last executing test programs:

3.683081387s ago: executing program 1 (id=587):
r0 = socket$nl_route(0x10, 0x3, 0x0)
connect$netlink(r0, &(0x7f0000000280)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10022, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={0xffffffffffffffff, 0x0, &(0x7f0000001080)=""/65}, 0x20)

3.605096448s ago: executing program 1 (id=590):
syz_clone(0x182311, 0x0, 0x0, 0x0, 0x0, 0x0)
mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000040)=0xa632, 0x5, 0x0)
set_mempolicy_home_node(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0)
set_mempolicy_home_node(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
readv(r0, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1)
lstat(&(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f00000000c0))
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x642, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f00000000c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r8}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[{@version_9p2000}]}})

3.027656426s ago: executing program 2 (id=599):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
gettid()
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000900)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64000000000c000280050001000600000008000a0079"], 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x0)

2.78680213s ago: executing program 2 (id=604):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)

2.716866791s ago: executing program 2 (id=607):
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000104a5270b7357000000925e4a44", @ANYRES32, @ANYBLOB="0dfa130016000000240012000c00010000000000000000000c0002f60800000001180000080001"], 0x44}}, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x53, 0xd, 0x9})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB='H\x00\x00\x00'], 0x48}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32], 0x48}}, 0x0)

2.706154621s ago: executing program 1 (id=608):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
readv(r0, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1)

2.628016562s ago: executing program 4 (id=611):
syz_clone(0x182311, 0x0, 0x0, 0x0, 0x0, 0x0)
mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000040)=0xa632, 0x5, 0x0)
set_mempolicy_home_node(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0)
set_mempolicy_home_node(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
readv(r0, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1)
lstat(&(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f00000000c0))
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x642, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f00000000c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r8}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[{@version_9p2000}]}})

2.548697683s ago: executing program 3 (id=612):
r0 = socket$nl_route(0x10, 0x3, 0x0)
connect$netlink(r0, &(0x7f0000000280)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={r1, 0x0, &(0x7f0000001080)=""/65}, 0x20)

2.514257703s ago: executing program 2 (id=614):
syz_clone(0x182311, 0x0, 0x0, 0x0, 0x0, 0x0)
mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000040)=0xa632, 0x5, 0x0)
set_mempolicy_home_node(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@version_9p2000}]}})

2.450979395s ago: executing program 3 (id=615):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES64=r0, @ANYBLOB="7f00"/20, @ANYRES32=0x0, @ANYRES16=r0, @ANYBLOB="03000000003ae246ac75f4014f000000"], 0x50)
ioperm(0x453, 0x7ff, 0x6)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
ptrace(0x10, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x8200, &(0x7f0000000000)=ANY=[@ANYBLOB='mpol=bind:0-N:'])
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000006c0)=ANY=[@ANYRES8=r1, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095", @ANYRES8], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
syz_pidfd_open(0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
mkdir(0x0, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
write$sndseq(0xffffffffffffffff, &(0x7f0000000080)=[{0x1e, 0x0, 0x0, 0xfd, @time={0xfffffffe}, {}, {}, @result}], 0x1c)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYRESDEC=r5, @ANYRES32=r6, @ANYRESOCT=r6], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=@deltaction={0x38, 0x18, 0x1, 0x80000000, 0x25dedbfe, {0xa}, [@TCA_ACT_TAB={0x24}]}, 0x38}}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f00000004c0)="66dd4634b6fa86363a27c52eb734e861", 0x10)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000500000ac4010000060a0b040000000000000000020000004c000480340001800b000100746172676574000024000280090001004d41524b000000000c00030002b51112d439c5920800024000000002140001800b0001006c6f6f6b75700000040002800900010073797a30000000000900020073797a3200000000f70007404884b24b02a8a7758a688958ed60ecfd057e10926ba77e5596b13e43cd4488e4aa68af5f7236ec205b6e4cac2a0d86c336bf07dbe861f4f57bcef92dcf818d532d4475b5daa4dadc1690f228e860bba5a0b5d9bde86862e8f7fc08f0debd4974c6fae7d737a0007ec948ac4d8714ebff6b25648fb910e0d6d07f023cf5fa4051627b9c5b69e265538f9ba683bf172a5ff815afa543c12e550a1bcc9287080c7c12cc89d216c56febb0b06134672ea6b0077c846396169475f271319988f49ec94f2996e5d0e1cb151fb223e556f10fb681d068e055eb34e5f8fc7a524ffe5f4632a6c74ad0fe0b1542497d76a5a4416c47805e001c0005"], 0x1ec}}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={r1, 0x58, &(0x7f0000000200)}, 0x10)

2.277915857s ago: executing program 2 (id=618):
syz_clone(0x182311, 0x0, 0x0, 0x0, 0x0, 0x0)
mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000040)=0xa632, 0x5, 0x0)
set_mempolicy_home_node(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0)
set_mempolicy_home_node(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
readv(r0, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1)
lstat(&(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f00000000c0))
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x642, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f00000000c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r8}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[{@version_9p2000}]}})

1.871465953s ago: executing program 0 (id=622):
socket$nl_route(0x10, 0x3, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={r0, 0x0, &(0x7f0000001080)=""/65}, 0x20)

1.819503254s ago: executing program 1 (id=623):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000100)={[{@discard}]}, 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==")
open(0x0, 0x181042, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000040000"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYBLOB="0000000000000000b7080000f9ffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r2, &(0x7f0000000380)={&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x0)

1.732726425s ago: executing program 0 (id=624):
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000000c0)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x54}, @val={0x8}, @void}}}, 0x24}}, 0x0)
syz_mount_image$iso9660(&(0x7f0000000940), &(0x7f0000000680)='./file0\x00', 0x14c0e, &(0x7f0000000b40)=ANY=[@ANYRES8=0x0], 0xfd, 0x6b1, &(0x7f0000001f80)="$eJzs3V1vG1kdx/Hf2E7iZFFVAapWVbc5bVkpFcW1nW2qqFzsMBknA7bHmnEgkZBWhSarqk6Btkg0NyU3PEjLG+Bub7jgRazE9b4LuAJpBXcgJDRoZjx+iB9St0m6D99P1Ho8c+ac/5zj+t+JPWcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABkORvlcsVS3Wtu75jJnI3Ab2RP8hrZntY2p5vpws1pbc7F7UpW/EfFot5OV7/9zX6RS/Ff13UlfXZFxfihqMO3Ll28941CLtt/SsCvQrNW+PT54aP7nc7ek5com9fM1b9Jyr1EoU236YW+17A3XeOFvllfWyvf3qqFpubV3XA3bLsN4wRuru0HZsW5aSrr66vGLe36283NDbvuZivvfqdaLq+Z7y+kAy2pFDpbXr3uNTeTMvHmuMxd89GP0wKu3TBm/2Fnb3Ugnhfj+jguVDnpSOJC1ZMKVcvVaqVSrVbW7qzfuVsuF0ZWlGNWuUcjJU79RYsvmNN9AwdeQy7O/3+1pLqKampbOzJjfxxtKJCvxoTtXVn+f/e2O7XdwfyfZfm5/ubLSvL/1fTZ1Un5f0IsRibZYdwWa8L62X7mkoiMnuq5DvVI99VRR3t6cgp1G5nlU6nlHH425aopT6F8eWrITtaY7hqjda1pTWV9oC3VFMqoJk91uQq1q1BtufEraj4eLVe22vIVyGhFjm7KqKJ1rWtVRq5K2pWvbTW1qQ3Z+ncURft6mPT7aj+m/PGRV1aoMuEgFlTIXnd7qk452kn5/ycv0r27+b9M/v+qSl8HC+nDp9PKAJ8DUff8f0bLZxMNAAAAAAA4C1by23cr+VT+HUmRal7dLb/psAAAAAAAwCmyFC3oiqz0W/l6Rxbn/wAAAAAAfNlYyTV2lqSl5Ev9Vv9yqZf5JUD+HEIEAAAAAACvKbny/+q8FCWTVizLmun8HwAAAAAAfAH8bmCO/UI2x26Ufayfk7T8twXrk38uKJizjlo737IO7HiLfdAtM/INgHbtsnWhO1Fv8jAvKXnmuFesbmvdSTB78w5+tn/SXP9WcCyA+fxgBRMCsOKW1wrdZ/pI19JdrnXnmX9wmFOyJW1lqebV3ZLj1+9VZNsXcm13p/3Lxw9/JQW949x/2Nkr/fRnnQdJLEfxqqODuNIXQ+HkxndGP5ZnyXwLyTUX4454UbWsyd83G0tW0m45O/687IPcYEPTBqDf5m90PR2z61FadumwN+O+JS0nkz9USsmQDR19MGf1o6gcP/JxAzEhimISxY20zI2VG+lDFl9cT84qfjsvVUujYzAURXUwipP7wvrXSF9Mi0JWMe6L1TiKv8QVHYviR5+kO6/OFsXIiADAm7Lfz0LJJOYjeTdLD9mb2ivlnZOz+/vD2f3ZH6M0Q+WlQveziamtFBW/o69YSR6aTyd0L1we845eLv0niiL7QlGD7+j/i1K9HPty2e0oiqLjx/rn/j2QumGPRPHfKIruVZJM8odjWfXjeIePJ7Yb1qv5uAtvPzv4eTIBfuzDvQ/3Hlerq2vl98rlO1XNJf9V6D7kRe4BAIw4+R47SYnclBLWe7qW1nHtwT/eTZeGMt7Xu18pyHT0QLeyWwgsj691aeBrCLfSs1bp+lL6uHRoLl28tygNlLUKyR1ebk08q0ty6UC91V7Z7L5Dx88A+2VXz3IIAAA4d9cn5GFpKP9rOP8Xh/L/La2kJVYujz3vHs7l3bPj3in9pLKVk4N//5Q7AwCArwg3+Mxaav/WCgKv9UFlfb1it7dcE/jOD0zgbWy6xmu23cDZspubrmkFftt3/LppBVrwFt3QhNutlh+0Tc0PTMsPvZ3kzu+me+v30G3YzbbnhK26a4eucfxm23baZsMLHdPa/l7dC7fcINk5bLmOV/Mcu+35TRP624HjlowJXXegoLfhNttezYsXm6YVeA072DU/9OvbDddsuKETeK22n1aYteU1a37QSKotKZr5RocAAHwZPX1++Oh+p7P35PjCYnxqnq450oQyowvzYypkjiAAAD5n+ul6hp2KZxgQAAAAAAAAAAAAAAAAAAAAAAAYcfIlfTMuzI27WFDqrfnFhe4a/Vr9SwxH6rF02oHNspCbda/skojDR59OKbzYW5N1/2CZo1ka1UXplQ/w71+T3krWKF1TOP0+XJwyuGex8N39tEcn95gm9NhCbywKp//PIV54/KcJm6IoiqbvvjDch/PTDnB4oSDpyfxrDMH5vxcBOF//DwAA//9wiz37")
r0 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0041, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="034886dd090328fdb10030000000600000004028290081e949b93897bc3b0000000000007d01ff020000000000000000000000000001"], 0xfdef)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r6=>0xffffffffffffffff})
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x6c, r0, 0x200, 0x70bd29, 0x25dfdbff, {}, [@NBD_ATTR_SOCKETS={0x34, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r5}}, {0xc, 0x1, 0x0, 0x1, {0x8}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r6}}, {0xc, 0x1, 0x0, 0x1, {0x8}}]}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x6}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0xc}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4000}, 0x20000081)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[@ANYBLOB="20000000020000001d"], 0x8840)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)

1.690613926s ago: executing program 4 (id=625):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0xd, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ptrace$setregs(0xd, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001880)=ANY=[@ANYBLOB="48000000100005ff08000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32], 0x48}, 0x1, 0x0, 0x0, 0x40080c0}, 0x40000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x0, 0x3}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x1, 0xa}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48801}, 0x4)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x6, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0xfffffdd0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x8}, 0x18)
r4 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r4, 0x29, 0x16, &(0x7f00000001c0)=0x7f, 0x4)
close(r4)
socket$packet(0x11, 0x2, 0x300)
r5 = socket(0x11, 0x3, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000240)={'bridge_slave_1\x00', <r7=>0x0})
setsockopt$packet_add_memb(r5, 0x107, 0x1, &(0x7f0000000280)={r7, 0x11, 0x6}, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r7}}, 0x24}}, 0x0)

1.501385718s ago: executing program 0 (id=626):
syz_clone(0x182311, 0x0, 0x0, 0x0, 0x0, 0x0)
mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000040)=0xa632, 0x5, 0x0)
set_mempolicy_home_node(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@version_9p2000}]}})

1.432527599s ago: executing program 1 (id=627):
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000104a5270b7357000000925e4a44", @ANYRES32, @ANYBLOB="0dfa130016000000240012000c00010000000000000000000c0002f60800000001180000080001"], 0x44}}, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x53, 0xd, 0x9})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB='H\x00\x00\x00'], 0x48}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32], 0x48}}, 0x0)

1.37407043s ago: executing program 4 (id=628):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
getcwd(&(0x7f00000004c0)=""/4096, 0x1000)
socket$inet6_icmp(0xa, 0x2, 0x3a)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r2=>0x0})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r4 = openat$cgroup_devices(r3, &(0x7f0000000380)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r4, &(0x7f0000000280)=ANY=[@ANYBLOB='b *:4\trr'], 0xa)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x24}, 0x1, 0x0, 0x0, 0x8080}, 0x0)
mknod(&(0x7f00000000c0)='./file0\x00', 0x1, 0xfffffe00)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010200000000000000020000000900010073797a300000000040000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000001400048008000140000000000800024000000b002c000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xb4}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000007b080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r0, @ANYBLOB="0000000002000000b705000008000000850000005e00000095"], &(0x7f0000000080)='syzkaller\x00', 0x7, 0xff9, &(0x7f00000014c0)=""/4089, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.296333331s ago: executing program 2 (id=629):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYRESDEC=0x0, @ANYRES32, @ANYRES8=0x0, @ANYRES32, @ANYRES16=0x0], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001a80)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000500)='mm_page_alloc\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x80030, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x10024, 0x9f, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffc, 0xfffe, 0x0, 0x8001, 0x0, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r2, 0x0, 0xfdfffffff7ffffe9}, 0x18)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x5, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x48, 0x0, 0x8)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_ADD(r4, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x1c, r5, 0x200, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48010}, 0x44080)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
pipe(&(0x7f0000000340))
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_read_part_table(0x1061, &(0x7f0000001080)="$eJzsz71tAlEQBOA5n33nwJJdgku5yB24GSemCiogogdEA8SUgYRIkRZx/HUABN+XPI3erFYbHquZzqqqfhan+LfKe30m2TbXypj7oW2PYZLxSZf+/N0lr8m+Km+3kSH1kl2+kmZstJd135ssP1L1n6zzO7/bnQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwxA4BAAD//0yNF/Y=")
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000280)={'wg2\x00', @remote})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000300)='fib_table_lookup\x00', r8}, 0x18)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'wg2\x00', @multicast})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r7}, 0x10)

1.230813032s ago: executing program 0 (id=630):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})

1.188338683s ago: executing program 4 (id=631):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000005c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000005600)='sys_enter\x00', r0}, 0x10)
sync_file_range(0xffffffffffffffff, 0x3, 0x1ff, 0x0)

1.171933843s ago: executing program 3 (id=632):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x7f, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x9135}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, 0x0, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000bc0)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r4, {0x0, 0xc}, {}, {0xa}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0x1, 0xc}}]}}]}, 0x40}}, 0x0)

1.064864834s ago: executing program 4 (id=633):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
readv(r0, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1)

1.053222785s ago: executing program 3 (id=634):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x20)
symlinkat(&(0x7f0000000000)='.\x00', r4, &(0x7f0000000140)='./file0\x00')
r5 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000200)={'vxcan1\x00', <r6=>0x0})
bind$can_raw(r5, &(0x7f00000002c0)={0x1d, r6}, 0x10)
bind$can_raw(r5, &(0x7f0000000800), 0x10)
r7 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f00000005c0), 0x1, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
write$selinux_validatetrans(r9, &(0x7f0000000600)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f823a64627573645f657865635f743a7330207379eb65aeb47740598cd77374656d5f753a6f626a6563745f723a73797374656d645f6c6f67696e645f657865635f743a7330203030303030303030303030303030302030"], 0x87)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r12 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r11}, 0x10)
ioctl$F2FS_IOC_MOVE_RANGE(r12, 0xc020f509, &(0x7f0000000200)={<r13=>r8, 0x800000000, 0x1, 0x1})
mmap(&(0x7f0000041000/0xe000)=nil, 0xe000, 0x1000004, 0x4000010, r13, 0xfae6e000)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000000)={'syztnl1\x00', &(0x7f0000000300)={'syztnl0\x00', <r14=>0x0, 0x2f, 0xc, 0x7f, 0x7, 0x9, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast1, 0x10, 0x10, 0x7, 0xafe}})
r15 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYRESDEC=r0, @ANYRES16=r11, @ANYRES8=r7, @ANYRESOCT=r0, @ANYRESOCT=0x0, @ANYRES8=r12, @ANYRESHEX=r7, @ANYRES32, @ANYRESDEC=r7, @ANYRESDEC=r7], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x27, '\x00', r14, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='mm_page_free\x00', r15}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)

1.015529135s ago: executing program 0 (id=635):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x4, &(0x7f00000001c0)=@framed={{}, [@ldst={0x6, 0x0, 0x6, 0x0, 0x0, 0xfffffffffffffffe, 0xa000000}]}, &(0x7f0000000000)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (fail_nth: 3)

989.780256ms ago: executing program 1 (id=636):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2, <r3=>0xffffffffffffffff}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
uname(&(0x7f0000000ac0)=""/4110)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0xc)
ioctl$USBDEVFS_REAPURB(r0, 0x4008550c, &(0x7f0000000700))
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
r6 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r6, &(0x7f0000000000)={0x27}, 0x74)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="640000000206050000000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a30000000000500040000400000050005000a000000050001000600000014000780080006400000000008"], 0x64}}, 0x24002800)
r7 = socket$packet(0x11, 0x3, 0x300)
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r8, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000200)={'ip6gretap0\x00', <r9=>0x0})
sendto$packet(r8, &(0x7f0000000180)="0b036811e0ff64000200475400f6a13bb1000000080086dd4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x0, r9}, 0x14)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000040)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000000)={0x0, 0x9, 0xfffc, 0x8}, 0x8, 0x7, 0x2, 0x0, 0x1, 0xfe, 0x0})

