last executing test programs:

42.815044107s ago: executing program 1 (id=1728):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xb, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r0}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000003c0)={'syztnl1\x00', &(0x7f0000000340)={'syztnl2\x00', <r2=>0x0, 0x10, 0x7, 0x2b02d342, 0x7fffffff, {{0xe, 0x4, 0x1, 0x6, 0x38, 0x64, 0x0, 0x2, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}, @rand_addr=0x64010100, {[@timestamp_prespec={0x44, 0x14, 0x42, 0x3, 0x2, [{@empty, 0xfff}, {@dev={0xac, 0x14, 0x14, 0x23}, 0x9}]}, @generic={0x1, 0xe, "adf589c6707b4525ffb43772"}]}}}}})
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00')
getdents64(r3, &(0x7f0000002f40)=""/4098, 0x1002)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x6, 0x101, 0x2384, 0xffffffffffffffff, 0x40, '\x00', r2, r3, 0x4, 0x5, 0x3, 0x4, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)

42.677132528s ago: executing program 1 (id=1730):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000009a01c044ab3500010000009500bebcd6ff1f0c"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000240)=ANY=[@ANYBLOB="611278000000000061134c0000000000bf2000000000000007000000180000003d030100000000009500f000000000007126000000000000bf67000000000000360602000fff07006706000020000000170200000ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffad03000000000000720400000000000014000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56b8c2b84a800ea6553f304000000815dcf00c3eebc52267b042d19"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000008000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000280)={@link_local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @val={@void, {0x8100, 0x0, 0x0, 0x2}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x2, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @opaque="a6f2138fa8a40683"}}}}}, 0x0)
syz_emit_ethernet(0xbe, &(0x7f00000001c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x1, 0x4, "9e188a80c32aa9b86ed6ce56992732d9f7fc6cda762c07530a038941764a92bb", "074336477e9205df5f47f7da965c25c746ba7f8ca07841d3da17308a6df3f54855ecedd6d8664fa125e3972a48e81039", "a562ff321beb3f036b9fd27aeff89c8e79a57a3873e0b4e6553e2c44", {"4cf02a016458a5f67aa497153eddc6a1", "9a3f9661ac468177dc130be49bdd8eb5"}}}}}}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = syz_io_uring_setup(0x19d1, &(0x7f00000003c0)={0x0, 0x0, 0x10100, 0x8000000, 0x8000000}, &(0x7f0000000080)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0xa3d, 0x0, 0x0, 0x0, 0xff39)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000001c0)='kfree\x00', r0, 0x0, 0x4}, 0x18)
mount$9p_rdma(&(0x7f0000000000), &(0x7f0000000180)='.\x00', &(0x7f0000000200), 0x800, 0x0)

42.56513639s ago: executing program 1 (id=1736):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010e7010000000000000000000000000a20000000000a03000000000000000000070000000c00044000000000000000021c000000090a010400000000000000000700000008000a4000000003"], 0x64}, 0x1, 0x0, 0x0, 0x4004001}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0xfffffffffffffe47, &(0x7f0000000080)={&(0x7f0000000100)=@newlink={0x44, 0x10, 0x40d, 0x70bd25, 0x25ffdbfc, {0x0, 0x0, 0x0, 0x0, 0x10}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_HELLO_TIME={0x8, 0x2, 0x6}, @IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x84}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x4000000000000c1, 0x0)

42.232412674s ago: executing program 1 (id=1739):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000540)={[{@nogrpid}, {@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@debug}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='tracefs\x00', 0x0, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f00000004c0)='./file0\x00')
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x18, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001300)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000c80)=@newtfilter={0x50, 0x2c, 0xd27, 0x70bd26, 0x2, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {}, {0xfff3, 0xa}}, [@filter_kind_options=@f_basic={{0xa}, {0x20, 0x2, [@TCA_BASIC_EMATCHES={0x1c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0xc, 0x1, 0x0, 0x0, {{0x7, 0x9, 0xb61c}}}]}]}]}}]}, 0x50}}, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000100)={<r5=>0x0, @dev, @broadcast}, &(0x7f0000000140)=0xc)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r2, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)={0x78, 0x0, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR={0x38, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}]}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xc}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}]}, 0x78}, 0x1, 0x0, 0x0, 0x8081}, 0x50)
syz_mount_image$ext4(&(0x7f00000004c0)='ext3\x00', &(0x7f0000000680)='./file0\x00', 0x9042, &(0x7f0000000000)={[{@usrquota}, {@errors_continue}]}, 0x21, 0x4c2, &(0x7f0000000d80)="$eJzs3cFvFF8dAPDvTLu0v1JoUQ5qVBBRNITddoGGcMKLxhASI/HkAWq7NE13u013i7RyKP+DiSSe9E/wYOLBhJN3b3rzggcTVKKhJh7WzOy2lLILDZSu2f18ksnMm7fd73s7mffdvm33BTC0zkfEdkSciIj7ETHVOZ90trjV3rLHvXr5eGHn5eOFJFqtu/9I8vrsXOz7mczJznOOR8QPvxfxk+TtuI3NrZX5arWy3imXmrW1UmNz68pybX6pslRZLZfnZudmbly9Xj6yvp6r/ebFd5dv/+j3v/vK8z9uf/tnWbMmO3X7+3GU2l0v7MXJjEbE7U8RrA9GOv050e+G8EHSiPhcRFzI7/+pGMmvJgAwyFqtqWhN7S8DAIMuzefAkrTYmQuYjDQtFttzeGdjIq3WG83LD+obq4vtubLpKKQPlquVmc5c4XQUkqw8mx+/LpcPlK9GxJmI+PnYZ3m5uFCvLvbzjQ8ADLGTB/L/v8fa+R8AGHDj/W4AAHDs5H8AGD7yPwAMH/kfAIaP/A8Aw0f+B4DhI/8DwFD5wZ072dba6Xz/9eLDzY2V+sMri5XGSrG2sVBcqK+vFZfq9aX8O3tq73u+ar2+NnstNh6VmpVGs9TY3LpXq2+sNu/l3+t9r1I4ll4BAO9y5tyzPycRsX3zs3yLfWs5yNUw2NJ+NwDom5F+NwDomw9a7csvBjAQ3MpAlyV639DzT4SeHn1bgONx6Yu95v/NDMCgM/8Pw0uWh+H1QfP/wEBotRJr/gPAkPH5P/BpPv/36QIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACDbTLfkrTYWa1jMtK0WIw4FRHTUUgeLFcrMxFxOiL+NFYYy8qz/W40APCR0r8lnfW/Lk1dnDxYeyL5z1i+j4if/vLuLx7NN5vrs9n5f+6dbz7tnC/3o/0AwPvs5undPL7r1cvHC7vbcbbnxXfai4tmcXc6W7tmNEbz/XgUImLiX0mn3Ja9Xxk5gvjbTyLiC936n+RzI9OdlU8Pxs9inzrW+Okb8dO8rr3PXovPH0FbYNg8y8afW93uvzTO5/vu9/94PkJ9vN3xb+et8S/dG/9Geox/5w8b49ofvt+z7knEl0a7xU/24ic94l88ZPy/fPmrF3rVtX4VcSm6x98fq9SsrZUam1tXlmvzS5Wlymq5PDc7N3Pj6vVyKZ+jLu3OVL/t7zcvn35X/yd6xM+v/J3Jnv3/xiH7/+v/3v/x194R/1tf7379z+b77q9/lhO/ecj48xO/7bl8dxZ/sUf/33f9Lx8y/vO/bi0e8qEAwDFobG6tzFerlXUHDvYOdt/p/b+0x8HxH/R5YAI+udc3fb9bAgAAAAAAAAAAAAAA9PIx/yFUOOSD3wg41reuAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMID+FwAA//9dptXU")

41.665239932s ago: executing program 1 (id=1744):
r0 = socket(0x28, 0x5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$usbfs(0x0, 0x800000001f7, 0x82)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000040)={0x64f, {{0xa, 0x4e24, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}, 0x3}}, {{0xa, 0x4e22, 0x7, @mcast2, 0x2}}}, 0x108)
quotactl$Q_QUOTAOFF(0xffffffff80000301, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
connect$vsock_stream(r0, &(0x7f0000000180)={0x28, 0x0, 0x0, @local}, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
connect$vsock_stream(r0, &(0x7f0000000400)={0x28, 0x0, 0x2710, @host}, 0x10)

40.939511171s ago: executing program 1 (id=1755):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), 0x0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x4, &(0x7f0000000000)='%', 0x0, 0xd01, 0x80040000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000080)={@val={0x0, 0x6003}, @void, @eth={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x4000, 0x0, 0xfc, 0x2f, 0x0, @private=0x1fe1, @multicast1}, {0xa000, 0x6558, 0xc, 0x0, @gue={{0x1, 0x0, 0x1, 0x9, 0x0, @void}}}}}}}}, 0x32)

40.882453452s ago: executing program 32 (id=1755):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), 0x0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x4, &(0x7f0000000000)='%', 0x0, 0xd01, 0x80040000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000080)={@val={0x0, 0x6003}, @void, @eth={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x4000, 0x0, 0xfc, 0x2f, 0x0, @private=0x1fe1, @multicast1}, {0xa000, 0x6558, 0xc, 0x0, @gue={{0x1, 0x0, 0x1, 0x9, 0x0, @void}}}}}}}}, 0x32)

40.316062529s ago: executing program 4 (id=1765):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'\x00', 0x5})
ioctl$TUNSETPERSIST(r0, 0x400454c9, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x334)

39.841922725s ago: executing program 4 (id=1768):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f0000000280)='./file0\x00', 0x14806, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x0, 0x700, &(0x7f0000000a40)="$eJzs3V2P21gZB/D/STJJJoWqAlStqm7ndMpKUzGkTmabKipIGOckY0jiyPbAjIS0KnRmNWqmQFskmpt2bniRli/A3d5wwYdYiQuu9lvAFUgrEBJiBUJGPrbzMnEykzadbtn/b7Qbx358zuNjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU8qi0FdyMJm7Oq3MlrBcQ4T8oFvFWNPutr4xCLof/WsfV6NtVFMOPIgYXLl+6++VcJll/TsIvAosW+Pjp4MG9fn//0Rlis1i4+NcJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJTPvfL1qGDX5nUK0owGUPWvbbrftbkvHhIvDmDvygx9EAcrsSHlw2N/fGsvnWVobh0GVlOQz48FhUPW0za0a1WqlUq1Warfrt+8YRm5qhhESxhCmIpZ+0NIbZrkncKKXkLEa/zH+JIA2iuhiB7uQqT8WGnDhoDNjeSzp/9+5pebWO97/J738ymjxFej+/1r07dqs/n9GLhJSr5C2RMyYv9jPis5I4jGeYoAHuIc++tjHoyWULSHXXrqEvBG35FLymfnTgkIXNjw4sNGBiRa+CBnPkaijhhoMvIdtNOFBogkbbSh42IMHHyo8ovJhpgomfDhwIbEBCzchUUEddWxBQqGMPTjYQRctNGDiX0EQHOBQt/tWnM/zlK1GElSZsREF5JLjbh/VOVs7q///4bNo7bj/N9j/f15Fx0Eh+vh4XgzRZ0AQX/8vaO3VZENEREREREREr4LQv30X+q/ybwMI0LTbypiIKby27IiIiIiIiIhoGQSCAq5CRHfl422I6et/IiIiIiIiInqzCf2MnQBQ0jf1i9HjUmf5JUD2HFIkIiIiIiIiopekn/y/lgcCfZf/GsRC1/9ERERERERE9Ab41dgY+7lsPMZukPxZPwNg7c8F8dHfCnBXxHFv96viyAyXmEdxzNQdAH7zirgYD9SrP/IA9DdLXRVxbRL4Z/Lbh9AnB+lj/T8PIkII90QC+ex4ATMSEGHNtVz8DR/gerTK9Xic+fuDDPSSaEThUtNuq7LltO9WYJoXM77a9X/28PDngDvczoPD/n75Rz/u39e5HIezjo/CQp9NpJNJb4xRLk/0eAv6mYu00Y1X0Uyq/HW3UxK6XiPZ/izMo8x4RfN2QG0ViLbyF1iP9tl6EMWWBsMR9wWwpgd/qJT1LpvYendFjLKonNzytB0xY8uLOosbUcyNjRvRR9ImYTkZUfxaFqiWp/fBRBbV8SxObwvx9xPtPz8LiGLYFlthFn8ICzqRxfc/ilbe6u0mw2OcJYupo4CI6HU5GPVCehDzqTH2k+4hOamdvd9BDojPcjN691EtQdx/JL37k98GUQ+VBXLx3ybSa0n6FYRn9A2hy8lHA7rnrqSc0Y3yp0EQmBeLGD+j/zcIkg0yFujdjoMgOHlG//3oHUhx2lNZ/DsIgrsV3ZP85kSv+mG4wocz6/Xa1SyKKODJ0U/0APih9/ff339YrW7VjHcN43YVK/p/FeKPLNj3EBHRlNPfsaMjMnMixLu4HpVx/f5f34mmJnq8L8W3FGi3gD7uYzN5hcBaeqklHOCb/4huQ9iMrlqB9VL0WRrIy5fuhle1w9hDkdNveNmceVWn+9IoVt/eUB3GJu8dOnkFOIrdesV7gYiI6Hytz+iHgYn+H5P9f3Gi/9/ERhSxcSX1urs0dkvhZnJ1PLykH1w4To2tnJ78t5bcGERERJ8Tyv1ElPxfCte1e+9V6vWK6W8r6TrWd6VrN1pK2l1fuda22W0p2XMd37Gctuy5KNirypPeTq/nuL5sOq7sOZ69q9/8LuNXv3uqY3Z92/J6bWV6SlpO1zctXzZsz5K9nW+3bW9buXplr6csu2lbpm87Xek5O66lylJ6So0F2g3V9e2mHU52Zc+1O6a7J7/ntHc6SjaUZ7l2z3eiApO67G7TcTu62DKChV90SERE9P/o8dPBg3v9/v6jkxOr4aV5NOcYM2KmJ/IpBXKMICIios+YUXe9wErFV5gQERERERERERERERERERERERERERERERFNOf2RvgUnVtIeFgSGc356MZ6D5xg9YjhVjsDL5vOp+0c9sN+LrJ5ZtNLkkYjBg4/nBK8O5yTNPx5zvEiluAS8cPv85QvABT0H0ZzcEg+A6edHl36MpU184yBq0VkxemHqosJwX+SW/59DOPHwd9OLRNjyQRAE81cvTLZh/uzHcw7Ao/ycXbB6yvFz3mciIjpv/wsAAP//eO06pA==")
futimesat(r3, &(0x7f0000000000)='./file1\x00', 0x0)

39.296853663s ago: executing program 4 (id=1774):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a0000000086d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f6853772b21a100efb76cba37ff3111d6847e8b9398a646717af75fc008daefba68e6222103472bc55704cdb72b4b996ed831f3b802549db3a8ffff7d34171113d806726615380fe65a6a0a72e1ac2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13f4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe363590d1f600"})
ioctl$USBDEVFS_CLEAR_HALT(r0, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
socket$inet6(0xa, 0x3, 0x3c)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000fbe000)={0x0, &(0x7f0000000100)}, 0x10)
getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="020000000400000008"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4000080)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r2, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, 0x0, 0x100, 0x70bd2c, 0x25dfdbfc, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00'}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={<r4=>0xffffffffffffffff})
syz_usb_connect(0x1, 0x24, &(0x7f0000000440)=ANY=[], 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
msgctl$IPC_SET(0x0, 0x1, 0x0)

38.616584591s ago: executing program 4 (id=1781):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000540)={[{@nogrpid}, {@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@debug}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='tracefs\x00', 0x0, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f00000004c0)='./file0\x00')
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x18, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001300)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000c80)=@newtfilter={0x50, 0x2c, 0xd27, 0x70bd26, 0x2, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {}, {0xfff3, 0xa}}, [@filter_kind_options=@f_basic={{0xa}, {0x20, 0x2, [@TCA_BASIC_EMATCHES={0x1c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0xc, 0x1, 0x0, 0x0, {{0x7, 0x9, 0xb61c}}}]}]}]}}]}, 0x50}}, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000100)={<r5=>0x0, @dev, @broadcast}, &(0x7f0000000140)=0xc)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r2, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)={0x78, 0x0, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR={0x38, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}]}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xc}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}]}, 0x78}, 0x1, 0x0, 0x0, 0x8081}, 0x50)
syz_mount_image$ext4(&(0x7f00000004c0)='ext3\x00', &(0x7f0000000680)='./file0\x00', 0x9042, &(0x7f0000000000)={[{@usrquota}, {@errors_continue}]}, 0x21, 0x4c2, &(0x7f0000000d80)="$eJzs3cFvFF8dAPDvTLu0v1JoUQ5qVBBRNITddoGGcMKLxhASI/HkAWq7NE13u013i7RyKP+DiSSe9E/wYOLBhJN3b3rzggcTVKKhJh7WzOy2lLILDZSu2f18ksnMm7fd73s7mffdvm33BTC0zkfEdkSciIj7ETHVOZ90trjV3rLHvXr5eGHn5eOFJFqtu/9I8vrsXOz7mczJznOOR8QPvxfxk+TtuI3NrZX5arWy3imXmrW1UmNz68pybX6pslRZLZfnZudmbly9Xj6yvp6r/ebFd5dv/+j3v/vK8z9uf/tnWbMmO3X7+3GU2l0v7MXJjEbE7U8RrA9GOv050e+G8EHSiPhcRFzI7/+pGMmvJgAwyFqtqWhN7S8DAIMuzefAkrTYmQuYjDQtFttzeGdjIq3WG83LD+obq4vtubLpKKQPlquVmc5c4XQUkqw8mx+/LpcPlK9GxJmI+PnYZ3m5uFCvLvbzjQ8ADLGTB/L/v8fa+R8AGHDj/W4AAHDs5H8AGD7yPwAMH/kfAIaP/A8Aw0f+B4DhI/8DwFD5wZ072dba6Xz/9eLDzY2V+sMri5XGSrG2sVBcqK+vFZfq9aX8O3tq73u+ar2+NnstNh6VmpVGs9TY3LpXq2+sNu/l3+t9r1I4ll4BAO9y5tyzPycRsX3zs3yLfWs5yNUw2NJ+NwDom5F+NwDomw9a7csvBjAQ3MpAlyV639DzT4SeHn1bgONx6Yu95v/NDMCgM/8Pw0uWh+H1QfP/wEBotRJr/gPAkPH5P/BpPv/36QIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACDbTLfkrTYWa1jMtK0WIw4FRHTUUgeLFcrMxFxOiL+NFYYy8qz/W40APCR0r8lnfW/Lk1dnDxYeyL5z1i+j4if/vLuLx7NN5vrs9n5f+6dbz7tnC/3o/0AwPvs5undPL7r1cvHC7vbcbbnxXfai4tmcXc6W7tmNEbz/XgUImLiX0mn3Ja9Xxk5gvjbTyLiC936n+RzI9OdlU8Pxs9inzrW+Okb8dO8rr3PXovPH0FbYNg8y8afW93uvzTO5/vu9/94PkJ9vN3xb+et8S/dG/9Geox/5w8b49ofvt+z7knEl0a7xU/24ic94l88ZPy/fPmrF3rVtX4VcSm6x98fq9SsrZUam1tXlmvzS5Wlymq5PDc7N3Pj6vVyKZ+jLu3OVL/t7zcvn35X/yd6xM+v/J3Jnv3/xiH7/+v/3v/x194R/1tf7379z+b77q9/lhO/ecj48xO/7bl8dxZ/sUf/33f9Lx8y/vO/bi0e8qEAwDFobG6tzFerlXUHDvYOdt/p/b+0x8HxH/R5YAI+udc3fb9bAgAAAAAAAAAAAAAA9PIx/yFUOOSD3wg41reuAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMID+FwAA//9dptXU")

38.199178777s ago: executing program 4 (id=1788):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfab, 0x0, @perf_config_ext={0x9, 0xa5d4}, 0x4c5d, 0x0, 0x0, 0x1, 0x0, 0x2, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000001c0)={'ipvlan1\x00', 0x400})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
gettid()
r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_bp={0x0, 0x13}, 0x400, 0xffffffff, 0x6, 0x7, 0x2, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
r4 = socket$rxrpc(0x21, 0x2, 0x2)
setsockopt$RXRPC_SECURITY_KEY(r4, 0x110, 0x1, &(0x7f00000000c0)='/dev/vcsu#\x00', 0xb)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$int_in(r5, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r5, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r6}], 0x2c, 0xffffffffffbffff8)
r7 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r7, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r7, 0x0, 0x0)
r9 = openat$cgroup_subtree(r8, &(0x7f0000000100), 0x2, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r10}, 0x10)
process_mrelease(0xffffffffffffffff, 0x0)
write$cgroup_subtree(r9, &(0x7f0000000040)={[{0x2b, 'cpuset'}]}, 0x8)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))
ioctl$SIOCSIFHWADDR(r1, 0x8943, &(0x7f0000000340)={'syzkaller0\x00', @random="addf601fa206"})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

