last executing test programs:

1m26.923438696s ago: executing program 3 (id=96):
mknodat(0xffffffffffffff9c, &(0x7f0000000180)='./file5\x00', 0x61c0, 0x700)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$null(0xffffffffffffff9c, 0x0, 0x581440, 0x0)
syz_clone(0x20000000, &(0x7f000000b340)="ed2d579aa95fca520cee3b7df6f7b2345df846fc2c7af344f4da1aa4b8032a3cc884117057f4095be844588580e8b2fe", 0x30, &(0x7f000000b380), &(0x7f000000b3c0), &(0x7f000000b400)="a1afcd904c76ad5a006c5b7fd2569bf076c81702c7f10e274b30618979d8a93b11033c71378c926bec8f5bd0ae771765b633504035e5a19ff84f6017284de32a2dc8b033c89bcd2641ea4f4e5df9afe632518b2c2a2e637a6ed6e623e43915eb5b6a16eec8b340c9f762941f495164e622d60d4b2923217cbe900a47d72b9782e24fb873bf940bec5d7d1080359165a64ea67c6c328146d411c02368e0c5e4d37081cbb3876dc708db342c1170d0eaba1db4323765051eb2809eda9efa3b7422efa51f82d45695fd2ca18e606a09e7e527c606a81e0f15f8c7f02ebf905862731b99deac54cc9e25072daf3a2a77ca843d02efa961b717e4c0fe0328cc0e1fe1e2c7c08f0cf7ab225b66764622fca04d583ae64e40c059ab7cb9f53b79bf6ad08b14a2b0d25e3756f0737e99af661230189148c427e7b1fcab1c90fd07363b495d194ba1eef1855156542a6d33d634ce889cd8176732b6b27a232eeccec1ad20e3335134ab4b7306bc1965356364713bf6632e50d34270d9f0e0ea1a766bd9e0a5089c865e5cca574d3ee35594626a73d14ff4c343d5daba1544c5354b469b071aeaab49f2c70ad04952782847c6cbc94401e8be7c71cebaa81a50eb817a48809732a4dc410635bc068495a203f7e119370f1f3433e30c687bd217b1304449729304fba4e1fe36f0ec1c34156e53887b8b1672b8c270a931843b693e51d09cd80d2b30eeea99e20ced882f14e8e1af434cc8cff0a4011900de06396157be282124f1314abdf168a9496637cc6b66ecc16a34746d02de4c73d4e66b31cd0d5f592c450b3c081bc2cba06320bb3ad0ba4dbab50e54fdd635ded7d73cdc6cb601d67e552c248e158db61fd6a201426ab123e9fa351825b972be371ea2de0e0c9f823f32d465dd66ad5d694bb098918ed18f13f549d26bfffbc3a6ae550ba3788c973b8182bd5f11fc1ca56592232ffa2dcd58a616d678554279a730765d615db227345bf0b071bc3bc61c3c399a3ce5606a57a57dcdff6383f44d10cb6dce9a79c469ef82dfc93fd06ae68c524c4396ea981910712d2527d248b10f8414da5326f9fc57cafa268a798466b04dda0f3b8ab98c406296f3084c62abc82729505d039fe86b4aa34739fe45a26c66a36a3fa450e72a9a4f59d2ea2f9a7725c724ced9085b49e1c839a00453a0842196a898929d5b1cef6df3200082caa38cedca59b19d147a451a4ba8f990454d1d5fd80c04591064a46de5e8c0096f14111cc0ac3a3c388caa07765c106332b5b75245213cb81487f7fc4c8e62587af949b8cecdd72fa95e9737c3f1515217d11b89e2d84615341499eaf015c3763fd35161e4dc1b1001a9dac222eb5bfe920c65d9c1d298a88a62acc3f2e2962ba60657af0515c50673f32bdb2acabad032306660cf380d4b135eb2c5b5a4f9e6aeabc19d92de9d0582c45a63f530f81c9b2937ccdba61c6bfae415466bf444219eb69cce5457bb22eb301ca49d29c552e7406a2a2032763aae089f7e8753a27a18b91e97e8b4b13854e2cf7b4e90c3d64bce8d931bac49651ece02a339e2d2888f0ac372664471a0c88c0ada07d52ced0bf9b875ce799dfd65e36be91b65a9d8977eaf741e012d294b42ae615e4d920970a6e17d83ac6ea571acf9ade6c3cfe5499de68560a57a69fe20c400170e5a02bc9ab58389891b91e4b7b3940ef9cf292954ad8740e3aec56b613827007dcbe34ce2d494cb9500050b37c2ff7c94aa921d35eb74e66155d7db5fc889299f3fff77579fe83ed6a5d9fcbcc697db268d617f883c09d85cd049cc961b11d6b1c09e4b41cff198c0abf6ab999ad2b837aa9f4c128799298dcd51c7ea948703a7ba615ed750d8b4b4c112c769fe1c07201d1262b3ad38c59af6e02930e869bd57be88066b06612dd34ccb48c510f4a221d874e6d0e267e642a645bce8c8282eb2673839dde4d2aef1fdfde02b22fee25338d8b5322308d2d2198569b087b3221aab4b45fd221ab3c3521554e5920834497c2c81956e054b5cb5c9ee5275334eea17706a6b348f1ef242d685ee8db720189124a6498880dd3b27300c29d2ff3c0889147746b38693453dbf290fce1d10c1863bf75dff954005d23991b63f385b8cf8dc48d5883096221a6a5fd25c14188bf8baf9c0106eb615054f3893f48a882d78a5329a121fe11f71045d66810b279a2700729da2b4ceb3d0ada0855bbcbe13363cabb2eb486cc23658b473ae86699ad26167b58755ee7abb3506f34529e7c2f14f43c9137d70d3e5093edcf69e0db73d6c34c808993fcbd9cf8fa22905249b3d749e1e9cbe0e03ada029d22f341d72d405eed5ac38296913e92efdcfbf27a7a520181f5d443a490dc78e092e0e07c594c30563950bce65fba7f82360e098f820c8fa0e2989b294c2d397f0f6ae162072a77a2ddd9ad38f920b6390c8948d4c059c1e5ebe56fa7a398d147812ed65e5e0219326bbd288c16e8901d8712d6ba2cbf6e2d8da8241afab44e68b6325fb2a72427a2f5ae8d6108b188a23d27423728eb555af4499f7d1a7ea07ec2703835856a1f9e02152028fe4dc65958e8288f37d74e347316e4aceb8dbe46285d75168a654729727d1aac29a11b77cfcd726a99a49b9079ec52c9453b7f1cd8a204f742370d87fd2ebda401cb2a059eecd4fcd5689ae04b9a159ebc184692975e13dce3a8a8625b8c54bdb54758bbd5a32dbd8d432dd3ead60edeb7cdb532d19d6e044ba08d3c65822de302937f87772ec66c54d9b2e0cc5c3de1b30436d08180301716d0798dd7610cc58da7fbc601924617d59ab845fff8b8cd18d7236858eaae7c624bace426790281300a23d9b2b35081131251fb5406e95dbd7c36e93e1a576e8ce4c8c50de26dff77999965bbfb110139bdcadaebe79db19e7110618dbf28cb49734fedd2f21d41e02b413d9ec640b0d6ccde8ad67b598404e0eec33b39e430f2e75d1e2dc72741c084a91239be0644945ee29fbc7bdf4c42cfae3149115631f649409c97555db32e38b4be657134dc719560aea9eb40a4c4579192164156877cec82650b888552998610ac5e634f5740be63c716e2488823309e83944c4ccae3a3be864949cdaa82083ce98570098d194fdd1e644c9f5c43a6713ee157fa4a332816337a5058eb7ebbfe6960e3c9e3fe50b25359b84147af90352eb95369735834881319828f59fbbbc6f0545b6528de63dda2b86a1d935da8eab6ca932fa9dd53789b4c00fd49082d0e6cf74799d96b1c95bb6da90baa1ca118a8c0ad5d282ba16098a4991086d244aa1ceac693f9151b693bd34299b0dab162d26c6514aec2efff4a37ff07706ca50e65d611f400e06104eac651e211f60eed5f449970bd68cbf1d83e39ece80ddb71eb588b588f2d5b9434e636d27821cea7772e9da6ba46813372c3da144ee29ab0fa7a3ed08e5ebb11058be02570e057dc4909c389d9cc87e7d634319e62293eb85e5116b6d67f7f343862ac0312e60125059b9a675bc416c7da4d21e0a1277dbc101bc644dfa2de0861dd9fef04f3c54e95b784c0bd9c96b31ddfae76068ef84c1ac1d700e6b6760872e928513727a0eea89dc25fa0d96ba04334e65d2036cd2051e590ff8483804434f779f2b04d4efd9fed376ea0a9d49a7d2c6a6e995218671a3b16b532b2e3e750916d56296e05bd03079942f644c1ff8fa4e5d3c9cb0e9b1585ccf627b124db5351214cb4eca38e4c803d7080f5b93612dd244159ab8f74994a659aaa7b3396ddbfcbeb7b591e3cff9a814692026d396736f378b293730c363d7f4e8d77151c09ee2d5e293fc15dfc346e7fd375bbd93ecca321f5f5897a15f700181e28af179452138dd131d76ff17fa748bd2fb01bdb8dc05f214b9abf8a86c066d8f124c561b59dc6b4f8c90fc261724dc1bc354313ea52e2889b14719d08f6ec017bf06dda00283699472d7bd0670ea1e48a74fc51bcb6d2e34f649a6418a75f78e0a68a049fc432a0d6a80c11a9dfdb32aca9c3ce854055616c4ba86e73b71b6d016c37e4357da20e298737106d948a0d774af700d310b751e52506015e6cb2216a2274b7e9b2893172a5b555b8b566c37b39b027644e6a54e1fb0085941a16eb9d8b7493bbe8de6dfab4284536a78dc64bdbdc4b76d052cdbff33b27b62e7a6bad6b991ca9c0b45373f64578ab521e116d765f4408f59dcace3e37340e386f50347aa69f90aec51804d2e8beaf77cd80da1a8755de3efb8baca3b2c88cc8366608b3e4f202503880fff311ee283d7aad6a24a7893bc9dcb94fa9b38a013200ac7ccd3acef41fc3d2d0676d7b6082c0a89963c6a21b9e9a6fd80f7bcce72de51163bead6f0dcfc9b8e4647a25fe7ff3238fb870d72670755a1e82c827e7feaf8e10b50b915e74455936bae16fe34474a7f3c48a1792ab7430f675a1f8f77e7b40837fbde0293457eef2c3cd93d3be1d8b8d0a65a99e46e2bffea3079af6b839ea53bf7ea791570ea793ef8afdbcf2cac0c037f8910e2a72207661de535bfbda40ba333c6da8cd09b0c36d0632b10924bf2daceb3df27d9a7f521f0bdb35a189df3648d9b06555ba8a6e5c8ab7617eb955197a8d73b3d20870a7897c33244a1238b470f84721c9aa44a9e9935d49c35a38d3421b2be58b12cc040c395f5d76baf1c2763e95a699e31c8a9da5f7e881157668460c07722615c96c4a8d648b88a0f957a0f818b5996fcc3747f0eb743fdb04d17f9a2b2f5cf1155393fef0e66548f458452a3664fd256e131e5529aa25b05bc353c8e5f440fce07db857ea66df45f0a8619e8a4fd944cb5e725618f79962f5b58fd16aa6fc17a7438d37e63b3326fe32070ef57dd0e7b9680ac4b17ac1eae684178df3e7f6c86af34c4dfeb4d85fdc2cf82c2e1eb0289bb7bd724bf7e609418ba1341f8e501eeee5c97e64af732a8ed19264c4f07baf1d251774b490ac650518f6603e0ecfaa9c757ed21ed1786a46e08e0e495c924ff324dfceb2daa2106e0490bc6f1784876a47d501598bb42f07947c5ec4fca9ee86c24974e4a17b88187821ba478b4454b14ab1c1a43057d159f10ee59cb6474e1a9c45093cdc49097b03df06d657a1251c6fea008da3aaa5e3b8b671ac8b67ede1187582272e6112b318ffde560041a67517d6a8666baac22d290e22cd05c813dd47db23b86d3777df546f03ba18da391ccada3f4d36ecbac6b462fedf3a60b50c0bbda336563e56b6b6b2de3575e33af64c2032aca02a400bab9fb8dc783d400f25d4bc314339705390a71fced982f12f1159a679ca63368cc139915d43d63f11a2b36d5212bd0eb789474bf30be33badb02cb26b6cda96b8c4879df1950d774e7bf07c8f01ac392a8ee91f1c63deb2b66503332aaeb4e2ca9130fe552c11454ac74e07b252a0735ca47fba5142871930a5de24aa863b5abe6141d22f9d35deb30dd5793322e9bceac48e82997ebeb7f59408782d76fe71cdfc0c26289ff1f5cef603474a510de38925d3e267279e33e1ed41c4ef9dd952e529578584ffe35e3112bdde80e771213a732505a4f31b818027d53faf310e20cf805c87c95388a67054cbc5b37d01e18c465e9e2e3c2b8608a00aae999baf22af0bd0f94332ab514e149149dcc25086035f6485ad2d651dbdb77dbf1300893a18b53f315f982e5e4fa16762ae032d68fc0ca2a438596b7d829eda99a88549ab40be983cb9d3f39c93b874de2d2d57b12ac0428b85e86d686a9ab9ff215761786622ab172dcc9c7a6a63d74f2b10a80")
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/locks\x00', 0x0, 0x0)
pread64(r0, &(0x7f00000002c0)=""/124, 0x7c, 0x7)
open(&(0x7f0000000080)='./file1\x00', 0x66842, 0x90)
accept4$tipc(0xffffffffffffffff, &(0x7f000000c440)=@name, 0x0, 0x80800)
statx(0xffffffffffffff9c, &(0x7f000000c500)='./file5\x00', 0x5900, 0x800, &(0x7f000000c540))
openat$vcs(0xffffffffffffff9c, &(0x7f000000c640), 0x442002, 0x0)

1m26.85365698s ago: executing program 3 (id=97):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc0100001900010000000000fddbdf25e0000001000000000000000000000000ac1414bb0000000000ffffffffffffff8003000bffff00000a00800000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000800000000000000000000000000000000000000000000000000002020000000044010500e0000002000000000000000000000000000000003c00000000000000ffffffff000000000000000000000000ff34000002020000000000000000000000000000ac1414aa000000000000000000000000000000003c0000000a0000000000000000000000000000000000000002000000000000000008000000080000fcffffff000000000000000000000000000000000000000032000000000000007f0000010000000000000000009512849bcd851123"], 0x1fc}}, 0x4000)

1m26.468389209s ago: executing program 3 (id=98):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x2481, 0x0)
ioctl$BTRFS_IOC_SUBVOL_SYNC_WAIT(r0, 0x40109441, &(0x7f0000000080)={0x5, 0x4})
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r2, &(0x7f0000000380)=[{{&(0x7f0000000300)={0xa, 0x4e21, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x6}, 0x1c, &(0x7f0000000cc0)=[{&(0x7f00000000c0)='O', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x4e24, 0x5, @local, 0x6}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000d00)='\t', 0x1}], 0x1}}], 0x2, 0x0)
mprotect(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x1)
shutdown(r2, 0x1)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000040)={0x0, 0x4, 0x2, 0xffff, 0x8, 0x80000001}, 0x14)
ioctl$TIOCL_SETSEL(r1, 0x4b52, &(0x7f0000000000)={0x2, {0xc, 0x6, 0x6, 0x6, 0x100}})

1m26.45145238s ago: executing program 3 (id=99):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x880)
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./file0\x00', 0x2004000, &(0x7f0000000180)=ANY=[@ANYRES64=0x0], 0xfe, 0x122e, &(0x7f0000001280)="$eJzs3E1rXFUYB/DHSdrExLyotVpBerAb3VySLNwoSJAUpANK2witINyaiQ65zoTcITAiRldu3fgB3IpLd4K4001c+BncZePShXqlM+lL7GjQau8Qfr/NPMy5f3jO3OHAGebcg5c+fW9rs8w28140Hno5GtsRk7+lSNGIWz6K51/87vtnrly7fmm12Vy7nNLF1avLL6SU5s9/8+YHXz77bW/2ja/mv56K/cW3Dn5e+Wn/7P65g9+vvtsuU7tMnW4v5elGt9vLbxSttNEut7KUXi9aedlK7U7Z2jkyvll0t7f7Ke9szM1s77TKMuWdftpq9VOvm3o7/ZS/k7c7KcuyNDcT3I/1L36pqiqiqk7F6aiqqno4ZqIRj8RczMdCLMaj8Vg8HmfiiTgbT8ZTcW5wVd19AwAAAAAAAAAAAAAAAAAAwMky6vz/7D3n/z+LGHX+/3zNzQMAAAAAAAAAAAAAAAAAAMAJceXa9Uurzeba5ZSmI4pPdtd314evw/HVzWhHEa1YioX4NQan/4eG9elori2lgcX4uNg7zO/trk8czS8PHidwT/7iq8215WE+Hc1Pxczd+ZVYiDOj8yt/yl8Y5KfjuQt35bNYiB/fjm4UsRE3s3fyHy6n9Mprzdv5H/aHc9+o8b4AAADAfylLt43cv2fZX40P88f9PnBzf710Z38eixGH+cl4erLeuRNR9t/fyouitVN7cauj4Tt7ETEmjf3rohERY9DG3xSnjr1mtobGPp+NuI/4xJEv0lh8zmNeTI8aOm7lmPhf1yUejMObPlV3HwAAAAAAAAAAAPwzD+IPhnXPEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mAHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXwUAAP//3m/GvA==")
r1 = open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0xdc)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
io_uring_setup(0x899, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$ARCH_GET_FS(0x1e, r2, &(0x7f00000000c0), 0x1003)
fallocate(r1, 0x0, 0x0, 0x8800000)
syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x8000)
r3 = open(&(0x7f0000000140)='./file1\x00', 0x66842, 0x21)
pwritev2(r3, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1600, 0x0, 0x3)

1m25.0268799s ago: executing program 3 (id=102):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18)
connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1}, 0x18)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000040)=0x4, 0x4)
sendmmsg(r0, &(0x7f0000003e40)=[{{0x0, 0x0, &(0x7f0000000100)}}], 0x1, 0x0)
recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x1, &(0x7f0000000040), 0x0, &(0x7f0000000480)=""/230, 0xe6}}], 0x1, 0x0, 0x0)

1m24.82283363s ago: executing program 3 (id=103):
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x9}, 0x106200, 0x10004, 0x20da, 0x5, 0xa, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000106}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
dup(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
getsockopt$sock_int(r0, 0x1, 0x13, &(0x7f0000000200), &(0x7f0000000240)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x2)
pipe(&(0x7f0000000080))
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="3c34000000000000040100c910fc02000000000000000000000000000107", @ANYRES32=r2], 0x1b0)
setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c00028005001d00000000000500010004000000050015"], 0x4c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x100, 0x70bd28, 0x0, {0x60, 0x0, 0x0, 0x0, {0x5, 0xfff2}, {0xc, 0xffff}, {0x4, 0x4}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_WASH={0x8, 0xd, 0x1}, @TCA_CAKE_MPU={0x8, 0xe, 0xc3}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000000)

1m24.81467902s ago: executing program 32 (id=103):
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x9}, 0x106200, 0x10004, 0x20da, 0x5, 0xa, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000106}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
dup(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
getsockopt$sock_int(r0, 0x1, 0x13, &(0x7f0000000200), &(0x7f0000000240)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x2)
pipe(&(0x7f0000000080))
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="3c34000000000000040100c910fc02000000000000000000000000000107", @ANYRES32=r2], 0x1b0)
setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c00028005001d00000000000500010004000000050015"], 0x4c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x100, 0x70bd28, 0x0, {0x60, 0x0, 0x0, 0x0, {0x5, 0xfff2}, {0xc, 0xffff}, {0x4, 0x4}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_WASH={0x8, 0xd, 0x1}, @TCA_CAKE_MPU={0x8, 0xe, 0xc3}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000000)

4.27776732s ago: executing program 1 (id=845):
io_setup(0x2278, &(0x7f0000000180))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000003200)='./file1\x00', 0x2204206, &(0x7f0000003240)=ANY=[], 0x1, 0x334, &(0x7f0000000880)="$eJzs3M9rI2UYwPEnP5uktMlBFAXpi170MrTRsxikBTFgaRuxFYRpO9GQMSmZUImIbU9exbsnwUPpsbeC+g/04k0vXvbWy8IetofdnWV+NckkadNsuum23w+UefO87zOZH2/KM0MmZ1/+8l21bGllvSnRlJKIiMi5SE6iEoj4y6jbTkqnfXl/+tG/b6+ub3xWKBYXV5RaKqx9kFdKzc79+f2PaX/YyZSc5r4+e5h/cPr66Ztnz9a+rViqYqlaval0tVn/v6lvmobarlhVTall09AtQ1VqltHw+utef9ms7+y0lF7bnsnsNAzLUnqtpapGSzXrqtloKf0bvVJTmqapmYzgKqXDlRW9MGLy1pg3BmMw1SfWaBT0mIike3pKhy9lowAAwK0Srv+jTkk/Uv0vs2797wxu1/9H7/zdnP7ieNav/0+S/er/D//z1tVV/6dEZJT6/ze5Rv3fWxHdLy9U/+N2mEv2hCJdr5z6P+N/fl0HXx3Nuw3qfwAAAAAAAAAAAAAAAAAAAAAAXgXntp21bTsbLIO/9iME/mvcSYPO/5SIpJyzb3P+77LV9Q1JuQ/uOefY/Hm3tFvylk7vU9sjhsxLVp648yGIiW0HTx4pR07+Mvf8/L3dUsztKZSlIqYYsiBZyYXzbXvp0+LigvL4+RePKWU68/OSldf65+e78/33T8p773bka5KVf7akLqZsu/O6nf/TglKffF4M5afdcQAAAAAA3AWautD3+l3TBvV7vzJSKLu3iQbcH/Cur+f7Xp/Hs2/FJ733AAAAAADcD1brh6pumkbjkkZarh4zeiM+3OBkKJK4bHCsYw+H3Z6keyNDZNCYWOiIJQas+fchj2pXI/giRVdXyg+OdniD/R/b+drvjERliKx4eOPnnIC65rsf+DtyEQluGyUHHGdZ7l1P9JKZkBjbfH7j1z8ej+8D8tFxMAOuHnzQERk0M/s2UuFZ5zYSN/k/BwAAAMBktIv+IPJxZ3dkIhsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMA9cyM/6RdqTHofAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNvieQAAAP//lI75aw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x145042, 0x2c)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x100000b, 0x2013, r1, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x3262f)
syz_clone(0x40800000, 0x0, 0x0, 0x0, 0x0, 0x0)

3.703853058s ago: executing program 2 (id=852):
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dc81)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f00000002c0)={[{@abort}, {@noblock_validity}, {@delalloc}, {@errors_remount}, {@auto_da_alloc}, {@inlinecrypt}]}, 0x6, 0x60d, &(0x7f0000000340)="$eJzs3c9rHGUfAPDvzCZ5kzZ90768vLwtigEPLUjTpBarXmzrwR4KFuxBxENDk9TQ7Q+aFGwtmIIHBQURr6K9+A94l9y9iaDePAtVpKKg0pXZnWk3yW66ptlskvl8YLPP88zsPs93Z5/MMzN5MgGU1mj2I43YG3HvbBIx0rRsOBoLR/P17v5y81z2SKJWe+XnJJK8rFg/yZ935pnBiPj6RMR/Kivrnbt+48JktdbwdsSh+YtXDs1dv3Fw9uLk+enz05cmDj975Oj4cxNHJtYlzp3588lTLz/2wTtvPDPzTfVgEsfiTP9bU7EsjvUyGqNxLw+xubwvIo5miRafy1azDUIotUr+feyPiP/FSFTquYaRmH2/p40DuqpWiagBJZXo/1BSxTigOLbv4Dg46f6oZOPcOd44AFoZf1/j3EgM1o+NdtxNmo6MGuc2dq9D/Vkdf93c90n2iCXnIX6/v3X61qGedhZuRcT/W8Wf1Nu2ux5pFn+6pB3Zl2A8Igby9r34CG1o/i524zzMatYafxoRx/LnrPzEGusfXZbf6PgBKKfF4/mOfCHLPdj/ZXvjYvwTLcY/wy32XWvR6/1f+/Ffsb8frJ8jT5eNw7Lxz+nWb9lffGaFH947+VG7+pvHf9kjq78YC26EO7ci9i2L/90s2Hz8k8WStNj+2Spnj3VWx0vf/nRySUHTRaNex1+7HbG/5fHPg8OcLLXK9clDM7PV6fHGz5Z1fPnV65+3Kk83QfzZ9t/RJv6m7Z8uf132mVzpsI4vTt++2G7Z8EPjT38cSM7UUwN5yZuT8/NXJyIGklNL3qtefnj1thTrFO+RxX/gydb9f8n3/9bS9xkqfmV24MqrF+62W7aW7d90MflercM2tJPFP/Xw7b+i/2dlH3ZYx2+vXXu83bLV4h96lMAAAAAAAACghNL6NdgkHbufTtOxscZ82f/GjrR6eW7+qZnL1y5NRRyo/z1kf1pc6R5p5JMsP5H/PWyRP7ws/3RE7ImIjytD9fzYucvVqV4HDwAAAAAAAAAAAAAAAAAAAJvEznz+f3Gf6l8rjfn/QEl08wZzwOam/0N51fv/ils8AWVg/w/lpf9Deen/UF76P5SX/g/lpf9Deen/UF76PwAAAABsS3ueWPw+iYiF54fqj8xAvsyMINje+nvdAKBnKr1uANAz9y/9G+xD6XQ0/v8j/+eA3W8O0ANJq8L64KC2eudfbPlKAAAAAAAAAAAAAKAL9u9tP//f3GDY3kz7g/JaZf7/Z2t/KbAV+Nf/UF6O8YGHzeIfbLfA/H8AAAAAAAAAAAAA2DDD9UeSjuVzgYcjTcfGInZFxO7oT2Zmq9PjEfHviPiu0v+vLD/R60YDAAAAAAAAAAAAAAAAAADANjN3/caFyWp1+mpz4s8VJVswsdj5ysVdUDegYS/EP3xVJF3/xHYtLxmKiE2wBbuU6GsqSSIWsi2/KRp2dS42RzPqiR7/YgIAAAAAAAAAAAAAAAAAgBJqmnvc2r5PN7hFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDxHtz/v3uJXscIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGxNfwcAAP//sYBIYw==")