936.796097ms ago: executing program 3 (id=637):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300))
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x18)
r1 = io_uring_setup(0x7d2e, &(0x7f0000000180)={0x0, 0xffffffff, 0x100, 0x1})
syz_mount_image$iso9660(&(0x7f0000000cc0), &(0x7f00000004c0)='./file1\x00', 0x1004081, &(0x7f0000000000)=ANY=[], 0x2, 0x81c, &(0x7f0000001540)="$eJzs3U9oHOfZAPBnFMmyZeIv5PvIZ4zjjO18YPM5ykpKlIoc0s1qJE8i7YrdVbEpITGxnBrLSUgIaUxp6kvSlpbSU49priGX3FoKLfTQ9lRoDr30EAjk0pKWFkpLKbjs7K61+rOSLctymv5+i/edfeedd953djzPzmrfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIqlMl0pjSczl1cUzaX+V6XptfpP53fp+tirZZL0RSetf7N0bB9tZB/9nZfZ9radjcbj96nDsbSV748r+++55/L8HB7rLb9Kg7Traf9ZQ74sk4hutRl06t7y89MptaMgu+vZPOhN7b3iRv19rPc9m1bxRy+fLs1maN2rp1ORk6eHTM410Jp/LGmcbzWw+rdSzcrNWT09UTqZjU1MTaTZ6trZYnZ0uz2XdzMceGi+VJtOnRheycr1Rqz781Gijcjqfm8urs0WZ8dLr0SrzWGtHfDpvps2sPJ+mFy4uL01s1dRWobFVOcOrdpzDD97zyWsf/+XiUmuH7FdJ0tkxx8fGxsfHJh+devSxUmlwvDS+OqO0RlwvEQMRrRK3Zaflztq/Qd5gZ49ZNyPi2n/tzMEbbtFAJ/7HXORRjcU4E2mkMVA8rzyGohLTUY9azLde/3Zozfx18f//Hv7jrzdbb2/870b5gyuzD0UR/4+0Xx3pF//XtWIHHoP9aq2+325Nb96r8UZciUtxLpZjOZbile2scc/aWm/HY7idDuxsrbORRTXyaEQt8piPcpGTdnLSmIrJmIxSPBunYyYakcZM5DEXWTTibDSiGVmxR1WiHlmUoxm1qEcaJ6ISJyONsZiKqZiINLIYjbNRi8WoxmxMR7mo5UJcLLb7xJp23ff15378wm8+eac1fb3Q2CYdSVof5vZ/FPHnTQqtC/c3Ef9bJQY6e/euxCR2yd6bfFd36MgNt+5aEf8H73QzAAAAgNsoKb59TyJiKO4vpmbyuezLd7pZAAAAwA4qftd8uJUMtabuj6R1/l/aoOSHEcO73jwAAABgByTFGLskIkbigfZUd7jURl8CAAAAAP+Gir//H2klIxFvFhnO/wEAAOBz5pv9rrH/8Z7iGrsj0VgYTn76p6jXh5KrC2ceTC6XW+XKl+9qL9dJvnS9xubMoeRAp5IimRy8sj+JiMFKdjjpXv3yn52xBJ8Wz4dWLkDY71r/yRYNiM0bULyK78TRdpmj59vp+e6c9lpGZvK5bLRSm3t8LOl8OdJ87cWLX42i+9+qzh9I4sLF5aXR519aPl+05WqrlquXO5eHT7pLRbQHVGzSlmvd0RT3b9zjoWIgRme9I+31lnr737ma7MDm/U961/lWHGuXOTbSTkdW939va51jo4+PRbl8YKCZnWm+dq2n951WjK30fLjb2+Qm3oW34ni7zPETx9vJBq0YX9WKF9e3Yrx3+9/YtrjhVrxz9M0zf/1FLckmtmrFxC22AuBOuVBc9WclCu0rotA/rrW1AtqauLuvu+TNHOUurHzK6C7fE+sGY110T7cT3d+KE+0yJ9qfJwYPbRBXShsc0V+++PIvO0f0R977wQ+fOfKrD9bE9ZtoxXtxsl2mk8S9P+8TY1t9/u6aqPpua4l3+663MTeevD48MZS0bz4UVx66ePncC0svLL04Pj4xWXqkVHp0PIaKjwqdpE9LRR6A/2xb3WPng69dL9rvLjzJI1ucVd97/ScFo/F8vBTLcT5OFaMNIuKBjWsd6fkZwqktzlpHeu7wcmqLc8uVsuNryw4fT6JP2YmeLfa/3y+Sv92mNwQAdsGxLeJwEve0L/vz+t2dJdaUuCtJTvWed38lIg71i7mtWH6yfePc7tlx9I/lvX7fSb+wGxsFAD7nsvqnyUjz7aRezxeeHZuaGis3T2dpvVZ5Oq3n07NZmlebWb1yulydzdKFeq1Zq3S/Op7OGmljcWGhVm+mM7V6ulBr5GeKO7+nnVu/N7L5crWZVxoLc1m5kaWVWrVZrjTT6bxRSRcWn5zLG6ezerFwYyGr5DN5pdzMa9W0UVusV7LRNG1kWU/BfDqrNvOZPBtK82q6UM/ny/WrETG3OJ+l01mjUs8XmrV2hd115dWZWn2+qHZ0fff/sNvbGwA+C15948qlc8vLS69sb+J3N1L4TvcRAFhNlAYAAAAAAAAAAAAAgM++9cP1Wrk3NRBwKLY9fPDV4WhN7Nvu4q2JZzo9uYVRjJtMDMYOV7j5xP+/3+7MTlS4vp6hbs7dW4373LfqPd3T2cS7tBF2cuK5J564tJKTDPZu3iffPHj6oyy6vdukno3/p2w01PXtAxF7fvS9ds4X+xROBne4px9GxDYWv5ZsUmZ3j0MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcCP+FQAA//+XX0rH")
socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r4, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], &(0x7f0000000500)=[0x2], 0x0, 0x2000000000000088}}, 0x40)
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r1, 0xc, 0x0, 0x0)
gettid()
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)

115.985848ms ago: executing program 4 (id=638):
r0 = socket$xdp(0x2c, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000200)={0x0, 0x200000, 0x1000, 0xfffffffc, 0x1}, 0x20)
unshare(0x68040200)
r2 = socket$inet(0x2, 0x2, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffc2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000002000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r6}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0600000004000000ff0100005c00000000000000", @ANYRES32, @ANYBLOB="0600000000805d4c020000c1d2000000000000eb", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000feffffff00"/27], 0x50)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x0, @remote}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f00000004c0)='dctcp\x00', 0x6)
bind$inet6(r7, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r7, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r7, &(0x7f0000000240)=':', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
io_setup(0x8, &(0x7f00000001c0)=<r8=>0x0)
r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/disk', 0x1, 0x0)
io_submit(r8, 0x1, &(0x7f0000000400)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r9, &(0x7f0000000140)="2a22cab1fd28", 0x6}])
perf_event_open(&(0x7f0000000540)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x1, @perf_bp={0x0, 0xc}, 0x115428, 0x0, 0x0, 0x7, 0x5f4b, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
futex(0x0, 0x800000000006, 0x0, 0x0, 0x0, 0x0)
futex(0x0, 0x8, 0x0, 0x0, 0x0, 0x0)

10.12822ms ago: executing program 3 (id=639):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r4}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_9p2000}]}})

0s ago: executing program 0 (id=640):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r4}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_9p2000}]}})

kernel console output (not intermixed with test programs):