37.492489845s ago: executing program 4 (id=1796):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffff000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x101}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff6ffc}]})
ustat(0x8000000000000001, &(0x7f0000000000))
syz_io_uring_setup(0x3c0c, &(0x7f0000000400)={0x0, 0xc890, 0x4002}, 0x0, 0x0)

37.475409806s ago: executing program 33 (id=1796):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffff000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x101}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff6ffc}]})
ustat(0x8000000000000001, &(0x7f0000000000))
syz_io_uring_setup(0x3c0c, &(0x7f0000000400)={0x0, 0xc890, 0x4002}, 0x0, 0x0)

21.169724736s ago: executing program 2 (id=2039):
r0 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/rt_acct\x00')
r1 = socket(0x18, 0x4, 0x0)
connect$pppoe(r1, &(0x7f0000000100)={0x18, 0x0, {0x2, @broadcast, 'vxcan1\x00'}}, 0x1e)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001640)={0x11, 0xc, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000b8ffffffb702000008000000b703000000000000850000000600"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='kfree\x00', r2, 0x0, 0x5}, 0x18)
sendfile(r1, r0, 0x0, 0x8)

21.154938497s ago: executing program 2 (id=2040):
r0 = semget$private(0x0, 0x6, 0x3b1)
semop(r0, &(0x7f0000000000)=[{0x0, 0xea, 0x1000}, {0x0, 0x0, 0x1000}], 0x2)
semctl$GETZCNT(r0, 0x0, 0xf, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='cgroup\x00')
preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000000380)=""/138, 0x8a}], 0x1, 0x131, 0x4)
write$tun(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="00000806d40058291274aaaaaaaaaa3adada3bdff65230446d6a01dc223bf74d5ac6f6ea23338faaeb0c64335f17f6dc2ceb0ae84b90ba646a98cba62975dd98836222f10a89de301df1e1a17addc9fa40167f2a02cc642a55d621a8b0b6446c1d3fbd2dc514a8138000000043c93e0e7ebd071f31f3c75f"], 0x78)

20.307187037s ago: executing program 2 (id=2054):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/59, 0x232000, 0x1000}, 0x20)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0xa, 0x2)

20.277913768s ago: executing program 2 (id=2055):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000006, 0x4132, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000940), 0xfc, 0x574, &(0x7f0000001980)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUk4gWC3qvS7INJZtuyW5KEwu2B3vxIkUQsSB69+6x+A/4VxS0UKQEPXiJzGY2XZPZNNlumm3384Fp35uZzZvvvvm+fbOzywbQt8bSfwoRL0fEN0nESMu2wcg2jq3tt/Lw+nS6JLG6+ulfSSTZuub+Sfb/oazyUkT89lXEycLmdmtLy3OlSqW8kNXH6/NXxmtLy6cuzZdmy7Ply5NTU2fempp89523uxbr6+f/+f6Tux+e+fr4yne/3D9yO4mzcTjb1hrHE7jRWhmLsew5GYqzG3ac6EJjvSTZ6wOgIwNZng9FOgaMxECW9blWR57moQG77Ms0rYE+lch/6FPNeUDz2r5L18HPjAfvr10AbY5/cO29kRhuXBsdXEn+d2WUXu+OdqH9tI1f/7xzO12i3fsQ+7vQEMAGN25GxOnBwc3jX5KNf507vY19NrbRb68/sJfupvOfN/LmP4X1+U/kzH8O5eRuJx6f/4X7XWimrXT+917u/Hf9ptXoQFZ7oTHnG0ouXqqU07HtxYg4EUP70/pERHyQfxPk88LKvdV27bfO/9Ilbb85F8yO4/7ghvnfTKleevLI1zy4GfFK7vw3We//JKf/0+fj/DbbOFa+82q7bY+Pf3et/hTxWm7/P+rMZOv7k+ON82G8eVZs9vetY7+3a3+v40/7/+DW8Y8mrfdraztv48fhf8vttnV6/u9LPmuU92XrrpXq9YWJiH3Jx5vXTz56bLPe3D+N/8Txrce/vPP/QJrY24z/1tFbrbsO7yz+3ZXGP7Oj/t954d5HX/zQrv3t9f+bjdKJbM12xr/tHuCTPHcAAAAAAADQawoRcTiSQnG9XCgUi2uf7zgaBwuVaq1+8mJ18fJMNL4rOxpDhead7pGWz0NMZJ+HbdYnN9SnIuJIRHw7cKBRL05XKzN7HTwAAAAAAAAAAAAAAAAAAAD0iEMRw3nf/0/9MZD/mDargWfRFj/5DTzn2ud/tqUbv/QE9CSv/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0L/kP/Wsn+f/zuV08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg+nD93Ll1WVx5en07rM1eXFueqV0/NlGtzxfnF6eJ0deFKcbZana2Ui9PV+cf9vUq1emViMhavjdfLtfp4bWn5wnx18XL9wqX50mz5QnnoqUQFAAAAAAAAAAAAAAAAAAAAz5ba0vJcqVIpLygodFQY7I3D6MFCoTcOo8PCXo9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDIfwEAAP//wGE62g==")
unshare(0x2c020400)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="d70a0ce48f40f27f6a0affff0020000071103300"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d40)={r0, 0xe0, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0xfffffffffffffeb9, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7c, 0x8, 0x0, 0x0}}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.swap.current\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f00000003c0), 0xfea7)
perf_event_open(&(0x7f00000007c0)={0x2, 0x80, 0x6c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x800}, 0x0, 0x0, 0x0, 0x7, 0x6, 0x0, 0x1}, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0x0)
mlock(&(0x7f0000f0b000/0x4000)=nil, 0x4000)
syz_clone(0x40800000, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x10012, r2, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000980)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0x7, 0xfffffffffffffffc}, 0x103200, 0x1, 0x840000, 0x1, 0x801, 0x1, 0x0, 0x0, 0x337b, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000003c0)=0x14)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xe, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="95000000000000001837001f6a00"/24], &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', r1, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x18)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000d80)={&(0x7f0000000d40)='mmap_lock_acquire_returned\x00', r5}, 0x10)
mincore(&(0x7f0000f0c000/0x3000)=nil, 0x3000, 0x0)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x2)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r6}, 0x18)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)

19.488733668s ago: executing program 2 (id=2070):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x2}, 0x18)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000300)={0x0, 0x7f, 0x700})

18.173254695s ago: executing program 2 (id=2082):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
request_key(0x0, 0x0, 0x0, 0x0)

18.152692605s ago: executing program 34 (id=2082):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
request_key(0x0, 0x0, 0x0, 0x0)

2.563330307s ago: executing program 3 (id=2342):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
accept$nfc_llcp(0xffffffffffffffff, &(0x7f0000000380), &(0x7f0000000400)=0x60)
setsockopt$MRT6_PIM(r0, 0x29, 0xcf, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x80, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
unlink(0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bic\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@window, @window={0x3, 0x2, 0x1}, @window={0x3, 0x3, 0x2}, @window={0x3, 0x8, 0x2}, @sack_perm, @timestamp, @sack_perm, @window={0x3, 0x9, 0x7}], 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x2}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfffffffffffffebd)
r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
getsockopt$llc_int(r3, 0x10c, 0x8, &(0x7f0000003500), &(0x7f0000003540)=0x4)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x6800, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x9c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x6c, 0x2, {{}, [@TCA_NETEM_LOSS={0x30, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x4}, @NETEM_LOSS_GI={0x18}]}, @TCA_NETEM_RATE={0x14, 0xd}, @TCA_NETEM_CORRUPT={0xc}]}}}]}, 0x9c}}, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r7, <r8=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fstat(r8, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setresuid(0x0, 0x0, r9)
sendto$inet(r0, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd03b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b900c7e982472e6aac70e5d52ca2c1bab47b1f6d00f9601e2281686c21f770ae96e0ffec4b30496d012fa00958f794cdbd721bd155cae87", 0x109e8, 0x805, 0x0, 0x6)

1.894458255s ago: executing program 6 (id=2359):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000001480)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x34)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="b3b47f", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x9, &(0x7f0000000680)=ANY=[@ANYBLOB="1808000000000000000000000000186100000e00000000000000020000008510000003000080180000000000db35e041b41fb223000001000000186b0000090000000000000002000000950085ff00"/88], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffdec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f0000000480)={@initdev, <r5=>0x0}, &(0x7f00000005c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x19, 0x1b, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000004000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014240000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018420000000000000000000000000000185900000e00000000000000b29e869307ed6fd6c9c0be54bc5b77000000001801000020696c2500000000002020207b1a762e7c2f82d161ec6ed702a8f8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300007f0000008500000006000000097e243e00000000b70200000007bbb6dd57afc97d39315da305e8eaa36b23a77009eaa400e65445ee9872ec1d8064e28892c1f498037483b89787618fc2c53de0cc00b9cdebb412390b"], &(0x7f0000000440)='GPL\x00', 0x401, 0x9e, &(0x7f0000000780)=""/158, 0x41100, 0x44, '\x00', r5, @fallback=0x4, 0xffffffffffffffff, 0x8, &(0x7f0000000840)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000880)={0x4, 0xb, 0x2, 0x7fff}, 0x10, 0x0, r2, 0xa, &(0x7f00000008c0)=[r4], &(0x7f0000000900)=[{0x4, 0x1, 0x5, 0x3}, {0x5, 0x2, 0xe, 0x6}, {0x1, 0x5, 0x10, 0x6}, {0x1, 0x4, 0x2, 0x5}, {0x1, 0x5, 0x2}, {0x3, 0x5, 0x9, 0x9}, {0x4, 0x3, 0x6, 0x6}, {0x0, 0x5, 0xf}, {0x1, 0x3, 0x5, 0x2}, {0x5, 0x5, 0xc, 0x7}], 0x10, 0x7, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="85000000130000005d0000000000000095000000000000000a621cf434b9eaafdc0a00e9bfde908990817b364e51afe9c81a97f0570759f1cae63487ff68fffffffffffe8e3932e2b7185a25a4cf8a9456aa8a701c318c67edb6e9330b53c0eeba8644311ba75411890700000000000000d8e5b1dc91c5499bea0977"], &(0x7f0000000000)='GPL\x00', 0x5, 0x487, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r6, &(0x7f0000000000)=0xfe8e, 0x12)

1.606426129s ago: executing program 3 (id=2360):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f00000006c0)={0x0, r0}, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0xe7b, 0x0, 0x2)

1.52347007s ago: executing program 3 (id=2363):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000080000000000000010000009400000007ad4160850000000f00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="a00000001900010000000000040000001c140000fe00fe"], 0xa0}}, 0x0) (fail_nth: 4)

1.420266842s ago: executing program 6 (id=2365):
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0), 0x1, 0x789, &(0x7f0000001240)="$eJzs3M9rG2caAOB3JlacH96VF/awe8kuJJBAiGzHl+RU91J6CQQCvabGHhvjsRUsObXdQJzeCoU0vrSlUNp7j70WQvoH9FYCLfTWQ6G0qXtoe1GRLCuJIylKYkeJ+zww1veNvpn3fWfkzzPgUQB/W/+v/0gihiLiYkQUm+vTiDjYaB2KWN8at3nv2lR9SaJWu/RzUt8sNmvF1r6S5uvRaGwS/4mIO4WI0+88GreyujY/mefZUrM/Ul24MlJZXTsztzA5m81mi2Pj50fPjY+fGx3ftVpPvHH+8K2vX9vY+OaL6s1jA2eSmGjUHc3adi3QA7aOSSEmdqxf3ItgfZT0MGbgOeQBAEB39ev8A81rs0IU40C3qzQXcAAAAPBSqg3WevVHzyMBAACAF0wS/c4AAAAA2Fvb/wew/WzvXj0H28lPr0bEcLv4A41niCMORSEijmwmDz1+kGxtBs9k/UZE3J5o8/nr5Ynm7kbvNw/vzh7Zbbfr889Eu/knbc0/0Wb+Gdj+7oRn1Hn+ux//QIf572KPMb785L+FjvFvVFbePdYuftKKn3SI/2aP8W9uvHer03u1zyJOtv37kzwUq8v3Q4zMzOXtfrVa6d7589TdzvVHHHkkfpI0oibd67/SY/1vb/46v94l/qnj3c//VvzBh7arfybeb+aRRsSt5mu9v7EjxvGFb796NHKyvh1/usPxb3/+X2/V/2mP9X//+eBKj0MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgIY2IoUjSUqudpqVSxNGI+HccSfNypXp6pry8OF1/L2I4CunMXJ6NRkRxq5/U+2ON9v3+2R398Yj413eHt4LO5VlpqpxP97t4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWo5GxFAkaSki0oj4rZimpVK/swIAAAB23XC/EwAAAAD2nPt/AAAA2P+e9v4/2eU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH3t4oUL9aW2ee/aVL0/fXV1eb589cx0VpkvLSxPlabKS1dKs+XybJ6VpsoLj9tfGhFj52N5ZaSaVaojldW1ywvl5cXq5bmFydnsclZ4LlUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwpIYaS5KWIiJttNO0VIr4R0QMRyGZmcuz0Yj4Z0TcLRYG6/2xficNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArqusrs1P5nm29HI3avurnJ4bkUS8AGl0aHzUPCvdxiTrEXn2Q3Nkn1JNm+GfZT9Plvz1xxyWfjf+14e5CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/qusrs1P5nm2VOl3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPRX+mMSEfXlZPHE0M53Dya/FxuvEfHWx5c+WJmsVpfG6ut/aa2vfthcf/aBDa8/zxoAAABg33vlSQZv36dv38cDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0qrK6Nj+Z59nSHjbiRr+rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnsZfAQAA//9bFLc7")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
creat(&(0x7f00000001c0)='./file1\x00', 0x2)

1.396967802s ago: executing program 7 (id=2366):
setsockopt(0xffffffffffffffff, 0x1, 0x5, &(0x7f0000000240)="83a61448", 0x4)
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040), 0x10)
listen(0xffffffffffffffff, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
io_uring_enter(0xffffffffffffffff, 0x567, 0x0, 0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, 0x0, 0x0)
sendmmsg(r1, 0x0, 0x0, 0x24008094)
recvfrom$unix(0xffffffffffffffff, &(0x7f0000000140)=""/263, 0x107, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r4=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=@newlink={0x34, 0x10, 0x3, 0x0, 0x0, {0x0, 0x0, 0x0, r4, 0x28000}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0x2}, 0x0)

1.347959052s ago: executing program 3 (id=2367):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfab, 0x0, @perf_config_ext={0x9, 0xa5d4}, 0x4c5d, 0x0, 0x0, 0x1, 0x0, 0x2, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000001c0)={'ipvlan1\x00', 0x400})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
gettid()
r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_bp={0x0, 0x13}, 0x400, 0xffffffff, 0x6, 0x7, 0x2, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x5, 0x3, &(0x7f0000000500)=ANY=[], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
r4 = socket$rxrpc(0x21, 0x2, 0x2)
setsockopt$RXRPC_SECURITY_KEY(r4, 0x110, 0x1, &(0x7f00000000c0)='/dev/vcsu#\x00', 0xb)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$int_in(r5, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r5, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r6}], 0x2c, 0xffffffffffbffff8)
r7 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r7, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r7, 0x0, 0x0)
r9 = openat$cgroup_subtree(r8, &(0x7f0000000100), 0x2, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r10}, 0x10)
process_mrelease(0xffffffffffffffff, 0x0)
write$cgroup_subtree(r9, &(0x7f0000000040)={[{0x2b, 'cpuset'}]}, 0x8)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))
ioctl$SIOCSIFHWADDR(r1, 0x8943, &(0x7f0000000340)={'syzkaller0\x00', @random="addf601fa206"})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

1.208962244s ago: executing program 7 (id=2368):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x70, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a, @void, @value}, 0x94)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)

1.120527785s ago: executing program 7 (id=2373):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f00000006c0)={0x0, r0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x40, &(0x7f0000000100), 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0xe7b, 0x0, 0x2)

1.028903726s ago: executing program 5 (id=2376):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x40d, 0x70bd25, 0x25ffdbfc, {0x0, 0x0, 0x0, 0x0, 0x10}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_HELLO_TIME={0x8, 0x2, 0x6}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x4000000000000c1, 0x0)

943.198408ms ago: executing program 5 (id=2377):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x9)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRES32], 0x5c}}, 0x0)

762.10877ms ago: executing program 0 (id=2378):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x7fffffffffffffff}, 0x18)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x0, &(0x7f0000000580), 0xfe, 0x507, &(0x7f0000001780)="$eJzs3c9vI1cdAPDvOL+cNG3S0gMgoEspLGi1TuJto6oHWE4IoUqIHkHahsQbRbHjKHZKE/aQ/g9IVOIER/4Azj1x54LgxqUckChEoM1KHIxmPMk6WXtjSGJH8ecjjea9N46/78Wa9+Kvd/0CGFm3IuIgIiYj4v2ImMvbk/yI++0jfdzjw0erR4ePVpNotd77R5JdT9ui42dSL+TPWYyIH30v4qfJs3Ebe/ubK9VqZaddnV5o1rYXGnv7dzdqK+uV9cpWuby8tLz49r23ypc21tdqk3npy5/+4eBbP0+7NZu3dI7jMrWHPnESJzUeET+4imBDMJaPZ3LYHeH/UoiIVyLi9ez+n4ux7NUEAG6yVmsuWnOddQDgpitkObCkUMpzAbNRKJRK7RzeqzFTqNYbzTsP67tba+1c2XxMFB5uVCuLea5wPiaStL6UlZ/Wy2fq9yLi5Yj4xdR0Vi+t1qtrw/zDBwBG2Atn1v9/T7XXfwDghisOuwMAwMBZ/wFg9Fj/AWD0WP8BYPQ8Xf/vD7UfAMDgeP8PAKPH+g8AI+WH776bHq2j/Puv1z7Y292sf3B3rdLYLNV2V0ur9Z3t0nq9vp59Z0/tvOer1uvbS2/G7ofz395uNBcae/sPavXdreaD7Hu9H1QmBjIqAOB5Xn7tkz8nEXHwznR2RMdeDtZquNkKw+4AMDRjw+4AMDR2+4LRdYH3+NIDcEN02aL3lGJETJ9tbLVaravrEnDFbn9B/h9GVUf+378ChhEj/w+jS/4fRlerlfS753/0+0AA4HqT4wd6fP7/Sn7+bf7hwE/Wzj7i46vsFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFxvx/v/lvK9wGejUCiVIl6MiPmYSB5uVCuLEfFSRPxpamIqrS8Nuc8AwEUV/pbk+3/dnntj9uzVyeTJVHaOiJ/96r1ffrjSbO78MW3/50l78+O8vTyM/gMA5zlep7Nzxxv5x4ePVo+PQfbn79+NiGI7/tHhZBydxB+P8excjImImPlXktfbko7cxUUcfBQRn+82/iRmsxxIe+fTs/HT2C8ONH7hVPxCdq19Tn8Xn7uEvsCo+SSdf+53u/8KcSs7d7//i9kMdXH5/Jc+1epRNgc+jX88/431mP9u9Rvjzd9/v12afvbaRxFfHI84jn3UMf8cx096xH+jz/h/+dJXXu91rfXriNvRPX5nrIVmbXuhsbd/d6O2sl5Zr2yVy8tLy4tv33urvJDlqBd6rwafvXPnpazQ5SHp+Gd6xC+eM/6v9zn+3/zn/R9/tce1NP43v9YtfiFefU78dE38Rp/xV2Z+V+x1LY2/1mP8573+d/qM/+lf95/ZNhwAGJ7G3v7mSrVa2Rlk4fgPiYEGVeivMJW/ONelP6cK17ZjmyvV7wwq1mT8Tz/Vap1u+Wy8r99hrxnjMrJuwHVwctNHxJNhdwYAAAAAAAAAAAAAAOjqSv+jUtIuDHuMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3Fz/DQAA//+sasqI")
setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)={'0000000000000000000000000000000', 0x30}, 0x7c8, 0x1) (fail_nth: 1)

690.072291ms ago: executing program 5 (id=2379):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000080)={@val={0x0, 0x6003}, @void, @eth={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x4000, 0x0, 0xfc, 0x2f, 0x0, @private=0x1fe1, @multicast1}, {0xa000, 0x6558, 0xc, 0x0, @gue={{0x1, 0x0, 0x1, 0x9, 0x0, @void}}}}}}}}, 0x32)