3.274909239s ago: executing program 0 (id=854):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, 0x0, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(r0, 0x0, 0xd2, 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000280)='net/ip_mr_cache\x00')
preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/23, 0x17}], 0x1, 0x8, 0xffffffff)

3.182973104s ago: executing program 0 (id=855):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x10, &(0x7f0000000480)={[{@stripe={'stripe', 0x3d, 0x5}}]}, 0x5, 0x7eb, &(0x7f00000004c0)="$eJzs3c9rXFsdAPDvnUx+mLYmgmDrKiBooGRiamwVXFRciGChoGvbYTINNZNMyUxKEwK1iOBG0OJC0E3XVevOrT+2+i/oRkRaqqbltbzFI487P5KZZCad9E1m3ms+H7jJOffHnPO9P849yT3cCeDUmkl/ZCIuRMTPk4ipxvwkIkZrqWzE1fp6r3a2C+mUxO7u9/6X1NZ5ubNdiJZtYnIyzjQy5yPiLz+JuJg5XG5lc2slXyoV1xv5+erqnfnK5tbc7dX8cnG5uHZ5YXHx0pWvXhnvX6zv/X3r7LNffPtLv7/6/o8/9+Rnf03iapxtLGuNo19mYqa+T2I03YVtvtXvwoYsGXYFeCvppTlSv8rjQkxlY6z3bbMnWTEA4MTcj4hdAOCUSdz/AeCUaf4f4OXOdiGddu8P9/8Rg/b8mxExUY+/+XyzviTbeGY3UXsOOvkyaXvekUTEdB/Kn4mI3/zxB79Npzih55AAnfzoQUTcnJ5ptv/77U9yaMxCXe8DMr7cTBwxOGDmQF77B4Pzp7T/87X9/t/+9ZfZ6/9Eh/7PeIdr923MRPuIk8PXf+ZpH4rpKu3/fWN0f2zbq5b4G6ZHGrlztT7faHLrdqmYtm2fjojZGB1P8wudP742vGz2xQcv2ua2RNza//v/wx8+TstPf++vkXmaPdDkLuWr+X7Ennr+IOLz2U7xJ3vHP+nS/73eYxnf+fpPf91tWRp/Gm9zao//5EeV7T6K+GJ0jr8paYxPbB6GtvGJl+drp8N886To4A//+tVkt/Jbj386peXX/xY4199Au0iP/+TR8U8nreM1K8cv42+Ppv4ce+NJ23WPv6nz+T+WfL+Wbl5K9/LV6vpCxFjy3cPzL+1v28w310/jn/1C5+v/qPM/jeVmj/Fnn/33d92W7cXfnHEo/oaJHgs7pjT+pWMd/46J9E/hLovypSevVka6ld/b8V9MEyOzjTm9tH9da5ovlcZa1nnrHQcAAAAAAAAAAAAAAAAAAAAAAAAAx5CpvaQ0yeT20plMLhe17/D+bExmSuVK9eKt8sbaUv1lptMxOh4RtVddTrW8D3Wh8T78Zv7SgfxXIuIzEfHL8U/V8rlCubQ07OABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOFMl+//T/1nvP779VBrCACciIk3rvGiOJCKAAAD8+b7f0SMn3w9AIDB6en+DwC8U9z/AeD0mcgMuwYAwKBNRGSHXQcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADeadevXUun3dc724U0v3R3c2OlfHduqVhZya1uFHKF8vqd3HK5vFwq5grl1ZZN/9Hp80rl8p3FWNu4N18tVqrzlc2tG6vljbXqjdur+eXijeLowCIDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgN5VNrdW8qVScb2ReDwZ0T5nQImRRoX6+clzZwcdxSASu1P1PfVxqU/fExMH5/x77p/nj9rq4aHTWOIjJ4bZKgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8cnwYAAD//0ldFl4=")
r0 = open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0xdc)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r0, 0x6000)
fallocate(r0, 0x0, 0x0, 0x8800000)
r1 = open(&(0x7f0000000140)='./file1\x00', 0x66842, 0x21)
sendmsg$kcm(r1, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000d80)=[{0x1010, 0x11a, 0xffff, "e9cb320a9c4ccc792bf971c430a96bea38dbbfce45fab12a9d9c972485b08423abbe78cf7b1c711381da69ae981c741e4dcd7731a3db0c82143cc6ef68f2eef0e43c9f2106d001cabf29cd9d4107793e77c8a0419ade623511d771f5a6d2604823278f14ef636fe94a929c2604df25fc7fbe58f0f6348c7624b7f3755def7e590a4fd712cd0f740f42dbfe9ad9597f0d36a2b22446a3bc4af9faf6c5d4a1c13312a8e9d7fb312470b4a1b429ada3efb5e6a46dbfb0f3ba01e610025993eb867953a969a50bb508aac28a363d1c976798cec2a9d290960ef7b2302e19c500161784f2a58f3ae2d43ec025446fc33389cdd944f6a32d65902343eee1e041c34ce67ddf7fb98c4c9191f41f02995a17e0723dd29cf41602a98a67a6ed1eb3c5040ce923e8c8042e90f383bf7fced72a247aeec99b0bcc9da254cb0a86961456736f418f44564ac19c9c18bd54aabda7fbfe3470344f394facd21cdcb092910bb3207462293ce275b7ed5d18300f9285782645484a16444088fb2bd5c5aaf97b2a1df2b353a07e0d83d3f7762f01ee60316a6a21864e31b4ebef687d87c2be7c86365bae00c385e123d29fcf41721fc00c25b3d3209762f9692883c7f3bcbc70726c9f23b563f4b3129b13e46cae9d06abb98c306583e41936fd98274d66a61814cb7abbff5362cf9463a37016b122bed7c1dadba16b310428000e54febb37ca401e5fcc8d2e4eb58534d782c42edc033f33efe252ec00e70e40ab29ee187632543b004e9316f4534219a158e05c0e7e23cad9027a14607b345dbd6e1c90f47ae6a7938677b7f4db592e3d8016ce805e09bc95984dec8f1a3db50cfb5551793f72e5c9667bd09b06c9d7cc8da0e03cfcf5ebfb33316e37949f5489f53db5bf17a924e4bd18c533b65409d694845ec66d9a77ea69e4f77c8a8f9810bd6597f4dc5015a709438c1f337fab19351bc9ca38bbfefefcef9aa2e71634a911c4e8447f09304c43e810fbd2e2b4ba20eef79ce16cf12af714ac98812a3753065aca9d1c5fb50963433293592978d996c126bf26254a6e2cdf45f61f198e5e9a35eb52e4f2e969c4b29d9d5574dca2c27eac5f268026c2cd8b3d2208b66c44d9db5819637d92dc58875ea10892d0cae1660bb0ddca23fdaa2024ac034af449d071a65d2596a7bd7f91b4f734baf58302dedfc47e47bfec8a29a41c85ff9c1c1f615791cc44869c1552da3920ac31d50f95af6859b2afb8655b91d24590317eb9ab54a64109df0ee3fc359dc787221409c414dfe39297ed80c9e463d50b1f145c2b98b439dcdb072ebf2eb81927a7556568233ff0da8585db597ddbcb069c87cac8add47d582f612838d20f59d4744dda20576dbca54e78965a2c5083cd0e8a80cae773c6fe5ea47e9893b91c5521ad8308482ace86c9d78fb275e77f4891f6605980a2455c80f96ef065271af1b85da00c54ab5f09a6bd895b1596077ef8a4957f3a1cd2921f4a783180f034a4c950b187795ec41c09c342dc6c78d7062af717480d23c4a845defcfd83f34166ee656081946534e671825febc2b92035c94a82be15aa049da78b79b87759a1b9d61ee14d3d5bd1003468ef0152c14761575ac3280be2bd94b2fd4b7c4fe5155e32895e16bad3c90ce2e189f75cb1d2254591319ab98fc58b251e6537bec0bc0348a02b2babf7bdf67273551b4e49f6cf34a2aab6e163b1d5a4eb00acf583a5a3d22928ab04a9ca69536392977066afae5e6a8a8fdf6e16e08a0c915c8de3a48da3a20ede90550d3de9c78975141e49b465df121afc257ae42dd31b1bd1a8672a62c6122923b85d445b7de809924c3d4f9bca218850d4b48f55e9a59957e779bb3818928d1b1b88c3bd165e24c9011a6bf8d0aa7b2595be7a266d07746fc6a150dfc1b93e0733480f1771be42f4a20ccfc5889b4bd479571e4f3535fc88182efcd78bc82e1e3b2a2b5f7417b7db80100dfeb0fa3967a1d864dc8df04da35b53172b39c1ced9e8ade0925d1e7028522f09a802fb0573df6a71c962723eef906bc7a8486f105e37d68477af480a5343c05820680182bd783b439387c52f546ff527a443375a1f3b15608d0947927f3b14d6218cd57d5145b2a9773760c83437eed2c2682e9e6fc300aece0ad675bf63eec4a100cea793ca31e9451887b82e2e45f009ca473659ed000069092d98f79dae03b12d8ebffea1118da584b6ba19eb21b29c76ea79f60d7a0308ec44d2e9dbb58845b9e37900e21ae7683baff1dee6563c197bd8f3a5f41c8851b51f7c5cee0e3346401a3ae04d90c908866223690e94c52d6694f0f73482fddbd8914b938f9626a16c0b024af0ce4975d8a597a71025da5eaf3873972bbde2271e695dc67b617e0f4381cef29d91f2bf8f5aa1636ab91e6f0984906aa7c5dbf4294d35f70fc534112a0684bb63d57d10f168bf64f5fd967701b63fde8e7870ac828817f09cd04d82676c433cddcfc85ed98596779499475f80a28f501a51958b012ebd7a065d3363f303e72d354f26cd334194367b663764cc2b799e50c1a35c9a33d50124fd7a93b48129990bc2a4eb6ab6221c9c40812cdad89369c90a65f1371c2621c89a7f1c2606cae70dee04109948d1b58e68592a549773ce0e1f04aff1b0c40f279abb1b2c95d41920d84a5b6dd0f125c31871fa596a3ef33e91ec46f18ff470a75d308f4eeee5c4acc3d8e78172e9330d4bcf3f33f9271ed3b38b60d4fd6f99c27c1daa092b5d0956a5e34f2f93d92368cb413fc98188013bada9647ed14f4470397fa60a555909c2c614112925d64d260c9dc0d95824c0e68f35f228a843407402fb47713b1de0b7f255fd9cd02b7244b4fc864336452be9be62257d49aee9a79e424a5a85156fba8c1bf7fd3f1e4ee5ce057cd304621f04bac6d5153d94d8f6d4879f654fe8f2da94542b22c98845f74ca1beca0ea164af6c50ad32fd355d3072610d025729d81b72829c5100505e0f9a5de84ac5758de8bcbc0fe60f0835a3520a59f8fb2a3e00f8641c36a9dff25518a4866362efc2192042538805c88ed4c7ca9e891868df04cc3670fdaca8e09159faa67ac8e5f23eafcbc42b535bc4e895908822adfa0939ba1cc610c6db55efff959882fdd15226def7996fabefc8329b12815a0462d69204b62fc6a23b5dd93666e53bfa4c8d8bbfa2eda275b966e34cad09ccdca3158e30050d98c05053664f61ab7fe5d3489e991a7367f996a7d4c3c340081128e3bddb7df1801fad18a3c50d4bcfeaf0bd359680444532372d141ae0308258c0c5f482cab73ed5a189d68d4b8955a52e776b4a40d7b33aba241644ce092a0d4a7e3477ca2933c974caf778d2e1af91a7442ab1fd83cb0e7a57bb43fe50eb32f3aadd0e89f0507b45849bdab6d785729a7bffa454fe500cab03efcfab58078dfcfa84be0cad09ab2264cf55f4a4771c8131ea69bd6e8c23cd717a107520ac44b0f2e043c0650dfd09ea2d42c0e51f967c09293e690d77d4d603f0ab1bc12e5716f12a7039646960d1b3e1a3966bec98f7a1677e4ba8beba12e2bb09c6b5d420bff85164a7235f8ca8c7b1b28ce102f4fb76c91a90d90a075912cf83fa6ad7ddee29ee81e84906411dff7216028dc191136490663ffcc2cf631e52226b18a128f3b28349a8a96a1b805d39b1dbb989a718a6552a74f3608116168cd2d4bcc47385e569c148dda8dfadffd813cb113f6f39343c969d4873e1b31b6839c22c67c50162d045a9fbc2e95d5f26c1bfd1554d51f764a3e49e2ee5533c58237a1c276e65751054cf77c8d851a24f918d7667a8f2ab66d46c3faa3e0853d73062f6fca1f49da46c060f6edd81dd0cd7f9c0e622d298ae9c52a6751632ad3d389bb9e04ad47d018e5a9fb756c62b1c95317e231e192f126dc3c26a31efa57aab421f835478fb6d9eef4854679ba33bb6b0407eb912fea81d29d277bb50915d423aae8efdfe3531e5e1a19fe65d4912641c7d67a82f1407e51b57f5f6094f9a84985d912467a5684796069efe2d3d54b908a713edb67f7225374b1f248163aae6baa8962cbca7d65a370db3b0d57c66ee7e54a198bc237e8434b0d73f8681c29c53d4226852f710ba871d6720fa56e176859117578236f95089ee2ef916717a06f242291513467a2f5b2274d06f2ac9a3acd0c155e5d1bf502c83b182fd68e71d9ab884b227262331fd9f081f09ffcba9121288a3e51f4ea2efd11ee8353d210a28e5f2d9cdafa7388da322ba9ace87f410212c7bc6d421568dabab625ab6fbc7ee390c20199eee1f1acc6d8c96bffa6e50b93b058662652b0c7c6c22d816b4b1d75d842eabf241688337d081a67ed31d275a440b0628739af3587576e94ef42d254bd47e9a5a85414984b8c6a9eaf331f084f689c5cf24b4ef54c0b1e0e8461a6fdcc7d2e608e3194997d7c7eb321636c8bd9c92a385c2673341140cc3a4006059553190c2aaa567ce3bf1f43ef998c42a156536cce35e50b64aeccb3e4d784d8f26ba0b0a0680a2faf409af57502255c07bea42bb6870ef23bba48ae6fcfc9d607143463b4e92082ed4625e81d67bb32fda27bee664bcc17a7181bc3b72398dd579d78906b664f79eb2ba7b485cfee1dc7e3244d132538cd6bb8875f6f3f10210378f91f0d629f1cd5583fd05aa47893e55e2fecc80725a5ec50b76df6def5c644c5a30a32bcf6b3a7b5aee00e4edad71bd8056c65a8f930ff84d022ee3b66fd708a5198907b6ce3aaaaf3ca106e326ab496aeeaeadc84804b3b6a86b2496355073d96e84336e13fd43bc5c541c9ff75aed95dad08e250decc1522758487551e457ba9bc8d46ba308d3287255d5091dddc1fd61a5c98fc0bfc331fa43d97e3022bc3acddc352af45655481908930680f4a214718b7d2cb7ed19188a120137dcfd57a8a6ea92c3a8fcd66c79064dea7af2020aff6abad2c7b80513e9e04373cf8752437ab5f61f44dee2917b121ce9bf1fedd15abf0006eee6cdacd0ecc362f0230593468b4b62afae4b8bf8a0c0979ed2d28d7463b02655747ed88165edc8e241c3070924efb270fa67e41575aa16026fecf0404ff2cdbe3d5963902b21ee169363964d066e921d3731b2e8d1b5d7c69003836bedaa5e4479e60d09f39dcdd160b869838d9ccce215713f4d676692e7ef8c795fd1ea5e7a906a66947209cd7654df1b41cc12f6a944bc42f8a62c669cac2962c1c33b6f5efc7e4911c04a022f69b23f97bc2a0bd945788adbe5370a6eb41845009c00ea1949170628024fad765dbb75fa7a6f97764ec4e103bd2937ff9a9ae94b2cacf9f7ea11e22f1e07ad44cf2493cca91021a102a9f951e379089de4ed88105d1446d68ecbadd0c88a6978e5daf8dc6140a201e2ef7c03210e18236c0d484faffc3b856a53d572f59c5df8101619c9c3f5b85529d7dd5958e1a0f7bc6981ee6ee1b12ce17b231f87af38ec7c4676f7f6b4ea6b71f7d4acec2903cb94c6a8688059fa69d9bfa7a9dcc2b8e8fe1f957341179c2b99fde313b43b260c2742b6350400f62ba821e81fba57c3f7334abc1c8aa05699f6ea58667860b73f33d436e29c5ca506a191bf70dc5c9b3da45142ebc97909aa08abbaeb18a470ae78d3a1ed4484730f8cfc20f6ff7c6c5ae28e87c9330a14e85d05735b45a1460863f2954688a07c8437a1ec3a4c337a1c565535b120974f02ca1283380427248b05cc85399639d0e16434a43d2a61a92b591eba644688089c2bd6e4b663cf0b5e1bfa4b835a8df78f1bfb7a8f0558eb167a14b4"}, {0x58, 0x116, 0x4, "8396bc705a3dc0be9dcbb0284900e337e48d25900e73f7363c706e57d94da136f8fda2d0391ec8c16f4e1a27d0280c33b3e208a9b465b8476973618abb8b94f823"}, {0x78, 0x115, 0x4, "e2572e8911678981cc49885c92635ce65bed58b49285a452c499e56413179be87f3462587f49c0417a9a9266b3cf2645b916f8ed90f64b801424448207568e3e44644163a1121659ee0f897435cf5e439e1e566530a251b432ffe7051145681991"}, {0xc8, 0x88, 0x4, "6460e1dedb6a8e483e06eae36d24e6748ee6bf94a537bf1a548ea437a6699415d210414b2b63b45bbc43c0c1a5e95331d12a02769afe85bfb521e9cf887286351977bc2fee6773fc89d7ade3c76b72a0d45457eddcbd96e788cbd72aa173dad1501cbabcd6e2526cb7acbe0c01bdd5785a1c82c1f8c4d18bc70666ad8b320b104b32a2964b98539cdefd5653de9d214bd69bff473252577f742969e9aff29d131d175b2e803d0faa69eb04df1f8997a7a3"}, {0x90, 0x6, 0x8, "f73b003ce8f3b6cf61df32a9c5d7b09f137ae40f05e18fb1ecca68526179180057278d45884c1aa95bafd77d656e753be841374b6b3359aedae61681792edd35a0cb760b1208f829b3f9c77cf965869bf3be91b905e1d1c3b3cf3756c953c88f8b4072a78fcc03054e7d5584906d2a1a803a442741bb9fec9b"}, {0x10, 0x109, 0x3}], 0x1248}, 0x80)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x6000, 0x0, 0x3)

3.167128715s ago: executing program 1 (id=856):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000500)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0xf241f1a146326c4, 0x2, 0x0)
kcmp(r0, r0, 0x5, r1, r2)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x6, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x4580, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x400100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x7, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000009000000000000000500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000040000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2a}, 0x94)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{}, &(0x7f0000000180), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1f, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000010000000000000000000000850000009300000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pidfd_send_signal(0xffffffffffffffff, 0x21, 0x0, 0x0)
waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x40000004, 0x0)

3.05079982s ago: executing program 0 (id=858):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=@newlink={0x34, 0x10, 0x1, 0x170bd27, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2100}, [@IFLA_GROUP={0x8}, @IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x2, 0x0, 0x1, {0x4}}]}]}, 0x34}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

3.003819412s ago: executing program 2 (id=859):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x800, 0x70bd29, 0x25dfdc00, {0x60, 0x0, 0x0, 0x0, {0xfff1, 0xfff2}, {0x1, 0xc}, {0xfff3, 0x8}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_MEMORY={0x8, 0xa, 0x80000000}, @TCA_CAKE_INGRESS={0x8}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x44045}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000084)
close(r2)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000480), 0x600000, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})

2.938344796s ago: executing program 2 (id=860):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a30000000002c0000001b0a05000001000000000000010000000900010073797a30000000000c0002"], 0x74}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000240), 0x3af4701e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, r1, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000280)={'syztnl1\x00', &(0x7f00000001c0)={'syztnl1\x00', <r3=>0x0, 0x2f, 0xd, 0x1, 0x40, 0x38, @remote, @remote, 0x11, 0x7800, 0x7fff, 0x5}})
sendmsg$nl_route(r1, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@ipv6_newroute={0x3c, 0x18, 0x200, 0x70bd25, 0x25dfdbfc, {0xa, 0x0, 0x0, 0x80, 0xff, 0x3, 0xfd, 0x2}, [@RTA_IIF={0x8, 0x3, r3}, @RTA_ENCAP={0x10, 0x16, 0x0, 0x1, @ILA_ATTR_LOCATOR={0xc, 0x1, 0x8a0}}, @RTA_PRIORITY={0x8, 0x6, 0x37c}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000)
sendmsg$AUDIT_SET_FEATURE(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, 0x3fa, 0x300, 0x70bd2a, 0x25dfdbfe, {0x1, 0x0, 0x1}, ["", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x808}, 0x24000041)

2.678251068s ago: executing program 2 (id=861):
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x63, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0xfffffffd, 0xfc}, 0x0, 0x0, 0x800000, 0x6, 0x2, 0xcb, 0xffff, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xfff7ffffffffffff, 0xffffffffffffffff, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_procfs(0x0, &(0x7f0000000540)='net/udp6\x00')
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x520, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0xa98, 0x3}, 0x0, 0x10000, 0x20, 0x5, 0x6, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x2000000020000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$inet6(0xa, 0x5, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0)

1.712021696s ago: executing program 0 (id=864):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x42718, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0x1, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000011c0)=@newtaction={0xe6c, 0x30, 0x25, 0x0, 0x0, {}, [{0xe58, 0x1, [@m_pedit={0xe54, 0x1, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x4}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xe4ffffff}, {}, {}, {}, {0xfffffffe}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x5}, {0x9}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x20}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x8000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x10001}], [{}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe6c}}, 0x0)

1.62373274s ago: executing program 4 (id=865):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc0100001900010000000000fddbdf25e0000001000000000000000000000000ac1414bb00000000000080ffffff00000003000bffff00000a00800000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000800000000000000000000000000000000000000000000000000002020000000044010500e0000002000000000000000000000000000000003c00000000000000ffffffff000000000000000000000000ff34000002020000000000000000000000000000ac1414aa000000000000000000000000000000003c0000000a0000000000000000000000000000000000000002000000000000000008000000080000fcffffff000000000000000000000000000000000000000032000000000000007f0000010000000000000000009512849bcd851123"], 0x1fc}}, 0x4000)