3e syscall=202 compat=0 ip=0x7fbb5a70e969 code=0x7ffc0000
[   30.688872][   T29] audit: type=1326 audit(1746763873.442:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3467 comm="syz.1.2" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fbb5a70e969 code=0x7ffc0000
[   30.712176][   T29] audit: type=1326 audit(1746763873.442:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3467 comm="syz.1.2" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb5a70e969 code=0x7ffc0000
[   30.735419][   T29] audit: type=1326 audit(1746763873.442:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3467 comm="syz.1.2" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fbb5a70e969 code=0x7ffc0000
[   30.758475][   T29] audit: type=1326 audit(1746763873.442:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3467 comm="syz.1.2" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb5a70e969 code=0x7ffc0000
[   30.781593][   T29] audit: type=1326 audit(1746763873.442:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3467 comm="syz.1.2" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbb5a70e969 code=0x7ffc0000
[   30.804754][   T29] audit: type=1326 audit(1746763873.442:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3467 comm="syz.1.2" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb5a70e969 code=0x7ffc0000
[   30.866791][ T3313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.877293][ T3313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.887192][ T3313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.897748][ T3313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.907701][ T3313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.918103][ T3476] FAULT_INJECTION: forcing a failure.
[   30.918103][ T3476] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   30.918204][ T3313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.931414][ T3476] CPU: 1 UID: 0 PID: 3476 Comm: syz.2.3 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   30.931489][ T3476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   30.931505][ T3476] Call Trace:
[   30.931515][ T3476]  <TASK>
[   30.931524][ T3476]  __dump_stack+0x1d/0x30
[   30.931551][ T3476]  dump_stack_lvl+0xe8/0x140
[   30.931576][ T3476]  dump_stack+0x15/0x1b
[   30.931597][ T3476]  should_fail_ex+0x265/0x280
[   30.931640][ T3476]  should_fail+0xb/0x20
[   30.931677][ T3476]  should_fail_usercopy+0x1a/0x20
[   30.931701][ T3476]  _copy_from_user+0x1c/0xb0
[   30.931761][ T3476]  ___sys_sendmsg+0xc1/0x1d0
[   30.931882][ T3476]  __x64_sys_sendmsg+0xd4/0x160
[   30.931913][ T3476]  x64_sys_call+0x2999/0x2fb0
[   30.931939][ T3476]  do_syscall_64+0xd0/0x1a0
[   30.931968][ T3476]  ? clear_bhb_loop+0x25/0x80
[   30.931997][ T3476]  ? clear_bhb_loop+0x25/0x80
[   30.932094][ T3476]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   30.932122][ T3476] RIP: 0033:0x7f3c4c3ae969
[   30.932141][ T3476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   30.932163][ T3476] RSP: 002b:00007f3c4a9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   30.932187][ T3476] RAX: ffffffffffffffda RBX: 00007f3c4c5d6080 RCX: 00007f3c4c3ae969
[   30.932202][ T3476] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[   30.932258][ T3476] RBP: 00007f3c4a9f6090 R08: 0000000000000000 R09: 0000000000000000
[   30.932273][ T3476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   30.932288][ T3476] R13: 0000000000000000 R14: 00007f3c4c5d6080 R15: 00007fff8c6b3338
[   30.932312][ T3476]  </TASK>
[   31.111464][ T3313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.121972][ T3313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.132815][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.168545][ T3313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.179075][ T3313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.188956][ T3313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.199528][ T3313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.209450][ T3313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.220049][ T3313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.230210][ T3313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.240686][ T3313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.251991][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.276303][ T3313] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.285154][ T3313] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.293984][ T3313] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.302722][ T3313] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.368538][ T3496] loop2: detected capacity change from 0 to 1024
[   31.388358][ T3496] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.11: Failed to acquire dquot type 0
[   31.400954][ T3496] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   31.415453][ T3496] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #13: comm syz.2.11: corrupted inode contents
[   31.427650][ T3496] EXT4-fs error (device loop2): ext4_dirty_inode:6103: inode #13: comm syz.2.11: mark_inode_dirty error
[   31.440617][ T3496] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #13: comm syz.2.11: corrupted inode contents
[   31.455288][ T3496] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #13: comm syz.2.11: mark_inode_dirty error
[   31.466724][ T3496] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #13: comm syz.2.11: corrupted inode contents
[   31.482270][ T3496] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[   31.491508][ T3496] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #13: comm syz.2.11: corrupted inode contents
[   31.509815][ T3496] EXT4-fs error (device loop2): ext4_truncate:4255: inode #13: comm syz.2.11: mark_inode_dirty error
[   31.521027][ T3496] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[   31.532912][ T3496] EXT4-fs (loop2): 1 truncate cleaned up
[   31.539122][ T3496] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   31.563340][ T3496] EXT4-fs: Ignoring removed orlov option
[   31.569142][ T3496] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   31.584179][ T3507] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14'.
[   31.593471][ T3496] EXT4-fs (loop2): can't enable nombcache during remount
[   31.704710][ T3518] loop3: detected capacity change from 0 to 2048
[   31.734857][ T3518] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   31.822380][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   31.904233][ T3545] Zero length message leads to an empty skb
[   32.032235][ T3556] netlink: 24 bytes leftover after parsing attributes in process `syz.3.17'.
[   32.041475][ T3552] bridge0: port 2(bridge_slave_1) entered disabled state
[   32.048892][ T3552] bridge0: port 1(bridge_slave_0) entered disabled state
[   32.093345][ T3552] bridge0: entered allmulticast mode
[   32.131162][ T3568] bridge_slave_1: left allmulticast mode
[   32.136946][ T3568] bridge_slave_1: left promiscuous mode
[   32.142747][ T3568] bridge0: port 2(bridge_slave_1) entered disabled state
[   32.159833][ T3577] netlink: 40 bytes leftover after parsing attributes in process `syz.4.23'.
[   32.169919][ T3568] bridge_slave_0: left allmulticast mode
[   32.175740][ T3568] bridge_slave_0: left promiscuous mode
[   32.181547][ T3568] bridge0: port 1(bridge_slave_0) entered disabled state
[   32.255540][ T3577] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   32.270710][ T3577] netlink: 4 bytes leftover after parsing attributes in process `syz.4.23'.
[   32.281619][ T3577] bridge0: port 2(bridge_slave_1) entered disabled state
[   32.294619][ T3577] bridge_slave_1 (unregistering): left allmulticast mode
[   32.301788][ T3577] bridge_slave_1 (unregistering): left promiscuous mode
[   32.308952][ T3577] bridge0: port 2(bridge_slave_1) entered disabled state
[   32.589330][ T3632] loop0: detected capacity change from 0 to 2048
[   32.676235][ T3632] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   32.709716][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.747698][ T3657] FAULT_INJECTION: forcing a failure.
[   32.747698][ T3657] name failslab, interval 1, probability 0, space 0, times 1
[   32.760536][ T3657] CPU: 1 UID: 0 PID: 3657 Comm: syz.3.29 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   32.760562][ T3657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   32.760574][ T3657] Call Trace:
[   32.760581][ T3657]  <TASK>
[   32.760590][ T3657]  __dump_stack+0x1d/0x30
[   32.760616][ T3657]  dump_stack_lvl+0xe8/0x140
[   32.760640][ T3657]  dump_stack+0x15/0x1b
[   32.760685][ T3657]  should_fail_ex+0x265/0x280
[   32.760795][ T3657]  should_failslab+0x8c/0xb0
[   32.760849][ T3657]  kmem_cache_alloc_node_noprof+0x57/0x320
[   32.760886][ T3657]  ? __alloc_skb+0x101/0x320
[   32.760924][ T3657]  __alloc_skb+0x101/0x320
[   32.761027][ T3657]  netlink_alloc_large_skb+0xba/0xf0
[   32.761111][ T3657]  netlink_sendmsg+0x3cf/0x6b0
[   32.761154][ T3657]  ? __pfx_netlink_sendmsg+0x10/0x10
[   32.761223][ T3657]  __sock_sendmsg+0x142/0x180
[   32.761249][ T3657]  ____sys_sendmsg+0x31e/0x4e0
[   32.761269][ T3657]  ___sys_sendmsg+0x17b/0x1d0
[   32.761297][ T3657]  __x64_sys_sendmsg+0xd4/0x160
[   32.761367][ T3657]  x64_sys_call+0x2999/0x2fb0
[   32.761405][ T3657]  do_syscall_64+0xd0/0x1a0
[   32.761432][ T3657]  ? clear_bhb_loop+0x25/0x80
[   32.761453][ T3657]  ? clear_bhb_loop+0x25/0x80
[   32.761529][ T3657]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   32.761556][ T3657] RIP: 0033:0x7fbb9ae2e969
[   32.761574][ T3657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   32.761592][ T3657] RSP: 002b:00007fbb99497038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   32.761609][ T3657] RAX: ffffffffffffffda RBX: 00007fbb9b055fa0 RCX: 00007fbb9ae2e969
[   32.761626][ T3657] RDX: 0000000000040880 RSI: 0000200000000000 RDI: 0000000000000003
[   32.761638][ T3657] RBP: 00007fbb99497090 R08: 0000000000000000 R09: 0000000000000000
[   32.761652][ T3657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   32.761666][ T3657] R13: 0000000000000000 R14: 00007fbb9b055fa0 R15: 00007ffe64652338
[   32.761688][ T3657]  </TASK>
[   33.044394][ T3663] netlink: 12 bytes leftover after parsing attributes in process `syz.3.31'.
[   33.174766][ T3681] FAULT_INJECTION: forcing a failure.
[   33.174766][ T3681] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   33.188122][ T3681] CPU: 1 UID: 0 PID: 3681 Comm: syz.1.34 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   33.188159][ T3681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   33.188173][ T3681] Call Trace:
[   33.188179][ T3681]  <TASK>
[   33.188187][ T3681]  __dump_stack+0x1d/0x30
[   33.188207][ T3681]  dump_stack_lvl+0xe8/0x140
[   33.188225][ T3681]  dump_stack+0x15/0x1b
[   33.188285][ T3681]  should_fail_ex+0x265/0x280
[   33.188323][ T3681]  should_fail+0xb/0x20
[   33.188357][ T3681]  should_fail_usercopy+0x1a/0x20
[   33.188377][ T3681]  _copy_from_user+0x1c/0xb0
[   33.188418][ T3681]  io_submit_one+0x52/0x11b0
[   33.188457][ T3681]  __se_sys_io_submit+0xfb/0x280
[   33.188522][ T3681]  __x64_sys_io_submit+0x43/0x50
[   33.188552][ T3681]  x64_sys_call+0xfc4/0x2fb0
[   33.188577][ T3681]  do_syscall_64+0xd0/0x1a0
[   33.188647][ T3681]  ? clear_bhb_loop+0x25/0x80
[   33.188674][ T3681]  ? clear_bhb_loop+0x25/0x80
[   33.188701][ T3681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   33.188738][ T3681] RIP: 0033:0x7fbb5a70e969
[   33.188752][ T3681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   33.188770][ T3681] RSP: 002b:00007fbb58d77038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[   33.188793][ T3681] RAX: ffffffffffffffda RBX: 00007fbb5a935fa0 RCX: 00007fbb5a70e969
[   33.188808][ T3681] RDX: 0000200000000040 RSI: 0000000000000001 RDI: 00007fbb5b474000
[   33.188822][ T3681] RBP: 00007fbb58d77090 R08: 0000000000000000 R09: 0000000000000000
[   33.188835][ T3681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   33.188890][ T3681] R13: 0000000000000000 R14: 00007fbb5a935fa0 R15: 00007ffc84b3a088
[   33.188909][ T3681]  </TASK>
[   33.393823][ T3005] udevd[3005]: worker [3283] terminated by signal 33 (Unknown signal 33)
[   33.402496][ T3005] udevd[3005]: worker [3283] failed while handling '/devices/virtual/block/loop1'
[   33.482338][ T3693] loop1: detected capacity change from 0 to 512
[   33.538996][ T3693] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.37: invalid indirect mapped block 256 (level 2)
[   33.563580][ T3693] EXT4-fs (loop1): 2 truncates cleaned up
[   33.573349][ T3693] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   33.608959][ T3706] serio: Serial port ptm0
[   33.671841][ T3577] syz.4.23 (3577) used greatest stack depth: 11024 bytes left
[   33.777815][   T51] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm kworker/u8:3: bg 0: block 5: invalid block bitmap
[   33.934767][   T51] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   33.947331][   T51] EXT4-fs (loop1): This should not happen!! Data will be lost
[   33.947331][   T51] 
[   33.957046][   T51] EXT4-fs (loop1): Total free blocks count 0
[   33.963073][   T51] EXT4-fs (loop1): Free/Dirty block details
[   33.969112][   T51] EXT4-fs (loop1): free_blocks=0
[   33.974154][   T51] EXT4-fs (loop1): dirty_blocks=2704
[   33.979496][   T51] EXT4-fs (loop1): Block reservation details
[   33.985686][   T51] EXT4-fs (loop1): i_reserved_data_blocks=2704
[   34.030586][   T51] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 652 with error 28
[   34.056550][ T3722] netlink: 56 bytes leftover after parsing attributes in process `syz.3.45'.
[   34.082703][ T3722] netlink: 24 bytes leftover after parsing attributes in process `syz.3.45'.
[   34.112734][ T3724] netlink: 12 bytes leftover after parsing attributes in process `syz.1.44'.
[   34.209207][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.318015][ T3733] netlink: 56 bytes leftover after parsing attributes in process `syz.2.46'.
[   35.707298][ T3759] __nla_validate_parse: 1 callbacks suppressed
[   35.707314][ T3759] netlink: 4 bytes leftover after parsing attributes in process `syz.0.57'.
[   35.837732][ T3762] netlink: 12 bytes leftover after parsing attributes in process `syz.4.58'.
[   35.984542][   T29] kauditd_printk_skb: 213 callbacks suppressed
[   35.984559][   T29] audit: type=1400 audit(1746763878.842:335): avc:  denied  { create } for  pid=3766 comm="syz.2.61" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   36.075523][   T29] audit: type=1400 audit(1746763878.892:336): avc:  denied  { execute } for  pid=3769 comm="syz.1.62" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=4873 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[   36.101536][   T29] audit: type=1400 audit(1746763878.912:337): avc:  denied  { sqpoll } for  pid=3763 comm="syz.0.59" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   36.120716][   T29] audit: type=1400 audit(1746763878.922:338): avc:  denied  { create } for  pid=3763 comm="syz.0.59" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   36.140454][   T29] audit: type=1400 audit(1746763878.922:339): avc:  denied  { connect } for  pid=3763 comm="syz.0.59" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   36.166290][ T3767] loop2: detected capacity change from 0 to 512
[   36.167338][   T29] audit: type=1400 audit(1746763878.932:340): avc:  denied  { write } for  pid=3763 comm="syz.0.59" path="socket:[4877]" dev="sockfs" ino=4877 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   36.195861][   T29] audit: type=1400 audit(1746763878.982:341): avc:  denied  { bind } for  pid=3766 comm="syz.2.61" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   36.230291][ T3770] netlink: 8 bytes leftover after parsing attributes in process `syz.1.62'.
[   36.234438][   T29] audit: type=1400 audit(1746763879.052:342): avc:  denied  { search } for  pid=3044 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   36.245677][ T3767] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.261132][   T29] audit: type=1400 audit(1746763879.052:343): avc:  denied  { read } for  pid=3044 comm="dhcpcd" name="n25" dev="tmpfs" ino=866 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   36.295815][   T29] audit: type=1400 audit(1746763879.052:344): avc:  denied  { open } for  pid=3044 comm="dhcpcd" path="/run/udev/data/n25" dev="tmpfs" ino=866 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   36.473970][ T3767] ext4 filesystem being mounted at /3/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   36.551711][ T3793] serio: Serial port ptm1
[   36.852918][ T3815] FAULT_INJECTION: forcing a failure.
[   36.852918][ T3815] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   36.866085][ T3815] CPU: 1 UID: 0 PID: 3815 Comm: syz.3.69 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   36.866117][ T3815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   36.866130][ T3815] Call Trace:
[   36.866213][ T3815]  <TASK>
[   36.866223][ T3815]  __dump_stack+0x1d/0x30
[   36.866252][ T3815]  dump_stack_lvl+0xe8/0x140
[   36.866276][ T3815]  dump_stack+0x15/0x1b
[   36.866334][ T3815]  should_fail_ex+0x265/0x280
[   36.866370][ T3815]  should_fail+0xb/0x20
[   36.866457][ T3815]  should_fail_usercopy+0x1a/0x20
[   36.866476][ T3815]  _copy_from_user+0x1c/0xb0
[   36.866502][ T3815]  __sys_connect+0xd0/0x2b0
[   36.866547][ T3815]  __x64_sys_connect+0x3f/0x50
[   36.866642][ T3815]  x64_sys_call+0x1daa/0x2fb0
[   36.866670][ T3815]  do_syscall_64+0xd0/0x1a0
[   36.866727][ T3815]  ? clear_bhb_loop+0x25/0x80
[   36.866761][ T3815]  ? clear_bhb_loop+0x25/0x80
[   36.866789][ T3815]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   36.866865][ T3815] RIP: 0033:0x7fbb9ae2e969
[   36.866880][ T3815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   36.866900][ T3815] RSP: 002b:00007fbb99497038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[   36.866921][ T3815] RAX: ffffffffffffffda RBX: 00007fbb9b055fa0 RCX: 00007fbb9ae2e969
[   36.866979][ T3815] RDX: 0000000000000010 RSI: 0000200000000180 RDI: 0000000000000004
[   36.866995][ T3815] RBP: 00007fbb99497090 R08: 0000000000000000 R09: 0000000000000000
[   36.867010][ T3815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   36.867058][ T3815] R13: 0000000000000000 R14: 00007fbb9b055fa0 R15: 00007ffe64652338
[   36.867078][ T3815]  </TASK>
[   37.151147][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.291064][ T3829] veth1_macvtap: left promiscuous mode
[   37.310820][ T3829] macsec0: entered promiscuous mode
[   37.367658][ T3829] veth1_macvtap: entered promiscuous mode
[   37.376171][ T3829] macsec0: entered allmulticast mode
[   37.381546][ T3829] veth1_macvtap: entered allmulticast mode
[   37.418428][ T3838] netlink: 56 bytes leftover after parsing attributes in process `syz.4.74'.
[   37.438805][ T3834] veth1_macvtap: left allmulticast mode
[   37.447366][ T3834] veth1_macvtap: left promiscuous mode
[   37.485863][ T3834] macsec0: left allmulticast mode
[   37.513454][    C1] hrtimer: interrupt took 28266 ns
[   37.533668][ T3838] netlink: 24 bytes leftover after parsing attributes in process `syz.4.74'.
[   37.654167][ T3840] syz.1.75 (3840) used greatest stack depth: 10192 bytes left
[   37.664593][ T3860] netlink: 16 bytes leftover after parsing attributes in process `syz.2.77'.
