last executing test programs:

1.196160742s ago: executing program 1 (id=1855):
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x7fff}, 0x18)
openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x834064da5c2d99d0)

1.148300963s ago: executing program 1 (id=1856):
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00'}, 0x10)
request_key(&(0x7f0000000000)='asymmetric\x00', 0x0, 0x0, 0x0)

1.118750384s ago: executing program 1 (id=1858):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000180), 0x1e1835501a5d3773, 0x0)
r1 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c, 0x80000)
ioctl$VFAT_IOCTL_READDIR_SHORT(r1, 0x82307202, &(0x7f0000000540)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
r2 = socket$nl_audit(0x10, 0x3, 0x9)
r3 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, 0x0, &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x36e084fcb6392193, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
write$selinux_access(r3, &(0x7f00000005c0)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a3a73302075c7224b25caf3f405c26e636f6e66696e65642030"], 0x3f)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
bind$netlink(r5, &(0x7f00000001c0)={0x10, 0x0, 0x25dfdc00, 0x100}, 0xc)
read(r2, &(0x7f0000000440)=""/235, 0xeb)
r6 = socket$inet6(0xa, 0x5, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r7)
sendmsg$IEEE802154_ADD_IFACE(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x20, r8, 0x1, 0x4, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000010}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000000c0)='svc_xprt_enqueue\x00', r4, 0x0, 0x6}, 0x18)
setsockopt$inet_int(r6, 0x0, 0x21, &(0x7f0000000340)=0xfffffffd, 0x4)
socket$nl_audit(0x10, 0x3, 0x9)
r9 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
write$binfmt_script(r9, &(0x7f0000000780)={'#! ', './file0', [{0x20, '{&'}, {0x20, '/proc/thread-self\x00'}, {0x20, '/dev/virtual_nci\x00'}, {}], 0xa, "1ce37cfd404900dd15f3217be0e54a316a9971902cb8c875006fdae8e275c30cc87ac9ed93576372e5c9b07598d86b51f6244825f1fea04735bf4166cbc6405488966dfeb4783cc86f1b41fd8d752c3521440d8fe0baca7bc1934e039476a1d0545e705c853b6c55935019ea484e112ebd5a316aa97bad503b9b4b5aae1e7272879c0c0120056f5589add28dda0a694fa0934d11400491b51d981df6f09c94c3c718918c1ba561d379dc0b0426e2c70007bd4b4a43c8c1079f88dfe1fc6181807abb9c6e6554b1b352f1f11b556e0b4172ac17ddafe1b21ca1d42e84360ed6da49aff377f1"}, 0x119)
r10 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r11 = fcntl$dupfd(r10, 0x0, r10)
ioctl$USBDEVFS_CLAIMINTERFACE(r11, 0x8004550f, &(0x7f0000000140)=0x401)
close_range(r0, 0xffffffffffffffff, 0x200000000000000)

830.478818ms ago: executing program 4 (id=1865):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4006, &(0x7f0000003f80)={[{@dioread_lock}, {@nouid32}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}, {}, {@block_validity}, {@quota}]}, 0x1, 0x447, &(0x7f00000008c0)="$eJzs28tvG0UYAPBv105KX8RU5dEHUFEQFY+kSUvpgQsIJA4gIcGhHEOSVqVug5og0SqCgFA5okrcEUek/gWc4IKAExJX4IwqVSiXFk5Ga+82jmunSRrHIf79pG1ndsee+Tw79uxONoC+dSj7J4nYFRG/R8RQI7u0wKHGf7cW5ib+WZibSKJWe/vvpF7u5sLcRFG0eN3OIlOOSD9P4kCbemcuXT43Xq1OXczzI7PnPxiZuXT5+bPnx89MnZm6MHby5PFjoy+eGHthXeLM4rq5/+Ppg/tef/fqmxOnrr7387WkiL8ljntXjqa3buupWm39qtsEdjelk3IPG8KqlPKzdaA+/oeiFIudNxSvfdbTxgFdVavVag91PjxfA7awJHrdAqA3ih/67Pq32DZo6rEp3Hi5cQGUxX0r3xpHypHmZQZarm/X06GIODX/79fZFq33IbZ3qVIAoK99n81/nms3/0uj+b7Q/fkaSiUiHoiIPRFxIiL2RsSDEfWyD0fEI6usv3WR5M75Z3p9TYGtUDb/eylf21o6/ytmf1Ep5bnd9fgHktNnq1NH88/kSAxsy/Kjy9Txw6u/fdnpWPP8L9uy+ou5YN6O6+VtS18zOT47fi8xN7vxacT+crv4k9srAUlE7IuI/Wus4+wz3x7sdKxD/IMreuN1WGeqfRPxdKP/56Ml/kKy/PrkyH1RnTo6UpwVd/rl1ytvdar/7v3fXVn/72h7/hfx/1lJmtdrZ1Zfx5U/vuh4TbnW838weWfJvo/GZ2cvjkYMJm/U85Xm/WMt5cYWy2fxHzncfvzvicVP4kBEZCfxoxHxWEQ83vTd9UREHF4m/p9eefL9tcffXVn8k8v2f7T0/2JiMFr3tE+Uzv343ZJKK6uJP+v/4/XUkXzPSr7/VtKutZ3NAAAA8P+TRsSuSNLh2+k0HR5u/A3/3tiRVqdnZp89Pf3hhcnGMwKVGEiLO11DTfdDR/PL+iI/1pI/lt83/qq0vZ4fnpiuTvY6eOhzOzuM/8xfpV63Dug6z2tB/zL+oX8Z/9C/jH/oX23Gv0fPoE+0+/3/pAftADZey/hfdtnPxAC2Ftf/0L+Mf+hfxj/0pZntcfeH5LuWuJa3YkMqTSOiZ5FuvUSkm6IZEl1K9PiLCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJ38FwAA//8Kt+KP")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00\f'], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000040), 0x81, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = io_uring_setup(0x4d3f, &(0x7f0000000240)={0x0, 0xca6a, 0x40, 0x1, 0x6})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r2, 0xb, &(0x7f0000000500), 0x66)

782.085429ms ago: executing program 0 (id=1868):
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00'}, 0x10)
request_key(&(0x7f0000000000)='asymmetric\x00', 0x0, 0x0, 0x0)

765.142179ms ago: executing program 3 (id=1869):
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd'])

736.170859ms ago: executing program 0 (id=1870):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
timer_create(0x0, 0x0, &(0x7f0000000280)=<r4=>0x0)
timer_getoverrun(r4)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_STOP(r1, 0x54a1)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0006}]})
r6 = syz_open_dev$usbfs(&(0x7f0000000380), 0x3fb8, 0x1)
ioctl$USBDEVFS_SUBMITURB(r6, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {0x0, 0x1}, 0xfffffff8, 0x25, &(0x7f0000000040)={0x60, 0x1, 0x8001, 0x1}, 0x8, 0x6, 0xd0000, 0x0, 0x9e, 0x68e, 0x0})
close_range(r5, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r7)
socket$igmp6(0xa, 0x3, 0x2)
r8 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001ec0)={'batadv0\x00'})

