last executing test programs:

1m51.041663919s ago: executing program 1 (id=2667):
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$selinux_policy(0xffffff9c, &(0x7f0000000080), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELPRL(r0, 0x89f6, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000140)={@multicast1, 0x0, 0x0, 0x50, 0x0, [{@initdev}, {@loopback}, {@loopback}, {@dev}, {@multicast2}]}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000ffff9500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
socket$packet(0x11, 0x2, 0x300)
r1 = syz_io_uring_setup(0x5fce, &(0x7f0000000940)={0x0, 0x208b, 0x1, 0xfffffffe, 0x35}, &(0x7f0000000080), &(0x7f00000002c0))
io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f0000000800)={&(0x7f0000002000)={[{0x0, 0x0, 0x2}]}, 0x1}, 0x1)

1m51.00269014s ago: executing program 1 (id=2668):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x109000, 0x0)
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0xe, 0x7fffffff}]})
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xff, 0x3, 0x0, 0x0, 0x0, 0x4000000003, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x2, @perf_bp={0x0, 0xd}, 0xc, 0x5, 0x800000, 0x0, 0xffff, 0x2, 0x0, 0x0, 0xfffffffc, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, r0, 0xa)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x4, 0x1000}, 0x4)
r2 = inotify_init()
r3 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
pipe2(&(0x7f0000001440)={<r5=>0xffffffffffffffff}, 0x0)
fcntl$setpipe(r5, 0x4, 0xfffffffffffff000)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[], 0xb0}}, 0x20050800)
close_range(r4, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000000150600000fff07e05606000043fe0000070600000ee60000bf050000000000006e6500000000000065070000020000e3260700004c0000001f75000000000000bf5400000000000007040000f0fff8ffad350100000000009500000000000000050000000000000095000000000000001c0a7900009d3c2792138e042ce31c2b7ae994a5642cb064ecd5615f3196e3359aceb768637e60bd5d2e4b5992de991371274fdff6e79fc722e25659a7c85615c1b88bc894123cfe3614e887ffffff7f381ef4932cb0dcebea6d90e9c1677fbefd35003d883a2c559b7a34db461b197baf8ebb7c11a8df40d92706d0bbcc5bf6fec345ae9606c3c1a348f9b395592c1f9ae5de8923b27a6fdc20441018e5e4b41b13000c94df1f2db24c67d4c7ba9ec035883e2791a9e9dff3e8bfc7d1be00000082018f5f4b2c00000000000000387a601e3a3412086dee84efd375f0645f3301f55d3b9efdfbed9b430bcf0418e100bdff1c8bcfc0c229874bc3d2418bab997c8bef9aa55841caa572ddff9220c67c9e17bee524c3dc747445763ecb0a7f2cd12bc34b0fc6273786b5bba17e9b8f1c2af8e23c411a4d1124cfb5279195f701000000f77c71294bbfd85878726c49eb89085967722d98cb884d1afe82f7f722e38397996271700241094d272dd8b754b2dd7817450bc7921dd372e621dd447b86e7ffd1bdc198deb495cac0995ca3ef6c1affb693ae366b0f11db6e312bdb8261d0dc10cac6a27e29f171b8e9f172c3db24558d77b8bf18be45c50b3fc005fa7b134dfc948f6015e0389d7f34cb9c02cf517c8ed7a9b6159c1446ef1c2ccff2bde95aa860ed9b836d6b8fcab7663d9bd8415e6f90fdb007b8f3e009000000000000002eb85073720c1df1147c9f5013c82fc98604bd70cd56609a6b73943748a90002d9cf81bcb1d262845762f6b0a284cc463b42492bab0f7b25895cc3ba8bf0b5e0fc018463d03a73fa85429725545128b0e9b550a13d0dd35092250bbce4f618cad2375a34c7f15c3096f3e9004468cf1aba4a6f22ed0eb3681c6963205eefc072ab79ad8b126500419e25a94ce13a7a96deac79c90b8df10b1e364cf97eaa49fd2294320fad0d814f230f954eec844f6b658ee04eb1c6d655a3383928d6e0307a7097b0a5fa5040958d2b7ad0eb7605a7de7ce9cf0e6b472d764976fbf7edd83dac8b9273976bfd6090de0a73cf8a9b2c23500a4054703e2df18d8498356e3c1cd6418e149f8a22e95da26221d8a69b642915471f4917571357aa9df385c0532d6e70263ec616f88dc8f93c886ede7743c53d738b9c7021f0032970eabd2808c53128b3eb600f2614256184c506454980e542ce450029aa6de147a8c81e6f701a4b9b278b08e4b02710907923f0797f96413054f2d1b5f2ba0c49567b53db5d862acf2c42faa37c4a8738f64ed7fef9ffba58a3c1ca52b55aef071e4f11334e3a70918e5b18dab84decde74d616b5b05c96378acc79375a7ebdb54b01d512de48184950f5cac97f0a6dcc6d12c48c6e3b925fee7974ca8f3009188bbecc30e1adbc290ac99555ec069636a8079f8ca80343ff84e896dda2d4148f982feff6b38699fb57aab5596479f84b59daa9a406c5119761d5aabb51c5175461f8b0aa7265c380317f08775d8a8a8bda64ada2c6b3599f548d6272937e4d89ef6ebcecf84fa856024b55dd057056bbae005f0fba858f3abdd9c115064000000000000000000070b0bb28fd1eca97a90864863235d415379d1bdb3d35015f85be2ae802455d3b079f12aa837996ca1ce7280cb394b4c13ca623c30b19887d41eab495f698284a1bc17ff100000000000000000000dac089bdf7984e3300000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x1f1, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000004400)='./file0\x00', 0x0, &(0x7f0000000200)={[{@usrquota}, {@noblock_validity}, {@bh}, {@resgid}, {@debug}, {@inlinecrypt}]}, 0x8, 0x5fc, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
inotify_add_watch(r2, &(0x7f00000004c0)='./file0\x00', 0x8c7)
write$binfmt_elf32(r3, &(0x7f0000000040)=ANY=[@ANYRES64=0x0], 0x69)
close(r3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$ITER_CREATE(0x21, &(0x7f00000002c0), 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYRESHEX, @ANYBLOB="bcb5012a8ded6fca635efe226fec2b7732f8ffb0e8bbe91139f66fe1ad4c1c5a206a218d28c8032721502dbf5f47e2f987e9ecf532584601d04d63708b368bf3b1bce4d319646da8f053872deaa32cc0e0a110aa6023a99260018fe412ccb2eb5a05602cd72f049b3f54cb35fac34f3b14f937672cedbfbe196b73036a408db1a3463525893e45b829fdd1aed12e11861a94b62129cbde25cdcef23743e5a159b4f068435c21a1d31abc576bb68a5d4a572f885a196bfe423bb66051e3e8795ad8dbaed3944e54635b94f6"], 0x48)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000500)=@security={'security\x00', 0xe, 0x4, 0x378, 0xffffffff, 0x0, 0xf8, 0x1c8, 0xffffffff, 0xffffffff, 0x2e0, 0x2e0, 0x2e0, 0xffffffff, 0x4, &(0x7f0000000080), {[{{@ip={@local, @dev={0xac, 0x14, 0x14, 0x37}, 0xff000000, 0xffffff00, 'vxcan1\x00', 'ipvlan0\x00', {}, {0xff}, 0x29, 0x2, 0x40}, 0x0, 0x98, 0xf8, 0x0, {}, [@common=@ttl={{0x28}, {0x2, 0x5}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x6, 0x0, 0x2, 0x1, 0x2, 0x4], 0x2, 0x5}, {0x1, [0x3, 0x2, 0x8, 0x2, 0x5, 0x4], 0x6, 0x6}}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, 0xff, 0xff000000, 'bond0\x00', 'ipvlan0\x00', {0xff}, {}, 0x11, 0x3, 0x88}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x1, [0x0, 0x1, 0x2, 0x4, 0x5, 0x5], 0x3, 0x2}, {0x1, [0x5, 0x3, 0x7, 0x7, 0x7, 0x6], 0x1, 0x7}}}}, {{@uncond, 0x0, 0xb8, 0x118, 0x0, {}, [@common=@inet=@socket2={{0x28}, 0x3}, @common=@socket0={{0x20}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x3, 0x1, 0x6, 0x5, 0x2], 0x5, 0x6}, {0x1, [0x4, 0x3, 0x4, 0x6, 0x2, 0x5], 0x2, 0x3}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3d8)
clock_getres(0x2, &(0x7f00000001c0))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000740)={0x0, <r7=>0x0}, &(0x7f0000000780)=0xc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$unix(r9, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000640)='1', 0x1}], 0x1, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r9, @ANYRES32=r8, @ANYRES32=r8, @ANYRES32=r9, @ANYRES16=r7, @ANYRES32=r9, @ANYRES32=r8, @ANYRES32=r9, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="00000000140000000000000deabb73596924ea00", @ANYRES32=r8, @ANYBLOB="0000000018"], 0xa0}, 0x4004881)
getpid()

1m50.762462153s ago: executing program 1 (id=2669):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000200), 0x800)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, 0x0)

1m50.701922124s ago: executing program 1 (id=2670):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x891018, 0x0) (fail_nth: 2)

1m50.529620346s ago: executing program 1 (id=2671):
r0 = fsopen(&(0x7f0000000280)='configfs\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x4, 0x7, 0x7ffc1ff3}]})
mincore(&(0x7f0000ffc000/0x3000)=nil, 0x3000, &(0x7f00000001c0)=""/152)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff4, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
pause()
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)="2e00000038000511d25a80698c63940d0124fc602f6e35400c000200001ec00037153e370a00018025581d00d1bd", 0x2e}], 0x1, 0x0, 0x0, 0x39c}, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000280)={@mcast2, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r5, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xe}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0x8, 0x1ff038c9, 0xe49, 0x10f0, 0xffffffffffffffff, 0xc, '\x00', 0x0, r1, 0x100005, 0x8, 0x0, 0x9, @void, @value, @void, @value}, 0x50)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000007, 0x31, 0xffffffffffffffff, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000000)={0xffffffffffffffff, 0x0, &(0x7f0000001f00)=""/4090, 0x4}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r8, 0x34}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
r10 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
ioctl$USBDEVFS_SUBMITURB(r10, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x7, 0x80, 0x0, 0x1, 0x101, 0x0})
ioctl$USBDEVFS_REAPURBNDELAY(r10, 0x4008550d, 0x0)
sendmsg$inet6(r5, &(0x7f0000000100)={&(0x7f00000000c0)={0xa, 0x4e26, 0x80000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0xfffffffd}, 0x1c, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000002900000043"], 0x18}, 0x4011)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)

1m50.429726098s ago: executing program 1 (id=2676):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x2a020400)
setsockopt(r0, 0x2, 0x2, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1b00004d3d00d26831c03fb377abe5110600"/29, @ANYRES32, @ANYBLOB], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f00000003c0)='syzkaller\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000680)='sched_switch\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r6)
syz_genetlink_get_family_id$ipvs(&(0x7f00000004c0), r6)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~', @ANYRESOCT=r5], 0x1c}}, 0x4000054)
sendmsg$NL80211_CMD_DISCONNECT(r4, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000380)={&(0x7f00000005c0)=ANY=[@ANYBLOB="2c00bd277678c70000", @ANYRES16=r7, @ANYBLOB="00042abd7000fedbdf2530000000060036003e000000060036000a0000000600360026000000"], 0x2c}, 0x1, 0x0, 0x0, 0x8010}, 0x4)
rename(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r3}, 0x10)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b000000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8, 0x0, 0x2}, 0x18)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x53, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))

1m50.413454908s ago: executing program 32 (id=2676):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x2a020400)
setsockopt(r0, 0x2, 0x2, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1b00004d3d00d26831c03fb377abe5110600"/29, @ANYRES32, @ANYBLOB], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f00000003c0)='syzkaller\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000680)='sched_switch\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r6)
syz_genetlink_get_family_id$ipvs(&(0x7f00000004c0), r6)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~', @ANYRESOCT=r5], 0x1c}}, 0x4000054)
sendmsg$NL80211_CMD_DISCONNECT(r4, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000380)={&(0x7f00000005c0)=ANY=[@ANYBLOB="2c00bd277678c70000", @ANYRES16=r7, @ANYBLOB="00042abd7000fedbdf2530000000060036003e000000060036000a0000000600360026000000"], 0x2c}, 0x1, 0x0, 0x0, 0x8010}, 0x4)
rename(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r3}, 0x10)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b000000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8, 0x0, 0x2}, 0x18)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x53, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))

1m21.370542166s ago: executing program 3 (id=3139):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_emit_ethernet(0xbb, &(0x7f0000000400)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaa2aaaa86dd6000000000853c003b010000000000000000000000000002fe8000000000000000000000000000aa3303000000000000070800000000000000000708"], 0x0)

1m21.353306537s ago: executing program 3 (id=3140):
signalfd(0xffffffffffffffff, &(0x7f0000000180)={[0x5]}, 0x8)

1m21.270073287s ago: executing program 3 (id=3141):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
socket$netlink(0x10, 0x3, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40))
syz_clone3(0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0x7, &(0x7f0000000080)={0x1, 0x1ff}, 0x0)
signalfd(0xffffffffffffffff, &(0x7f0000000180)={[0x5]}, 0x8)

1m21.259415208s ago: executing program 3 (id=3143):
mknod$loop(0x0, 0x6000, 0x0)
ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0xfffffdfd)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f00000001c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}}]}, &(0x7f0000000300)='GPL\x00', 0x9, 0x1, &(0x7f0000000340)=""/1, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
io_submit(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000400)='./file0\x00', 0x410c84, &(0x7f00000003c0)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4}}]}, 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x8c7)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x69)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYRES16=r0], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
close(0xffffffffffffffff)
r7 = openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$binfmt_register(r7, &(0x7f0000000000)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x6, 0x3a, 'E', 0x3a, '@{@$\x9a$^', 0x3a, './file2', 0x3a, [0x46, 0x43, 0x43]}, 0x32)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write(r6, &(0x7f0000004200)='t', 0x1)
sendfile(r6, r5, 0x0, 0x3ffff)
sendfile(r6, r5, 0x0, 0x7ffff000)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x54, r3, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @local}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
sendmsg$TIPC_NL_PUBL_GET(r0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x28, r1, 0x1, 0x70bd2b, 0x0, {0x2}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x28}}, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1m20.212773302s ago: executing program 3 (id=3159):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000007750000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10)
setreuid(0xee01, 0xee01)

1m18.789920522s ago: executing program 3 (id=3183):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_emit_ethernet(0xbb, &(0x7f0000000400)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaa2aaaa86dd6000000000853c003b010000000000000000000000000002fe8000000000000000000000000000aa3303000000000000070800000000000000000708"], 0x0)

1m18.776506373s ago: executing program 33 (id=3183):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_emit_ethernet(0xbb, &(0x7f0000000400)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaa2aaaa86dd6000000000853c003b010000000000000000000000000002fe8000000000000000000000000000aa3303000000000000070800000000000000000708"], 0x0)

1.697289036s ago: executing program 5 (id=4442):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
bpf$MAP_CREATE(0x2000000000000000, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0x12, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0}, [@map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x2}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)

1.510633829s ago: executing program 0 (id=4446):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x70, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a, @void, @value}, 0x94)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
sigaltstack(0x0, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0xe8)

1.471292869s ago: executing program 0 (id=4449):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
unshare(0x2c020400)

1.358458471s ago: executing program 0 (id=4454):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{0x1, <r1=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff, {0x9, 0x6}}, './file1\x00'})
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000400)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x3576320f, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000380)={'ip6tnl0\x00', &(0x7f0000000600)={'syztnl0\x00', <r4=>0x0, 0x29, 0x0, 0x9, 0x1, 0x9e6733036dc506d6, @private0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x40, 0x20, 0x9, 0x8}})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r7}, 0x10)
r8 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r8, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})
r9 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000700), 0xc00, 0x0)
r10 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000740)={0x0, 0x31, 0x18}, 0xc)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000780)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x5, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000008c0)=@bpf_tracing={0x1a, 0x12, &(0x7f0000000480)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x10001}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_val={0x18, 0x9, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x1}, @cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffff8}, @map_val={0x18, 0xb, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0xb}, @ldst={0x0, 0x0, 0x2, 0x5, 0x4, 0xc, 0xfffffffffffffffc}], &(0x7f00000002c0)='GPL\x00', 0x7ff, 0x9e, &(0x7f0000000540)=""/158, 0x41100, 0x4, '\x00', r4, 0x1a, 0xffffffffffffffff, 0x8, &(0x7f00000006c0)={0x7, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x16494, r0, 0x5, &(0x7f0000000800)=[r5, r9, r10, 0xffffffffffffffff, r11], &(0x7f0000000840)=[{0x2, 0x4, 0xa, 0xc}, {0x2, 0x3, 0xb, 0xb}, {0x2, 0x5, 0xb, 0x3}, {0x1, 0x1, 0x2, 0xb}, {0x3, 0x1, 0xd, 0x4}], 0x10, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r12 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r13}, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r14 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r14, 0xffffffffffffffff, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='{)}\x00')
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143441, 0x98)
mount(0x0, &(0x7f0000000300)='./file1\x00', &(0x7f00000003c0)='ramfs\x00', 0x0, 0x0)