1.62356122s ago: executing program 4 (id=866):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xc, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000020000000000018020000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000d000000b70000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.620192471s ago: executing program 4 (id=867):
io_setup(0x2278, &(0x7f0000000180))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000003200)='./file1\x00', 0x2204206, &(0x7f0000003240)=ANY=[], 0x1, 0x334, &(0x7f0000000880)="$eJzs3M9rI2UYwPEnP5uktMlBFAXpi170MrTRsxikBTFgaRuxFYRpO9GQMSmZUImIbU9exbsnwUPpsbeC+g/04k0vXvbWy8IetofdnWV+NckkadNsuum23w+UefO87zOZH2/KM0MmZ1/+8l21bGllvSnRlJKIiMi5SE6iEoj4y6jbTkqnfXl/+tG/b6+ub3xWKBYXV5RaKqx9kFdKzc79+f2PaX/YyZSc5r4+e5h/cPr66Ztnz9a+rViqYqlaval0tVn/v6lvmobarlhVTall09AtQ1VqltHw+utef9ms7+y0lF7bnsnsNAzLUnqtpapGSzXrqtloKf0bvVJTmqapmYzgKqXDlRW9MGLy1pg3BmMw1SfWaBT0mIike3pKhy9lowAAwK0Srv+jTkk/Uv0vs2797wxu1/9H7/zdnP7ieNav/0+S/er/D//z1tVV/6dEZJT6/ze5Rv3fWxHdLy9U/+N2mEv2hCJdr5z6P+N/fl0HXx3Nuw3qfwAAAAAAAAAAAAAAAAAAAAAAXgXntp21bTsbLIO/9iME/mvcSYPO/5SIpJyzb3P+77LV9Q1JuQ/uOefY/Hm3tFvylk7vU9sjhsxLVp648yGIiW0HTx4pR07+Mvf8/L3dUsztKZSlIqYYsiBZyYXzbXvp0+LigvL4+RePKWU68/OSldf65+e78/33T8p773bka5KVf7akLqZsu/O6nf/TglKffF4M5afdcQAAAAAA3AWautD3+l3TBvV7vzJSKLu3iQbcH/Cur+f7Xp/Hs2/FJ733AAAAAADcD1brh6pumkbjkkZarh4zeiM+3OBkKJK4bHCsYw+H3Z6keyNDZNCYWOiIJQas+fchj2pXI/giRVdXyg+OdniD/R/b+drvjERliKx4eOPnnIC65rsf+DtyEQluGyUHHGdZ7l1P9JKZkBjbfH7j1z8ej+8D8tFxMAOuHnzQERk0M/s2UuFZ5zYSN/k/BwAAAMBktIv+IPJxZ3dkIhsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMA9cyM/6RdqTHofAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNvieQAAAP//lI75aw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x145042, 0x2c)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x100000b, 0x2013, r0, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x3262f)
syz_clone(0x40800000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.509080926s ago: executing program 1 (id=868):
keyctl$assume_authority(0x10, 0x0) (async)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@bridge_delneigh={0x28, 0x1d, 0x1, 0x70bd2b, 0x25dfdbfb, {0x2, 0x0, 0x0, 0x0, 0x20, 0x89, 0xb}, [@NDA_DST_MAC={0xa, 0x1, @remote}]}, 0x28}, 0x1, 0x0, 0x0, 0x48000}, 0x4008000) (async)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) (async, rerun: 32)
r2 = add_key(&(0x7f0000000000)='rxrpc\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) (async, rerun: 32)
socket$nl_xfrm(0x10, 0x3, 0x6)
keyctl$KEYCTL_MOVE(0x1e, r2, 0x0, 0x0, 0x0) (async)
keyctl$reject(0x13, r2, 0x9, 0xa7a, 0xfffffffffffffffb) (async)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000001140)={0x0, 0x18, 0xfa00, {0x5, &(0x7f00000002c0)={<r3=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @ib_path={0x0, r3}}, 0x20) (async)
r4 = socket$inet6(0xa, 0x1, 0x0)
sendmsg$inet6(r4, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1400000000000000010000000c0000002b00"], 0x30}, 0x0) (async)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000006a00010625bd7000fbdbdf250a0000050000000408000a"], 0x20}, 0x1, 0x0, 0x0, 0x44050}, 0xc044) (async)
socketpair(0x3, 0x4, 0x6, &(0x7f0000000000))

1.467791838s ago: executing program 2 (id=869):
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x63, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, @perf_bp={0x0, 0x3}, 0x2, 0x100, 0x800000, 0x6, 0x2, 0xd1, 0x2, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xfff7ffffffffffff, 0xffffffffffffffff, 0x1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xc, &(0x7f0000000040)=@assoc_value={<r3=>0x0}, &(0x7f0000000000)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f00000000c0)={r3, 0x160}, 0x8)
ioctl$int_in(r0, 0x5452, &(0x7f0000000180)=0xffffffffffffffff)
ppoll(&(0x7f0000000100)=[{r0, 0x8000}], 0x1, 0x0, 0x0, 0x0)
dup2(r0, r1)

1.384612482s ago: executing program 0 (id=870):
munmap(&(0x7f0000aaf000/0x1000)=nil, 0x1000)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10208}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_config_ext={0x100000001, 0xdd5}, 0x0, 0x0, 0x10000, 0x2, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0900000005000000fd0900008400000002000000", @ANYRES32, @ANYBLOB="feffffff00"/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x6c, r0}, 0x38)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000480)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r1, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
brk(0x800000)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="020500090e00000000000000ffdbdf25050006de6a7150f723203bc300000000000a004e220000000920010000000000000000000000000000178000000000000002000100000004d5000104010000000005000500320000000a004e200000000100000000000000000000ffffac1414bbb22d000000"], 0x70}}, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0, 0x9}, 0x102260, 0x10000, 0x0, 0x1, 0xa, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x2000000020000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000200)=@generic={&(0x7f00000001c0)='./file0\x00', 0x0, 0x8}, 0x18)
syz_mount_image$ext4(&(0x7f00000009c0)='ext4\x00', &(0x7f0000000540)='./file0\x00', 0x800718, &(0x7f0000000200)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0x40000ff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x48d, &(0x7f0000000a00)="$eJzs281rHOUfAPDvTLKb9teX5FertrVqtAhBMWnSqr0qFUQqCnqox5hsS+i2kSaKrcWmIp4EKehZPIr+Bd5EEPUkePXkSQpFe2nrKTKTmWSTbl5oNtm0+/nAzD7PzDM7z3fn7dnn2Q2gY/VnsyRiZ0T8ERG9c9nFBfrnXm7duDR2+8alsSRmZ9/8O8nL3bxxaawsWm63o8gMpBHpJ0mxk8WmLlw8M1qv184X+aHps+8OTV24+Oz7Z0dP107Xzo0cO3b0yPALz48815I4s7huHvho8uD+V96++trYyavv/PJdVt+dxfrGOFqlPwv8n9nc0nVPtXpnbbYrn/fk86S7zZVhzboiIjtclfz6742uWDh4vfHyx22tHLChsmdTz/KrZ2aB+1gSay1ZabhnAPe+8kGfff8tp01odmwZ11+c+wKUxX2rmObWdEdalKnMf79tvf6IODnz71fZFBvUDwEA0OizsS9PVKMnPrz97atZ26N3fk0aD+Wvf+bz3cUYSl9E/D8i9kTEAxGxNyIejMjLPhwR+9ZZnzvbP+m1db7lirL2375ibGtx+69s/UVfV5HblcdfSU5N1GuHi89kICo9WX54hX38cPz3z5db19j+y6Zs/2VbsKjHte4lHXTjo9OjUVlP1AuuX4k40N0s/mR+JCCJiP0RcWB+qzUN8OwuExNPf3NwuUKrx7+CFowzzX6dhTeTxT8TS+IvJY3jkxN3jE8ObYt67fBQeVbc6dffPn1juf2vK/4WuF6be204/kuL9CWN47VTrd3/XZ7/aTV5Kx9nrhZjjh+MTk+fH46oJifyfLUomy8fWdi2zJfls/N/4FDz639PsU0W/yMRkZ3Ej0bEYxHxeFH3JyLiyYg4tEKMP7+0evyRtun4X4kYb3r/mz//lxz/CxfPlLfGhSUrJrrO/PT9cvtf2/E/mqcGiiX5/W8VzarT3aTKd/u5AQAAwL0kzX8Dn6SD8+k0HRyc+w3/3vhfWp+cmn7m1OR758bnfivfF5W07OnqLfpD6xP12nAyU7xjJTke9dpI0Vdc9pceKfqNv+janucHxybr422OHTrdjmWu/8xfXe2uHbDBtjddOlLd9IoAbbB0HD1dnL38ergZwP3K/7Whc61y/aebVQ9g83n+Q+dqdv1fXpI3FgD3J89/6Fyuf+hQ6Y/trgHQRp7/0JFW/fN+exLbGpdUVy5c3SJ1blliqx6UPBFRJtItUR+JDUq0+84EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQGv8FAAD//wzw2ao=")
r3 = memfd_create(&(0x7f00000011c0)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xb5\x00\x83y\xf3\xb2\xe6b\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x17?&^\xe1Ob\xe1Y\xd6\xeb\x91\x83;\xeb\xf1\xd0\xe3\xe5\x19T\xff\x01\x00\x00\xe2\x9f\xd9\xae\xcf>/\x05V%$6\x9fU\x86\xbe\xcbx\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xa2c\x12.\xb7\xbe`\'\xcb\xb6\xaf\xdc\xa0D\x93.\xf25\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x06\xb5\xaa\xe6\x05\xe4\xc3\x90\x91\x98\x15\xec\xdb\xaa\t9\x11\xb4\x84$&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfcp\x11\xdai\f{a?\xd0\xe1{\x84\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\xba\xe3J\xc2t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9q\xb6Pr\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xba\xce\xb3%QF\x03\b\x9dh\xcb)\xf4f\x12[\xf9\r\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8\x83\x87+nM\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3\xe8,?\x87\x84\\/y\xed\x01#?\xab\x1c\x11\x00\xc5\x8d\x82\x9c\xd6B[\xc9\x00\xf5]\x81\xf3\xfd\x06M\xbe\xf9\xba\x9em\xe9\"\x03\x933P\xa3\xcc\x9b\f\xa7\x8f\x91O\xc9\xb9\x10M\x8b\xd0\xc0\xb8L\xbd\x1c4\xb59\x988\tgC\xbc\xe0\xc5\xf4\xe0E%\xd9\xd8w\x00k\x042Y\xdc\xc5\xe59\xa95\xd1m\xd8hCuZYi\x10D\xb9\xe6\xff\x04K%yH\xe5W\xfb\x82\xac\x19,\\D\x91T\xfd\x9c\xb8\x8b\x88\xa5\xcc\x8fI\x00\xf0\xc9%\n\xa7\xd6\x0f:\xb0\xf5?\xc3\x88\x1e\xbb-\xa6\xecA\x92\xaf\xa4Xl\v\xa5\xca\v|\xe2L\xac\x80\xc7\x15\x96fh\x83\x15\xc7\xea\xd5\xe8\x89W\x11\xd7oC\xe4\x06\xa8[O\xe6\x1d=\x87\x93\x0f\x87I\xdf\xb1\xeb\x89\x11.\x01\x00\r`\x1e8\x94\v)\x06B\xf0\xed\x91 )y\xb4\xba\xba\xb7\xbc\xc3\xad\xf1\x92/(A=A\x8b\xa5\xb0\x89\x9e5\x12\xa4\x9a\va\xdf\xf4\xea\xc6\xc7\x10g\x1d\xd5\xb0\xbb\xd2\xfc]fC\x8d\x0f\xa6q\x0f\xef\x90\xfe\x94k\xf1\xb8\xfa\xbbb\xb1\x03\x99\xf7\xfd\'\xae\x906\xe0\xaa\xdbtWWH\xa4L\xb5pe,\xdfN\x0f8\t\xe7X_H\xd4\xe3\xb2,oj\xac\xd7\xbd\xd0\xadW\x1f<\xd0\b\x00\x00\x00\x00/ \xe4]@\xf7mA\xe8\xd1\xf4:\xb3\xeb\x81\xb9\x018\x1c\x95%o\x05x\x1a\x90\xf4\x03\xe7\xe9\xa9', 0x7)
ioctl$FS_IOC_RESVSP(r3, 0x4030582b, &(0x7f0000000080)={0x0, 0x0, 0x200000, 0x100000001})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0)
r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f00000000c0))
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x1c}}, 0x840)
write$nci(r5, &(0x7f0000000080)=ANY=[@ANYBLOB="70060908000600060081f9e143e1030604fd"], 0x14)
socket$kcm(0x2, 0x1, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000000)={'lo\x00', 0x1a003})
ioctl$SIOCGIFHWADDR(r4, 0x8927, &(0x7f00000001c0)={'ip6_vti0\x00'})
getrlimit(0x6, &(0x7f00000000c0))
sendmsg$ETHTOOL_MSG_RINGS_GET(0xffffffffffffffff, 0x0, 0x4004010)

1.384330662s ago: executing program 1 (id=871):
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
clock_nanosleep(0x9, 0x0, 0x0, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x5, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x3}, {0x0, 0xa00, 0x40800000000000, 0x1}}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x0, 0x0, 0x3}]}]}, 0xfc}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000740)=@migrate={0xf8, 0x21, 0x1, 0x0, 0xfffffffe, {{@in6=@private0, @in=@remote, 0xfffc, 0x0, 0x0, 0x4, 0xa, 0xe0, 0x80}, 0x2}, [@migrate={0x9c, 0x11, [{@in=@local, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@private2, @in6=@local, 0x33, 0x3, 0x0, 0x2, 0x2, 0x2}, {@in6=@ipv4={'\x00', '\xff\xff', @loopback}, @in6=@ipv4={'\x00', '\xff\xff', @private=0xa010102}, @in=@loopback, @in6=@private2, 0x3c, 0x0, 0x0, 0x0, 0x8, 0x8}]}, @offload={0xc}]}, 0xf8}, 0x1, 0x0, 0x0, 0x800}, 0x42000)

1.319227085s ago: executing program 1 (id=873):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2241, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) (fail_nth: 17)

1.122448275s ago: executing program 5 (id=874):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x4, 0x7ffc0001}]})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000300)=""/233, 0xe9}, {&(0x7f00000005c0)=""/4096, 0x1000}, {&(0x7f0000000240)=""/97, 0x61}, {&(0x7f00000015c0)=""/4096, 0x1000}, {&(0x7f00000001c0)}, {&(0x7f0000000400)=""/52, 0x34}, {&(0x7f00000025c0)=""/255, 0xff}], 0x7)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000200)={0x2, 0x4e20, @multicast2}, 0x10)
sendmsg$inet(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000000c0)="c9", 0x1}], 0x1}, 0x4004045)
sendfile(r0, r1, 0x0, 0x7ffff002)

1.085543837s ago: executing program 5 (id=875):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=@newlink={0x34, 0x10, 0x1, 0x170bd27, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2100}, [@IFLA_GROUP={0x8}, @IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x2, 0x0, 0x1, {0x4}}]}]}, 0x34}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

1.052535109s ago: executing program 5 (id=876):
r0 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001300)=@newtfilter={0x24, 0x2c, 0x1, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x6, 0xf}, {0xd, 0x2}, {0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x804}, 0x0)

987.515962ms ago: executing program 5 (id=877):
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file3\x00', 0xc1c0, 0x0)
linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file2\x00', 0xffffffffffffff9c, &(0x7f0000000700)='./file7\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file3\x00', 0xffffffffffffff9c, &(0x7f00000007c0)='./file7\x00', 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000140)='./file0\x00', 0x121c91e, &(0x7f0000000000), 0x1, 0x4f4, &(0x7f00000006c0)="$eJzs3VFrW9cdAPD/la3McZzZYXvIAsvCkmGHLbIdL4nZQ7bB2J4C27L3zLNlYyxbxpIT24TNYR9gMMY22NOe+lLoByiUfIRSCLTvpS0tpU3ah0LbqOhKShxHiu1EslL794MrnXt0r/7/Y+Gje+49XAVwaJ2JiLMR8bBSqZyPiMF6faa+xGZtqW734P7t6eqSRKVy/ZMkIqnVVTcb2fKex+q79UXEH38X8Ze17FNxS+sbC8lmIb9SXx8tLy6PltY3LswvTs3l5/JLExPjlyevTF6aHHu+hvU9uToQEVd/88G///HKb6++8bNb7974aOSvSb0+4nE72i1JH7NPpNMbESudCNYlvWkLAQD4Nmgc5/84Is7HYPSkR3MAAADAQVL55UB8lURUAAAAgAMrk86BTTK5+jyAgchkcrnaHN7vR3+mUCyVfzpbXF2aqc2VHYpsZna+kB+rzxUeimxSXR9Py4/XL25bn4iIExHxr8Gj6XpuuliY6fbJDwAAADgkjm0b/38+WBv/b/Fl15IDAAAA2meo2wkAAAAAHdcY//d1OQ8AAACgc1z/BwAAgAPt99euVZdK4/evZ26ury4Ub16YyZcWcour07np4spybq5YnEvv2be40/sVisXln8fS6tpoOV8qj5bWN24sFleXyjfmzS4AAACAbjnxo7vvJBGx+Yuj6VJ1pNtJAfuidy8bv9+5PID919PtBICu2dP3P3CgZLudANB1yQ6vt5y882b7cwEAADpj+AfNr//37Dgm2MzsU4pAhzj/B4eX6/9weLn+D4dXNnrCQB4Ot51uAfri1/8rlT0lBAAAtN1AuiSZXER6HmAgMplcLuJ4OibIJrPzhfxYRHw3It4ezH6nuj6e7pnsOGcYAAAAAAAAAAAAAAAAAAAAAAAAAKipVJKoAAAAAAdaRObDpP5b/8OD5wa2nx84knwxmD5HxK3/Xf/P2lS5vDJerf/0UX35v/X6i904gwEAAABs1xinN8bxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANBOD+7fnm4s+xn3419HxFCz+L3Rlz73RTYi+j9LonfLfklE9LQh/uadiDjZLH5STSuG6lk0i3+0jfGPPEf8Y22ID4fZ3Wr/86tm//+ZOJM+N///u5z2UC+udf+XedT/9TSJX607vssYp+691t8y/p2IU73N+79G/KRF/3N2l/H//KeNjVavVf4fMdz0+yd5ItZoeXF5tLS+cWF+cWouP5dfmpgYvzx5ZfLS5Njo7HwhX39sGuOfP3z94bPa398i/tAO7T+3y/Z/fW/t/vdqxeyj3ZPH8UfONv/8T7aIn6l//j+pl6uvDzfKm7XyVqdffev0s9o/06L9O33+I7ts//k//P29XW4KAOyD0vrGwlShkF/paKESHQ/xQoUtf42+PadaPSx6KVrxchaqf9eXII2mhb914J2rR+bdblc7Cl3tlgAAgA54egwMAAAAAAAAAAAAAAAAAAAA7Lf9uJ1YdlvMzfSxHXfPBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABon28CAAD///mD0Oc=")
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000040), 0xffffffffffffffff)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x9}, 0x106200, 0x10004, 0x30da, 0x5, 0xa, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000008}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x10, 0x4, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0x7fffffff}, [@alu={0x4, 0x0, 0x9, 0xa, 0x0, 0x0, 0x1}]}, &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x2e}, 0x94)
r2 = socket$netlink(0x10, 0x3, 0xb)
r3 = semget$private(0x0, 0x5, 0x0)
semop(r3, &(0x7f0000000000)=[{0x3, 0xfff7, 0x1000}], 0x1)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="500000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="00880000000000001e0012800900010069706970000000000c00028006000f00e196"], 0x50}, 0x1, 0x0, 0x0, 0x4008000}, 0x40020)
semop(r3, &(0x7f00000000c0)=[{0x3, 0xa78d, 0x1000}], 0x1)
semtimedop(r3, &(0x7f0000000080)=[{0x1, 0x8, 0x2c00}, {0x3, 0x1, 0x1800}], 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000240)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_MCAST_RATE(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)={0x1c, r6, 0x1, 0x0, 0x25dfdbfe, {{0x53}, {@val={0x8, 0x3, r7}, @void}}}, 0x1c}}, 0x0)
r8 = socket(0xa, 0x5, 0x0)
sendmsg$inet_sctp(r8, &(0x7f00000000c0)={&(0x7f0000000000)=@in6={0xa, 0x4e24, 0xff, @loopback, 0x9}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000080)="1b", 0x1}], 0x1, &(0x7f00000001c0)=[@dstaddrv4={0x18, 0x84, 0x7, @loopback}, @dstaddrv4={0x18, 0x84, 0x7, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x30, 0x4855}, 0x24000052)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(r9, &(0x7f0000000240)={&(0x7f0000000040), 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x64, 0x0, 0x200, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x2, 0x2}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x64}, 0x1, 0x0, 0x0, 0x4}, 0x4000)
sendmsg$NL80211_CMD_SET_PMK(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x7c, r6, 0x400, 0x70bd28, 0x25dfdbff, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x100, 0x7e}}}}, [@NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "128cd63bbe3e2c30e813fdcbb6e9b97e"}, @NL80211_ATTR_PMK={0x14, 0xfe, "66605d05081f1f6752139b970a8af333"}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "20de729ef17d28fc48c13bbf31da0345"}]}, 0x7c}, 0x1, 0x0, 0x0, 0x40}, 0x815)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2fffffffd}, 0xc)
close(r2)
sendmsg$FOU_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="30ba1e00", @ANYRES16=r1, @ANYBLOB="010025bd7000fbdbdf2101000000050002000a00000014000700fe8000000000000000000000000000bb"], 0x30}, 0x1, 0x0, 0x0, 0xc0d4}, 0x4000000)

790.578011ms ago: executing program 1 (id=878):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0xfffffffffffffffd, 0x2002)
r1 = syz_io_uring_setup(0x33a9, &(0x7f0000000200)={0x0, 0x79af, 0x0, 0x2, 0x237}, &(0x7f00000000c0)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
r4 = syz_clone(0xa1302400, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x4, 0x400, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc097, 0x2, @perf_config_ext={0x288}, 0xa216, 0x6, 0x11000, 0x4, 0x9484, 0x2001, 0x400, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x3)
syz_usb_connect$midi(0x5, 0x31, &(0x7f00000000c0)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x7f, 0x499, 0x5007, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1f, 0x1, 0x1, 0x8, 0x80, 0x0, "", {{{0x9, 0x4, 0x0, 0x0, 0x1, 0x1, 0x3, 0x0, 0x9, [], [{{0x9, 0x5, 0x1, 0x8, 0x20, 0x2, 0x2, 0x2, {0x4}}}]}}}}}]}}, &(0x7f0000000380)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x200, 0x0, 0x81, 0x80, 0x40, 0xa}, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
setpgid(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='fd/3\x00')
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x4007, @fd_index=0x3, 0x7fffffffffffffff, 0x0, 0x0, 0x2, 0x1})
io_uring_enter(r1, 0x627, 0x4c1, 0x43, 0x0, 0x0)
write$evdev(r0, &(0x7f0000000040)=[{{}, 0x0, 0x2}], 0x37)

648.488478ms ago: executing program 0 (id=879):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000500)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0xf241f1a146326c4, 0x2, 0x0)
kcmp(r0, r0, 0x5, r1, r2)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x6, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x4580, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x400100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x7, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000009000000000000000500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000040000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2a}, 0x94)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{}, &(0x7f0000000180), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1f, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000010000000000000000000000850000009300000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pidfd_send_signal(0xffffffffffffffff, 0x21, 0x0, 0x0)
waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x40000004, 0x0)

614.28833ms ago: executing program 4 (id=880):
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x63, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0xfffffffd, 0xfc}, 0x0, 0x0, 0x800000, 0x6, 0x2, 0xcb, 0xffff, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xfff7ffffffffffff, 0xffffffffffffffff, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_procfs(0x0, &(0x7f0000000540)='net/udp6\x00')
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x520, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0xa98, 0x3}, 0x0, 0x10000, 0x20, 0x5, 0x6, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x2000000020000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$inet6(0xa, 0x5, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0)

465.665287ms ago: executing program 2 (id=881):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0xfffffffffffffffd, 0x2002)
r1 = syz_io_uring_setup(0x33a9, &(0x7f0000000200)={0x0, 0x79af, 0x0, 0x2, 0x237}, &(0x7f00000000c0)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
r4 = syz_clone(0xa1302400, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x4, 0x400, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc097, 0x2, @perf_config_ext={0x288}, 0xa216, 0x6, 0x11000, 0x4, 0x9484, 0x2001, 0x400, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x3)
syz_usb_connect$midi(0x5, 0x31, &(0x7f00000000c0)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x7f, 0x499, 0x5007, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1f, 0x1, 0x1, 0x8, 0x80, 0x0, "", {{{0x9, 0x4, 0x0, 0x0, 0x1, 0x1, 0x3, 0x0, 0x9, [], [{{0x9, 0x5, 0x1, 0x8, 0x20, 0x2, 0x2, 0x2, {0x4}}}]}}}}}]}}, &(0x7f0000000380)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x200, 0x0, 0x81, 0x80, 0x40, 0xa}, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
setpgid(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='fd/3\x00')
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x4007, @fd_index=0x3, 0x7fffffffffffffff, 0x0, 0x0, 0x2, 0x1})
io_uring_enter(r1, 0x627, 0x4c1, 0x43, 0x0, 0x0)
write$evdev(r0, &(0x7f0000000040)=[{{}, 0x0, 0x2}], 0x37)

363.796403ms ago: executing program 4 (id=882):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0xe00000, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000001a0001970000ff7f0000000080000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\b\x00', @ANYRES32=r0], 0x24}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'pimreg\x00', 0x5005})
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r4=>0x0})
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000001300)={0x6, 0x10, &(0x7f0000000e40)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000300000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000008000000850000001c00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={r6, r4, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[], 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}})

273.393237ms ago: executing program 4 (id=883):
ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x20081, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0, 0x8}, 0x2, 0x0, 0x10ffe, 0x0, 0x2, 0x80000011, 0x1, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x9)
fcntl$notify(0xffffffffffffffff, 0x402, 0x24)
utimensat(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f00000001c0)=ANY=[], 0xff2e)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000c3707bf4000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setresuid(0xee00, 0xee00, 0xee01)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x46, &(0x7f0000000040)={0x0, 0x0}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r3)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_MCE_KILL(0x4e, 0x1, 0x1000000)
sendto$inet6(r5, &(0x7f0000000080)='X', 0x1, 0x20008001, &(0x7f0000000140)={0xa, 0x0, 0x0, @private0, 0x40000000}, 0x1c)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r6 = fsopen(&(0x7f0000000100)='gadgetfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0xe9)
signalfd(r7, &(0x7f00000001c0)={[0x9]}, 0x8)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r8 = open(&(0x7f0000000140)='.\x00', 0x0, 0x112)
getdents(r8, &(0x7f0000001fc0)=""/184, 0xb8)