735.80049ms ago: executing program 3 (id=1871):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800010000800000000000000000000018110000e82a2ba4c1bc8121435a8368e39684b03ef5911783c491590c7f5d31484bcc6c6934fd8aedf92874a7dbeecfa078b7d5ba83cdea7fea9c1c8b53e91ded7670dab5e4623fbbf2aed96659af0e5cd34771251bea421fdda07605e74fa2aa33c38c333fd29f5337a51781381646134cfff8d113bb09b2a6a678032ef4b7b3bc6e708ad1b028b62465f7a823337c1214aac001b6a2642e668c7316fc286b6d5ee66622beaa238c14a97cad2bce9db02f25b21c52ff67a76ef7520bc4884431637c258a2e26e84cd7efdf7f492dc568d7", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
close(0xffffffffffffffff)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='rss_stat\x00', r1}, 0x10)
r2 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f00000000c0), &(0x7f00000001c0)=0x4)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
getsockopt$llc_int(r2, 0x10c, 0x3, 0x0, &(0x7f0000000000))
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)

549.039932ms ago: executing program 4 (id=1872):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0))
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000280)={0x0, 0x7f}, &(0x7f00000002c0)=0x8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe06, 0x1000000, &(0x7f0000000100)="b9ff030f6044238cb89e14f088ca1bff430500001100630377fbac141414e000000162079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)

548.638542ms ago: executing program 4 (id=1873):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000040), 0x81, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = io_uring_setup(0x4d3f, &(0x7f0000000240)={0x0, 0xca6a, 0x40, 0x1, 0x6})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r2, 0xb, &(0x7f0000000500), 0x66)

537.152542ms ago: executing program 0 (id=1874):
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x7fff}, 0x18)
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8052, &(0x7f00000000c0)={[{@noauto_da_alloc}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@dioread_nolock}, {@grpquota}]}, 0x5, 0x4dd, &(0x7f0000000c40)="$eJzs3E1oXNUeAPD/nSRN+vU6r6+v77VWTa1isJi0abVdCFJRcKEgVlCXIR8ldtpIk4ItVaYgdSkF9+LSrQu36qaIK8FtXQpSKNJNW0EcuTN3PjuTNMkkY8zvB5M5536dc+655+bcc2YmgE1rOP2TVMI3I2JXRORaNxiuvN27c2Xy/p0rk1EslU7/lpR3u5vGM9lhYnsWGclF5D5O6isazF+6fHaiUJi+kMXHFs69PzZ/6fKzs0PZkpMnjx87euL58eeWX6g26aXlurv/o7kD+1599/rrk/3V5dXUGsvRLcMx3C4rZU91O7Ee29kQTvp7mBGWJb3+0+oaKLf/XdEXi1VecR1zBqy1UqlUGuy8ulhqdfWBJcCGlUSvcwD0RvUfffr8W3216whsWZvuR8/dPlV5AErLfS97RTxeXlgdBxloeb7tpuGIeKf4++fpK9ZoHAIAoNG3p2rDP839v3xlZuSPizdeTN//lc2h5CPi3xGxOyL+ExF7IuK/EbE3Iv4XEf9vOX5fRJQWSX+4JV5LvzYJlbvVhWJ2lPb/Xsjmtur9v6YM5Puy2M6Iaod5+kh2TkZiYHBmtjB9dJE0vnv5p087rWvs/6WvNP1qXzDLx63+lgG6qYmFiRUXuMXtqxH7+1vLn/RHJLWZgCQi9kXE/mUcN98Qnn3mywO1yEDzdkuXv6zUdh6tC/NMpS8inq7UfzGa6r+eYtI0P3lu4sz0menz47X5ybGhKEwfGZvpmJsffrz2Rqd1S5b/619ad3nlxDens5a1emn9b2u4/qM6f1svfz6JSGrztfPLT+Paz590fKZZ6fW/JXmrHK4+l34wsbBw4WjEluS1B5eP1/etxtP3KFbKP3Koffvfne2TnolHIiK9iB+NiMei8oSY5v1gRDwREYcWKf/3Lz353srLv7bS8k+13P8qNd9U//X5+k6BJJsbbLOq7+zBm/c73Dwerv6Pl0Mj2ZL297+k6RbRKafVcY90yZ+rPnsAAACwMeQiYkfDWNKOyOVGRytjQHtiW64wN79weGbu4vmpdF1EPgZyM7OF8vhnZTx4IKmOf+Yb4uMt8WPZuPFnfVvL8dHJucJUT0sObC+3+SQ3GvF2X0P7T/3anSFm4O/M97Vg81qs/aed+L3X1zEzwLp6+P//Nz5c04wA666h/Xf6hn9xBZ/7AjYAz/9A3dI/9OOeARtfSVuGTW1Z7f+wHwGEf5L+eLMWzvU0J8B60/+HTWnJ7/WvKlAabL9qKB7cOIYWP2BfrCwbW9uk1ZNA2rPqSepbV7JX9dcUOm4TueUdcDC6U6czqzwbxQvzZ/Z2/eIvZZ+V73YNfrUu7bRdoCe3IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK77KwAA//8KhtfB")
r5 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(r5, 0x0, 0x4000000a, 0x0)
sched_setattr(r5, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x834064da5c2d99d0)

526.968733ms ago: executing program 4 (id=1875):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000071000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x2000c0, &(0x7f00000005c0), 0x1, 0x54e, &(0x7f0000000600)="$eJzs3U1oHOUbAPBnZrPtv23+pgUFlR6KChVKN0k/tHpKr2Kh0IPgpS6bbQjZZEN2U5uQQ3ovYkFR6aXe9OBR8eBBvHj06kXxLIgGhaYHiUx2N/1Isq61ydbO7wezfT+GPu+bmWey7zBDAsitI9lHGvFMRJxPIobu6huIdueR1n6rK0uV2ytLlSTW1i78mkQSEbdWliqd/ZP2vwciYjkino6Ib4oRx9LNcRsLi1PlWq06164PN6dnhxsLi8cnp8sT1YnqzMmXXzl95tTp0ROjD22u1368/s617167ef3Tzw4vV94vJzEWg+2+u+fxMLV+JsUYu6/91E4E66Ok3wPggRTaeV6MiKdiKArtrAcef2t7I9aAnErkP+RU53tAtv7tbLv5/eOXs60FSBZ3tb21egZa9ybif+trk/2/J/esTLL15sHdHCiPpeWrETEyMLD5/E/a59+DG3kYA2RHfX22daA2H/904/oTW1x/Bjv3Tv+lzvVvddP17078wjbXv/M9xvjzzZ8+2jb+1Yhnt4yfbMRPtoifRsRbPca/8caXZ7brW/s44mhsHb8j6X5/ePjSZK060vrcMsZXRw+/2m3++7eJP9Zl/lnbbI/z/+Lbz59b7hL/xee7H/+t4u+LiHd7jH/o1ievb9eXxR/fZv7d4mdtN3uM/9LYkR963BUAAAAAAAAAAPgH0vVn2ZK0tFFO01Kp9Q7vk7E/rdUbzWOX6vMz461n3g5GMe08aTXUqidZfbT9PG6nfuK++smIOBQR7xX2rddLlXptvN+TBwAAAAAAAAAAAAAAAAAAgEfEgfve//+j0Hr/H8gJf/Ib8kv+Q37dm/9J38YB7D6//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74vy5c9m2dntlqZLVxy8vzE/VLx8frzamStPzlVKlPjdbmqjXJ2rVUqU+/Xf/X61enx2Jmfkrw81qozncWFi8OF2fn2lenJwuT1QvVou7MisAAAAAAAAAAAAAAAAAAAD4bxlc35K0FBHpejlNS6WI/0fEwSgmlyZr1ZGIeCIivi8U92b10X4PGgAAAAAAAAAAAAAAAAAAAB4zjYXFqXKtVp1T2FyIiOVHYBgKCn05+QEAAAAAAAAAAAAAAAAAgF1156Xffo8EAAAAAAAAAAAAAAAAAAAA8iz9OYmIbDs69MLg3T17I2JPslrIynsi4u0bFz64Um4250az9t822psftttP9GsOQC86edrJYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCOxsLiVLlWq87tYKHfcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4EH8FAAD//46R2W8=")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000640)=@newtaction={0x48, 0x30, 0x1, 0x70bd29, 0x25dfdbff, {}, [{0x34, 0x1, [@m_pedit={0x30, 0x1a, 0x0, 0x0, {{0xa}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4c804}, 0x4091)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000014c0)=ANY=[@ANYBLOB="301000003b0007010100000000000000017c00000400fc8018100180"], 0x1030}}, 0x4c000)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f00000007c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100030010651fbe347b2c2b00000c00018008000100", @ANYRES16=r2], 0x20}}, 0x0)
readahead(0xffffffffffffffff, 0x0, 0x101)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
socket$nl_generic(0x10, 0x3, 0x10)