1.269291802s ago: executing program 0 (id=4457):
unshare(0x2a060400)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000004c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ff8}]})
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x84004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
waitid(0x2, 0xffffffffffffffff, 0x0, 0x4, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x105042, 0x0)
fstatfs(r0, 0x0)
timer_gettime(0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=ANY=[@ANYBLOB="840000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00300000000000005400128009000100766c616e000000004400028006000100000000000600050081000000280003803900010006000000090000000c00010000040000000000008dff010040000000060000000600050088a8000008000a00", @ANYRES32=r3, @ANYBLOB="080005"], 0x84}, 0x1, 0xba01}, 0x0)

1.114398184s ago: executing program 6 (id=4461):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
sched_getattr(0x0, &(0x7f0000000040)={0x38}, 0x38, 0x0)

1.022883466s ago: executing program 6 (id=4462):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000400003800800014000000000080002400000fbff2b0003801400010067656e6576653000000000000000000014000100776732000000000000000000c6e49c0f5c000000180a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010067656e657665300000000000000000001400010076657468315f746f5f7465616d"], 0x110}}, 0x0)

1.022065606s ago: executing program 4 (id=4463):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)

1.010874746s ago: executing program 6 (id=4464):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r3}, 0x10)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000400)={0x14, r1, 0x209}, 0x14}}, 0x0)

991.374646ms ago: executing program 6 (id=4465):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
unshare(0x2c020400)

962.634017ms ago: executing program 6 (id=4466):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000a50000002a0000"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
pipe2(&(0x7f0000001cc0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@access_uid}]}})

955.090847ms ago: executing program 4 (id=4467):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000001400b59500000000000000000a000000", @ANYRES32=r2, @ANYBLOB="140001"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x80)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[], 0x50}}, 0x0)
sendmmsg(r1, &(0x7f0000000000), 0x4000000000001f2, 0x0) (fail_nth: 5)

803.440709ms ago: executing program 2 (id=4470):
r0 = inotify_init1(0x0)
r1 = inotify_add_watch(r0, &(0x7f0000000200)='.\x00', 0x10000a0)
r2 = dup(r0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r3, 0x6, 0x17, &(0x7f0000000040)=0x348, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYRESDEC=r0, @ANYRES16=r3, @ANYRES16=r2, @ANYRES32=r1, @ANYRES16=r0], 0x48)
r4 = syz_io_uring_setup(0x1bc7, &(0x7f0000000400)={0x0, 0x79af, 0x13381, 0x8000, 0x400251}, &(0x7f0000000340)=<r5=>0x0, &(0x7f00000001c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
io_uring_enter(r4, 0x627, 0x4c1, 0x43, 0x0, 0x0)

747.357409ms ago: executing program 5 (id=4471):
r0 = socket$inet6(0xa, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
fcntl$setlease(r0, 0x400, 0x1)

685.155321ms ago: executing program 6 (id=4472):
mknod$loop(0x0, 0x6000, 0x0)
ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0xfffffdfd)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f00000001c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}}]}, &(0x7f0000000300)='GPL\x00', 0x9, 0x1, &(0x7f0000000340)=""/1, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
io_submit(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000400)='./file0\x00', 0x410c84, &(0x7f00000003c0)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4}}]}, 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x8c7)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x69)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYRES16=r0], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
close(0xffffffffffffffff)
r7 = openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$binfmt_register(r7, &(0x7f0000000000)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x6, 0x3a, 'E', 0x3a, '@{@$\x9a$^', 0x3a, './file2', 0x3a, [0x46, 0x43, 0x43]}, 0x32)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write(r6, &(0x7f0000004200)='t', 0x1)
sendfile(r6, r5, 0x0, 0x3ffff)
sendfile(r6, r5, 0x0, 0x7ffff000)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x54, r3, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @local}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
sendmsg$TIPC_NL_PUBL_GET(r0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x28, r1, 0x1, 0x70bd2b, 0x0, {0x2}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x28}}, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

617.879281ms ago: executing program 5 (id=4473):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000080008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000400000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0x6}, {0xffffffffffffff7f, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x5, 0xb, 0x1}, @TCA_FQ_CODEL_LIMIT={0x8, 0x2, 0x2}, @TCA_FQ_CODEL_INTERVAL={0x8, 0x3, 0xf384}, @TCA_FQ_CODEL_FLOWS={0x8, 0x5, 0xffffffff}, @TCA_FQ_CODEL_FLOWS={0x8}, @TCA_FQ_CODEL_DROP_BATCH_SIZE={0x8}, @TCA_FQ_CODEL_ECN={0x8}]}}, @TCA_RATE={0x6, 0x5, {0x4}}]}, 0x78}}, 0x0)

568.647132ms ago: executing program 2 (id=4474):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x70, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a, @void, @value}, 0x94)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
creat(&(0x7f00000002c0)='./file0\x00', 0xe8)

544.156343ms ago: executing program 2 (id=4475):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000a50000002a0000"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
pipe2(&(0x7f0000001cc0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@access_uid}]}})

385.291675ms ago: executing program 4 (id=4476):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r3}, 0x10)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000400)={0x14, r1, 0x209}, 0x14}}, 0x0)

384.684505ms ago: executing program 5 (id=4477):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008000000"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), r0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000400)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="fd8d00000000000000000200000008000300", @ANYRES32=r2, @ANYBLOB="0a0009000180c2000000fdff08000b"], 0x30}}, 0x0)

352.618735ms ago: executing program 5 (id=4478):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
unshare(0x2c020400)

349.754245ms ago: executing program 4 (id=4479):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
syz_io_uring_setup(0x10d, 0x0, 0x0, 0x0)
listen(r0, 0x3)

326.505096ms ago: executing program 5 (id=4480):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = socket$inet(0xa, 0x801, 0x84)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', r2, 0x0, 0x4ab}, 0x18)
ioctl$SIOCGETVIFCNT(r0, 0x89e0, &(0x7f0000000040))
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0xfffd, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0x5885, 0x100, 0x0, 0xffeffc03}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, 0xffffffffffffffff, 0x32, &(0x7f00000000c0)=@un=@abs={0x1, 0x0, 0x4e20}})
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x4001)
io_uring_enter(r3, 0x3516, 0x483, 0x0, 0x0, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r6}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x52e, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ///+864GIw8IlpAdcIJ0Yrq6u+//pzLASAS5d6/5/vwN5nCzASCn2NQIQGGX/9/3/c6XpQyUEAAAM3HRrSgql7Ou96SgUSqWIm62fBSgmaxvVynxEPBERv50pXmvWF1pbJn2MEQAAAAAAAAAAAAAAAAAAAAAAAAAAovVU7iRSAAAAYKRFFP6U/LL9LP+5meenu78fmEj+1fpJ4ImIeOuHb3z/7nKjsbvQXP63o+WNH2TLXxzGNxgAAABAt851emv+z2FnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCoee/B2yudqY+XTw0q7l++EBGzefHHY7I1n4xiRFz/exLjJ7ZLImJsAPEP70XER/PiJ820jkLmxR/Em3BO/JjN3oW8+DcGEB+usvvN489ref2vEM+25vn9bzzif+ofVO/jXxwd/8Z69P+bfcZ46p2flXvGvxfx1Hj+8acTP+kR/7k+43/9awcHvdalP4qY63z+tI54JyMcl8qNrZ1yff/g9sbW8nplvbK9uLjw8tIrSy8tzZfXNqqV7N/cGN95+ufvn9X+67mff0mWTe/2P5+zv7zPpP+8c/fBhzuVw9Pxbz2XE/9XP85ecTp+IYvzqazcXD/XKR+2yyc989PfPHNW+1eP2198mP//W7122u1UR3m63z8dAOAC1PcPNper1cruyBaaV+mPQBoKj2DhWwPdYZqmabNP5ay6HxH97CeJAbe0kJ/PcaHnEWDYRyYAAGDQjk/6h50JAAAAAAAAAAAAAAAAAAAAXF2X8ZS17pjHj0BOBvEIbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfhvAAAA//89e9P5")
socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f00000002c0)={<r7=>0xffffffffffffffff})
vmsplice(r7, &(0x7f0000000080)=[{&(0x7f00000004c0)="7cd1f233", 0x4}], 0x1, 0x0)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000240)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r8, 0xffffffffffffffff, 0x0)
r9 = inotify_init1(0x0)
inotify_add_watch(r9, &(0x7f00000000c0)='.\x00', 0xa4000061)
r10 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$IPSET_CMD_CREATE(r10, 0x0, 0x40)
read(r9, &(0x7f0000000140)=""/68, 0x44)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x160}, 0x1, 0x0, 0x0, 0x20040880}, 0x20040000)
pause()

208.933707ms ago: executing program 2 (id=4481):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0x2c, &(0x7f00000000c0)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e24, 0x68, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xc2}]}, &(0x7f0000000180)=0x10)

159.450678ms ago: executing program 2 (id=4482):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), r0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000400)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="fd8d00000000000000000200000008000300", @ANYRES32=r2, @ANYBLOB="0a0009000180c2000000fdff08000b"], 0x30}}, 0x0)

97.997269ms ago: executing program 4 (id=4483):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r2, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456})
io_uring_enter(r2, 0x47f6, 0x0, 0x2, 0x0, 0x0)

64.912719ms ago: executing program 2 (id=4484):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r6, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000980)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r6}}, 0x24}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)

50.08742ms ago: executing program 0 (id=4485):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
unshare(0x24040000)
unshare(0x2c020400)

5.78769ms ago: executing program 4 (id=4486):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x70, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a, @void, @value}, 0x94)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[], 0x15)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX])
creat(&(0x7f00000002c0)='./file0\x00', 0xe8)

0s ago: executing program 0 (id=4487):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xf, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000980)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)

kernel console output (not intermixed with test programs):