111.765134ms ago: executing program 5 (id=884):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000002c0)=@raw={'raw\x00', 0xe501, 0x3, 0x1e0, 0x0, 0xa, 0x1000000, 0x0, 0x0, 0x148, 0x230, 0x230, 0x148, 0x223, 0x3, 0x0, {[{{@ip={@dev={0xac, 0x14, 0x14, 0x8}, @private=0xa010100, 0xff, 0xffffffff, 'xfrm0\x00', 'veth1_macvtap\x00', {0xff}, {}, 0x67, 0x1, 0x40}, 0x0, 0x70, 0x90, 0x0, {0x0, 0x98020000}}, @unspec=@TRACE={0x20}}, {{@ip={@broadcast, @broadcast, 0x0, 0xffffffff, 'pimreg0\x00', 'ip6gre0\x00', {0xff}, {0x7f}, 0x1, 0x2, 0x20}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x4, 0x8, 0xd, 'netbios-ns\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x240)

0s ago: executing program 5 (id=885):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000680)={{r2}, &(0x7f00000007c0), &(0x7f0000000640)=r0}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r2}, &(0x7f0000000240), &(0x7f0000000280)='%pS    \x00'}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000001380)={r2, &(0x7f00000004c0)}, 0x20)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x169040, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r5 = socket$kcm(0x29, 0x2, 0x0)
setsockopt$sock_attach_bpf(r5, 0x119, 0x8, &(0x7f0000000000), 0x4)
r6 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_int(r6, 0x0, 0xf, &(0x7f0000000040)=0x7, 0x4)
bind$inet(r6, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="300000001900010000000000000000008020900000110005000000000c00090008001100", @ANYRES32=0x0, @ANYBLOB="080001"], 0x30}}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB="2c00ee072fc57b6dd1b0d8f748e89fd1f04bed5a19d5104adefb084c1ba91c465668503b6ea2ba0a813b06ea3afa973fb0d597d549a2b1cd5cd4a96904b53201269dd77d88ba5be2312fa79452a5be8f1d5b75027a378261d1674070b6dcb0d7aa456ae5"])

kernel console output (not intermixed with test programs):

