  __sock_sendmsg+0x145/0x180
[  135.010353][ T8150]  ____sys_sendmsg+0x31e/0x4e0
[  135.010375][ T8150]  ___sys_sendmsg+0x17b/0x1d0
[  135.010441][ T8150]  __x64_sys_sendmsg+0xd4/0x160
[  135.010466][ T8150]  x64_sys_call+0x191e/0x2ff0
[  135.010487][ T8150]  do_syscall_64+0xd2/0x200
[  135.010583][ T8150]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  135.010603][ T8150]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  135.010622][ T8150]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.010639][ T8150] RIP: 0033:0x7f05988cebe9
[  135.010653][ T8150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.010673][ T8150] RSP: 002b:00007f059732f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  135.010693][ T8150] RAX: ffffffffffffffda RBX: 00007f0598af5fa0 RCX: 00007f05988cebe9
[  135.010704][ T8150] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  135.010714][ T8150] RBP: 00007f059732f090 R08: 0000000000000000 R09: 0000000000000000
[  135.010725][ T8150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  135.010735][ T8150] R13: 00007f0598af6038 R14: 00007f0598af5fa0 R15: 00007ffc365118c8
[  135.010830][ T8150]  </TASK>
[  135.295218][ T8156] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  135.327689][ T8157] SELinux:  Context @ is not valid (left unmapped).
[  135.457068][ T8172] random: crng reseeded on system resumption
[  135.494175][ T8177] loop4: detected capacity change from 0 to 1024
[  135.524660][ T8178] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1536'.
[  135.553157][ T8177] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  135.605896][ T8177] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.1531: Invalid block bitmap block 0 in block_group 0
[  135.643892][ T8177] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1531: Failed to acquire dquot type 0
[  135.672157][ T8177] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.1531: Freeing blocks not in datazone - block = 0, count = 4096
[  135.733279][ T8177] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.1531: Invalid inode bitmap blk 0 in block_group 0
[  135.759622][   T31] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 0
[  135.793219][ T8177] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[  135.802838][ T8177] EXT4-fs (loop4): 1 orphan inode deleted
[  135.809756][ T8177] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.933291][ T8171] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1531'.
[  135.973158][ T8171] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1531'.
[  135.982136][ T8171] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1531'.
[  136.320513][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.527991][ T8246] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  136.615063][ T8248] netlink: 'syz.4.1550': attribute type 1 has an invalid length.
[  136.622861][ T8248] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1550'.
[  136.661501][ T8250] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1551'.
[  136.858276][ T8251] random: crng reseeded on system resumption
[  136.958066][ T8276] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1554'.
[  137.358103][ T8290] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1559'.
[  137.433774][ T8276] ==================================================================
[  137.441949][ T8276] BUG: KCSAN: data-race in touch_atime / touch_atime
[  137.448625][ T8276] 
[  137.450935][ T8276] write to 0xffff88812c4efb10 of 4 bytes by task 8277 on cpu 1:
[  137.458553][ T8276]  touch_atime+0x1e8/0x340
[  137.462988][ T8276]  shmem_file_read_iter+0x477/0x540
[  137.468189][ T8276]  copy_splice_read+0x43f/0x660
[  137.473140][ T8276]  splice_direct_to_actor+0x290/0x680
[  137.478510][ T8276]  do_splice_direct+0xda/0x150
[  137.483438][ T8276]  do_sendfile+0x380/0x650
[  137.487858][ T8276]  __x64_sys_sendfile64+0x105/0x150
[  137.493059][ T8276]  x64_sys_call+0x2bb0/0x2ff0
[  137.497731][ T8276]  do_syscall_64+0xd2/0x200
[  137.502227][ T8276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.508199][ T8276] 
[  137.510511][ T8276] read to 0xffff88812c4efb10 of 4 bytes by task 8276 on cpu 0:
[  137.518041][ T8276]  touch_atime+0x194/0x340
[  137.522488][ T8276]  shmem_file_read_iter+0x477/0x540
[  137.527678][ T8276]  copy_splice_read+0x43f/0x660
[  137.532536][ T8276]  splice_direct_to_actor+0x290/0x680
[  137.537908][ T8276]  do_splice_direct+0xda/0x150
[  137.542668][ T8276]  do_sendfile+0x380/0x650
[  137.547093][ T8276]  __x64_sys_sendfile64+0x105/0x150
[  137.552476][ T8276]  x64_sys_call+0x2bb0/0x2ff0
[  137.557149][ T8276]  do_syscall_64+0xd2/0x200
[  137.561674][ T8276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.567558][ T8276] 
[  137.569890][ T8276] value changed: 0x37ed3aa2 -> 0x3885d124
[  137.575686][ T8276] 
[  137.578000][ T8276] Reported by Kernel Concurrency Sanitizer on:
[  137.584145][ T8276] CPU: 0 UID: 0 PID: 8276 Comm: syz.4.1554 Not tainted 6.17.0-rc1-syzkaller-00165-gee94b00c1a64 #0 PREEMPT(voluntary) 
[  137.597000][ T8276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  137.607140][ T8276] ==================================================================