c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.332306][T15256] RSP: 002b:00007f95d2fd7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  220.332397][T15256] RAX: ffffffffffffffda RBX: 00007f95d4b95fa0 RCX: 00007f95d496e969
[  220.332409][T15256] RDX: 0000000000000000 RSI: 0000000000c00000 RDI: 0000200000000000
[  220.332420][T15256] RBP: 00007f95d2fd7090 R08: 0000000000000000 R09: 0000000000000002
[  220.332431][T15256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.332446][T15256] R13: 0000000000000000 R14: 00007f95d4b95fa0 R15: 00007fff7df9cf98
[  220.332466][T15256]  </TASK>
[  220.546778][T15258] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15258 comm=syz.4.3981
[  220.576253][T15260] FAULT_INJECTION: forcing a failure.
[  220.576253][T15260] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  220.589333][T15260] CPU: 0 UID: 0 PID: 15260 Comm: syz.4.3982 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  220.589366][T15260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  220.589450][T15260] Call Trace:
[  220.589457][T15260]  <TASK>
[  220.589466][T15260]  __dump_stack+0x1d/0x30
[  220.589486][T15260]  dump_stack_lvl+0xe8/0x140
[  220.589527][T15260]  dump_stack+0x15/0x1b
[  220.589612][T15260]  should_fail_ex+0x265/0x280
[  220.589647][T15260]  should_fail+0xb/0x20
[  220.589680][T15260]  should_fail_usercopy+0x1a/0x20
[  220.589705][T15260]  strncpy_from_user+0x25/0x230
[  220.589768][T15260]  ? kmem_cache_alloc_noprof+0x186/0x310
[  220.589793][T15260]  ? getname_flags+0x80/0x3b0
[  220.589857][T15260]  getname_flags+0xae/0x3b0
[  220.589917][T15260]  user_path_at+0x28/0x130
[  220.589937][T15260]  __se_sys_inotify_add_watch+0x102/0x7a0
[  220.589970][T15260]  __x64_sys_inotify_add_watch+0x43/0x50
[  220.590057][T15260]  x64_sys_call+0x29a4/0x2fb0
[  220.590081][T15260]  do_syscall_64+0xd0/0x1a0
[  220.590104][T15260]  ? clear_bhb_loop+0x40/0x90
[  220.590131][T15260]  ? clear_bhb_loop+0x40/0x90
[  220.590158][T15260]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.590183][T15260] RIP: 0033:0x7fe463a6e969
[  220.590197][T15260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.590218][T15260] RSP: 002b:00007fe4620d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fe
[  220.590242][T15260] RAX: ffffffffffffffda RBX: 00007fe463c95fa0 RCX: 00007fe463a6e969
[  220.590307][T15260] RDX: 00000000000008c7 RSI: 0000200000000240 RDI: 0000000000000003
[  220.590319][T15260] RBP: 00007fe4620d7090 R08: 0000000000000000 R09: 0000000000000000
[  220.590331][T15260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.590346][T15260] R13: 0000000000000000 R14: 00007fe463c95fa0 R15: 00007ffc61711aa8
[  220.590368][T15260]  </TASK>
[  220.590413][   T29] kauditd_printk_skb: 740 callbacks suppressed
[  220.590424][   T29] audit: type=1326 audit(1747158918.794:6835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15259 comm="syz.4.3982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe463a6e969 code=0x7ffc0000
[  220.812574][   T29] audit: type=1326 audit(1747158918.794:6836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15259 comm="syz.4.3982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe463a6e969 code=0x7ffc0000
[  220.836079][   T29] audit: type=1326 audit(1747158918.794:6837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15259 comm="syz.4.3982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7fe463a6e969 code=0x7ffc0000
[  220.859613][   T29] audit: type=1326 audit(1747158918.794:6838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15259 comm="syz.4.3982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe463a6e969 code=0x7ffc0000
[  220.883114][   T29] audit: type=1326 audit(1747158918.794:6839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15259 comm="syz.4.3982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe463a6d2d0 code=0x7ffc0000
[  220.906730][   T29] audit: type=1326 audit(1747158918.794:6840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15259 comm="syz.4.3982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe463a6d41f code=0x7ffc0000
[  220.930193][   T29] audit: type=1326 audit(1747158918.794:6841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15259 comm="syz.4.3982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7fe463a6e969 code=0x7ffc0000
[  220.953803][   T29] audit: type=1326 audit(1747158918.834:6842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15259 comm="syz.4.3982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fe463a6d37c code=0x7ffc0000
[  220.977137][   T29] audit: type=1326 audit(1747158918.834:6843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15259 comm="syz.4.3982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe463a6d41f code=0x7ffc0000
[  221.000572][   T29] audit: type=1326 audit(1747158918.834:6844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15259 comm="syz.4.3982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fe463a6d5ca code=0x7ffc0000
[  221.227801][T15282] __nla_validate_parse: 8 callbacks suppressed
[  221.227877][T15282] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3991'.
[  221.264120][T15284] netlink: 76 bytes leftover after parsing attributes in process `syz.5.3993'.
[  221.279987][T15286] FAULT_INJECTION: forcing a failure.
[  221.279987][T15286] name failslab, interval 1, probability 0, space 0, times 0
[  221.292824][T15286] CPU: 1 UID: 0 PID: 15286 Comm: syz.6.3992 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  221.292913][T15286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  221.292928][T15286] Call Trace:
[  221.292934][T15286]  <TASK>
[  221.292942][T15286]  __dump_stack+0x1d/0x30
[  221.292965][T15286]  dump_stack_lvl+0xe8/0x140
[  221.292987][T15286]  dump_stack+0x15/0x1b
[  221.293028][T15286]  should_fail_ex+0x265/0x280
[  221.293065][T15286]  should_failslab+0x8c/0xb0
[  221.293135][T15286]  kmem_cache_alloc_noprof+0x50/0x310
[  221.293207][T15286]  ? audit_log_start+0x365/0x6c0
[  221.293321][T15286]  audit_log_start+0x365/0x6c0
[  221.293358][T15286]  audit_seccomp+0x48/0x100
[  221.293387][T15286]  ? __seccomp_filter+0x68c/0x10d0
[  221.293472][T15286]  __seccomp_filter+0x69d/0x10d0
[  221.293498][T15286]  ? vfs_write+0x75e/0x8d0
[  221.293527][T15286]  ? __rcu_read_unlock+0x4f/0x70
[  221.293564][T15286]  ? __fget_files+0x184/0x1c0
[  221.293625][T15286]  __secure_computing+0x82/0x150
[  221.293649][T15286]  syscall_trace_enter+0xcf/0x1e0
[  221.293676][T15286]  do_syscall_64+0xaa/0x1a0
[  221.293727][T15286]  ? clear_bhb_loop+0x40/0x90
[  221.293752][T15286]  ? clear_bhb_loop+0x40/0x90
[  221.293782][T15286]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.293807][T15286] RIP: 0033:0x7f040befe969
[  221.293824][T15286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.293883][T15286] RSP: 002b:00007f040a567038 EFLAGS: 00000246 ORIG_RAX: 00000000000001cb
[  221.293968][T15286] RAX: ffffffffffffffda RBX: 00007f040c125fa0 RCX: 00007f040befe969
[  221.293983][T15286] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  221.293996][T15286] RBP: 00007f040a567090 R08: 0000000000000000 R09: 0000000000000000
[  221.294010][T15286] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  221.294023][T15286] R13: 0000000000000000 R14: 00007f040c125fa0 R15: 00007ffda40fe2e8
[  221.294049][T15286]  </TASK>
[  221.590454][T15303] FAULT_INJECTION: forcing a failure.
[  221.590454][T15303] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  221.590494][T15294] loop5: detected capacity change from 0 to 2048
[  221.603658][T15303] CPU: 1 UID: 0 PID: 15303 Comm: syz.6.4000 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  221.603693][T15303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  221.603709][T15303] Call Trace:
[  221.603716][T15303]  <TASK>
[  221.603725][T15303]  __dump_stack+0x1d/0x30
[  221.603754][T15303]  dump_stack_lvl+0xe8/0x140
[  221.603850][T15303]  dump_stack+0x15/0x1b
[  221.603916][T15303]  should_fail_ex+0x265/0x280
[  221.604031][T15303]  should_fail+0xb/0x20
[  221.604063][T15303]  should_fail_usercopy+0x1a/0x20
[  221.604087][T15303]  _copy_from_user+0x1c/0xb0
[  221.604129][T15303]  ___sys_sendmsg+0xc1/0x1d0
[  221.604177][T15303]  __x64_sys_sendmsg+0xd4/0x160
[  221.604211][T15303]  x64_sys_call+0x2999/0x2fb0
[  221.604238][T15303]  do_syscall_64+0xd0/0x1a0
[  221.604284][T15303]  ? clear_bhb_loop+0x40/0x90
[  221.604313][T15303]  ? clear_bhb_loop+0x40/0x90
[  221.604379][T15303]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.604406][T15303] RIP: 0033:0x7f040befe969
[  221.604470][T15303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.604493][T15303] RSP: 002b:00007f040a567038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  221.604527][T15303] RAX: ffffffffffffffda RBX: 00007f040c125fa0 RCX: 00007f040befe969
[  221.604544][T15303] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  221.604559][T15303] RBP: 00007f040a567090 R08: 0000000000000000 R09: 0000000000000000
[  221.604585][T15303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.604618][T15303] R13: 0000000000000000 R14: 00007f040c125fa0 R15: 00007ffda40fe2e8
[  221.604644][T15303]  </TASK>
[  221.637917][T15305] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4001'.
[  221.803879][T15310] vhci_hcd: invalid port number 12
[  221.809081][T15310] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[  221.838023][T15294] tipc: Cannot configure node identity twice
[  221.869478][T15294] EXT4-fs error (device loop5): ext4_find_extent:938: inode #2: comm syz.5.3997: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  221.898396][T15294] EXT4-fs (loop5): Remounting filesystem read-only
[  221.972882][T15322] sd 0:0:1:0: device reset
[  222.035556][T15329] loop0: detected capacity change from 0 to 1024
[  222.046561][T15329] EXT4-fs: Ignoring removed bh option
[  222.052291][T15329] EXT4-fs: inline encryption not supported
[  222.058397][T15329] EXT4-fs: Ignoring removed i_version option
[  222.073361][T15333] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15333 comm=syz.6.4011
[  222.103077][T15329] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  222.158312][T15329] EXT4-fs error (device loop0): ext4_map_blocks:709: inode #3: block 1: comm syz.0.4005: lblock 1 mapped to illegal pblock 1 (length 1)
[  222.209523][T15335] loop6: detected capacity change from 0 to 2048
[  222.216938][T15329] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.4005: Failed to acquire dquot type 0
[  222.218536][T15342] vhci_hcd: invalid port number 12
[  222.233440][T15342] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[  222.257140][T15335]  loop6: p1 < > p4 < >
[  222.262594][T15325] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4008'.
[  222.280110][T15329] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.4005: Freeing blocks not in datazone - block = 0, count = 4096
[  222.296190][T15335] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4012'.
[  222.334316][T15329] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.4005: Invalid inode bitmap blk 0 in block_group 0
[  222.362958][T15329] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  222.373002][   T57] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1)
[  222.399165][T15352] 9pnet_fd: Insufficient options for proto=fd
[  222.414668][T15329] EXT4-fs (loop0): 1 orphan inode deleted
[  222.433242][   T57] EXT4-fs error (device loop0): ext4_release_dquot:6971: comm kworker/u8:4: Failed to release dquot type 0
[  222.517221][T15364] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15364 comm=syz.4.4023
[  222.574833][T15368] netlink: 'syz.0.4025': attribute type 21 has an invalid length.
[  222.590228][T15366] loop6: detected capacity change from 0 to 2048
[  222.601831][T15368] loop0: detected capacity change from 0 to 512
[  222.627651][T15368] ext4 filesystem being mounted at /263/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  222.653180][T15374] loop4: detected capacity change from 0 to 512
[  222.697133][T15368] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4025'.
[  222.706281][T15368] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4025'.
[  222.715267][T15368] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4025'.
[  222.745271][T15366] EXT4-fs mount: 39 callbacks suppressed
[  222.745287][T15366] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.768755][T15374] EXT4-fs (loop4): too many log groups per flexible block group
[  222.776566][T15374] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  222.797918][T15374] EXT4-fs (loop4): mount failed
[  222.801787][T15380] vhci_hcd: invalid port number 12
[  222.808088][T15380] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[  222.906047][T15385] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15385 comm=syz.5.4030
[  222.922837][T10761] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.973151][T15389] netlink: 76 bytes leftover after parsing attributes in process `syz.0.4032'.
[  222.982730][T15387] loop4: detected capacity change from 0 to 2048
[  223.065701][T15387]  loop4: p1 < > p4 < >
[  223.074329][T15396] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4033'.
[  223.090292][T15401] loop5: detected capacity change from 0 to 1024
[  223.122501][T15401] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  223.133560][T15401] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  223.168417][T15401] JBD2: no valid journal superblock found
[  223.174201][T15401] EXT4-fs (loop5): Could not load journal inode
[  223.195249][T14250] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.264335][T15411] sd 0:0:1:0: device reset
[  223.355341][T15420] loop2: detected capacity change from 0 to 2048
[  223.418916][T15426] 9pnet_fd: Insufficient options for proto=fd
[  223.457318][T15420] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.488769][T15432] loop4: detected capacity change from 0 to 2048
[  223.497671][T15428] loop6: detected capacity change from 0 to 512
[  223.531921][T15432] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.547482][T15428] EXT4-fs (loop6): too many log groups per flexible block group
[  223.555283][T15428] EXT4-fs (loop6): failed to initialize mballoc (-12)
[  223.562545][T15428] EXT4-fs (loop6): mount failed
[  223.600467][T15440] loop7: detected capacity change from 0 to 7
[  223.635654][T15442] sd 0:0:1:0: device reset
[  223.672666][T15443] tipc: Enabled bearer <udp:syz2>, priority 10
[  223.679158][T15445] tipc: Disabling bearer <udp:syz2>
[  223.691781][T15448] tipc: Enabled bearer <udp:syz2>, priority 10
[  223.698292][T15448] tipc: Disabling bearer <udp:syz2>
[  224.339025][T13820] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.413022][T14273] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.422553][T15464] syzkaller0: entered allmulticast mode
[  224.499367][T15472] loop5: detected capacity change from 0 to 512
[  224.510588][T15474] FAULT_INJECTION: forcing a failure.
[  224.510588][T15474] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  224.523824][T15474] CPU: 1 UID: 0 PID: 15474 Comm: syz.4.4062 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  224.523933][T15474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  224.523949][T15474] Call Trace:
[  224.523956][T15474]  <TASK>
[  224.523966][T15474]  __dump_stack+0x1d/0x30
[  224.524021][T15474]  dump_stack_lvl+0xe8/0x140
[  224.524039][T15474]  dump_stack+0x15/0x1b
[  224.524054][T15474]  should_fail_ex+0x265/0x280
[  224.524122][T15474]  should_fail+0xb/0x20
[  224.524215][T15474]  should_fail_usercopy+0x1a/0x20
[  224.524245][T15474]  _copy_from_user+0x1c/0xb0
[  224.524273][T15474]  ___sys_sendmsg+0xc1/0x1d0
[  224.524381][T15474]  __x64_sys_sendmsg+0xd4/0x160
[  224.524417][T15474]  x64_sys_call+0x2999/0x2fb0
[  224.524438][T15474]  do_syscall_64+0xd0/0x1a0
[  224.524508][T15474]  ? clear_bhb_loop+0x40/0x90
[  224.524564][T15474]  ? clear_bhb_loop+0x40/0x90
[  224.524588][T15474]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.524664][T15474] RIP: 0033:0x7fe463a6e969
[  224.524679][T15474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.524696][T15474] RSP: 002b:00007fe4620d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  224.524713][T15474] RAX: ffffffffffffffda RBX: 00007fe463c95fa0 RCX: 00007fe463a6e969
[  224.524725][T15474] RDX: 0000000020000084 RSI: 00002000000004c0 RDI: 0000000000000006
[  224.524737][T15474] RBP: 00007fe4620d7090 R08: 0000000000000000 R09: 0000000000000000
[  224.524811][T15474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.524822][T15474] R13: 0000000000000000 R14: 00007fe463c95fa0 R15: 00007ffc61711aa8
[  224.524845][T15474]  </TASK>
[  224.715486][T15472] EXT4-fs (loop5): too many log groups per flexible block group
[  224.723188][T15472] EXT4-fs (loop5): failed to initialize mballoc (-12)
[  224.743943][T15472] EXT4-fs (loop5): mount failed
[  224.821543][T15479] loop4: detected capacity change from 0 to 4096
[  224.833324][T15479] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.894930][T15497] Invalid ELF header magic: != ELF
[  224.947386][T15503] loop0: detected capacity change from 0 to 1024
[  224.954119][T15503] EXT4-fs: Ignoring removed bh option
[  224.959686][T15503] EXT4-fs: inline encryption not supported
[  224.976717][T15506] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15506 comm=syz.6.4072
[  224.978666][T15503] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  225.020910][T15503] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000]
[  225.046632][T15503] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 2: comm syz.0.4073: lblock 2 mapped to illegal pblock 2 (length 1)
[  225.060984][T15503] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 48: comm syz.0.4073: lblock 0 mapped to illegal pblock 48 (length 1)
[  225.079805][T15503] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.4073: Failed to acquire dquot type 0
[  225.091381][T15503] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  225.102690][T15503] EXT4-fs error (device loop0): ext4_evict_inode:259: inode #11: comm syz.0.4073: mark_inode_dirty error
[  225.114325][T15503] EXT4-fs warning (device loop0): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[  225.128027][T15503] EXT4-fs (loop0): 1 orphan inode deleted
[  225.134271][T15503] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.141856][T12202] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:8: lblock 1 mapped to illegal pblock 1 (length 1)
[  225.161209][T12202] EXT4-fs error (device loop0): ext4_release_dquot:6971: comm kworker/u8:8: Failed to release dquot type 0
[  225.176226][T15503] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.177334][T13820] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.198595][T15503] EXT4-fs error (device loop0): __ext4_get_inode_loc:4450: comm syz.0.4073: Invalid inode table block 1 in block_group 0
[  225.231732][T15503] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  225.253581][T15503] EXT4-fs error (device loop0): ext4_quota_off:7219: inode #3: comm syz.0.4073: mark_inode_dirty error
[  225.304291][T15524] loop5: detected capacity change from 0 to 2048
[  225.342210][T15503] FAULT_INJECTION: forcing a failure.
[  225.342210][T15503] name failslab, interval 1, probability 0, space 0, times 0
[  225.354922][T15503] CPU: 0 UID: 0 PID: 15503 Comm: syz.0.4073 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  225.354982][T15503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  225.354998][T15503] Call Trace:
[  225.355006][T15503]  <TASK>
[  225.355063][T15503]  __dump_stack+0x1d/0x30