437.299794ms ago: executing program 3 (id=1876):
epoll_create1(0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x400c84, &(0x7f0000000340), 0x1, 0x786, &(0x7f0000001900)="$eJzs3c9rHGUfAPDvbJKmTfu+yQsvaL0YEDRQmpgaWwWFigcRLBT0bLtstqFmky3ZTWlCQIsIXgQVD4JeevLgj3rz6o+r/hcexFI1LVY8SGQ2s+2m2U03abIbzecDk32emdl8n+/Or2d3hpkA9qzh9E8u4nBEvJtEDGbjk4joq5V6I06uzndreamQDkmsrLz8a1Kb5+byUiEa3pM6mFUejIhv34o4klsft7KwOJ0vlYpzWX2sOnNhrLKwePT8TH6qOFWcPT4+MXHsxJMnjm9frr//sHjo2nsvPPbFyT/ffODqO98lcTIOZdMa89iyZ9dWh2M4+0z60o9wjefvO9juknS7AWxJumn2rG7lcTgGo6dWAgD+zV6PiBUAYI9JHP8BYI+p/w5wc3mpUB+6+4tEZ11/LiL2r+ZfP7+5OqU3O2e3v3YedOBmsubMSBIRQ9sQfzgiPv7q1c/SIbbrPCRAG964HBFnh4bX7/+TddcsbNbjG0zbl70O3zU+je8MNHTG12n/56lm/b/c7f5PNOn/9DfZdrei2fa/ZsSBbQiygeufRDzTcG3brYb8M0M9We0/tT5fX3LufKmY7tv+GxEj0def1sc3iDFy468braY19v9+e/+1T9P46eudOXI/9/avfc9kvpq/n5wbXb8c8VBvs/yT28s/adH/Pd1mjBeffvujVtPS/NN868P6/CO7OmlnrFyJeLTp8r9zRVuy4fWJY7XVYay+UjTx5Y8fDrSK37j80yGNX/8u0Anp8h/YOP+hpPF6zcrmY3x/ZfCbVtPunX/z9X9f8kqtXO9HXMpXq3PjEfuSl9aPP3bnvZfyD2el1fnT/Eceab79b7T+p98Jz7aZf++1Xz7fev47K81/clPLf/OFq7eme1rFb2/5T9RKI9mYdvZ/7Tbwfj47AAAAAAAAAAAAAAAAAAAAAAAAAGhXLiIORZIbvV3O5UZHV5/h/f8YyJXKleqRc+X52cmoPSt7KPpy9VtdDjbcD3U8ux9+vX7srvoTEfG/iPig/0BSv4/iZJdzBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC6gy2e/5/6qb/brQMAdsz+bjcAAOg4x38A2Hsc/wFg72nv+N+z4+0AADrH938A2Hsc/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhhp0+dSoeVP5aXCml98uLC/HT54tHJYmV6dGa+MFooz10YnSqXp0rF0UJ55l7/r1QuX5iI2flLY9VipTpWWVg8M1Oen62eOT+TnyqeKfZ1JCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2JzKwuJ0vlQqzilsobCyO5rR/UJPtjrtlvZ0tJDsjmZsc6HLOyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf4i/AwAA//+3ACFj")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x20, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
capget(&(0x7f0000000040)={0x20080522}, 0x0)

411.339264ms ago: executing program 3 (id=1877):
r0 = creat(&(0x7f0000003240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x40)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000580)=ANY=[@ANYRESOCT=0x0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0xfecb6268688f88e, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x140, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="06000000040000000700000008"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$tipc(r5, &(0x7f0000000500)=@id={0x1e, 0x3, 0x1, {0x4e21}}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1})
ioctl$TUNSETLINK(r6, 0x400454cd, 0x304)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r7)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000180))
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @random="e5db029ea53c"})
faccessat2(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x7, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000001040)={{0x1, 0x1, 0x1018, <r8=>0xffffffffffffffff}, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00'})
r9 = syz_io_uring_setup(0x83f, &(0x7f00000000c0)={0x0, 0xa9ee, 0x0, 0x3, 0x8002ae}, &(0x7f0000000140)=<r10=>0x0, &(0x7f0000000280)=<r11=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r10, r11, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x109880})
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r12, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r13}, 0x10)
r14 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
fcntl$lock(r14, 0x5, &(0x7f0000000040)={0x0, 0x1, 0x41, 0xfffffffffffffffc})
io_uring_enter(r9, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r8, 0x6, 0x23, &(0x7f0000000380)={&(0x7f0000002000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/229, 0xe5, 0x1, &(0x7f0000000600)=""/197, 0xc5}, &(0x7f00000003c0)=0x40)

342.071655ms ago: executing program 2 (id=1879):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

301.198536ms ago: executing program 0 (id=1880):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
connect$inet6(r0, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000280)={@in6={{0xa, 0x4e23, 0x4, @dev={0xfe, 0x80, '\x00', 0x2d}}}, 0x0, 0x0, 0x38, 0x0, "0f424a2bc651a9f11381328af8daf6f4bd2827984afeb6b627cea1ba22d1af57aa193c5024c9e8b22a8796a538ed893952a1aa555418ba1b4d0bc0712c028ec32a9bc2fb29b52d39e8626bc90abcc02a"}, 0xd8)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='tunl0\x00', 0x10)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4)
sendmmsg$inet6(r0, &(0x7f0000001200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000040)

290.635936ms ago: executing program 2 (id=1881):
r0 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114db, 0x1000, 0x2, 0x89}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
madvise(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780})
io_uring_enter(r0, 0x3510, 0xaddd, 0x0, 0x0, 0x0)