or -117
[   84.397781][ T5055] EXT4-fs (loop0): 1 orphan inode deleted
[   84.415767][ T5055] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.430878][ T5061] netlink: 840 bytes leftover after parsing attributes in process `syz.5.459'.
[   84.603688][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.659970][ T5064] syzkaller0: entered promiscuous mode
[   84.666321][ T5068] xt_CT: No such helper "netbios-ns"
[   84.669735][ T5064] syzkaller0: entered allmulticast mode
[   84.685194][ T5073] FAULT_INJECTION: forcing a failure.
[   84.685194][ T5073] name failslab, interval 1, probability 0, space 0, times 0
[   84.700802][ T5073] CPU: 1 UID: 0 PID: 5073 Comm: syz.4.464 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[   84.700834][ T5073] Tainted: [W]=WARN
[   84.700840][ T5073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   84.700859][ T5073] Call Trace:
[   84.700865][ T5073]  <TASK>
[   84.700871][ T5073]  __dump_stack+0x1d/0x30
[   84.700954][ T5073]  dump_stack_lvl+0x95/0xd0
[   84.700978][ T5073]  dump_stack+0x15/0x1b
[   84.701078][ T5073]  should_fail_ex+0x263/0x280
[   84.701104][ T5073]  should_failslab+0x8c/0xb0
[   84.701178][ T5073]  __kmalloc_noprof+0xb8/0x4e0
[   84.701199][ T5073]  ? udpv6_init_sock+0xfa/0x1f0
[   84.701260][ T5073]  udpv6_init_sock+0xfa/0x1f0
[   84.701291][ T5073]  inet6_create+0x7fd/0x870
[   84.701312][ T5073]  __sock_create+0x2e4/0x580
[   84.701401][ T5073]  sock_create_kern+0x38/0x50
[   84.701425][ T5073]  udp_sock_create6+0x68/0x3f0
[   84.701451][ T5073]  fou_nl_add_doit+0xda/0x6b0
[   84.701536][ T5073]  genl_family_rcv_msg_doit+0x187/0x1f0
[   84.701563][ T5073]  genl_rcv_msg+0x432/0x470
[   84.701662][ T5073]  ? __pfx_fou_nl_add_doit+0x10/0x10
[   84.701691][ T5073]  netlink_rcv_skb+0x123/0x220
[   84.701739][ T5073]  ? __pfx_genl_rcv_msg+0x10/0x10
[   84.701833][ T5073]  genl_rcv+0x28/0x40
[   84.701913][ T5073]  netlink_unicast+0x5c0/0x690
[   84.701942][ T5073]  netlink_sendmsg+0x5c8/0x6f0
[   84.701978][ T5073]  ? __pfx_netlink_sendmsg+0x10/0x10
[   84.702067][ T5073]  ____sys_sendmsg+0x563/0x5b0
[   84.702098][ T5073]  ___sys_sendmsg+0x195/0x1e0
[   84.702153][ T5073]  __x64_sys_sendmsg+0xd4/0x160
[   84.702183][ T5073]  x64_sys_call+0x194c/0x3020
[   84.702211][ T5073]  do_syscall_64+0x12c/0x370
[   84.702306][ T5073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.702328][ T5073] RIP: 0033:0x7f052f81c799
[   84.702344][ T5073] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   84.702388][ T5073] RSP: 002b:00007f052e277028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   84.702428][ T5073] RAX: ffffffffffffffda RBX: 00007f052fa95fa0 RCX: 00007f052f81c799
[   84.702444][ T5073] RDX: 0000000004000000 RSI: 00002000000002c0 RDI: 0000000000000003
[   84.702459][ T5073] RBP: 00007f052e277090 R08: 0000000000000000 R09: 0000000000000000
[   84.702546][ T5073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   84.702560][ T5073] R13: 00007f052fa96038 R14: 00007f052fa95fa0 R15: 00007fff831c7638
[   84.702581][ T5073]  </TASK>
[   85.007249][ T5078] 8021q: VLANs not supported on vcan0
[   85.025995][   T28] audit: type=1400 audit(1773852876.483:439): avc:  denied  { create } for  pid=5076 comm="syz.1.466" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   85.082104][   T28] audit: type=1400 audit(1773852876.483:440): avc:  denied  { write } for  pid=5076 comm="syz.1.466" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   85.114510][   T28] audit: type=1400 audit(1773852876.513:441): avc:  denied  { read write } for  pid=3315 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   85.139365][   T28] audit: type=1400 audit(1773852876.513:442): avc:  denied  { open } for  pid=3315 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   85.181784][   T28] audit: type=1400 audit(1773852876.513:443): avc:  denied  { ioctl } for  pid=3315 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   85.207602][   T28] audit: type=1400 audit(1773852876.533:444): avc:  denied  { open } for  pid=5080 comm="syz.0.470" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   85.252801][   T28] audit: type=1400 audit(1773852876.533:445): avc:  denied  { perfmon } for  pid=5080 comm="syz.0.470" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   85.276861][ T5096] loop1: detected capacity change from 0 to 2048
[   85.279732][ T5097] loop5: detected capacity change from 0 to 2048
[   85.290897][ T5096] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   85.339260][ T5097] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   85.359366][ T5096] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.380055][ T5097] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.409698][ T5085] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   85.418938][ T5085] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   85.431868][ T5104] loop4: detected capacity change from 0 to 512
[   85.476372][ T5104] EXT4-fs: Ignoring removed bh option
[   85.493978][ T5104] EXT4-fs: inline encryption not supported
[   85.503746][ T5104] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   85.523996][ T5104] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1142: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   85.538793][ T5104] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.475: bg 0: block 248: padding at end of block bitmap is not set
[   85.553431][ T5104] loop4: lost filesystem error report for type 5 error -117
[   85.553613][ T5104] EXT4-fs error (device loop4): ext4_acquire_dquot:7001: comm syz.4.475: Failed to acquire dquot type 1
[   85.560927][    C1] EXT4-fs (loop4): error count since last fsck: 1
[   85.560945][    C1] EXT4-fs (loop4): last error at time 1773852877: ext4_validate_block_bitmap:441
[   85.588105][ T5104] loop4: lost filesystem error report for type 5 error -117
[   85.588716][ T5104] EXT4-fs (loop4): 1 truncate cleaned up
[   85.602644][ T5104] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[   85.624931][ T3790] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.626538][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.690266][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[   85.748719][ T5112] netlink: 'syz.4.478': attribute type 4 has an invalid length.
[   85.779001][ T5112] netlink: 'syz.4.478': attribute type 4 has an invalid length.
[   85.787293][ T5112] netlink: 'syz.4.478': attribute type 4 has an invalid length.
[   85.799397][ T5112] netlink: 'syz.4.478': attribute type 4 has an invalid length.
[   85.807580][ T5112] netlink: 'syz.4.478': attribute type 4 has an invalid length.
[   85.815522][ T5112] netlink: 'syz.4.478': attribute type 4 has an invalid length.
[   85.823370][ T5112] netlink: 'syz.4.478': attribute type 4 has an invalid length.
[   85.832449][ T5112] netlink: 'syz.4.478': attribute type 4 has an invalid length.
[   85.845661][ T5115] 8021q: VLANs not supported on vcan0
[   85.900892][ T5125] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.908580][ T5125] bridge_slave_1: left allmulticast mode
[   85.914497][ T5125] bridge_slave_1: left promiscuous mode
[   85.933864][ T5125] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.011987][ T5125] bridge_slave_1: entered promiscuous mode
[   86.019443][ T5125] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[   86.238948][ T5139] loop5: detected capacity change from 0 to 1024
[   86.249122][ T5135] netlink: 840 bytes leftover after parsing attributes in process `syz.0.484'.
[   86.432711][ T5144] loop1: detected capacity change from 0 to 2048
[   86.552349][ T5151] netlink: 48 bytes leftover after parsing attributes in process `syz.2.488'.
[   86.868497][ T5154] loop4: detected capacity change from 0 to 128
[   87.045381][ T5139] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   87.056490][ T5139] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (30349!=20869)
[   87.084554][ T5139] EXT4-fs (loop5): invalid journal inode
[   87.090458][ T5139] EXT4-fs (loop5): can't get journal size
[   87.100311][ T5139] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   87.115396][ T5139] netlink: 40 bytes leftover after parsing attributes in process `syz.5.483'.
[   87.134943][ T5144] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   87.260441][ T5144] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.369840][ T5169] 8021q: VLANs not supported on vcan0
[   87.417237][ T5154] bio_check_eod: 467665 callbacks suppressed
[   87.417257][ T5154] syz.4.490: attempt to access beyond end of device
[   87.417257][ T5154] loop4: rw=2049, sector=138, nr_sectors = 112 limit=128
[   87.491242][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.724550][ T3790] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.750106][ T5181] FAULT_INJECTION: forcing a failure.
[   87.750106][ T5181] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   87.776511][ T5181] CPU: 0 UID: 0 PID: 5181 Comm: syz.1.495 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[   87.776617][ T5181] Tainted: [W]=WARN
[   87.776624][ T5181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   87.776639][ T5181] Call Trace:
[   87.776646][ T5181]  <TASK>
[   87.776655][ T5181]  __dump_stack+0x1d/0x30
[   87.776683][ T5181]  dump_stack_lvl+0x95/0xd0
[   87.776752][ T5181]  dump_stack+0x15/0x1b
[   87.776777][ T5181]  should_fail_ex+0x263/0x280
[   87.776804][ T5181]  should_fail+0xb/0x20
[   87.776868][ T5181]  should_fail_usercopy+0x1a/0x20
[   87.776966][ T5181]  _copy_from_user+0x1c/0xb0
[   87.777003][ T5181]  ___sys_sendmsg+0xc1/0x1e0
[   87.777043][ T5181]  __x64_sys_sendmsg+0xd4/0x160
[   87.777126][ T5181]  x64_sys_call+0x194c/0x3020
[   87.777201][ T5181]  do_syscall_64+0x12c/0x370
[   87.777307][ T5181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.777327][ T5181] RIP: 0033:0x7fa33dddc799
[   87.777341][ T5181] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   87.777360][ T5181] RSP: 002b:00007fa33c82f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   87.777394][ T5181] RAX: ffffffffffffffda RBX: 00007fa33e055fa0 RCX: 00007fa33dddc799
[   87.777420][ T5181] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[   87.777435][ T5181] RBP: 00007fa33c82f090 R08: 0000000000000000 R09: 0000000000000000
[   87.777487][ T5181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   87.777498][ T5181] R13: 00007fa33e056038 R14: 00007fa33e055fa0 R15: 00007ffcd6a16198
[   87.777517][ T5181]  </TASK>
[   87.974632][ T5186] netlink: 4 bytes leftover after parsing attributes in process `syz.0.498'.
[   87.992563][ T5190] loop2: detected capacity change from 0 to 164
[   88.005305][ T5186] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   88.014375][ T5186] batman_adv: batadv0: Removing interface: batadv_slave_0
[   88.065462][ T5186] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   88.086502][ T5187] loop5: detected capacity change from 0 to 512
[   88.087059][ T5186] batman_adv: batadv0: Removing interface: batadv_slave_1
[   88.145909][ T5199] netlink: 128 bytes leftover after parsing attributes in process `syz.2.504'.
[   88.187961][ T5201] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.217006][ T5187] EXT4-fs error (device loop5): ext4_map_blocks:776: inode #11: block 4294967295: comm syz.5.500: lblock 10 mapped to illegal pblock 4294967295 (length 1)
[   88.230045][   T28] kauditd_printk_skb: 243 callbacks suppressed
[   88.230133][   T28] audit: type=1400 audit(1773852879.673:687): avc:  denied  { read append open } for  pid=5193 comm="syz.1.503" path="/118/file1/blkio.bfq.io_wait_time_recursive" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   88.266035][   T28] audit: type=1400 audit(1773852879.723:688): avc:  denied  { unmount } for  pid=3315 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   88.287738][   T28] audit: type=1400 audit(1773852879.743:689): avc:  denied  { map } for  pid=5193 comm="syz.1.503" path="/118/file1/blkio.bfq.io_wait_time_recursive" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   88.312604][   T28] audit: type=1400 audit(1773852879.743:690): avc:  denied  { write } for  pid=5193 comm="syz.1.503" path="/118/file1/blkio.bfq.io_wait_time_recursive" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   88.337956][ T5187] loop5: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[   88.349346][    C1] EXT4-fs (loop5): error count since last fsck: 1
[   88.364918][    C1] EXT4-fs (loop5): initial error at time 1773852879: ext4_map_blocks:776: inode 11: block 4294967295
[   88.375842][    C1] EXT4-fs (loop5): last error at time 1773852879: ext4_map_blocks:776: inode 11: block 4294967295
[   88.387423][ T5187] EXT4-fs (loop5): 1 orphan inode deleted
[   88.387870][   T28] audit: type=1400 audit(1773852879.803:691): avc:  denied  { create } for  pid=5193 comm="syz.1.503" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   88.413318][   T28] audit: type=1400 audit(1773852879.803:692): avc:  denied  { ioctl } for  pid=5193 comm="syz.1.503" path="socket:[10795]" dev="sockfs" ino=10795 ioctlcmd=0x8927 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   88.430802][ T5187] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.440747][   T28] audit: type=1400 audit(1773852879.803:693): avc:  denied  { bind } for  pid=5193 comm="syz.1.503" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   88.469594][   T28] audit: type=1400 audit(1773852879.883:694): avc:  denied  { execute } for  pid=5193 comm="syz.1.503" path="/118/file1/blkio.bfq.io_wait_time_recursive" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   88.640105][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.919458][   T28] audit: type=1400 audit(1773852880.353:695): avc:  denied  { connect } for  pid=5220 comm="syz.0.511" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   89.062097][   T28] audit: type=1400 audit(1773852880.353:696): avc:  denied  { setopt } for  pid=5220 comm="syz.0.511" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   89.115177][ T5227] validate_nla: 45 callbacks suppressed
[   89.115277][ T5227] netlink: 'syz.0.513': attribute type 1 has an invalid length.
[   89.233017][ T5227] 8021q: adding VLAN 0 to HW filter on device bond1
[   89.609815][ T3790] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.704173][ T5241] netlink: 8 bytes leftover after parsing attributes in process `syz.0.517'.
[   89.713858][ T5240] 8021q: VLANs not supported on vcan0
[   89.864866][ T5250] set_capacity_and_notify: 2 callbacks suppressed
[   89.864882][ T5250] loop0: detected capacity change from 0 to 2048
[   89.916731][ T5257] loop4: detected capacity change from 0 to 128
[   89.936046][ T5250] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   90.106585][ T5257] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   90.114460][ T5257] FAT-fs (loop4): Filesystem has been set read-only
[   90.121307][ T5257] syz.4.523: attempt to access beyond end of device
[   90.121307][ T5257] loop4: rw=8912896, sector=2065, nr_sectors = 8 limit=128
[   90.135039][ T5257] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   90.142874][ T5257] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   90.154014][ T5257] syz.4.523: attempt to access beyond end of device
[   90.154014][ T5257] loop4: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[   90.168731][ T5257] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   90.176612][ T5257] syz.4.523: attempt to access beyond end of device
[   90.176612][ T5257] loop4: rw=8912896, sector=2065, nr_sectors = 8 limit=128
[   90.190336][ T5257] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   90.198241][ T5257] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   90.206342][ T5257] syz.4.523: attempt to access beyond end of device
[   90.206342][ T5257] loop4: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[   90.220360][ T5257] syz.4.523: attempt to access beyond end of device
[   90.220360][ T5257] loop4: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[   90.234248][ T5259] syz.4.523: attempt to access beyond end of device
[   90.234248][ T5259] loop4: rw=8388608, sector=2065, nr_sectors = 1 limit=128
[   90.247985][ T5259] buffer_io_error: 363646 callbacks suppressed
[   90.248000][ T5259] Buffer I/O error on dev loop4, logical block 2065, async page read
[   90.262541][ T5259] syz.4.523: attempt to access beyond end of device
[   90.262541][ T5259] loop4: rw=8388608, sector=2066, nr_sectors = 1 limit=128
[   90.276402][ T5259] Buffer I/O error on dev loop4, logical block 2066, async page read
[   90.284743][ T5259] syz.4.523: attempt to access beyond end of device
[   90.284743][ T5259] loop4: rw=8388608, sector=2067, nr_sectors = 1 limit=128
[   90.298505][ T5259] Buffer I/O error on dev loop4, logical block 2067, async page read
[   90.306647][ T5259] syz.4.523: attempt to access beyond end of device
[   90.306647][ T5259] loop4: rw=8388608, sector=2068, nr_sectors = 1 limit=128
[   90.320396][ T5259] Buffer I/O error on dev loop4, logical block 2068, async page read
[   90.328470][ T5259] Buffer I/O error on dev loop4, logical block 2069, async page read
[   90.336759][ T5259] Buffer I/O error on dev loop4, logical block 2070, async page read
[   90.345013][ T5259] Buffer I/O error on dev loop4, logical block 2071, async page read
[   90.353121][ T5259] Buffer I/O error on dev loop4, logical block 2072, async page read
[   90.361459][ T5257] Buffer I/O error on dev loop4, logical block 2065, async page read
[   90.369753][ T5257] Buffer I/O error on dev loop4, logical block 2066, async page read
[   90.384008][ T5250] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.201633][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.257004][ T5287] netlink: 28 bytes leftover after parsing attributes in process `syz.1.532'.
[   92.454128][ T5307] netlink: 44 bytes leftover after parsing attributes in process `syz.5.541'.
[   92.525064][ T5320] loop4: detected capacity change from 0 to 1024
[   92.559767][ T5320] EXT4-fs: Ignoring removed bh option
[   92.570814][ T5320] EXT4-fs: inline encryption not supported
[   92.577570][ T5320] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   92.594680][ T5322] loop0: detected capacity change from 0 to 2048
[   92.612127][ T5320] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[   92.630959][ T5322] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.646074][ T5320] EXT4-fs error (device loop4): ext4_map_blocks:776: inode #3: block 2: comm syz.4.546: lblock 2 mapped to illegal pblock 2 (length 1)
[   92.678398][ T5320] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[   92.679356][    C1] EXT4-fs (loop4): error count since last fsck: 1
[   92.695054][    C1] EXT4-fs (loop4): initial error at time 1773852884: ext4_map_blocks:776: inode 3: block 2
[   92.699486][ T5320] EXT4-fs error (device loop4): ext4_map_blocks:776: inode #3: block 48: comm syz.4.546: lblock 0 mapped to illegal pblock 48 (length 1)
[   92.705109][    C1] EXT4-fs (loop4): last error at time 1773852884: ext4_map_blocks:776: inode 3: block 2
[   92.730968][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.741930][ T5320] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[   92.742106][ T5320] EXT4-fs error (device loop4): ext4_acquire_dquot:7001: comm syz.4.546: Failed to acquire dquot type 0
[   92.763772][ T5320] loop4: lost filesystem error report for type 5 error -117
[   92.788148][ T5320] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6246: Corrupt filesystem
[   92.801697][ T5320] loop4: lost filesystem error report for type 5 error -117
[   92.801816][ T5320] EXT4-fs error (device loop4): ext4_evict_inode:255: inode #11: comm syz.4.546: mark_inode_dirty error
[   92.822713][ T5320] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[   92.822980][ T5320] EXT4-fs warning (device loop4): ext4_evict_inode:258: couldn't mark inode dirty (err -117)
[   92.843102][ T5320] EXT4-fs (loop4): 1 orphan inode deleted
[   92.849705][ T5320] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.918244][   T40] EXT4-fs error (device loop4): ext4_map_blocks:776: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1)
[   92.943105][   T40] EXT4-fs error (device loop4): ext4_release_dquot:7037: comm kworker/u8:2: Failed to release dquot type 0
[   92.969912][ T5320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.993611][ T5353] loop5: detected capacity change from 0 to 512
[   93.014121][ T5320] EXT4-fs error (device loop4): __ext4_get_inode_loc:4782: comm syz.4.546: Invalid inode table block 1 in block_group 0
[   93.033095][ T5353] EXT4-fs (loop5): 1 orphan inode deleted
[   93.039436][ T5353] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   93.068661][ T5320] loop4: lost filesystem error report for type 5 error -117
[   93.068769][ T5320] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6246: Corrupt filesystem
[   93.134532][ T5320] loop4: lost filesystem error report for type 5 error -117
[   93.134734][ T5320] EXT4-fs error (device loop4): ext4_quota_off:7285: inode #3: comm syz.4.546: mark_inode_dirty error
[   93.169432][ T5320] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[   93.334735][   T28] kauditd_printk_skb: 345 callbacks suppressed
[   93.334771][   T28] audit: type=1400 audit(1773852884.793:1039): avc:  denied  { unmount } for  pid=3790 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   93.380867][ T3790] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.393298][   T28] audit: type=1400 audit(1773852884.803:1040): avc:  denied  { read write } for  pid=5374 comm="syz.1.563" name="event3" dev="devtmpfs" ino=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   93.417688][   T28] audit: type=1400 audit(1773852884.803:1041): avc:  denied  { open } for  pid=5374 comm="syz.1.563" path="/dev/input/event3" dev="devtmpfs" ino=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   93.480638][   T28] audit: type=1400 audit(1773852884.803:1042): avc:  denied  { allowed } for  pid=5374 comm="syz.1.563" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   93.500117][   T28] audit: type=1400 audit(1773852884.803:1043): avc:  denied  { create } for  pid=5374 comm="syz.1.563" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   93.568067][   T28] audit: type=1400 audit(1773852884.803:1044): avc:  denied  { map } for  pid=5374 comm="syz.1.563" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=11148 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   93.592867][   T28] audit: type=1400 audit(1773852884.803:1045): avc:  denied  { read write } for  pid=5374 comm="syz.1.563" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=11148 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   93.617845][   T28] audit: type=1400 audit(1773852884.813:1046): avc:  denied  { open } for  pid=5374 comm="syz.1.563" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   93.624778][ T5375] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   93.637986][   T28] audit: type=1400 audit(1773852884.813:1047): avc:  denied  { perfmon } for  pid=5374 comm="syz.1.563" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   93.673190][   T28] audit: type=1400 audit(1773852884.813:1048): avc:  denied  { kernel } for  pid=5374 comm="syz.1.563" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   93.680444][ T5375] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   93.698136][ T5393] netlink: 28 bytes leftover after parsing attributes in process `syz.4.570'.
[   93.710327][ T5393] netlink: 28 bytes leftover after parsing attributes in process `syz.4.570'.
[   93.721610][ T5393] syz_tun: entered promiscuous mode
[   93.727654][ T5396] netlink: 28 bytes leftover after parsing attributes in process `syz.5.571'.
[   93.736888][ T5393] syz_tun: left promiscuous mode
[   93.737009][ T5396] netlink: 28 bytes leftover after parsing attributes in process `syz.5.571'.
[   93.764341][ T5396] ip6gretap0: entered promiscuous mode
[   93.771168][ T5396] syz_tun: entered promiscuous mode
[   93.876996][ T5406] loop5: detected capacity change from 0 to 2048
[   93.886467][ T5406] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   93.924770][ T5406] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   93.966666][ T3790] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.057455][ T5418] netlink: 'syz.0.576': attribute type 1 has an invalid length.
[   94.073234][ T5418] netlink: 11930 bytes leftover after parsing attributes in process `syz.0.576'.
[   94.223181][ T5430] FAULT_INJECTION: forcing a failure.
[   94.223181][ T5430] name failslab, interval 1, probability 0, space 0, times 0
[   94.236107][ T5430] CPU: 0 UID: 0 PID: 5430 Comm: syz.5.581 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[   94.236140][ T5430] Tainted: [W]=WARN
[   94.236147][ T5430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   94.236161][ T5430] Call Trace:
[   94.236170][ T5430]  <TASK>
[   94.236178][ T5430]  __dump_stack+0x1d/0x30
[   94.236251][ T5430]  dump_stack_lvl+0x95/0xd0
[   94.236277][ T5430]  dump_stack+0x15/0x1b
[   94.236307][ T5430]  should_fail_ex+0x263/0x280
[   94.236387][ T5430]  should_failslab+0x8c/0xb0
[   94.236411][ T5430]  kmem_cache_alloc_node_noprof+0x6d/0x460
[   94.236437][ T5430]  ? __alloc_skb+0x2d6/0x690
[   94.236468][ T5430]  __alloc_skb+0x2d6/0x690
[   94.236518][ T5430]  ? __alloc_skb+0x200/0x690
[   94.236625][ T5430]  netlink_alloc_large_skb+0xbf/0xf0
[   94.236658][ T5430]  netlink_sendmsg+0x40c/0x6f0
[   94.236743][ T5430]  ? __pfx_netlink_sendmsg+0x10/0x10
[   94.236836][ T5430]  ____sys_sendmsg+0x563/0x5b0
[   94.236873][ T5430]  ___sys_sendmsg+0x195/0x1e0
[   94.236928][ T5430]  __x64_sys_sendmsg+0xd4/0x160
[   94.236959][ T5430]  x64_sys_call+0x194c/0x3020
[   94.236983][ T5430]  do_syscall_64+0x12c/0x370
[   94.237047][ T5430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.237130][ T5430] RIP: 0033:0x7fce4e24c799
[   94.237198][ T5430] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   94.237218][ T5430] RSP: 002b:00007fce4cca7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   94.237240][ T5430] RAX: ffffffffffffffda RBX: 00007fce4e4c5fa0 RCX: 00007fce4e24c799
[   94.237256][ T5430] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[   94.237271][ T5430] RBP: 00007fce4cca7090 R08: 0000000000000000 R09: 0000000000000000
[   94.237340][ T5430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.237352][ T5430] R13: 00007fce4e4c6038 R14: 00007fce4e4c5fa0 R15: 00007ffce91cf2e8
[   94.237369][ T5430]  </TASK>
[   94.466362][ T5432] loop1: detected capacity change from 0 to 164
[   94.548928][ T5443] FAULT_INJECTION: forcing a failure.
[   94.548928][ T5443] name failslab, interval 1, probability 0, space 0, times 0
[   94.563958][ T5443] CPU: 1 UID: 0 PID: 5443 Comm: syz.5.586 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[   94.563995][ T5443] Tainted: [W]=WARN
[   94.564002][ T5443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   94.564014][ T5443] Call Trace:
[   94.564020][ T5443]  <TASK>
[   94.564027][ T5443]  __dump_stack+0x1d/0x30
[   94.564052][ T5443]  dump_stack_lvl+0x95/0xd0
[   94.564094][ T5443]  dump_stack+0x15/0x1b
[   94.564115][ T5443]  should_fail_ex+0x263/0x280
[   94.564255][ T5443]  should_failslab+0x8c/0xb0
[   94.564279][ T5443]  __kmalloc_node_track_caller_noprof+0xc3/0x560
[   94.564304][ T5443]  ? vfs_parse_monolithic_sep+0x16a/0x270
[   94.564362][ T5443]  kmemdup_nul+0x36/0xc0
[   94.564383][ T5443]  ? __pfx_vfs_parse_comma_sep+0x10/0x10
[   94.564410][ T5443]  vfs_parse_monolithic_sep+0x16a/0x270
[   94.564515][ T5443]  generic_parse_monolithic+0x24/0x30
[   94.564542][ T5443]  parse_monolithic_mount_data+0x46/0x60
[   94.564565][ T5443]  do_new_mount+0x24e/0x8d0
[   94.564588][ T5443]  ? security_capable+0x7b/0x90
[   94.564640][ T5443]  path_mount+0x4d0/0xbc0
[   94.564661][ T5443]  __se_sys_mount+0x28c/0x2e0
[   94.564686][ T5443]  ? fput+0x8f/0xc0
[   94.564712][ T5443]  __x64_sys_mount+0x67/0x80
[   94.564808][ T5443]  x64_sys_call+0x2d61/0x3020
[   94.564836][ T5443]  do_syscall_64+0x12c/0x370
[   94.564921][ T5443]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.564943][ T5443] RIP: 0033:0x7fce4e24c799
[   94.564958][ T5443] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   94.564976][ T5443] RSP: 002b:00007fce4cca7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   94.565061][ T5443] RAX: ffffffffffffffda RBX: 00007fce4e4c5fa0 RCX: 00007fce4e24c799
[   94.565076][ T5443] RDX: 0000200000000080 RSI: 0000200000000300 RDI: 0000000000000000
[   94.565090][ T5443] RBP: 00007fce4cca7090 R08: 0000200000000100 R09: 0000000000000000
[   94.565102][ T5443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   94.565114][ T5443] R13: 00007fce4e4c6038 R14: 00007fce4e4c5fa0 R15: 00007ffce91cf2e8
[   94.565166][ T5443]  </TASK>
[   94.781116][ T5446] netlink: 'syz.4.585': attribute type 8 has an invalid length.
[   94.799570][ T5439] Driver unsupported XDP return value 0 on prog  (id 108) dev N/A, expect packet loss!
[   94.825026][ T5448] loop1: detected capacity change from 0 to 2048
[   94.845866][ T5448] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   94.863157][ T5448] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.904784][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.947051][ T5454] netlink: 12 bytes leftover after parsing attributes in process `syz.1.589'.
[   94.947779][ T5452] loop0: detected capacity change from 0 to 1024
[   94.965826][ T5452] EXT4-fs: inline encryption not supported
[   94.982361][ T5452] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   95.003916][ T5452] EXT4-fs error (device loop0): ext4_map_blocks:776: inode #3: block 2: comm syz.0.591: lblock 2 mapped to illegal pblock 2 (length 1)
[   95.025084][ T5452] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[   95.026052][ T5452] EXT4-fs (loop0): Remounting filesystem read-only