[  225.355088][T15503]  dump_stack_lvl+0xe8/0x140
[  225.355112][T15503]  dump_stack+0x15/0x1b
[  225.355133][T15503]  should_fail_ex+0x265/0x280
[  225.355173][T15503]  ? alloc_bprm+0x62/0x660
[  225.355231][T15503]  should_failslab+0x8c/0xb0
[  225.355333][T15503]  __kmalloc_cache_noprof+0x4c/0x320
[  225.355362][T15503]  alloc_bprm+0x62/0x660
[  225.355448][T15503]  do_execveat_common+0x12e/0x750
[  225.355576][T15503]  __x64_sys_execve+0x5c/0x70
[  225.355710][T15503]  x64_sys_call+0x13ab/0x2fb0
[  225.355729][T15503]  do_syscall_64+0xd0/0x1a0
[  225.355754][T15503]  ? clear_bhb_loop+0x40/0x90
[  225.355780][T15503]  ? clear_bhb_loop+0x40/0x90
[  225.355805][T15503]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.355901][T15503] RIP: 0033:0x7f95d496e969
[  225.355919][T15503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  225.355965][T15503] RSP: 002b:00007f95d2fd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  225.355987][T15503] RAX: ffffffffffffffda RBX: 00007f95d4b95fa0 RCX: 00007f95d496e969
[  225.356002][T15503] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180
[  225.356018][T15503] RBP: 00007f95d2fd7090 R08: 0000000000000000 R09: 0000000000000000
[  225.356052][T15503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  225.356067][T15503] R13: 0000000000000000 R14: 00007f95d4b95fa0 R15: 00007fff7df9cf98
[  225.356090][T15503]  </TASK>
[  225.546687][T15526] loop4: detected capacity change from 0 to 2048
[  225.576967][T15526] EXT4-fs error (device loop4): ext4_ext_check_inode:524: inode #2: comm syz.4.4080: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  225.619881][T15526] EXT4-fs (loop4): get root inode failed
[  225.625669][T15526] EXT4-fs (loop4): mount failed
[  225.632844][   T29] kauditd_printk_skb: 543 callbacks suppressed
[  225.632845][T15524]  loop5: p1 < > p4 < >
[  225.632857][   T29] audit: type=1326 audit(1747158923.504:7380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15521 comm="syz.5.4079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c5bbe969 code=0x7ffc0000
[  225.632890][   T29] audit: type=1326 audit(1747158923.504:7381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15521 comm="syz.5.4079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c5bbe969 code=0x7ffc0000
[  225.632915][   T29] audit: type=1326 audit(1747158923.504:7382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15521 comm="syz.5.4079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00c5bbe969 code=0x7ffc0000
[  225.714674][   T29] audit: type=1326 audit(1747158923.504:7383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15521 comm="syz.5.4079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c5bbe969 code=0x7ffc0000
[  225.738355][   T29] audit: type=1326 audit(1747158923.504:7384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15521 comm="syz.5.4079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00c5bbe969 code=0x7ffc0000
[  225.762090][   T29] audit: type=1326 audit(1747158923.504:7385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15521 comm="syz.5.4079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c5bbe969 code=0x7ffc0000
[  225.769804][T15536] netlink: 'syz.0.4083': attribute type 1 has an invalid length.
[  225.785667][   T29] audit: type=1326 audit(1747158923.504:7386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15521 comm="syz.5.4079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00c5bbe969 code=0x7ffc0000
[  225.803774][T15526] loop4: detected capacity change from 0 to 1024
[  225.816931][   T29] audit: type=1326 audit(1747158923.504:7387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15521 comm="syz.5.4079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c5bbe969 code=0x7ffc0000
[  225.846777][   T29] audit: type=1326 audit(1747158923.514:7388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15521 comm="syz.5.4079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00c5bbe969 code=0x7ffc0000
[  225.870303][   T29] audit: type=1326 audit(1747158923.514:7389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15521 comm="syz.5.4079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c5bbe969 code=0x7ffc0000
[  225.886583][T15526] EXT4-fs: Ignoring removed bh option
[  225.899416][T15526] EXT4-fs: inline encryption not supported
[  225.909091][T15536] bond1: entered promiscuous mode
[  225.914246][T15536] 8021q: adding VLAN 0 to HW filter on device bond1
[  225.928141][T15526] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  225.945481][T15526] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  225.974322][T15538] bond1: (slave veth3): making interface the new active one
[  225.981758][T15538] veth3: entered promiscuous mode
[  225.994558][T15526] EXT4-fs error (device loop4): ext4_map_blocks:709: inode #3: block 1: comm syz.4.4080: lblock 1 mapped to illegal pblock 1 (length 1)
[  226.041106][T15526] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.4080: Failed to acquire dquot type 0
[  226.056605][T15538] bond1: (slave veth3): Enslaving as an active interface with an up link
[  226.073118][T15526] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.4080: Freeing blocks not in datazone - block = 0, count = 4096
[  226.121989][T15526] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.4080: Invalid inode bitmap blk 0 in block_group 0
[  226.136770][T12202] EXT4-fs error (device loop4): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:8: lblock 1 mapped to illegal pblock 1 (length 1)
[  226.138071][T15534] bridge0: port 3(vlan2) entered blocking state
[  226.152450][T12202] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:8: Failed to release dquot type 0
[  226.159067][T15534] bridge0: port 3(vlan2) entered disabled state
[  226.173302][T15526] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[  226.185206][T15534] vlan2: entered allmulticast mode
[  226.186720][T15526] EXT4-fs (loop4): 1 orphan inode deleted
[  226.190566][T15534] dummy0: entered allmulticast mode
[  226.196955][T15526] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  226.219565][T15534] vlan2: entered promiscuous mode
[  226.225452][T15534] dummy0: entered promiscuous mode
[  226.284412][T15526] ext4: Unknown parameter 'ÿÿÿÿ00000000000000000000ñŽ?ƒÂ-§±á'
[  226.287857][T15556] loop5: detected capacity change from 0 to 256
[  226.309272][T15556] msdos: Unknown parameter ''
[  226.410654][T13820] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.469652][T15574] loop6: detected capacity change from 0 to 512
[  226.518933][T15580] loop4: detected capacity change from 0 to 256
[  226.526000][T15580] msdos: Unknown parameter ''
[  226.560680][T15574] EXT4-fs (loop6): too many log groups per flexible block group
[  226.568641][T15574] EXT4-fs (loop6): failed to initialize mballoc (-12)
[  226.575873][T15574] EXT4-fs (loop6): mount failed
[  226.628911][T15591] loop0: detected capacity change from 0 to 2048
[  226.631994][T15593] loop4: detected capacity change from 0 to 2048
[  226.663495][T15598] sd 0:0:1:0: device reset
[  226.668320][T15591] EXT4-fs error (device loop0): ext4_ext_check_inode:524: inode #2: comm syz.0.4103: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  226.688210][T15591] EXT4-fs (loop0): get root inode failed
[  226.688891][T15593] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  226.693922][T15591] EXT4-fs (loop0): mount failed
[  226.729752][T15602] __nla_validate_parse: 10 callbacks suppressed
[  226.729770][T15602] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4106'.
[  226.766641][T15591] loop0: detected capacity change from 0 to 1024
[  226.773843][T13820] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.783293][T15591] EXT4-fs: Ignoring removed bh option
[  226.788897][T15591] EXT4-fs: inline encryption not supported
[  226.806550][T15591] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  226.837936][T15591] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  226.917920][T15591] EXT4-fs error (device loop0): ext4_map_blocks:709: inode #3: block 1: comm syz.0.4103: lblock 1 mapped to illegal pblock 1 (length 1)
[  226.947080][T15606] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4107'.
[  226.993932][T15606] bridge0: port 3(vlan2) entered blocking state
[  227.001813][T15606] bridge0: port 3(vlan2) entered disabled state
[  227.010895][T15606] vlan2: entered allmulticast mode
[  227.016866][T15606] dummy0: entered allmulticast mode
[  227.031277][T15606] vlan2: entered promiscuous mode
[  227.037268][T15606] dummy0: entered promiscuous mode
[  227.054896][T15591] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.4103: Failed to acquire dquot type 0
[  227.068299][T15591] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.4103: Freeing blocks not in datazone - block = 0, count = 4096
[  227.081895][T15591] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.4103: Invalid inode bitmap blk 0 in block_group 0
[  227.107148][   T51] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  227.126521][T15591] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  227.136494][   T51] EXT4-fs error (device loop0): ext4_release_dquot:6971: comm kworker/u8:3: Failed to release dquot type 0
[  227.136717][T15591] EXT4-fs (loop0): 1 orphan inode deleted
[  227.161507][T15591] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  227.188472][T15591] ext4: Unknown parameter 'ÿÿÿÿ00000000000000000000ñŽ?ƒÂ-§±á'
[  227.269124][T10761] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.364397][T15623] loop2: detected capacity change from 0 to 128
[  227.371073][T15623] vfat: Unknown parameter 'ext4_fc_replay_scan'
[  227.458535][T15634] loop2: detected capacity change from 0 to 2048
[  227.495365][T15634]  loop2: p1 < > p4 < >
[  227.505819][T15634] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4120'.
[  227.611152][T15642] loop2: detected capacity change from 0 to 2048
[  227.636209][T15642] EXT4-fs error (device loop2): ext4_ext_check_inode:524: inode #2: comm syz.2.4123: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  227.655487][T15642] EXT4-fs (loop2): get root inode failed
[  227.661135][T15642] EXT4-fs (loop2): mount failed
[  227.702588][T15648] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4125'.
[  227.782527][T15652] loop2: detected capacity change from 0 to 128
[  227.789207][T15652] vfat: Unknown parameter 'ext4_fc_replay_scan'
[  227.811384][T15650] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4126'.
[  227.847474][T15657] loop6: detected capacity change from 0 to 1024
[  227.855437][T15657] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  227.866606][T15657] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  227.874608][T15657] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c854e01c, mo2=0100]
[  227.883319][T15657] EXT4-fs (loop6): orphan cleanup on readonly fs
[  227.890345][T15657] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  227.900093][T15657] EXT4-fs error (device loop6): ext4_dirty_inode:6103: inode #3: comm syz.6.4129: mark_inode_dirty error
[  227.913043][T15657] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.4129: Invalid block bitmap block 3 in block_group 0
[  227.930305][T15657] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.4129: Invalid block bitmap block 3 in block_group 0
[  227.947109][T15657] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.4129: Invalid block bitmap block 3 in block_group 0
[  227.960836][T15657] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  227.972699][T15657] EXT4-fs error (device loop6): ext4_dirty_inode:6103: inode #3: comm syz.6.4129: mark_inode_dirty error
[  227.984164][T15657] EXT4-fs error (device loop6): ext4_map_blocks:675: inode #3: block 1: comm syz.6.4129: lblock 6 mapped to illegal pblock 1 (length 1)
[  228.000694][T15657] EXT4-fs error (device loop6): ext4_map_blocks:675: inode #3: block 48: comm syz.6.4129: lblock 0 mapped to illegal pblock 48 (length 1)
[  228.015250][T15657] EXT4-fs error (device loop6): ext4_acquire_dquot:6935: comm syz.6.4129: Failed to acquire dquot type 0
[  228.027028][T15657] EXT4-fs error (device loop6): ext4_map_blocks:675: inode #3: block 49: comm syz.6.4129: lblock 1 mapped to illegal pblock 49 (length 1)
[  228.041898][T15657] EXT4-fs error (device loop6): ext4_acquire_dquot:6935: comm syz.6.4129: Failed to acquire dquot type 0
[  228.053733][T15657] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  228.063641][T15657] EXT4-fs error (device loop6): ext4_evict_inode:259: inode #15: comm syz.6.4129: mark_inode_dirty error
[  228.075522][T15657] EXT4-fs warning (device loop6): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[  228.086032][T15657] EXT4-fs (loop6): 1 orphan inode deleted
[  228.092140][T15657] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  228.119359][T14250] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.322700][T15675] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4136'.
[  228.854665][T15677] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4137'.
[  228.870904][T15677] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4137'.
[  228.892603][T15679] vhci_hcd: invalid port number 12
[  228.897786][T15679] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[  228.922145][T15681] loop2: detected capacity change from 0 to 128
[  228.928780][T15681] vfat: Unknown parameter 'ext4_fc_replay_scan'
[  229.072007][T15701] loop6: detected capacity change from 0 to 512
[  229.087937][T15701] EXT4-fs (loop6): too many log groups per flexible block group
[  229.095727][T15701] EXT4-fs (loop6): failed to initialize mballoc (-12)
[  229.104079][T15701] EXT4-fs (loop6): mount failed
[  229.148907][T15711] loop4: detected capacity change from 0 to 1024
[  229.156973][T15711] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  229.170413][T15711] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  229.173450][T15699] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4147'.
[  229.178415][T15711] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c854e01c, mo2=0100]
[  229.178586][T15711] EXT4-fs (loop4): orphan cleanup on readonly fs
[  229.179164][T15711] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  229.179244][T15711] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #3: comm syz.4.4152: mark_inode_dirty error
[  229.179463][T15711] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.4152: Invalid block bitmap block 3 in block_group 0
[  229.244373][T15711] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.4152: Invalid block bitmap block 3 in block_group 0
[  229.271801][T15711] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.4152: Invalid block bitmap block 3 in block_group 0
[  229.302277][T15711] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  229.323316][T15719] loop6: detected capacity change from 0 to 256
[  229.331531][T15711] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #3: comm syz.4.4152: mark_inode_dirty error
[  229.343587][T15719] msdos: Unknown parameter ''
[  229.351522][T15711] EXT4-fs error (device loop4): ext4_map_blocks:675: inode #3: block 1: comm syz.4.4152: lblock 6 mapped to illegal pblock 1 (length 1)
[  229.377100][T15711] EXT4-fs error (device loop4): ext4_map_blocks:675: inode #3: block 48: comm syz.4.4152: lblock 0 mapped to illegal pblock 48 (length 1)
[  229.403859][T15711] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.4152: Failed to acquire dquot type 0
[  229.430227][T15711] EXT4-fs error (device loop4): ext4_map_blocks:675: inode #3: block 49: comm syz.4.4152: lblock 1 mapped to illegal pblock 49 (length 1)
[  229.451671][T15711] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.4152: Failed to acquire dquot type 0
[  229.467065][T15711] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  229.477577][T15711] EXT4-fs error (device loop4): ext4_evict_inode:259: inode #15: comm syz.4.4152: mark_inode_dirty error
[  229.492692][T15711] EXT4-fs warning (device loop4): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[  229.508380][T15726] loop5: detected capacity change from 0 to 1024
[  229.509251][T15711] EXT4-fs (loop4): 1 orphan inode deleted
[  229.521051][T15726] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  229.521886][T15711] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  229.546339][T15726] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  229.554269][T15726] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c854e01c, mo2=0100]
[  229.565277][T15726] EXT4-fs (loop5): orphan cleanup on readonly fs
[  229.574535][T15726] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  229.598264][T15726] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #3: comm syz.5.4157: mark_inode_dirty error
[  229.609997][T13820] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.622071][T15726] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.4157: Invalid block bitmap block 3 in block_group 0
[  229.636160][T15726] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.4157: Invalid block bitmap block 3 in block_group 0
[  229.651187][T15726] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.4157: Invalid block bitmap block 3 in block_group 0
[  229.680181][T15726] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  229.713700][T15726] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #3: comm syz.5.4157: mark_inode_dirty error
[  229.732912][T15726] EXT4-fs error (device loop5): ext4_map_blocks:675: inode #3: block 1: comm syz.5.4157: lblock 6 mapped to illegal pblock 1 (length 1)
[  229.767435][T15740] FAULT_INJECTION: forcing a failure.
[  229.767435][T15740] name failslab, interval 1, probability 0, space 0, times 0
[  229.769649][T15726] EXT4-fs error (device loop5): ext4_map_blocks:675: inode #3: block 48: comm syz.5.4157: lblock 0 mapped to illegal pblock 48 (length 1)
[  229.780103][T15740] CPU: 1 UID: 0 PID: 15740 Comm: syz.2.4163 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  229.780137][T15740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  229.780152][T15740] Call Trace:
[  229.780160][T15740]  <TASK>
[  229.780243][T15740]  __dump_stack+0x1d/0x30
[  229.780278][T15740]  dump_stack_lvl+0xe8/0x140
[  229.780296][T15740]  dump_stack+0x15/0x1b
[  229.780334][T15740]  should_fail_ex+0x265/0x280
[  229.780387][T15740]  should_failslab+0x8c/0xb0
[  229.780480][T15740]  __kmalloc_cache_node_noprof+0x54/0x320
[  229.780508][T15740]  ? __get_vm_area_node+0x106/0x1d0
[  229.780568][T15740]  __get_vm_area_node+0x106/0x1d0
[  229.780599][T15740]  __vmalloc_node_range_noprof+0x26a/0xdf0
[  229.780631][T15740]  ? kernel_read_file+0x2c3/0x500
[  229.780727][T15740]  ? selinux_kernel_load_from_file+0x221/0x260
[  229.780783][T15740]  ? kernel_read_file+0x2c3/0x500
[  229.780843][T15740]  vmalloc_noprof+0x5e/0x70
[  229.780872][T15740]  ? kernel_read_file+0x2c3/0x500
[  229.780908][T15740]  kernel_read_file+0x2c3/0x500
[  229.780993][T15740]  __se_sys_finit_module+0x2d3/0x460
[  229.781048][T15740]  __x64_sys_finit_module+0x3e/0x50
[  229.781089][T15740]  x64_sys_call+0x2029/0x2fb0
[  229.781134][T15740]  do_syscall_64+0xd0/0x1a0
[  229.781164][T15740]  ? clear_bhb_loop+0x40/0x90
[  229.781192][T15740]  ? clear_bhb_loop+0x40/0x90
[  229.781219][T15740]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.781245][T15740] RIP: 0033:0x7fe87f23e969
[  229.781274][T15740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  229.781296][T15740] RSP: 002b:00007fe87d8a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[  229.781319][T15740] RAX: ffffffffffffffda RBX: 00007fe87f465fa0 RCX: 00007fe87f23e969