[   37.673538][ T3860] netlink: 16 bytes leftover after parsing attributes in process `syz.2.77'.
[   37.682341][ T3860] netlink: 16 bytes leftover after parsing attributes in process `syz.2.77'.
[   37.723627][ T3860] netlink: 16 bytes leftover after parsing attributes in process `syz.2.77'.
[   37.732465][ T3860] netlink: 16 bytes leftover after parsing attributes in process `syz.2.77'.
[   38.018524][ T3884] FAULT_INJECTION: forcing a failure.
[   38.018524][ T3884] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   38.031926][ T3884] CPU: 1 UID: 0 PID: 3884 Comm: syz.3.82 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   38.031958][ T3884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   38.031970][ T3884] Call Trace:
[   38.031977][ T3884]  <TASK>
[   38.031984][ T3884]  __dump_stack+0x1d/0x30
[   38.032004][ T3884]  dump_stack_lvl+0xe8/0x140
[   38.032022][ T3884]  dump_stack+0x15/0x1b
[   38.032119][ T3884]  should_fail_ex+0x265/0x280
[   38.032151][ T3884]  should_fail+0xb/0x20
[   38.032237][ T3884]  should_fail_usercopy+0x1a/0x20
[   38.032260][ T3884]  _copy_from_user+0x1c/0xb0
[   38.032286][ T3884]  memdup_user+0x5e/0xd0
[   38.032309][ T3884]  strndup_user+0x68/0xb0
[   38.032326][ T3884]  __se_sys_mount+0x4d/0x2e0
[   38.032408][ T3884]  ? fput+0x8f/0xc0
[   38.032424][ T3884]  ? ksys_write+0x16e/0x1a0
[   38.032451][ T3884]  __x64_sys_mount+0x67/0x80
[   38.032483][ T3884]  x64_sys_call+0xd36/0x2fb0
[   38.032565][ T3884]  do_syscall_64+0xd0/0x1a0
[   38.032642][ T3884]  ? clear_bhb_loop+0x25/0x80
[   38.032673][ T3884]  ? clear_bhb_loop+0x25/0x80
[   38.032700][ T3884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.032727][ T3884] RIP: 0033:0x7fbb9ae2e969
[   38.032744][ T3884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   38.032762][ T3884] RSP: 002b:00007fbb99497038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   38.032780][ T3884] RAX: ffffffffffffffda RBX: 00007fbb9b055fa0 RCX: 00007fbb9ae2e969
[   38.032840][ T3884] RDX: 0000200000000080 RSI: 0000200000000000 RDI: 0000000000000000
[   38.032855][ T3884] RBP: 00007fbb99497090 R08: 0000200000000280 R09: 0000000000000000
[   38.032870][ T3884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   38.032962][ T3884] R13: 0000000000000000 R14: 00007fbb9b055fa0 R15: 00007ffe64652338
[   38.032983][ T3884]  </TASK>
[   38.340286][ T3888] FAULT_INJECTION: forcing a failure.
[   38.340286][ T3888] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   38.353459][ T3888] CPU: 0 UID: 0 PID: 3888 Comm: syz.2.84 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   38.353553][ T3888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   38.353568][ T3888] Call Trace:
[   38.353577][ T3888]  <TASK>
[   38.353586][ T3888]  __dump_stack+0x1d/0x30
[   38.353612][ T3888]  dump_stack_lvl+0xe8/0x140
[   38.353644][ T3888]  dump_stack+0x15/0x1b
[   38.353665][ T3888]  should_fail_ex+0x265/0x280
[   38.353778][ T3888]  should_fail+0xb/0x20
[   38.353890][ T3888]  should_fail_usercopy+0x1a/0x20
[   38.353912][ T3888]  _copy_from_iter+0xcf/0xdd0
[   38.353937][ T3888]  ? alloc_pages_mpol+0x202/0x250
[   38.354001][ T3888]  copy_page_from_iter+0x15a/0x290
[   38.354027][ T3888]  tun_get_user+0x5c7/0x24d0
[   38.354127][ T3888]  ? ref_tracker_alloc+0x1f2/0x2f0
[   38.354169][ T3888]  tun_chr_write_iter+0x15e/0x210
[   38.354266][ T3888]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   38.354292][ T3888]  vfs_write+0x49d/0x8d0
[   38.354322][ T3888]  ksys_write+0xda/0x1a0
[   38.354390][ T3888]  __x64_sys_write+0x40/0x50
[   38.354421][ T3888]  x64_sys_call+0x2cdd/0x2fb0
[   38.354441][ T3888]  do_syscall_64+0xd0/0x1a0
[   38.354462][ T3888]  ? clear_bhb_loop+0x25/0x80
[   38.354482][ T3888]  ? clear_bhb_loop+0x25/0x80
[   38.354548][ T3888]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.354574][ T3888] RIP: 0033:0x7f3c4c3ad41f
[   38.354587][ T3888] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   38.354604][ T3888] RSP: 002b:00007f3c4aa17000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   38.354621][ T3888] RAX: ffffffffffffffda RBX: 00007f3c4c5d5fa0 RCX: 00007f3c4c3ad41f
[   38.354641][ T3888] RDX: 0000000000000036 RSI: 0000200000000000 RDI: 00000000000000c8
[   38.354689][ T3888] RBP: 00007f3c4aa17090 R08: 0000000000000000 R09: 0000000000000000
[   38.354704][ T3888] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001
[   38.354716][ T3888] R13: 0000000000000000 R14: 00007f3c4c5d5fa0 R15: 00007fff8c6b3338
[   38.354732][ T3888]  </TASK>
[   38.653477][ T3898] +}[@ uses obsolete (PF_INET,SOCK_PACKET)
[   38.687256][ T3902] 9pnet_fd: Insufficient options for proto=fd
[   38.900904][ T3917] loop3: detected capacity change from 0 to 2048
[   39.010696][ T3924] loop2: detected capacity change from 0 to 8192
[   39.024576][ T3917] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.053759][ T3924] =======================================================
[   39.053759][ T3924] WARNING: The mand mount option has been deprecated and
[   39.053759][ T3924]          and is ignored by this kernel. Remove the mand
[   39.053759][ T3924]          option from the mount to silence this warning.
[   39.053759][ T3924] =======================================================
[   39.134143][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.262876][ T3932] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   39.447238][ T3939] loop2: detected capacity change from 0 to 128
[   39.688015][ T3943] loop1: detected capacity change from 0 to 128
[   39.747578][ T3755] kworker/u8:8: attempt to access beyond end of device
[   39.747578][ T3755] loop2: rw=1, sector=153, nr_sectors = 8 limit=128
[   39.775734][ T3755] kworker/u8:8: attempt to access beyond end of device
[   39.775734][ T3755] loop2: rw=1, sector=169, nr_sectors = 8 limit=128
[   39.800067][ T3755] kworker/u8:8: attempt to access beyond end of device
[   39.800067][ T3755] loop2: rw=1, sector=185, nr_sectors = 8 limit=128
[   39.822751][ T3755] kworker/u8:8: attempt to access beyond end of device
[   39.822751][ T3755] loop2: rw=1, sector=201, nr_sectors = 8 limit=128
[   39.874551][ T3755] kworker/u8:8: attempt to access beyond end of device
[   39.874551][ T3755] loop2: rw=1, sector=217, nr_sectors = 8 limit=128
[   39.892613][ T3755] kworker/u8:8: attempt to access beyond end of device
[   39.892613][ T3755] loop2: rw=1, sector=233, nr_sectors = 8 limit=128
[   39.906645][ T3948] 9pnet_fd: Insufficient options for proto=fd
[   39.967466][ T3755] kworker/u8:8: attempt to access beyond end of device
[   39.967466][ T3755] loop2: rw=1, sector=249, nr_sectors = 8 limit=128
[   39.987621][ T3755] kworker/u8:8: attempt to access beyond end of device
[   39.987621][ T3755] loop2: rw=1, sector=265, nr_sectors = 8 limit=128
[   40.007518][ T3755] kworker/u8:8: attempt to access beyond end of device
[   40.007518][ T3755] loop2: rw=1, sector=281, nr_sectors = 8 limit=128
[   40.022416][ T3755] kworker/u8:8: attempt to access beyond end of device
[   40.022416][ T3755] loop2: rw=1, sector=297, nr_sectors = 8 limit=128
[   40.112637][ T3959] netlink: 'syz.3.101': attribute type 3 has an invalid length.
[   40.121346][ T3959] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   40.132293][ T3959] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98
[   40.460488][ T3978] FAULT_INJECTION: forcing a failure.
[   40.460488][ T3978] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   40.473699][ T3978] CPU: 1 UID: 0 PID: 3978 Comm: syz.1.108 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   40.473749][ T3978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   40.473764][ T3978] Call Trace:
[   40.473848][ T3978]  <TASK>
[   40.473856][ T3978]  __dump_stack+0x1d/0x30
[   40.473965][ T3978]  dump_stack_lvl+0xe8/0x140
[   40.473989][ T3978]  dump_stack+0x15/0x1b
[   40.474010][ T3978]  should_fail_ex+0x265/0x280
[   40.474071][ T3978]  should_fail+0xb/0x20
[   40.474101][ T3978]  should_fail_usercopy+0x1a/0x20
[   40.474125][ T3978]  _copy_from_iter+0xcf/0xdd0
[   40.474149][ T3978]  ? alloc_pages_mpol+0x202/0x250
[   40.474180][ T3978]  copy_page_from_iter+0x15a/0x290
[   40.474250][ T3978]  tun_get_user+0x5c7/0x24d0
[   40.474303][ T3978]  ? ref_tracker_alloc+0x1f2/0x2f0
[   40.474348][ T3978]  tun_chr_write_iter+0x15e/0x210
[   40.474378][ T3978]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   40.474411][ T3978]  vfs_write+0x49d/0x8d0
[   40.474489][ T3978]  ksys_write+0xda/0x1a0
[   40.474519][ T3978]  __x64_sys_write+0x40/0x50
[   40.474558][ T3978]  x64_sys_call+0x2cdd/0x2fb0
[   40.474584][ T3978]  do_syscall_64+0xd0/0x1a0
[   40.474612][ T3978]  ? clear_bhb_loop+0x25/0x80
[   40.474728][ T3978]  ? clear_bhb_loop+0x25/0x80
[   40.474755][ T3978]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.474780][ T3978] RIP: 0033:0x7fbb5a70d41f
[   40.474798][ T3978] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   40.474820][ T3978] RSP: 002b:00007fbb58d77000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   40.474843][ T3978] RAX: ffffffffffffffda RBX: 00007fbb5a935fa0 RCX: 00007fbb5a70d41f
[   40.474867][ T3978] RDX: 0000000000000036 RSI: 0000200000000000 RDI: 00000000000000c8
[   40.474883][ T3978] RBP: 00007fbb58d77090 R08: 0000000000000000 R09: 0000000000000000
[   40.474898][ T3978] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001
[   40.474914][ T3978] R13: 0000000000000000 R14: 00007fbb5a935fa0 R15: 00007ffc84b3a088
[   40.474936][ T3978]  </TASK>
[   40.857711][ T3984] __nla_validate_parse: 6 callbacks suppressed
[   40.857733][ T3984] netlink: 16 bytes leftover after parsing attributes in process `syz.1.110'.
[   41.253648][ T3988] 9pnet_fd: Insufficient options for proto=fd
[   41.355671][   T29] kauditd_printk_skb: 52 callbacks suppressed
[   41.355727][   T29] audit: type=1400 audit(1746763884.212:397): avc:  denied  { load_policy } for  pid=3992 comm="syz.3.112" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   41.356008][ T3993] SELinux: ebitmap start bit (285213504) is beyond the end of the bitmap (1088)
[   41.397649][ T3993] SELinux: failed to load policy
[   41.406957][ T3993] SELinux: syz.3.112 (3993) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   41.424137][   T29] audit: type=1400 audit(1746763884.282:398): avc:  denied  { create } for  pid=3992 comm="syz.3.112" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   41.424256][ T3993] netlink: 20 bytes leftover after parsing attributes in process `syz.3.112'.
[   41.462592][   T29] audit: type=1400 audit(1746763884.312:399): avc:  denied  { block_suspend } for  pid=3995 comm="syz.0.115" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   41.780568][ T4015] FAULT_INJECTION: forcing a failure.
[   41.780568][ T4015] name failslab, interval 1, probability 0, space 0, times 0
[   41.793353][ T4015] CPU: 0 UID: 0 PID: 4015 Comm: syz.0.120 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   41.793388][ T4015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   41.793459][ T4015] Call Trace:
[   41.793466][ T4015]  <TASK>
[   41.793489][ T4015]  __dump_stack+0x1d/0x30
[   41.793515][ T4015]  dump_stack_lvl+0xe8/0x140
[   41.793539][ T4015]  dump_stack+0x15/0x1b
[   41.793559][ T4015]  should_fail_ex+0x265/0x280
[   41.793599][ T4015]  should_failslab+0x8c/0xb0
[   41.793631][ T4015]  kmem_cache_alloc_node_noprof+0x57/0x320
[   41.793698][ T4015]  ? __alloc_skb+0x101/0x320
[   41.793728][ T4015]  __alloc_skb+0x101/0x320
[   41.793763][ T4015]  netlink_alloc_large_skb+0xba/0xf0
[   41.793844][ T4015]  netlink_sendmsg+0x3cf/0x6b0
[   41.793877][ T4015]  ? __pfx_netlink_sendmsg+0x10/0x10
[   41.793968][ T4015]  __sock_sendmsg+0x142/0x180
[   41.793996][ T4015]  ____sys_sendmsg+0x31e/0x4e0
[   41.794016][ T4015]  ___sys_sendmsg+0x17b/0x1d0
[   41.794051][ T4015]  __x64_sys_sendmsg+0xd4/0x160
[   41.794080][ T4015]  x64_sys_call+0x2999/0x2fb0
[   41.794145][ T4015]  do_syscall_64+0xd0/0x1a0
[   41.794172][ T4015]  ? clear_bhb_loop+0x25/0x80
[   41.794267][ T4015]  ? clear_bhb_loop+0x25/0x80
[   41.794290][ T4015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.794316][ T4015] RIP: 0033:0x7fcbb17ee969
[   41.794342][ T4015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.794364][ T4015] RSP: 002b:00007fcbafe57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   41.794458][ T4015] RAX: ffffffffffffffda RBX: 00007fcbb1a15fa0 RCX: 00007fcbb17ee969
[   41.794474][ T4015] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[   41.794489][ T4015] RBP: 00007fcbafe57090 R08: 0000000000000000 R09: 0000000000000000
[   41.794503][ T4015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   41.794518][ T4015] R13: 0000000000000000 R14: 00007fcbb1a15fa0 R15: 00007fffa3b19d18
[   41.794568][ T4015]  </TASK>
[   42.103600][ T3833] syz.4.74 (3833) used greatest stack depth: 6016 bytes left
[   42.305698][ T4026] 9pnet_fd: Insufficient options for proto=fd
[   42.476907][ T4029] serio: Serial port ptm0
[   42.589978][   T29] audit: type=1400 audit(1746763885.442:400): avc:  denied  { create } for  pid=4027 comm="syz.2.127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[   42.653841][ T4038] netlink: 24 bytes leftover after parsing attributes in process `syz.1.130'.
[   42.915428][ T4048] loop2: detected capacity change from 0 to 128
[   42.955146][   T29] audit: type=1400 audit(1746763885.812:401): avc:  denied  { mount } for  pid=4047 comm="syz.2.132" name="/" dev="loop2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   43.153465][   T29] audit: type=1400 audit(1746763885.992:402): avc:  denied  { unmount } for  pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   43.213699][ T4053] netlink: 12 bytes leftover after parsing attributes in process `syz.2.134'.
[   43.249729][   T29] audit: type=1400 audit(1746763886.032:403): avc:  denied  { mounton } for  pid=4052 comm="syz.2.134" path="/17/file0" dev="tmpfs" ino=110 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   43.544315][ T4044] loop4: detected capacity change from 0 to 8192
[   43.841792][   T29] audit: type=1400 audit(1746763886.692:404): avc:  denied  { execute } for  pid=4070 comm="syz.2.142" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=6307 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[   43.926236][ T4071] loop2: detected capacity change from 0 to 512
[   43.933427][   T29] audit: type=1326 audit(1746763886.772:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4075 comm="syz.4.143" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6185f4e969 code=0x0
[   43.957670][ T4071] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   43.979220][ T4079] netlink: 24 bytes leftover after parsing attributes in process `syz.4.143'.
[   44.016902][ T4071] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.142: invalid indirect mapped block 4294967295 (level 1)
[   44.123045][ T4071] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.142: invalid indirect mapped block 4294967295 (level 1)
[   44.153962][   T29] audit: type=1326 audit(1746763886.992:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4077 comm="syz.0.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbb17ee969 code=0x7ffc0000
[   44.274323][ T4071] EXT4-fs (loop2): 2 truncates cleaned up
[   44.280564][ T4071] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.394113][ T4071] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.142: bg 0: block 5: invalid block bitmap
[   44.543100][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.638212][ T4090] loop2: detected capacity change from 0 to 512
[   44.662365][ T4090] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.146: invalid indirect mapped block 256 (level 2)
[   44.696386][ T4090] EXT4-fs (loop2): 2 truncates cleaned up
[   44.766377][ T4093] netlink: 4 bytes leftover after parsing attributes in process `syz.1.147'.
[   44.798592][ T4090] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.817591][ T4096] netlink: 'syz.4.148': attribute type 3 has an invalid length.
[   44.967017][ T4096] random: crng reseeded on system resumption
[   45.436043][ T2303] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm kworker/u8:6: bg 0: block 5: invalid block bitmap
[   45.478517][ T2303] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1164 with error 28
[   45.492072][ T2303] EXT4-fs (loop2): This should not happen!! Data will be lost
[   45.492072][ T2303] 
[   45.501980][ T2303] EXT4-fs (loop2): Total free blocks count 0
[   45.508073][ T2303] EXT4-fs (loop2): Free/Dirty block details
[   45.514042][ T2303] EXT4-fs (loop2): free_blocks=0
[   45.519045][ T2303] EXT4-fs (loop2): dirty_blocks=1168
[   45.524398][ T2303] EXT4-fs (loop2): Block reservation details
[   45.530395][ T2303] EXT4-fs (loop2): i_reserved_data_blocks=1168
[   45.607862][ T4120] netlink: 4 bytes leftover after parsing attributes in process `syz.1.158'.
[   45.631323][ T4125] 9pnet_fd: Insufficient options for proto=fd
[   45.718659][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.733257][ T4117] netlink: 'syz.4.157': attribute type 3 has an invalid length.
[   45.753846][ T4117] siw: device registration error -23
[   45.869719][ T4136] loop2: detected capacity change from 0 to 128
[   45.876827][ T4133] loop1: detected capacity change from 0 to 2048
[   46.015758][ T4143] netlink: 52 bytes leftover after parsing attributes in process `syz.4.164'.
[   46.145250][   T51] bio_check_eod: 326 callbacks suppressed
[   46.145268][   T51] kworker/u8:3: attempt to access beyond end of device
[   46.145268][   T51] loop2: rw=1, sector=153, nr_sectors = 8 limit=128
[   46.178843][ T4133] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.346284][ T4150] loop4: detected capacity change from 0 to 512
[   46.358451][   T51] kworker/u8:3: attempt to access beyond end of device
[   46.358451][   T51] loop2: rw=1, sector=169, nr_sectors = 8 limit=128
[   46.379810][   T51] kworker/u8:3: attempt to access beyond end of device
[   46.379810][   T51] loop2: rw=1, sector=185, nr_sectors = 8 limit=128
[   46.428365][   T51] kworker/u8:3: attempt to access beyond end of device
[   46.428365][   T51] loop2: rw=1, sector=201, nr_sectors = 8 limit=128
[   46.486603][   T51] kworker/u8:3: attempt to access beyond end of device
[   46.486603][   T51] loop2: rw=1, sector=217, nr_sectors = 8 limit=128
[   46.541562][   T51] kworker/u8:3: attempt to access beyond end of device
[   46.541562][   T51] loop2: rw=1, sector=233, nr_sectors = 8 limit=128
[   46.564154][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.583993][   T51] kworker/u8:3: attempt to access beyond end of device
[   46.583993][   T51] loop2: rw=1, sector=249, nr_sectors = 8 limit=128
[   46.595088][ T4150] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.612690][   T51] kworker/u8:3: attempt to access beyond end of device
[   46.612690][   T51] loop2: rw=1, sector=265, nr_sectors = 8 limit=128
[   46.632606][   T51] kworker/u8:3: attempt to access beyond end of device
[   46.632606][   T51] loop2: rw=1, sector=281, nr_sectors = 8 limit=128
[   46.646142][   T51] kworker/u8:3: attempt to access beyond end of device
[   46.646142][   T51] loop2: rw=1, sector=297, nr_sectors = 8 limit=128