[   95.035269][ T5458] loop5: detected capacity change from 0 to 1024
[   95.041657][    C1] EXT4-fs (loop0): error count since last fsck: 1
[   95.041677][    C1] EXT4-fs (loop0): initial error at time 1773852886: ext4_map_blocks:776: inode 3: block 2
[   95.041707][    C1] EXT4-fs (loop0): last error at time 1773852886: ext4_map_blocks:776: inode 3: block 2
[   95.074894][ T5452] EXT4-fs (loop0): 1 orphan inode deleted
[   95.079015][ T5458] EXT4-fs: Ignoring removed oldalloc option
[   95.086809][ T5458] EXT4-fs: Ignoring removed bh option
[   95.106433][ T5452] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.127470][ T5458] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.144679][ T5452] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.169621][ T5458] bridge0: port 3(veth1_vlan) entered blocking state
[   95.176498][ T5458] bridge0: port 3(veth1_vlan) entered disabled state
[   95.177602][ T5461] loop1: detected capacity change from 0 to 512
[   95.185614][ T5458] netlink: 'syz.5.592': attribute type 6 has an invalid length.
[   95.197425][ T5458] netlink: 199836 bytes leftover after parsing attributes in process `syz.5.592'.
[   95.237687][ T3790] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.246695][ T5461] EXT4-fs error (device loop1): ext4_map_blocks:776: inode #11: block 4294967295: comm syz.1.593: lblock 10 mapped to illegal pblock 4294967295 (length 1)
[   95.263408][ T5461] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[   95.269272][ T5461] EXT4-fs (loop1): 1 orphan inode deleted
[   95.269469][    C0] EXT4-fs (loop1): error count since last fsck: 1
[   95.269876][ T5470] netlink: 8 bytes leftover after parsing attributes in process `syz.0.596'.
[   95.302571][    C0] EXT4-fs (loop1): initial error at time 1773852886: ext4_map_blocks:776: inode 11: block 4294967295
[   95.314366][    C0] EXT4-fs (loop1): last error at time 1773852886: ext4_map_blocks:776: inode 11: block 4294967295
[   95.351223][ T5464] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   95.360659][ T5464] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   95.435116][ T5461] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.699438][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.722939][ T5487] loop1: detected capacity change from 0 to 2048
[   95.740548][ T5487] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   95.780910][ T5487] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.816908][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.105073][ T5492] vlan0: entered promiscuous mode
[   96.152572][ T5500] syzkaller0: entered promiscuous mode
[   96.156864][ T5499] xt_hashlimit: size too large, truncated to 1048576
[   96.158099][ T5500] syzkaller0: entered allmulticast mode
[   96.454536][ T5515] loop0: detected capacity change from 0 to 512
[   96.466642][ T5515] vfat: Unknown parameter ''
[   96.511515][ T5520] loop1: detected capacity change from 0 to 128
[   96.622282][ T5520] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[   96.630183][ T5520] FAT-fs (loop1): Filesystem has been set read-only
[   96.636771][ T5520] bio_check_eod: 234932 callbacks suppressed
[   96.636785][ T5520] syz.1.611: attempt to access beyond end of device
[   96.636785][ T5520] loop1: rw=8912896, sector=2065, nr_sectors = 8 limit=128
[   96.656476][ T5520] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[   96.664389][ T5520] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[   96.672554][ T5520] syz.1.611: attempt to access beyond end of device
[   96.672554][ T5520] loop1: rw=8912896, sector=2065, nr_sectors = 8 limit=128
[   96.687581][ T5520] syz.1.611: attempt to access beyond end of device
[   96.687581][ T5520] loop1: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[   96.701408][ T5520] syz.1.611: attempt to access beyond end of device
[   96.701408][ T5520] loop1: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[   96.715202][ T5520] syz.1.611: attempt to access beyond end of device
[   96.715202][ T5520] loop1: rw=8388608, sector=2065, nr_sectors = 1 limit=128
[   96.728945][ T5520] buffer_io_error: 234926 callbacks suppressed
[   96.728959][ T5520] Buffer I/O error on dev loop1, logical block 2065, async page read
[   96.743339][ T5520] syz.1.611: attempt to access beyond end of device
[   96.743339][ T5520] loop1: rw=8388608, sector=2066, nr_sectors = 1 limit=128
[   96.757062][ T5520] Buffer I/O error on dev loop1, logical block 2066, async page read
[   96.765261][ T5520] syz.1.611: attempt to access beyond end of device
[   96.765261][ T5520] loop1: rw=8388608, sector=2067, nr_sectors = 1 limit=128
[   96.779043][ T5520] Buffer I/O error on dev loop1, logical block 2067, async page read
[   96.787203][ T5520] syz.1.611: attempt to access beyond end of device
[   96.787203][ T5520] loop1: rw=8388608, sector=2068, nr_sectors = 1 limit=128
[   96.801013][ T5520] Buffer I/O error on dev loop1, logical block 2068, async page read
[   96.809309][ T5520] syz.1.611: attempt to access beyond end of device
[   96.809309][ T5520] loop1: rw=8388608, sector=2069, nr_sectors = 1 limit=128
[   96.822992][ T5520] Buffer I/O error on dev loop1, logical block 2069, async page read
[   96.831096][ T5520] syz.1.611: attempt to access beyond end of device
[   96.831096][ T5520] loop1: rw=8388608, sector=2070, nr_sectors = 1 limit=128
[   96.844816][ T5520] Buffer I/O error on dev loop1, logical block 2070, async page read
[   96.852940][ T5520] Buffer I/O error on dev loop1, logical block 2071, async page read
[   96.861130][ T5520] Buffer I/O error on dev loop1, logical block 2072, async page read
[   96.869271][ T5520] Buffer I/O error on dev loop1, logical block 2065, async page read
[   96.877434][ T5520] Buffer I/O error on dev loop1, logical block 2066, async page read
[   97.137907][ T5540] FAULT_INJECTION: forcing a failure.
[   97.137907][ T5540] name failslab, interval 1, probability 0, space 0, times 0
[   97.153160][ T5540] CPU: 0 UID: 0 PID: 5540 Comm: syz.4.618 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[   97.153197][ T5540] Tainted: [W]=WARN
[   97.153203][ T5540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   97.153237][ T5540] Call Trace:
[   97.153244][ T5540]  <TASK>
[   97.153303][ T5540]  __dump_stack+0x1d/0x30
[   97.153333][ T5540]  dump_stack_lvl+0x95/0xd0
[   97.153359][ T5540]  dump_stack+0x15/0x1b
[   97.153414][ T5540]  should_fail_ex+0x263/0x280
[   97.153441][ T5540]  ? v9fs_get_tree+0x49/0x5e0
[   97.153531][ T5540]  should_failslab+0x8c/0xb0
[   97.153551][ T5540]  __kmalloc_cache_noprof+0x5f/0x410
[   97.153608][ T5540]  v9fs_get_tree+0x49/0x5e0
[   97.153634][ T5540]  ? security_capable+0x7b/0x90
[   97.153665][ T5540]  vfs_get_tree+0x57/0x1d0
[   97.153718][ T5540]  do_new_mount+0x288/0x8d0
[   97.153738][ T5540]  ? security_capable+0x7b/0x90
[   97.153763][ T5540]  path_mount+0x4d0/0xbc0
[   97.153788][ T5540]  __se_sys_mount+0x28c/0x2e0
[   97.153838][ T5540]  ? fput+0x8f/0xc0
[   97.153911][ T5540]  __x64_sys_mount+0x67/0x80
[   97.154000][ T5540]  x64_sys_call+0x2d61/0x3020
[   97.154030][ T5540]  do_syscall_64+0x12c/0x370
[   97.154057][ T5540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.154112][ T5540] RIP: 0033:0x7f052f81c799
[   97.154130][ T5540] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   97.154151][ T5540] RSP: 002b:00007f052e277028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   97.154171][ T5540] RAX: ffffffffffffffda RBX: 00007f052fa95fa0 RCX: 00007f052f81c799
[   97.154231][ T5540] RDX: 0000200000000080 RSI: 0000200000000300 RDI: 0000000000000000
[   97.154244][ T5540] RBP: 00007f052e277090 R08: 0000200000000100 R09: 0000000000000000
[   97.154256][ T5540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   97.154268][ T5540] R13: 00007f052fa96038 R14: 00007f052fa95fa0 R15: 00007fff831c7638
[   97.154285][ T5540]  </TASK>
[   98.392325][ T5555] FAULT_INJECTION: forcing a failure.
[   98.392325][ T5555] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   98.405634][ T5555] CPU: 0 UID: 0 PID: 5555 Comm: syz.0.623 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[   98.405743][ T5555] Tainted: [W]=WARN
[   98.405751][ T5555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   98.405765][ T5555] Call Trace:
[   98.405772][ T5555]  <TASK>
[   98.405780][ T5555]  __dump_stack+0x1d/0x30
[   98.405820][ T5555]  dump_stack_lvl+0x95/0xd0
[   98.405845][ T5555]  dump_stack+0x15/0x1b
[   98.405991][ T5555]  should_fail_ex+0x263/0x280
[   98.406022][ T5555]  should_fail+0xb/0x20
[   98.406042][ T5555]  should_fail_usercopy+0x1a/0x20
[   98.406067][ T5555]  _copy_from_iter+0xcf/0xea0
[   98.406165][ T5555]  ? __alloc_skb+0x4f6/0x690
[   98.406194][ T5555]  ? __alloc_skb+0x200/0x690
[   98.406222][ T5555]  netlink_sendmsg+0x4ae/0x6f0
[   98.406278][ T5555]  ? __pfx_netlink_sendmsg+0x10/0x10
[   98.406310][ T5555]  ____sys_sendmsg+0x563/0x5b0
[   98.406341][ T5555]  ___sys_sendmsg+0x195/0x1e0
[   98.406433][ T5555]  __x64_sys_sendmsg+0xd4/0x160
[   98.406465][ T5555]  x64_sys_call+0x194c/0x3020
[   98.406495][ T5555]  do_syscall_64+0x12c/0x370
[   98.406522][ T5555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.406574][ T5555] RIP: 0033:0x7f24cef0c799
[   98.406589][ T5555] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   98.406608][ T5555] RSP: 002b:00007f24cd967028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   98.406688][ T5555] RAX: ffffffffffffffda RBX: 00007f24cf185fa0 RCX: 00007f24cef0c799
[   98.406729][ T5555] RDX: 000000002c000010 RSI: 0000200000000000 RDI: 0000000000000005
[   98.406742][ T5555] RBP: 00007f24cd967090 R08: 0000000000000000 R09: 0000000000000000
[   98.406756][ T5555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   98.406770][ T5555] R13: 00007f24cf186038 R14: 00007f24cf185fa0 R15: 00007ffde164ca38
[   98.406790][ T5555]  </TASK>
[   98.596480][   T28] kauditd_printk_skb: 94 callbacks suppressed
[   98.596495][   T28] audit: type=1400 audit(1773852889.923:1139): avc:  denied  { unmount } for  pid=3314 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   98.649825][ T5557] loop2: detected capacity change from 0 to 512
[   98.663698][ T5557] EXT4-fs (loop2): 1 orphan inode deleted
[   98.688300][   T28] audit: type=1326 audit(1773852890.133:1140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5561 comm="syz.1.624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33dddc799 code=0x7ffc0000
[   98.809467][   T28] audit: type=1326 audit(1773852890.133:1141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5561 comm="syz.1.624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33dddc799 code=0x7ffc0000
[   98.834171][   T28] audit: type=1326 audit(1773852890.133:1142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5561 comm="syz.1.624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33dddc799 code=0x7ffc0000
[   98.849994][ T5557] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   98.865205][   T28] audit: type=1326 audit(1773852890.133:1143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5561 comm="syz.1.624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33dddc799 code=0x7ffc0000
[   98.889275][   T28] audit: type=1326 audit(1773852890.133:1144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5561 comm="syz.1.624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7fa33dddc799 code=0x7ffc0000
[   99.128489][ T5557] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   99.156328][   T28] audit: type=1326 audit(1773852890.133:1145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5561 comm="syz.1.624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33dddc799 code=0x7ffc0000
[   99.210972][ T5557] vhci_hcd vhci_hcd.0: default hub control req: 9a08 v0009 i0007 l0
[   99.373513][   T28] audit: type=1326 audit(1773852890.133:1146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5561 comm="syz.1.624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33dddc799 code=0x7ffc0000
[   99.397834][   T28] audit: type=1326 audit(1773852890.133:1147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5561 comm="syz.1.624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa33dddc799 code=0x7ffc0000
[   99.422170][   T28] audit: type=1326 audit(1773852890.133:1148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5561 comm="syz.1.624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa33dddc799 code=0x7ffc0000
[   99.788890][ T5588] __nla_validate_parse: 4 callbacks suppressed
[   99.788924][ T5588] netlink: 20 bytes leftover after parsing attributes in process `syz.1.634'.
[  100.063001][ T3311] EXT4-fs unmount: 1 callbacks suppressed
[  100.063017][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.078267][ T5598] netlink: 28 bytes leftover after parsing attributes in process `syz.5.639'.
[  100.100347][ T5598] netlink: 28 bytes leftover after parsing attributes in process `syz.5.639'.
[  100.127051][ T5602] netlink: 8 bytes leftover after parsing attributes in process `syz.2.641'.
[  100.215093][ T5608] loop2: detected capacity change from 0 to 164
[  100.427930][ T5622] FAULT_INJECTION: forcing a failure.
[  100.427930][ T5622] name failslab, interval 1, probability 0, space 0, times 0
[  100.441939][ T5622] CPU: 1 UID: 0 PID: 5622 Comm: syz.0.649 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  100.441973][ T5622] Tainted: [W]=WARN
[  100.441979][ T5622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  100.442053][ T5622] Call Trace:
[  100.442058][ T5622]  <TASK>
[  100.442065][ T5622]  __dump_stack+0x1d/0x30
[  100.442089][ T5622]  dump_stack_lvl+0x95/0xd0
[  100.442112][ T5622]  dump_stack+0x15/0x1b
[  100.442132][ T5622]  should_fail_ex+0x263/0x280
[  100.442171][ T5622]  should_failslab+0x8c/0xb0
[  100.442195][ T5622]  __kmalloc_node_track_caller_noprof+0xc3/0x560
[  100.442262][ T5622]  ? vfs_parse_monolithic_sep+0x16a/0x270
[  100.442285][ T5622]  kmemdup_nul+0x36/0xc0
[  100.442301][ T5622]  ? __pfx_vfs_parse_comma_sep+0x10/0x10
[  100.442326][ T5622]  vfs_parse_monolithic_sep+0x16a/0x270
[  100.442363][ T5622]  generic_parse_monolithic+0x24/0x30
[  100.442443][ T5622]  parse_monolithic_mount_data+0x46/0x60
[  100.442466][ T5622]  do_new_mount+0x24e/0x8d0
[  100.442490][ T5622]  ? security_capable+0x7b/0x90
[  100.442522][ T5622]  path_mount+0x4d0/0xbc0
[  100.442546][ T5622]  __se_sys_mount+0x28c/0x2e0
[  100.442568][ T5622]  ? fput+0x8f/0xc0
[  100.442644][ T5622]  __x64_sys_mount+0x67/0x80
[  100.442664][ T5622]  x64_sys_call+0x2d61/0x3020
[  100.442707][ T5622]  do_syscall_64+0x12c/0x370
[  100.442733][ T5622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.442753][ T5622] RIP: 0033:0x7f24cef0c799
[  100.442768][ T5622] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  100.442784][ T5622] RSP: 002b:00007f24cd967028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  100.442865][ T5622] RAX: ffffffffffffffda RBX: 00007f24cf185fa0 RCX: 00007f24cef0c799
[  100.442907][ T5622] RDX: 0000200000000080 RSI: 0000200000000300 RDI: 0000000000000000
[  100.442919][ T5622] RBP: 00007f24cd967090 R08: 0000200000000100 R09: 0000000000000000
[  100.442931][ T5622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  100.442943][ T5622] R13: 00007f24cf186038 R14: 00007f24cf185fa0 R15: 00007ffde164ca38
[  100.442963][ T5622]  </TASK>
[  100.723568][ T5629] netlink: 8 bytes leftover after parsing attributes in process `syz.0.652'.
[  100.732666][ T5629] FAULT_INJECTION: forcing a failure.
[  100.732666][ T5629] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.746033][ T5629] CPU: 0 UID: 0 PID: 5629 Comm: syz.0.652 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  100.746135][ T5629] Tainted: [W]=WARN
[  100.746141][ T5629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  100.746152][ T5629] Call Trace:
[  100.746159][ T5629]  <TASK>
[  100.746167][ T5629]  __dump_stack+0x1d/0x30
[  100.746193][ T5629]  dump_stack_lvl+0x95/0xd0
[  100.746268][ T5629]  dump_stack+0x15/0x1b
[  100.746295][ T5629]  should_fail_ex+0x263/0x280
[  100.746323][ T5629]  should_fail+0xb/0x20
[  100.746445][ T5629]  should_fail_usercopy+0x1a/0x20
[  100.746535][ T5629]  _copy_from_user+0x1c/0xb0
[  100.746564][ T5629]  kstrtouint_from_user+0x69/0xf0
[  100.746669][ T5629]  proc_fail_nth_write+0x50/0x160
[  100.746699][ T5629]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  100.746799][ T5629]  vfs_write+0x269/0x9f0
[  100.746832][ T5629]  ? __rcu_read_unlock+0x4e/0x70
[  100.746861][ T5629]  ? __fget_files+0x184/0x1c0
[  100.746885][ T5629]  ? mutex_lock+0x57/0x90
[  100.746971][ T5629]  ksys_write+0xdc/0x1a0
[  100.747026][ T5629]  __x64_sys_write+0x40/0x50
[  100.747044][ T5629]  x64_sys_call+0x27e1/0x3020
[  100.747132][ T5629]  do_syscall_64+0x12c/0x370
[  100.747159][ T5629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.747184][ T5629] RIP: 0033:0x7f24ceeccfce
[  100.747262][ T5629] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  100.747381][ T5629] RSP: 002b:00007f24cd966fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  100.747403][ T5629] RAX: ffffffffffffffda RBX: 00007f24cd9676c0 RCX: 00007f24ceeccfce
[  100.747458][ T5629] RDX: 0000000000000001 RSI: 00007f24cd9670a0 RDI: 0000000000000004
[  100.747471][ T5629] RBP: 00007f24cd967090 R08: 0000000000000000 R09: 0000000000000000
[  100.747484][ T5629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.747501][ T5629] R13: 00007f24cf186038 R14: 00007f24cf185fa0 R15: 00007ffde164ca38
[  100.747556][ T5629]  </TASK>
[  100.751531][ T5631] loop5: detected capacity change from 0 to 1024
[  100.803443][ T5634] loop0: detected capacity change from 0 to 512
[  100.811994][ T5631] EXT4-fs: inline encryption not supported
[  100.823633][ T5634] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  100.866845][ T5631] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  100.879920][ T5634] EXT4-fs (loop0): orphan cleanup on readonly fs
[  100.927545][ T5631] EXT4-fs error (device loop5): ext4_map_blocks:776: inode #3: block 2: comm syz.5.653: lblock 2 mapped to illegal pblock 2 (length 1)
[  100.928382][ T5634] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:517: comm syz.0.654: Block bitmap for bg 0 marked uninitialized
[  100.936587][ T5631] loop5: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  100.944474][ T5634] loop0: lost filesystem error report for type 5 error -117
[  100.953779][ T5631] EXT4-fs (loop5): Remounting filesystem read-only
[  100.959991][    C1] EXT4-fs (loop5): error count since last fsck: 1
[  100.960009][    C1] EXT4-fs (loop5): initial error at time 1773852892: ext4_map_blocks:776: inode 3: block 2
[  100.960041][    C1] EXT4-fs (loop5): last error at time 1773852892: ext4_map_blocks:776: inode 3: block 2
[  100.960183][ T5634] EXT4-fs (loop0): Remounting filesystem read-only
[  100.966106][ T5631] EXT4-fs (loop5): 1 orphan inode deleted
[  100.975649][    C0] EXT4-fs (loop0): error count since last fsck: 1
[  100.975672][    C0] EXT4-fs (loop0): initial error at time 1773852892: ext4_read_block_bitmap_nowait:517
[  100.975693][    C0] EXT4-fs (loop0): last error at time 1773852892: ext4_read_block_bitmap_nowait:517
[  100.976465][ T5634] EXT4-fs (loop0): 1 orphan inode deleted
[  100.986461][ T5631] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.993009][ T5634] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  101.010049][ T5631] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.159540][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.207716][ T5647] FAULT_INJECTION: forcing a failure.
[  101.207716][ T5647] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.221207][ T5647] CPU: 1 UID: 0 PID: 5647 Comm: syz.1.658 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  101.221241][ T5647] Tainted: [W]=WARN
[  101.221247][ T5647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  101.221260][ T5647] Call Trace:
[  101.221268][ T5647]  <TASK>
[  101.221276][ T5647]  __dump_stack+0x1d/0x30
[  101.221377][ T5647]  dump_stack_lvl+0x95/0xd0
[  101.221450][ T5647]  dump_stack+0x15/0x1b
[  101.221527][ T5647]  should_fail_ex+0x263/0x280
[  101.221569][ T5647]  should_fail+0xb/0x20
[  101.221593][ T5647]  should_fail_usercopy+0x1a/0x20
[  101.221624][ T5647]  _copy_from_user+0x1c/0xb0
[  101.221721][ T5647]  __sys_bpf+0x183/0x7e0
[  101.221750][ T5647]  __x64_sys_bpf+0x41/0x50
[  101.221779][ T5647]  x64_sys_call+0x10cb/0x3020
[  101.221854][ T5647]  do_syscall_64+0x12c/0x370
[  101.221910][ T5647]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.221934][ T5647] RIP: 0033:0x7fa33dddc799
[  101.221950][ T5647] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  101.221967][ T5647] RSP: 002b:00007fa33c82f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  101.221987][ T5647] RAX: ffffffffffffffda RBX: 00007fa33e055fa0 RCX: 00007fa33dddc799
[  101.222003][ T5647] RDX: 0000000000000028 RSI: 0000200000000100 RDI: 0000000000000012
[  101.222085][ T5647] RBP: 00007fa33c82f090 R08: 0000000000000000 R09: 0000000000000000
[  101.222099][ T5647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.222112][ T5647] R13: 00007fa33e056038 R14: 00007fa33e055fa0 R15: 00007ffcd6a16198
[  101.222132][ T5647]  </TASK>
[  101.433437][ T5643] loop0: detected capacity change from 0 to 512
[  101.444720][ T5643] EXT4-fs: Ignoring removed bh option
[  101.459488][ T5643] EXT4-fs: inline encryption not supported
[  101.504512][ T5643] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  101.532609][ T5643] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1142: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  101.549654][ T5643] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.655: bg 0: block 248: padding at end of block bitmap is not set
[  101.564473][ T5643] loop0: lost filesystem error report for type 5 error -117
[  101.564725][ T5643] EXT4-fs error (device loop0): ext4_acquire_dquot:7001: comm syz.0.655: Failed to acquire dquot type 1
[  101.572064][    C0] EXT4-fs (loop0): error count since last fsck: 1
[  101.572088][    C0] EXT4-fs (loop0): last error at time 1773852893: ext4_validate_block_bitmap:441
[  101.599972][ T5668] loop1: detected capacity change from 0 to 2048
[  101.606429][ T5643] loop0: lost filesystem error report for type 5 error -117
[  101.608590][ T5662] netlink: 20 bytes leftover after parsing attributes in process `syz.2.664'.
[  101.631025][ T5643] EXT4-fs (loop0): 1 truncate cleaned up
[  101.637954][ T5643] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  101.638157][ T5668] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  101.676821][ T5668] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.760133][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  101.780645][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.819169][ T5685] vhci_hcd vhci_hcd.4: SetHubDepth req not supported for USB 2.0 roothub
[  101.844906][ T5687] netlink: 830 bytes leftover after parsing attributes in process `syz.0.673'.
[  102.066793][ T5697] loop1: detected capacity change from 0 to 512
[  102.195057][ T5692] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  102.211798][ T5692] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  102.230948][ T5695] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  102.362570][ T5695] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  102.504041][ T5705] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=43 sclass=netlink_route_socket pid=5705 comm=syz.4.677
[  102.566041][ T5707] syzkaller0: entered promiscuous mode
[  102.572138][ T5707] syzkaller0: entered allmulticast mode
[  102.762445][ T5714] FAULT_INJECTION: forcing a failure.
[  102.762445][ T5714] name failslab, interval 1, probability 0, space 0, times 0
[  102.790920][ T5714] CPU: 0 UID: 0 PID: 5714 Comm: syz.1.681 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  102.791011][ T5714] Tainted: [W]=WARN
[  102.791018][ T5714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  102.791031][ T5714] Call Trace:
[  102.791038][ T5714]  <TASK>
[  102.791046][ T5714]  __dump_stack+0x1d/0x30
[  102.791104][ T5714]  dump_stack_lvl+0x95/0xd0
[  102.791181][ T5714]  dump_stack+0x15/0x1b
[  102.791201][ T5714]  should_fail_ex+0x263/0x280
[  102.791226][ T5714]  should_failslab+0x8c/0xb0
[  102.791246][ T5714]  __kmalloc_node_track_caller_noprof+0xc3/0x560
[  102.791285][ T5714]  ? v9fs_init_fs_context+0x84/0x220
[  102.791315][ T5714]  ? should_failslab+0x8c/0xb0
[  102.791335][ T5714]  kstrdup+0x3e/0xd0
[  102.791353][ T5714]  v9fs_init_fs_context+0x84/0x220
[  102.791438][ T5714]  alloc_fs_context+0x4a6/0x580
[  102.791463][ T5714]  fs_context_for_mount+0x22/0x30
[  102.791485][ T5714]  do_new_mount+0xe7/0x8d0
[  102.791609][ T5714]  ? security_capable+0x7b/0x90
[  102.791641][ T5714]  path_mount+0x4d0/0xbc0
[  102.791662][ T5714]  __se_sys_mount+0x28c/0x2e0
[  102.791683][ T5714]  ? fput+0x8f/0xc0
[  102.791777][ T5714]  __x64_sys_mount+0x67/0x80
[  102.791798][ T5714]  x64_sys_call+0x2d61/0x3020
[  102.791824][ T5714]  do_syscall_64+0x12c/0x370
[  102.791907][ T5714]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.791929][ T5714] RIP: 0033:0x7fa33dddc799
[  102.791944][ T5714] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  102.791962][ T5714] RSP: 002b:00007fa33c82f028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  102.791981][ T5714] RAX: ffffffffffffffda RBX: 00007fa33e055fa0 RCX: 00007fa33dddc799
[  102.792011][ T5714] RDX: 0000200000000080 RSI: 0000200000000300 RDI: 0000000000000000
[  102.792023][ T5714] RBP: 00007fa33c82f090 R08: 0000200000000100 R09: 0000000000000000
[  102.792036][ T5714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  102.792047][ T5714] R13: 00007fa33e056038 R14: 00007fa33e055fa0 R15: 00007ffcd6a16198
[  102.792067][ T5714]  </TASK>
[  103.017577][ T5716] loop2: detected capacity change from 0 to 8192
[  103.071386][ T3299]  loop2: p4
[  103.079424][ T3299] loop2: p4 size 32768 extends beyond EOD, truncated
[  103.096348][ T5716]  loop2: p4
[  103.109437][ T5716] loop2: p4 size 32768 extends beyond EOD, truncated
[  103.229120][ T5725] netlink: 12 bytes leftover after parsing attributes in process `syz.0.685'.
[  103.251806][ T5725] tc_dump_action: action bad kind
[  103.281615][ T5725] sch_tbf: burst 0 is lower than device ip6tnl0 mtu (1452) !
[  103.354750][ T5736] loop5: detected capacity change from 0 to 512
[  103.367981][ T5736] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  103.399440][ T5736] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.689: bad orphan inode 131083
[  103.410084][ T5736] loop5: lost filesystem error report for type 5 error -117
[  103.410707][ T5736] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.450327][ T5736] 9pnet_fd: Insufficient options for proto=fd
[  103.513244][ T3790] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.603740][   T28] kauditd_printk_skb: 168 callbacks suppressed
[  103.603806][   T28] audit: type=1400 audit(1773852895.063:1313): avc:  denied  { module_request } for  pid=5744 comm="syz.2.692" kmod="nfct-helper-netbios-ns" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  103.671622][ T5748] loop5: detected capacity change from 0 to 2048
[  103.765943][ T5751] tmpfs: Bad value for 'mpol'
[  103.783501][ T5745] xt_CT: No such helper "netbios-ns"
[  103.818436][ T5748] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  103.842467][   T28] audit: type=1400 audit(1773852895.093:1314): avc:  denied  { open } for  pid=5741 comm="syz.1.691" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  103.910023][ T5748] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.943474][   T28] audit: type=1400 audit(1773852895.093:1315): avc:  denied  { perfmon } for  pid=5741 comm="syz.1.691" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  104.060435][   T28] audit: type=1400 audit(1773852895.093:1316): avc:  denied  { kernel } for  pid=5741 comm="syz.1.691" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  104.133120][ T3790] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.173341][   T28] audit: type=1400 audit(1773852895.143:1317): avc:  denied  { write } for  pid=5741 comm="syz.1.691" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  104.173370][   T28] audit: type=1400 audit(1773852895.153:1318): avc:  denied  { create } for  pid=5741 comm="syz.1.691" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  104.173433][   T28] audit: type=1400 audit(1773852895.153:1319): avc:  denied  { map } for  pid=5741 comm="syz.1.691" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=13429 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  104.173461][   T28] audit: type=1400 audit(1773852895.153:1320): avc:  denied  { read write } for  pid=5741 comm="syz.1.691" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=13429 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  104.173489][   T28] audit: type=1400 audit(1773852895.223:1321): avc:  denied  { mounton } for  pid=5741 comm="syz.1.691" path="/syzcgroup/unified/syz1" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  104.173540][   T28] audit: type=1400 audit(1773852895.233:1322): avc:  denied  { map_create } for  pid=5749 comm="syz.4.694" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  104.284934][ T5768] netlink: 'syz.4.698': attribute type 13 has an invalid length.
[  104.429956][ T5768] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.430147][ T5768] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.618998][ T5768] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  104.641553][ T5773] netlink: 68 bytes leftover after parsing attributes in process `syz.5.700'.
[  104.651656][ T5768] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  104.736826][ T5775] netlink: 8 bytes leftover after parsing attributes in process `syz.2.701'.