[  229.781335][T15740] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000005
[  229.781351][T15740] RBP: 00007fe87d8a7090 R08: 0000000000000000 R09: 0000000000000000
[  229.781430][T15740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  229.781450][T15740] R13: 0000000000000000 R14: 00007fe87f465fa0 R15: 00007ffd0d6fc168
[  229.781550][T15740]  </TASK>
[  229.781560][T15740] syz.2.4163: vmalloc error: size 136, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null)
[  229.821994][T15737] loop4: detected capacity change from 0 to 2048
[  229.823651][T15740] ,cpuset=/,mems_allowed=0
[  230.031207][T15740] CPU: 1 UID: 0 PID: 15740 Comm: syz.2.4163 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  230.031242][T15740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  230.031258][T15740] Call Trace:
[  230.031354][T15740]  <TASK>
[  230.031364][T15740]  __dump_stack+0x1d/0x30
[  230.031390][T15740]  dump_stack_lvl+0xe8/0x140
[  230.031415][T15740]  dump_stack+0x15/0x1b
[  230.031430][T15740]  warn_alloc+0x12b/0x1a0
[  230.031458][T15740]  __vmalloc_node_range_noprof+0x28e/0xdf0
[  230.031502][T15740]  ? selinux_kernel_load_from_file+0x221/0x260
[  230.031547][T15740]  ? kernel_read_file+0x2c3/0x500
[  230.031583][T15740]  vmalloc_noprof+0x5e/0x70
[  230.031650][T15740]  ? kernel_read_file+0x2c3/0x500
[  230.031683][T15740]  kernel_read_file+0x2c3/0x500
[  230.031724][T15740]  __se_sys_finit_module+0x2d3/0x460
[  230.031780][T15740]  __x64_sys_finit_module+0x3e/0x50
[  230.031812][T15740]  x64_sys_call+0x2029/0x2fb0
[  230.031840][T15740]  do_syscall_64+0xd0/0x1a0
[  230.031891][T15740]  ? clear_bhb_loop+0x40/0x90
[  230.031992][T15740]  ? clear_bhb_loop+0x40/0x90
[  230.032014][T15740]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.032040][T15740] RIP: 0033:0x7fe87f23e969
[  230.032059][T15740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.032082][T15740] RSP: 002b:00007fe87d8a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[  230.032105][T15740] RAX: ffffffffffffffda RBX: 00007fe87f465fa0 RCX: 00007fe87f23e969
[  230.032117][T15740] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000005
[  230.032128][T15740] RBP: 00007fe87d8a7090 R08: 0000000000000000 R09: 0000000000000000
[  230.032215][T15740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  230.032231][T15740] R13: 0000000000000000 R14: 00007fe87f465fa0 R15: 00007ffd0d6fc168
[  230.032268][T15740]  </TASK>
[  230.032286][T15740] Mem-Info:
[  230.035392][T15726] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.4157: Failed to acquire dquot type 0
[  230.045265][T15740] active_anon:3846 inactive_anon:24 isolated_anon:0
[  230.045265][T15740]  active_file:26435 inactive_file:2318 isolated_file:0
[  230.045265][T15740]  unevictable:0 dirty:556 writeback:0
[  230.045265][T15740]  slab_reclaimable:3368 slab_unreclaimable:33245
[  230.045265][T15740]  mapped:29484 shmem:797 pagetables:773
[  230.045265][T15740]  sec_pagetables:0 bounce:0
[  230.045265][T15740]  kernel_misc_reclaimable:0
[  230.045265][T15740]  free:1853547 free_pcp:7699 free_cma:0
[  230.058330][T15740] Node 0 active_anon:15384kB inactive_anon:96kB active_file:105740kB inactive_file:9272kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:117936kB dirty:2224kB writeback:0kB shmem:3188kB writeback_tmp:0kB kernel_stack:2928kB pagetables:3092kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  230.061299][T15726] EXT4-fs error (device loop5): ext4_map_blocks:675: inode #3: block 49: comm syz.5.4157: lblock 1 mapped to illegal pblock 49 (length 1)
[  230.065620][T15740] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  230.070480][T15726] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.4157: Failed to acquire dquot type 0
[  230.074361][T15740] lowmem_reserve[]: 0
[  230.080663][T15726] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  230.084512][T15740]  2884 7863 7863
[  230.093477][T15726] EXT4-fs error (device loop5): ext4_evict_inode:259: inode #15: comm syz.5.4157: mark_inode_dirty error
[  230.096312][T15740] 
[  230.102311][T15726] EXT4-fs warning (device loop5): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[  230.105612][T15740] Node 0 DMA32 free:2949932kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953564kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:3532kB free_cma:0kB
[  230.111319][T15726] EXT4-fs (loop5): 1 orphan inode deleted
[  230.115757][T15740] lowmem_reserve[]: 0 0 4978 4978
[  230.115801][T15740] Node 0 Normal free:4448896kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:15384kB inactive_anon:96kB active_file:105740kB inactive_file:9272kB unevictable:0kB writepending:2224kB present:5242880kB managed:5098244kB mlocked:0kB bounce:0kB free_pcp:27136kB local_pcp:25668kB free_cma:0kB
[  230.123234][T15726] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  230.125667][T15740] lowmem_reserve[]: 0 0 0 0
[  230.143585][T15742] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4162'.
[  230.145448][T15740] 
[  230.145455][T15740] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  230.512854][T15740] Node 0 DMA32: 3*4kB (M) 2*8kB (M) 1*16kB (M) 4*32kB (M) 2*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949932kB
[  230.529240][T15740] Node 0 Normal: 1160*4kB (UME) 778*8kB (UME) 879*16kB (UME) 499*32kB (UME) 307*64kB (M) 98*128kB (UME) 17*256kB (UME) 104*512kB (UME) 155*1024kB (UME) 97*2048kB (UME) 967*4096kB (UM) = 4448896kB
[  230.548736][T15740] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  230.558034][T15740] 29569 total pagecache pages
[  230.562764][T15740] 25 pages in swap cache
[  230.567024][T15740] Free swap  = 124896kB
[  230.571168][T15740] Total swap = 124996kB
[  230.575330][T15740] 2097051 pages RAM
[  230.579186][T15740] 0 pages HighMem/MovableOnly
[  230.583863][T15740] 80259 pages reserved
[  230.610899][T15748] vhci_hcd: invalid port number 12
[  230.616097][T15748] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[  230.623507][T13706] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.624059][T15747] loop2: detected capacity change from 0 to 256
[  230.639423][T15747] msdos: Unknown parameter ''
[  230.641266][T15737]  loop4: p1 < > p4 < >
[  230.687038][   T29] kauditd_printk_skb: 559 callbacks suppressed
[  230.687053][   T29] audit: type=1326 audit(1747158928.903:7923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15757 comm="syz.6.4171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f040befe969 code=0x7ffc0000
[  230.716898][   T29] audit: type=1326 audit(1747158928.903:7924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15757 comm="syz.6.4171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f040befe969 code=0x7ffc0000
[  230.717042][T15754] loop2: detected capacity change from 0 to 1024
[  230.740617][   T29] audit: type=1326 audit(1747158928.903:7925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15757 comm="syz.6.4171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f040befe969 code=0x7ffc0000
[  230.740716][   T29] audit: type=1326 audit(1747158928.903:7926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15757 comm="syz.6.4171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f040befe969 code=0x7ffc0000
[  230.750990][T15754] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  230.770764][   T29] audit: type=1326 audit(1747158928.903:7927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15757 comm="syz.6.4171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f040befe969 code=0x7ffc0000
[  230.770798][   T29] audit: type=1326 audit(1747158928.903:7928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15757 comm="syz.6.4171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f040befe969 code=0x7ffc0000
[  230.770861][   T29] audit: type=1326 audit(1747158928.903:7929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15757 comm="syz.6.4171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f040befe969 code=0x7ffc0000
[  230.875313][   T29] audit: type=1326 audit(1747158928.903:7930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15757 comm="syz.6.4171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f040befe969 code=0x7ffc0000
[  230.899209][   T29] audit: type=1326 audit(1747158928.903:7931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15757 comm="syz.6.4171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f040befe969 code=0x7ffc0000
[  230.923139][   T29] audit: type=1326 audit(1747158928.903:7932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15757 comm="syz.6.4171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f040befe969 code=0x7ffc0000
[  230.934503][T15754] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  230.954644][T15754] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c854e01c, mo2=0100]
[  230.963598][T15754] EXT4-fs (loop2): orphan cleanup on readonly fs
[  230.989131][T15771] netlink: '+}[@': attribute type 3 has an invalid length.
[  231.051596][T15754] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  231.096600][T15775] loop6: detected capacity change from 0 to 2048
[  231.100592][T15754] EXT4-fs error (device loop2): ext4_dirty_inode:6103: inode #3: comm syz.2.4170: mark_inode_dirty error
[  231.145578][T15754] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.4170: Invalid block bitmap block 3 in block_group 0
[  231.160549][T15775] EXT4-fs error (device loop6): ext4_ext_check_inode:524: inode #2: comm syz.6.4176: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  231.181385][T15754] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.4170: Invalid block bitmap block 3 in block_group 0
[  231.188646][T15786] loop0: detected capacity change from 0 to 128
[  231.201224][T15775] EXT4-fs (loop6): get root inode failed
[  231.201346][T15754] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.4170: Invalid block bitmap block 3 in block_group 0
[  231.206980][T15775] EXT4-fs (loop6): mount failed
[  231.229721][T15754] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  231.249967][T15786] vfat: Unknown parameter 'ext4_fc_replay_scan'
[  231.257074][T15754] EXT4-fs error (device loop2): ext4_dirty_inode:6103: inode #3: comm syz.2.4170: mark_inode_dirty error
[  231.304580][T15775] loop6: detected capacity change from 0 to 1024
[  231.311337][T15788] vhci_hcd: invalid port number 12
[  231.313156][T15754] EXT4-fs error (device loop2): ext4_map_blocks:675: inode #3: block 1: comm syz.2.4170: lblock 6 mapped to illegal pblock 1 (length 1)
[  231.316555][T15788] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[  231.338370][T15775] EXT4-fs: Ignoring removed bh option
[  231.343798][T15775] EXT4-fs: inline encryption not supported
[  231.351516][T15754] EXT4-fs error (device loop2): ext4_map_blocks:675: inode #3: block 48: comm syz.2.4170: lblock 0 mapped to illegal pblock 48 (length 1)
[  231.371667][T15775] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  231.392436][T15775] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  231.402982][T15754] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.4170: Failed to acquire dquot type 0
[  231.425986][T15754] EXT4-fs error (device loop2): ext4_map_blocks:675: inode #3: block 49: comm syz.2.4170: lblock 1 mapped to illegal pblock 49 (length 1)
[  231.427047][T15775] EXT4-fs error (device loop6): ext4_map_blocks:709: inode #3: block 1: comm syz.6.4176: lblock 1 mapped to illegal pblock 1 (length 1)
[  231.466267][T15775] EXT4-fs error (device loop6): ext4_acquire_dquot:6935: comm syz.6.4176: Failed to acquire dquot type 0
[  231.486879][T15754] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.4170: Failed to acquire dquot type 0
[  231.490255][T15795] FAULT_INJECTION: forcing a failure.
[  231.490255][T15795] name failslab, interval 1, probability 0, space 0, times 0
[  231.510755][T15795] CPU: 0 UID: 0 PID: 15795 Comm: syz.0.4182 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  231.510826][T15795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  231.510842][T15795] Call Trace:
[  231.510850][T15795]  <TASK>
[  231.510860][T15795]  __dump_stack+0x1d/0x30
[  231.510886][T15795]  dump_stack_lvl+0xe8/0x140
[  231.510912][T15795]  dump_stack+0x15/0x1b
[  231.510968][T15795]  should_fail_ex+0x265/0x280
[  231.511111][T15795]  should_failslab+0x8c/0xb0
[  231.511223][T15795]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  231.511249][T15795]  ? __d_alloc+0x3d/0x350
[  231.511274][T15795]  __d_alloc+0x3d/0x350
[  231.511295][T15795]  ? mpol_shared_policy_init+0xbd/0x4c0
[  231.511385][T15795]  d_alloc_pseudo+0x1e/0x80
[  231.511409][T15795]  alloc_file_pseudo+0x71/0x160
[  231.511431][T15795]  ? __se_sys_memfd_create+0x1cc/0x590
[  231.511489][T15795]  __shmem_file_setup+0x1b9/0x1f0
[  231.511525][T15795]  shmem_file_setup+0x3b/0x50
[  231.511570][T15795]  __se_sys_memfd_create+0x2c3/0x590
[  231.511663][T15795]  __x64_sys_memfd_create+0x31/0x40
[  231.511695][T15795]  x64_sys_call+0x122f/0x2fb0
[  231.511723][T15795]  do_syscall_64+0xd0/0x1a0
[  231.511751][T15795]  ? clear_bhb_loop+0x40/0x90
[  231.511775][T15795]  ? clear_bhb_loop+0x40/0x90
[  231.511820][T15795]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.511848][T15795] RIP: 0033:0x7f95d496e969
[  231.511867][T15795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.511890][T15795] RSP: 002b:00007f95d2fd6d68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  231.511964][T15795] RAX: ffffffffffffffda RBX: 00000000000005d4 RCX: 00007f95d496e969
[  231.511980][T15795] RDX: 00007f95d2fd6dec RSI: 0000000000000000 RDI: 00007f95d49f1444
[  231.511995][T15795] RBP: 0000200000000000 R08: 00007f95d2fd6b07 R09: 0000000000000000
[  231.512071][T15795] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001
[  231.512086][T15795] R13: 00007f95d2fd6dec R14: 00007f95d2fd6df0 R15: 00007fff7df9cf98
[  231.512112][T15795]  </TASK>
[  231.515885][T15754] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  231.549458][T15775] EXT4-fs error (device loop6): ext4_free_blocks:6587: comm syz.6.4176: Freeing blocks not in datazone - block = 0, count = 4096
[  231.574572][T15797] FAULT_INJECTION: forcing a failure.
[  231.574572][T15797] name failslab, interval 1, probability 0, space 0, times 0
[  231.578306][T15754] EXT4-fs error (device loop2): ext4_evict_inode:259: inode #15: comm syz.2.4170: mark_inode_dirty error
[  231.580969][T15797] CPU: 1 UID: 0 PID: 15797 Comm: syz.4.4183 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  231.581006][T15797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  231.581057][T15797] Call Trace:
[  231.581065][T15797]  <TASK>
[  231.581076][T15797]  __dump_stack+0x1d/0x30
[  231.581104][T15797]  dump_stack_lvl+0xe8/0x140
[  231.581131][T15797]  dump_stack+0x15/0x1b
[  231.581153][T15797]  should_fail_ex+0x265/0x280
[  231.581243][T15797]  should_failslab+0x8c/0xb0
[  231.581284][T15797]  kmem_cache_alloc_noprof+0x50/0x310
[  231.581369][T15797]  ? security_file_alloc+0x32/0x100
[  231.581432][T15797]  security_file_alloc+0x32/0x100
[  231.581467][T15797]  init_file+0x5c/0x1d0
[  231.581515][T15797]  alloc_empty_file+0x8b/0x200
[  231.581540][T15797]  alloc_file_pseudo+0xc6/0x160
[  231.581570][T15797]  __shmem_file_setup+0x1b9/0x1f0
[  231.581608][T15797]  shmem_file_setup+0x3b/0x50
[  231.581640][T15797]  __se_sys_memfd_create+0x2c3/0x590
[  231.581681][T15797]  __x64_sys_memfd_create+0x31/0x40
[  231.581714][T15797]  x64_sys_call+0x122f/0x2fb0
[  231.581742][T15797]  do_syscall_64+0xd0/0x1a0
[  231.581773][T15797]  ? clear_bhb_loop+0x40/0x90
[  231.581871][T15797]  ? clear_bhb_loop+0x40/0x90
[  231.581900][T15797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.581928][T15797] RIP: 0033:0x7fe463a6e969
[  231.581975][T15797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.581998][T15797] RSP: 002b:00007fe4620d6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  231.582022][T15797] RAX: ffffffffffffffda RBX: 0000000000000534 RCX: 00007fe463a6e969
[  231.582070][T15797] RDX: 00007fe4620d6ef0 RSI: 0000000000000000 RDI: 00007fe463af1444
[  231.582166][T15797] RBP: 0000200000000400 R08: 00007fe4620d6bb7 R09: 00007fe4620d6e40
[  231.582181][T15797] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[  231.582197][T15797] R13: 00007fe4620d6ef0 R14: 00007fe4620d6eb0 R15: 00002000000003c0
[  231.582222][T15797]  </TASK>
[  231.611508][T15799] loop4: detected capacity change from 0 to 2048
[  231.642802][T15754] EXT4-fs warning (device loop2): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[  231.671714][T15775] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.4176: Invalid inode bitmap blk 0 in block_group 0
[  231.687217][   T57] EXT4-fs error (device loop6): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1)
[  231.687370][   T57] EXT4-fs error (device loop6): ext4_release_dquot:6971: comm kworker/u8:4: Failed to release dquot type 0
[  231.703535][T15775] EXT4-fs error (device loop6) in ext4_free_inode:361: Corrupt filesystem
[  231.769467][T15754] EXT4-fs (loop2): 1 orphan inode deleted
[  231.788514][T15775] EXT4-fs (loop6): 1 orphan inode deleted
[  231.816461][T15804] __nla_validate_parse: 1 callbacks suppressed
[  231.816478][T15804] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4186'.
[  231.822994][T15775] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.826388][T15754] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  231.848396][T15775] ext4: Unknown parameter 'ÿÿÿÿ00000000000000000000ñŽ?ƒÂ-§±á'
[  231.861015][T15799] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.870845][T15803] C: renamed from team_slave_0
[  232.111074][T13820] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.112303][T15803] netlink: 'syz.0.4185': attribute type 3 has an invalid length.
[  232.127993][T15803] netlink: 152 bytes leftover after parsing attributes in process `syz.0.4185'.
[  232.137120][T15803] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  232.153018][T14273] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.191308][T15812] loop2: detected capacity change from 0 to 256
[  232.211280][T14250] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.220947][T15812] msdos: Unknown parameter ''
[  232.304705][T15828] loop0: detected capacity change from 0 to 2048
[  232.361596][T15828] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  232.605114][T15874] loop2: detected capacity change from 0 to 128
[  232.611941][T15874] vfat: Unknown parameter 'ext4_fc_replay_scan'
[  232.641018][T15877] tipc: Enabled bearer <udp:syz2>, priority 10
[  232.677047][T15877] tipc: Disabling bearer <udp:syz2>
[  232.723899][T15887] loop5: detected capacity change from 0 to 1024
[  232.754365][T15887] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  232.777777][T15887] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  232.785775][T15887] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c854e01c, mo2=0100]
[  232.794371][T15887] EXT4-fs (loop5): orphan cleanup on readonly fs
[  232.805884][T15887] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  232.829926][T15887] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #3: comm syz.5.4219: mark_inode_dirty error
[  232.848139][T15899] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4223'.
[  232.861526][T15887] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.4219: Invalid block bitmap block 3 in block_group 0
[  232.885962][T15887] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.4219: Invalid block bitmap block 3 in block_group 0
[  232.901667][T15887] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.4219: Invalid block bitmap block 3 in block_group 0