607.953842ms ago: executing program 6 (id=2380):
setsockopt(0xffffffffffffffff, 0x1, 0x5, &(0x7f0000000240)="83a61448", 0x4)
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040), 0x10)
listen(0xffffffffffffffff, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
io_uring_enter(0xffffffffffffffff, 0x567, 0x0, 0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000000100), 0x0, 0x24008094)
recvfrom$unix(0xffffffffffffffff, &(0x7f0000000140)=""/263, 0x107, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r4=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=@newlink={0x34, 0x10, 0x3, 0x0, 0x0, {0x0, 0x0, 0x0, r4, 0x28000}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0x2}, 0x0)

389.107695ms ago: executing program 7 (id=2381):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)

352.938425ms ago: executing program 0 (id=2382):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='mm_page_alloc\x00', r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x54}}, 0x0)

352.572775ms ago: executing program 6 (id=2383):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_bp={0x0}, 0x2, 0xffffffff, 0x6, 0x6, 0x4, 0x5, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x9)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRES32], 0x5c}}, 0x0)

305.133836ms ago: executing program 5 (id=2384):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x70, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a, @void, @value}, 0x94)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)

304.764086ms ago: executing program 7 (id=2385):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)='%-010d \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
move_mount(0xffffffffffffffff, &(0x7f0000002ec0)='./file0\x00', 0xffffffffffffffff, 0x0, 0x22)

299.414226ms ago: executing program 0 (id=2386):
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000380)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0)
getuid()
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
move_mount(0xffffffffffffffff, &(0x7f0000002ec0)='./file0\x00', 0xffffffffffffffff, 0x0, 0x22)

272.339226ms ago: executing program 0 (id=2387):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
accept$nfc_llcp(0xffffffffffffffff, &(0x7f0000000380), &(0x7f0000000400)=0x60)
setsockopt$MRT6_PIM(r0, 0x29, 0xcf, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x80, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
unlink(0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bic\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@window, @window={0x3, 0x2, 0x1}, @window={0x3, 0x3, 0x2}, @window={0x3, 0x8, 0x2}, @sack_perm, @timestamp, @sack_perm, @window={0x3, 0x9, 0x7}], 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x2}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfffffffffffffebd)
r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
getsockopt$llc_int(r3, 0x10c, 0x8, &(0x7f0000003500), &(0x7f0000003540)=0x4)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x6800, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x9c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x6c, 0x2, {{}, [@TCA_NETEM_LOSS={0x30, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x4}, @NETEM_LOSS_GI={0x18}]}, @TCA_NETEM_RATE={0x14, 0xd}, @TCA_NETEM_CORRUPT={0xc}]}}}]}, 0x9c}}, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r7}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getegid()
sendto$inet(r0, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd03b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b900c7e982472e6aac70e5d52ca2c1bab47b1f6d00f9601e2281686c21f770ae96e0ffec4b30496d012fa00958f794cdbd721bd155cae87", 0x109e8, 0x805, 0x0, 0x6)

272.088786ms ago: executing program 5 (id=2388):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000080), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)
pipe2(&(0x7f0000000040), 0x0)

249.489807ms ago: executing program 6 (id=2389):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000080), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)
pipe2(&(0x7f0000000040), 0x0)

249.069716ms ago: executing program 3 (id=2390):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f0000000280)='./file0\x00', 0x14806, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x0, 0x700, &(0x7f0000000a40)="$eJzs3V2P21gZB/D/STJJJoWqAlStqm7ndMpKUzGkTmabKipIGOckY0jiyPbAjIS0KnRmNWqmQFskmpt2bniRli/A3d5wwYdYiQuu9lvAFUgrEBJiBUJGPrbzMnEykzadbtn/b7Qbx358zuNjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU8qi0FdyMJm7Oq3MlrBcQ4T8oFvFWNPutr4xCLof/WsfV6NtVFMOPIgYXLl+6++VcJll/TsIvAosW+Pjp4MG9fn//0Rlis1i4+NcJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJTPvfL1qGDX5nUK0owGUPWvbbrftbkvHhIvDmDvygx9EAcrsSHlw2N/fGsvnWVobh0GVlOQz48FhUPW0za0a1WqlUq1Warfrt+8YRm5qhhESxhCmIpZ+0NIbZrkncKKXkLEa/zH+JIA2iuhiB7uQqT8WGnDhoDNjeSzp/9+5pebWO97/J738ymjxFej+/1r07dqs/n9GLhJSr5C2RMyYv9jPis5I4jGeYoAHuIc++tjHoyWULSHXXrqEvBG35FLymfnTgkIXNjw4sNGBiRa+CBnPkaijhhoMvIdtNOFBogkbbSh42IMHHyo8ovJhpgomfDhwIbEBCzchUUEddWxBQqGMPTjYQRctNGDiX0EQHOBQt/tWnM/zlK1GElSZsREF5JLjbh/VOVs7q///4bNo7bj/N9j/f15Fx0Eh+vh4XgzRZ0AQX/8vaO3VZENEREREREREr4LQv30X+q/ybwMI0LTbypiIKby27IiIiIiIiIhoGQSCAq5CRHfl422I6et/IiIiIiIiInqzCf2MnQBQ0jf1i9HjUmf5JUD2HFIkIiIiIiIiopekn/y/lgcCfZf/GsRC1/9ERERERERE9Ab41dgY+7lsPMZukPxZPwNg7c8F8dHfCnBXxHFv96viyAyXmEdxzNQdAH7zirgYD9SrP/IA9DdLXRVxbRL4Z/Lbh9AnB+lj/T8PIkII90QC+ex4ATMSEGHNtVz8DR/gerTK9Xic+fuDDPSSaEThUtNuq7LltO9WYJoXM77a9X/28PDngDvczoPD/n75Rz/u39e5HIezjo/CQp9NpJNJb4xRLk/0eAv6mYu00Y1X0Uyq/HW3UxK6XiPZ/izMo8x4RfN2QG0ViLbyF1iP9tl6EMWWBsMR9wWwpgd/qJT1LpvYendFjLKonNzytB0xY8uLOosbUcyNjRvRR9ImYTkZUfxaFqiWp/fBRBbV8SxObwvx9xPtPz8LiGLYFlthFn8ICzqRxfc/ilbe6u0mw2OcJYupo4CI6HU5GPVCehDzqTH2k+4hOamdvd9BDojPcjN691EtQdx/JL37k98GUQ+VBXLx3ybSa0n6FYRn9A2hy8lHA7rnrqSc0Y3yp0EQmBeLGD+j/zcIkg0yFujdjoMgOHlG//3oHUhx2lNZ/DsIgrsV3ZP85kSv+mG4wocz6/Xa1SyKKODJ0U/0APih9/ff339YrW7VjHcN43YVK/p/FeKPLNj3EBHRlNPfsaMjMnMixLu4HpVx/f5f34mmJnq8L8W3FGi3gD7uYzN5hcBaeqklHOCb/4huQ9iMrlqB9VL0WRrIy5fuhle1w9hDkdNveNmceVWn+9IoVt/eUB3GJu8dOnkFOIrdesV7gYiI6Hytz+iHgYn+H5P9f3Gi/9/ERhSxcSX1urs0dkvhZnJ1PLykH1w4To2tnJ78t5bcGERERJ8Tyv1ElPxfCte1e+9V6vWK6W8r6TrWd6VrN1pK2l1fuda22W0p2XMd37Gctuy5KNirypPeTq/nuL5sOq7sOZ69q9/8LuNXv3uqY3Z92/J6bWV6SlpO1zctXzZsz5K9nW+3bW9buXplr6csu2lbpm87Xek5O66lylJ6So0F2g3V9e2mHU52Zc+1O6a7J7/ntHc6SjaUZ7l2z3eiApO67G7TcTu62DKChV90SERE9P/o8dPBg3v9/v6jkxOr4aV5NOcYM2KmJ/IpBXKMICIios+YUXe9wErFV5gQERERERERERERERERERERERERERERERFNOf2RvgUnVtIeFgSGc356MZ6D5xg9YjhVjsDL5vOp+0c9sN+LrJ5ZtNLkkYjBg4/nBK8O5yTNPx5zvEiluAS8cPv85QvABT0H0ZzcEg+A6edHl36MpU184yBq0VkxemHqosJwX+SW/59DOPHwd9OLRNjyQRAE81cvTLZh/uzHcw7Ao/ycXbB6yvFz3mciIjpv/wsAAP//eO06pA==")
futimesat(r3, &(0x7f0000000000)='./file1\x00', 0x0)

140.490208ms ago: executing program 7 (id=2391):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000180), 0x0}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f0000000280)='./file0\x00', 0x14806, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x0, 0x700, &(0x7f0000000a40)="$eJzs3V2P21gZB/D/STJJJoWqAlStqm7ndMpKUzGkTmabKipIGOckY0jiyPbAjIS0KnRmNWqmQFskmpt2bniRli/A3d5wwYdYiQuu9lvAFUgrEBJiBUJGPrbzMnEykzadbtn/b7Qbx358zuNjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU8qi0FdyMJm7Oq3MlrBcQ4T8oFvFWNPutr4xCLof/WsfV6NtVFMOPIgYXLl+6++VcJll/TsIvAosW+Pjp4MG9fn//0Rlis1i4+NcJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJTPvfL1qGDX5nUK0owGUPWvbbrftbkvHhIvDmDvygx9EAcrsSHlw2N/fGsvnWVobh0GVlOQz48FhUPW0za0a1WqlUq1Warfrt+8YRm5qhhESxhCmIpZ+0NIbZrkncKKXkLEa/zH+JIA2iuhiB7uQqT8WGnDhoDNjeSzp/9+5pebWO97/J738ymjxFej+/1r07dqs/n9GLhJSr5C2RMyYv9jPis5I4jGeYoAHuIc++tjHoyWULSHXXrqEvBG35FLymfnTgkIXNjw4sNGBiRa+CBnPkaijhhoMvIdtNOFBogkbbSh42IMHHyo8ovJhpgomfDhwIbEBCzchUUEddWxBQqGMPTjYQRctNGDiX0EQHOBQt/tWnM/zlK1GElSZsREF5JLjbh/VOVs7q///4bNo7bj/N9j/f15Fx0Eh+vh4XgzRZ0AQX/8vaO3VZENEREREREREr4LQv30X+q/ybwMI0LTbypiIKby27IiIiIiIiIhoGQSCAq5CRHfl422I6et/IiIiIiIiInqzCf2MnQBQ0jf1i9HjUmf5JUD2HFIkIiIiIiIiopekn/y/lgcCfZf/GsRC1/9ERERERERE9Ab41dgY+7lsPMZukPxZPwNg7c8F8dHfCnBXxHFv96viyAyXmEdxzNQdAH7zirgYD9SrP/IA9DdLXRVxbRL4Z/Lbh9AnB+lj/T8PIkII90QC+ex4ATMSEGHNtVz8DR/gerTK9Xic+fuDDPSSaEThUtNuq7LltO9WYJoXM77a9X/28PDngDvczoPD/n75Rz/u39e5HIezjo/CQp9NpJNJb4xRLk/0eAv6mYu00Y1X0Uyq/HW3UxK6XiPZ/izMo8x4RfN2QG0ViLbyF1iP9tl6EMWWBsMR9wWwpgd/qJT1LpvYendFjLKonNzytB0xY8uLOosbUcyNjRvRR9ImYTkZUfxaFqiWp/fBRBbV8SxObwvx9xPtPz8LiGLYFlthFn8ICzqRxfc/ilbe6u0mw2OcJYupo4CI6HU5GPVCehDzqTH2k+4hOamdvd9BDojPcjN691EtQdx/JL37k98GUQ+VBXLx3ybSa0n6FYRn9A2hy8lHA7rnrqSc0Y3yp0EQmBeLGD+j/zcIkg0yFujdjoMgOHlG//3oHUhx2lNZ/DsIgrsV3ZP85kSv+mG4wocz6/Xa1SyKKODJ0U/0APih9/ff339YrW7VjHcN43YVK/p/FeKPLNj3EBHRlNPfsaMjMnMixLu4HpVx/f5f34mmJnq8L8W3FGi3gD7uYzN5hcBaeqklHOCb/4huQ9iMrlqB9VL0WRrIy5fuhle1w9hDkdNveNmceVWn+9IoVt/eUB3GJu8dOnkFOIrdesV7gYiI6Hytz+iHgYn+H5P9f3Gi/9/ERhSxcSX1urs0dkvhZnJ1PLykH1w4To2tnJ78t5bcGERERJ8Tyv1ElPxfCte1e+9V6vWK6W8r6TrWd6VrN1pK2l1fuda22W0p2XMd37Gctuy5KNirypPeTq/nuL5sOq7sOZ69q9/8LuNXv3uqY3Z92/J6bWV6SlpO1zctXzZsz5K9nW+3bW9buXplr6csu2lbpm87Xek5O66lylJ6So0F2g3V9e2mHU52Zc+1O6a7J7/ntHc6SjaUZ7l2z3eiApO67G7TcTu62DKChV90SERE9P/o8dPBg3v9/v6jkxOr4aV5NOcYM2KmJ/IpBXKMICIios+YUXe9wErFV5gQERERERERERERERERERERERERERERERFNOf2RvgUnVtIeFgSGc356MZ6D5xg9YjhVjsDL5vOp+0c9sN+LrJ5ZtNLkkYjBg4/nBK8O5yTNPx5zvEiluAS8cPv85QvABT0H0ZzcEg+A6edHl36MpU184yBq0VkxemHqosJwX+SW/59DOPHwd9OLRNjyQRAE81cvTLZh/uzHcw7Ao/ycXbB6yvFz3mciIjpv/wsAAP//eO06pA==")
futimesat(r2, &(0x7f0000000000)='./file1\x00', 0x0)

130.404388ms ago: executing program 0 (id=2392):
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dd"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10)
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffffffffff9, 0x1, 0x42, 0x0, 0xfffffffffff7fffd, 0x200003f})

110.741318ms ago: executing program 3 (id=2393):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f00000006c0)={0x0, r0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x40, &(0x7f0000000100), 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0xe7b, 0x0, 0x2)

83.150829ms ago: executing program 6 (id=2394):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000080)={@val={0x0, 0x6003}, @void, @eth={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x4000, 0x0, 0xfc, 0x2f, 0x0, @private=0x1fe1, @multicast1}, {0xa000, 0x6558, 0xc, 0x0, @gue={{0x1, 0x0, 0x1, 0x9, 0x0, @void}}}}}}}}, 0x32)

73.490809ms ago: executing program 0 (id=2395):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x9)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRES32], 0x5c}}, 0x0)

0s ago: executing program 5 (id=2396):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)

kernel console output (not intermixed with test programs):