[   46.702785][ T4150] ext4 filesystem being mounted at /23/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   46.727150][ T4113] loop3: detected capacity change from 0 to 8192
[   46.748226][   T29] kauditd_printk_skb: 103 callbacks suppressed
[   46.748245][   T29] audit: type=1400 audit(1746763889.602:510): avc:  denied  { setattr } for  pid=4146 comm="syz.4.165" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   46.748241][ T4147] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.165: corrupted inode contents
[   46.751601][ T4147] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #2: comm syz.4.165: mark_inode_dirty error
[   46.800104][ T4147] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.165: corrupted inode contents
[   46.813822][ T4150] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.165: corrupted inode contents
[   46.857522][ T4150] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #2: comm syz.4.165: mark_inode_dirty error
[   46.912810][ T4156] netlink: 20 bytes leftover after parsing attributes in process `syz.1.167'.
[   46.943303][ T4150] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.165: corrupted inode contents
[   46.983136][   T29] audit: type=1326 audit(1746763889.832:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4157 comm="syz.0.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbb17ee969 code=0x7ffc0000
[   47.006425][   T29] audit: type=1326 audit(1746763889.832:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4157 comm="syz.0.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbb17ee969 code=0x7ffc0000
[   47.014403][ T4162] netlink: 4 bytes leftover after parsing attributes in process `syz.1.167'.
[   47.030014][   T29] audit: type=1326 audit(1746763889.832:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4157 comm="syz.0.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7fcbb17ee969 code=0x7ffc0000
[   47.062279][   T29] audit: type=1326 audit(1746763889.832:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4157 comm="syz.0.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbb17ee969 code=0x7ffc0000
[   47.069570][ T4150] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #2: comm syz.4.165: mark_inode_dirty error
[   47.085533][   T29] audit: type=1326 audit(1746763889.832:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4157 comm="syz.0.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbb17ee969 code=0x7ffc0000
[   47.181524][ T4150] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.165: corrupted inode contents
[   47.237701][ T4150] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #2: comm syz.4.165: mark_inode_dirty error
[   47.317904][ T4167] FAULT_INJECTION: forcing a failure.
[   47.317904][ T4167] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   47.331176][ T4167] CPU: 1 UID: 0 PID: 4167 Comm: syz.0.171 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   47.331210][ T4167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   47.331225][ T4167] Call Trace:
[   47.331232][ T4167]  <TASK>
[   47.331241][ T4167]  __dump_stack+0x1d/0x30
[   47.331265][ T4167]  dump_stack_lvl+0xe8/0x140
[   47.331365][ T4167]  dump_stack+0x15/0x1b
[   47.331386][ T4167]  should_fail_ex+0x265/0x280
[   47.331477][ T4167]  should_fail+0xb/0x20
[   47.331513][ T4167]  should_fail_usercopy+0x1a/0x20
[   47.331536][ T4167]  strncpy_from_user+0x25/0x230
[   47.331641][ T4167]  path_setxattrat+0xeb/0x310
[   47.331693][ T4167]  __x64_sys_setxattr+0x6e/0x90
[   47.331803][ T4167]  x64_sys_call+0x28a7/0x2fb0
[   47.331867][ T4167]  do_syscall_64+0xd0/0x1a0
[   47.331949][ T4167]  ? clear_bhb_loop+0x25/0x80
[   47.331975][ T4167]  ? clear_bhb_loop+0x25/0x80
[   47.332003][ T4167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.332029][ T4167] RIP: 0033:0x7fcbb17ee969
[   47.332046][ T4167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.332062][ T4167] RSP: 002b:00007fcbafe36038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[   47.332079][ T4167] RAX: ffffffffffffffda RBX: 00007fcbb1a16080 RCX: 00007fcbb17ee969
[   47.332090][ T4167] RDX: 0000200000002b40 RSI: 0000200000002a40 RDI: 0000200000002a00
[   47.332109][ T4167] RBP: 00007fcbafe36090 R08: 0000000000000000 R09: 0000000000000000
[   47.332120][ T4167] R10: 0000000000000024 R11: 0000000000000246 R12: 0000000000000001
[   47.332194][ T4167] R13: 0000000000000000 R14: 00007fcbb1a16080 R15: 00007fffa3b19d18
[   47.332216][ T4167]  </TASK>
[   47.550605][   T29] audit: type=1326 audit(1746763890.382:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4168 comm="syz.2.172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c4c3ae969 code=0x7ffc0000
[   47.574264][   T29] audit: type=1326 audit(1746763890.382:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4168 comm="syz.2.172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3c4c3ae969 code=0x7ffc0000
[   47.582994][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.598587][   T29] audit: type=1326 audit(1746763890.382:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4168 comm="syz.2.172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c4c3ae969 code=0x7ffc0000
[   47.629781][   T29] audit: type=1326 audit(1746763890.392:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4168 comm="syz.2.172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3c4c3ae969 code=0x7ffc0000
[   47.676799][ T4174] loop2: detected capacity change from 0 to 512
[   47.714123][ T4174] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.175: invalid indirect mapped block 256 (level 2)
[   47.722860][ T4176] netlink: 24 bytes leftover after parsing attributes in process `syz.1.176'.
[   47.744067][ T4174] EXT4-fs (loop2): 2 truncates cleaned up
[   47.753184][ T4174] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.929263][ T4188] netlink: 60 bytes leftover after parsing attributes in process `syz.4.180'.
[   48.089637][   T51] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm kworker/u8:3: bg 0: block 5: invalid block bitmap
[   48.124964][   T51] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 496 with error 28
[   48.137518][   T51] EXT4-fs (loop2): This should not happen!! Data will be lost
[   48.137518][   T51] 
[   48.147210][   T51] EXT4-fs (loop2): Total free blocks count 0
[   48.153251][   T51] EXT4-fs (loop2): Free/Dirty block details
[   48.159295][   T51] EXT4-fs (loop2): free_blocks=0
[   48.164391][   T51] EXT4-fs (loop2): dirty_blocks=496
[   48.169622][   T51] EXT4-fs (loop2): Block reservation details
[   48.175641][   T51] EXT4-fs (loop2): i_reserved_data_blocks=496
[   48.187811][ T4203] netlink: 20 bytes leftover after parsing attributes in process `syz.0.187'.
[   48.208008][ T4206] loop4: detected capacity change from 0 to 512
[   48.212401][ T4203] netlink: 4 bytes leftover after parsing attributes in process `syz.0.187'.
[   48.226224][ T4203] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.246120][ T4203] bridge_slave_1 (unregistering): left allmulticast mode
[   48.253345][ T4203] bridge_slave_1 (unregistering): left promiscuous mode
[   48.260346][ T4203] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.270120][ T4206] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.189: invalid indirect mapped block 256 (level 2)
[   48.286531][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.354091][ T4206] EXT4-fs (loop4): 2 truncates cleaned up
[   48.360464][ T4206] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.566055][ T4211] netlink: 4 bytes leftover after parsing attributes in process `syz.1.191'.
[   48.595699][ T2303] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm kworker/u8:6: bg 0: block 5: invalid block bitmap
[   48.628134][ T2303] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1444 with error 28
[   48.640862][ T2303] EXT4-fs (loop4): This should not happen!! Data will be lost
[   48.640862][ T2303] 
[   48.650671][ T2303] EXT4-fs (loop4): Total free blocks count 0
[   48.656733][ T2303] EXT4-fs (loop4): Free/Dirty block details
[   48.662704][ T2303] EXT4-fs (loop4): free_blocks=0
[   48.667710][ T2303] EXT4-fs (loop4): dirty_blocks=1448
[   48.673090][ T2303] EXT4-fs (loop4): Block reservation details
[   48.679094][ T2303] EXT4-fs (loop4): i_reserved_data_blocks=1448
[   48.729069][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.842414][ T4234] 9pnet_fd: Insufficient options for proto=fd
[   48.963892][ T4232] hub 4-0:1.0: USB hub found
[   49.012665][ T4232] hub 4-0:1.0: 8 ports detected
[   49.031787][ T4242] loop1: detected capacity change from 0 to 256
[   49.070376][ T4244] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   49.087932][ T4242] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   49.101304][ T4232] netlink: 16 bytes leftover after parsing attributes in process `syz.1.196'.
[   49.144026][ T4246] netlink: 4 bytes leftover after parsing attributes in process `syz.3.201'.
[   49.871200][ T4278] 9pnet_fd: Insufficient options for proto=fd
[   49.983223][ T4288] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.009308][ T4288] bridge_slave_1 (unregistering): left allmulticast mode
[   50.016534][ T4288] bridge_slave_1 (unregistering): left promiscuous mode
[   50.023611][ T4288] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.196459][ T4314] 9pnet_fd: Insufficient options for proto=fd
[   50.329601][ T4306] netlink: 'syz.3.221': attribute type 3 has an invalid length.
[   50.341273][ T4328] FAULT_INJECTION: forcing a failure.
[   50.341273][ T4328] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   50.354471][ T4328] CPU: 0 UID: 0 PID: 4328 Comm: syz.2.235 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   50.354501][ T4328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   50.354527][ T4328] Call Trace:
[   50.354534][ T4328]  <TASK>
[   50.354542][ T4328]  __dump_stack+0x1d/0x30
[   50.354563][ T4328]  dump_stack_lvl+0xe8/0x140
[   50.354582][ T4328]  dump_stack+0x15/0x1b
[   50.354598][ T4328]  should_fail_ex+0x265/0x280
[   50.354648][ T4328]  should_fail+0xb/0x20
[   50.354700][ T4328]  should_fail_usercopy+0x1a/0x20
[   50.354719][ T4328]  _copy_from_user+0x1c/0xb0
[   50.354740][ T4328]  ___sys_sendmsg+0xc1/0x1d0
[   50.354781][ T4328]  __x64_sys_sendmsg+0xd4/0x160
[   50.354861][ T4328]  x64_sys_call+0x2999/0x2fb0
[   50.354889][ T4328]  do_syscall_64+0xd0/0x1a0
[   50.354918][ T4328]  ? clear_bhb_loop+0x25/0x80
[   50.354940][ T4328]  ? clear_bhb_loop+0x25/0x80
[   50.354961][ T4328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.355041][ T4328] RIP: 0033:0x7f3c4c3ae969
[   50.355056][ T4328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.355073][ T4328] RSP: 002b:00007f3c4aa17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   50.355097][ T4328] RAX: ffffffffffffffda RBX: 00007f3c4c5d5fa0 RCX: 00007f3c4c3ae969
[   50.355113][ T4328] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000006
[   50.355128][ T4328] RBP: 00007f3c4aa17090 R08: 0000000000000000 R09: 0000000000000000
[   50.355142][ T4328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   50.355230][ T4328] R13: 0000000000000000 R14: 00007f3c4c5d5fa0 R15: 00007fff8c6b3338
[   50.355253][ T4328]  </TASK>
[   50.490856][ T4344] 9pnet_fd: Insufficient options for proto=fd
[   50.569241][ T4352] loop1: detected capacity change from 0 to 512
[   50.576109][ T4352] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   50.576125][ T4352] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   50.605954][ T4352] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   50.606120][ T4352] EXT4-fs (loop1): 1 truncate cleaned up
[   50.660341][ T4352] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.700542][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.890986][ T4369] loop1: detected capacity change from 0 to 512
[   50.911930][ T4371] loop4: detected capacity change from 0 to 128
[   50.923995][ T4369] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.252: invalid indirect mapped block 256 (level 2)
[   50.952102][ T4369] EXT4-fs (loop1): 2 truncates cleaned up
[   50.961817][ T4369] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.025043][ T4378] FAULT_INJECTION: forcing a failure.
[   51.025043][ T4378] name failslab, interval 1, probability 0, space 0, times 0
[   51.037882][ T4378] CPU: 1 UID: 0 PID: 4378 Comm: syz.2.255 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   51.037988][ T4378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   51.038003][ T4378] Call Trace:
[   51.038012][ T4378]  <TASK>
[   51.038021][ T4378]  __dump_stack+0x1d/0x30
[   51.038045][ T4378]  dump_stack_lvl+0xe8/0x140
[   51.038065][ T4378]  dump_stack+0x15/0x1b
[   51.038127][ T4378]  should_fail_ex+0x265/0x280
[   51.038235][ T4378]  should_failslab+0x8c/0xb0
[   51.038335][ T4378]  kmem_cache_alloc_noprof+0x50/0x310
[   51.038376][ T4378]  ? getname_flags+0x80/0x3b0
[   51.038408][ T4378]  getname_flags+0x80/0x3b0
[   51.038515][ T4378]  __x64_sys_link+0x40/0x70
[   51.038576][ T4378]  x64_sys_call+0x2af9/0x2fb0
[   51.038602][ T4378]  do_syscall_64+0xd0/0x1a0
[   51.038624][ T4378]  ? clear_bhb_loop+0x25/0x80
[   51.038718][ T4378]  ? clear_bhb_loop+0x25/0x80
[   51.038741][ T4378]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.038765][ T4378] RIP: 0033:0x7f3c4c3ae969
[   51.038782][ T4378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.038844][ T4378] RSP: 002b:00007f3c4aa17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000056
[   51.038866][ T4378] RAX: ffffffffffffffda RBX: 00007f3c4c5d5fa0 RCX: 00007f3c4c3ae969
[   51.038880][ T4378] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   51.038894][ T4378] RBP: 00007f3c4aa17090 R08: 0000000000000000 R09: 0000000000000000
[   51.038980][ T4378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   51.038992][ T4378] R13: 0000000000000000 R14: 00007f3c4c5d5fa0 R15: 00007fff8c6b3338
[   51.039014][ T4378]  </TASK>
[   51.261799][ T4384] __nla_validate_parse: 35 callbacks suppressed
[   51.261834][ T4384] netlink: 12 bytes leftover after parsing attributes in process `syz.2.256'.
[   51.403410][ T4386] netlink: 4 bytes leftover after parsing attributes in process `syz.3.257'.
[   51.540967][   T51] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm kworker/u8:3: bg 0: block 5: invalid block bitmap
[   51.573069][ T4395] netlink: 12 bytes leftover after parsing attributes in process `syz.2.261'.
[   51.592791][   T51] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1636 with error 28
[   51.605902][   T51] EXT4-fs (loop1): This should not happen!! Data will be lost
[   51.605902][   T51] 
[   51.616106][   T51] EXT4-fs (loop1): Total free blocks count 0
[   51.623090][   T51] EXT4-fs (loop1): Free/Dirty block details
[   51.627428][ T4395] netlink: 4 bytes leftover after parsing attributes in process `syz.2.261'.
[   51.629082][   T51] EXT4-fs (loop1): free_blocks=0
[   51.643345][   T51] EXT4-fs (loop1): dirty_blocks=1640
[   51.648677][   T51] EXT4-fs (loop1): Block reservation details
[   51.654773][   T51] EXT4-fs (loop1): i_reserved_data_blocks=1640
[   51.677648][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.747260][   T51] bio_check_eod: 102 callbacks suppressed
[   51.747279][   T51] kworker/u8:3: attempt to access beyond end of device
[   51.747279][   T51] loop4: rw=1, sector=153, nr_sectors = 8 limit=128
[   51.821051][ T4407] netlink: 4 bytes leftover after parsing attributes in process `syz.3.264'.
[   51.834940][   T51] kworker/u8:3: attempt to access beyond end of device
[   51.834940][   T51] loop4: rw=1, sector=169, nr_sectors = 8 limit=128
[   51.866935][   T51] kworker/u8:3: attempt to access beyond end of device
[   51.866935][   T51] loop4: rw=1, sector=185, nr_sectors = 8 limit=128
[   51.923418][   T51] kworker/u8:3: attempt to access beyond end of device
[   51.923418][   T51] loop4: rw=1, sector=201, nr_sectors = 8 limit=128
[   51.942299][ T4416] netlink: 24 bytes leftover after parsing attributes in process `syz.0.269'.
[   51.955585][   T51] kworker/u8:3: attempt to access beyond end of device
[   51.955585][   T51] loop4: rw=1, sector=217, nr_sectors = 8 limit=128
[   51.964125][ T4414] binfmt_misc: register: failed to install interpreter file ./file0
[   51.982212][   T51] kworker/u8:3: attempt to access beyond end of device
[   51.982212][   T51] loop4: rw=1, sector=233, nr_sectors = 8 limit=128
[   52.002088][   T29] kauditd_printk_skb: 323 callbacks suppressed
[   52.002108][   T29] audit: type=1400 audit(1746763894.852:843): avc:  denied  { write } for  pid=4417 comm="syz.0.270" name="xfrm_stat" dev="proc" ino=4026532652 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   52.049129][   T51] kworker/u8:3: attempt to access beyond end of device
[   52.049129][   T51] loop4: rw=1, sector=249, nr_sectors = 8 limit=128
[   52.072883][   T51] kworker/u8:3: attempt to access beyond end of device
[   52.072883][   T51] loop4: rw=1, sector=265, nr_sectors = 8 limit=128
[   52.087623][ T4423] FAULT_INJECTION: forcing a failure.
[   52.087623][ T4423] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   52.100873][ T4423] CPU: 0 UID: 0 PID: 4423 Comm: syz.2.271 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   52.100905][ T4423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   52.100918][ T4423] Call Trace:
[   52.100926][ T4423]  <TASK>
[   52.100935][ T4423]  __dump_stack+0x1d/0x30
[   52.100957][ T4423]  dump_stack_lvl+0xe8/0x140
[   52.100975][ T4423]  dump_stack+0x15/0x1b
[   52.100991][ T4423]  should_fail_ex+0x265/0x280
[   52.101033][ T4423]  should_fail+0xb/0x20
[   52.101068][ T4423]  should_fail_usercopy+0x1a/0x20
[   52.101106][ T4423]  _copy_from_user+0x1c/0xb0
[   52.101126][ T4423]  __copy_msghdr+0x244/0x300
[   52.101145][ T4423]  ___sys_sendmsg+0x109/0x1d0
[   52.101183][ T4423]  __x64_sys_sendmsg+0xd4/0x160
[   52.101313][ T4423]  x64_sys_call+0x2999/0x2fb0
[   52.101375][ T4423]  do_syscall_64+0xd0/0x1a0
[   52.101402][ T4423]  ? clear_bhb_loop+0x25/0x80
[   52.101524][ T4423]  ? clear_bhb_loop+0x25/0x80
[   52.101620][ T4423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.101643][ T4423] RIP: 0033:0x7f3c4c3ae969
[   52.101659][ T4423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.101676][ T4423] RSP: 002b:00007f3c4aa17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   52.101698][ T4423] RAX: ffffffffffffffda RBX: 00007f3c4c5d5fa0 RCX: 00007f3c4c3ae969
[   52.101768][ T4423] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[   52.101784][ T4423] RBP: 00007f3c4aa17090 R08: 0000000000000000 R09: 0000000000000000
[   52.101799][ T4423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.101814][ T4423] R13: 0000000000000000 R14: 00007f3c4c5d5fa0 R15: 00007fff8c6b3338
[   52.101837][ T4423]  </TASK>
[   52.102218][   T29] audit: type=1400 audit(1746763894.942:844): avc:  denied  { name_bind } for  pid=4420 comm="syz.0.272" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   52.172641][   T51] kworker/u8:3: attempt to access beyond end of device
[   52.172641][   T51] loop4: rw=1, sector=281, nr_sectors = 8 limit=128
[   52.172786][   T29] audit: type=1400 audit(1746763894.942:845): avc:  denied  { node_bind } for  pid=4420 comm="syz.0.272" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   52.182715][   T51] kworker/u8:3: attempt to access beyond end of device