[  104.849199][   T50] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  104.858383][   T50] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  104.882600][   T50] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  104.919685][   T50] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  104.949781][ T5791] syzkaller0: entered promiscuous mode
[  104.955267][ T5791] syzkaller0: entered allmulticast mode
[  104.976957][ T5789] __nla_validate_parse: 1 callbacks suppressed
[  104.976975][ T5789] netlink: 24 bytes leftover after parsing attributes in process `syz.4.704'.
[  104.994587][ T5793] loop1: detected capacity change from 0 to 512
[  105.008262][ T5793] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  105.021898][ T5793] EXT4-fs (loop1): 1 truncate cleaned up
[  105.032034][ T5793] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.037136][ T5796] netlink: 'syz.4.704': attribute type 5 has an invalid length.
[  105.062067][ T5793] EXT4-fs error (device loop1): mb_free_blocks:2047: group 0, inode 16: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  105.078806][ T5793] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm syz.1.706: invalid indirect mapped block 4194304 (level 1)
[  105.115930][ T5798] FAULT_INJECTION: forcing a failure.
[  105.115930][ T5798] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  105.130246][ T5798] CPU: 0 UID: 0 PID: 5798 Comm: syz.5.707 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  105.130281][ T5798] Tainted: [W]=WARN
[  105.130289][ T5798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  105.130377][ T5798] Call Trace:
[  105.130384][ T5798]  <TASK>
[  105.130392][ T5798]  __dump_stack+0x1d/0x30
[  105.130422][ T5798]  dump_stack_lvl+0x95/0xd0
[  105.130447][ T5798]  dump_stack+0x15/0x1b
[  105.130491][ T5798]  should_fail_ex+0x263/0x280
[  105.130518][ T5798]  should_fail+0xb/0x20
[  105.130540][ T5798]  should_fail_usercopy+0x1a/0x20
[  105.130569][ T5798]  _copy_from_iter+0xcf/0xea0
[  105.130635][ T5798]  ? __alloc_skb+0x4f6/0x690
[  105.130659][ T5798]  ? __alloc_skb+0x200/0x690
[  105.130685][ T5798]  netlink_sendmsg+0x4ae/0x6f0
[  105.130829][ T5798]  ? __pfx_netlink_sendmsg+0x10/0x10
[  105.130862][ T5798]  ____sys_sendmsg+0x563/0x5b0
[  105.130944][ T5798]  ___sys_sendmsg+0x195/0x1e0
[  105.131063][ T5798]  __x64_sys_sendmsg+0xd4/0x160
[  105.131098][ T5798]  x64_sys_call+0x194c/0x3020
[  105.131169][ T5798]  do_syscall_64+0x12c/0x370
[  105.131196][ T5798]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.131220][ T5798] RIP: 0033:0x7fce4e24c799
[  105.131238][ T5798] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  105.131330][ T5798] RSP: 002b:00007fce4cca7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  105.131350][ T5798] RAX: ffffffffffffffda RBX: 00007fce4e4c5fa0 RCX: 00007fce4e24c799
[  105.131437][ T5798] RDX: 000000002c000010 RSI: 0000200000000000 RDI: 0000000000000005
[  105.131457][ T5798] RBP: 00007fce4cca7090 R08: 0000000000000000 R09: 0000000000000000
[  105.131472][ T5798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  105.131487][ T5798] R13: 00007fce4e4c6038 R14: 00007fce4e4c5fa0 R15: 00007ffce91cf2e8
[  105.131512][ T5798]  </TASK>
[  105.132413][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.281558][ T5800] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  105.383094][ T5804] netlink: 4 bytes leftover after parsing attributes in process `syz.2.711'.
[  105.404216][ T5800] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.410775][ T5808] netlink: 'syz.1.708': attribute type 1 has an invalid length.
[  105.419853][ T5816] netlink: 28 bytes leftover after parsing attributes in process `syz.4.714'.
[  105.435633][ T5812] netlink: 'syz.1.708': attribute type 1 has an invalid length.
[  105.450086][ T5812] 8021q: adding VLAN 0 to HW filter on device bond2
[  105.463903][ T5812] bond2: (slave gretap1): making interface the new active one
[  105.472639][ T5812] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  105.508772][ T5822] netlink: 28 bytes leftover after parsing attributes in process `syz.2.716'.
[  105.518948][ T5822] netlink: 28 bytes leftover after parsing attributes in process `syz.2.716'.
[  105.531674][ T5822] ip6gretap0: entered promiscuous mode
[  105.541082][ T5822] syz_tun: entered promiscuous mode
[  105.546644][ T5822] debugfs: 'hsr1' already exists in 'hsr'
[  105.555082][ T5822] Cannot create hsr debugfs directory
[  105.600168][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.651408][ T5832] set_capacity_and_notify: 1 callbacks suppressed
[  105.651426][ T5832] loop5: detected capacity change from 0 to 512
[  105.670476][ T5835] loop2: detected capacity change from 0 to 164
[  105.678106][ T5832] EXT4-fs: Ignoring removed bh option
[  105.685333][ T5836] FAULT_INJECTION: forcing a failure.
[  105.685333][ T5836] name failslab, interval 1, probability 0, space 0, times 0
[  105.726843][ T5832] EXT4-fs: inline encryption not supported
[  105.729525][ T5836] CPU: 0 UID: 0 PID: 5836 Comm: syz.4.723 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  105.729559][ T5836] Tainted: [W]=WARN
[  105.729566][ T5836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  105.729657][ T5836] Call Trace:
[  105.729665][ T5836]  <TASK>
[  105.729673][ T5836]  __dump_stack+0x1d/0x30
[  105.729762][ T5836]  dump_stack_lvl+0x95/0xd0
[  105.729813][ T5836]  dump_stack+0x15/0x1b
[  105.729835][ T5836]  should_fail_ex+0x263/0x280
[  105.729937][ T5836]  ? asymmetric_lookup_restriction+0x303/0x370
[  105.729966][ T5836]  should_failslab+0x8c/0xb0
[  105.729988][ T5836]  __kmalloc_cache_noprof+0x5f/0x410
[  105.730084][ T5836]  ? __pfx_restrict_link_by_key_or_keyring_chain+0x10/0x10
[  105.730152][ T5836]  asymmetric_lookup_restriction+0x303/0x370
[  105.730196][ T5836]  ? __pfx_asymmetric_lookup_restriction+0x10/0x10
[  105.730223][ T5836]  keyring_restrict+0xf7/0x280
[  105.730311][ T5836]  keyctl_restrict_keyring+0x10a/0x1c0
[  105.730344][ T5836]  __se_sys_keyctl+0x1ed/0xb80
[  105.730418][ T5836]  ? __rcu_read_unlock+0x4e/0x70
[  105.730441][ T5836]  ? __fget_files+0x184/0x1c0
[  105.730465][ T5836]  ? mutex_lock+0x57/0x90
[  105.730507][ T5836]  ? mutex_unlock+0x4e/0x90
[  105.730587][ T5836]  ? fput+0x8f/0xc0
[  105.730614][ T5836]  __x64_sys_keyctl+0x67/0x80
[  105.730703][ T5836]  x64_sys_call+0x1d12/0x3020
[  105.730730][ T5836]  do_syscall_64+0x12c/0x370
[  105.730808][ T5836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.730833][ T5836] RIP: 0033:0x7f052f81c799
[  105.730850][ T5836] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  105.730869][ T5836] RSP: 002b:00007f052e277028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  105.730890][ T5836] RAX: ffffffffffffffda RBX: 00007f052fa95fa0 RCX: 00007f052f81c799
[  105.730905][ T5836] RDX: 0000200000000200 RSI: 000000000c251d48 RDI: 000000000000001d
[  105.730919][ T5836] RBP: 00007f052e277090 R08: 0000000000000000 R09: 0000000000000000
[  105.730997][ T5836] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  105.731011][ T5836] R13: 00007f052fa96038 R14: 00007f052fa95fa0 R15: 00007fff831c7638
[  105.731032][ T5836]  </TASK>
[  105.980602][ T5832] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  106.001035][ T5832] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1142: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  106.037061][ T5832] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.722: bg 0: block 248: padding at end of block bitmap is not set
[  106.055675][ T5832] loop5: lost filesystem error report for type 5 error -117
[  106.059359][    C1] EXT4-fs (loop5): error count since last fsck: 1
[  106.073294][    C1] EXT4-fs (loop5): last error at time 1773852897: ext4_validate_block_bitmap:441
[  106.083099][ T5832] EXT4-fs error (device loop5): ext4_acquire_dquot:7001: comm syz.5.722: Failed to acquire dquot type 1
[  106.097738][ T5832] loop5: lost filesystem error report for type 5 error -117
[  106.099413][ T5832] EXT4-fs (loop5): 1 truncate cleaned up
[  106.114828][ T5832] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  106.141155][ T5852] loop2: detected capacity change from 0 to 164
[  106.176991][ T5832] netlink: 8 bytes leftover after parsing attributes in process `syz.5.722'.
[  106.187210][ T5852] isofs_fill_super: root inode is not a directory. Corrupted media?
[  106.310144][ T5862] FAULT_INJECTION: forcing a failure.
[  106.310144][ T5862] name failslab, interval 1, probability 0, space 0, times 0
[  106.350011][ T5862] CPU: 1 UID: 0 PID: 5862 Comm: syz.0.729 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  106.350091][ T5862] Tainted: [W]=WARN
[  106.350097][ T5862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  106.350110][ T5862] Call Trace:
[  106.350115][ T5862]  <TASK>
[  106.350121][ T5862]  __dump_stack+0x1d/0x30
[  106.350197][ T5862]  dump_stack_lvl+0x95/0xd0
[  106.350233][ T5862]  dump_stack+0x15/0x1b
[  106.350255][ T5862]  should_fail_ex+0x263/0x280
[  106.350289][ T5862]  should_failslab+0x8c/0xb0
[  106.350312][ T5862]  __kmalloc_node_track_caller_noprof+0xc3/0x560
[  106.350414][ T5862]  ? vfs_parse_monolithic_sep+0x16a/0x270
[  106.350441][ T5862]  kmemdup_nul+0x36/0xc0
[  106.350460][ T5862]  ? __pfx_vfs_parse_comma_sep+0x10/0x10
[  106.350485][ T5862]  vfs_parse_monolithic_sep+0x16a/0x270
[  106.350552][ T5862]  generic_parse_monolithic+0x24/0x30
[  106.350679][ T5862]  parse_monolithic_mount_data+0x46/0x60
[  106.350704][ T5862]  do_new_mount+0x24e/0x8d0
[  106.350724][ T5862]  ? security_capable+0x7b/0x90
[  106.350749][ T5862]  path_mount+0x4d0/0xbc0
[  106.350836][ T5862]  __se_sys_mount+0x28c/0x2e0
[  106.350887][ T5862]  ? fput+0x8f/0xc0
[  106.350912][ T5862]  __x64_sys_mount+0x67/0x80
[  106.351001][ T5862]  x64_sys_call+0x2d61/0x3020
[  106.351030][ T5862]  do_syscall_64+0x12c/0x370
[  106.351056][ T5862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.351080][ T5862] RIP: 0033:0x7f24cef0c799
[  106.351122][ T5862] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  106.351144][ T5862] RSP: 002b:00007f24cd967028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  106.351238][ T5862] RAX: ffffffffffffffda RBX: 00007f24cf185fa0 RCX: 00007f24cef0c799
[  106.351254][ T5862] RDX: 0000200000000080 RSI: 0000200000000300 RDI: 0000000000000000
[  106.351269][ T5862] RBP: 00007f24cd967090 R08: 0000200000000100 R09: 0000000000000000
[  106.351289][ T5862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  106.351303][ T5862] R13: 00007f24cf186038 R14: 00007f24cf185fa0 R15: 00007ffde164ca38
[  106.351343][ T5862]  </TASK>
[  106.608085][ T5867] netlink: 28 bytes leftover after parsing attributes in process `syz.2.731'.
[  106.723113][ T5870] loop2: detected capacity change from 0 to 128
[  106.864895][ T5870] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  106.872783][ T5870] FAT-fs (loop2): Filesystem has been set read-only
[  106.879422][ T5870] bio_check_eod: 183162 callbacks suppressed
[  106.879436][ T5870] syz.2.732: attempt to access beyond end of device
[  106.879436][ T5870] loop2: rw=8912896, sector=2065, nr_sectors = 8 limit=128
[  106.899058][ T5870] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  106.907020][ T5870] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  106.915647][ T5870] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  106.923558][ T5870] syz.2.732: attempt to access beyond end of device
[  106.923558][ T5870] loop2: rw=8912896, sector=2065, nr_sectors = 8 limit=128
[  106.937391][ T5870] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  106.945281][ T5870] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  106.960332][ T5876] loop0: detected capacity change from 0 to 512
[  106.969045][ T5875] syz.2.732: attempt to access beyond end of device
[  106.969045][ T5875] loop2: rw=8388608, sector=2065, nr_sectors = 1 limit=128
[  106.983184][ T5875] buffer_io_error: 183158 callbacks suppressed
[  106.983199][ T5875] Buffer I/O error on dev loop2, logical block 2065, async page read
[  106.997801][ T5875] syz.2.732: attempt to access beyond end of device
[  106.997801][ T5875] loop2: rw=8388608, sector=2066, nr_sectors = 1 limit=128
[  107.011622][ T5875] Buffer I/O error on dev loop2, logical block 2066, async page read
[  107.019976][ T5875] syz.2.732: attempt to access beyond end of device
[  107.019976][ T5875] loop2: rw=8388608, sector=2067, nr_sectors = 1 limit=128
[  107.033701][ T5875] Buffer I/O error on dev loop2, logical block 2067, async page read
[  107.041834][ T5875] syz.2.732: attempt to access beyond end of device
[  107.041834][ T5875] loop2: rw=8388608, sector=2068, nr_sectors = 1 limit=128
[  107.055525][ T5875] Buffer I/O error on dev loop2, logical block 2068, async page read
[  107.063619][ T5875] syz.2.732: attempt to access beyond end of device
[  107.063619][ T5875] loop2: rw=8388608, sector=2069, nr_sectors = 1 limit=128
[  107.077454][ T5875] Buffer I/O error on dev loop2, logical block 2069, async page read
[  107.085561][ T5875] syz.2.732: attempt to access beyond end of device
[  107.085561][ T5875] loop2: rw=8388608, sector=2070, nr_sectors = 1 limit=128
[  107.099292][ T5875] Buffer I/O error on dev loop2, logical block 2070, async page read
[  107.107505][ T5875] syz.2.732: attempt to access beyond end of device
[  107.107505][ T5875] loop2: rw=8388608, sector=2071, nr_sectors = 1 limit=128
[  107.121478][ T5875] Buffer I/O error on dev loop2, logical block 2071, async page read
[  107.129643][ T5875] syz.2.732: attempt to access beyond end of device
[  107.129643][ T5875] loop2: rw=8388608, sector=2072, nr_sectors = 1 limit=128
[  107.143486][ T5875] Buffer I/O error on dev loop2, logical block 2072, async page read
[  107.151704][ T5870] Buffer I/O error on dev loop2, logical block 2065, async page read
[  107.160136][ T5870] Buffer I/O error on dev loop2, logical block 2066, async page read
[  107.247496][ T3790] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  107.286993][ T5876] EXT4-fs (loop0): 1 orphan inode deleted
[  107.349232][ T5876] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.732713][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.876432][ T5897] loop0: detected capacity change from 0 to 164
[  107.920661][ T5897] ISOFS: unable to read i-node block
[  107.929175][ T5897] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  108.215617][ T5908] netlink: 28 bytes leftover after parsing attributes in process `syz.0.743'.
[  108.300780][ T5912] loop1: detected capacity change from 0 to 2048
[  108.352585][ T5915] loop0: detected capacity change from 0 to 128
[  108.442251][ T5912] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  108.479919][ T5915] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  108.487792][ T5915] FAT-fs (loop0): Filesystem has been set read-only
[  108.494423][ T5915] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  108.502347][ T5915] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  108.511159][ T5912] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.627870][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.660618][ T5928] loop5: detected capacity change from 0 to 256
[  108.693505][ T5928] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  108.831960][   T28] kauditd_printk_skb: 50 callbacks suppressed
[  108.831978][   T28] audit: type=1400 audit(1773852900.253:1371): avc:  denied  { remount } for  pid=5924 comm="syz.5.750" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  108.943387][   T28] audit: type=1400 audit(1773852900.323:1372): avc:  denied  { read } for  pid=5926 comm="syz.4.752" name="rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  109.074361][   T28] audit: type=1400 audit(1773852900.323:1373): avc:  denied  { open } for  pid=5926 comm="syz.4.752" path="/dev/rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  109.214692][   T28] audit: type=1400 audit(1773852900.343:1374): avc:  denied  { ioctl } for  pid=5926 comm="syz.4.752" path="/dev/rtc0" dev="devtmpfs" ino=244 ioctlcmd=0x7005 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  109.233825][ T5951] netlink: 28 bytes leftover after parsing attributes in process `syz.2.758'.
[  109.239796][   T28] audit: type=1400 audit(1773852900.343:1375): avc:  denied  { create } for  pid=5926 comm="syz.4.752" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  109.256193][ T5951] netlink: 8 bytes leftover after parsing attributes in process `syz.2.758'.
[  109.287983][   T28] audit: type=1400 audit(1773852900.743:1376): avc:  denied  { create } for  pid=5954 comm="syz.5.760" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  109.308366][   T28] audit: type=1400 audit(1773852900.743:1377): avc:  denied  { write } for  pid=5954 comm="syz.5.760" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  109.403240][ T5959] syzkaller0: entered promiscuous mode
[  109.408774][ T5959] syzkaller0: entered allmulticast mode
[  109.447009][ T5965] loop0: detected capacity change from 0 to 2048
[  109.500269][   T28] audit: type=1400 audit(1773852900.953:1378): avc:  denied  { write } for  pid=5952 comm="syz.4.759" lport=135 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  109.696629][   T28] audit: type=1400 audit(1773852901.153:1379): avc:  denied  { read write } for  pid=5966 comm="syz.1.764" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  109.735594][   T28] audit: type=1400 audit(1773852901.153:1380): avc:  denied  { open } for  pid=5966 comm="syz.1.764" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  109.797031][ T5952] syz.4.759 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  109.802031][ T5969] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=4 sclass=netlink_xfrm_socket pid=5969 comm=syz.1.764
[  109.821394][ T5952] CPU: 1 UID: 0 PID: 5952 Comm: syz.4.759 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  109.821424][ T5952] Tainted: [W]=WARN
[  109.821431][ T5952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  109.821444][ T5952] Call Trace:
[  109.821449][ T5952]  <TASK>
[  109.821464][ T5952]  __dump_stack+0x1d/0x30
[  109.821493][ T5952]  dump_stack_lvl+0x95/0xd0
[  109.821553][ T5952]  dump_stack+0x15/0x1b
[  109.821577][ T5952]  dump_header+0x80/0x240
[  109.821601][ T5952]  oom_kill_process+0x295/0x350
[  109.821640][ T5952]  out_of_memory+0x97d/0xb80
[  109.821661][ T5952]  try_charge_memcg+0x62e/0xa10
[  109.821704][ T5952]  mem_cgroup_swapin_charge_folio+0x103/0x1f0
[  109.821801][ T5952]  __swap_cache_prepare_and_add+0x386/0x530
[  109.821840][ T5952]  swap_cache_alloc_folio+0xa2/0x120
[  109.821910][ T5952]  swap_cluster_readahead+0x26e/0x3d0
[  109.821941][ T5952]  swapin_readahead+0xde/0x840
[  109.821966][ T5952]  ? _raw_spin_unlock+0x9/0x30
[  109.822067][ T5952]  ? swap_put_entries_cluster+0x385/0x3a0
[  109.822094][ T5952]  ? swap_put_entries_cluster+0x81/0x3a0
[  109.822121][ T5952]  ? __rcu_read_unlock+0x4e/0x70
[  109.822190][ T5952]  ? swap_cache_get_folio+0x26f/0x280
[  109.822218][ T5952]  do_swap_page+0x30d/0x2220
[  109.822299][ T5952]  ? css_rstat_updated+0xbb/0x280
[  109.822325][ T5952]  ? __rcu_read_lock+0x36/0x50
[  109.822347][ T5952]  ? pte_offset_map_rw_nolock+0x19e/0x200
[  109.822379][ T5952]  handle_mm_fault+0xb46/0x3020
[  109.822407][ T5952]  ? vma_start_read+0x1c7/0x2c0
[  109.822502][ T5952]  do_user_addr_fault+0x62f/0x1050
[  109.822534][ T5952]  ? arch_exit_to_user_mode_prepare+0x26/0x80
[  109.822558][ T5952]  ? trace_page_fault_user+0x1f/0xe0
[  109.822604][ T5952]  exc_page_fault+0x62/0xa0
[  109.822633][ T5952]  asm_exc_page_fault+0x26/0x30
[  109.822731][ T5952] RIP: 0033:0x7f052f7d78fe
[  109.822746][ T5952] Code: 41 51 4c 8d 9b 08 03 00 00 49 89 c9 48 89 f1 41 50 48 8b 74 24 20 49 89 d0 48 89 fa 4c 89 df e8 a8 56 00 00 8b 93 08 03 00 00 <59> 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24
[  109.822822][ T5952] RSP: 002b:00007fff831c7720 EFLAGS: 00010246
[  109.822865][ T5952] RAX: 0000000000000000 RBX: 000055558efa4500 RCX: 00007f052f7dcfce
[  109.822880][ T5952] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  109.822919][ T5952] RBP: 00007f052fa97da0 R08: 0000000000000000 R09: 0000000000000000
[  109.822933][ T5952] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000001adcb
[  109.822945][ T5952] R13: 00007f052fa9627c R14: 000000000001abd0 R15: 00007f052fa96270
[  109.822963][ T5952]  </TASK>
[  109.823024][ T5952] memory: usage 297060kB, limit 307200kB, failcnt 1132
[  110.076838][ T5965] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  110.095819][ T5976] EXT4-fs: Ignoring removed orlov option
[  110.103771][ T5965] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.106320][ T5976] EXT4-fs: Ignoring removed bh option
[  110.134115][ T5952] memory+swap: usage 88084kB, limit 9007199254740988kB, failcnt 0
[  110.146997][ T5952] kmem: usage 76580kB, limit 9007199254740988kB, failcnt 0
[  110.154438][ T5952] Memory cgroup stats for /syz4:
[  110.154807][ T5952] cache 0
[  110.163019][ T5952] rss 4096
[  110.166099][ T5952] shmem 0
[  110.171699][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.181432][ T5976] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.196545][ T5952] mapped_file 0
[  110.268689][ T5996] syzkaller0: entered promiscuous mode
[  110.279634][ T5952] dirty 0
[  110.314031][ T5952] writeback 0
[  110.314404][ T3790] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.317337][ T5952] workingset_refault_anon 232
[  110.317346][ T5952] workingset_refault_file 694
[  110.317355][ T5952] swap 13475840
[  110.348824][ T5996] syzkaller0: entered allmulticast mode
[  110.365973][ T5952] swapcached 17174528
[  110.403106][ T5952] pgpgin 72307
[  110.406594][ T5952] pgpgout 72304
[  110.410276][ T5952] pgfault 69348
[  110.415490][ T5952] pgmajfault 195
[  110.419231][ T5952] inactive_anon 0
[  110.426271][ T5952] active_anon 4096
[  110.430254][ T5952] inactive_file 0
[  110.433906][ T5952] active_file 8192
[  110.437639][ T5952] unevictable 0
[  110.442140][ T5952] hierarchical_memory_limit 314572800
[  110.447828][ T5952] hierarchical_memsw_limit 9223372036854771712
[  110.455004][ T5952] total_cache 0
[  110.458623][ T6002] __nla_validate_parse: 2 callbacks suppressed
[  110.458659][ T6002] netlink: 12 bytes leftover after parsing attributes in process `syz.5.771'.
[  110.472903][ T5952] total_rss 4096
[  110.477442][ T5952] total_shmem 0
[  110.480975][ T6002] netlink: 128 bytes leftover after parsing attributes in process `syz.5.771'.
[  110.491325][ T5952] total_mapped_file 0
[  110.495571][ T5952] total_dirty 0
[  110.499026][ T5952] total_writeback 0
[  110.503432][ T5952] total_workingset_refault_anon 232
[  110.508950][ T5952] total_workingset_refault_file 694
[  110.514616][ T5952] total_swap 13475840
[  110.518597][ T5952] total_swapcached 17174528
[  110.533447][ T5952] total_pgpgin 72307
[  110.537486][ T5952] total_pgpgout 72304
[  110.541763][ T5952] total_pgfault 69348
[  110.548862][ T5952] total_pgmajfault 195
[  110.553151][ T5952] total_inactive_anon 0
[  110.557378][ T5952] total_active_anon 4096
[  110.561708][ T5952] total_inactive_file 0
[  110.565880][ T5952] total_active_file 8192
[  110.570248][ T5952] total_unevictable 0
[  110.574257][ T5952] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.759,pid=5952,uid=0
[  110.588935][ T5952] Memory cgroup out of memory: Killed process 5952 (syz.4.759) total-vm:100580kB, anon-rss:1228kB, file-rss:26628kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000
[  110.613770][ T6007] FAULT_INJECTION: forcing a failure.
[  110.613770][ T6007] name failslab, interval 1, probability 0, space 0, times 0
[  110.638316][ T6004] netlink: 28 bytes leftover after parsing attributes in process `syz.0.772'.
[  110.659776][ T6004] netlink: 8 bytes leftover after parsing attributes in process `syz.0.772'.
[  110.669424][ T6007] CPU: 1 UID: 0 PID: 6007 Comm: syz.1.773 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  110.669458][ T6007] Tainted: [W]=WARN
[  110.669466][ T6007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  110.669600][ T6007] Call Trace:
[  110.669607][ T6007]  <TASK>
[  110.669617][ T6007]  __dump_stack+0x1d/0x30
[  110.669715][ T6007]  dump_stack_lvl+0x95/0xd0
[  110.669741][ T6007]  dump_stack+0x15/0x1b
[  110.669764][ T6007]  should_fail_ex+0x263/0x280
[  110.669868][ T6007]  ? p9_fd_create+0xa5/0x230
[  110.669892][ T6007]  should_failslab+0x8c/0xb0
[  110.669969][ T6007]  __kmalloc_cache_noprof+0x5f/0x410
[  110.669998][ T6007]  ? should_failslab+0x8c/0xb0
[  110.670022][ T6007]  p9_fd_create+0xa5/0x230
[  110.670123][ T6007]  p9_client_create+0x231/0x7a0
[  110.670228][ T6007]  ? should_fail_ex+0xd9/0x280
[  110.670256][ T6007]  v9fs_session_init+0x3c/0x4a0
[  110.670286][ T6007]  v9fs_get_tree+0x5c/0x5e0
[  110.670342][ T6007]  ? security_capable+0x7b/0x90
[  110.670366][ T6007]  vfs_get_tree+0x57/0x1d0
[  110.670383][ T6007]  do_new_mount+0x288/0x8d0
[  110.670411][ T6007]  ? security_capable+0x7b/0x90
[  110.670472][ T6007]  path_mount+0x4d0/0xbc0
[  110.670493][ T6007]  __se_sys_mount+0x28c/0x2e0
[  110.670518][ T6007]  ? fput+0x8f/0xc0
[  110.670565][ T6007]  __x64_sys_mount+0x67/0x80
[  110.670585][ T6007]  x64_sys_call+0x2d61/0x3020
[  110.670622][ T6007]  do_syscall_64+0x12c/0x370
[  110.670650][ T6007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.670707][ T6007] RIP: 0033:0x7fa33dddc799
[  110.670721][ T6007] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  110.670737][ T6007] RSP: 002b:00007fa33c82f028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  110.670756][ T6007] RAX: ffffffffffffffda RBX: 00007fa33e055fa0 RCX: 00007fa33dddc799
[  110.670772][ T6007] RDX: 0000200000000080 RSI: 0000200000000300 RDI: 0000000000000000
[  110.670827][ T6007] RBP: 00007fa33c82f090 R08: 0000200000000100 R09: 0000000000000000
[  110.670839][ T6007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  110.670853][ T6007] R13: 00007fa33e056038 R14: 00007fa33e055fa0 R15: 00007ffcd6a16198
[  110.670874][ T6007]  </TASK>
[  110.955700][ T6014] netlink: 4 bytes leftover after parsing attributes in process `syz.0.776'.
[  111.008241][ T6019] usb usb8: usbfs: process 6019 (syz.4.778) did not claim interface 0 before use
[  111.030204][ T6022] set_capacity_and_notify: 2 callbacks suppressed
[  111.030222][ T6022] loop1: detected capacity change from 0 to 2048
[  111.057851][ T6026] xt_ecn: cannot match TCP bits for non-tcp packets
[  111.064614][ T6022] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  111.200443][ T6022] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.230294][ T6033] netlink: 4 bytes leftover after parsing attributes in process `syz.2.781'.
[  111.247211][ T6033] loop2: detected capacity change from 0 to 1024
[  111.263728][ T6033] EXT4-fs: Ignoring removed orlov option
[  111.285794][ T6035] netlink: 'syz.4.782': attribute type 10 has an invalid length.
[  111.286014][ T6026] loop5: detected capacity change from 0 to 512
[  111.314963][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.319110][ T6033] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.325037][ T6035] vxcan1: entered promiscuous mode
[  111.347199][ T6026] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities
[  111.348259][ T6035] team0: Device vxcan1 is of different type
[  111.372031][ T6033] netlink: 'syz.2.781': attribute type 8 has an invalid length.
[  111.385537][ T6033] 9p: Bad value for 'rfdno'
[  111.407954][ T6016] loop5: detected capacity change from 0 to 512
[  111.442463][ T6016] EXT4-fs: Ignoring removed bh option
[  111.455304][ T6016] EXT4-fs: inline encryption not supported
[  111.472973][ T6016] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  111.522059][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.534350][ T6043] xt_CT: No such helper "netbios-ns"
[  111.585102][ T6016] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1142: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  111.605169][ T6050] netlink: 28 bytes leftover after parsing attributes in process `syz.4.787'.
[  111.614310][ T6050] netlink: 8 bytes leftover after parsing attributes in process `syz.4.787'.
[  111.623561][ T6016] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.777: bg 0: block 248: padding at end of block bitmap is not set
[  111.648066][ T6016] loop5: lost filesystem error report for type 5 error -117
[  111.648398][ T6016] EXT4-fs error (device loop5): ext4_acquire_dquot:7001: comm syz.5.777: Failed to acquire dquot type 1
[  111.655759][    C0] EXT4-fs (loop5): error count since last fsck: 1
[  111.655775][    C0] EXT4-fs (loop5): last error at time 1773852903: ext4_validate_block_bitmap:441
[  111.701666][ T6016] loop5: lost filesystem error report for type 5 error -117
[  111.705811][ T6016] EXT4-fs (loop5): 1 truncate cleaned up
[  111.739233][ T6016] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  111.767240][ T6061] netlink: 'syz.0.789': attribute type 1 has an invalid length.
[  111.784497][ T6061] 8021q: adding VLAN 0 to HW filter on device bond2
[  111.817696][ T6064] loop0: detected capacity change from 0 to 128
[  111.943311][ T6064] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  111.951280][ T6064] FAT-fs (loop0): Filesystem has been set read-only
[  111.958003][ T6064] bio_check_eod: 136949 callbacks suppressed
[  111.958017][ T6064] syz.0.790: attempt to access beyond end of device
[  111.958017][ T6064] loop0: rw=8912896, sector=2065, nr_sectors = 8 limit=128
[  111.978281][ T6064] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  111.986230][ T6064] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  111.994458][ T6064] syz.0.790: attempt to access beyond end of device
[  111.994458][ T6064] loop0: rw=8388608, sector=2065, nr_sectors = 1 limit=128
[  112.008222][ T6064] buffer_io_error: 136158 callbacks suppressed
[  112.008239][ T6064] Buffer I/O error on dev loop0, logical block 2065, async page read
[  112.022487][ T6064] syz.0.790: attempt to access beyond end of device