 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.712082][ T8499] RSP: 002b:00007f9c83856e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  122.712105][ T8499] RAX: ffffffffffffffda RBX: 000000000000058a RCX: 00007f9c851ee969
[  122.712122][ T8499] RDX: 00007f9c83856ef0 RSI: 0000000000000000 RDI: 00007f9c85271444
[  122.712137][ T8499] RBP: 0000200000000b40 R08: 00007f9c83856bb7 R09: 00007f9c83856e40
[  122.712152][ T8499] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000005c0
[  122.712168][ T8499] R13: 00007f9c83856ef0 R14: 00007f9c83856eb0 R15: 0000200000000600
[  122.712191][ T8499]  </TASK>
[  123.028787][ T8502] syzkaller0: refused to change device tx_queue_len
[  123.061023][ T8517] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  123.108159][ T8521] syzkaller1: entered promiscuous mode
[  123.113788][ T8521] syzkaller1: entered allmulticast mode
[  123.151296][ T8523] 9pnet: Could not find request transport: rd
[  123.216911][ T8529] loop3: detected capacity change from 0 to 1024
[  123.217309][ T8532] 8021q: VLANs not supported on nlmon0
[  123.232476][ T8529] EXT4-fs: Ignoring removed nobh option
[  123.234107][ T8537] loop2: detected capacity change from 0 to 512
[  123.245182][ T8537] EXT4-fs: Ignoring removed oldalloc option
[  123.251176][ T8537] EXT4-fs: Ignoring removed mblk_io_submit option
[  123.260230][ T8529] EXT4-fs: Mount option(s) incompatible with ext2
[  123.267548][ T8537] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  123.278769][ T8537] EXT4-fs (loop2): orphan cleanup on readonly fs
[  123.286463][ T8537] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.1892: Failed to acquire dquot type 1
[  123.299395][ T8537] EXT4-fs (loop2): 1 truncate cleaned up
[  123.328541][ T8537] EXT4-fs error (device loop2): ext4_lookup:1793: inode #2: comm syz.2.1892: deleted inode referenced: 12
[  123.340879][ T8537] EXT4-fs error (device loop2): ext4_lookup:1793: inode #2: comm syz.2.1892: deleted inode referenced: 12
[  123.353654][ T8537] EXT4-fs error (device loop2): ext4_lookup:1793: inode #2: comm syz.2.1892: deleted inode referenced: 12
[  123.395093][ T8537] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  123.397117][ T8543] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1894'.
[  123.412558][ T8543] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1894'.
[  123.422074][ T8537] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  123.432079][ T8544] loop3: detected capacity change from 0 to 2048
[  123.445249][ T8545] EXT4-fs error (device loop2): ext4_lookup:1793: inode #2: comm syz.2.1892: deleted inode referenced: 12
[  123.458588][ T8537] EXT4-fs error (device loop2): __ext4_remount:6738: comm syz.2.1892: Abort forced by user
[  123.466819][ T8545] EXT4-fs (loop2): Remounting filesystem read-only
[  123.475613][ T8537] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  123.489127][ T8549] FAULT_INJECTION: forcing a failure.
[  123.489127][ T8549] name failslab, interval 1, probability 0, space 0, times 0
[  123.501826][ T8549] CPU: 1 UID: 0 PID: 8549 Comm: syz.5.1895 Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  123.501971][ T8549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  123.501988][ T8549] Call Trace:
[  123.501995][ T8549]  <TASK>
[  123.502003][ T8549]  __dump_stack+0x1d/0x30
[  123.502024][ T8549]  dump_stack_lvl+0xe8/0x140
[  123.502049][ T8549]  dump_stack+0x15/0x1b
[  123.502071][ T8549]  should_fail_ex+0x265/0x280
[  123.502117][ T8549]  should_failslab+0x8c/0xb0
[  123.502153][ T8549]  __kmalloc_noprof+0xa5/0x3e0
[  123.502221][ T8549]  ? security_sk_alloc+0x52/0x120
[  123.502334][ T8549]  security_sk_alloc+0x52/0x120
[  123.502364][ T8549]  sk_prot_alloc+0xc2/0x190
[  123.502414][ T8549]  sk_alloc+0x34/0x360
[  123.502446][ T8549]  unix_create1+0xa5/0x410
[  123.502514][ T8549]  ? release_sock+0x116/0x150
[  123.502550][ T8549]  unix_stream_connect+0x17e/0x900
[  123.502581][ T8549]  ? __pfx_unix_stream_connect+0x10/0x10
[  123.502604][ T8549]  __sys_connect+0x1ef/0x2b0
[  123.502671][ T8549]  __x64_sys_connect+0x3f/0x50
[  123.502702][ T8549]  x64_sys_call+0x1daa/0x2fb0
[  123.502802][ T8549]  do_syscall_64+0xd0/0x1a0
[  123.502831][ T8549]  ? clear_bhb_loop+0x25/0x80
[  123.502857][ T8549]  ? clear_bhb_loop+0x25/0x80
[  123.502877][ T8549]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.502939][ T8549] RIP: 0033:0x7f9c851ee969
[  123.502959][ T8549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.502981][ T8549] RSP: 002b:00007f9c83857038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  123.502999][ T8549] RAX: ffffffffffffffda RBX: 00007f9c85415fa0 RCX: 00007f9c851ee969
[  123.503011][ T8549] RDX: 000000000000006e RSI: 0000200000000080 RDI: 0000000000000005
[  123.503022][ T8549] RBP: 00007f9c83857090 R08: 0000000000000000 R09: 0000000000000000
[  123.503033][ T8549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.503085][ T8549] R13: 0000000000000000 R14: 00007f9c85415fa0 R15: 00007ffeba1b89a8
[  123.503110][ T8549]  </TASK>
[  123.503949][ T8544]  loop3: p1 < > p4
[  123.532111][ T8537] ext4 filesystem being remounted at /418/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  123.565428][ T8544] loop3: p4 size 8388608 extends beyond EOD, truncated
[  123.736778][ T3005]  loop3: p1 < > p4
[  123.741597][ T3005] loop3: p4 size 8388608 extends beyond EOD, truncated
[  123.770416][ T8554] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  123.862868][ T8562] 9pnet: Could not find request transport: rdm
[  123.870840][ T8569] program +}[@ is using a deprecated SCSI ioctl, please convert it to SG_IO
[  123.922732][ T8572] loop2: detected capacity change from 0 to 2048
[  123.985769][ T8572]  loop2: p1 < > p4
[  123.993124][ T8572] loop2: p4 size 8388608 extends beyond EOD, truncated
[  124.011526][   T29] kauditd_printk_skb: 159 callbacks suppressed
[  124.011544][   T29] audit: type=1400 audit(1747021243.375:3561): avc:  denied  { read write } for  pid=8571 comm="syz.2.1903" name="loop2p1" dev="devtmpfs" ino=1686 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  124.053580][   T29] audit: type=1400 audit(1747021243.405:3562): avc:  denied  { open } for  pid=8571 comm="syz.2.1903" path="/dev/loop2p1" dev="devtmpfs" ino=1686 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  124.099026][ T8574] loop2: detected capacity change from 0 to 512
[  124.126937][ T8574] EXT4-fs (loop2): orphan cleanup on readonly fs
[  124.147107][ T8574] EXT4-fs error (device loop2): ext4_orphan_get:1417: comm syz.2.1904: bad orphan inode 13
[  124.174894][ T8574] ext4_test_bit(bit=12, block=18) = 1
[  124.180364][ T8574] is_bad_inode(inode)=0
[  124.184559][ T8574] NEXT_ORPHAN(inode)=2130706432
[  124.189645][ T8574] max_ino=32
[  124.192945][ T8574] i_nlink=1
[  124.252497][ T8577] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1905'.
[  124.261641][ T8577] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1905'.
[  124.376004][ T8579] IPv6: Can't replace route, no match found
[  124.436004][ T8579] mmap: syz.2.1906 (8579) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  124.469304][ T8583] SELinux:  Context system_u:object_r:systemd_passwd_var_run_t:s0 is not valid (left unmapped).
[  124.480475][   T29] audit: type=1400 audit(1747021243.855:3563): avc:  denied  { relabelto } for  pid=8582 comm="syz.0.1908" name="367" dev="tmpfs" ino=1960 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:systemd_passwd_var_run_t:s0"
[  124.508174][   T29] audit: type=1400 audit(1747021243.855:3564): avc:  denied  { associate } for  pid=8582 comm="syz.0.1908" name="367" dev="tmpfs" ino=1960 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:systemd_passwd_var_run_t:s0"
[  124.594878][ T8584] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1908'.
[  124.613269][   T29] audit: type=1400 audit(1747021243.945:3565): avc:  denied  { append } for  pid=8585 comm="syz.2.1909" name="file2" dev="tmpfs" ino=2250 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  124.635981][   T29] audit: type=1400 audit(1747021243.945:3566): avc:  denied  { ioctl } for  pid=8585 comm="syz.2.1909" path="/425/file2" dev="tmpfs" ino=2250 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  124.761951][   T29] audit: type=1400 audit(1747021244.035:3567): avc:  denied  { write } for  pid=3313 comm="syz-executor" name="367" dev="tmpfs" ino=1960 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:systemd_passwd_var_run_t:s0"
[  124.789460][   T29] audit: type=1400 audit(1747021244.045:3568): avc:  denied  { remove_name } for  pid=3313 comm="syz-executor" name="binderfs" dev="tmpfs" ino=1964 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:systemd_passwd_var_run_t:s0"
[  124.818103][   T29] audit: type=1400 audit(1747021244.045:3569): avc:  denied  { rmdir } for  pid=3313 comm="syz-executor" name="367" dev="tmpfs" ino=1960 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:systemd_passwd_var_run_t:s0"
[  124.860971][ T8595] 9pnet: Could not find request transport: rdm
[  124.907926][ T8602] capability: warning: `syz.0.1916' uses 32-bit capabilities (legacy support in use)
[  124.918922][ T8600] syzkaller0: refused to change device tx_queue_len
[  124.925082][   T29] audit: type=1326 audit(1747021244.185:3570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8591 comm="syz.3.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774e8de969 code=0x7ffc0000
[  125.013193][ T8608] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1918'.
[  125.014204][ T8610] netlink: 'syz.0.1919': attribute type 10 has an invalid length.
[  125.125121][ T8621] loop0: detected capacity change from 0 to 512
[  125.147175][ T8621] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  125.184245][ T8627] loop5: detected capacity change from 0 to 1024
[  125.191603][ T8627] EXT4-fs: Ignoring removed orlov option
[  125.197486][ T8627] EXT4-fs: Ignoring removed nomblk_io_submit option
[  125.209073][ T8621] EXT4-fs (loop0): 1 truncate cleaned up
[  125.371357][ T8645] loop5: detected capacity change from 0 to 512
[  125.385371][ T8645] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  125.394529][ T8645] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  125.460840][ T8645] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended
[  125.476159][ T8657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  125.505535][ T8657] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  125.523381][ T8645] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  125.557678][ T8645] System zones: 0-2, 18-18, 34-34
[  125.563435][ T8645] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  125.578983][ T8645] EXT4-fs (loop5): 1 truncate cleaned up
[  125.753556][ T8674] loop2: detected capacity change from 0 to 512
[  125.760914][ T8673] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  125.772435][ T8673] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  125.774820][ T8676] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  125.790641][ T8676] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  125.802470][ T8676] loop3: detected capacity change from 0 to 256
[  125.814336][ T8674] ext4 filesystem being mounted at /434/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.821174][ T8676] IPVS: set_ctl: invalid protocol: 135 224.0.0.2:20000
[  125.863622][ T8676] FAULT_INJECTION: forcing a failure.
[  125.863622][ T8676] name failslab, interval 1, probability 0, space 0, times 0
[  125.876444][ T8676] CPU: 1 UID: 0 PID: 8676 Comm: syz.3.1938 Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  125.876505][ T8676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  125.876523][ T8676] Call Trace:
[  125.876530][ T8676]  <TASK>
[  125.876613][ T8676]  __dump_stack+0x1d/0x30
[  125.876641][ T8676]  dump_stack_lvl+0xe8/0x140
[  125.876666][ T8676]  dump_stack+0x15/0x1b
[  125.876688][ T8676]  should_fail_ex+0x265/0x280
[  125.876731][ T8676]  should_failslab+0x8c/0xb0
[  125.876770][ T8676]  kmem_cache_alloc_noprof+0x50/0x310
[  125.876803][ T8676]  ? audit_log_start+0x365/0x6c0
[  125.876838][ T8676]  audit_log_start+0x365/0x6c0
[  125.876908][ T8676]  audit_seccomp+0x48/0x100
[  125.876941][ T8676]  ? __seccomp_filter+0x68c/0x10d0
[  125.877043][ T8676]  __seccomp_filter+0x69d/0x10d0
[  125.877070][ T8676]  ? mas_find+0x4ea/0x610
[  125.877104][ T8676]  __secure_computing+0x82/0x150
[  125.877208][ T8676]  syscall_trace_enter+0xcf/0x1e0
[  125.877239][ T8676]  do_syscall_64+0xaa/0x1a0
[  125.877267][ T8676]  ? clear_bhb_loop+0x25/0x80
[  125.877291][ T8676]  ? clear_bhb_loop+0x25/0x80
[  125.877330][ T8676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.877356][ T8676] RIP: 0033:0x7f774e8dd37c
[  125.877370][ T8676] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  125.877387][ T8676] RSP: 002b:00007f774cf47030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  125.877410][ T8676] RAX: ffffffffffffffda RBX: 00007f774eb05fa0 RCX: 00007f774e8dd37c
[  125.877425][ T8676] RDX: 000000000000000f RSI: 00007f774cf470a0 RDI: 0000000000000008
[  125.877489][ T8676] RBP: 00007f774cf47090 R08: 0000000000000000 R09: 0000000000000000
[  125.877506][ T8676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  125.877521][ T8676] R13: 0000000000000000 R14: 00007f774eb05fa0 R15: 00007ffc99932678
[  125.877598][ T8676]  </TASK>
[  126.115652][ T8682] FAULT_INJECTION: forcing a failure.
[  126.115652][ T8682] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  126.128848][ T8682] CPU: 0 UID: 0 PID: 8682 Comm: syz.6.1940 Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  126.128943][ T8682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  126.128959][ T8682] Call Trace:
[  126.128968][ T8682]  <TASK>
[  126.128977][ T8682]  __dump_stack+0x1d/0x30
[  126.128998][ T8682]  dump_stack_lvl+0xe8/0x140
[  126.129015][ T8682]  dump_stack+0x15/0x1b
[  126.129032][ T8682]  should_fail_ex+0x265/0x280
[  126.129138][ T8682]  should_fail+0xb/0x20
[  126.129173][ T8682]  should_fail_usercopy+0x1a/0x20
[  126.129191][ T8682]  _copy_from_iter+0xcf/0xdd0
[  126.129209][ T8682]  ? __sk_mem_raise_allocated+0x214/0x9e0
[  126.129280][ T8682]  ? __sk_mem_schedule+0x80/0xc0
[  126.129310][ T8682]  tcp_sendmsg_locked+0x12f1/0x28b0
[  126.129425][ T8682]  ? __pfx_tcp_sendmsg+0x10/0x10
[  126.129456][ T8682]  tcp_sendmsg+0x2f/0x50
[  126.129482][ T8682]  inet_sendmsg+0x76/0xd0
[  126.129512][ T8682]  __sock_sendmsg+0x102/0x180
[  126.129559][ T8682]  sock_write_iter+0x165/0x1b0
[  126.129603][ T8682]  ? __pfx_sock_write_iter+0x10/0x10
[  126.129623][ T8682]  vfs_write+0x49d/0x8d0
[  126.129653][ T8682]  ksys_write+0xda/0x1a0
[  126.129686][ T8682]  __x64_sys_write+0x40/0x50
[  126.129730][ T8682]  x64_sys_call+0x2cdd/0x2fb0
[  126.129758][ T8682]  do_syscall_64+0xd0/0x1a0
[  126.129811][ T8682]  ? clear_bhb_loop+0x25/0x80
[  126.129832][ T8682]  ? clear_bhb_loop+0x25/0x80
[  126.129854][ T8682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.129874][ T8682] RIP: 0033:0x7fc9072fe969
[  126.129931][ T8682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.129952][ T8682] RSP: 002b:00007fc905967038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  126.129973][ T8682] RAX: ffffffffffffffda RBX: 00007fc907525fa0 RCX: 00007fc9072fe969
[  126.129988][ T8682] RDX: 0000000000001006 RSI: 0000200000001780 RDI: 0000000000000003
[  126.130000][ T8682] RBP: 00007fc905967090 R08: 0000000000000000 R09: 0000000000000000
[  126.130011][ T8682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  126.130025][ T8682] R13: 0000000000000000 R14: 00007fc907525fa0 R15: 00007ffff1191558
[  126.130087][ T8682]  </TASK>
[  126.409616][ T8689] loop6: detected capacity change from 0 to 2048
[  126.466772][ T8689]  loop6: p1 < > p4
[  126.471290][ T8689] loop6: p4 size 8388608 extends beyond EOD, truncated
[  126.480782][ T3005]  loop6: p1 < > p4
[  126.491582][ T3005] loop6: p4 size 8388608 extends beyond EOD, truncated
[  126.502906][   T23] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  126.515483][ T8691] loop5: detected capacity change from 0 to 1024
[  126.522826][   T23] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  126.549398][ T8691] EXT4-fs: Ignoring removed nomblk_io_submit option
[  126.558646][ T8691] EXT4-fs: Mount option(s) incompatible with ext2
[  126.635661][ T8702] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  126.644233][ T8702] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  126.688476][ T8704] loop5: detected capacity change from 0 to 2048
[  126.737753][ T8699] syzkaller0: refused to change device tx_queue_len
[  126.746225][ T8704]  loop5: p1 < > p4
[  126.750591][ T8704] loop5: p4 size 8388608 extends beyond EOD, truncated
[  126.758807][ T8712] loop0: detected capacity change from 0 to 1024
[  126.770297][ T3005]  loop5: p1 < > p4
[  126.774897][ T3005] loop5: p4 size 8388608 extends beyond EOD, truncated
[  126.799241][ T8706] vhci_hcd: invalid port number 96
[  126.804409][ T8706] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  126.829399][ T3005]  loop5: p1 < > p4
[  126.833866][ T3005] loop5: p4 size 8388608 extends beyond EOD, truncated
[  126.886153][ T8721] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  126.895405][ T8721] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  127.105534][ T8726] FAULT_INJECTION: forcing a failure.
[  127.105534][ T8726] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  127.118937][ T8726] CPU: 0 UID: 0 PID: 8726 Comm: +}[@ Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  127.118973][ T8726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  127.118990][ T8726] Call Trace:
[  127.118997][ T8726]  <TASK>
[  127.119053][ T8726]  __dump_stack+0x1d/0x30
[  127.119075][ T8726]  dump_stack_lvl+0xe8/0x140
[  127.119094][ T8726]  dump_stack+0x15/0x1b
[  127.119184][ T8726]  should_fail_ex+0x265/0x280
[  127.119225][ T8726]  should_fail+0xb/0x20
[  127.119386][ T8726]  should_fail_usercopy+0x1a/0x20
[  127.119409][ T8726]  _copy_from_user+0x1c/0xb0
[  127.119430][ T8726]  ___sys_sendmsg+0xc1/0x1d0
[  127.119462][ T8726]  __x64_sys_sendmsg+0xd4/0x160
[  127.119484][ T8726]  x64_sys_call+0x2999/0x2fb0
[  127.119590][ T8726]  do_syscall_64+0xd0/0x1a0
[  127.119617][ T8726]  ? clear_bhb_loop+0x25/0x80
[  127.119644][ T8726]  ? clear_bhb_loop+0x25/0x80
[  127.119664][ T8726]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.119746][ T8726] RIP: 0033:0x7f9c851ee969
[  127.119765][ T8726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.119788][ T8726] RSP: 002b:00007f9c83857038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  127.119811][ T8726] RAX: ffffffffffffffda RBX: 00007f9c85415fa0 RCX: 00007f9c851ee969
[  127.119834][ T8726] RDX: 0000000000000000 RSI: 0000200000000940 RDI: 0000000000000005
[  127.119846][ T8726] RBP: 00007f9c83857090 R08: 0000000000000000 R09: 0000000000000000
[  127.119858][ T8726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.119873][ T8726] R13: 0000000000000000 R14: 00007f9c85415fa0 R15: 00007ffeba1b89a8
[  127.119895][ T8726]  </TASK>
[  127.355630][ T8736] loop5: detected capacity change from 0 to 128
[  127.368853][ T8736] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.424477][ T8745] loop0: detected capacity change from 0 to 2048
[  127.436190][ T8747] SELinux: syz.3.1963 (8747) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  127.495580][ T8745]  loop0: p1 < > p4
[  127.499971][ T8745] loop0: p4 size 8388608 extends beyond EOD, truncated
[  127.505503][ T8749] FAULT_INJECTION: forcing a failure.
[  127.505503][ T8749] name fail_futex, interval 1, probability 0, space 0, times 1
[  127.519725][ T8749] CPU: 0 UID: 0 PID: 8749 Comm: syz.3.1964 Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  127.519756][ T8749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  127.519771][ T8749] Call Trace:
[  127.519777][ T8749]  <TASK>
[  127.519785][ T8749]  __dump_stack+0x1d/0x30
[  127.519815][ T8749]  dump_stack_lvl+0xe8/0x140
[  127.519842][ T8749]  dump_stack+0x15/0x1b
[  127.519861][ T8749]  should_fail_ex+0x265/0x280
[  127.519898][ T8749]  should_fail+0xb/0x20
[  127.519929][ T8749]  get_futex_key+0x167/0x750
[  127.519949][ T8749]  ? should_fail_ex+0xdb/0x280
[  127.520005][ T8749]  futex_wait_setup+0x43/0x1d0
[  127.520037][ T8749]  futex_wait_requeue_pi+0x1c4/0x6b0
[  127.520069][ T8749]  ? __pfx_futex_wake_mark+0x10/0x10
[  127.520176][ T8749]  do_futex+0x136/0x380
[  127.520249][ T8749]  __se_sys_futex+0x2ed/0x360
[  127.520280][ T8749]  __x64_sys_futex+0x78/0x90
[  127.520307][ T8749]  x64_sys_call+0x1331/0x2fb0
[  127.520360][ T8749]  do_syscall_64+0xd0/0x1a0
[  127.520382][ T8749]  ? clear_bhb_loop+0x25/0x80
[  127.520431][ T8749]  ? clear_bhb_loop+0x25/0x80
[  127.520454][ T8749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.520474][ T8749] RIP: 0033:0x7f774e8de969
[  127.520489][ T8749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.520510][ T8749] RSP: 002b:00007f774cf47038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  127.520572][ T8749] RAX: ffffffffffffffda RBX: 00007f774eb05fa0 RCX: 00007f774e8de969
[  127.520587][ T8749] RDX: 0000000000000000 RSI: 000080000000000b RDI: 000020000000cffc
[  127.520601][ T8749] RBP: 00007f774cf47090 R08: 0000200000048000 R09: 0000000000000300
[  127.520615][ T8749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.520629][ T8749] R13: 0000000000000000 R14: 00007f774eb05fa0 R15: 00007ffc99932678
[  127.520721][ T8749]  </TASK>
[  127.719628][ T3005]  loop0: p1 < > p4
[  127.724111][ T3005] loop0: p4 size 8388608 extends beyond EOD, truncated
[  127.809267][ T8752] loop3: detected capacity change from 0 to 1024
[  127.865951][ T8759] loop2: detected capacity change from 0 to 512
[  127.883731][ T8752] EXT4-fs mount: 16 callbacks suppressed
[  127.883751][ T8752] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  127.905261][ T8759] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  127.967825][ T8752] ext4 filesystem being mounted at /382/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.007512][ T8759] EXT4-fs (loop2): 1 truncate cleaned up
[  128.014192][ T8767] __nla_validate_parse: 13 callbacks suppressed
[  128.014206][ T8767] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1969'.
[  128.028217][ T8759] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.031960][ T8767] FAULT_INJECTION: forcing a failure.
[  128.031960][ T8767] name failslab, interval 1, probability 0, space 0, times 0
[  128.054306][ T8767] CPU: 0 UID: 0 PID: 8767 Comm: syz.6.1969 Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  128.054399][ T8767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  128.054411][ T8767] Call Trace:
[  128.054418][ T8767]  <TASK>
[  128.054495][ T8767]  __dump_stack+0x1d/0x30
[  128.054522][ T8767]  dump_stack_lvl+0xe8/0x140
[  128.054545][ T8767]  dump_stack+0x15/0x1b
[  128.054639][ T8767]  should_fail_ex+0x265/0x280
[  128.054680][ T8767]  should_failslab+0x8c/0xb0
[  128.054716][ T8767]  __kmalloc_noprof+0xa5/0x3e0
[  128.054733][ T8767]  ? nft_obj_init+0x3c/0x220
[  128.054783][ T8767]  ? nf_tables_updobj+0x3d/0x1a0
[  128.054816][ T8767]  nft_obj_init+0x3c/0x220
[  128.054846][ T8767]  nf_tables_updobj+0x109/0x1a0
[  128.054870][ T8767]  nf_tables_newobj+0xc8f/0xcc0
[  128.054940][ T8767]  nfnetlink_rcv+0xb96/0x1690
[  128.054998][ T8767]  netlink_unicast+0x59e/0x670
[  128.055033][ T8767]  netlink_sendmsg+0x58b/0x6b0
[  128.055066][ T8767]  ? __pfx_netlink_sendmsg+0x10/0x10
[  128.055186][ T8767]  __sock_sendmsg+0x142/0x180