256.888237ms ago: executing program 1 (id=1882):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x3, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x10000}, 0x18)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x16, 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r6, &(0x7f0000000300)=ANY=[], 0x15)
r7 = dup(r6)
write$RDMA_USER_CM_CMD_SET_OPTION(r7, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r7, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r7, 0xc018937d, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r8=>r7, {0x7fff}}, './file0\x00'})
io_uring_register$IORING_REGISTER_FILES_UPDATE(r7, 0x6, &(0x7f00000002c0)={0x8, 0x0, &(0x7f0000000280)=[r5, r8, r4, r4, 0xffffffffffffffff, r0, r2, r5, r6]}, 0x9)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r7])
stat(&(0x7f00000001c0)='./file0\x00', 0x0)
r9 = socket(0x10, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r7, 0x84, 0x1e, &(0x7f0000000380)=0x5a, 0x4)
r10 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r10, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000940)=@newqdisc={0x14c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_bfifo={{0xa}, {0x8}}, @qdisc_kind_options=@q_netem={{0xa}, {0x108, 0x2, {{}, [@TCA_NETEM_RATE={0x14}, @TCA_NETEM_CORR={0x10}, @TCA_NETEM_SLOT={0x2c}, @TCA_NETEM_CORRUPT={0xc}, @TCA_NETEM_JITTER64={0xc}, @TCA_NETEM_LOSS={0x44, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18}, @NETEM_LOSS_GE={0x14}, @NETEM_LOSS_GE={0x14}]}, @TCA_NETEM_DELAY_DIST={0x3e, 0x2, "bb31dd582025a5bfe05b342a891035fe2abd168e2c8b8d284dcd49405a3da4233a46fc0f50f25bb2abef41f435190e7d58e97dac5d759d1138e8"}]}}}]}, 0x14c}}, 0x0)

256.470226ms ago: executing program 3 (id=1883):
r0 = mq_open(&(0x7f000084dff0)='\xa1sxt\x1a\x00\x00\x00\x00\x00\x00\x00\x01\x88\xbdd', 0x6e93ebbbcc0884f2, 0x100, &(0x7f0000000300)={0x0, 0x1, 0x3})
mq_timedsend(r0, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r0, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r0, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYRESOCT=r0], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000002c0)=@generic={&(0x7f0000000280)='./file0\x00', 0x0, 0x10}, 0x18)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1c, &(0x7f0000000340)={@loopback, <r4=>0x0}, &(0x7f0000000380)=0x14)
r5 = open_tree(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x80000)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000400)={0x1b, 0x0, 0x0, 0x7ff, 0x0, r3, 0x7fff, '\x00', r4, r5, 0x5, 0x3, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000580)='br_fdb_add\x00', r2}, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001c008102e00f80ecdb4cb9f207c804a00d00000088081afb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0)

202.562387ms ago: executing program 0 (id=1884):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0))
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000280)={0x0, 0x7f}, &(0x7f00000002c0)=0x8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe06, 0x1000000, &(0x7f0000000100)="b9ff030f6044238cb89e14f088ca1bff430500001100630377fbac141414e000000162079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)

202.070277ms ago: executing program 0 (id=1885):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
timer_create(0x0, 0x0, &(0x7f0000000280)=<r4=>0x0)
timer_getoverrun(r4)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_STOP(r1, 0x54a1)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0006}]})
r6 = syz_open_dev$usbfs(&(0x7f0000000380), 0x3fb8, 0x1)
ioctl$USBDEVFS_SUBMITURB(r6, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {0x0, 0x1}, 0xfffffff8, 0x25, &(0x7f0000000040)={0x60, 0x1, 0x8001, 0x1}, 0x8, 0x6, 0xd0000, 0x0, 0x9e, 0x68e, 0x0})
close_range(r5, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r7)
socket$igmp6(0xa, 0x3, 0x2)
r8 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001ec0)={'batadv0\x00'})

201.631587ms ago: executing program 1 (id=1886):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000840)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
timer_create(0x8, &(0x7f0000000080)={0x0, 0x11}, &(0x7f00000001c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)
connect$pppl2tp(r3, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x8, 0x0, 0x1003, 0x0, {0xa, 0x2, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x2f, @private=0xa010102, 0x4e20, 0x3, 'wrr\x00', 0x2a, 0x0, 0x75}, 0x2c)
writev(r3, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)
socket$nl_route(0x10, 0x3, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x50)
r6 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x8042, 0x0)
fcntl$setlease(r6, 0x400, 0x1)
fcntl$setlease(r6, 0x400, 0x1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r5, <r7=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r8, 0x0, 0xfffffffffffffffd}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")

201.247707ms ago: executing program 4 (id=1887):
epoll_create1(0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x20, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
capget(&(0x7f0000000040)={0x20080522}, 0x0)

125.556768ms ago: executing program 2 (id=1888):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000001840), 0x0, 0x4000045)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000100)={0x3}, 0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000003c0)={0x0, 0x1}, 0x8)
close(r1)

124.694739ms ago: executing program 3 (id=1889):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0b00000005000000000400000100000001", @ANYBLOB], 0x50)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8052, &(0x7f0000000000)={[{@noauto_da_alloc}, {@init_itable_val={'init_itable', 0x3d, 0x4004}}, {@barrier_val={'barrier', 0x3d, 0x4}}]}, 0x43, 0x4e1, &(0x7f0000000740)="$eJzs3E9sVEUcAODf27a05Y+siCiIWkRjI7GFgsLBxGA08aCJERP12LSFIIUaWhIhaJbE4NGQeDcevXrwql6I8WTiFY8mhoQYLoCJcc3bfW93u91tadl2wX5fst2ZefvezOy8eTtvprsBrFtD6Z+kGr4WEVsjotD8gqHq0+2bFyfu3Lw4EaVy+dhfSWW3W2k8kx0mNmWR4UJE4fOkvqHB7PkLp8anp6fOZvHRudMfj86ev/DiyYEs5ciRQwcPHH557KXlV6pFfmm9bu36bGb3zjc/vPL2RG+enufWWI9OGYqhVkWpeK7TmXXZloZw0tvFgrAs6fmfNldfpf9vjZ5YrPFKa1gyYLWVy+Vyf/vNpXKzSwtSgAdWEt0uAdAd+Qd9ev+bP1oNBDaszvCj624crd4ApfW+nT0inq4k5vMgfU33t500FBEflP7+On3EKs1DAAA0+vFoPhJsGv8Vqysj/5y7+mr6/FC2hlKMiIcjYltEPBIR2yPi0YjYERGPRcTjTcfviYjyIvk3zzbX8q8tQhWud6iqLaXjv1eyta36+G9eAYo9WWxLRD5gntqfvSfD0dd//OT01IFF8vjp9d++bLetcfyXPtL887FgVo7rvU0TdJPjc+MrrnCTG5cidvU21z/pjUhqbZNExM6I2LWM4xYbwidf+HZ3LdI3/3VL17+i3HIdrQPrTOVvIp6vtn8p5rV/Pcdk3vrk6fETUyemzozV1idHB2J6av9oehbsb5nHL79efqdd/kvW//s/mnd54/APx7Kede/S9t/YcP5Hvn5br38xiUhq67Wzy8/j8u9ftL2nWen5vyF5rxLO70s/GZ+bO3sgYkPy1sL0sfq+eTx9jlK1/sN7W/f/bdk+6TvxRESkJ/GTEfFUVO8Q07LviYhnImLvIvX/+bVnP1p5/VdXWv/JputfteXntX99vb5dIMnWBqspg42bek7tuXanzcXj7tr/UCU0nKUsvP6lJUzmXSLalTT/tEtT/u3IOwgAAAD3v0JEbG6YS9ochcLISHUOaHtsLEzPzM7tOz5z7sxkui2iGH2FfKarOh/cl+Tzn8WG+FhT/GA2b/xVz2AlPjIxMz3Z1ZoDmyp9PimMRLzf09D/U392ZooZuJ/5vhasX4v1/3QQv+PKGhYGWFN3//l/9dNVLQiw5hr6f7tv+JdW8H9fwAPA/T9Qt/QP/bhmwIOvrC/Duras/r/PjwDC/0lvvFsLF7paEmCtGf/DurTk9/rvKVDub71pIBa+OAYWP2BPrKwYgy3y6kogHVl1JffBleyV/5pC29dEYXkH7I/OtOnxe3w3SmdnT+zo+Mlfzv5XvtMt+N2a9NNWga5cjgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADruvwAAAP//hS/gCQ==")
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00'}, 0x10)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x1b, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r2)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000240)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="000300"/18, @ANYRES32=r5, @ANYBLOB="0c009900dbf8ffff0e00000008002201840000000800a1000400000008002600fd16000008009f00b4da3ef7050018010d000000080022016a000000"], 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0)
r6 = socket(0x10, 0x3, 0x0)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r3)
prctl$PR_SET_NAME(0xf, &(0x7f0000000880)='+}[@\x00')
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r7, 0x0, 0x1004}, 0x18)
r8 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xfd, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x0, 0x0, 0xffffffbe, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x40082406, &(0x7f00000001c0)='cpu>20\t&&')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000c40)=@newqdisc={0xe8, 0x24, 0xd0f, 0x470bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r10, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x8, 0xd}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x9}, @TCA_STAB={0xb0, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x1, 0xd, 0x806, 0x8000, 0x1, 0x2, 0x1, 0x7}}, {0x5, 0x2, [0x4, 0x3ff, 0xff01, 0x40, 0x3, 0x9, 0x400]}}, {{0x1c, 0x1, {0x2, 0x8, 0x3, 0x6, 0x2, 0x8, 0x80000001, 0x5}}, {0xe, 0x2, [0x8, 0x9, 0x9, 0x4, 0x4]}}, {{0x1c, 0x1, {0xfb, 0x3, 0x6, 0x8000, 0x1, 0x4, 0x561d, 0x6}}, {0x10, 0x2, [0x0, 0x3, 0x8, 0xa7d, 0x200, 0x7]}}, {{0x1c, 0x1, {0x9, 0xeb, 0x2, 0x8, 0x0, 0x5, 0x705, 0x1}}, {0x6, 0x2, [0x0]}}]}]}, 0xe8}, 0x1, 0x0, 0x0, 0x24000040}, 0x0)
r11 = socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x3, 0x0)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r12, 0x8933, &(0x7f0000000000)={'team0\x00', <r13=>0x0})
bind$packet(r11, &(0x7f0000000200)={0x11, 0xf6, r13, 0x1, 0x55, 0x6, @multicast}, 0x14)
r14 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r14, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000002c0)="2e00000010008188040f80ec59acbc0413010048100000005e140602000000000e000a000f00000002800000121f", 0x29}], 0x1}, 0x0)