[  232.930355][T15887] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  232.944520][T15906] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4227'.
[  232.953559][T15906] netlink: 'syz.4.4227': attribute type 5 has an invalid length.
[  232.961316][T15906] netlink: 48 bytes leftover after parsing attributes in process `syz.4.4227'.
[  232.974044][T15887] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #3: comm syz.5.4219: mark_inode_dirty error
[  232.975834][T15906] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 35350 - 0
[  232.988420][T15887] EXT4-fs error (device loop5): ext4_map_blocks:675: inode #3: block 1: comm syz.5.4219: lblock 6 mapped to illegal pblock 1 (length 1)
[  232.994184][T15906] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 35350 - 0
[  233.010946][T15887] EXT4-fs error (device loop5): ext4_map_blocks:675: inode #3: block 48: comm syz.5.4219: lblock 0 mapped to illegal pblock 48 (length 1)
[  233.018076][T15906] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 35350 - 0
[  233.034162][T15887] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.4219: Failed to acquire dquot type 0
[  233.040834][T15906] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 35350 - 0
[  233.091115][T15902] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4225'.
[  233.108927][T15887] EXT4-fs error (device loop5): ext4_map_blocks:675: inode #3: block 49: comm syz.5.4219: lblock 1 mapped to illegal pblock 49 (length 1)
[  233.167430][T15906] geneve2: entered promiscuous mode
[  233.172721][T15906] geneve2: entered allmulticast mode
[  233.179625][T15887] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.4219: Failed to acquire dquot type 0
[  233.217921][T15887] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  233.235734][T15887] EXT4-fs error (device loop5): ext4_evict_inode:259: inode #15: comm syz.5.4219: mark_inode_dirty error
[  233.262179][T15915] loop6: detected capacity change from 0 to 2048
[  233.265672][T15887] EXT4-fs warning (device loop5): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[  233.283167][T10761] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.297009][T15887] EXT4-fs (loop5): 1 orphan inode deleted
[  233.313376][T15887] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  233.341134][T15917] loop0: detected capacity change from 0 to 2048
[  233.349535][T15915] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  233.386878][T13706] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.413527][T15917] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  233.432619][T15923] sd 0:0:1:0: device reset
[  233.506877][T15935] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  233.522835][T15935] tipc: Disabling bearer <udp:syz2>
[  233.559008][T15939] tipc: Enabled bearer <udp:syz2>, priority 10
[  233.565762][T15939] tipc: Disabling bearer <udp:syz2>
[  233.575114][T15941] loop5: detected capacity change from 0 to 256
[  233.592879][T15941] msdos: Unknown parameter ''
[  233.599426][T15938] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.680661][T15938] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.765203][T15938] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.821983][T15938] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.022124][T15938] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  234.068466][T15938] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  234.093625][T15938] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  234.108101][T14250] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.109449][T15938] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  234.166061][T15949] loop6: detected capacity change from 0 to 2048
[  234.187856][T15949] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.311252][T15956] loop2: detected capacity change from 0 to 1024
[  234.318262][T15957] tipc: Enabled bearer <udp:syz2>, priority 10
[  234.324986][T15956] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  234.337291][T10761] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.337592][T15957] tipc: Disabling bearer <udp:syz2>
[  234.362572][T15956] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  234.370655][T15956] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c854e01c, mo2=0100]
[  234.386700][T15956] EXT4-fs (loop2): orphan cleanup on readonly fs
[  234.394809][T15956] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  234.408034][T15956] EXT4-fs error (device loop2): ext4_dirty_inode:6103: inode #3: comm syz.2.4243: mark_inode_dirty error
[  234.419922][T15956] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.4243: Invalid block bitmap block 3 in block_group 0
[  234.435458][T15956] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.4243: Invalid block bitmap block 3 in block_group 0
[  234.450149][T15956] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.4243: Invalid block bitmap block 3 in block_group 0
[  234.452304][T15962] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4245'.
[  234.482691][T15956] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  234.492536][T15956] EXT4-fs error (device loop2): ext4_dirty_inode:6103: inode #3: comm syz.2.4243: mark_inode_dirty error
[  234.505530][T15956] EXT4-fs error (device loop2): ext4_map_blocks:675: inode #3: block 1: comm syz.2.4243: lblock 6 mapped to illegal pblock 1 (length 1)
[  234.520773][T15956] EXT4-fs error (device loop2): ext4_map_blocks:675: inode #3: block 48: comm syz.2.4243: lblock 0 mapped to illegal pblock 48 (length 1)
[  234.595906][T15956] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.4243: Failed to acquire dquot type 0
[  234.610710][T15956] EXT4-fs error (device loop2): ext4_map_blocks:675: inode #3: block 49: comm syz.2.4243: lblock 1 mapped to illegal pblock 49 (length 1)
[  234.696644][T15956] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.4243: Failed to acquire dquot type 0
[  234.709516][T15956] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  234.728431][T15973] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4250'.
[  234.738121][T15973] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4250'.
[  234.742688][T15968] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4248'.
[  234.767894][T15956] EXT4-fs error (device loop2): ext4_evict_inode:259: inode #15: comm syz.2.4243: mark_inode_dirty error
[  234.786799][T15956] EXT4-fs warning (device loop2): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[  234.810095][T15956] EXT4-fs (loop2): 1 orphan inode deleted
[  234.823495][T15956] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  234.858030][T14273] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.157540][T14250] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.224531][T15992] vhci_hcd: invalid port number 12
[  235.229860][T15992] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[  235.288756][T16001] loop6: detected capacity change from 0 to 1024
[  235.296369][T16001] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  235.308689][T16001] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  235.316752][T16001] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c854e01c, mo2=0100]
[  235.325663][T16001] EXT4-fs (loop6): orphan cleanup on readonly fs
[  235.328740][T16004] sd 0:0:1:0: device reset
[  235.335466][T16001] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  235.343321][T16006] loop0: detected capacity change from 0 to 128
[  235.346234][T16001] EXT4-fs error (device loop6): ext4_dirty_inode:6103: inode #3: comm syz.6.4263: mark_inode_dirty error
[  235.363632][T16001] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.4263: Invalid block bitmap block 3 in block_group 0
[  235.377348][T16001] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.4263: Invalid block bitmap block 3 in block_group 0
[  235.390973][T16001] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.4263: Invalid block bitmap block 3 in block_group 0
[  235.408067][T16001] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  235.420511][T16001] EXT4-fs error (device loop6): ext4_dirty_inode:6103: inode #3: comm syz.6.4263: mark_inode_dirty error
[  235.432318][ T9318] usb usb8-port1: attempt power cycle
[  235.434474][T16010] loop5: detected capacity change from 0 to 128
[  235.441751][T16001] EXT4-fs error (device loop6): ext4_map_blocks:675: inode #3: block 1: comm syz.6.4263: lblock 6 mapped to illegal pblock 1 (length 1)
[  235.444476][T16010] vfat: Unknown parameter 'ext4_fc_replay_scan'
[  235.461915][T16001] EXT4-fs error (device loop6): ext4_map_blocks:675: inode #3: block 48: comm syz.6.4263: lblock 0 mapped to illegal pblock 48 (length 1)
[  235.480593][T16001] EXT4-fs error (device loop6): ext4_acquire_dquot:6935: comm syz.6.4263: Failed to acquire dquot type 0
[  235.493502][T16001] EXT4-fs error (device loop6): ext4_map_blocks:675: inode #3: block 49: comm syz.6.4263: lblock 1 mapped to illegal pblock 49 (length 1)
[  235.508725][T16001] EXT4-fs error (device loop6): ext4_acquire_dquot:6935: comm syz.6.4263: Failed to acquire dquot type 0
[  235.520325][T16001] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  235.529910][T16001] EXT4-fs error (device loop6): ext4_evict_inode:259: inode #15: comm syz.6.4263: mark_inode_dirty error
[  235.548511][T16001] EXT4-fs warning (device loop6): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[  235.559492][T16001] EXT4-fs (loop6): 1 orphan inode deleted
[  235.576266][T16001] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  235.583772][T16020] netlink: 'syz.5.4273': attribute type 1 has an invalid length.
[  235.602672][T16020] bond1: entered promiscuous mode
[  235.608280][T16020] 8021q: adding VLAN 0 to HW filter on device bond1
[  235.635879][T14250] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.641410][T16020] bond1: (slave veth9): making interface the new active one
[  235.654697][T16020] veth9: entered promiscuous mode
[  235.672097][T16020] bond1: (slave veth9): Enslaving as an active interface with an up link
[  235.727412][T16035] loop5: detected capacity change from 0 to 128
[  235.734028][T16035] vfat: Unknown parameter 'ext4_fc_replay_scan'
[  235.829995][   T29] kauditd_printk_skb: 460 callbacks suppressed
[  235.830013][   T29] audit: type=1326 audit(1747158934.043:8366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16045 comm="syz.5.4283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c5bbe969 code=0x7ffc0000
[  235.866433][   T29] audit: type=1326 audit(1747158934.043:8367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16045 comm="syz.5.4283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c5bbe969 code=0x7ffc0000
[  235.890060][   T29] audit: type=1326 audit(1747158934.073:8368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16045 comm="syz.5.4283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00c5bbe969 code=0x7ffc0000
[  235.913755][   T29] audit: type=1326 audit(1747158934.073:8369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16045 comm="syz.5.4283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c5bbe969 code=0x7ffc0000
[  235.937321][   T29] audit: type=1326 audit(1747158934.073:8370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16045 comm="syz.5.4283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c5bbe969 code=0x7ffc0000
[  235.961041][   T29] audit: type=1326 audit(1747158934.073:8371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16045 comm="syz.5.4283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00c5bbe969 code=0x7ffc0000
[  235.984665][   T29] audit: type=1326 audit(1747158934.073:8372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16045 comm="syz.5.4283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c5bbe969 code=0x7ffc0000
[  236.008555][   T29] audit: type=1326 audit(1747158934.073:8373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16045 comm="syz.5.4283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c5bbe969 code=0x7ffc0000
[  236.032123][   T29] audit: type=1326 audit(1747158934.073:8374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16045 comm="syz.5.4283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00c5bbe969 code=0x7ffc0000
[  236.056006][   T29] audit: type=1326 audit(1747158934.073:8375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16045 comm="syz.5.4283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c5bbe969 code=0x7ffc0000
[  236.107672][T16055] netlink: 'syz.5.4286': attribute type 1 has an invalid length.
[  236.171296][T16066] vhci_hcd: invalid port number 12
[  236.176486][T16066] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[  236.217338][T16068] loop2: detected capacity change from 0 to 2048
[  236.244570][T16074] loop6: detected capacity change from 0 to 2048
[  236.252400][T16068]  loop2: p1 < > p4 < >
[  236.266908][T16074] EXT4-fs error (device loop6): ext4_ext_check_inode:524: inode #2: comm syz.6.4296: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  236.286111][T16074] EXT4-fs (loop6): get root inode failed
[  236.291768][T16074] EXT4-fs (loop6): mount failed
[  236.334438][T16074] loop6: detected capacity change from 0 to 1024
[  236.346534][T16074] EXT4-fs: Ignoring removed bh option
[  236.351992][T16074] EXT4-fs: inline encryption not supported
[  236.360118][T16074] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  236.377407][T16074] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  236.408278][T16074] EXT4-fs error (device loop6): ext4_map_blocks:709: inode #3: block 1: comm syz.6.4296: lblock 1 mapped to illegal pblock 1 (length 1)
[  236.422414][T16074] EXT4-fs error (device loop6): ext4_acquire_dquot:6935: comm syz.6.4296: Failed to acquire dquot type 0
[  236.435513][T16074] EXT4-fs error (device loop6): ext4_free_blocks:6587: comm syz.6.4296: Freeing blocks not in datazone - block = 0, count = 4096
[  236.449176][T16092] loop5: detected capacity change from 0 to 512
[  236.450961][T16074] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.4296: Invalid inode bitmap blk 0 in block_group 0
[  236.455743][T16092] EXT4-fs: Ignoring removed i_version option
[  236.470537][   T51] EXT4-fs error (device loop6): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  236.489303][T16074] EXT4-fs error (device loop6) in ext4_free_inode:361: Corrupt filesystem
[  236.496742][   T51] EXT4-fs error (device loop6): ext4_release_dquot:6971: comm kworker/u8:3: Failed to release dquot type 0
[  236.509855][T16074] EXT4-fs (loop6): 1 orphan inode deleted
[  236.511156][T16092] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  236.527214][T16074] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.537970][T16092] EXT4-fs (loop5): 1 truncate cleaned up
[  236.546446][T16092] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.602383][T13706] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.611314][T16074] ext4: Unknown parameter 'ÿÿÿÿ00000000000000000000ñŽ?ƒÂ-§±á'
[  236.634590][T16101] vhci_hcd: invalid port number 12
[  236.639841][T16101] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[  236.639959][T16099] loop2: detected capacity change from 0 to 2048
[  236.692647][T16107] loop0: detected capacity change from 0 to 512
[  236.700552][T16107] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  236.710629][T16099]  loop2: p1 < > p4 < >
[  236.710972][T16107] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.4307: invalid indirect mapped block 2683928664 (level 1)
[  236.731764][T16107] EXT4-fs (loop0): Remounting filesystem read-only
[  236.732214][T14250] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.751190][T16107] EXT4-fs (loop0): 1 truncate cleaned up
[  236.757682][T16107] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.800038][T16112] sd 0:0:1:0: device reset
[  236.884126][T16122] loop6: detected capacity change from 0 to 1024
[  236.891377][T16122] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  236.897961][T16124] __nla_validate_parse: 8 callbacks suppressed
[  236.897978][T16124] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4314'.
[  236.934341][T16122] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  236.942328][T16122] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c854e01c, mo2=0100]
[  236.952595][T16122] EXT4-fs (loop6): orphan cleanup on readonly fs
[  236.983905][T10761] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.002236][T16122] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  237.035404][T16122] EXT4-fs error (device loop6): ext4_dirty_inode:6103: inode #3: comm syz.6.4313: mark_inode_dirty error
[  237.075877][T16122] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.4313: Invalid block bitmap block 3 in block_group 0
[  237.090548][T16139] sd 0:0:1:0: device reset
[  237.096811][T16138] sd 0:0:1:0: device reset
[  237.102647][T16122] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.4313: Invalid block bitmap block 3 in block_group 0
[  237.120670][T16139] xt_CT: You must specify a L4 protocol and not use inversions on it
[  237.128882][T16122] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.4313: Invalid block bitmap block 3 in block_group 0
[  237.129307][T16122] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  237.156949][T16122] EXT4-fs error (device loop6): ext4_dirty_inode:6103: inode #3: comm syz.6.4313: mark_inode_dirty error
[  237.171503][T16145] sd 0:0:1:0: device reset
[  237.176486][T16122] EXT4-fs error (device loop6): ext4_map_blocks:675: inode #3: block 1: comm syz.6.4313: lblock 6 mapped to illegal pblock 1 (length 1)
[  237.202152][T16122] EXT4-fs error (device loop6): ext4_map_blocks:675: inode #3: block 48: comm syz.6.4313: lblock 0 mapped to illegal pblock 48 (length 1)
[  237.217169][T16122] EXT4-fs error (device loop6): ext4_acquire_dquot:6935: comm syz.6.4313: Failed to acquire dquot type 0
[  237.230429][T16122] EXT4-fs error (device loop6): ext4_map_blocks:675: inode #3: block 49: comm syz.6.4313: lblock 1 mapped to illegal pblock 49 (length 1)
[  237.249516][T16147] loop5: detected capacity change from 0 to 2048
[  237.257553][T16122] EXT4-fs error (device loop6): ext4_acquire_dquot:6935: comm syz.6.4313: Failed to acquire dquot type 0
[  237.269538][T16122] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  237.276424][ T9318] usb usb8-port1: unable to enumerate USB device
[  237.285828][T16122] EXT4-fs error (device loop6): ext4_evict_inode:259: inode #15: comm syz.6.4313: mark_inode_dirty error
[  237.297566][T16122] EXT4-fs warning (device loop6): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[  237.297826][T16147] EXT4-fs error (device loop5): ext4_ext_check_inode:524: inode #2: comm syz.5.4323: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  237.343664][T16122] EXT4-fs (loop6): 1 orphan inode deleted
[  237.352306][T16157] FAULT_INJECTION: forcing a failure.
[  237.352306][T16157] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  237.356536][T16122] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  237.365459][T16157] CPU: 0 UID: 0 PID: 16157 Comm: syz.0.4326 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  237.365500][T16157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  237.365518][T16157] Call Trace:
[  237.365527][T16157]  <TASK>
[  237.365537][T16157]  __dump_stack+0x1d/0x30
[  237.365564][T16157]  dump_stack_lvl+0xe8/0x140
[  237.365589][T16157]  dump_stack+0x15/0x1b
[  237.365643][T16157]  should_fail_ex+0x265/0x280
[  237.365701][T16157]  should_fail+0xb/0x20
[  237.365739][T16157]  should_fail_usercopy+0x1a/0x20