[   52.182715][   T51] loop4: rw=1, sector=297, nr_sectors = 8 limit=128
[   52.186856][   T29] audit: type=1326 audit(1746763894.942:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4420 comm="syz.0.272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbb17ee969 code=0x7ffc0000
[   52.232458][ T4428] netlink: 12 bytes leftover after parsing attributes in process `syz.2.274'.
[   52.235039][   T29] audit: type=1326 audit(1746763894.942:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4420 comm="syz.0.272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcbb17ee969 code=0x7ffc0000
[   52.389880][ T4429] netlink: 4 bytes leftover after parsing attributes in process `syz.2.274'.
[   52.405092][   T29] audit: type=1326 audit(1746763894.942:848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4420 comm="syz.0.272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbb17ee969 code=0x7ffc0000
[   52.437631][   T29] audit: type=1326 audit(1746763894.942:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4420 comm="syz.0.272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcbb17ee969 code=0x7ffc0000
[   52.461020][   T29] audit: type=1326 audit(1746763894.942:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4420 comm="syz.0.272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbb17ee969 code=0x7ffc0000
[   52.466689][ T4434] loop3: detected capacity change from 0 to 128
[   52.484792][   T29] audit: type=1326 audit(1746763894.942:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4420 comm="syz.0.272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=265 compat=0 ip=0x7fcbb17ee969 code=0x7ffc0000
[   52.484830][   T29] audit: type=1326 audit(1746763894.942:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4420 comm="syz.0.272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbb17ee969 code=0x7ffc0000
[   52.680485][ T4440] netlink: 24 bytes leftover after parsing attributes in process `syz.2.277'.
[   52.718064][ T4442] netlink: 4 bytes leftover after parsing attributes in process `syz.2.279'.
[   53.010765][ T4452] siw: device registration error -23
[   53.038192][ T4464] serio: Serial port ptm0
[   53.089732][ T4456] netlink: 'syz.2.284': attribute type 3 has an invalid length.
[   53.124063][ T4456] siw: device registration error -23
[   53.223716][ T4473] serio: Serial port ptm1
[   54.112238][ T4509] siw: device registration error -23
[   54.594807][ T4545] serio: Serial port ptm0
[   54.673876][ T4551] 9pnet_fd: Insufficient options for proto=fd
[   54.789263][ T4555] FAULT_INJECTION: forcing a failure.
[   54.789263][ T4555] name failslab, interval 1, probability 0, space 0, times 0
[   54.802075][ T4555] CPU: 0 UID: 0 PID: 4555 Comm: syz.2.317 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   54.802110][ T4555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   54.802126][ T4555] Call Trace:
[   54.802134][ T4555]  <TASK>
[   54.802143][ T4555]  __dump_stack+0x1d/0x30
[   54.802179][ T4555]  dump_stack_lvl+0xe8/0x140
[   54.802197][ T4555]  dump_stack+0x15/0x1b
[   54.802224][ T4555]  should_fail_ex+0x265/0x280
[   54.802329][ T4555]  should_failslab+0x8c/0xb0
[   54.802359][ T4555]  kmem_cache_alloc_node_noprof+0x57/0x320
[   54.802422][ T4555]  ? __alloc_skb+0x101/0x320
[   54.802451][ T4555]  __alloc_skb+0x101/0x320
[   54.802492][ T4555]  ? audit_log_start+0x365/0x6c0
[   54.802531][ T4555]  audit_log_start+0x380/0x6c0
[   54.802569][ T4555]  audit_seccomp+0x48/0x100
[   54.802598][ T4555]  ? __seccomp_filter+0x68c/0x10d0
[   54.802621][ T4555]  __seccomp_filter+0x69d/0x10d0
[   54.802718][ T4555]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   54.802786][ T4555]  ? vfs_write+0x75e/0x8d0
[   54.802808][ T4555]  ? __rcu_read_unlock+0x4f/0x70
[   54.802827][ T4555]  ? __fget_files+0x184/0x1c0
[   54.802864][ T4555]  __secure_computing+0x82/0x150
[   54.802889][ T4555]  syscall_trace_enter+0xcf/0x1e0
[   54.802922][ T4555]  do_syscall_64+0xaa/0x1a0
[   54.802943][ T4555]  ? clear_bhb_loop+0x25/0x80
[   54.803045][ T4555]  ? clear_bhb_loop+0x25/0x80
[   54.803138][ T4555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.803237][ T4555] RIP: 0033:0x7f3c4c3ae969
[   54.803256][ T4555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.803278][ T4555] RSP: 002b:00007f3c4aa17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[   54.803300][ T4555] RAX: ffffffffffffffda RBX: 00007f3c4c5d5fa0 RCX: 00007f3c4c3ae969
[   54.803314][ T4555] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[   54.803325][ T4555] RBP: 00007f3c4aa17090 R08: 0000000000000000 R09: 0000000000000000
[   54.803416][ T4555] R10: 0000000000000181 R11: 0000000000000246 R12: 0000000000000001
[   54.803429][ T4555] R13: 0000000000000000 R14: 00007f3c4c5d5fa0 R15: 00007fff8c6b3338
[   54.803452][ T4555]  </TASK>
[   55.837673][ T4597] loop2: detected capacity change from 0 to 1024
[   55.849720][ T4597] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.328: Failed to acquire dquot type 0
[   55.861502][ T4597] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   55.876144][ T4597] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #13: comm syz.2.328: corrupted inode contents
[   55.891044][ T4597] EXT4-fs error (device loop2): ext4_dirty_inode:6103: inode #13: comm syz.2.328: mark_inode_dirty error
[   55.903256][ T4597] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #13: comm syz.2.328: corrupted inode contents
[   55.916832][ T4597] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #13: comm syz.2.328: mark_inode_dirty error
[   55.928312][ T4597] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #13: comm syz.2.328: corrupted inode contents
[   55.946757][ T4597] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[   55.957076][ T4597] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #13: comm syz.2.328: corrupted inode contents
[   55.969271][ T4597] EXT4-fs error (device loop2): ext4_truncate:4255: inode #13: comm syz.2.328: mark_inode_dirty error
[   55.970129][ T4597] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[   55.970550][ T4597] EXT4-fs (loop2): 1 truncate cleaned up
[   55.970938][ T4597] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.976001][ T4597] EXT4-fs: Ignoring removed orlov option
[   55.976085][ T4597] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   55.976166][ T4597] EXT4-fs (loop2): can't enable nombcache during remount
[   55.998864][ T4604] (unnamed net_device) (uninitialized): option miimon: invalid value (18446744073357164673)
[   55.998894][ T4604] (unnamed net_device) (uninitialized): option miimon: allowed values 0 - 2147483647
[   56.157093][ T4621] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   56.157129][ T4621] batman_adv: batadv0: Removing interface: batadv_slave_0
[   56.157598][ T4621] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   56.157620][ T4621] batman_adv: batadv0: Removing interface: batadv_slave_1
[   56.230677][ T4631] wg2: entered promiscuous mode
[   56.231777][ T4631] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check.
[   56.514808][ T4651] loop3: detected capacity change from 0 to 128
[   56.583697][ T4653] __nla_validate_parse: 43 callbacks suppressed
[   56.583718][ T4653] netlink: 16 bytes leftover after parsing attributes in process `syz.0.339'.
[   56.583739][ T4653] netlink: 16 bytes leftover after parsing attributes in process `syz.0.339'.
[   56.583756][ T4653] netlink: 16 bytes leftover after parsing attributes in process `syz.0.339'.
[   56.607879][ T4653] netlink: 16 bytes leftover after parsing attributes in process `syz.0.339'.
[   56.607902][ T4653] netlink: 16 bytes leftover after parsing attributes in process `syz.0.339'.
[   56.607916][ T4653] netlink: 16 bytes leftover after parsing attributes in process `syz.0.339'.
[   56.662160][ T4653] netlink: 16 bytes leftover after parsing attributes in process `syz.0.339'.
[   56.662186][ T4653] netlink: 16 bytes leftover after parsing attributes in process `syz.0.339'.
[   56.662220][ T4653] netlink: 16 bytes leftover after parsing attributes in process `syz.0.339'.
[   56.803234][ T3755] bio_check_eod: 214 callbacks suppressed
[   56.803303][ T3755] kworker/u8:8: attempt to access beyond end of device
[   56.803303][ T3755] loop3: rw=1, sector=153, nr_sectors = 8 limit=128
[   56.803358][ T3755] kworker/u8:8: attempt to access beyond end of device
[   56.803358][ T3755] loop3: rw=1, sector=169, nr_sectors = 8 limit=128
[   56.803462][ T3755] kworker/u8:8: attempt to access beyond end of device
[   56.803462][ T3755] loop3: rw=1, sector=185, nr_sectors = 8 limit=128
[   56.803522][ T3755] kworker/u8:8: attempt to access beyond end of device
[   56.803522][ T3755] loop3: rw=1, sector=201, nr_sectors = 8 limit=128
[   56.803552][ T3755] kworker/u8:8: attempt to access beyond end of device
[   56.803552][ T3755] loop3: rw=1, sector=217, nr_sectors = 8 limit=128
[   56.803638][ T3755] kworker/u8:8: attempt to access beyond end of device
[   56.803638][ T3755] loop3: rw=1, sector=233, nr_sectors = 8 limit=128
[   56.803675][ T3755] kworker/u8:8: attempt to access beyond end of device
[   56.803675][ T3755] loop3: rw=1, sector=249, nr_sectors = 8 limit=128
[   56.803705][ T3755] kworker/u8:8: attempt to access beyond end of device
[   56.803705][ T3755] loop3: rw=1, sector=265, nr_sectors = 8 limit=128
[   56.803805][ T3755] kworker/u8:8: attempt to access beyond end of device
[   56.803805][ T3755] loop3: rw=1, sector=281, nr_sectors = 8 limit=128
[   56.803888][ T3755] kworker/u8:8: attempt to access beyond end of device
[   56.803888][ T3755] loop3: rw=1, sector=297, nr_sectors = 8 limit=128
[   56.914816][ T4678] SELinux: failed to load policy
[   57.164697][   T29] kauditd_printk_skb: 123 callbacks suppressed
[   57.164716][   T29] audit: type=1326 audit(1746763900.022:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4701 comm="syz.3.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb9ae2e969 code=0x7ffc0000
[   57.167338][   T29] audit: type=1326 audit(1746763900.022:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4701 comm="syz.3.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7fbb9ae2e969 code=0x7ffc0000
[   57.167449][   T29] audit: type=1326 audit(1746763900.022:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4701 comm="syz.3.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb9ae2e969 code=0x7ffc0000
[   57.167622][   T29] audit: type=1326 audit(1746763900.022:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4701 comm="syz.3.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb9ae2e969 code=0x7ffc0000
[   57.216676][ T4707] loop3: detected capacity change from 0 to 512
[   57.229052][ T4707] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.345: invalid indirect mapped block 256 (level 2)
[   57.230573][ T4707] EXT4-fs (loop3): 2 truncates cleaned up
[   57.232787][ T4707] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.245576][   T29] audit: type=1326 audit(1746763900.102:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4706 comm="syz.3.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb9ae2e969 code=0x7ffc0000
[   57.245758][   T29] audit: type=1326 audit(1746763900.102:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4706 comm="syz.3.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fbb9ae2e969 code=0x7ffc0000
[   57.332742][   T29] audit: type=1326 audit(1746763900.192:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4706 comm="syz.3.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb9ae2e969 code=0x7ffc0000
[   57.332809][   T29] audit: type=1326 audit(1746763900.192:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4706 comm="syz.3.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb9ae2e969 code=0x7ffc0000
[   57.356183][   T29] audit: type=1326 audit(1746763900.202:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4706 comm="syz.3.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7fbb9ae2e969 code=0x7ffc0000
[   57.365220][   T29] audit: type=1326 audit(1746763900.212:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4706 comm="syz.3.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb9ae2e969 code=0x7ffc0000
[   57.416158][   T51] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm kworker/u8:3: bg 0: block 5: invalid block bitmap
[   57.418947][   T51] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1212 with error 28
[   57.418990][   T51] EXT4-fs (loop3): This should not happen!! Data will be lost
[   57.418990][   T51] 
[   57.419007][   T51] EXT4-fs (loop3): Total free blocks count 0
[   57.419087][   T51] EXT4-fs (loop3): Free/Dirty block details
[   57.419101][   T51] EXT4-fs (loop3): free_blocks=0
[   57.419116][   T51] EXT4-fs (loop3): dirty_blocks=1216
[   57.419136][   T51] EXT4-fs (loop3): Block reservation details
[   57.419149][   T51] EXT4-fs (loop3): i_reserved_data_blocks=1216
[   57.427376][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.620226][ T4734] loop3: detected capacity change from 0 to 2048
[   57.636382][ T4734] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.688485][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.721285][ T4746] netlink: 16 bytes leftover after parsing attributes in process `syz.3.350'.
[   57.793329][ T4757] 9pnet_fd: Insufficient options for proto=fd
[   58.507453][ T4787] loop3: detected capacity change from 0 to 1024
[   58.556905][ T4787] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   58.617367][ T4787] ext4 filesystem being mounted at /69/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.753232][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.774238][ T4801] can: request_module (can-proto-0) failed.
[   58.916579][ T4814] serio: Serial port ptm0
[   59.190506][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.293648][ T4843] loop2: detected capacity change from 0 to 2048
[   59.335777][ T4843] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.355572][ T4852] loop3: detected capacity change from 0 to 1024
[   59.369829][ T4852] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.373: Failed to acquire dquot type 0
[   59.381982][ T4852] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   59.396785][ T4852] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #13: comm syz.3.373: corrupted inode contents
[   59.410223][ T4852] EXT4-fs error (device loop3): ext4_dirty_inode:6103: inode #13: comm syz.3.373: mark_inode_dirty error
[   59.422175][ T4852] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #13: comm syz.3.373: corrupted inode contents
[   59.434740][ T4852] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #13: comm syz.3.373: mark_inode_dirty error
[   59.446909][ T4852] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #13: comm syz.3.373: corrupted inode contents
[   59.463217][ T4852] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[   59.473666][ T4852] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #13: comm syz.3.373: corrupted inode contents
[   59.485966][ T4852] EXT4-fs error (device loop3): ext4_truncate:4255: inode #13: comm syz.3.373: mark_inode_dirty error
[   59.502193][ T4852] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[   59.526873][ T4852] EXT4-fs (loop3): 1 truncate cleaned up
[   59.533319][ T4852] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   59.551737][ T4852] EXT4-fs: Ignoring removed orlov option
[   59.557766][ T4852] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   59.566561][ T4852] EXT4-fs (loop3): can't enable nombcache during remount
[   59.575516][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.734584][ T4862] netlink: 'syz.2.375': attribute type 3 has an invalid length.
[   59.767612][ T4874] 9pnet_fd: Insufficient options for proto=fd
[   59.771333][ T4862] siw: device registration error -23
[   60.109882][ T4916] loop2: detected capacity change from 0 to 2048
[   60.148043][ T4916] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   60.220711][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.330586][ T4941] netlink: 'syz.0.388': attribute type 3 has an invalid length.
[   60.367910][ T4949] loop2: detected capacity change from 0 to 256
[   60.375403][ T4927] siw: device registration error -23
[   60.420197][ T4949] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   60.449728][ T4923] siw: device registration error -23
[   60.461782][ T4958] FAULT_INJECTION: forcing a failure.
[   60.461782][ T4958] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   60.475502][ T4958] CPU: 1 UID: 0 PID: 4958 Comm: syz.0.393 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   60.475530][ T4958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   60.475543][ T4958] Call Trace:
[   60.475549][ T4958]  <TASK>
[   60.475556][ T4958]  __dump_stack+0x1d/0x30
[   60.475648][ T4958]  dump_stack_lvl+0xe8/0x140
[   60.475676][ T4958]  dump_stack+0x15/0x1b
[   60.475693][ T4958]  should_fail_ex+0x265/0x280
[   60.475725][ T4958]  should_fail+0xb/0x20
[   60.475795][ T4958]  should_fail_usercopy+0x1a/0x20
[   60.475818][ T4958]  _copy_to_user+0x20/0xa0
[   60.475845][ T4958]  simple_read_from_buffer+0xb5/0x130
[   60.475873][ T4958]  proc_fail_nth_read+0x100/0x140
[   60.475934][ T4958]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   60.475965][ T4958]  vfs_read+0x19d/0x6f0
[   60.475995][ T4958]  ? __rcu_read_unlock+0x4f/0x70
[   60.476030][ T4958]  ? __fget_files+0x184/0x1c0
[   60.476059][ T4958]  ksys_read+0xda/0x1a0
[   60.476099][ T4958]  __x64_sys_read+0x40/0x50
[   60.476130][ T4958]  x64_sys_call+0x2d77/0x2fb0
[   60.476157][ T4958]  do_syscall_64+0xd0/0x1a0
[   60.476180][ T4958]  ? clear_bhb_loop+0x25/0x80
[   60.476259][ T4958]  ? clear_bhb_loop+0x25/0x80
[   60.476279][ T4958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.476305][ T4958] RIP: 0033:0x7fcbb17ed37c
[   60.476324][ T4958] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   60.476345][ T4958] RSP: 002b:00007fcbafe57030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   60.476369][ T4958] RAX: ffffffffffffffda RBX: 00007fcbb1a15fa0 RCX: 00007fcbb17ed37c
[   60.476385][ T4958] RDX: 000000000000000f RSI: 00007fcbafe570a0 RDI: 0000000000000006
[   60.476457][ T4958] RBP: 00007fcbafe57090 R08: 0000000000000000 R09: 0000000000000000
[   60.476472][ T4958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.476488][ T4958] R13: 0000000000000000 R14: 00007fcbb1a15fa0 R15: 00007fffa3b19d18
[   60.476512][ T4958]  </TASK>
[   60.800920][ T4973] loop4: detected capacity change from 0 to 764
[   60.836729][ T4973] ref_ctr_offset mismatch. inode: 0x746 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xa00001118
[   61.668142][ T5038] 9pnet_fd: Insufficient options for proto=fd
[   61.839010][ T5044] serio: Serial port ptm0
[   61.848534][ T5048] __nla_validate_parse: 31 callbacks suppressed
[   61.848555][ T5048] netlink: 4 bytes leftover after parsing attributes in process `syz.1.407'.
[   62.196767][ T5074] loop1: detected capacity change from 0 to 512
[   62.242120][ T5074] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.412: invalid indirect mapped block 256 (level 2)
[   62.270868][ T5074] EXT4-fs (loop1): 2 truncates cleaned up
[   62.293223][ T5074] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.358059][   T29] kauditd_printk_skb: 141 callbacks suppressed