124.150438ms ago: executing program 2 (id=1890):
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd'])

93.229539ms ago: executing program 4 (id=1891):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r3}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r1}, 0x10)
pipe2$9p(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@version_u}]}})

45.950549ms ago: executing program 2 (id=1892):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

20.92958ms ago: executing program 1 (id=1893):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, 0x0, &(0x7f0000000240))
sendmsg$inet_sctp(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x208, 0x28, 0x2000008}}], 0x20, 0x2400e044}, 0x0)

0s ago: executing program 2 (id=1894):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x4, &(0x7f00000000c0)=[{0xf, 0x7, 0x3e, 0xfbcd}, {0x9, 0x3, 0x25, 0x3}, {0x8a, 0x0, 0x7, 0x1}, {0x4, 0x1, 0x9, 0x1}]})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600e, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f0000000440)={[{@bsdgroups}, {@noblock_validity}, {@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@debug}, {@errors_remount}]}, 0x1, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySG8rLm+kn+vD3PDEfEt0cjHq2srnfhytWz09Vaw3sR+xfPXdy/cOXqvvlz02dmz8yenzrwwsFDky9OHZzakDi358/Hjr/25Mfvv/383HfVfUkcjpOD787Eijg2yniMx508xNbygYg4lCXafC4Pmy0QQqlV8t/HwYh4PMaiUs81jMX8R4U2DuipWiWiBpRUov9DSTXHAc1j++6Og0/2eFTSP7eONA6AVsc/0Dg3EsP1Y6Ntt5OWI6PGuY0dG1B/Vsc/13Z/nj1i2XmIP+9unYENqKeTpesR8US7+JN623bUI83iT5e1I4mIyYj6OaCs/JUHaEPSku7FeZi1rDf+NCIO589Z+dF11j++It/v+AEop5tH8h35Upa7t//Lxh7N8U+0Gf+Mttl3rUfR+7/O47/m/n64fo48XTEOy8YsJ9q/5eDKgp8+PPZpp/pbx3/ZI6u/ORbsh1vXI3aviP+DLNh8/JPFn7TZ/tkqpw53V8er3/9yrNOyouOv3YjY0/b4596oNEutcX1y/9x8dXay8bNtHV9/89aXneovOv5s+2/rEH/L9k9Xvi77TC52WcdXJ26c67Rs9L7xpz8PJY3jzaG85J3pxcVLUxFDyfF8lZbyA2u3pblO8z2y+Pc+077/L/v9v778fUaafzK7cPGNs7c7LVvP9m+5mHyn1mUbOsnin7n/9l/V/7OyT7qs4483Lz/Vadla8Y88SGAAAAAAAABQQmn9GmySTtxNp+nERGO+7GOxLa1eWFh8du7C5fMzEXvr/w85mDavdI818kmWn8r/H7aZP7Ai/1xE7IyIzyoj9fzE6QvVmaKDBwAAAAAAAAAAAAAAAAAAgE1iez7/v3mf6t8rjfn/QEn08gZzwOam/0N51fv/qls8AWVg/w/lpf9Deen/UF76P5SX/g/lpf9Deen/UF76PwAAAABsSTufvvljEhFLL43UH5mhfJkZQbC1DRbdAKAwlaIbABTm7qV/g30ona7G/3/lXw7Y++YABUjaFdYHB7W1O//Ntq8EAAAAAAAAAAAAAHpgz67O8//NDYatzbQ/KK8HmP/vqwPgIeer/6G8HOMD95vFP9xpgfn/AAAAAAAAAAAAANA3o/VHkk7kc4FHI00nJiL+HxE7YjCZm6/OTkbEIxHxQ2Xwf1l+quhGAwAAAAAAAAAAAAAAAAAAwBazcOXq2elqdfZSa+LvVSVbO9G8C2of6no5/uOrIun/xzISEYVvlJ4lBlpKkoilbMtvioZdWojN0Yx6ouA/TAAAAAAAAAAAAAAAAAAAUEItc4/b2/1Fn1sEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP137/7/vUsUHSMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8HD6NwAA//+ipUAx")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
futex(&(0x7f0000000300)=0x20000000, 0x2, 0x1, &(0x7f0000000400)={0x77359400}, &(0x7f00000004c0)=0x2, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000000000000000001a18090000000000000000000000000000000000d45d2d4a4dc01ba528c42c8fdf256ae179e164bf7d44709ff2537bc2591251e1beebf2fb4c67770dac8fd9e424d7fcc50c51096e700d1916059b400abc078f4e7b8ac5e096dd44acb69719303c65788b7ede7642312664bc05bd8d3cc833f8dcef555108c3e5bd4d358d7bfbb82ce282284bc7b5efcfdea6e1c42239f8d39bb04a489e495afca16cf371170af700ea5218df6ebc79387fa8496fcb4934a0d75a", @ANYRES32, @ANYBLOB="00000000000057b6b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffe}, 0x18)
r1 = epoll_create1(0x80000)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x13, 0x0, @void}, 0x10)
epoll_pwait2(r1, &(0x7f00000001c0)=[{}], 0x1, &(0x7f0000000380)={0x0, 0x989680}, 0x0, 0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)={{0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x6909, 0x400000000000, 0x0, 0x8000})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{r2}, &(0x7f0000004000), &(0x7f0000004040)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)

kernel console output (not intermixed with test programs):