[  237.365765][T16157]  _copy_from_iter+0xcf/0xdd0
[  237.365792][T16157]  ? __build_skb_around+0x1a0/0x200
[  237.365892][T16157]  ? __alloc_skb+0x223/0x320
[  237.366003][T16157]  netlink_sendmsg+0x471/0x6b0
[  237.366033][T16157]  ? __pfx_netlink_sendmsg+0x10/0x10
[  237.366059][T16157]  __sock_sendmsg+0x142/0x180
[  237.366168][T16157]  ____sys_sendmsg+0x31e/0x4e0
[  237.366256][T16157]  ___sys_sendmsg+0x17b/0x1d0
[  237.366302][T16157]  __x64_sys_sendmsg+0xd4/0x160
[  237.366405][T16157]  x64_sys_call+0x2999/0x2fb0
[  237.366431][T16157]  do_syscall_64+0xd0/0x1a0
[  237.366529][T16157]  ? clear_bhb_loop+0x40/0x90
[  237.366558][T16157]  ? clear_bhb_loop+0x40/0x90
[  237.366586][T16157]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.366679][T16157] RIP: 0033:0x7f95d496e969
[  237.366698][T16157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.366723][T16157] RSP: 002b:00007f95d2fd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  237.366772][T16157] RAX: ffffffffffffffda RBX: 00007f95d4b95fa0 RCX: 00007f95d496e969
[  237.366789][T16157] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000003
[  237.366805][T16157] RBP: 00007f95d2fd7090 R08: 0000000000000000 R09: 0000000000000000
[  237.366822][T16157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  237.366838][T16157] R13: 0000000000000000 R14: 00007f95d4b95fa0 R15: 00007fff7df9cf98
[  237.366863][T16157]  </TASK>
[  237.369969][T16147] EXT4-fs (loop5): get root inode failed
[  237.509244][T16159] FAULT_INJECTION: forcing a failure.
[  237.509244][T16159] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  237.526342][T16147] EXT4-fs (loop5): mount failed
[  237.534815][T16159] CPU: 1 UID: 0 PID: 16159 Comm: syz.0.4327 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  237.534922][T16159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  237.534940][T16159] Call Trace:
[  237.534950][T16159]  <TASK>
[  237.534960][T16159]  __dump_stack+0x1d/0x30
[  237.534989][T16159]  dump_stack_lvl+0xe8/0x140
[  237.535014][T16159]  dump_stack+0x15/0x1b
[  237.535037][T16159]  should_fail_ex+0x265/0x280
[  237.535104][T16159]  should_fail+0xb/0x20
[  237.535143][T16159]  should_fail_usercopy+0x1a/0x20
[  237.535169][T16159]  _copy_from_user+0x1c/0xb0
[  237.535253][T16159]  input_event_from_user+0x5f/0x160
[  237.535295][T16159]  ? input_inject_event+0xd9/0xf0
[  237.535326][T16159]  evdev_write+0x1b1/0x290
[  237.535368][T16159]  ? __pfx_evdev_write+0x10/0x10
[  237.535436][T16159]  vfs_write+0x269/0x8d0
[  237.535503][T16159]  ? __rcu_read_unlock+0x4f/0x70
[  237.535533][T16159]  ? __fget_files+0x184/0x1c0
[  237.535573][T16159]  ksys_write+0xda/0x1a0
[  237.535609][T16159]  __x64_sys_write+0x40/0x50
[  237.535691][T16159]  x64_sys_call+0x2cdd/0x2fb0
[  237.535782][T16159]  do_syscall_64+0xd0/0x1a0
[  237.535812][T16159]  ? clear_bhb_loop+0x40/0x90
[  237.535852][T16159]  ? clear_bhb_loop+0x40/0x90
[  237.535881][T16159]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.535908][T16159] RIP: 0033:0x7f95d496e969
[  237.535928][T16159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.535966][T16159] RSP: 002b:00007f95d2fd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  237.535992][T16159] RAX: ffffffffffffffda RBX: 00007f95d4b95fa0 RCX: 00007f95d496e969
[  237.536080][T16159] RDX: 0000000000002250 RSI: 0000200000000040 RDI: 0000000000000003
[  237.536096][T16159] RBP: 00007f95d2fd7090 R08: 0000000000000000 R09: 0000000000000000
[  237.536112][T16159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  237.536127][T16159] R13: 0000000000000000 R14: 00007f95d4b95fa0 R15: 00007fff7df9cf98
[  237.536154][T16159]  </TASK>
[  237.835421][T16147] loop5: detected capacity change from 0 to 1024
[  237.838921][T14250] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.842360][T16147] EXT4-fs: Ignoring removed bh option
[  237.856357][T16147] EXT4-fs: inline encryption not supported
[  237.863290][T16147] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  237.871878][T16147] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  237.900814][T16147] EXT4-fs error (device loop5): ext4_map_blocks:709: inode #3: block 1: comm syz.5.4323: lblock 1 mapped to illegal pblock 1 (length 1)
[  237.952099][T16169] vhci_hcd: invalid port number 12
[  237.957393][T16169] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[  237.970722][T16171] loop0: detected capacity change from 0 to 1024
[  237.972499][T16173] loop2: detected capacity change from 0 to 2048
[  237.977902][T16171] EXT4-fs: Ignoring removed bh option
[  237.989703][T16147] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.4323: Failed to acquire dquot type 0
[  238.002127][T16171] EXT4-fs: inline encryption not supported
[  238.008152][T16171] EXT4-fs: Ignoring removed i_version option
[  238.011285][T16147] EXT4-fs error (device loop5): ext4_free_blocks:6587: comm syz.5.4323: Freeing blocks not in datazone - block = 0, count = 4096
[  238.034716][T16171] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  238.048192][T16147] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.4323: Invalid inode bitmap blk 0 in block_group 0
[  238.061814][T16147] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[  238.071172][T16173] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  238.098800][T16147] EXT4-fs (loop5): 1 orphan inode deleted
[  238.104745][   T31] EXT4-fs error (device loop5): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:1: lblock 1 mapped to illegal pblock 1 (length 1)
[  238.123332][T16147] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.136611][T16183] Cannot find del_set index 0 as target
[  238.142250][T16171] EXT4-fs error (device loop0): ext4_map_blocks:709: inode #3: block 1: comm syz.0.4329: lblock 1 mapped to illegal pblock 1 (length 1)
[  238.160596][T16183] netlink: 36 bytes leftover after parsing attributes in process `+}[@'.
[  238.167499][   T31] EXT4-fs error (device loop5): ext4_release_dquot:6971: comm kworker/u8:1: Failed to release dquot type 0
[  238.205233][T16171] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.4329: Failed to acquire dquot type 0
[  238.229369][T16171] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.4329: Freeing blocks not in datazone - block = 0, count = 4096
[  238.245272][T16187] tipc: Enabled bearer <udp:syz2>, priority 10
[  238.261380][T16187] tipc: Disabling bearer <udp:syz2>
[  238.262397][T16147] ext4: Unknown parameter 'ÿÿÿÿ00000000000000000000ñŽ?ƒÂ-§±á'
[  238.287462][T16171] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.4329: Invalid inode bitmap blk 0 in block_group 0
[  238.292792][T16179] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4333'.
[  238.312811][T16171] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  238.321555][  T295] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[  238.342216][  T295] EXT4-fs error (device loop0): ext4_release_dquot:6971: comm kworker/u8:5: Failed to release dquot type 0
[  238.359510][T16171] EXT4-fs (loop0): 1 orphan inode deleted
[  238.366054][T16171] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.436809][T13706] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.501240][T16197] FAULT_INJECTION: forcing a failure.
[  238.501240][T16197] name failslab, interval 1, probability 0, space 0, times 0
[  238.513944][T16197] CPU: 1 UID: 0 PID: 16197 Comm: syz.6.4340 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  238.513979][T16197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  238.513994][T16197] Call Trace:
[  238.514001][T16197]  <TASK>
[  238.514010][T16197]  __dump_stack+0x1d/0x30
[  238.514036][T16197]  dump_stack_lvl+0xe8/0x140
[  238.514129][T16197]  dump_stack+0x15/0x1b
[  238.514145][T16197]  should_fail_ex+0x265/0x280
[  238.514334][T16197]  should_failslab+0x8c/0xb0
[  238.514371][T16197]  kmem_cache_alloc_noprof+0x50/0x310
[  238.514393][T16197]  ? skb_clone+0x151/0x1f0
[  238.514451][T16197]  skb_clone+0x151/0x1f0
[  238.514476][T16197]  __netlink_deliver_tap+0x2c9/0x500
[  238.514534][T16197]  netlink_unicast+0x64c/0x670
[  238.514651][T16197]  netlink_sendmsg+0x58b/0x6b0
[  238.514677][T16197]  ? __pfx_netlink_sendmsg+0x10/0x10
[  238.514701][T16197]  __sock_sendmsg+0x142/0x180
[  238.514803][T16197]  ____sys_sendmsg+0x31e/0x4e0
[  238.514832][T16197]  ___sys_sendmsg+0x17b/0x1d0
[  238.514872][T16197]  __x64_sys_sendmsg+0xd4/0x160
[  238.514930][T16197]  x64_sys_call+0x2999/0x2fb0
[  238.515021][T16197]  do_syscall_64+0xd0/0x1a0
[  238.515049][T16197]  ? clear_bhb_loop+0x40/0x90
[  238.515069][T16197]  ? clear_bhb_loop+0x40/0x90
[  238.515094][T16197]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.515200][T16197] RIP: 0033:0x7f040befe969
[  238.515218][T16197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.515239][T16197] RSP: 002b:00007f040a567038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  238.515270][T16197] RAX: ffffffffffffffda RBX: 00007f040c125fa0 RCX: 00007f040befe969
[  238.515286][T16197] RDX: 0000000004000c00 RSI: 0000200000000180 RDI: 000000000000000c
[  238.515301][T16197] RBP: 00007f040a567090 R08: 0000000000000000 R09: 0000000000000000
[  238.515315][T16197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  238.515396][T16197] R13: 0000000000000000 R14: 00007f040c125fa0 R15: 00007ffda40fe2e8
[  238.515418][T16197]  </TASK>
[  238.720612][T16197] netlink: 'syz.6.4340': attribute type 13 has an invalid length.
[  238.830618][T10761] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.975501][T14273] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.993255][T16206] loop5: detected capacity change from 0 to 1024
[  239.002936][T16222] netlink: 76 bytes leftover after parsing attributes in process `syz.0.4350'.
[  239.030822][T16223] loop4: detected capacity change from 0 to 2048
[  239.040513][T16206] EXT4-fs: Ignoring removed bh option
[  239.052807][T16206] EXT4-fs: inline encryption not supported
[  239.054762][T16225] netlink: 'syz.0.4352': attribute type 1 has an invalid length.
[  239.065953][T16206] EXT4-fs: Ignoring removed i_version option
[  239.088397][T16206] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  239.103949][T16223] EXT4-fs error (device loop4): ext4_ext_check_inode:524: inode #2: comm syz.4.4351: pblk 0 bad header/extent: eh_entries is 0 but eh_depth is > 0 - magic f30a, entries 0, max 4(4), depth 5(5)
[  239.118014][T16225] bond2: entered promiscuous mode
[  239.128389][T16225] 8021q: adding VLAN 0 to HW filter on device bond2
[  239.136629][T16223] EXT4-fs (loop4): get root inode failed
[  239.142313][T16223] EXT4-fs (loop4): mount failed
[  239.152586][T16234] bond2: (slave veth5): making interface the new active one
[  239.159939][T16234] veth5: entered promiscuous mode
[  239.166653][T16234] bond2: (slave veth5): Enslaving as an active interface with an up link
[  239.190195][T16206] EXT4-fs error (device loop5): ext4_map_blocks:709: inode #3: block 1: comm syz.5.4344: lblock 1 mapped to illegal pblock 1 (length 1)
[  239.207535][T16206] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.4344: Failed to acquire dquot type 0
[  239.222584][T16223] loop4: detected capacity change from 0 to 1024
[  239.229971][T16223] EXT4-fs: Ignoring removed bh option
[  239.235468][T16223] EXT4-fs: inline encryption not supported
[  239.245971][T16206] EXT4-fs error (device loop5): ext4_free_blocks:6587: comm syz.5.4344: Freeing blocks not in datazone - block = 0, count = 4096
[  239.259363][T16223] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  239.290910][T16244] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4356'.
[  239.291850][T16245] loop2: detected capacity change from 0 to 2048
[  239.301770][T16223] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  239.320188][T16206] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.4344: Invalid inode bitmap blk 0 in block_group 0
[  239.322733][T16223] EXT4-fs error (device loop4): ext4_map_blocks:709: inode #3: block 1: comm syz.4.4351: lblock 1 mapped to illegal pblock 1 (length 1)
[  239.336390][T16206] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[  239.349487][T16223] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.4351: Failed to acquire dquot type 0
[  239.359686][T16206] EXT4-fs (loop5): 1 orphan inode deleted
[  239.370494][  T295] EXT4-fs error (device loop5): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[  239.391605][T16206] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.392847][T16245] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.417849][  T295] EXT4-fs error (device loop5): ext4_release_dquot:6971: comm kworker/u8:5: Failed to release dquot type 0
[  239.418683][T16223] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.4351: Freeing blocks not in datazone - block = 0, count = 4096
[  239.455289][T16223] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.4351: Invalid inode bitmap blk 0 in block_group 0
[  239.484924][   T51] EXT4-fs error (device loop4): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  239.510471][   T51] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:3: Failed to release dquot type 0
[  239.522039][T16223] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[  239.532886][T16223] EXT4-fs (loop4): 1 orphan inode deleted
[  239.539435][T16223] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.582810][T16257] tipc: Enabled bearer <udp:syz2>, priority 10
[  239.605796][T16223] ext4: Unknown parameter 'ÿÿÿÿ00000000000000000000ñŽ?ƒÂ-§±á'
[  239.624394][T16257] tipc: Disabling bearer <udp:syz2>
[  239.652996][T13706] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.709292][T13820] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.724977][T16264] loop5: detected capacity change from 0 to 2048
[  239.760297][T16264] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.774744][T16271] loop4: detected capacity change from 0 to 2048
[  239.809461][T16271] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.832913][T16276] loop0: detected capacity change from 0 to 2048
[  239.887334][T16276]  loop0: p1 < > p4 < >
[  239.896816][T16280] tipc: Enabled bearer <udp:syz2>, priority 10
[  239.916184][T16280] tipc: Disabling bearer <udp:syz2>
[  239.926160][T16276] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4368'.
[  239.961055][T16283] tipc: Enabled bearer <udp:syz2>, priority 10
[  239.968800][T16283] tipc: Disabling bearer <udp:syz2>
[  240.345988][T16310] loop2: detected capacity change from 0 to 1024
[  240.364308][T16312] loop0: detected capacity change from 0 to 1024
[  240.368972][T16310] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  240.383164][T16312] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  240.397672][T16312] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  240.405618][T16312] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c854e01c, mo2=0100]
[  240.414274][T16310] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  240.422264][T16310] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c854e01c, mo2=0100]
[  240.431113][T16310] EXT4-fs (loop2): orphan cleanup on readonly fs
[  240.437689][T16312] EXT4-fs (loop0): orphan cleanup on readonly fs
[  240.438857][T16310] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  240.444734][T16312] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  240.463155][T16312] EXT4-fs error (device loop0): ext4_dirty_inode:6103: inode #3: comm syz.0.4380: mark_inode_dirty error
[  240.474622][T16312] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.4380: Invalid block bitmap block 3 in block_group 0
[  240.488400][   T36] usb usb8-port1: attempt power cycle
[  240.494374][T16312] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.4380: Invalid block bitmap block 3 in block_group 0
[  240.508062][T16310] EXT4-fs error (device loop2): ext4_dirty_inode:6103: inode #3: comm syz.2.4382: mark_inode_dirty error
[  240.537907][T16312] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.4380: Invalid block bitmap block 3 in block_group 0
[  240.539908][T16310] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.4382: Invalid block bitmap block 3 in block_group 0
[  240.565775][T16310] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.4382: Invalid block bitmap block 3 in block_group 0
[  240.586229][T16312] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  240.616602][T16310] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.4382: Invalid block bitmap block 3 in block_group 0
[  240.626495][T16312] EXT4-fs error (device loop0): ext4_dirty_inode:6103: inode #3: comm syz.0.4380: mark_inode_dirty error
[  240.643199][T16310] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  240.662862][T16310] EXT4-fs error (device loop2): ext4_dirty_inode:6103: inode #3: comm syz.2.4382: mark_inode_dirty error
[  240.675081][T16312] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 1: comm syz.0.4380: lblock 6 mapped to illegal pblock 1 (length 1)
[  240.689616][T16310] EXT4-fs error (device loop2): ext4_map_blocks:675: inode #3: block 1: comm syz.2.4382: lblock 6 mapped to illegal pblock 1 (length 1)
[  240.705387][T16312] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 48: comm syz.0.4380: lblock 0 mapped to illegal pblock 48 (length 1)
[  240.739158][T16310] EXT4-fs error (device loop2): ext4_map_blocks:675: inode #3: block 48: comm syz.2.4382: lblock 0 mapped to illegal pblock 48 (length 1)
[  240.757803][T16310] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.4382: Failed to acquire dquot type 0
[  240.770831][T16312] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.4380: Failed to acquire dquot type 0
[  240.782541][T16310] EXT4-fs error (device loop2): ext4_map_blocks:675: inode #3: block 49: comm syz.2.4382: lblock 1 mapped to illegal pblock 49 (length 1)
[  240.804111][T16310] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.4382: Failed to acquire dquot type 0
[  240.815748][T16312] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 49: comm syz.0.4380: lblock 1 mapped to illegal pblock 49 (length 1)
[  240.830011][T16310] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  240.838286][T16312] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.4380: Failed to acquire dquot type 0
[  240.850874][T16318] loop5: detected capacity change from 0 to 2048
[  240.857438][T16310] EXT4-fs error (device loop2): ext4_evict_inode:259: inode #15: comm syz.2.4382: mark_inode_dirty error
[  240.866684][T16312] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  240.879037][T16310] EXT4-fs warning (device loop2): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[  240.881587][T16312] EXT4-fs error (device loop0): ext4_evict_inode:259: inode #15: comm syz.0.4380: mark_inode_dirty error
[  240.900527][T16310] EXT4-fs (loop2): 1 orphan inode deleted
[  240.903419][T16312] EXT4-fs warning (device loop0): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[  240.918436][T16312] EXT4-fs (loop0): 1 orphan inode deleted
[  240.980322][T16322] FAULT_INJECTION: forcing a failure.
[  240.980322][T16322] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  240.990031][   T29] kauditd_printk_skb: 335 callbacks suppressed
[  240.990047][   T29] audit: type=1326 audit(1747158939.202:8678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16323 comm="syz.0.4386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95d496e969 code=0x7ffc0000
[  240.993476][T16322] CPU: 1 UID: 0 PID: 16322 Comm: syz.4.4385 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  240.993514][T16322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  240.993530][T16322] Call Trace:
[  240.993539][T16322]  <TASK>