[   62.358074][   T29] audit: type=1326 audit(1746763905.212:1121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5073 comm="syz.1.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb5a70e969 code=0x7ffc0000
[   62.478546][   T29] audit: type=1326 audit(1746763905.242:1122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5073 comm="syz.1.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb5a70e969 code=0x7ffc0000
[   62.502020][   T29] audit: type=1326 audit(1746763905.242:1123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5073 comm="syz.1.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fbb5a70e969 code=0x7ffc0000
[   62.525555][   T29] audit: type=1326 audit(1746763905.312:1124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5073 comm="syz.1.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb5a70e969 code=0x7ffc0000
[   62.548993][   T29] audit: type=1326 audit(1746763905.312:1125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5073 comm="syz.1.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb5a70e969 code=0x7ffc0000
[   62.584665][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.595817][   T29] audit: type=1326 audit(1746763905.442:1126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5073 comm="syz.1.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7fbb5a70e969 code=0x7ffc0000
[   62.619539][   T29] audit: type=1326 audit(1746763905.442:1127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5073 comm="syz.1.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb5a70e969 code=0x7ffc0000
[   62.643326][   T29] audit: type=1326 audit(1746763905.442:1128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5073 comm="syz.1.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb5a70e969 code=0x7ffc0000
[   62.666932][   T29] audit: type=1326 audit(1746763905.452:1129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5073 comm="syz.1.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbb5a70e969 code=0x7ffc0000
[   62.690298][   T29] audit: type=1326 audit(1746763905.452:1130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5073 comm="syz.1.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb5a70e969 code=0x7ffc0000
[   62.714727][ T3755] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm kworker/u8:8: bg 0: block 5: invalid block bitmap
[   62.762229][ T3755] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 600 with error 28
[   62.774726][ T3755] EXT4-fs (loop1): This should not happen!! Data will be lost
[   62.774726][ T3755] 
[   62.782799][ T5096] serio: Serial port ptm0
[   62.784394][ T3755] EXT4-fs (loop1): Total free blocks count 0
[   62.794848][ T3755] EXT4-fs (loop1): Free/Dirty block details
[   62.800805][ T3755] EXT4-fs (loop1): free_blocks=0
[   62.805846][ T3755] EXT4-fs (loop1): dirty_blocks=604
[   62.811135][ T3755] EXT4-fs (loop1): Block reservation details
[   62.817199][ T3755] EXT4-fs (loop1): i_reserved_data_blocks=604
[   62.832075][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.120662][ T5113] bond1: entered promiscuous mode
[   63.125837][ T5113] bond1: entered allmulticast mode
[   63.131228][ T5113] 8021q: adding VLAN 0 to HW filter on device bond1
[   63.149795][ T5113] bond1 (unregistering): Released all slaves
[   63.252237][ T5120] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5120 comm=syz.4.429
[   63.264777][ T5120] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5120 comm=syz.4.429
[   63.405238][ T5125] serio: Serial port ptm2
[   64.034429][ T5139] FAULT_INJECTION: forcing a failure.
[   64.034429][ T5139] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   64.047601][ T5139] CPU: 0 UID: 0 PID: 5139 Comm: syz.0.438 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   64.047683][ T5139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   64.047695][ T5139] Call Trace:
[   64.047702][ T5139]  <TASK>
[   64.047709][ T5139]  __dump_stack+0x1d/0x30
[   64.047729][ T5139]  dump_stack_lvl+0xe8/0x140
[   64.047749][ T5139]  dump_stack+0x15/0x1b
[   64.047769][ T5139]  should_fail_ex+0x265/0x280
[   64.047817][ T5139]  should_fail+0xb/0x20
[   64.047963][ T5139]  should_fail_usercopy+0x1a/0x20
[   64.047985][ T5139]  _copy_from_user+0x1c/0xb0
[   64.048008][ T5139]  bpf_test_init+0xdf/0x160
[   64.048069][ T5139]  bpf_prog_test_run_skb+0x144/0xbd0
[   64.048102][ T5139]  ? __rcu_read_unlock+0x4f/0x70
[   64.048128][ T5139]  ? __fget_files+0x184/0x1c0
[   64.048193][ T5139]  ? __rcu_read_unlock+0x4f/0x70
[   64.048289][ T5139]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[   64.048319][ T5139]  bpf_prog_test_run+0x207/0x390
[   64.048360][ T5139]  __sys_bpf+0x3dc/0x790
[   64.048404][ T5139]  __x64_sys_bpf+0x41/0x50
[   64.048460][ T5139]  x64_sys_call+0x2478/0x2fb0
[   64.048506][ T5139]  do_syscall_64+0xd0/0x1a0
[   64.048527][ T5139]  ? clear_bhb_loop+0x25/0x80
[   64.048548][ T5139]  ? clear_bhb_loop+0x25/0x80
[   64.048568][ T5139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.048592][ T5139] RIP: 0033:0x7fcbb17ee969
[   64.048651][ T5139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.048671][ T5139] RSP: 002b:00007fcbafe57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   64.048693][ T5139] RAX: ffffffffffffffda RBX: 00007fcbb1a15fa0 RCX: 00007fcbb17ee969
[   64.048724][ T5139] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[   64.048739][ T5139] RBP: 00007fcbafe57090 R08: 0000000000000000 R09: 0000000000000000
[   64.048750][ T5139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   64.048762][ T5139] R13: 0000000000000000 R14: 00007fcbb1a15fa0 R15: 00007fffa3b19d18
[   64.048785][ T5139]  </TASK>
[   64.323271][ T5141] loop2: detected capacity change from 0 to 2048
[   64.430212][ T5147] netlink: 4 bytes leftover after parsing attributes in process `syz.4.441'.
[   64.442300][ T5141] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   64.622599][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.769610][ T5168] netlink: 'syz.1.447': attribute type 2 has an invalid length.
[   64.777407][ T5168] netlink: 'syz.1.447': attribute type 1 has an invalid length.
[   64.785219][ T5168] netlink: 199820 bytes leftover after parsing attributes in process `syz.1.447'.
[   64.937695][ T5180] FAULT_INJECTION: forcing a failure.
[   64.937695][ T5180] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   64.950884][ T5180] CPU: 1 UID: 0 PID: 5180 Comm: syz.1.452 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   64.950952][ T5180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   64.950968][ T5180] Call Trace:
[   64.950975][ T5180]  <TASK>
[   64.950984][ T5180]  __dump_stack+0x1d/0x30
[   64.951071][ T5180]  dump_stack_lvl+0xe8/0x140
[   64.951096][ T5180]  dump_stack+0x15/0x1b
[   64.951116][ T5180]  should_fail_ex+0x265/0x280
[   64.951231][ T5180]  should_fail+0xb/0x20
[   64.951257][ T5180]  should_fail_usercopy+0x1a/0x20
[   64.951287][ T5180]  strncpy_from_user+0x25/0x230
[   64.951318][ T5180]  ? kmem_cache_alloc_noprof+0x186/0x310
[   64.951367][ T5180]  ? getname_flags+0x80/0x3b0
[   64.951470][ T5180]  getname_flags+0xae/0x3b0
[   64.951507][ T5180]  user_path_create+0x27/0x130
[   64.951532][ T5180]  bpf_obj_pin_user+0xe0/0x230
[   64.951570][ T5180]  bpf_obj_pin+0xac/0xd0
[   64.951629][ T5180]  __sys_bpf+0x6a7/0x790
[   64.951801][ T5180]  __x64_sys_bpf+0x41/0x50
[   64.951841][ T5180]  x64_sys_call+0x2478/0x2fb0
[   64.951943][ T5180]  do_syscall_64+0xd0/0x1a0
[   64.951966][ T5180]  ? clear_bhb_loop+0x25/0x80
[   64.951991][ T5180]  ? clear_bhb_loop+0x25/0x80
[   64.952052][ T5180]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.952071][ T5180] RIP: 0033:0x7fbb5a70e969
[   64.952084][ T5180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.952100][ T5180] RSP: 002b:00007fbb58d77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   64.952145][ T5180] RAX: ffffffffffffffda RBX: 00007fbb5a935fa0 RCX: 00007fbb5a70e969
[   64.952161][ T5180] RDX: 0000000000000018 RSI: 0000200000001340 RDI: 0000000000000006
[   64.952175][ T5180] RBP: 00007fbb58d77090 R08: 0000000000000000 R09: 0000000000000000
[   64.952189][ T5180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   64.952203][ T5180] R13: 0000000000000000 R14: 00007fbb5a935fa0 R15: 00007ffc84b3a088
[   64.952247][ T5180]  </TASK>
[   65.212281][ T5187] serio: Serial port ptm0
[   65.466249][ T5199] netlink: 'syz.3.461': attribute type 3 has an invalid length.
[   65.496673][ T5209] netlink: 12 bytes leftover after parsing attributes in process `syz.2.462'.
[   65.536568][ T5209] netlink: 56 bytes leftover after parsing attributes in process `syz.2.462'.
[   65.924258][ T5208] loop4: detected capacity change from 0 to 8192
[   65.973429][ T5232] loop3: detected capacity change from 0 to 1024
[   65.992130][ T5232] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.467: Failed to acquire dquot type 0
[   66.012813][ T5232] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   66.027548][ T5232] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #13: comm syz.3.467: corrupted inode contents
[   66.039748][ T5232] EXT4-fs error (device loop3): ext4_dirty_inode:6103: inode #13: comm syz.3.467: mark_inode_dirty error
[   66.051433][ T5232] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #13: comm syz.3.467: corrupted inode contents
[   66.063396][ T5232] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #13: comm syz.3.467: mark_inode_dirty error
[   66.074685][ T5232] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #13: comm syz.3.467: corrupted inode contents
[   66.086718][ T5232] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[   66.095692][ T5232] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #13: comm syz.3.467: corrupted inode contents
[   66.108111][ T5232] EXT4-fs error (device loop3): ext4_truncate:4255: inode #13: comm syz.3.467: mark_inode_dirty error
[   66.145810][ T5232] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[   66.170922][ T5232] EXT4-fs (loop3): 1 truncate cleaned up
[   66.177257][ T5232] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.194484][ T5232] EXT4-fs: Ignoring removed orlov option
[   66.200278][ T5232] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   66.208893][ T5232] EXT4-fs (loop3): can't enable nombcache during remount
[   67.076210][ T5295] netlink: 'syz.1.474': attribute type 3 has an invalid length.
[   67.117820][ T5310] loop2: detected capacity change from 0 to 512
[   67.128343][ T5310] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.476: invalid indirect mapped block 256 (level 2)
[   67.150145][ T5310] EXT4-fs (loop2): 2 truncates cleaned up
[   67.157092][ T5310] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.234939][ T5326] serio: Serial port ptm0
[   67.353626][   T12] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm kworker/u8:0: bg 0: block 5: invalid block bitmap
[   67.385324][   T12] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1012 with error 28
[   67.397910][   T12] EXT4-fs (loop2): This should not happen!! Data will be lost
[   67.397910][   T12] 
[   67.407712][   T12] EXT4-fs (loop2): Total free blocks count 0
[   67.413811][   T12] EXT4-fs (loop2): Free/Dirty block details
[   67.419798][   T12] EXT4-fs (loop2): free_blocks=0
[   67.424778][   T12] EXT4-fs (loop2): dirty_blocks=1016
[   67.430073][   T12] EXT4-fs (loop2): Block reservation details
[   67.436148][   T12] EXT4-fs (loop2): i_reserved_data_blocks=1016
[   67.496631][   T29] kauditd_printk_skb: 213 callbacks suppressed
[   67.496649][   T29] audit: type=1326 audit(1746763910.352:1342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5334 comm="syz.0.480" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcbb17ee969 code=0x0
[   67.543561][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.594383][ T5313] loop4: detected capacity change from 0 to 8192
[   67.632332][   T29] audit: type=1326 audit(1746763910.482:1343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5347 comm="syz.2.482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c4c3ae969 code=0x7ffc0000
[   67.691794][   T29] audit: type=1326 audit(1746763910.512:1344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5347 comm="syz.2.482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c4c3ae969 code=0x7ffc0000
[   67.715320][   T29] audit: type=1326 audit(1746763910.512:1345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5347 comm="syz.2.482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f3c4c3ae969 code=0x7ffc0000
[   67.738794][   T29] audit: type=1326 audit(1746763910.512:1346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5347 comm="syz.2.482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c4c3ae969 code=0x7ffc0000
[   67.762198][   T29] audit: type=1326 audit(1746763910.512:1347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5347 comm="syz.2.482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c4c3ae969 code=0x7ffc0000
[   67.901879][   T29] audit: type=1400 audit(1746763910.752:1348): avc:  denied  { ioctl } for  pid=5370 comm="syz.2.486" path="socket:[8756]" dev="sockfs" ino=8756 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   68.047323][ T5393] netlink: 56 bytes leftover after parsing attributes in process `syz.4.487'.
[   68.095086][   T29] audit: type=1326 audit(1746763910.952:1349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5395 comm="syz.1.488" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbb5a70e969 code=0x0
[   68.128924][ T5399] netlink: 12 bytes leftover after parsing attributes in process `syz.2.489'.
[   68.250232][   T29] audit: type=1326 audit(1746763911.102:1350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5403 comm="syz.0.491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbb17ee969 code=0x7ffc0000
[   68.273745][   T29] audit: type=1326 audit(1746763911.102:1351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5403 comm="syz.0.491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbb17ee969 code=0x7ffc0000
[   68.372947][ T5407] loop2: detected capacity change from 0 to 2048
[   68.412666][ T5407] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.466448][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.532173][ T5411] netlink: 4 bytes leftover after parsing attributes in process `syz.2.493'.
[   68.549510][ T5411] netlink: 32 bytes leftover after parsing attributes in process `syz.2.493'.
[   68.610133][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.673362][ T5423] netlink: 16 bytes leftover after parsing attributes in process `syz.3.498'.
[   68.682400][ T5423] netlink: 16 bytes leftover after parsing attributes in process `syz.3.498'.
[   68.691351][ T5423] netlink: 16 bytes leftover after parsing attributes in process `syz.3.498'.
[   68.747808][ T5423] netlink: 16 bytes leftover after parsing attributes in process `syz.3.498'.
[   68.756862][ T5423] netlink: 16 bytes leftover after parsing attributes in process `syz.3.498'.
[   68.766100][ T5423] netlink: 16 bytes leftover after parsing attributes in process `syz.3.498'.
[   68.890611][ T5441] FAULT_INJECTION: forcing a failure.
[   68.890611][ T5441] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   68.903847][ T5441] CPU: 1 UID: 0 PID: 5441 Comm: syz.2.505 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   68.903876][ T5441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   68.903888][ T5441] Call Trace:
[   68.903918][ T5441]  <TASK>
[   68.903925][ T5441]  __dump_stack+0x1d/0x30
[   68.903950][ T5441]  dump_stack_lvl+0xe8/0x140
[   68.904015][ T5441]  dump_stack+0x15/0x1b
[   68.904040][ T5441]  should_fail_ex+0x265/0x280
[   68.904077][ T5441]  should_fail+0xb/0x20
[   68.904111][ T5441]  should_fail_usercopy+0x1a/0x20
[   68.904134][ T5441]  strncpy_from_user+0x25/0x230
[   68.904165][ T5441]  ? __fget_files+0x184/0x1c0
[   68.904192][ T5441]  __se_sys_add_key+0x86/0x350
[   68.904298][ T5441]  __x64_sys_add_key+0x67/0x80
[   68.904380][ T5441]  x64_sys_call+0x1d0d/0x2fb0
[   68.904406][ T5441]  do_syscall_64+0xd0/0x1a0
[   68.904429][ T5441]  ? clear_bhb_loop+0x25/0x80
[   68.904449][ T5441]  ? clear_bhb_loop+0x25/0x80
[   68.904513][ T5441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.904613][ T5441] RIP: 0033:0x7f3c4c3ae969
[   68.904631][ T5441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.904651][ T5441] RSP: 002b:00007f3c4aa17038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[   68.904673][ T5441] RAX: ffffffffffffffda RBX: 00007f3c4c5d5fa0 RCX: 00007f3c4c3ae969
[   68.904688][ T5441] RDX: 00002000000002c0 RSI: 0000000000000000 RDI: 0000200000000100
[   68.904703][ T5441] RBP: 00007f3c4aa17090 R08: 000000003c216b23 R09: 0000000000000000
[   68.904719][ T5441] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[   68.904869][ T5441] R13: 0000000000000000 R14: 00007f3c4c5d5fa0 R15: 00007fff8c6b3338
[   68.904886][ T5441]  </TASK>
[   69.201473][ T5458] FAULT_INJECTION: forcing a failure.
[   69.201473][ T5458] name failslab, interval 1, probability 0, space 0, times 0
[   69.214281][ T5458] CPU: 0 UID: 0 PID: 5458 Comm: syz.2.510 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   69.214308][ T5458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   69.214319][ T5458] Call Trace:
[   69.214326][ T5458]  <TASK>
[   69.214335][ T5458]  __dump_stack+0x1d/0x30
[   69.214365][ T5458]  dump_stack_lvl+0xe8/0x140
[   69.214389][ T5458]  dump_stack+0x15/0x1b
[   69.214409][ T5458]  should_fail_ex+0x265/0x280
[   69.214445][ T5458]  should_failslab+0x8c/0xb0
[   69.214472][ T5458]  __kvmalloc_node_noprof+0x126/0x4d0
[   69.214538][ T5458]  ? xt_alloc_table_info+0x3b/0x80
[   69.214635][ T5458]  ? should_fail_ex+0xdb/0x280
[   69.214790][ T5458]  xt_alloc_table_info+0x3b/0x80
[   69.214816][ T5458]  do_ip6t_set_ctl+0x5a5/0x840
[   69.214853][ T5458]  nf_setsockopt+0x196/0x1b0
[   69.214895][ T5458]  ipv6_setsockopt+0x11a/0x130
[   69.214971][ T5458]  udpv6_setsockopt+0x99/0xb0
[   69.215000][ T5458]  sock_common_setsockopt+0x66/0x80
[   69.215026][ T5458]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   69.215128][ T5458]  __sys_setsockopt+0x181/0x200
[   69.215168][ T5458]  __x64_sys_setsockopt+0x64/0x80
[   69.215224][ T5458]  x64_sys_call+0x2bd5/0x2fb0
[   69.215250][ T5458]  do_syscall_64+0xd0/0x1a0
[   69.215277][ T5458]  ? clear_bhb_loop+0x25/0x80
[   69.215385][ T5458]  ? clear_bhb_loop+0x25/0x80
[   69.215425][ T5458]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.215451][ T5458] RIP: 0033:0x7f3c4c3ae969
[   69.215468][ T5458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.215485][ T5458] RSP: 002b:00007f3c4aa17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   69.215537][ T5458] RAX: ffffffffffffffda RBX: 00007f3c4c5d5fa0 RCX: 00007f3c4c3ae969
[   69.215552][ T5458] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[   69.215566][ T5458] RBP: 00007f3c4aa17090 R08: 0000000000000510 R09: 0000000000000000
[   69.215622][ T5458] R10: 0000200000000d40 R11: 0000000000000246 R12: 0000000000000001
[   69.215636][ T5458] R13: 0000000000000000 R14: 00007f3c4c5d5fa0 R15: 00007fff8c6b3338
[   69.215659][ T5458]  </TASK>
[   69.513350][ T5473] 9pnet_fd: Insufficient options for proto=fd
[   69.631572][ T5483] serio: Serial port ptm0
[   69.820930][ T5486] netlink: 'syz.0.519': attribute type 3 has an invalid length.