[  128.055248][ T8767]  ____sys_sendmsg+0x31e/0x4e0
[  128.055274][ T8767]  ___sys_sendmsg+0x17b/0x1d0
[  128.055316][ T8767]  __x64_sys_sendmsg+0xd4/0x160
[  128.055346][ T8767]  x64_sys_call+0x2999/0x2fb0
[  128.055374][ T8767]  do_syscall_64+0xd0/0x1a0
[  128.055454][ T8767]  ? clear_bhb_loop+0x25/0x80
[  128.055476][ T8767]  ? clear_bhb_loop+0x25/0x80
[  128.055496][ T8767]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.055516][ T8767] RIP: 0033:0x7fc9072fe969
[  128.055549][ T8767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.055570][ T8767] RSP: 002b:00007fc905967038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  128.055588][ T8767] RAX: ffffffffffffffda RBX: 00007fc907525fa0 RCX: 00007fc9072fe969
[  128.055600][ T8767] RDX: 0000000004044040 RSI: 0000200000000240 RDI: 0000000000000003
[  128.055611][ T8767] RBP: 00007fc905967090 R08: 0000000000000000 R09: 0000000000000000
[  128.055663][ T8767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  128.055679][ T8767] R13: 0000000000000000 R14: 00007fc907525fa0 R15: 00007ffff1191558
[  128.055794][ T8767]  </TASK>
[  128.289624][ T8750] netlink: 132 bytes leftover after parsing attributes in process `syz.5.1960'.
[  128.290172][ T8752] EXT4-fs error (device loop3): ext4_map_blocks:709: inode #15: block 3: comm syz.3.1967: lblock 3 mapped to illegal pblock 3 (length 1)
[  128.328410][ T8752] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  128.340853][ T8752] EXT4-fs (loop3): This should not happen!! Data will be lost
[  128.340853][ T8752] 
[  128.392992][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.424250][ T8772] EXT4-fs error (device loop3): ext4_map_blocks:709: inode #15: block 1: comm syz.3.1967: lblock 1 mapped to illegal pblock 1 (length 1)
[  128.439639][ T8771] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1971'.
[  128.492167][ T8776] lo speed is unknown, defaulting to 1000
[  128.506190][ T8752] binfmt_misc: register: failed to install interpreter file ./file0
[  128.602999][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.618051][ T8119] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  128.720805][ T8791] loop6: detected capacity change from 0 to 2048
[  128.731254][ T8789] syzkaller0: refused to change device tx_queue_len
[  128.740641][ T8794] loop5: detected capacity change from 0 to 512
[  128.750407][ T8794] EXT4-fs (loop5): couldn't mount RDWR because of unsupported optional features (1000000)
[  128.760397][ T8794] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities
[  128.835166][ T8791] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.033612][ T8804] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1980'.
[  129.042774][ T8804] tipc: Invalid UDP bearer configuration
[  129.042791][ T8804] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  129.063203][ T8804] loop5: detected capacity change from 0 to 164
[  129.070168][ T8804] iso9660: Unknown parameter '0x0000000000000030'
[  129.236574][ T8248] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.315393][   T29] kauditd_printk_skb: 236 callbacks suppressed
[  129.315416][   T29] audit: type=1326 audit(1747021248.665:3805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8775 comm="syz.2.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f752819e969 code=0x7ffc0000
[  129.345333][   T29] audit: type=1326 audit(1747021248.665:3806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8775 comm="syz.2.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f752819e969 code=0x7ffc0000
[  129.452988][ T8806] loop2: detected capacity change from 0 to 256
[  129.481775][ T8806] IPVS: set_ctl: invalid protocol: 135 224.0.0.2:20000
[  129.721286][ T8810] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1983'.
[  130.359216][ T8816] loop2: detected capacity change from 0 to 1024
[  130.366135][   T29] audit: type=1400 audit(1747021249.725:3807): avc:  denied  { listen } for  pid=8818 comm="syz.6.1989" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  130.385782][   T29] audit: type=1326 audit(1747021249.725:3808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8814 comm="syz.3.1988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774e8de969 code=0x7ffc0000
[  130.409383][   T29] audit: type=1326 audit(1747021249.725:3809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8814 comm="syz.3.1988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f774e8de969 code=0x7ffc0000
[  130.432757][   T29] audit: type=1326 audit(1747021249.725:3810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8814 comm="syz.3.1988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774e8de969 code=0x7ffc0000
[  130.456336][   T29] audit: type=1326 audit(1747021249.725:3811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8814 comm="syz.3.1988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f774e8de969 code=0x7ffc0000
[  130.479797][   T29] audit: type=1326 audit(1747021249.725:3812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8814 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774e8de969 code=0x7ffc0000
[  130.502805][   T29] audit: type=1326 audit(1747021249.725:3813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8814 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f774e8de969 code=0x7ffc0000
[  130.525847][   T29] audit: type=1326 audit(1747021249.725:3814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8814 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774e8de969 code=0x7ffc0000
[  130.573409][ T8816] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.601618][ T8816] ext4 filesystem being mounted at /441/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.641606][ T8816] EXT4-fs error (device loop2): ext4_map_blocks:709: inode #15: block 3: comm syz.2.1987: lblock 3 mapped to illegal pblock 3 (length 1)
[  130.682255][ T8816] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  130.694687][ T8816] EXT4-fs (loop2): This should not happen!! Data will be lost
[  130.694687][ T8816] 
[  130.748227][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.856782][ T8845] loop0: detected capacity change from 0 to 512
[  130.872892][ T8845] EXT4-fs: dax option not supported
[  130.880892][ T8847] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1996'.
[  130.937627][ T8850] loop0: detected capacity change from 0 to 736
[  130.956847][ T8850] rock: directory entry would overflow storage
[  130.963161][ T8850] rock: sig=0x3b10, size=4, remaining=3
[  130.968960][ T8849] loop2: detected capacity change from 0 to 2048
[  131.078341][ T8849] hub 9-0:1.0: USB hub found
[  131.084170][ T8849] hub 9-0:1.0: 8 ports detected
[  131.120019][ T8853] syzkaller0: refused to change device tx_queue_len
[  131.162165][ T8856] loop6: detected capacity change from 0 to 512
[  131.169267][ T8856] EXT4-fs (loop6): couldn't mount RDWR because of unsupported optional features (1000000)
[  131.179250][ T8856] EXT4-fs (loop6): couldn't mount as ext2 due to feature incompatibilities
[  131.274096][ T8867] FAULT_INJECTION: forcing a failure.
[  131.274096][ T8867] name failslab, interval 1, probability 0, space 0, times 0
[  131.286876][ T8867] CPU: 0 UID: 0 PID: 8867 Comm: +}[@ Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  131.286965][ T8867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  131.286980][ T8867] Call Trace:
[  131.286989][ T8867]  <TASK>
[  131.287032][ T8867]  __dump_stack+0x1d/0x30
[  131.287058][ T8867]  dump_stack_lvl+0xe8/0x140
[  131.287080][ T8867]  dump_stack+0x15/0x1b
[  131.287124][ T8867]  should_fail_ex+0x265/0x280
[  131.287189][ T8867]  should_failslab+0x8c/0xb0
[  131.287217][ T8867]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  131.287296][ T8867]  ? __d_alloc+0x3d/0x350
[  131.287338][ T8867]  __d_alloc+0x3d/0x350
[  131.287397][ T8867]  ? mpol_shared_policy_init+0xbd/0x4c0
[  131.287428][ T8867]  d_alloc_pseudo+0x1e/0x80
[  131.287468][ T8867]  alloc_file_pseudo+0x71/0x160
[  131.287515][ T8867]  __shmem_file_setup+0x1b9/0x1f0
[  131.287611][ T8867]  shmem_file_setup+0x3b/0x50
[  131.287648][ T8867]  __se_sys_memfd_create+0x2c3/0x590
[  131.287681][ T8867]  __x64_sys_memfd_create+0x31/0x40
[  131.287712][ T8867]  x64_sys_call+0x122f/0x2fb0
[  131.287777][ T8867]  do_syscall_64+0xd0/0x1a0
[  131.287965][ T8867]  ? clear_bhb_loop+0x25/0x80
[  131.287990][ T8867]  ? clear_bhb_loop+0x25/0x80
[  131.288010][ T8867]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.288049][ T8867] RIP: 0033:0x7f752819e969
[  131.288064][ T8867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.288087][ T8867] RSP: 002b:00007f7526806e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  131.288110][ T8867] RAX: ffffffffffffffda RBX: 000000000000050a RCX: 00007f752819e969
[  131.288126][ T8867] RDX: 00007f7526806ef0 RSI: 0000000000000000 RDI: 00007f7528221444
[  131.288199][ T8867] RBP: 0000200000000200 R08: 00007f7526806bb7 R09: 00007f7526806e40
[  131.288214][ T8867] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0
[  131.288293][ T8867] R13: 00007f7526806ef0 R14: 00007f7526806eb0 R15: 00002000000000c0
[  131.288317][ T8867]  </TASK>
[  131.500684][ T8869] loop6: detected capacity change from 0 to 512
[  131.523311][ T8869] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  131.539915][ T8872] loop3: detected capacity change from 0 to 512
[  131.553126][ T8873] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2007'.
[  131.573678][ T8872] EXT4-fs (loop3): orphan cleanup on readonly fs
[  131.580461][ T8869] EXT4-fs (loop6): orphan cleanup on readonly fs
[  131.595150][ T8869] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 248: padding at end of block bitmap is not set
[  131.616089][ T8869] EXT4-fs error (device loop6): ext4_acquire_dquot:6935: comm +}[@: Failed to acquire dquot type 1
[  131.628392][ T8872] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.2006: bad orphan inode 13
[  131.640729][ T8869] EXT4-fs (loop6): 1 truncate cleaned up
[  131.644177][ T8872] ext4_test_bit(bit=12, block=18) = 1
[  131.651939][ T8872] is_bad_inode(inode)=0
[  131.656247][ T8872] NEXT_ORPHAN(inode)=2130706432
[  131.661162][ T8872] max_ino=32
[  131.664431][ T8872] i_nlink=1
[  131.676053][ T8869] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  131.720847][ T8879] loop5: detected capacity change from 0 to 1024
[  131.735630][ T8248] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.746764][ T8872] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  131.773190][ T8879] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.796740][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.816933][ T8879] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2009'.
[  131.830197][ T8889] loop3: detected capacity change from 0 to 512
[  131.840459][ T8879] lo: entered promiscuous mode
[  131.840470][ T8890] loop6: detected capacity change from 0 to 512
[  131.851692][ T8879] lo: entered allmulticast mode
[  131.863153][ T8889] EXT4-fs (loop3): couldn't mount RDWR because of unsupported optional features (1000000)
[  131.873243][ T8889] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  131.886506][ T8890] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.902595][ T8890] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  131.937856][ T8119] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.057359][ T8908] loop0: detected capacity change from 0 to 1024
[  132.066542][ T8906] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2018'.
[  132.086595][ T8908] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.119901][ T8908] ext4 filesystem being mounted at /389/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  132.136106][ T8908] EXT4-fs error (device loop0): ext4_map_blocks:709: inode #15: block 3: comm syz.0.2019: lblock 3 mapped to illegal pblock 3 (length 1)
[  132.150533][ T8908] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  132.162877][ T8908] EXT4-fs (loop0): This should not happen!! Data will be lost
[  132.162877][ T8908] 
[  132.198330][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.418918][ T8938] devtmpfs: Unknown parameter '��'
[  132.441687][ T8938] team0: Port device team_slave_1 removed
[  132.476878][ T8941] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  132.476878][ T8941] The task syz.0.2030 (8941) triggered the difference, watch for misbehavior.
[  132.514788][ T8941] loop0: detected capacity change from 0 to 256
[  132.537005][ T8944] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2032'.
[  132.615917][ T8949] loop2: detected capacity change from 0 to 512
[  132.622445][ T8949] journal_path: Non-blockdev passed as './file0'
[  132.628879][ T8949] EXT4-fs: error: could not find journal device path
[  132.636549][ T8951] FAULT_INJECTION: forcing a failure.
[  132.636549][ T8951] name failslab, interval 1, probability 0, space 0, times 0
[  132.649366][ T8951] CPU: 1 UID: 0 PID: 8951 Comm: syz.3.2035 Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  132.649464][ T8951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  132.649480][ T8951] Call Trace:
[  132.649489][ T8951]  <TASK>
[  132.649497][ T8951]  __dump_stack+0x1d/0x30
[  132.649525][ T8951]  dump_stack_lvl+0xe8/0x140
[  132.649553][ T8951]  dump_stack+0x15/0x1b
[  132.649573][ T8951]  should_fail_ex+0x265/0x280
[  132.649613][ T8951]  ? audit_log_d_path+0x8d/0x150
[  132.649651][ T8951]  should_failslab+0x8c/0xb0
[  132.649756][ T8951]  __kmalloc_cache_noprof+0x4c/0x320
[  132.649786][ T8951]  audit_log_d_path+0x8d/0x150
[  132.649819][ T8951]  audit_log_d_path_exe+0x42/0x70
[  132.649913][ T8951]  audit_log_task+0x1e9/0x250
[  132.649942][ T8951]  audit_seccomp+0x61/0x100
[  132.649965][ T8951]  ? __seccomp_filter+0x68c/0x10d0
[  132.650013][ T8951]  __seccomp_filter+0x69d/0x10d0
[  132.650036][ T8951]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  132.650142][ T8951]  ? vfs_write+0x75e/0x8d0
[  132.650167][ T8951]  ? __rcu_read_unlock+0x4f/0x70
[  132.650194][ T8951]  ? __fget_files+0x184/0x1c0
[  132.650368][ T8951]  __secure_computing+0x82/0x150
[  132.650388][ T8951]  syscall_trace_enter+0xcf/0x1e0
[  132.650415][ T8951]  do_syscall_64+0xaa/0x1a0
[  132.650525][ T8951]  ? clear_bhb_loop+0x25/0x80
[  132.650551][ T8951]  ? clear_bhb_loop+0x25/0x80
[  132.650571][ T8951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.650591][ T8951] RIP: 0033:0x7f774e8de969
[  132.650605][ T8951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.650697][ T8951] RSP: 002b:00007f774cf47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[  132.650721][ T8951] RAX: ffffffffffffffda RBX: 00007f774eb05fa0 RCX: 00007f774e8de969
[  132.650737][ T8951] RDX: 0000000000000000 RSI: 0000200000000800 RDI: 0000200000000540
[  132.650751][ T8951] RBP: 00007f774cf47090 R08: 0000000000000000 R09: 0000000000000000
[  132.650763][ T8951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.650780][ T8951] R13: 0000000000000000 R14: 00007f774eb05fa0 R15: 00007ffc99932678
[  132.650798][ T8951]  </TASK>
[  132.652029][ T8248] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.011514][ T8972] FAULT_INJECTION: forcing a failure.
[  133.011514][ T8972] name failslab, interval 1, probability 0, space 0, times 0
[  133.024354][ T8972] CPU: 1 UID: 0 PID: 8972 Comm: syz.5.2043 Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  133.024380][ T8972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  133.024399][ T8972] Call Trace:
[  133.024406][ T8972]  <TASK>
[  133.024470][ T8972]  __dump_stack+0x1d/0x30
[  133.024497][ T8972]  dump_stack_lvl+0xe8/0x140
[  133.024523][ T8972]  dump_stack+0x15/0x1b
[  133.024544][ T8972]  should_fail_ex+0x265/0x280
[  133.024581][ T8972]  should_failslab+0x8c/0xb0
[  133.024680][ T8972]  kmem_cache_alloc_node_noprof+0x57/0x320
[  133.024726][ T8972]  ? __alloc_skb+0x101/0x320
[  133.024756][ T8972]  __alloc_skb+0x101/0x320
[  133.024830][ T8972]  netlink_alloc_large_skb+0xba/0xf0
[  133.024869][ T8972]  netlink_sendmsg+0x3cf/0x6b0
[  133.024997][ T8972]  ? __pfx_netlink_sendmsg+0x10/0x10
[  133.025101][ T8972]  __sock_sendmsg+0x142/0x180
[  133.025126][ T8972]  ____sys_sendmsg+0x31e/0x4e0
[  133.025147][ T8972]  ___sys_sendmsg+0x17b/0x1d0
[  133.025183][ T8972]  __x64_sys_sendmsg+0xd4/0x160
[  133.025278][ T8972]  x64_sys_call+0x2999/0x2fb0
[  133.025308][ T8972]  do_syscall_64+0xd0/0x1a0
[  133.025408][ T8972]  ? clear_bhb_loop+0x25/0x80
[  133.025435][ T8972]  ? clear_bhb_loop+0x25/0x80
[  133.025541][ T8972]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.025565][ T8972] RIP: 0033:0x7f9c851ee969
[  133.025579][ T8972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.025665][ T8972] RSP: 002b:00007f9c83857038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  133.025685][ T8972] RAX: ffffffffffffffda RBX: 00007f9c85415fa0 RCX: 00007f9c851ee969
[  133.025698][ T8972] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000005
[  133.025713][ T8972] RBP: 00007f9c83857090 R08: 0000000000000000 R09: 0000000000000000
[  133.025728][ T8972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  133.025743][ T8972] R13: 0000000000000000 R14: 00007f9c85415fa0 R15: 00007ffeba1b89a8
[  133.025791][ T8972]  </TASK>
[  133.232300][ T8971] loop6: detected capacity change from 0 to 1024
[  133.276355][ T8974] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  133.293776][ T8978] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  133.303068][ T8974] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  133.311539][ T8978] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  133.321680][ T8971] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.339055][ T8971] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4113: comm syz.6.2044: Allocating blocks 385-513 which overlap fs metadata
[  133.357001][ T8971] EXT4-fs (loop6): pa ffff888106dbe230: logic 16, phys. 129, len 24
[  133.365126][ T8971] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  133.448103][ T8984] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  133.471668][ T8248] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.490420][ T8984] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  133.525829][ T8988] loop6: detected capacity change from 0 to 512
[  133.533679][ T8988] EXT4-fs (loop6): orphan cleanup on readonly fs
[  133.540765][ T8988] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2051: bg 0: block 248: padding at end of block bitmap is not set
[  133.558175][ T8988] EXT4-fs error (device loop6): ext4_acquire_dquot:6935: comm syz.6.2051: Failed to acquire dquot type 1
[  133.570322][ T8988] EXT4-fs (loop6): 1 truncate cleaned up
[  133.577206][ T8988] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  133.600831][ T8248] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.645576][ T8993] lo speed is unknown, defaulting to 1000
[  133.872252][ T8999] loop2: detected capacity change from 0 to 1024
[  133.891320][ T9001] __nla_validate_parse: 2 callbacks suppressed
[  133.891337][ T9001] netlink: 76 bytes leftover after parsing attributes in process `syz.6.2057'.
[  133.910315][ T8999] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.934437][ T9007] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  133.944033][ T9007] siw: device registration error -23
[  134.088404][ T9021] netlink: 'syz.0.2062': attribute type 10 has an invalid length.
[  134.143604][ T8999] lo speed is unknown, defaulting to 1000
[  134.209182][ T9035] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  134.218192][ T9035] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  134.295011][ T9039] FAULT_INJECTION: forcing a failure.
[  134.295011][ T9039] name failslab, interval 1, probability 0, space 0, times 0
[  134.307798][ T9039] CPU: 1 UID: 0 PID: 9039 Comm: +}[@ Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  134.307853][ T9039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  134.307894][ T9039] Call Trace:
[  134.307901][ T9039]  <TASK>
[  134.307909][ T9039]  __dump_stack+0x1d/0x30
[  134.307935][ T9039]  dump_stack_lvl+0xe8/0x140
[  134.307953][ T9039]  dump_stack+0x15/0x1b
[  134.308029][ T9039]  should_fail_ex+0x265/0x280
[  134.308103][ T9039]  should_failslab+0x8c/0xb0
[  134.308152][ T9039]  kmem_cache_alloc_node_noprof+0x57/0x320
[  134.308248][ T9039]  ? __alloc_skb+0x101/0x320
[  134.308288][ T9039]  __alloc_skb+0x101/0x320
[  134.308326][ T9039]  netlink_alloc_large_skb+0xba/0xf0
[  134.308387][ T9039]  netlink_sendmsg+0x3cf/0x6b0
[  134.308444][ T9039]  ? __pfx_netlink_sendmsg+0x10/0x10
[  134.308522][ T9039]  __sock_sendmsg+0x142/0x180
[  134.308574][ T9039]  ____sys_sendmsg+0x31e/0x4e0
[  134.308604][ T9039]  ___sys_sendmsg+0x17b/0x1d0
[  134.308696][ T9039]  __x64_sys_sendmsg+0xd4/0x160
[  134.308725][ T9039]  x64_sys_call+0x2999/0x2fb0
[  134.308751][ T9039]  do_syscall_64+0xd0/0x1a0
[  134.308795][ T9039]  ? clear_bhb_loop+0x25/0x80
[  134.308815][ T9039]  ? clear_bhb_loop+0x25/0x80
[  134.308855][ T9039]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.308879][ T9039] RIP: 0033:0x7f774e8de969
[  134.308897][ T9039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.308914][ T9039] RSP: 002b:00007f774cf47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  134.308932][ T9039] RAX: ffffffffffffffda RBX: 00007f774eb05fa0 RCX: 00007f774e8de969
[  134.308947][ T9039] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000006
[  134.308960][ T9039] RBP: 00007f774cf47090 R08: 0000000000000000 R09: 0000000000000000
[  134.309003][ T9039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  134.309017][ T9039] R13: 0000000000000000 R14: 00007f774eb05fa0 R15: 00007ffc99932678
[  134.309037][ T9039]  </TASK>
[  134.524521][   T29] kauditd_printk_skb: 151 callbacks suppressed
[  134.524539][   T29] audit: type=1400 audit(1747021253.885:3962): avc:  denied  { create } for  pid=9042 comm="syz.5.2069" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  134.583763][ T3320] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 32: comm syz-executor: path /456/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  134.628009][ T3320] EXT4-fs error (device loop2): ext4_empty_dir:3086: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  134.681304][ T3320] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[  134.693524][ T3320] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 32: comm syz-executor: path /456/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  134.737963][ T3320] EXT4-fs error (device loop2): ext4_empty_dir:3086: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  134.768871][ T3320] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[  134.781736][ T9053] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2073'.
[  134.790687][ T9053] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2073'.
[  134.811477][ T3320] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 32: comm syz-executor: path /456/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  134.838394][ T9052] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2072'.