[ T7311] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  129.470445][ T7310] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  129.488341][ T7310] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  129.518338][ T7311] EXT4-fs error (device loop1): ext4_get_journal_inode:5796: comm syz.1.1186: inode #1: comm syz.1.1186: iget: illegal inode #
[  129.535584][ T7311] EXT4-fs (loop1): no journal found
[  129.540958][ T7311] EXT4-fs (loop1): can't get journal size
[  129.552534][ T7311] EXT4-fs (loop1): failed to initialize system zone (-22)
[  129.560141][ T7311] EXT4-fs (loop1): mount failed
[  129.562393][ T7327] loop2: detected capacity change from 0 to 1024
[  129.574043][ T7327] EXT4-fs (loop2): filesystem is read-only
[  129.582011][ T7327] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  129.608159][ T7327] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  129.619093][ T7327] EXT4-fs error (device loop2): ext4_get_journal_inode:5796: comm syz.2.1187: inode #1: comm syz.2.1187: iget: illegal inode #
[  129.635357][ T7336] tipc: Started in network mode
[  129.640455][ T7336] tipc: Node identity ac14140f, cluster identity 4711
[  129.647777][ T7336] tipc: New replicast peer: 255.255.255.255
[  129.653931][ T7336] tipc: Enabled bearer <udp:syz2>, priority 10
[  129.677757][ T7327] EXT4-fs (loop2): no journal found
[  129.683147][ T7327] EXT4-fs (loop2): can't get journal size
[  129.700549][ T7344] loop1: detected capacity change from 0 to 1024
[  129.709577][ T7327] EXT4-fs (loop2): failed to initialize system zone (-22)
[  129.717018][ T7327] EXT4-fs (loop2): mount failed
[  129.724730][ T7344] ext4 filesystem being mounted at /212/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  129.847868][ T7367] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  129.947118][ T7386] loop0: detected capacity change from 0 to 512
[  129.956402][ T7386] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.1193: invalid block
[  129.979303][ T7386] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.1193: invalid indirect mapped block 4294967295 (level 1)
[  129.995023][ T7386] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.1193: invalid indirect mapped block 4294967295 (level 1)
[  130.020583][ T7386] EXT4-fs (loop0): 2 truncates cleaned up
[  130.068898][ T7386] netlink: 136 bytes leftover after parsing attributes in process `+}[@'.
[  130.159021][ T7410] loop0: detected capacity change from 0 to 512
[  130.159026][ T7402] loop1: detected capacity change from 0 to 512
[  130.161452][ T7410] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.1196: bg 0: block 5: invalid block bitmap
[  130.184562][ T7410] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  130.195448][ T7402] EXT4-fs (loop1): too many log groups per flexible block group
[  130.195478][ T7410] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.1196: invalid indirect mapped block 3 (level 2)
[  130.203380][ T7402] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  130.218708][ T7410] EXT4-fs (loop0): 2 truncates cleaned up
[  130.231691][ T7402] EXT4-fs (loop1): mount failed
[  130.271906][ T7418] loop3: detected capacity change from 0 to 512
[  130.279478][ T7418] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  130.284103][ T7420] loop1: detected capacity change from 0 to 512
[  130.292622][ T7418] EXT4-fs (loop3): 1 truncate cleaned up
[  130.304375][ T7420] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.1199: invalid block
[  130.316913][ T7420] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1199: invalid indirect mapped block 4294967295 (level 1)
[  130.333074][ T7420] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1199: invalid indirect mapped block 4294967295 (level 1)
[  130.348143][ T7420] EXT4-fs (loop1): 2 truncates cleaned up
[  130.374443][ T7426] loop3: detected capacity change from 0 to 1024
[  130.381551][ T7426] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  130.391339][ T7426] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  130.398528][ T7420] netlink: 136 bytes leftover after parsing attributes in process `+}[@'.
[  130.413284][ T7426] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  130.422717][ T7426] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 2: comm syz.3.1200: lblock 2 mapped to illegal pblock 2 (length 1)
[  130.438183][ T7426] EXT4-fs (loop3): Remounting filesystem read-only
[  130.445454][ T7426] EXT4-fs (loop3): 1 orphan inode deleted
[  130.545544][ T7432] lo speed is unknown, defaulting to 1000
[  130.666197][ T7450] 9pnet_fd: Insufficient options for proto=fd
[  130.732374][ T7469] loop2: detected capacity change from 0 to 1024
[  130.741770][ T7469] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  130.751468][ T7469] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  130.764982][ T7466] loop4: detected capacity change from 0 to 512
[  130.772838][ T6491] tipc: Node number set to 2886997007
[  130.773599][ T7469] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  130.790419][ T7469] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 2: comm syz.2.1212: lblock 2 mapped to illegal pblock 2 (length 1)
[  130.793779][ T7466] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1213: bg 0: block 5: invalid block bitmap
[  130.806388][ T7469] EXT4-fs (loop2): Remounting filesystem read-only
[  130.825177][ T7469] EXT4-fs (loop2): 1 orphan inode deleted
[  130.836272][ T7466] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  130.882620][ T7474] FAULT_INJECTION: forcing a failure.
[  130.882620][ T7474] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.894211][ T7466] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1213: invalid indirect mapped block 3 (level 2)
[  130.896012][ T7474] CPU: 1 UID: 0 PID: 7474 Comm: +}[@ Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(voluntary) 
[  130.896067][ T7474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  130.896097][ T7474] Call Trace:
[  130.896107][ T7474]  <TASK>
[  130.896119][ T7474]  __dump_stack+0x1d/0x30
[  130.896147][ T7474]  dump_stack_lvl+0xe8/0x140
[  130.896215][ T7474]  dump_stack+0x15/0x1b
[  130.896240][ T7474]  should_fail_ex+0x265/0x280
[  130.896345][ T7474]  should_fail+0xb/0x20
[  130.896392][ T7474]  should_fail_usercopy+0x1a/0x20
[  130.896459][ T7474]  _copy_from_user+0x1c/0xb0
[  130.896574][ T7474]  ___sys_sendmsg+0xc1/0x1d0
[  130.896629][ T7474]  __x64_sys_sendmsg+0xd4/0x160
[  130.896669][ T7474]  x64_sys_call+0x2999/0x2fb0
[  130.896701][ T7474]  do_syscall_64+0xd2/0x200
[  130.896733][ T7474]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  130.896847][ T7474]  ? clear_bhb_loop+0x40/0x90
[  130.896879][ T7474]  ? clear_bhb_loop+0x40/0x90
[  130.896914][ T7474]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.896964][ T7474] RIP: 0033:0x7fb9f60ae929
[  130.896989][ T7474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.897025][ T7474] RSP: 002b:00007fb9f4717038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  130.897052][ T7474] RAX: ffffffffffffffda RBX: 00007fb9f62d5fa0 RCX: 00007fb9f60ae929
[  130.897072][ T7474] RDX: 0000000000008844 RSI: 0000200000000080 RDI: 000000000000000d
[  130.897091][ T7474] RBP: 00007fb9f4717090 R08: 0000000000000000 R09: 0000000000000000
[  130.897110][ T7474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.897144][ T7474] R13: 0000000000000000 R14: 00007fb9f62d5fa0 R15: 00007ffd51e46da8
[  130.897173][ T7474]  </TASK>
[  131.091899][ T7466] EXT4-fs (loop4): 2 truncates cleaned up
[  131.229729][ T7484] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  131.436240][ T7490] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  131.635745][ T7498] 9pnet_fd: Insufficient options for proto=fd
[  131.747875][ T7489] lo speed is unknown, defaulting to 1000