[  112.022487][ T6064] loop0: rw=8388608, sector=2066, nr_sectors = 1 limit=128
[  112.036182][ T6064] Buffer I/O error on dev loop0, logical block 2066, async page read
[  112.044519][ T6064] syz.0.790: attempt to access beyond end of device
[  112.044519][ T6064] loop0: rw=8388608, sector=2067, nr_sectors = 1 limit=128
[  112.058197][ T6064] Buffer I/O error on dev loop0, logical block 2067, async page read
[  112.066375][ T6064] syz.0.790: attempt to access beyond end of device
[  112.066375][ T6064] loop0: rw=8388608, sector=2068, nr_sectors = 1 limit=128
[  112.080112][ T6064] Buffer I/O error on dev loop0, logical block 2068, async page read
[  112.088198][ T6064] syz.0.790: attempt to access beyond end of device
[  112.088198][ T6064] loop0: rw=8388608, sector=2069, nr_sectors = 1 limit=128
[  112.101917][ T6064] Buffer I/O error on dev loop0, logical block 2069, async page read
[  112.110006][ T6064] syz.0.790: attempt to access beyond end of device
[  112.110006][ T6064] loop0: rw=8388608, sector=2070, nr_sectors = 1 limit=128
[  112.123675][ T6064] Buffer I/O error on dev loop0, logical block 2070, async page read
[  112.131769][ T6064] syz.0.790: attempt to access beyond end of device
[  112.131769][ T6064] loop0: rw=8388608, sector=2071, nr_sectors = 1 limit=128
[  112.145580][ T6064] Buffer I/O error on dev loop0, logical block 2071, async page read
[  112.153664][ T6064] syz.0.790: attempt to access beyond end of device
[  112.153664][ T6064] loop0: rw=8388608, sector=2072, nr_sectors = 1 limit=128
[  112.167667][ T6064] Buffer I/O error on dev loop0, logical block 2072, async page read
[  112.175839][ T6064] syz.0.790: attempt to access beyond end of device
[  112.175839][ T6064] loop0: rw=8388608, sector=2065, nr_sectors = 1 limit=128
[  112.189580][ T6064] Buffer I/O error on dev loop0, logical block 2065, async page read
[  112.197657][ T6064] Buffer I/O error on dev loop0, logical block 2066, async page read
[  112.217345][ T6069] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  112.246686][ T6069] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  112.282200][ T3790] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  112.450607][ T6040] syz.1.783 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  112.500341][ T6075] loop2: detected capacity change from 0 to 128
[  112.693737][ T6075] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  112.701839][ T6075] FAT-fs (loop2): Filesystem has been set read-only
[  112.708742][ T6075] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  112.716678][ T6075] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  112.750444][ T6040] CPU: 1 UID: 0 PID: 6040 Comm: syz.1.783 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  112.750561][ T6040] Tainted: [W]=WARN
[  112.750591][ T6040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  112.750605][ T6040] Call Trace:
[  112.750612][ T6040]  <TASK>
[  112.750620][ T6040]  __dump_stack+0x1d/0x30
[  112.750655][ T6040]  dump_stack_lvl+0x95/0xd0
[  112.750681][ T6040]  dump_stack+0x15/0x1b
[  112.750773][ T6040]  dump_header+0x80/0x240
[  112.750800][ T6040]  oom_kill_process+0x295/0x350
[  112.750836][ T6040]  out_of_memory+0x97d/0xb80
[  112.750862][ T6040]  try_charge_memcg+0x62e/0xa10
[  112.750941][ T6040]  mem_cgroup_swapin_charge_folio+0x103/0x1f0
[  112.750977][ T6040]  __swap_cache_prepare_and_add+0x386/0x530
[  112.751069][ T6040]  swap_cache_alloc_folio+0xa2/0x120
[  112.751131][ T6040]  swap_cluster_readahead+0x26e/0x3d0
[  112.751169][ T6040]  swapin_readahead+0xde/0x840
[  112.751197][ T6040]  ? __rcu_read_unlock+0x4e/0x70
[  112.751217][ T6040]  ? __perf_event_task_sched_in+0xa65/0xad0
[  112.751244][ T6040]  ? __list_add_valid_or_report+0x38/0xe0
[  112.751300][ T6040]  ? __rcu_read_unlock+0x4e/0x70
[  112.751318][ T6040]  ? swap_cache_get_folio+0x26f/0x280
[  112.751342][ T6040]  do_swap_page+0x30d/0x2220
[  112.751398][ T6040]  ? __schedule+0x93c/0xd40
[  112.751422][ T6040]  ? __rcu_read_lock+0x36/0x50
[  112.751477][ T6040]  ? pte_offset_map_rw_nolock+0x19e/0x200
[  112.751502][ T6040]  handle_mm_fault+0xb46/0x3020
[  112.751529][ T6040]  ? vma_start_read+0x1c7/0x2c0
[  112.751613][ T6040]  do_user_addr_fault+0x62f/0x1050
[  112.751676][ T6040]  ? trace_page_fault_user+0x1f/0xe0
[  112.751703][ T6040]  exc_page_fault+0x62/0xa0
[  112.751754][ T6040]  asm_exc_page_fault+0x26/0x30
[  112.751772][ T6040] RIP: 0033:0x7fa33dcaa14c
[  112.751787][ T6040] Code: 8a 31 13 00 eb 24 66 66 2e 0f 1f 84 00 00 00 00 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 81 c3 f0 00 00 00 48 39 dd 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 f0 00 00
[  112.751803][ T6040] RSP: 002b:00007ffcd6a16300 EFLAGS: 00010202
[  112.751819][ T6040] RAX: 0000000000000000 RBX: 00007fa33e055fa0 RCX: 0000555558465808
[  112.751876][ T6040] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  112.751887][ T6040] RBP: 00007fa33e057da0 R08: 0000000000000000 R09: 0000000000000000
[  112.751899][ T6040] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000001b652
[  112.751911][ T6040] R13: 00007fa33e055fac R14: 000000000001b355 R15: 00007ffcd6a16400
[  112.751928][ T6040]  </TASK>
[  112.751936][ T6040] memory: usage 231076kB, limit 307200kB, failcnt 865
[  113.070359][ T6040] memory+swap: usage 217808kB, limit 9007199254740988kB, failcnt 0
[  113.200283][ T6081] loop0: detected capacity change from 0 to 2048
[  113.227554][ T6040] kmem: usage 191632kB, limit 9007199254740988kB, failcnt 0
[  113.244427][ T6081] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  113.291275][ T6081] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.359845][ T6040] Memory cgroup stats for /syz1:
[  113.367577][ T6040] cache 0
[  113.375498][ T6040] rss 4096
[  113.378513][ T6040] shmem 0
[  113.381475][ T6040] mapped_file 0
[  113.384918][ T6040] dirty 0
[  113.387837][ T6040] writeback 8192
[  113.391415][ T6040] workingset_refault_anon 111
[  113.412192][ T6040] workingset_refault_file 1077
[  113.426995][ T6040] swap 184320
[  113.430601][ T6040] swapcached 352256
[  113.432712][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.434479][ T6040] pgpgin 94292
[  113.460164][ T6040] pgpgout 94287
[  113.463791][ T6040] pgfault 83497
[  113.467237][ T6040] pgmajfault 149
[  113.482529][ T6040] inactive_anon 12288
[  113.486536][ T6040] active_anon 0
[  113.490192][ T6040] inactive_file 8192
[  113.569726][ T6040] active_file 0
[  113.579563][ T6040] unevictable 0
[  113.593236][ T6040] hierarchical_memory_limit 314572800
[  113.598751][ T6040] hierarchical_memsw_limit 9223372036854771712
[  113.637862][ T6040] total_cache 0
[  113.641694][ T6040] total_rss 4096
[  113.665294][ T6040] total_shmem 0
[  113.669841][ T6104] netlink: 28 bytes leftover after parsing attributes in process `syz.2.802'.
[  113.675148][ T6040] total_mapped_file 0
[  113.690610][ T6040] total_dirty 0
[  113.699475][ T1033] IPVS: starting estimator thread 0...
[  113.723466][ T6040] total_writeback 8192
[  113.736110][ T6040] total_workingset_refault_anon 111
[  113.751452][ T6040] total_workingset_refault_file 1077
[  113.759503][ T6110] syzkaller0: entered promiscuous mode
[  113.762299][ T6040] total_swap 184320
[  113.764990][ T6110] syzkaller0: entered allmulticast mode
[  113.768779][ T6040] total_swapcached 352256
[  113.788861][ T6040] total_pgpgin 94292
[  113.793241][ T6040] total_pgpgout 94287
[  113.797246][ T6040] total_pgfault 83497
[  113.799471][ T6107] IPVS: using max 2736 ests per chain, 136800 per kthread
[  113.809454][ T6040] total_pgmajfault 149
[  113.813705][ T6040] total_inactive_anon 12288
[  113.818287][ T6040] total_active_anon 0
[  113.941564][ T6040] total_inactive_file 8192
[  113.946108][ T6040] total_active_file 0
[  113.950481][ T6040] total_unevictable 0
[  113.961049][ T6040] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.783,pid=6040,uid=0
[  113.979203][ T6040] Memory cgroup out of memory: Killed process 6040 (syz.1.783) total-vm:94032kB, anon-rss:1228kB, file-rss:22152kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  114.175044][ T6122] vlan2: left promiscuous mode
[  114.323395][ T6125] 9p: Bad value for 'rfdno'
[  114.454428][ T6134] FAULT_INJECTION: forcing a failure.
[  114.454428][ T6134] name failslab, interval 1, probability 0, space 0, times 0
[  114.473542][   T28] kauditd_printk_skb: 33 callbacks suppressed
[  114.473567][   T28] audit: type=1400 audit(1773852905.933:1412): avc:  denied  { accept } for  pid=6131 comm="syz.5.812" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  114.558654][ T6134] CPU: 0 UID: 0 PID: 6134 Comm: syz.0.811 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  114.558687][ T6134] Tainted: [W]=WARN
[  114.558695][ T6134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  114.558709][ T6134] Call Trace:
[  114.558765][ T6134]  <TASK>
[  114.558773][ T6134]  __dump_stack+0x1d/0x30
[  114.558800][ T6134]  dump_stack_lvl+0x95/0xd0
[  114.558871][ T6134]  dump_stack+0x15/0x1b
[  114.558896][ T6134]  should_fail_ex+0x263/0x280
[  114.558920][ T6134]  should_failslab+0x8c/0xb0
[  114.558954][ T6134]  kmem_cache_alloc_node_noprof+0x6d/0x460
[  114.559040][ T6134]  ? __alloc_skb+0x2d6/0x690
[  114.559070][ T6134]  __alloc_skb+0x2d6/0x690
[  114.559093][ T6134]  ? __alloc_skb+0x200/0x690
[  114.559180][ T6134]  netlink_ack+0xfd/0x500
[  114.559211][ T6134]  ? __pfx_fou_nl_add_doit+0x10/0x10
[  114.559243][ T6134]  netlink_rcv_skb+0x192/0x220
[  114.559275][ T6134]  ? __pfx_genl_rcv_msg+0x10/0x10
[  114.559339][ T6134]  genl_rcv+0x28/0x40
[  114.559363][ T6134]  netlink_unicast+0x5c0/0x690
[  114.559394][ T6134]  netlink_sendmsg+0x5c8/0x6f0
[  114.559510][ T6134]  ? __pfx_netlink_sendmsg+0x10/0x10
[  114.559546][ T6134]  ____sys_sendmsg+0x563/0x5b0
[  114.559582][ T6134]  ___sys_sendmsg+0x195/0x1e0
[  114.559651][ T6134]  __x64_sys_sendmsg+0xd4/0x160
[  114.559694][ T6134]  x64_sys_call+0x194c/0x3020
[  114.559765][ T6134]  do_syscall_64+0x12c/0x370
[  114.559792][ T6134]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.559812][ T6134] RIP: 0033:0x7f24cef0c799
[  114.559900][ T6134] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  114.559927][ T6134] RSP: 002b:00007f24cd967028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  114.559965][ T6134] RAX: ffffffffffffffda RBX: 00007f24cf185fa0 RCX: 00007f24cef0c799
[  114.559979][ T6134] RDX: 0000000004000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  114.559991][ T6134] RBP: 00007f24cd967090 R08: 0000000000000000 R09: 0000000000000000
[  114.560056][ T6134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  114.560070][ T6134] R13: 00007f24cf186038 R14: 00007f24cf185fa0 R15: 00007ffde164ca38
[  114.560089][ T6134]  </TASK>
[  114.828579][ T6137] netlink: 8 bytes leftover after parsing attributes in process `syz.4.808'.
[  114.837472][   T28] audit: type=1400 audit(1773852905.963:1413): avc:  denied  { getopt } for  pid=6131 comm="syz.5.812" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  114.880130][   T28] audit: type=1400 audit(1773852905.963:1414): avc:  denied  { setopt } for  pid=6131 comm="syz.5.812" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  114.914379][   T28] audit: type=1400 audit(1773852906.363:1415): avc:  denied  { ioctl } for  pid=6131 comm="syz.5.812" path="socket:[14684]" dev="sockfs" ino=14684 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  115.764852][   T28] audit: type=1400 audit(1773852907.223:1416): avc:  denied  { map } for  pid=6164 comm="syz.0.819" path="/dev/zero" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
[  115.955786][ T6174] loop4: detected capacity change from 0 to 512
[  116.011164][   T28] audit: type=1400 audit(1773852907.473:1417): avc:  denied  { name_connect } for  pid=6185 comm="syz.2.826" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  116.034029][ T6186] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT
[  116.068123][   T28] audit: type=1400 audit(1773852907.493:1418): avc:  denied  { listen } for  pid=6185 comm="syz.2.826" lport=55646 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  116.114276][ T6174] EXT4-fs (loop4): 1 orphan inode deleted
[  116.120628][   T28] audit: type=1400 audit(1773852907.493:1419): avc:  denied  { accept } for  pid=6185 comm="syz.2.826" lport=55646 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  116.120740][   T28] audit: type=1400 audit(1773852907.493:1420): avc:  denied  { setopt } for  pid=6185 comm="syz.2.826" lport=55646 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  116.120766][   T28] audit: type=1400 audit(1773852907.493:1421): avc:  denied  { write } for  pid=6185 comm="syz.2.826" lport=55646 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  116.214362][ T6174] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.238666][ T6191] loop2: detected capacity change from 0 to 164
[  116.385160][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.410106][ T6199] loop5: detected capacity change from 0 to 128
[  116.434961][ T6199] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  116.442847][ T6199] FAT-fs (loop5): Filesystem has been set read-only
[  116.449488][ T6199] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  116.457324][ T6199] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  116.653823][ T6201] loop2: detected capacity change from 0 to 256
[  116.959410][ T6199] bio_check_eod: 122574 callbacks suppressed
[  116.959455][ T6199] syz.5.829: attempt to access beyond end of device
[  116.959455][ T6199] loop5: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  116.979357][ T6199] syz.5.829: attempt to access beyond end of device
[  116.979357][ T6199] loop5: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  116.993104][ T6199] syz.5.829: attempt to access beyond end of device
[  116.993104][ T6199] loop5: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  117.006948][ T6199] syz.5.829: attempt to access beyond end of device
[  117.006948][ T6199] loop5: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  117.020679][ T6199] syz.5.829: attempt to access beyond end of device
[  117.020679][ T6199] loop5: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  117.034629][ T6199] syz.5.829: attempt to access beyond end of device
[  117.034629][ T6199] loop5: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  117.048393][ T6199] syz.5.829: attempt to access beyond end of device
[  117.048393][ T6199] loop5: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  117.062539][ T6199] syz.5.829: attempt to access beyond end of device
[  117.062539][ T6199] loop5: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  117.076289][ T6199] syz.5.829: attempt to access beyond end of device
[  117.076289][ T6199] loop5: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  117.090381][ T6199] syz.5.829: attempt to access beyond end of device
[  117.090381][ T6199] loop5: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  118.061827][ T6199] buffer_io_error: 105078 callbacks suppressed
[  118.061844][ T6199] Buffer I/O error on dev loop5, logical block 2065, async page read
[  118.070782][ T6209] loop1: detected capacity change from 0 to 128
[  118.076395][ T6199] Buffer I/O error on dev loop5, logical block 2066, async page read
[  118.090761][ T6199] Buffer I/O error on dev loop5, logical block 2067, async page read
[  118.098843][ T6199] Buffer I/O error on dev loop5, logical block 2068, async page read
[  118.099880][ T6207] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  118.106971][ T6199] Buffer I/O error on dev loop5, logical block 2069, async page read
[  118.107046][ T6199] Buffer I/O error on dev loop5, logical block 2070, async page read
[  118.114954][ T6207] FAT-fs (loop1): Filesystem has been set read-only
[  118.123021][ T6199] Buffer I/O error on dev loop5, logical block 2071, async page read
[  118.131141][ T6207] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  118.137685][ T6199] Buffer I/O error on dev loop5, logical block 2072, async page read
[  118.145746][ T6207] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  118.153599][ T6199] Buffer I/O error on dev loop5, logical block 2065, async page read
[  118.153616][ T6199] Buffer I/O error on dev loop5, logical block 2066, async page read
[  118.236468][ T6212] loop0: detected capacity change from 0 to 128
[  118.574860][ T6226] loop4: detected capacity change from 0 to 2048
[  118.592840][ T6226] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  118.648389][ T6226] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  118.750607][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.825834][ T6250] loop1: detected capacity change from 0 to 128
[  118.857531][ T6250] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  118.865641][ T6250] FAT-fs (loop1): Filesystem has been set read-only
[  118.872293][ T6250] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  118.880201][ T6250] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  119.086646][ T6261] __nla_validate_parse: 1 callbacks suppressed
[  119.086714][ T6261] netlink: 12 bytes leftover after parsing attributes in process `syz.2.847'.
[  119.407521][ T6273] loop2: detected capacity change from 0 to 1024
[  119.440437][ T6273] EXT4-fs: inline encryption not supported
[  119.488224][ T6273] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  119.523255][ T6273] EXT4-fs error (device loop2): ext4_map_blocks:776: inode #3: block 2: comm syz.2.852: lblock 2 mapped to illegal pblock 2 (length 1)
[  119.538645][   T28] kauditd_printk_skb: 74 callbacks suppressed
[  119.538658][   T28] audit: type=1400 audit(1773852910.993:1496): avc:  denied  { map_create } for  pid=6274 comm="syz.4.853" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  119.605189][ T6273] loop2: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  119.609384][ T6273] EXT4-fs (loop2): Remounting filesystem read-only
[  119.624942][    C0] EXT4-fs (loop2): error count since last fsck: 1
[  119.624961][    C0] EXT4-fs (loop2): initial error at time 1773852911: ext4_map_blocks:776: inode 3: block 2
[  119.625013][    C0] EXT4-fs (loop2): last error at time 1773852911: ext4_map_blocks:776: inode 3: block 2
[  119.665609][   T28] audit: type=1400 audit(1773852911.023:1497): avc:  denied  { perfmon } for  pid=6274 comm="syz.4.853" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  119.686510][   T28] audit: type=1400 audit(1773852911.023:1498): avc:  denied  { map_read map_write } for  pid=6274 comm="syz.4.853" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  119.706323][   T28] audit: type=1400 audit(1773852911.023:1499): avc:  denied  { prog_load } for  pid=6274 comm="syz.4.853" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  119.725655][   T28] audit: type=1400 audit(1773852911.023:1500): avc:  denied  { bpf } for  pid=6274 comm="syz.4.853" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  119.746133][   T28] audit: type=1400 audit(1773852911.033:1501): avc:  denied  { prog_run } for  pid=6274 comm="syz.4.853" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  119.765144][   T28] audit: type=1400 audit(1773852911.113:1502): avc:  denied  { relabelfrom } for  pid=6274 comm="syz.4.853" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  119.785175][   T28] audit: type=1400 audit(1773852911.113:1503): avc:  denied  { relabelto } for  pid=6274 comm="syz.4.853" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  119.786525][ T6273] Quota error (device loop2): qtree_write_dquot: dquota write failed
[  119.835154][ T6273] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  119.844238][ T6273] EXT4-fs (loop2): 1 orphan inode deleted
[  119.850541][ T6273] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.880745][ T6273] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.890032][ T6282] loop0: detected capacity change from 0 to 2048
[  119.903551][ T6282] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  119.975383][ T6282] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  120.055650][ T6290] netlink: 8 bytes leftover after parsing attributes in process `syz.2.859'.
[  120.089455][ T6290] netlink: 4 bytes leftover after parsing attributes in process `syz.2.859'.
[  120.109451][ T6290] netlink: 'syz.2.859': attribute type 15 has an invalid length.
[  120.186765][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.576601][ T6300] netlink: 12 bytes leftover after parsing attributes in process `syz.2.861'.
[  121.307661][ T6302] vlan2: left promiscuous mode
[  121.321409][ T6302] bond0: left promiscuous mode
[  121.326276][ T6302] bond_slave_0: left promiscuous mode
[  121.332522][ T6302] bond_slave_1: left promiscuous mode
[  121.492412][ T6316] loop4: detected capacity change from 0 to 128
[  121.593968][ T6316] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  121.601907][ T6316] FAT-fs (loop4): Filesystem has been set read-only
[  121.608782][ T6316] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  121.616813][ T6316] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  121.807058][ T6334] FAULT_INJECTION: forcing a failure.
[  121.807058][ T6334] name failslab, interval 1, probability 0, space 0, times 0
[  121.868131][ T6334] CPU: 0 UID: 0 PID: 6334 Comm: syz.1.873 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  121.868163][ T6334] Tainted: [W]=WARN
[  121.868169][ T6334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  121.868181][ T6334] Call Trace:
[  121.868186][ T6334]  <TASK>
[  121.868193][ T6334]  __dump_stack+0x1d/0x30
[  121.868243][ T6334]  dump_stack_lvl+0x95/0xd0
[  121.868271][ T6334]  dump_stack+0x15/0x1b
[  121.868295][ T6334]  should_fail_ex+0x263/0x280
[  121.868333][ T6334]  should_failslab+0x8c/0xb0
[  121.868352][ T6334]  kmem_cache_alloc_noprof+0x66/0x400
[  121.868384][ T6334]  ? p9_client_prepare_req+0xeb/0x660
[  121.868409][ T6334]  p9_client_prepare_req+0xeb/0x660
[  121.868472][ T6334]  p9_client_rpc+0xdf/0x6c0
[  121.868505][ T6334]  ? __rcu_read_unlock+0x4e/0x70
[  121.868529][ T6334]  ? tun_chr_poll+0xc4/0x400
[  121.868555][ T6334]  ? __pfx_tun_chr_poll+0x10/0x10
[  121.868603][ T6334]  ? p9_conn_create+0x2e1/0x320
[  121.868646][ T6334]  p9_client_create+0x351/0x7a0
[  121.868678][ T6334]  ? should_fail_ex+0xd9/0x280
[  121.868709][ T6334]  v9fs_session_init+0x3c/0x4a0
[  121.868803][ T6334]  v9fs_get_tree+0x5c/0x5e0
[  121.868873][ T6334]  ? security_capable+0x7b/0x90
[  121.868902][ T6334]  vfs_get_tree+0x57/0x1d0
[  121.868924][ T6334]  do_new_mount+0x288/0x8d0
[  121.868948][ T6334]  ? security_capable+0x7b/0x90
[  121.869040][ T6334]  path_mount+0x4d0/0xbc0
[  121.869061][ T6334]  __se_sys_mount+0x28c/0x2e0
[  121.869121][ T6334]  ? fput+0x8f/0xc0
[  121.869150][ T6334]  __x64_sys_mount+0x67/0x80
[  121.869181][ T6334]  x64_sys_call+0x2d61/0x3020
[  121.869274][ T6334]  do_syscall_64+0x12c/0x370
[  121.869302][ T6334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.869331][ T6334] RIP: 0033:0x7fa33dddc799
[  121.869351][ T6334] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  121.869369][ T6334] RSP: 002b:00007fa33c82f028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  121.869392][ T6334] RAX: ffffffffffffffda RBX: 00007fa33e055fa0 RCX: 00007fa33dddc799
[  121.869451][ T6334] RDX: 0000200000000080 RSI: 0000200000000300 RDI: 0000000000000000
[  121.869467][ T6334] RBP: 00007fa33c82f090 R08: 0000200000000100 R09: 0000000000000000
[  121.869517][ T6334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  121.869529][ T6334] R13: 00007fa33e056038 R14: 00007fa33e055fa0 R15: 00007ffcd6a16198
[  121.869549][ T6334]  </TASK>
[  121.969344][ T6316] bio_check_eod: 198028 callbacks suppressed
[  121.969359][ T6316] syz.4.867: attempt to access beyond end of device
[  121.969359][ T6316] loop4: rw=8388608, sector=2065, nr_sectors = 1 limit=128
[  121.992010][ T6328] loop0: detected capacity change from 0 to 512
[  121.995625][ T6316] syz.4.867: attempt to access beyond end of device
[  121.995625][ T6316] loop4: rw=8388608, sector=2066, nr_sectors = 1 limit=128
[  121.995655][ T6316] syz.4.867: attempt to access beyond end of device
[  121.995655][ T6316] loop4: rw=8388608, sector=2067, nr_sectors = 1 limit=128
[  121.995724][ T6316] syz.4.867: attempt to access beyond end of device
[  121.995724][ T6316] loop4: rw=8388608, sector=2068, nr_sectors = 1 limit=128
[  122.083898][ T6344] loop5: detected capacity change from 0 to 512
[  122.090239][ T6316] syz.4.867: attempt to access beyond end of device
[  122.090239][ T6316] loop4: rw=8388608, sector=2069, nr_sectors = 1 limit=128
[  122.110542][ T6344] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  122.115258][ T6316] syz.4.867: attempt to access beyond end of device
[  122.115258][ T6316] loop4: rw=8388608, sector=2070, nr_sectors = 1 limit=128
[  122.161635][ T6344] EXT4-fs (loop5): filesystem is read-only
[  122.162619][ T6316] syz.4.867: attempt to access beyond end of device
[  122.162619][ T6316] loop4: rw=8388608, sector=2071, nr_sectors = 1 limit=128
[  122.162649][ T6316] syz.4.867: attempt to access beyond end of device
[  122.162649][ T6316] loop4: rw=8388608, sector=2072, nr_sectors = 1 limit=128
[  122.235576][ T6328] EXT4-fs (loop0): 1 orphan inode deleted
[  122.238833][ T6316] syz.4.867: attempt to access beyond end of device
[  122.238833][ T6316] loop4: rw=8388608, sector=2065, nr_sectors = 1 limit=128
[  122.238909][ T6316] syz.4.867: attempt to access beyond end of device
[  122.238909][ T6316] loop4: rw=8388608, sector=2066, nr_sectors = 1 limit=128
[  122.332846][ T6328] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  122.345953][ T6348] netlink: 16 bytes leftover after parsing attributes in process `syz.5.877'.
[  122.358177][ T6348] netlink: 2 bytes leftover after parsing attributes in process `syz.5.877'.
[  122.380245][ T6347] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  122.391428][ T6347] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  122.450215][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.613924][ T6361] netlink: 12 bytes leftover after parsing attributes in process `syz.4.880'.
[  122.626735][ T6361] vlan3: entered promiscuous mode
[  122.633978][ T6366] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  122.644199][ T6366] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  122.746703][ T6373] 9p: Bad value for 'rfdno'
[  122.987906][ T6379] xt_CT: No such helper "netbios-ns"
[  123.139409][ T6376] ==================================================================
[  123.147529][ T6376] BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64
[  123.157390][ T6376] 
[  123.159704][ T6376] read-write to 0xffffffff86c09a00 of 8 bytes by interrupt on cpu 1:
[  123.167872][ T6376]  tick_do_update_jiffies64+0x113/0x1c0
[  123.173592][ T6376]  tick_nohz_handler+0x8d/0x3d0
[  123.178535][ T6376]  __hrtimer_run_queues+0x218/0x4f0
[  123.183727][ T6376]  hrtimer_interrupt+0x269/0x810
[  123.188655][ T6376]  __sysvec_apic_timer_interrupt+0x5f/0x1f0
[  123.194562][ T6376]  sysvec_apic_timer_interrupt+0x6f/0x80
[  123.200298][ T6376]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  123.206275][ T6376]  avtab_search_node+0x0/0x2b0
[  123.211124][ T6376]  cond_compute_av+0x51/0x230
[  123.215796][ T6376]  context_struct_compute_av+0x46f/0xaf0
[  123.221418][ T6376]  security_compute_av+0x34f/0xa20
[  123.226521][ T6376]  avc_compute_av+0x5d/0x430
[  123.231118][ T6376]  avc_perm_nonode+0x5e/0xe0
[  123.235731][ T6376]  avc_has_perm_noaudit+0xf2/0x130
[  123.240844][ T6376]  avc_has_perm+0x60/0x190
[  123.245280][ T6376]  selinux_socket_create+0xfd/0x180
[  123.250489][ T6376]  security_socket_create+0x4c/0x90
[  123.255693][ T6376]  __sock_create+0xe0/0x580
[  123.260188][ T6376]  __sys_socket+0xaf/0x180
[  123.264596][ T6376]  __x64_sys_socket+0x3f/0x50
[  123.269270][ T6376]  x64_sys_call+0x11fc/0x3020
[  123.273957][ T6376]  do_syscall_64+0x12c/0x370
[  123.278553][ T6376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.284447][ T6376] 
[  123.286757][ T6376] read to 0xffffffff86c09a00 of 8 bytes by task 6376 on cpu 0:
[  123.294286][ T6376]  mem_cgroup_flush_stats_ratelimited+0x29/0x70
[  123.300612][ T6376]  count_shadow_nodes+0x6a/0x230
[  123.305545][ T6376]  do_shrink_slab+0x63/0x6a0
[  123.310128][ T6376]  shrink_slab+0x538/0x880
[  123.314627][ T6376]  shrink_node+0x6bc/0x2130
[  123.319133][ T6376]  do_try_to_free_pages+0x408/0xc80
[  123.324326][ T6376]  try_to_free_mem_cgroup_pages+0x1f5/0x470
[  123.330401][ T6376]  try_charge_memcg+0x37e/0xa10
[  123.335249][ T6376]  obj_cgroup_charge_pages+0x23/0xc0
[  123.340533][ T6376]  __memcg_kmem_charge_page+0x9e/0x170
[  123.345989][ T6376]  __alloc_frozen_pages_noprof+0x18a/0x360
[  123.351787][ T6376]  alloc_pages_mpol+0xb3/0x260
[  123.356543][ T6376]  alloc_pages_noprof+0x8f/0x130
[  123.361474][ T6376]  __vmalloc_node_range_noprof+0xa46/0x12b0
[  123.367362][ T6376]  __kvmalloc_node_noprof+0x3d4/0x650
[  123.372724][ T6376]  futex_hash_allocate+0x190/0x9d0
[  123.377833][ T6376]  futex_hash_prctl+0xd8/0xf0
[  123.382499][ T6376]  __se_sys_prctl+0xa3d/0x13f0
[  123.387348][ T6376]  __x64_sys_prctl+0x67/0x80
[  123.391929][ T6376]  x64_sys_call+0x2533/0x3020
[  123.397033][ T6376]  do_syscall_64+0x12c/0x370
[  123.401614][ T6376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.407495][ T6376] 
[  123.409893][ T6376] value changed: 0x00000000ffffbabd -> 0x00000000ffffbabe
[  123.417414][ T6376] 
[  123.419728][ T6376] Reported by Kernel Concurrency Sanitizer on:
[  123.425862][ T6376] CPU: 0 UID: 60928 PID: 6376 Comm: syz.4.883 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  123.436966][ T6376] Tainted: [W]=WARN
[  123.440750][ T6376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  123.450816][ T6376] ==================================================================