[  134.851512][ T3320] EXT4-fs error (device loop2): ext4_empty_dir:3086: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  134.883990][ T3320] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[  134.896159][ T3320] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 32: comm syz-executor: path /456/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  134.969276][   T29] audit: type=1400 audit(1747021254.325:3963): avc:  denied  { read } for  pid=9050 comm="syz.5.2072" lport=37797 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  134.999757][ T3320] EXT4-fs error (device loop2): ext4_empty_dir:3086: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  135.067729][   T29] audit: type=1326 audit(1747021254.415:3964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9062 comm="syz.6.2078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  135.076790][ T3320] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[  135.091337][   T29] audit: type=1326 audit(1747021254.415:3965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9062 comm="syz.6.2078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  135.126169][   T29] audit: type=1326 audit(1747021254.415:3966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9062 comm="syz.6.2078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  135.132042][ T3320] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 32: comm syz-executor: path /456/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  135.149648][   T29] audit: type=1400 audit(1747021254.415:3967): avc:  denied  { setopt } for  pid=9050 comm="syz.5.2072" lport=37797 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  135.149743][   T29] audit: type=1400 audit(1747021254.415:3968): avc:  denied  { setcheckreqprot } for  pid=9064 comm="syz.0.2077" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  135.215164][   T29] audit: type=1326 audit(1747021254.435:3969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9062 comm="syz.6.2078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  135.226706][ T3320] EXT4-fs error (device loop2): ext4_empty_dir:3086: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  135.267697][   T29] audit: type=1326 audit(1747021254.435:3970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9062 comm="syz.6.2078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  135.291512][   T29] audit: type=1326 audit(1747021254.435:3971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9062 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  135.315625][ T3320] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[  135.328194][ T3320] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[  135.340149][ T3320] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[  135.359484][ T3320] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[  135.396664][ T3320] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[  135.429617][ T3320] EXT4-fs warning (device loop2): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[  135.516072][ T9086] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  135.567921][ T2210] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 64 with error 28
[  135.580481][ T2210] EXT4-fs (loop2): This should not happen!! Data will be lost
[  135.580481][ T2210] 
[  135.590227][ T2210] EXT4-fs (loop2): Total free blocks count 0
[  135.596269][ T2210] EXT4-fs (loop2): Free/Dirty block details
[  135.602245][ T2210] EXT4-fs (loop2): free_blocks=68451041280
[  135.608179][ T2210] EXT4-fs (loop2): dirty_blocks=64
[  135.613344][ T2210] EXT4-fs (loop2): Block reservation details
[  135.619540][ T2210] EXT4-fs (loop2): i_reserved_data_blocks=4
[  135.632298][ T8028] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.654140][ T9065] xt_hashlimit: size too large, truncated to 1048576
[  135.843619][ T9089] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2081'.
[  135.937950][ T9095] loop6: detected capacity change from 0 to 1024
[  135.970098][ T9095] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.994934][ T9099] loop3: detected capacity change from 0 to 128
[  136.002008][ T9095] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.029197][ T9099] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  136.059674][ T8248] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.075070][ T9099] ext4 filesystem being mounted at /413/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.173187][ T9107] loop6: detected capacity change from 0 to 512
[  136.192334][ T9107] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  136.208519][ T9110] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2086'.
[  136.227624][ T9100] lo speed is unknown, defaulting to 1000
[  136.248676][ T9107] EXT4-fs (loop6): 1 truncate cleaned up
[  136.263819][ T9107] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.700219][ T9100] chnl_net:caif_netlink_parms(): no params data found
[  136.722229][ T8248] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.820810][ T9127] FAULT_INJECTION: forcing a failure.
[  136.820810][ T9127] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  136.834057][ T9127] CPU: 0 UID: 0 PID: 9127 Comm: syz.5.2090 Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  136.834090][ T9127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  136.834102][ T9127] Call Trace:
[  136.834109][ T9127]  <TASK>
[  136.834140][ T9127]  __dump_stack+0x1d/0x30
[  136.834161][ T9127]  dump_stack_lvl+0xe8/0x140
[  136.834182][ T9127]  dump_stack+0x15/0x1b
[  136.834197][ T9127]  should_fail_ex+0x265/0x280
[  136.834232][ T9127]  should_fail+0xb/0x20
[  136.834300][ T9127]  should_fail_usercopy+0x1a/0x20
[  136.834320][ T9127]  _copy_to_user+0x20/0xa0
[  136.834345][ T9127]  simple_read_from_buffer+0xb5/0x130
[  136.834373][ T9127]  proc_fail_nth_read+0x100/0x140
[  136.834399][ T9127]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  136.834458][ T9127]  vfs_read+0x19d/0x6f0
[  136.834483][ T9127]  ? __rcu_read_unlock+0x4f/0x70
[  136.834503][ T9127]  ? __fget_files+0x184/0x1c0
[  136.834538][ T9127]  ksys_read+0xda/0x1a0
[  136.834617][ T9127]  __x64_sys_read+0x40/0x50
[  136.834646][ T9127]  x64_sys_call+0x2d77/0x2fb0
[  136.834670][ T9127]  do_syscall_64+0xd0/0x1a0
[  136.834696][ T9127]  ? clear_bhb_loop+0x25/0x80
[  136.834733][ T9127]  ? clear_bhb_loop+0x25/0x80
[  136.834759][ T9127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.834825][ T9127] RIP: 0033:0x7f9c851ed37c
[  136.834843][ T9127] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  136.834975][ T9127] RSP: 002b:00007f9c83857030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  136.834997][ T9127] RAX: ffffffffffffffda RBX: 00007f9c85415fa0 RCX: 00007f9c851ed37c
[  136.835010][ T9127] RDX: 000000000000000f RSI: 00007f9c838570a0 RDI: 0000000000000006
[  136.835021][ T9127] RBP: 00007f9c83857090 R08: 0000000000000000 R09: 0000000000000000
[  136.835033][ T9127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.835044][ T9127] R13: 0000000000000000 R14: 00007f9c85415fa0 R15: 00007ffeba1b89a8
[  136.835063][ T9127]  </TASK>
[  136.929571][ T9132] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  137.176669][ T9132] bridge_slave_1: left allmulticast mode
[  137.182403][ T9132] bridge_slave_1: left promiscuous mode
[  137.188119][ T9132] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.206084][ T9132] bridge_slave_0: left allmulticast mode
[  137.211816][ T9132] bridge_slave_0: left promiscuous mode
[  137.217680][ T9132] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.227484][ T3323] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  137.269873][ T9145] netlink: 'syz.3.2093': attribute type 4 has an invalid length.
[  137.277705][ T9145] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2093'.
[  137.317997][ T9145] : renamed from bond0 (while UP)
[  137.342682][ T9148] netlink: 596 bytes leftover after parsing attributes in process `syz.0.2096'.
[  137.353652][ T9100] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.360906][ T9100] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.368295][ T9100] bridge_slave_0: entered allmulticast mode
[  137.378141][ T9100] bridge_slave_0: entered promiscuous mode
[  137.386183][ T9146] loop3: detected capacity change from 0 to 2048
[  137.398530][ T9100] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.405673][ T9100] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.413111][ T9100] bridge_slave_1: entered allmulticast mode
[  137.419872][ T9100] bridge_slave_1: entered promiscuous mode
[  137.438558][ T9151] loop0: detected capacity change from 0 to 2048
[  137.450617][ T9100] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  137.462140][ T9146] Alternate GPT is invalid, using primary GPT.
[  137.468520][ T9146]  loop3: p2 p3 p7
[  137.472445][ T9100] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  137.497254][ T3005] Alternate GPT is invalid, using primary GPT.
[  137.503742][ T3005]  loop3: p2 p3 p7
[  137.509402][ T9100] team0: Port device team_slave_0 added
[  137.525234][ T9100] team0: Port device team_slave_1 added
[  137.563009][ T9100] batman_adv: batadv0: Adding interface: batadv_slave_0
[  137.570110][ T9100] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.596268][ T9100] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  137.608401][ T9100] batman_adv: batadv0: Adding interface: batadv_slave_1
[  137.615437][ T9100] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.641466][ T9100] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  137.667711][ T9158] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  137.698188][ T9158] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  137.699611][ T9100] hsr_slave_0: entered promiscuous mode
[  137.715966][ T9163] loop3: detected capacity change from 0 to 128
[  137.724314][ T9100] hsr_slave_1: entered promiscuous mode
[  137.724357][ T9163] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  137.740726][ T9100] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  137.744768][ T9163] ext4 filesystem being mounted at /417/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  137.754017][ T9100] Cannot create hsr debugfs directory
[  137.768520][ T9161] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2102'.
[  137.783060][ T9161] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  137.791937][ T9161] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  137.800682][ T9161] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  137.809493][ T9161] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  137.995904][ T9174] loop6: detected capacity change from 0 to 512
[  138.000546][ T9100] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  138.012781][ T9174] EXT4-fs: Ignoring removed i_version option
[  138.023100][ T9100] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  138.033328][ T9174] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  138.045907][ T9100] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  138.056965][ T9100] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  138.065425][ T9174] EXT4-fs (loop6): 1 truncate cleaned up
[  138.075208][ T9174] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.173540][ T9174] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  138.208971][ T9100] 8021q: adding VLAN 0 to HW filter on device bond0
[  138.225828][ T9174] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  138.255328][ T9100] 8021q: adding VLAN 0 to HW filter on device team0
[  138.276486][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.283650][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.308749][ T8248] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.316196][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.324928][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.365186][ T9185] netlink: 'syz.6.2111': attribute type 10 has an invalid length.
[  138.402272][ T9185] batman_adv: batadv0: Adding interface: team0
[  138.408542][ T9185] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  138.433862][ T9185] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  138.465979][ T9189] bridge_slave_1: left allmulticast mode
[  138.471718][ T9189] bridge_slave_1: left promiscuous mode
[  138.477500][ T9189] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.526957][ T9194] loop5: detected capacity change from 0 to 164
[  138.536104][ T9189] bridge_slave_0: left allmulticast mode
[  138.541916][ T9189] bridge_slave_0: left promiscuous mode
[  138.547741][ T9189] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.653485][ T9194] syz.5.2114: attempt to access beyond end of device
[  138.653485][ T9194] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  138.669143][ T9194] syz.5.2114: attempt to access beyond end of device
[  138.669143][ T9194] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[  138.701359][ T3323] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  138.764189][ T9100] 8021q: adding VLAN 0 to HW filter on device batadv0
[  138.827055][ T9209] FAULT_INJECTION: forcing a failure.
[  138.827055][ T9209] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  138.840263][ T9209] CPU: 1 UID: 0 PID: 9209 Comm: syz.0.2118 Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  138.840299][ T9209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  138.840314][ T9209] Call Trace:
[  138.840322][ T9209]  <TASK>
[  138.840332][ T9209]  __dump_stack+0x1d/0x30
[  138.840357][ T9209]  dump_stack_lvl+0xe8/0x140
[  138.840398][ T9209]  dump_stack+0x15/0x1b
[  138.840427][ T9209]  should_fail_ex+0x265/0x280
[  138.840466][ T9209]  should_fail+0xb/0x20
[  138.840497][ T9209]  should_fail_usercopy+0x1a/0x20
[  138.840517][ T9209]  _copy_from_user+0x1c/0xb0
[  138.840556][ T9209]  ___sys_sendmsg+0xc1/0x1d0
[  138.840595][ T9209]  __sys_sendmmsg+0x178/0x300
[  138.840634][ T9209]  __x64_sys_sendmmsg+0x57/0x70
[  138.840658][ T9209]  x64_sys_call+0x2f2f/0x2fb0
[  138.840684][ T9209]  do_syscall_64+0xd0/0x1a0
[  138.840739][ T9209]  ? clear_bhb_loop+0x25/0x80
[  138.840766][ T9209]  ? clear_bhb_loop+0x25/0x80
[  138.840791][ T9209]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.840816][ T9209] RIP: 0033:0x7f89fb76e969
[  138.840832][ T9209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.840852][ T9209] RSP: 002b:00007f89f9dd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  138.840936][ T9209] RAX: ffffffffffffffda RBX: 00007f89fb995fa0 RCX: 00007f89fb76e969
[  138.840951][ T9209] RDX: 0000000000000002 RSI: 0000200000000300 RDI: 0000000000000003
[  138.840965][ T9209] RBP: 00007f89f9dd7090 R08: 0000000000000000 R09: 0000000000000000
[  138.840979][ T9209] R10: 0000000000008880 R11: 0000000000000246 R12: 0000000000000001
[  138.840999][ T9209] R13: 0000000000000000 R14: 00007f89fb995fa0 R15: 00007ffe48e416f8
[  138.841021][ T9209]  </TASK>
[  139.035411][ T9213] loop5: detected capacity change from 0 to 512
[  139.052859][ T9213] EXT4-fs (loop5): couldn't mount RDWR because of unsupported optional features (1000000)
[  139.062961][ T9213] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities
[  139.160639][ T9228] __nla_validate_parse: 4 callbacks suppressed
[  139.160659][ T9228] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2127'.
[  139.176177][ T9228] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2127'.
[  139.196262][ T9230] loop5: detected capacity change from 0 to 164
[  139.197811][ T9228] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2127'.
[  139.224033][ T9230] syz.5.2126: attempt to access beyond end of device
[  139.224033][ T9230] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  139.224395][   T51] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  139.248343][   T51] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.254778][ T9230] syz.5.2126: attempt to access beyond end of device
[  139.254778][ T9230] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[  139.296756][ T9239] lo speed is unknown, defaulting to 1000
[  139.299297][ T9100] veth0_vlan: entered promiscuous mode
[  139.329973][ T9245] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2129'.
[  139.340326][   T51] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  139.350829][   T51] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.364541][ T9228] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2127'.
[  139.373652][ T9228] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2127'.
[  139.427720][ T9228] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2127'.
[  139.449400][ T9243] iso9660: Corrupted directory entry in block 4 of inode 1792
[  139.533339][ T9228] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2127'.
[  139.542499][ T9228] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2127'.
[  139.571732][ T9228] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2127'.
[  139.818122][   T51] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  139.822173][   T29] kauditd_printk_skb: 117 callbacks suppressed
[  139.822205][   T29] audit: type=1326 audit(1747021259.185:4089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9226 comm="syz.6.2127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  139.828526][   T51] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.834737][   T29] audit: type=1326 audit(1747021259.185:4090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9226 comm="syz.6.2127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  139.909368][ T9252] usb usb8: usbfs: process 9252 (syz.0.2130) did not claim interface 0 before use
[  139.910167][ T9100] veth1_vlan: entered promiscuous mode
[  139.926823][ T9252] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  139.945144][ T9252] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  139.947706][ T9100] veth0_macvtap: entered promiscuous mode
[  139.961170][ T9100] veth1_macvtap: entered promiscuous mode
[  139.974602][ T9100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.985151][ T9100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.995014][ T9100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  140.005670][ T9100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.026736][ T9100] batman_adv: batadv0: Interface activated: batadv_slave_0
[  140.054126][   T51] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  140.064606][   T51] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.113694][   T29] audit: type=1326 audit(1747021259.475:4091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9258 comm="syz.5.2131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c851ee969 code=0x7ffc0000
[  140.113797][ T9100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.147929][ T9100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.157912][ T9100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.168421][ T9100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.189868][   T29] audit: type=1326 audit(1747021259.545:4092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9258 comm="syz.5.2131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c851ee969 code=0x7ffc0000
[  140.208820][ T9262] loop3: detected capacity change from 0 to 256
[  140.213396][   T29] audit: type=1326 audit(1747021259.545:4093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9258 comm="syz.5.2131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c851ee969 code=0x7ffc0000
[  140.241751][ T9262] msdos: Unknown parameter '�?��H�(�B�����a��"!5�'
[  140.243230][   T29] audit: type=1326 audit(1747021259.545:4094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9258 comm="syz.5.2131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c851ee969 code=0x7ffc0000
[  140.273574][   T29] audit: type=1326 audit(1747021259.545:4095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9258 comm="syz.5.2131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c851ee969 code=0x7ffc0000
[  140.297036][   T29] audit: type=1326 audit(1747021259.545:4096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9258 comm="syz.5.2131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c851ee969 code=0x7ffc0000
[  140.320475][   T29] audit: type=1326 audit(1747021259.545:4097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9258 comm="syz.5.2131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c851ee969 code=0x7ffc0000
[  140.344006][   T29] audit: type=1326 audit(1747021259.545:4098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9258 comm="syz.5.2131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f9c851ee969 code=0x7ffc0000
[  140.368874][ T9100] batman_adv: batadv0: Interface activated: batadv_slave_1
[  140.377375][ T9100] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  140.386131][ T9100] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  140.394969][ T9100] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  140.403684][ T9100] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  140.425141][ T9262] lo speed is unknown, defaulting to 1000
[  140.484942][   T51] bridge_slave_1: left allmulticast mode
[  140.490628][   T51] bridge_slave_1: left promiscuous mode
[  140.496474][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.517909][ T9266] loop5: detected capacity change from 0 to 512
[  140.525366][   T51] bridge_slave_0: left allmulticast mode
[  140.531098][   T51] bridge_slave_0: left promiscuous mode
[  140.531729][ T9266] EXT4-fs (loop5): couldn't mount RDWR because of unsupported optional features (1000000)
[  140.536921][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.546811][ T9266] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities
[  140.699795][ T9281] loop5: detected capacity change from 0 to 164
[  140.722427][ T9281] syz.5.2141: attempt to access beyond end of device
[  140.722427][ T9281] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  140.754729][ T9281] syz.5.2141: attempt to access beyond end of device
[  140.754729][ T9281] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[  140.791755][ T9291] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  140.800472][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  140.802646][ T9291] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  140.820967][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  140.832240][   T51] bond0 (unregistering): Released all slaves
[  140.877294][ T9290] iso9660: Corrupted directory entry in block 4 of inode 1792
[  140.980056][   T51] hsr_slave_0: left promiscuous mode
[  140.987673][ T9298] loop7: detected capacity change from 0 to 1024
[  140.994466][   T51] hsr_slave_1: left promiscuous mode
[  141.020789][   T51] veth1_macvtap: left promiscuous mode
[  141.027130][   T51] veth0_macvtap: left promiscuous mode
[  141.033035][   T51] veth1_vlan: left promiscuous mode
[  141.043580][ T9298] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.067800][   T51] veth0_vlan: left promiscuous mode
[  141.099499][ T9298] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  141.130628][ T9309] loop3: detected capacity change from 0 to 164
[  141.142800][ T9309] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  141.156038][ T9309] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  141.186119][ T9309] Symlink component flag not implemented
[  141.191921][ T9309] Symlink component flag not implemented
[  141.217101][ T9309] Symlink component flag not implemented (7)
[  141.223149][ T9309] Symlink component flag not implemented (116)
[  141.290593][   T51] team0 (unregistering): Port device team_slave_1 removed
[  141.314020][   T51] team0 (unregistering): Port device team_slave_0 removed
[  141.321837][ T9316] loop3: detected capacity change from 0 to 1024
[  141.346810][ T9316] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.441847][ T9316] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.2151: Allocating blocks 385-513 which overlap fs metadata
[  141.485766][ T9316] netlink: 'syz.3.2151': attribute type 16 has an invalid length.
[  141.493687][ T9316] netlink: 'syz.3.2151': attribute type 3 has an invalid length.