[  132.058902][ T7521] loop1: detected capacity change from 0 to 1024
[  132.075647][ T7523] loop2: detected capacity change from 0 to 512
[  132.076800][ T7525] loop4: detected capacity change from 0 to 512
[  132.099703][ T7523] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  132.131503][ T7521] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  132.141751][ T7521] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  132.153248][ T7527] ALSA: seq fatal error: cannot create timer (-19)
[  132.162013][ T7525] ext4 filesystem being mounted at /253/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  132.179735][ T7521] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  132.188262][ T7523] EXT4-fs (loop2): 1 truncate cleaned up
[  132.222253][ T7521] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 2: comm syz.1.1228: lblock 2 mapped to illegal pblock 2 (length 1)
[  132.222272][ T7525] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm +}[@: corrupted inode contents
[  132.254265][ T7525] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #18: comm +}[@: mark_inode_dirty error
[  132.255663][ T7521] EXT4-fs (loop1): Remounting filesystem read-only
[  132.273743][ T7521] EXT4-fs (loop1): 1 orphan inode deleted
[  132.303287][ T7525] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm +}[@: corrupted inode contents
[  132.329601][ T7525] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #18: comm +}[@: mark_inode_dirty error
[  132.385982][ T7525] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #18: comm +}[@: mark inode dirty (error -117)
[  132.412627][ T7542] 9pnet_fd: Insufficient options for proto=fd
[  132.449838][ T7525] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  132.473160][ T7549] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  132.486155][ T7549] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1235'.
[  132.560288][   T30] kauditd_printk_skb: 187 callbacks suppressed
[  132.560325][   T30] audit: type=1400 audit(1749436565.124:7072): avc:  denied  { bind } for  pid=7555 comm="syz.4.1240" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  132.586585][   T30] audit: type=1400 audit(1749436565.124:7073): avc:  denied  { node_bind } for  pid=7555 comm="syz.4.1240" saddr=fe80::aa scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  132.609811][ T7557] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  132.724775][ T7557] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1240'.
[  132.780159][ T7557] loop4: detected capacity change from 0 to 2048
[  132.894554][ T7568] loop2: detected capacity change from 0 to 1024
[  132.902428][ T7568] EXT4-fs (loop2): filesystem is read-only
[  132.910144][ T7568] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  132.923256][ T7568] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  132.927647][ T7572] loop4: detected capacity change from 0 to 512
[  132.934511][ T7568] EXT4-fs error (device loop2): ext4_get_journal_inode:5796: comm syz.2.1243: inode #1: comm syz.2.1243: iget: illegal inode #
[  132.943970][ T7572] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  132.965670][ T7568] EXT4-fs (loop2): no journal found
[  132.970939][ T7568] EXT4-fs (loop2): can't get journal size
[  132.971841][ T7572] EXT4-fs (loop4): 1 truncate cleaned up
[  132.985117][ T7568] EXT4-fs (loop2): failed to initialize system zone (-22)
[  132.994852][ T7568] EXT4-fs (loop2): mount failed
[  133.051159][ T7584] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  133.063002][ T7584] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  133.075779][ T7584] 9pnet_fd: Insufficient options for proto=fd
[  133.129169][ T7591] 9pnet_fd: Insufficient options for proto=fd
[  133.162868][ T7593] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  133.171428][ T7593] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  133.237850][ T7595] FAULT_INJECTION: forcing a failure.
[  133.237850][ T7595] name failslab, interval 1, probability 0, space 0, times 0
[  133.250962][ T7595] CPU: 1 UID: 0 PID: 7595 Comm: syz.0.1251 Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(voluntary) 
[  133.251046][ T7595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  133.251057][ T7595] Call Trace:
[  133.251064][ T7595]  <TASK>
[  133.251072][ T7595]  __dump_stack+0x1d/0x30
[  133.251129][ T7595]  dump_stack_lvl+0xe8/0x140
[  133.251146][ T7595]  dump_stack+0x15/0x1b
[  133.251160][ T7595]  should_fail_ex+0x265/0x280
[  133.251192][ T7595]  should_failslab+0x8c/0xb0
[  133.251214][ T7595]  kmem_cache_alloc_noprof+0x50/0x310
[  133.251303][ T7595]  ? alloc_empty_file+0x76/0x200
[  133.251361][ T7595]  ? mntput+0x4b/0x80
[  133.251386][ T7595]  alloc_empty_file+0x76/0x200
[  133.251411][ T7595]  path_openat+0x68/0x2170
[  133.251441][ T7595]  ? _parse_integer_limit+0x170/0x190
[  133.251545][ T7595]  ? kstrtoull+0x111/0x140
[  133.251573][ T7595]  ? kstrtouint+0x76/0xc0
[  133.251601][ T7595]  do_filp_open+0x109/0x230
[  133.251652][ T7595]  do_sys_openat2+0xa6/0x110
[  133.251701][ T7595]  __x64_sys_openat+0xf2/0x120
[  133.251792][ T7595]  x64_sys_call+0x1af/0x2fb0
[  133.251811][ T7595]  do_syscall_64+0xd2/0x200
[  133.251830][ T7595]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  133.251928][ T7595]  ? clear_bhb_loop+0x40/0x90
[  133.251947][ T7595]  ? clear_bhb_loop+0x40/0x90
[  133.251968][ T7595]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.252066][ T7595] RIP: 0033:0x7f0fc044e929
[  133.252081][ T7595] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.252118][ T7595] RSP: 002b:00007f0fbeab7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  133.252135][ T7595] RAX: ffffffffffffffda RBX: 00007f0fc0675fa0 RCX: 00007f0fc044e929
[  133.252146][ T7595] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  133.252157][ T7595] RBP: 00007f0fbeab7090 R08: 0000000000000000 R09: 0000000000000000
[  133.252168][ T7595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  133.252254][ T7595] R13: 0000000000000000 R14: 00007f0fc0675fa0 R15: 00007ffcbbaf7208
[  133.252279][ T7595]  </TASK>
[  133.512673][   T30] audit: type=1326 audit(1749436566.074:7074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7596 comm="syz.3.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  133.536394][   T30] audit: type=1326 audit(1749436566.074:7075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7596 comm="syz.3.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  133.575252][   T30] audit: type=1326 audit(1749436566.084:7076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7596 comm="syz.3.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  133.598887][   T30] audit: type=1326 audit(1749436566.124:7077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7596 comm="syz.3.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  133.623021][   T30] audit: type=1326 audit(1749436566.124:7078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7596 comm="syz.3.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  133.647842][   T30] audit: type=1326 audit(1749436566.144:7079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7596 comm="syz.3.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  133.671715][   T30] audit: type=1326 audit(1749436566.144:7080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7596 comm="syz.3.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  133.695368][   T30] audit: type=1326 audit(1749436566.144:7081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7596 comm="syz.3.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  133.722491][ T7599] FAULT_INJECTION: forcing a failure.
[  133.722491][ T7599] name failslab, interval 1, probability 0, space 0, times 0
[  133.735595][ T7599] CPU: 0 UID: 0 PID: 7599 Comm: syz.0.1254 Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(voluntary) 