[   69.843255][ T5486] siw: device registration error -23
[   69.866454][ T5502] x_tables: ip6_tables: NETMAP.0 target: invalid size 40 (kernel) != (user) 0
[   69.898740][ T5504] 9pnet_fd: Insufficient options for proto=fd
[   70.013372][ T5514] loop2: detected capacity change from 0 to 764
[   70.035314][ T5514] ref_ctr_offset mismatch. inode: 0x746 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xa00001118
[   70.366965][ T5519] vhci_hcd: invalid port number 96
[   70.372183][ T5519] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   70.461369][ T5525] 9pnet_fd: Insufficient options for proto=fd
[   70.627845][ T5530] FAULT_INJECTION: forcing a failure.
[   70.627845][ T5530] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   70.641422][ T5530] CPU: 0 UID: 0 PID: 5530 Comm: syz.4.536 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   70.641487][ T5530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   70.641502][ T5530] Call Trace:
[   70.641511][ T5530]  <TASK>
[   70.641520][ T5530]  __dump_stack+0x1d/0x30
[   70.641546][ T5530]  dump_stack_lvl+0xe8/0x140
[   70.641691][ T5530]  dump_stack+0x15/0x1b
[   70.641707][ T5530]  should_fail_ex+0x265/0x280
[   70.641756][ T5530]  should_fail+0xb/0x20
[   70.641862][ T5530]  should_fail_usercopy+0x1a/0x20
[   70.641880][ T5530]  _copy_from_user+0x1c/0xb0
[   70.641899][ T5530]  restore_altstack+0x4b/0x2d0
[   70.641930][ T5530]  ? __set_task_blocked+0x23a/0x2a0
[   70.641964][ T5530]  __ia32_sys_rt_sigreturn+0xdc/0x350
[   70.642007][ T5530]  ? _raw_spin_unlock_irq+0x26/0x50
[   70.642040][ T5530]  ? signal_setup_done+0x266/0x290
[   70.642116][ T5530]  ? fpu__clear_user_states+0x3b/0x280
[   70.642186][ T5530]  ? arch_do_signal_or_restart+0x2ed/0x480
[   70.642230][ T5530]  ? __rcu_read_unlock+0x4f/0x70
[   70.642378][ T5530]  ? fpregs_assert_state_consistent+0x84/0xa0
[   70.642417][ T5530]  x64_sys_call+0x2e8a/0x2fb0
[   70.642526][ T5530]  do_syscall_64+0xd0/0x1a0
[   70.642553][ T5530]  ? clear_bhb_loop+0x25/0x80
[   70.642585][ T5530]  ? clear_bhb_loop+0x25/0x80
[   70.642639][ T5530]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.642659][ T5530] RIP: 0033:0x7f6185eeab39
[   70.642673][ T5530] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[   70.642689][ T5530] RSP: 002b:00007f61845b6a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[   70.642707][ T5530] RAX: ffffffffffffffda RBX: 00007f6186175fa0 RCX: 00007f6185eeab39
[   70.642719][ T5530] RDX: 00007f61845b6a80 RSI: 00007f61845b6bb0 RDI: 0000000000000021
[   70.642732][ T5530] RBP: 00007f61845b7090 R08: 0000000000000000 R09: 0000000000000000
[   70.642783][ T5530] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[   70.642797][ T5530] R13: 0000000000000000 R14: 00007f6186175fa0 R15: 00007fff51b7d178
[   70.642951][ T5530]  </TASK>
[   70.930871][ T5538] 9pnet_fd: Insufficient options for proto=fd
[   71.047420][ T5550] loop3: detected capacity change from 0 to 764
[   71.058137][ T5550] ref_ctr_offset mismatch. inode: 0x746 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xa00001118
[   71.151950][ T5558] xt_hashlimit: size too large, truncated to 1048576
[   71.674884][ T5583] 9pnet_fd: Insufficient options for proto=fd
[   71.920859][ T5589] loop1: detected capacity change from 0 to 512
[   71.957375][ T5601] loop4: detected capacity change from 0 to 2048
[   71.976975][ T5589] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   72.072803][ T5601] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.097137][ T5611] bond1: entered promiscuous mode
[   72.102245][ T5611] bond1: entered allmulticast mode
[   72.130286][ T5589] EXT4-fs (loop1): orphan cleanup on readonly fs
[   72.314869][ T5611] 8021q: adding VLAN 0 to HW filter on device bond1
[   72.342053][ T5589] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[   72.356789][ T5589] EXT4-fs (loop1): Cannot turn on quotas: error -22
[   72.363593][ T5589] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.554: bad orphan inode 768
[   72.375643][ T5611] bond1 (unregistering): Released all slaves
[   72.428330][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.503014][ T5589] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   72.570912][   T29] kauditd_printk_skb: 73 callbacks suppressed
[   72.570927][   T29] audit: type=1400 audit(1746763915.422:1425): avc:  denied  { create } for  pid=5588 comm="syz.1.554" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   72.665821][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.693904][   T29] audit: type=1326 audit(1746763915.552:1426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5643 comm="syz.2.573" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3c4c3ae969 code=0x0
[   72.724287][ T5646] loop3: detected capacity change from 0 to 2048
[   72.771300][ T5646] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.794312][   T29] audit: type=1400 audit(1746763915.652:1427): avc:  denied  { bind } for  pid=5656 comm="syz.0.577" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   72.876169][ T5661] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5661 comm=syz.0.577
[   72.902743][ T5658] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[   72.909405][ T5658] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   72.911077][   T29] audit: type=1400 audit(1746763915.672:1428): avc:  denied  { read } for  pid=2990 comm="acpid" name="mouse8" dev="devtmpfs" ino=709 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[   72.917565][ T5658] vhci_hcd vhci_hcd.0: Device attached
[   72.939323][   T29] audit: type=1400 audit(1746763915.672:1429): avc:  denied  { open } for  pid=2990 comm="acpid" path="/dev/input/mouse8" dev="devtmpfs" ino=709 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[   72.967692][   T29] audit: type=1400 audit(1746763915.672:1430): avc:  denied  { ioctl } for  pid=2990 comm="acpid" path="/dev/input/mouse8" dev="devtmpfs" ino=709 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[   72.992005][   T29] audit: type=1400 audit(1746763915.712:1431): avc:  denied  { connect } for  pid=5647 comm="syz.4.575" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   73.011972][   T29] audit: type=1400 audit(1746763915.712:1432): avc:  denied  { write } for  pid=5647 comm="syz.4.575" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   73.088280][ T5661] 8021q: adding VLAN 0 to HW filter on device bond1
[   73.172634][ T5665] vhci_hcd vhci_hcd.0: port 0 already used
[   73.190897][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.211811][ T5660] vhci_hcd: connection closed
[   73.212128][ T3755] vhci_hcd: stop threads
[   73.221171][ T3755] vhci_hcd: release socket
[   73.225697][ T3755] vhci_hcd: disconnect device
[   73.265410][   T29] audit: type=1400 audit(1746763916.122:1433): avc:  denied  { ioctl } for  pid=5673 comm="syz.3.580" path="socket:[9440]" dev="sockfs" ino=9440 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   73.292701][ T3372] usb 2-1: enqueue for inactive port 0
[   73.334682][   T29] audit: type=1326 audit(1746763916.162:1434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5673 comm="syz.3.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb9ae2e969 code=0x7ffc0000
[   73.369742][ T5676] __nla_validate_parse: 32 callbacks suppressed
[   73.369822][ T5676] netlink: 12 bytes leftover after parsing attributes in process `syz.3.581'.
[   73.512139][ T3372] usb 2-1: enqueue for inactive port 0
[   73.586203][ T5676] netlink: 4 bytes leftover after parsing attributes in process `syz.3.581'.
[   73.598899][ T5676] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.631162][ T5668] loop4: detected capacity change from 0 to 8192
[   73.638572][ T5676] bridge_slave_1 (unregistering): left allmulticast mode
[   73.645789][ T5676] bridge_slave_1 (unregistering): left promiscuous mode
[   73.652817][ T5676] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.805547][ T5686] netlink: 4 bytes leftover after parsing attributes in process `syz.3.585'.
[   73.846738][ T5690] netlink: 4 bytes leftover after parsing attributes in process `syz.2.586'.
[   73.945614][ T5700] serio: Serial port ptm0
[   73.966041][ T5704] netlink: 'syz.3.588': attribute type 3 has an invalid length.
[   74.019739][ T5709] 9pnet_fd: Insufficient options for proto=fd
[   74.024203][ T5706] netlink: 16 bytes leftover after parsing attributes in process `syz.4.591'.
[   74.035651][ T5706] netlink: 16 bytes leftover after parsing attributes in process `syz.4.591'.
[   74.044692][ T5706] netlink: 16 bytes leftover after parsing attributes in process `syz.4.591'.
[   74.067487][    C0] vxcan1: j1939_tp_rxtimer: 0xffff888119c60200: rx timeout, send abort
[   74.075946][    C0] vxcan1: j1939_xtp_rx_abort_one: 0xffff888119c60200: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[   74.116787][ T5711] netlink: 12 bytes leftover after parsing attributes in process `syz.3.593'.
[   74.119679][ T5706] netlink: 16 bytes leftover after parsing attributes in process `syz.4.591'.
[   74.134797][ T5706] netlink: 16 bytes leftover after parsing attributes in process `syz.4.591'.
[   74.261410][ T5698] loop2: detected capacity change from 0 to 8192
[   74.546952][ T5728] bond1: entered promiscuous mode
[   74.552137][ T5728] bond1: entered allmulticast mode
[   74.563069][ T5728] 8021q: adding VLAN 0 to HW filter on device bond1
[   74.624282][ T5728] bond1 (unregistering): Released all slaves
[   74.643198][ T3372] usb usb2-port1: attempt power cycle
[   74.752964][ T5741] bond1: entered promiscuous mode
[   74.758134][ T5741] bond1: entered allmulticast mode
[   74.798537][ T5741] 8021q: adding VLAN 0 to HW filter on device bond1
[   74.829479][ T5741] bond1 (unregistering): Released all slaves
[   74.836919][ T5752] serio: Serial port ptm0
[   74.945823][ T5758] serio: Serial port ptm1
[   75.082371][ T5761] netlink: 'syz.0.613': attribute type 3 has an invalid length.
[   75.094305][ T5761] siw: device registration error -23
[   75.379402][ T5780] serio: Serial port ptm2
[   75.830471][ T5792] loop1: detected capacity change from 0 to 2048
[   75.881100][ T5792] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.146207][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.512858][ T3372] usb usb2-port1: unable to enumerate USB device
[   76.526943][ T5826] serio: Serial port ptm0
[   76.595789][ T5829] FAULT_INJECTION: forcing a failure.
[   76.595789][ T5829] name failslab, interval 1, probability 0, space 0, times 0
[   76.608636][ T5829] CPU: 1 UID: 0 PID: 5829 Comm: syz.0.635 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   76.608711][ T5829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   76.608727][ T5829] Call Trace:
[   76.608736][ T5829]  <TASK>
[   76.608746][ T5829]  __dump_stack+0x1d/0x30
[   76.608773][ T5829]  dump_stack_lvl+0xe8/0x140
[   76.608796][ T5829]  dump_stack+0x15/0x1b
[   76.608813][ T5829]  should_fail_ex+0x265/0x280
[   76.608916][ T5829]  should_failslab+0x8c/0xb0
[   76.608954][ T5829]  __kmalloc_node_noprof+0xa9/0x410
[   76.609012][ T5829]  ? __vmalloc_node_range_noprof+0x3c5/0xdf0
[   76.609038][ T5829]  __vmalloc_node_range_noprof+0x3c5/0xdf0
[   76.609088][ T5829]  ? selinux_capable+0x1f9/0x270
[   76.609136][ T5829]  ? bpf_prog_alloc_no_stats+0x47/0x390
[   76.609235][ T5829]  __vmalloc_noprof+0x5f/0x70
[   76.609264][ T5829]  ? bpf_prog_alloc_no_stats+0x47/0x390
[   76.609372][ T5829]  bpf_prog_alloc_no_stats+0x47/0x390
[   76.609402][ T5829]  ? bpf_prog_alloc+0x2a/0x150
[   76.609437][ T5829]  bpf_prog_alloc+0x3c/0x150
[   76.609526][ T5829]  bpf_prog_load+0x514/0x1070
[   76.609614][ T5829]  ? security_bpf+0x2b/0x90
[   76.609656][ T5829]  __sys_bpf+0x51d/0x790
[   76.609698][ T5829]  __x64_sys_bpf+0x41/0x50
[   76.609798][ T5829]  x64_sys_call+0x2478/0x2fb0
[   76.609820][ T5829]  do_syscall_64+0xd0/0x1a0
[   76.609843][ T5829]  ? clear_bhb_loop+0x25/0x80
[   76.609865][ T5829]  ? clear_bhb_loop+0x25/0x80
[   76.609886][ T5829]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.609962][ T5829] RIP: 0033:0x7fcbb17ee969
[   76.609977][ T5829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.610054][ T5829] RSP: 002b:00007fcbafe57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   76.610077][ T5829] RAX: ffffffffffffffda RBX: 00007fcbb1a15fa0 RCX: 00007fcbb17ee969
[   76.610090][ T5829] RDX: 0000000000000094 RSI: 0000200000000040 RDI: 0000000000000005
[   76.610106][ T5829] RBP: 00007fcbafe57090 R08: 0000000000000000 R09: 0000000000000000
[   76.610119][ T5829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.610196][ T5829] R13: 0000000000000000 R14: 00007fcbb1a15fa0 R15: 00007fffa3b19d18
[   76.610221][ T5829]  </TASK>
[   76.610230][ T5829] syz.0.635: vmalloc error: size 4096, failed to allocated page array size 8, mode:0x500dc2(GFP_HIGHUSER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0
[   76.850021][ T5829] CPU: 1 UID: 0 PID: 5829 Comm: syz.0.635 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   76.850056][ T5829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   76.850072][ T5829] Call Trace:
[   76.850107][ T5829]  <TASK>
[   76.850115][ T5829]  __dump_stack+0x1d/0x30
[   76.850175][ T5829]  dump_stack_lvl+0xe8/0x140
[   76.850200][ T5829]  dump_stack+0x15/0x1b
[   76.850227][ T5829]  warn_alloc+0x12b/0x1a0
[   76.850255][ T5829]  ? should_failslab+0x8c/0xb0
[   76.850340][ T5829]  __vmalloc_node_range_noprof+0x455/0xdf0
[   76.850380][ T5829]  ? selinux_capable+0x1f9/0x270
[   76.850408][ T5829]  ? bpf_prog_alloc_no_stats+0x47/0x390
[   76.850488][ T5829]  __vmalloc_noprof+0x5f/0x70
[   76.850516][ T5829]  ? bpf_prog_alloc_no_stats+0x47/0x390
[   76.850641][ T5829]  bpf_prog_alloc_no_stats+0x47/0x390
[   76.850670][ T5829]  ? bpf_prog_alloc+0x2a/0x150
[   76.850704][ T5829]  bpf_prog_alloc+0x3c/0x150
[   76.850814][ T5829]  bpf_prog_load+0x514/0x1070
[   76.850861][ T5829]  ? security_bpf+0x2b/0x90
[   76.850893][ T5829]  __sys_bpf+0x51d/0x790
[   76.850928][ T5829]  __x64_sys_bpf+0x41/0x50
[   76.851090][ T5829]  x64_sys_call+0x2478/0x2fb0
[   76.851117][ T5829]  do_syscall_64+0xd0/0x1a0
[   76.851145][ T5829]  ? clear_bhb_loop+0x25/0x80
[   76.851208][ T5829]  ? clear_bhb_loop+0x25/0x80
[   76.851296][ T5829]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.851321][ T5829] RIP: 0033:0x7fcbb17ee969
[   76.851342][ T5829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.851412][ T5829] RSP: 002b:00007fcbafe57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   76.851503][ T5829] RAX: ffffffffffffffda RBX: 00007fcbb1a15fa0 RCX: 00007fcbb17ee969
[   76.851515][ T5829] RDX: 0000000000000094 RSI: 0000200000000040 RDI: 0000000000000005
[   76.851526][ T5829] RBP: 00007fcbafe57090 R08: 0000000000000000 R09: 0000000000000000
[   76.851537][ T5829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.851548][ T5829] R13: 0000000000000000 R14: 00007fcbb1a15fa0 R15: 00007fffa3b19d18
[   76.851598][ T5829]  </TASK>
[   76.851619][ T5829] Mem-Info:
[   77.066138][ T5829] active_anon:52461 inactive_anon:2 isolated_anon:0
[   77.066138][ T5829]  active_file:15081 inactive_file:10460 isolated_file:0
[   77.066138][ T5829]  unevictable:0 dirty:56 writeback:0
[   77.066138][ T5829]  slab_reclaimable:3111 slab_unreclaimable:13837
[   77.066138][ T5829]  mapped:40984 shmem:45441 pagetables:1180
[   77.066138][ T5829]  sec_pagetables:0 bounce:0
[   77.066138][ T5829]  kernel_misc_reclaimable:0
[   77.066138][ T5829]  free:1766622 free_pcp:78483 free_cma:0
[   77.111694][ T5829] Node 0 active_anon:194764kB inactive_anon:8kB active_file:60324kB inactive_file:41840kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:163936kB dirty:224kB writeback:0kB shmem:166800kB writeback_tmp:0kB kernel_stack:3008kB pagetables:4720kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   77.140962][ T5829] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   77.167959][ T5829] lowmem_reserve[]: 0 2884 7863 7863
[   77.173375][ T5829] Node 0 DMA32 free:2950036kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953568kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:0kB free_cma:0kB
[   77.201856][ T5829] lowmem_reserve[]: 0 0 4978 4978
[   77.207029][ T5829] Node 0 Normal free:4121172kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:187920kB inactive_anon:8kB active_file:60324kB inactive_file:41840kB unevictable:0kB writepending:224kB present:5242880kB managed:5098244kB mlocked:0kB bounce:0kB free_pcp:307992kB local_pcp:180868kB free_cma:0kB
[   77.237629][ T5829] lowmem_reserve[]: 0 0 0 0
[   77.242341][ T5829] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   77.245133][ T5832] loop3: detected capacity change from 0 to 764
[   77.255166][ T5829] Node 0 DMA32: 5*4kB (M) 2*8kB (M) 3*16kB (M) 4*32kB (M) 3*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2950036kB
[   77.277868][ T5829] Node 0 Normal: 475*4kB (UME) 507*8kB (UM) 245*16kB (UME) 88*32kB (UME) 129*64kB (UME) 45*128kB (UME) 124*256kB (UME) 165*512kB (UME) 109*1024kB (UME) 28*2048kB (UME) 930*4096kB (UM) = 4121172kB
[   77.297317][ T5829] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   77.306667][ T5829] 65762 total pagecache pages
[   77.311350][ T5829] 5 pages in swap cache
[   77.315713][ T5829] Free swap  = 124808kB
[   77.319951][ T5829] Total swap = 124996kB
[   77.324179][ T5829] 2097051 pages RAM
[   77.328005][ T5829] 0 pages HighMem/MovableOnly
[   77.332706][ T5829] 80258 pages reserved
[   77.380750][ T5832] ref_ctr_offset mismatch. inode: 0x746 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xa00001118
[   77.543218][ T3005] ==================================================================
[   77.551367][ T3005] BUG: KCSAN: data-race in dont_mount / lookup_fast
[   77.558014][ T3005] 
[   77.560361][ T3005] read-write to 0xffff888106feb900 of 4 bytes by task 4409 on cpu 0:
[   77.568442][ T3005]  dont_mount+0x2a/0x40
[   77.572645][ T3005]  vfs_unlink+0x28f/0x420
[   77.577009][ T3005]  do_unlinkat+0x28e/0x4c0
[   77.581529][ T3005]  __x64_sys_unlink+0x2e/0x40
[   77.586272][ T3005]  x64_sys_call+0x22a6/0x2fb0
[   77.591160][ T3005]  do_syscall_64+0xd0/0x1a0
[   77.595710][ T3005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.601646][ T3005] 
[   77.603997][ T3005] read to 0xffff888106feb900 of 4 bytes by task 3005 on cpu 1:
[   77.611565][ T3005]  lookup_fast+0xf0/0x320
[   77.615929][ T3005]  walk_component+0x3f/0x220
[   77.620706][ T3005]  path_lookupat+0xfe/0x2a0
[   77.625344][ T3005]  filename_lookup+0x147/0x340
[   77.630146][ T3005]  do_readlinkat+0x7d/0x320
[   77.634704][ T3005]  __x64_sys_readlink+0x47/0x60
[   77.639579][ T3005]  x64_sys_call+0x2cf3/0x2fb0
[   77.644279][ T3005]  do_syscall_64+0xd0/0x1a0
[   77.648796][ T3005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.654705][ T3005] 
[   77.657031][ T3005] value changed: 0x00300008 -> 0x00004008
[   77.662765][ T3005] 
[   77.665097][ T3005] Reported by Kernel Concurrency Sanitizer on:
[   77.671431][ T3005] CPU: 1 UID: 0 PID: 3005 Comm: udevd Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(voluntary) 
[   77.683507][ T3005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   77.693671][ T3005] ==================================================================
[   78.098826][ T5812] loop2: detected capacity change from 0 to 8192