[  141.505416][ T9322] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  141.514121][ T9322] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  141.522119][ T2210] smc: removing ib device syz0
[  141.558167][ T3390] lo speed is unknown, defaulting to 1000
[  141.563975][ T3390] syz0: Port: 1 Link DOWN
[  141.603620][ T9100] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.622006][ T9316] EXT4-fs (loop3): pa ffff888106dbe2a0: logic 16, phys. 129, len 24
[  141.630105][ T9316] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  141.670800][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.736103][ T9330] loop5: detected capacity change from 0 to 1024
[  141.767897][ T9330] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.787899][ T9340] loop3: detected capacity change from 0 to 164
[  141.795472][ T9330] ext4 filesystem being mounted at /91/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  141.809267][ T9340] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  141.819236][ T9330] EXT4-fs error (device loop5): ext4_map_blocks:709: inode #15: block 3: comm syz.5.2158: lblock 3 mapped to illegal pblock 3 (length 1)
[  141.833771][ T9330] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  141.842714][ T9342] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  141.846241][ T9330] EXT4-fs (loop5): This should not happen!! Data will be lost
[  141.846241][ T9330] 
[  141.854776][ T9342] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  141.865199][ T9340] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  141.881148][ T9340] Symlink component flag not implemented
[  141.886858][ T9340] Symlink component flag not implemented
[  141.892765][ T9340] Symlink component flag not implemented (7)
[  141.898835][ T9340] Symlink component flag not implemented (116)
[  141.955518][ T9346] loop3: detected capacity change from 0 to 512
[  141.962609][ T9346] EXT4-fs (loop3): couldn't mount RDWR because of unsupported optional features (1000000)
[  141.972839][ T9346] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  141.997547][ T8119] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.027036][ T9348] loop5: detected capacity change from 0 to 164
[  142.041023][ T9348] syz.5.2165: attempt to access beyond end of device
[  142.041023][ T9348] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  142.056142][ T9348] syz.5.2165: attempt to access beyond end of device
[  142.056142][ T9348] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[  142.161423][ T9352] iso9660: Corrupted directory entry in block 4 of inode 1792
[  142.518456][ T9369] bridge_slave_1: left allmulticast mode
[  142.524224][ T9369] bridge_slave_1: left promiscuous mode
[  142.529951][ T9369] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.540366][ T9369] bridge_slave_0: left allmulticast mode
[  142.546183][ T9369] bridge_slave_0: left promiscuous mode
[  142.552004][ T9369] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.586848][ T9378] loop6: detected capacity change from 0 to 1024
[  142.607941][ T9378] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.620906][ T9378] ext4 filesystem being mounted at /57/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.631783][ T9379] syzkaller0: refused to change device tx_queue_len
[  142.641807][ T9378] EXT4-fs error (device loop6): ext4_map_blocks:709: inode #15: block 3: comm syz.6.2176: lblock 3 mapped to illegal pblock 3 (length 1)
[  142.657397][ T9378] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  142.669833][ T9378] EXT4-fs (loop6): This should not happen!! Data will be lost
[  142.669833][ T9378] 
[  142.696676][ T8248] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.768832][ T9388] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  142.778330][ T9388] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  142.977715][ T9402] loop5: detected capacity change from 0 to 164
[  142.986582][ T9402] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  143.001451][ T9402] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  143.011460][ T9402] Symlink component flag not implemented
[  143.017335][ T9402] Symlink component flag not implemented
[  143.025498][ T9402] Symlink component flag not implemented (7)
[  143.031625][ T9402] Symlink component flag not implemented (116)
[  143.091110][ T9406] loop5: detected capacity change from 0 to 1024
[  143.120887][ T9410] loop6: detected capacity change from 0 to 164
[  143.137783][ T9410] syz.6.2190: attempt to access beyond end of device
[  143.137783][ T9410] loop6: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  143.153116][ T9410] syz.6.2190: attempt to access beyond end of device
[  143.153116][ T9410] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  143.167978][ T9406] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.184198][ T9406] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.188679][ T9414] bridge_slave_1: left allmulticast mode
[  143.200379][ T9414] bridge_slave_1: left promiscuous mode
[  143.206159][ T9414] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.214455][ T9410] iso9660: Corrupted directory entry in block 4 of inode 1792
[  143.223496][ T9414] bridge_slave_0: left allmulticast mode
[  143.229364][ T9414] bridge_slave_0: left promiscuous mode
[  143.235157][ T9414] bridge0: port 1(bridge_slave_0) entered disabled state
[  143.246042][ T9406] EXT4-fs error (device loop5): ext4_map_blocks:709: inode #15: block 3: comm syz.5.2188: lblock 3 mapped to illegal pblock 3 (length 1)
[  143.282522][ T9418] FAULT_INJECTION: forcing a failure.
[  143.282522][ T9418] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  143.295762][ T9418] CPU: 1 UID: 0 PID: 9418 Comm: syz.6.2193 Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  143.295815][ T9418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  143.295831][ T9418] Call Trace:
[  143.295839][ T9418]  <TASK>
[  143.295849][ T9418]  __dump_stack+0x1d/0x30
[  143.295874][ T9418]  dump_stack_lvl+0xe8/0x140
[  143.295895][ T9418]  dump_stack+0x15/0x1b
[  143.295910][ T9418]  should_fail_ex+0x265/0x280
[  143.296019][ T9418]  should_fail+0xb/0x20
[  143.296054][ T9418]  should_fail_usercopy+0x1a/0x20
[  143.296076][ T9418]  _copy_to_user+0x20/0xa0
[  143.296104][ T9418]  simple_read_from_buffer+0xb5/0x130
[  143.296163][ T9418]  proc_fail_nth_read+0x100/0x140
[  143.296197][ T9418]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  143.296227][ T9418]  vfs_read+0x19d/0x6f0
[  143.296323][ T9418]  ? __rcu_read_unlock+0x4f/0x70
[  143.296349][ T9418]  ? __fget_files+0x184/0x1c0
[  143.296386][ T9418]  ksys_read+0xda/0x1a0
[  143.296443][ T9418]  __x64_sys_read+0x40/0x50
[  143.296473][ T9418]  x64_sys_call+0x2d77/0x2fb0
[  143.296499][ T9418]  do_syscall_64+0xd0/0x1a0
[  143.296559][ T9418]  ? clear_bhb_loop+0x25/0x80
[  143.296586][ T9418]  ? clear_bhb_loop+0x25/0x80
[  143.296613][ T9418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.296691][ T9418] RIP: 0033:0x7fc9072fd37c
[  143.296705][ T9418] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  143.296724][ T9418] RSP: 002b:00007fc905967030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  143.296746][ T9418] RAX: ffffffffffffffda RBX: 00007fc907525fa0 RCX: 00007fc9072fd37c
[  143.296762][ T9418] RDX: 000000000000000f RSI: 00007fc9059670a0 RDI: 0000000000000004
[  143.296775][ T9418] RBP: 00007fc905967090 R08: 0000000000000000 R09: 0000000000000000
[  143.296788][ T9418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  143.296861][ T9418] R13: 0000000000000000 R14: 00007fc907525fa0 R15: 00007ffff1191558
[  143.296950][ T9418]  </TASK>
[  143.300193][ T9406] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  143.513802][ T9406] EXT4-fs (loop5): This should not happen!! Data will be lost
[  143.513802][ T9406] 
[  143.582204][ T8119] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.595726][ T9430] loop7: detected capacity change from 0 to 128
[  143.603679][ T9430] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  143.616654][ T9430] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.741769][ T9439] loop6: detected capacity change from 0 to 164
[  143.759328][ T9443] loop0: detected capacity change from 0 to 512
[  143.776425][ T9443] EXT4-fs (loop0): couldn't mount RDWR because of unsupported optional features (1000000)
[  143.786434][ T9443] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  143.795309][ T9439] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  143.829398][ T9439] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  143.851572][ T9447] loop5: detected capacity change from 0 to 512
[  143.860523][ T9439] Symlink component flag not implemented
[  143.866296][ T9439] Symlink component flag not implemented
[  143.889772][ T9439] Symlink component flag not implemented (7)
[  143.895856][ T9439] Symlink component flag not implemented (116)
[  143.962781][ T9447] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  143.987634][ T9453] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  144.027514][ T9447] EXT4-fs (loop5): 1 truncate cleaned up
[  144.059887][ T9453] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  144.078722][ T9447] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.203500][ T9464] loop6: detected capacity change from 0 to 512
[  144.447862][ T9464] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=6802e19c, mo2=0002]
[  144.456274][ T9464] System zones: 1-12
[  144.486628][ T9464] EXT4-fs error (device loop6): ext4_iget_extra_inode:4693: inode #15: comm syz.6.2209: corrupted in-inode xattr: invalid ea_ino
[  144.512073][ T9100] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  144.542204][ T9464] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.2209: couldn't read orphan inode 15 (err -117)
[  144.589818][ T9464] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.670633][ T9463] syzkaller1: entered allmulticast mode
[  144.786221][ T9480] __nla_validate_parse: 8 callbacks suppressed
[  144.786241][ T9480] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  144.807485][ T9483] syzkaller0: refused to change device tx_queue_len
[  144.833569][ T9486] loop7: detected capacity change from 0 to 512
[  144.847701][ T9488] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2217'.
[  144.856678][ T9488] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2217'.
[  144.868509][ T9486] EXT4-fs (loop7): couldn't mount RDWR because of unsupported optional features (1000000)
[  144.878590][ T9486] EXT4-fs (loop7): couldn't mount as ext2 due to feature incompatibilities
[  144.949825][ T9490] loop3: detected capacity change from 0 to 2048
[  145.006075][ T9490] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.098994][ T8248] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.275317][   T29] kauditd_printk_skb: 206 callbacks suppressed
[  145.275334][   T29] audit: type=1326 audit(1747021264.645:4305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9504 comm="syz.6.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  145.305337][   T29] audit: type=1326 audit(1747021264.645:4306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9504 comm="syz.6.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  145.331578][ T9507] loop7: detected capacity change from 0 to 512
[  145.354940][ T9507] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  145.404658][   T29] audit: type=1326 audit(1747021264.715:4307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9504 comm="syz.6.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  145.408467][ T9507] EXT4-fs (loop7): 1 truncate cleaned up
[  145.428140][   T29] audit: type=1326 audit(1747021264.715:4308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9504 comm="syz.6.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  145.428178][   T29] audit: type=1326 audit(1747021264.715:4309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9504 comm="syz.6.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  145.480869][   T29] audit: type=1326 audit(1747021264.715:4310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9504 comm="syz.6.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  145.480962][   T29] audit: type=1326 audit(1747021264.715:4311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9504 comm="syz.6.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  145.480990][   T29] audit: type=1326 audit(1747021264.715:4312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9504 comm="syz.6.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  145.481058][   T29] audit: type=1326 audit(1747021264.725:4313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9504 comm="syz.6.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  145.481091][   T29] audit: type=1326 audit(1747021264.735:4314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9504 comm="syz.6.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  145.527346][ T9507] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.579246][ T9444] syz.5.2199 (9444) used greatest stack depth: 6208 bytes left
[  145.584726][ T8119] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.686788][ T9516] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2226'.
[  145.778016][ T9523] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2228'.
[  145.834043][ T9526] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2229'.
[  145.834061][ T9526] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2229'.
[  145.849281][ T9528] loop0: detected capacity change from 0 to 512
[  145.875556][ T9528] EXT4-fs (loop0): couldn't mount RDWR because of unsupported optional features (1000000)
[  145.875583][ T9528] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  145.885184][ T3412] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  145.885253][ T3412] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  145.885313][ T3412] EXT4-fs (loop3): This should not happen!! Data will be lost
[  145.885313][ T3412] 
[  145.885325][ T3412] EXT4-fs (loop3): Total free blocks count 0
[  145.885365][ T3412] EXT4-fs (loop3): Free/Dirty block details
[  145.885408][ T3412] EXT4-fs (loop3): free_blocks=2415919104
[  145.885421][ T3412] EXT4-fs (loop3): dirty_blocks=7472
[  145.885432][ T3412] EXT4-fs (loop3): Block reservation details
[  145.885442][ T3412] EXT4-fs (loop3): i_reserved_data_blocks=467
[  146.023511][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.154306][ T9554] loop0: detected capacity change from 0 to 512
[  146.164753][ T9554] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  146.168263][ T9554] EXT4-fs (loop0): 1 truncate cleaned up
[  146.168660][ T9554] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.227370][ T9558] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2238'.
[  146.492596][ T9572] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2240'.
[  146.583691][ T9584] loop3: detected capacity change from 0 to 512
[  146.591467][ T9582] loop6: detected capacity change from 0 to 164
[  146.643033][ T9584] EXT4-fs (loop3): couldn't mount RDWR because of unsupported optional features (1000000)
[  146.653133][ T9584] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  146.681662][ T9582] syz.6.2245: attempt to access beyond end of device
[  146.681662][ T9582] loop6: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  146.700745][ T9582] syz.6.2245: attempt to access beyond end of device
[  146.700745][ T9582] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  146.831282][ T9595] iso9660: Corrupted directory entry in block 4 of inode 1792
[  146.837055][ T9596] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2250'.
[  146.861527][ T9593] loop5: detected capacity change from 0 to 2048
[  146.888652][ T9593] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.925293][ T9593] ext4 filesystem being mounted at /106/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.987180][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.007658][ T9100] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.022570][ T9602] loop6: detected capacity change from 0 to 1024
[  147.052097][ T9604] loop3: detected capacity change from 0 to 1024
[  147.102521][ T9602] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.148052][ T9602] ext4 filesystem being mounted at /78/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  147.160096][ T9604] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.187788][ T9602] EXT4-fs error (device loop6): ext4_map_blocks:709: inode #15: block 3: comm syz.6.2252: lblock 3 mapped to illegal pblock 3 (length 1)
[  147.202496][ T9604] ext4 filesystem being mounted at /450/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  147.228174][ T9608] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2249: bg 0: block 345: padding at end of block bitmap is not set
[  147.267707][ T9604] EXT4-fs error (device loop3): ext4_map_blocks:709: inode #15: block 3: comm syz.3.2253: lblock 3 mapped to illegal pblock 3 (length 1)
[  147.284890][ T9602] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  147.297259][ T9602] EXT4-fs (loop6): This should not happen!! Data will be lost
[  147.297259][ T9602] 
[  147.346079][ T9604] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  147.358530][ T9604] EXT4-fs (loop3): This should not happen!! Data will be lost
[  147.358530][ T9604] 
[  147.416130][ T8248] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.435363][ T9608] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  147.472643][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.694277][ T9624] loop6: detected capacity change from 0 to 512
[  147.727324][ T9624] EXT4-fs (loop6): couldn't mount RDWR because of unsupported optional features (1000000)
[  147.737320][ T9624] EXT4-fs (loop6): couldn't mount as ext2 due to feature incompatibilities
[  147.786229][ T9631] loop3: detected capacity change from 0 to 164
[  147.814568][ T9631] syz.3.2263: attempt to access beyond end of device
[  147.814568][ T9631] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  147.820074][ T9637] loop0: detected capacity change from 0 to 1024
[  147.829282][ T9631] syz.3.2263: attempt to access beyond end of device
[  147.829282][ T9631] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[  147.913504][ T9640] loop7: detected capacity change from 0 to 512
[  147.935596][ T9640] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  147.969926][ T9644] 9pnet: p9_errstr2errno: server reported unknown error 
[  147.986363][ T9637] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.008613][ T9637] ext4 filesystem being mounted at /441/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.030816][ T9648] iso9660: Corrupted directory entry in block 4 of inode 1792
[  148.053057][ T9637] EXT4-fs error (device loop0): ext4_map_blocks:709: inode #15: block 3: comm syz.0.2266: lblock 3 mapped to illegal pblock 3 (length 1)
[  148.071984][ T9637] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  148.084372][ T9637] EXT4-fs (loop0): This should not happen!! Data will be lost
[  148.084372][ T9637] 
[  148.103039][ T9640] EXT4-fs (loop7): 1 truncate cleaned up
[  148.110853][ T9651] loop6: detected capacity change from 0 to 164
[  148.120271][ T8119] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.129952][ T9651] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  148.153891][ T9651] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  148.184542][ T9651] Symlink component flag not implemented
[  148.190334][ T9651] Symlink component flag not implemented
[  148.203755][ T9651] Symlink component flag not implemented (7)
[  148.209874][ T9651] Symlink component flag not implemented (116)
[  148.411560][ T9671] netem: incorrect ge model size
[  148.412094][ T9673] loop6: detected capacity change from 0 to 1024
[  148.416734][ T9671] netem: change failed
[  148.478430][ T9673] ext4 filesystem being mounted at /87/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.496245][ T9673] EXT4-fs error (device loop6): ext4_map_blocks:709: inode #15: block 3: comm syz.6.2279: lblock 3 mapped to illegal pblock 3 (length 1)
[  148.513098][ T9673] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  148.525684][ T9673] EXT4-fs (loop6): This should not happen!! Data will be lost
[  148.525684][ T9673] 
[  148.617991][ T9681] loop5: detected capacity change from 0 to 1024
[  148.633983][ T9685] loop0: detected capacity change from 0 to 164
[  148.646955][ T9685] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  148.685226][ T9685] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  148.727552][ T9681] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.2281: Allocating blocks 385-513 which overlap fs metadata
[  148.742254][ T9685] Symlink component flag not implemented
[  148.747976][ T9685] Symlink component flag not implemented
[  148.762708][ T9691] loop6: detected capacity change from 0 to 2048
[  148.771401][ T9680] EXT4-fs (loop5): pa ffff888106dbe230: logic 16, phys. 129, len 24
[  148.779606][ T9680] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  148.790617][ T9685] Symlink component flag not implemented (7)
[  148.796776][ T9685] Symlink component flag not implemented (116)
[  148.937490][ T9700] FAULT_INJECTION: forcing a failure.
[  148.937490][ T9700] name failslab, interval 1, probability 0, space 0, times 0
[  148.950457][ T9700] CPU: 0 UID: 0 PID: 9700 Comm: syz.6.2285 Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  148.950549][ T9700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  148.950561][ T9700] Call Trace:
[  148.950568][ T9700]  <TASK>
[  148.950576][ T9700]  __dump_stack+0x1d/0x30
[  148.950652][ T9700]  dump_stack_lvl+0xe8/0x140
[  148.950674][ T9700]  dump_stack+0x15/0x1b
[  148.950695][ T9700]  should_fail_ex+0x265/0x280
[  148.950736][ T9700]  should_failslab+0x8c/0xb0
[  148.950770][ T9700]  kmem_cache_alloc_noprof+0x50/0x310
[  148.950881][ T9700]  ? security_file_alloc+0x32/0x100
[  148.950916][ T9700]  security_file_alloc+0x32/0x100
[  148.950949][ T9700]  init_file+0x5c/0x1d0
[  148.951027][ T9700]  alloc_empty_file+0x8b/0x200
[  148.951099][ T9700]  path_openat+0x68/0x2170
[  148.951119][ T9700]  ? _parse_integer_limit+0x170/0x190
[  148.951149][ T9700]  ? _parse_integer+0x27/0x40
[  148.951189][ T9700]  ? kstrtoull+0x111/0x140
[  148.951252][ T9700]  ? kstrtouint+0x76/0xc0
[  148.951289][ T9700]  do_filp_open+0x109/0x230
[  148.951327][ T9700]  do_sys_openat2+0xa6/0x110
[  148.951353][ T9700]  __x64_sys_creat+0x65/0x90
[  148.951413][ T9700]  x64_sys_call+0x114d/0x2fb0
[  148.951441][ T9700]  do_syscall_64+0xd0/0x1a0
[  148.951546][ T9700]  ? clear_bhb_loop+0x25/0x80
[  148.951571][ T9700]  ? clear_bhb_loop+0x25/0x80
[  148.951591][ T9700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.951647][ T9700] RIP: 0033:0x7fc9072fe969
[  148.951666][ T9700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.951695][ T9700] RSP: 002b:00007fc905946038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  148.951712][ T9700] RAX: ffffffffffffffda RBX: 00007fc907526080 RCX: 00007fc9072fe969
[  148.951724][ T9700] RDX: 0000000000000000 RSI: ecf86c37d53049cc RDI: 0000200000000000
[  148.951735][ T9700] RBP: 00007fc905946090 R08: 0000000000000000 R09: 0000000000000000
[  148.951747][ T9700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.951763][ T9700] R13: 0000000000000000 R14: 00007fc907526080 R15: 00007ffff1191558
[  148.951786][ T9700]  </TASK>
[  149.319737][ T9714] loop5: detected capacity change from 0 to 1024