[  240.993548][T16322]  __dump_stack+0x1d/0x30
[  240.993607][T16322]  dump_stack_lvl+0xe8/0x140
[  240.993632][T16322]  dump_stack+0x15/0x1b
[  240.993653][T16322]  should_fail_ex+0x265/0x280
[  240.993695][T16322]  should_fail+0xb/0x20
[  240.993733][T16322]  should_fail_usercopy+0x1a/0x20
[  240.993764][T16322]  _copy_from_user+0x1c/0xb0
[  240.993810][T16322]  ___sys_sendmsg+0xc1/0x1d0
[  240.993866][T16322]  __x64_sys_sendmsg+0xd4/0x160
[  240.993899][T16322]  x64_sys_call+0x2999/0x2fb0
[  240.993953][T16322]  do_syscall_64+0xd0/0x1a0
[  240.994034][T16322]  ? clear_bhb_loop+0x40/0x90
[  240.994124][T16322]  ? clear_bhb_loop+0x40/0x90
[  240.994153][T16322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.994180][T16322] RIP: 0033:0x7fe463a6e969
[  240.994246][T16322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.994385][T16322] RSP: 002b:00007fe4620d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  240.994409][T16322] RAX: ffffffffffffffda RBX: 00007fe463c95fa0 RCX: 00007fe463a6e969
[  240.994427][T16322] RDX: 0000000004000000 RSI: 0000200000002ac0 RDI: 0000000000000003
[  240.994443][T16322] RBP: 00007fe4620d7090 R08: 0000000000000000 R09: 0000000000000000
[  240.994459][T16322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  240.994475][T16322] R13: 0000000000000000 R14: 00007fe463c95fa0 R15: 00007ffc61711aa8
[  240.994500][T16322]  </TASK>
[  241.198704][   T29] audit: type=1326 audit(1747158939.212:8679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16323 comm="syz.0.4386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95d496e969 code=0x7ffc0000
[  241.222417][   T29] audit: type=1326 audit(1747158939.212:8680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16323 comm="syz.0.4386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95d496e969 code=0x7ffc0000
[  241.245942][   T29] audit: type=1326 audit(1747158939.212:8681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16323 comm="syz.0.4386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95d496e969 code=0x7ffc0000
[  241.246557][T16331] tipc: Enabled bearer <udp:syz2>, priority 10
[  241.269557][   T29] audit: type=1326 audit(1747158939.212:8682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16323 comm="syz.0.4386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95d496e969 code=0x7ffc0000
[  241.299233][   T29] audit: type=1326 audit(1747158939.212:8683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16323 comm="syz.0.4386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95d496e969 code=0x7ffc0000
[  241.322769][   T29] audit: type=1326 audit(1747158939.212:8684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16323 comm="syz.0.4386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95d496e969 code=0x7ffc0000
[  241.346521][   T29] audit: type=1326 audit(1747158939.212:8685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16323 comm="syz.0.4386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95d496e969 code=0x7ffc0000
[  241.370183][   T29] audit: type=1326 audit(1747158939.212:8686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16323 comm="syz.0.4386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=315 compat=0 ip=0x7f95d496e969 code=0x7ffc0000
[  241.393757][   T29] audit: type=1326 audit(1747158939.212:8687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16323 comm="syz.0.4386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95d496e969 code=0x7ffc0000
[  241.421190][T16331] tipc: Disabling bearer <udp:syz2>
[  241.671544][T16336] loop4: detected capacity change from 0 to 1024
[  241.681737][T16354] loop0: detected capacity change from 0 to 2048
[  241.687847][T16336] EXT4-fs: Ignoring removed bh option
[  241.694721][T16336] EXT4-fs: inline encryption not supported
[  241.701330][T16336] EXT4-fs: Ignoring removed i_version option
[  241.714035][T16336] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  241.744934][T16336] EXT4-fs error (device loop4): ext4_map_blocks:709: inode #3: block 1: comm syz.4.4390: lblock 1 mapped to illegal pblock 1 (length 1)
[  241.748378][T16359] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4396'.
[  241.768081][T16336] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.4390: Failed to acquire dquot type 0
[  241.789092][T16336] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.4390: Freeing blocks not in datazone - block = 0, count = 4096
[  241.809120][T16336] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.4390: Invalid inode bitmap blk 0 in block_group 0
[  241.827749][   T51] EXT4-fs error (device loop4): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  241.843356][T16361] tipc: Enabled bearer <udp:syz2>, priority 10
[  241.843988][T16336] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[  241.861697][T16363] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  241.870372][T16363] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  241.879759][T16336] EXT4-fs (loop4): 1 orphan inode deleted
[  241.880013][   T51] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:3: Failed to release dquot type 0
[  242.129066][T16371] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4401'.
[  242.410767][T16374] loop5: detected capacity change from 0 to 512
[  242.427039][   T36] usb usb8-port1: unable to enumerate USB device
[  242.431035][T16374] EXT4-fs (loop5): orphan cleanup on readonly fs
[  242.442111][T16374] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4402: bg 0: block 248: padding at end of block bitmap is not set
[  242.459253][T16374] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.4402: Failed to acquire dquot type 1
[  242.480376][T16374] EXT4-fs (loop5): 1 truncate cleaned up
[  242.523141][T16378] vhci_hcd: invalid port number 12
[  242.528391][T16378] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[  242.801101][T16389] loop5: detected capacity change from 0 to 1024
[  242.821068][T16389] EXT4-fs: Ignoring removed bh option
[  242.829261][T16389] EXT4-fs: inline encryption not supported
[  242.838633][T16389] EXT4-fs: Ignoring removed i_version option
[  242.861451][T16389] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  242.915723][T16389] EXT4-fs error (device loop5): ext4_map_blocks:709: inode #3: block 1: comm syz.5.4409: lblock 1 mapped to illegal pblock 1 (length 1)
[  242.935456][T16389] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.4409: Failed to acquire dquot type 0
[  242.951705][T16389] EXT4-fs error (device loop5): ext4_free_blocks:6587: comm syz.5.4409: Freeing blocks not in datazone - block = 0, count = 4096
[  242.966402][ T9318] tipc: Node number set to 2886997162
[  242.975441][T16389] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.4409: Invalid inode bitmap blk 0 in block_group 0
[  242.991955][   T37] EXT4-fs error (device loop5): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1)
[  243.021184][T16417] vhci_hcd: invalid port number 12
[  243.026319][T16417] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[  243.038456][   T37] EXT4-fs error (device loop5): ext4_release_dquot:6971: comm kworker/u8:2: Failed to release dquot type 0
[  243.052013][T16389] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[  243.063533][T16389] EXT4-fs (loop5): 1 orphan inode deleted
[  243.250517][T16420] loop0: detected capacity change from 0 to 1024
[  243.262502][T16420] EXT4-fs: Ignoring removed bh option
[  243.270897][T16420] EXT4-fs: inline encryption not supported
[  243.277940][T16420] EXT4-fs: Ignoring removed i_version option
[  243.300327][T16420] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  243.382337][T16420] EXT4-fs error (device loop0): ext4_map_blocks:709: inode #3: block 1: comm syz.0.4422: lblock 1 mapped to illegal pblock 1 (length 1)
[  243.407722][T16420] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.4422: Failed to acquire dquot type 0
[  243.434181][T16420] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.4422: Freeing blocks not in datazone - block = 0, count = 4096
[  243.482767][T16420] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.4422: Invalid inode bitmap blk 0 in block_group 0
[  243.499733][   T31] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:1: lblock 1 mapped to illegal pblock 1 (length 1)
[  243.529644][T16439] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4428'.
[  243.552770][T16439] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4428'.
[  243.564010][   T31] EXT4-fs error (device loop0): ext4_release_dquot:6971: comm kworker/u8:1: Failed to release dquot type 0
[  243.575680][T16420] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  243.593710][T16420] EXT4-fs (loop0): 1 orphan inode deleted
[  243.678388][T16447] vhci_hcd: invalid port number 12
[  243.683546][T16447] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[  243.842334][T16445] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4432'.
[  243.970451][T16457] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4438'.
[  244.025945][T16465] loop6: detected capacity change from 0 to 1024
[  244.080096][T16465] EXT4-fs: Ignoring removed bh option
[  244.086975][T16465] EXT4-fs: inline encryption not supported
[  244.092830][T16465] EXT4-fs: Ignoring removed i_version option
[  244.109677][T16465] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  244.129408][T16465] EXT4-fs error (device loop6): ext4_map_blocks:709: inode #3: block 1: comm syz.6.4441: lblock 1 mapped to illegal pblock 1 (length 1)
[  244.153783][T16465] EXT4-fs error (device loop6): ext4_acquire_dquot:6935: comm syz.6.4441: Failed to acquire dquot type 0
[  244.207415][T16465] EXT4-fs error (device loop6): ext4_free_blocks:6587: comm syz.6.4441: Freeing blocks not in datazone - block = 0, count = 4096
[  244.258610][T16465] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.4441: Invalid inode bitmap blk 0 in block_group 0
[  244.280715][   T51] EXT4-fs error (device loop6): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  244.296332][T16465] EXT4-fs error (device loop6) in ext4_free_inode:361: Corrupt filesystem
[  244.312761][T16465] EXT4-fs (loop6): 1 orphan inode deleted
[  244.323042][   T51] EXT4-fs error (device loop6): ext4_release_dquot:6971: comm kworker/u8:3: Failed to release dquot type 0
[  244.467330][T16471] netlink: 76 bytes leftover after parsing attributes in process `syz.4.4444'.
[  244.505112][T16475] vhci_hcd: invalid port number 12
[  244.510343][T16475] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[  244.799242][T16504] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4458'.
[  244.989353][T16502] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4457'.
[  245.097640][T16522] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4467'.
[  245.130201][T16524] FAULT_INJECTION: forcing a failure.
[  245.130201][T16524] name failslab, interval 1, probability 0, space 0, times 0
[  245.142866][T16524] CPU: 1 UID: 0 PID: 16524 Comm: syz.2.4468 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  245.142901][T16524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  245.142936][T16524] Call Trace:
[  245.142942][T16524]  <TASK>
[  245.142950][T16524]  __dump_stack+0x1d/0x30
[  245.142970][T16524]  dump_stack_lvl+0xe8/0x140
[  245.142991][T16524]  dump_stack+0x15/0x1b
[  245.143008][T16524]  should_fail_ex+0x265/0x280
[  245.143057][T16524]  ? create_io_worker+0x5e/0x370
[  245.143089][T16524]  should_failslab+0x8c/0xb0
[  245.143202][T16524]  __kmalloc_cache_noprof+0x4c/0x320
[  245.143291][T16524]  create_io_worker+0x5e/0x370
[  245.143325][T16524]  io_wq_enqueue+0x2e1/0x3c0
[  245.143429][T16524]  ? __pfx_io_wq_work_match_item+0x10/0x10
[  245.143472][T16524]  io_queue_iowq+0x201/0x2e0
[  245.143501][T16524]  io_queue_sqe_fallback+0x73/0xc0
[  245.143527][T16524]  io_submit_sqes+0xb8b/0x1000
[  245.143593][T16524]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  245.143629][T16524]  ? __rcu_read_unlock+0x4f/0x70
[  245.143666][T16524]  ? get_pid_task+0x96/0xd0
[  245.143691][T16524]  ? proc_fail_nth_write+0x12d/0x160
[  245.143721][T16524]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  245.143765][T16524]  ? vfs_write+0x75e/0x8d0
[  245.143797][T16524]  ? __rcu_read_unlock+0x4f/0x70
[  245.143819][T16524]  ? __fget_files+0x184/0x1c0
[  245.143928][T16524]  ? fput+0x8f/0xc0
[  245.143960][T16524]  __x64_sys_io_uring_enter+0x78/0x90
[  245.144091][T16524]  x64_sys_call+0x28c8/0x2fb0
[  245.144188][T16524]  do_syscall_64+0xd0/0x1a0
[  245.144217][T16524]  ? clear_bhb_loop+0x40/0x90
[  245.144243][T16524]  ? clear_bhb_loop+0x40/0x90
[  245.144270][T16524]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.144342][T16524] RIP: 0033:0x7fe87f23e969
[  245.144358][T16524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.144376][T16524] RSP: 002b:00007fe87d8a7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  245.144433][T16524] RAX: ffffffffffffffda RBX: 00007fe87f465fa0 RCX: 00007fe87f23e969
[  245.144449][T16524] RDX: 0000000000003900 RSI: 00000000000006e2 RDI: 0000000000000004
[  245.144497][T16524] RBP: 00007fe87d8a7090 R08: 0000000000000000 R09: 0000000000000e00
[  245.144508][T16524] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  245.144521][T16524] R13: 0000000000000000 R14: 00007fe87f465fa0 R15: 00007ffd0d6fc168
[  245.144605][T16524]  </TASK>
[  245.156546][T16522] FAULT_INJECTION: forcing a failure.
[  245.156546][T16522] name failslab, interval 1, probability 0, space 0, times 0
[  245.383685][T16535] netlink: 76 bytes leftover after parsing attributes in process `syz.5.4473'.
[  245.385649][T16522] CPU: 0 UID: 0 PID: 16522 Comm: syz.4.4467 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  245.385681][T16522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  245.385693][T16522] Call Trace:
[  245.385699][T16522]  <TASK>
[  245.385706][T16522]  __dump_stack+0x1d/0x30
[  245.385726][T16522]  dump_stack_lvl+0xe8/0x140
[  245.385821][T16522]  dump_stack+0x15/0x1b
[  245.385845][T16522]  should_fail_ex+0x265/0x280
[  245.385890][T16522]  should_failslab+0x8c/0xb0
[  245.385974][T16522]  kmem_cache_alloc_noprof+0x50/0x310
[  245.386001][T16522]  ? skb_clone+0x151/0x1f0
[  245.386085][T16522]  skb_clone+0x151/0x1f0
[  245.386113][T16522]  __netlink_deliver_tap+0x2c9/0x500
[  245.386193][T16522]  netlink_unicast+0x64c/0x670
[  245.386235][T16522]  netlink_sendmsg+0x58b/0x6b0
[  245.386263][T16522]  ? __pfx_netlink_sendmsg+0x10/0x10
[  245.386330][T16522]  __sock_sendmsg+0x142/0x180
[  245.386367][T16522]  ____sys_sendmsg+0x345/0x4e0
[  245.386485][T16522]  ___sys_sendmsg+0x17b/0x1d0
[  245.386530][T16522]  __sys_sendmmsg+0x178/0x300
[  245.386610][T16522]  __x64_sys_sendmmsg+0x57/0x70
[  245.386638][T16522]  x64_sys_call+0x2f2f/0x2fb0
[  245.386665][T16522]  do_syscall_64+0xd0/0x1a0
[  245.386707][T16522]  ? clear_bhb_loop+0x40/0x90
[  245.386735][T16522]  ? clear_bhb_loop+0x40/0x90
[  245.386813][T16522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.386848][T16522] RIP: 0033:0x7fe463a6e969
[  245.386866][T16522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.386908][T16522] RSP: 002b:00007fe4620d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  245.386932][T16522] RAX: ffffffffffffffda RBX: 00007fe463c95fa0 RCX: 00007fe463a6e969
[  245.386949][T16522] RDX: 04000000000001f2 RSI: 0000200000000000 RDI: 0000000000000005
[  245.386965][T16522] RBP: 00007fe4620d7090 R08: 0000000000000000 R09: 0000000000000000
[  245.386981][T16522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  245.386997][T16522] R13: 0000000000000000 R14: 00007fe463c95fa0 R15: 00007ffc61711aa8
[  245.387023][T16522]  </TASK>
[  245.422972][T16533] loop6: detected capacity change from 0 to 2048
[  245.637288][T16541] tipc: Enabled bearer <udp:syz2>, priority 10
[  245.646724][T16541] tipc: Disabling bearer <udp:syz2>
[  245.733985][T16548] loop4: detected capacity change from 0 to 512
[  245.745998][T16552] loop5: detected capacity change from 0 to 512
[  245.760880][T16548] EXT4-fs (loop4): orphan cleanup on readonly fs
[  245.772344][T16552] EXT4-fs warning (device loop5): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  245.808986][T16548] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4479: bg 0: block 248: padding at end of block bitmap is not set
[  245.833041][T16548] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.4479: Failed to acquire dquot type 1
[  245.844784][T16552] EXT4-fs (loop5): mount failed
[  245.870924][T16548] EXT4-fs (loop4): 1 truncate cleaned up
[  246.041415][T16533] ==================================================================
[  246.049560][T16533] BUG: KCSAN: data-race in __xa_set_mark / xas_find_marked
[  246.056786][T16533] 
[  246.059116][T16533] write to 0xffff888106fa3c54 of 4 bytes by task 16540 on cpu 1:
[  246.066832][T16533]  __xa_set_mark+0x172/0x1a0
[  246.071438][T16533]  __folio_mark_dirty+0x3af/0x4c0
[  246.076465][T16533]  mark_buffer_dirty+0x11e/0x210
[  246.081412][T16533]  block_write_end+0x12e/0x210
[  246.086187][T16533]  ext4_write_end+0x13a/0x730
[  246.090880][T16533]  ext4_da_write_end+0x71/0x7b0
[  246.095743][T16533]  generic_perform_write+0x312/0x490
[  246.101059][T16533]  ext4_buffered_write_iter+0x1ee/0x3c0
[  246.106626][T16533]  ext4_file_write_iter+0x383/0xf00
[  246.111844][T16533]  iter_file_splice_write+0x5f2/0x970
[  246.117236][T16533]  direct_splice_actor+0x156/0x2a0
[  246.122363][T16533]  splice_direct_to_actor+0x312/0x680
[  246.127746][T16533]  do_splice_direct+0xda/0x150
[  246.132517][T16533]  do_sendfile+0x380/0x640
[  246.136939][T16533]  __x64_sys_sendfile64+0x105/0x150
[  246.142164][T16533]  x64_sys_call+0xb39/0x2fb0
[  246.146770][T16533]  do_syscall_64+0xd0/0x1a0
[  246.151298][T16533]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.157199][T16533] 
[  246.159521][T16533] read to 0xffff888106fa3c54 of 4 bytes by task 16533 on cpu 0:
[  246.167157][T16533]  xas_find_marked+0x5dc/0x620
[  246.171930][T16533]  find_get_entry+0x5d/0x380
[  246.176530][T16533]  filemap_get_folios_tag+0x92/0x210
[  246.181833][T16533]  filemap_fdatawait_range+0x88/0x1d0
[  246.187213][T16533]  __writeback_single_inode+0xdb/0x7c0
[  246.192682][T16533]  writeback_single_inode+0x167/0x3e0
[  246.198068][T16533]  sync_inode_metadata+0x5b/0x90
[  246.203019][T16533]  generic_buffers_fsync_noflush+0xd9/0x120
[  246.208920][T16533]  ext4_sync_file+0x1ab/0x690
[  246.213614][T16533]  vfs_fsync_range+0x10d/0x130
[  246.218387][T16533]  ext4_buffered_write_iter+0x34f/0x3c0
[  246.223947][T16533]  ext4_file_write_iter+0x383/0xf00
[  246.229158][T16533]  iter_file_splice_write+0x5f2/0x970
[  246.234533][T16533]  direct_splice_actor+0x156/0x2a0
[  246.239655][T16533]  splice_direct_to_actor+0x312/0x680
[  246.245045][T16533]  do_splice_direct+0xda/0x150
[  246.249841][T16533]  do_sendfile+0x380/0x640
[  246.254275][T16533]  __x64_sys_sendfile64+0x105/0x150
[  246.259494][T16533]  x64_sys_call+0xb39/0x2fb0
[  246.264121][T16533]  do_syscall_64+0xd0/0x1a0
[  246.268653][T16533]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.274556][T16533] 
[  246.276876][T16533] value changed: 0x00000021 -> 0x0a000021
[  246.282594][T16533] 
[  246.284913][T16533] Reported by Kernel Concurrency Sanitizer on:
[  246.291064][T16533] CPU: 0 UID: 0 PID: 16533 Comm: syz.6.4472 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  246.303566][T16533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  246.313624][T16533] ==================================================================
[  246.329905][T16574] 9pnet_fd: Insufficient options for proto=fd