[  149.379077][ T9714] ext4 filesystem being mounted at /116/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.392422][ T9714] EXT4-fs error (device loop5): ext4_map_blocks:709: inode #15: block 3: comm syz.5.2294: lblock 3 mapped to illegal pblock 3 (length 1)
[  149.481138][ T9714] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  149.493559][ T9714] EXT4-fs (loop5): This should not happen!! Data will be lost
[  149.493559][ T9714] 
[  149.570547][ T9727] loop0: detected capacity change from 0 to 164
[  149.588142][ T9727] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  149.619627][ T9727] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  149.637965][ T9727] Symlink component flag not implemented
[  149.643655][ T9727] Symlink component flag not implemented
[  149.677818][ T9727] Symlink component flag not implemented (7)
[  149.683983][ T9727] Symlink component flag not implemented (116)
[  149.706969][ T9737] loop3: detected capacity change from 0 to 128
[  149.723272][ T9737] ext4 filesystem being mounted at /458/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.927227][ T9748] __nla_validate_parse: 4 callbacks suppressed
[  149.927246][ T9748] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2305'.
[  149.993591][ T9760] loop0: detected capacity change from 0 to 512
[  150.002222][ T9758] loop7: detected capacity change from 0 to 2048
[  150.219845][ T9760] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  150.403393][ T9774] loop5: detected capacity change from 0 to 1024
[  150.444965][ T9779] loop6: detected capacity change from 0 to 164
[  150.446700][ T9774] ext4 filesystem being mounted at /123/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  150.465147][ T9779] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  150.474018][ T9779] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  150.479110][ T9760] EXT4-fs (loop0): 1 truncate cleaned up
[  150.488217][ T9779] Symlink component flag not implemented
[  150.493897][ T9779] Symlink component flag not implemented
[  150.567866][ T9779] Symlink component flag not implemented (7)
[  150.573938][ T9779] Symlink component flag not implemented (116)
[  150.693358][   T29] kauditd_printk_skb: 58 callbacks suppressed
[  150.693374][   T29] audit: type=1326 audit(1747021270.055:4373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9785 comm="syz.6.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  150.788692][   T29] audit: type=1326 audit(1747021270.095:4374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9785 comm="syz.6.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  150.812242][   T29] audit: type=1326 audit(1747021270.095:4375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9785 comm="syz.6.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  150.835763][   T29] audit: type=1326 audit(1747021270.095:4376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9785 comm="syz.6.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  150.859286][   T29] audit: type=1326 audit(1747021270.095:4377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9785 comm="syz.6.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  150.882704][   T29] audit: type=1326 audit(1747021270.095:4378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9785 comm="syz.6.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  150.906209][   T29] audit: type=1326 audit(1747021270.095:4379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9785 comm="syz.6.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  150.929822][   T29] audit: type=1326 audit(1747021270.095:4380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9785 comm="syz.6.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  150.953286][   T29] audit: type=1326 audit(1747021270.095:4381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9785 comm="syz.6.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  150.976794][   T29] audit: type=1326 audit(1747021270.095:4382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9785 comm="syz.6.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7fc9072fe969 code=0x7ffc0000
[  151.094897][ T9753] syz.0.2308 (9753) used greatest stack depth: 6192 bytes left
[  151.139242][ T9795] loop6: detected capacity change from 0 to 1024
[  151.168853][ T9795] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4113: comm syz.6.2326: Allocating blocks 385-513 which overlap fs metadata
[  151.183955][ T9799] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2328'.
[  151.192926][ T9799] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2328'.
[  151.250043][ T9807] loop3: detected capacity change from 0 to 164
[  151.273979][ T9794] EXT4-fs (loop6): pa ffff888106dbe230: logic 16, phys. 129, len 24
[  151.282082][ T9794] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  151.324117][ T9807] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  151.340240][ T9807] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  151.414017][ T9807] Symlink component flag not implemented
[  151.419879][ T9807] Symlink component flag not implemented
[  151.438627][ T9807] Symlink component flag not implemented (7)
[  151.444828][ T9807] Symlink component flag not implemented (116)
[  151.537036][ T9831] netem: incorrect ge model size
[  151.542062][ T9831] netem: change failed
[  151.758717][ T9848] loop6: detected capacity change from 0 to 512
[  151.777905][ T9848] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  151.791557][ T9848] EXT4-fs (loop6): 1 truncate cleaned up
[  151.812853][ T9852] bridge0: entered promiscuous mode
[  151.818350][ T9852] macvlan2: entered promiscuous mode
[  151.827507][ T9852] bridge0: port 3(macvlan2) entered blocking state
[  151.834106][ T9852] bridge0: port 3(macvlan2) entered disabled state
[  151.864449][ T9852] macvlan2: entered allmulticast mode
[  151.870004][ T9852] bridge0: entered allmulticast mode
[  151.877047][ T9852] macvlan2: left allmulticast mode
[  151.882274][ T9852] bridge0: left allmulticast mode
[  151.888840][ T9852] bridge0: left promiscuous mode
[  151.902406][ T9857] loop6: detected capacity change from 0 to 164
[  151.911685][ T9857] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  151.920941][ T9857] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  151.931718][ T9857] Symlink component flag not implemented
[  151.937417][ T9857] Symlink component flag not implemented
[  151.965599][ T9857] Symlink component flag not implemented (7)
[  151.971737][ T9857] Symlink component flag not implemented (116)
[  152.048466][ T9865] loop6: detected capacity change from 0 to 1024
[  152.067940][ T9865] ext4 filesystem being mounted at /110/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  152.086180][ T9865] EXT4-fs error (device loop6): ext4_map_blocks:709: inode #15: block 3: comm syz.6.2356: lblock 3 mapped to illegal pblock 3 (length 1)
[  152.104205][ T9865] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  152.116637][ T9865] EXT4-fs (loop6): This should not happen!! Data will be lost
[  152.116637][ T9865] 
[  152.153539][ T9871] FAULT_INJECTION: forcing a failure.
[  152.153539][ T9871] name failslab, interval 1, probability 0, space 0, times 0
[  152.166343][ T9871] CPU: 0 UID: 0 PID: 9871 Comm: syz.5.2358 Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  152.166386][ T9871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  152.166402][ T9871] Call Trace:
[  152.166410][ T9871]  <TASK>
[  152.166417][ T9871]  __dump_stack+0x1d/0x30
[  152.166437][ T9871]  dump_stack_lvl+0xe8/0x140
[  152.166488][ T9871]  dump_stack+0x15/0x1b
[  152.166508][ T9871]  should_fail_ex+0x265/0x280
[  152.166619][ T9871]  should_failslab+0x8c/0xb0
[  152.166691][ T9871]  kmem_cache_alloc_noprof+0x50/0x310
[  152.166854][ T9871]  ? alloc_empty_file+0x76/0x200
[  152.166891][ T9871]  alloc_empty_file+0x76/0x200
[  152.166921][ T9871]  alloc_file_pseudo+0xc6/0x160
[  152.167084][ T9871]  sock_alloc_file+0x9c/0x1e0
[  152.167109][ T9871]  do_accept+0x1e4/0x3a0
[  152.167222][ T9871]  io_accept+0x1b9/0x450
[  152.167253][ T9871]  __io_issue_sqe+0xfb/0x2e0
[  152.167285][ T9871]  ? io_wq_submit_work+0x5bd/0x5f0
[  152.167313][ T9871]  io_issue_sqe+0x53/0x970
[  152.167414][ T9871]  ? __pfx_unix_poll+0x10/0x10
[  152.167440][ T9871]  ? __rcu_read_unlock+0x4f/0x70
[  152.167475][ T9871]  io_req_task_submit+0x6b/0xc0
[  152.167507][ T9871]  io_poll_task_func+0x674/0xa20
[  152.167554][ T9871]  ? __pfx_io_poll_task_func+0x10/0x10
[  152.167577][ T9871]  io_handle_tw_list+0xcc/0x1c0
[  152.167612][ T9871]  tctx_task_work_run+0x6d/0x1a0
[  152.167698][ T9871]  tctx_task_work+0x3f/0x80
[  152.167740][ T9871]  task_work_run+0x12e/0x1a0
[  152.167815][ T9871]  get_signal+0xe13/0xf70
[  152.167854][ T9871]  ? __io_req_task_work_add+0x2b2/0x3f0
[  152.167888][ T9871]  ? io_poll_wake+0x29f/0x3b0
[  152.168029][ T9871]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  152.168068][ T9871]  arch_do_signal_or_restart+0x97/0x480
[  152.168222][ T9871]  syscall_exit_to_user_mode+0x68/0xb0
[  152.168248][ T9871]  do_syscall_64+0xdd/0x1a0
[  152.168276][ T9871]  ? clear_bhb_loop+0x25/0x80
[  152.168299][ T9871]  ? clear_bhb_loop+0x25/0x80
[  152.168386][ T9871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.168412][ T9871] RIP: 0033:0x7f9c851ee969
[  152.168428][ T9871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.168445][ T9871] RSP: 002b:00007f9c83857038 EFLAGS: 00000246 ORIG_RAX: 0000000000000030
[  152.168471][ T9871] RAX: 0000000000000000 RBX: 00007f9c85415fa0 RCX: 00007f9c851ee969
[  152.168564][ T9871] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  152.168575][ T9871] RBP: 00007f9c83857090 R08: 0000000000000000 R09: 0000000000000000
[  152.168588][ T9871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  152.168601][ T9871] R13: 0000000000000000 R14: 00007f9c85415fa0 R15: 00007ffeba1b89a8
[  152.168623][ T9871]  </TASK>
[  152.500117][ T9875] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2361'.
[  152.509164][ T9875] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2361'.
[  152.550653][ T9875] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  152.559720][ T9875] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  152.568535][ T9875] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  152.577380][ T9875] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  152.593461][ T9883] FAULT_INJECTION: forcing a failure.
[  152.593461][ T9883] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  152.606752][ T9883] CPU: 0 UID: 0 PID: 9883 Comm: syz.3.2363 Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  152.606787][ T9883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  152.606800][ T9883] Call Trace:
[  152.606806][ T9883]  <TASK>
[  152.606814][ T9883]  __dump_stack+0x1d/0x30
[  152.606885][ T9883]  dump_stack_lvl+0xe8/0x140
[  152.606904][ T9883]  dump_stack+0x15/0x1b
[  152.606919][ T9883]  should_fail_ex+0x265/0x280
[  152.606950][ T9883]  should_fail+0xb/0x20
[  152.607050][ T9883]  should_fail_usercopy+0x1a/0x20
[  152.607069][ T9883]  _copy_from_iter+0xcf/0xdd0
[  152.607091][ T9883]  ? __build_skb_around+0x1a0/0x200
[  152.607127][ T9883]  ? __alloc_skb+0x223/0x320
[  152.607250][ T9883]  netlink_sendmsg+0x471/0x6b0
[  152.607293][ T9883]  ? __pfx_netlink_sendmsg+0x10/0x10
[  152.607408][ T9883]  __sock_sendmsg+0x142/0x180
[  152.607441][ T9883]  ____sys_sendmsg+0x31e/0x4e0
[  152.607476][ T9883]  ___sys_sendmsg+0x17b/0x1d0
[  152.607534][ T9883]  __x64_sys_sendmsg+0xd4/0x160
[  152.607588][ T9883]  x64_sys_call+0x2999/0x2fb0
[  152.607615][ T9883]  do_syscall_64+0xd0/0x1a0
[  152.607642][ T9883]  ? clear_bhb_loop+0x25/0x80
[  152.607666][ T9883]  ? clear_bhb_loop+0x25/0x80
[  152.607751][ T9883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.607778][ T9883] RIP: 0033:0x7f774e8de969
[  152.607798][ T9883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.607820][ T9883] RSP: 002b:00007f774cf47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  152.607841][ T9883] RAX: ffffffffffffffda RBX: 00007f774eb05fa0 RCX: 00007f774e8de969
[  152.607853][ T9883] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000005
[  152.607864][ T9883] RBP: 00007f774cf47090 R08: 0000000000000000 R09: 0000000000000000
[  152.607875][ T9883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  152.607889][ T9883] R13: 0000000000000000 R14: 00007f774eb05fa0 R15: 00007ffc99932678
[  152.607907][ T9883]  </TASK>
[  152.618354][ T9885] loop6: detected capacity change from 0 to 2048
[  152.837300][ T9885] ext4 filesystem being mounted at /112/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  152.929505][ T9897] syzkaller0: refused to change device tx_queue_len
[  153.059463][ T9912] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2376'.
[  153.068428][ T9912] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2376'.
[  153.110638][ T9914] loop7: detected capacity change from 0 to 1024
[  153.276146][ T9914] ext4 filesystem being mounted at /38/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  153.316331][ T9914] EXT4-fs error (device loop7): ext4_map_blocks:709: inode #15: block 3: comm syz.7.2373: lblock 3 mapped to illegal pblock 3 (length 1)
[  153.345884][ T9921] loop0: detected capacity change from 0 to 512
[  153.362577][ T9902] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2365: bg 0: block 345: padding at end of block bitmap is not set
[  153.378007][ T9902] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  153.387406][ T9914] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  153.399754][ T9914] EXT4-fs (loop7): This should not happen!! Data will be lost
[  153.399754][ T9914] 
[  153.437418][ T9921] ext4 filesystem being mounted at /461/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  153.463053][ T9921] FAULT_INJECTION: forcing a failure.
[  153.463053][ T9921] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.476246][ T9921] CPU: 1 UID: 0 PID: 9921 Comm: syz.0.2378 Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  153.476340][ T9921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  153.476353][ T9921] Call Trace:
[  153.476361][ T9921]  <TASK>
[  153.476368][ T9921]  __dump_stack+0x1d/0x30
[  153.476426][ T9921]  dump_stack_lvl+0xe8/0x140
[  153.476448][ T9921]  dump_stack+0x15/0x1b
[  153.476469][ T9921]  should_fail_ex+0x265/0x280
[  153.476585][ T9921]  should_fail+0xb/0x20
[  153.476621][ T9921]  should_fail_usercopy+0x1a/0x20
[  153.476645][ T9921]  strncpy_from_user+0x25/0x230
[  153.476679][ T9921]  path_setxattrat+0xeb/0x310
[  153.476870][ T9921]  __x64_sys_setxattr+0x6e/0x90
[  153.476965][ T9921]  x64_sys_call+0x28a7/0x2fb0
[  153.477013][ T9921]  do_syscall_64+0xd0/0x1a0
[  153.477042][ T9921]  ? clear_bhb_loop+0x25/0x80
[  153.477063][ T9921]  ? clear_bhb_loop+0x25/0x80
[  153.477085][ T9921]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.477112][ T9921] RIP: 0033:0x7f89fb76e969
[  153.477156][ T9921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.477178][ T9921] RSP: 002b:00007f89f9dd7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[  153.477200][ T9921] RAX: ffffffffffffffda RBX: 00007f89fb995fa0 RCX: 00007f89fb76e969
[  153.477212][ T9921] RDX: 0000200000000240 RSI: 00002000000001c0 RDI: 0000200000000180
[  153.477225][ T9921] RBP: 00007f89f9dd7090 R08: 0000000000000001 R09: 0000000000000000
[  153.477320][ T9921] R10: 00000000000007c8 R11: 0000000000000246 R12: 0000000000000001
[  153.477334][ T9921] R13: 0000000000000000 R14: 00007f89fb995fa0 R15: 00007ffe48e416f8
[  153.477352][ T9921]  </TASK>
[  153.808889][ T9942] netem: incorrect ge model size
[  153.813929][ T9942] netem: change failed
[  153.828582][ T9944] loop3: detected capacity change from 0 to 164
[  153.845185][ T9944] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  153.858197][ T9944] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  153.871365][ T9948] loop6: detected capacity change from 0 to 1024
[  153.891092][ T9944] Symlink component flag not implemented
[  153.896843][ T9944] Symlink component flag not implemented
[  153.902966][ T9944] Symlink component flag not implemented (7)
[  153.909079][ T9944] Symlink component flag not implemented (116)
[  153.918594][ T9950] loop7: detected capacity change from 0 to 164
[  153.929797][ T9952] loop5: detected capacity change from 0 to 1024
[  153.940186][ T9950] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  153.976075][ T9950] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  153.985888][ T9960] loop3: detected capacity change from 0 to 1024
[  154.000450][ T9960] ext4 filesystem being mounted at /465/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.008601][ T9950] Symlink component flag not implemented
[  154.016733][ T9950] Symlink component flag not implemented
[  154.046770][ T9960] EXT4-fs error (device loop3): ext4_map_blocks:709: inode #15: block 3: comm syz.3.2393: lblock 3 mapped to illegal pblock 3 (length 1)
[  154.054748][ T9950] Symlink component flag not implemented (7)
[  154.067082][ T9950] Symlink component flag not implemented (116)
[  154.123039][ T9960] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  154.135456][ T9960] EXT4-fs (loop3): This should not happen!! Data will be lost
[  154.135456][ T9960] 
[  154.146911][ T3313] ==================================================================
[  154.155026][ T3313] BUG: KCSAN: data-race in pollwake / pollwake
[  154.161344][ T3313] 
[  154.163670][ T3313] write to 0xffffc9000159fa00 of 4 bytes by task 9100 on cpu 1:
[  154.171296][ T3313]  pollwake+0xb6/0x100
[  154.175373][ T3313]  __wake_up_sync_key+0x4f/0x80
[  154.180316][ T3313]  anon_pipe_write+0x8ba/0xaa0
[  154.185100][ T3313]  vfs_write+0x49d/0x8d0
[  154.189352][ T3313]  ksys_write+0xda/0x1a0
[  154.193597][ T3313]  __x64_sys_write+0x40/0x50
[  154.198211][ T3313]  x64_sys_call+0x2cdd/0x2fb0
[  154.202891][ T3313]  do_syscall_64+0xd0/0x1a0
[  154.207394][ T3313]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.213292][ T3313] 
[  154.215623][ T3313] write to 0xffffc9000159fa00 of 4 bytes by task 3313 on cpu 0:
[  154.223262][ T3313]  pollwake+0xb6/0x100
[  154.227388][ T3313]  __wake_up_sync_key+0x4f/0x80
[  154.232258][ T3313]  anon_pipe_write+0x8ba/0xaa0
[  154.237047][ T3313]  vfs_write+0x49d/0x8d0
[  154.241382][ T3313]  ksys_write+0xda/0x1a0
[  154.245630][ T3313]  __x64_sys_write+0x40/0x50
[  154.250223][ T3313]  x64_sys_call+0x2cdd/0x2fb0
[  154.254929][ T3313]  do_syscall_64+0xd0/0x1a0
[  154.259461][ T3313]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.265381][ T3313] 
[  154.267719][ T3313] value changed: 0x00000000 -> 0x00000001
SYZFAIL: failed to send rpc
fd=3 want=56 sent=0 n=-1 (errno 32: Broken pipe)
[  154.273426][ T3313] 
[  154.275741][ T3313] Reported by Kernel Concurrency Sanitizer on:
[  154.283556][ T3313] CPU: 0 UID: 0 PID: 3313 Comm: syz-executor Not tainted 6.15.0-rc5-syzkaller-00353-gcd802e7e5f1e #0 PREEMPT(voluntary) 
[  154.296251][ T3313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  154.306316][ T3313] ==================================================================
[  154.688083][   T51] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  154.698439][   T51] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.755572][   T51] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  154.766078][   T51] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.857063][   T51] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  154.867595][   T51] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.947896][   T51] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  154.958348][   T51] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.133028][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  155.146220][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  155.156732][   T51] bond0 (unregistering): Released all slaves
[  155.226053][   T51] tipc: Disabling bearer <udp:s >
[  155.231223][   T51] tipc: Left network mode
[  155.239711][   T51] hsr_slave_0: left promiscuous mode
[  155.246319][   T51] hsr_slave_1: left promiscuous mode
[  155.253562][   T51] veth1_vlan: left promiscuous mode
[  155.306115][   T51] team0 (unregistering): Port device team_slave_1 removed
[  155.316778][   T51] team0 (unregistering): Port device team_slave_0 removed
[  155.591442][   T51] netdevsim netdevsim7 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  155.601821][   T51] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.657912][   T51] netdevsim netdevsim7 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  155.668260][   T51] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.717434][   T51] netdevsim netdevsim7 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  155.727988][   T51] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.777086][   T51] netdevsim netdevsim7 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  155.787450][   T51] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.852054][   T51] netdevsim netdevsim6 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  155.862548][   T51] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.897246][   T51] netdevsim netdevsim6 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  155.907627][   T51] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.948202][   T51] netdevsim netdevsim6 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  155.958568][   T51] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.996998][   T51] netdevsim netdevsim6 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  156.007435][   T51] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.153938][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  156.164558][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  156.176065][   T51] bond0 (unregistering): Released all slaves
[  156.185575][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  156.195628][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  156.205067][   T51] bond0 (unregistering): Released all slaves
[  156.261771][   T51] hsr_slave_0: left promiscuous mode
[  156.267587][   T51] hsr_slave_1: left promiscuous mode
[  156.273353][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  156.280803][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[  156.288624][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  156.296343][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  156.305079][   T51] hsr_slave_0: left promiscuous mode
[  156.311153][   T51] hsr_slave_1: left promiscuous mode
[  156.317025][   T51] batman_adv: batadv0: Removing interface: team0
[  156.323840][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  156.331354][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[  156.339695][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  156.347135][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  156.360934][   T51] veth1_macvtap: left promiscuous mode
[  156.366494][   T51] veth0_macvtap: left promiscuous mode
[  156.372092][   T51] veth1_vlan: left promiscuous mode
[  156.377665][   T51] veth0_vlan: left promiscuous mode
[  156.383337][   T51] veth1_macvtap: left promiscuous mode
[  156.389548][   T51] veth0_macvtap: left promiscuous mode
[  156.490672][   T51] team0 (unregistering): Port device team_slave_1 removed
[  156.501676][   T51] team0 (unregistering): Port device team_slave_0 removed
[  156.555447][   T51] team0 (unregistering): Port device team_slave_1 removed
[  156.565958][   T51] team0 (unregistering): Port device team_slave_0 removed