[  133.735634][ T7599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  133.735714][ T7599] Call Trace:
[  133.735723][ T7599]  <TASK>
[  133.735734][ T7599]  __dump_stack+0x1d/0x30
[  133.735815][ T7599]  dump_stack_lvl+0xe8/0x140
[  133.735841][ T7599]  dump_stack+0x15/0x1b
[  133.735863][ T7599]  should_fail_ex+0x265/0x280
[  133.735906][ T7599]  should_failslab+0x8c/0xb0
[  133.735932][ T7599]  kmem_cache_alloc_node_noprof+0x57/0x320
[  133.736058][ T7599]  ? __alloc_skb+0x101/0x320
[  133.736142][ T7599]  __alloc_skb+0x101/0x320
[  133.736179][ T7599]  ? audit_log_start+0x365/0x6c0
[  133.736279][ T7599]  audit_log_start+0x380/0x6c0
[  133.736322][ T7599]  audit_seccomp+0x48/0x100
[  133.736365][ T7599]  ? __seccomp_filter+0x68c/0x10d0
[  133.736396][ T7599]  __seccomp_filter+0x69d/0x10d0
[  133.736426][ T7599]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  133.736452][ T7599]  ? vfs_write+0x75e/0x8e0
[  133.736534][ T7599]  ? __rcu_read_unlock+0x4f/0x70
[  133.736662][ T7599]  ? __fget_files+0x184/0x1c0
[  133.736695][ T7599]  __secure_computing+0x82/0x150
[  133.736751][ T7599]  syscall_trace_enter+0xcf/0x1e0
[  133.736816][ T7599]  do_syscall_64+0xac/0x200
[  133.736844][ T7599]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  133.736874][ T7599]  ? clear_bhb_loop+0x40/0x90
[  133.736957][ T7599]  ? clear_bhb_loop+0x40/0x90
[  133.736988][ T7599]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.737017][ T7599] RIP: 0033:0x7f0fc044e929
[  133.737037][ T7599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.737062][ T7599] RSP: 002b:00007f0fbeab7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  133.737146][ T7599] RAX: ffffffffffffffda RBX: 00007f0fc0675fa0 RCX: 00007f0fc044e929
[  133.737163][ T7599] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[  133.737179][ T7599] RBP: 00007f0fbeab7090 R08: 0000000000000000 R09: 0000000000000000
[  133.737196][ T7599] R10: 0000000022004001 R11: 0000000000000246 R12: 0000000000000001
[  133.737212][ T7599] R13: 0000000000000000 R14: 00007f0fc0675fa0 R15: 00007ffcbbaf7208
[  133.737237][ T7599]  </TASK>
[  133.776037][ T7605] loop3: detected capacity change from 0 to 512
[  133.978951][ T7605] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  134.000640][ T7610] loop2: detected capacity change from 0 to 1024
[  134.008652][ T7605] EXT4-fs (loop3): 1 truncate cleaned up
[  134.018041][ T7610] EXT4-fs: Ignoring removed mblk_io_submit option
[  134.116507][ T7627] 9pnet_fd: Insufficient options for proto=fd
[  134.151799][ T7631] 9pnet_fd: Insufficient options for proto=fd
[  134.202374][ T7637] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1266'.
[  134.236795][ T7641] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  134.246208][ T7641] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  134.287591][ T7643] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  134.319875][ T7648] $Hÿ: renamed from bond0
[  134.328309][ T7648] $Hÿ: entered promiscuous mode
[  134.333547][ T7648] bond_slave_0: entered promiscuous mode
[  134.339621][ T7648] bond_slave_1: entered promiscuous mode
[  134.347344][ T7648] dummy0: entered promiscuous mode
[  134.393260][ T7654] 9pnet_fd: Insufficient options for proto=fd
[  134.476556][ T7667] loop2: detected capacity change from 0 to 1024
[  134.485181][ T7667] EXT4-fs (loop2): filesystem is read-only
[  134.498789][ T7667] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  134.513486][ T7667] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  134.535960][ T7667] EXT4-fs error (device loop2): ext4_get_journal_inode:5796: comm syz.2.1277: inode #1: comm syz.2.1277: iget: illegal inode #
[  134.552609][ T7667] EXT4-fs (loop2): no journal found
[  134.558406][ T7667] EXT4-fs (loop2): can't get journal size
[  134.570791][ T7667] EXT4-fs (loop2): failed to initialize system zone (-22)
[  134.594525][ T7667] EXT4-fs (loop2): mount failed
[  134.614365][ T7675] loop1: detected capacity change from 0 to 1024
[  134.623904][ T7675] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  134.634523][ T7675] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  134.648002][ T7675] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  134.665201][ T7675] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 2: comm syz.1.1279: lblock 2 mapped to illegal pblock 2 (length 1)
[  134.678402][ T7681] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  134.694033][ T7675] EXT4-fs (loop1): Remounting filesystem read-only
[  134.702962][ T7675] EXT4-fs (loop1): 1 orphan inode deleted
[  134.710689][ T7675] EXT4-fs mount: 71 callbacks suppressed
[  134.710708][ T7675] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.780406][ T7675] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.797676][ T7690] loop3: detected capacity change from 0 to 512
[  134.806667][ T7690] journal_path: Non-blockdev passed as './bus'
[  134.813542][ T7690] EXT4-fs: error: could not find journal device path
[  134.822170][ T7690] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  134.882910][ T7695] loop1: detected capacity change from 0 to 2048
[  134.898717][ T7697] loop2: detected capacity change from 0 to 1024
[  134.913256][ T7695]  loop1: p1 < > p4
[  134.917922][ T7695] loop1: p4 size 8388608 extends beyond EOD, truncated
[  134.926815][ T7697] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.940002][ T7697] ext4 filesystem being mounted at /273/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.980597][ T7705] loop4: detected capacity change from 0 to 512
[  134.986648][ T7707] loop1: detected capacity change from 0 to 512
[  134.990677][ T7705] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.1291: invalid block
[  134.994607][ T7707] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  135.007201][ T7705] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1291: invalid indirect mapped block 4294967295 (level 1)
[  135.031139][ T7705] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1291: invalid indirect mapped block 4294967295 (level 1)
[  135.047574][ T7707] EXT4-fs (loop1): 1 truncate cleaned up
[  135.053963][ T7707] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.067895][ T7705] EXT4-fs (loop4): 2 truncates cleaned up
[  135.079794][ T7705] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.084002][ T7697] net_ratelimit: 92 callbacks suppressed
[  135.084023][ T7697] netlink: zone id is out of range
[  135.134164][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.153830][ T7697] netlink: zone id is out of range
[  135.167399][ T7697] netlink: zone id is out of range
[  135.173282][ T7697] netlink: zone id is out of range
[  135.178716][ T7697] netlink: zone id is out of range
[  135.185945][ T7697] netlink: zone id is out of range
[  135.191477][ T7697] netlink: zone id is out of range
[  135.194993][ T7705] netlink: 136 bytes leftover after parsing attributes in process `+}[@'.
[  135.197081][ T7697] netlink: zone id is out of range
[  135.213996][ T7697] netlink: zone id is out of range
[  135.220976][ T7697] netlink: zone id is out of range
[  135.272127][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.307715][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.342479][ T7732] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  135.343574][ T7731] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  135.373764][ T7732] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  135.417780][ T7737] loop1: detected capacity change from 0 to 1024
[  135.428911][ T7737] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  135.441278][ T7737] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  135.454500][ T7737] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  135.466240][ T7737] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 2: comm syz.1.1298: lblock 2 mapped to illegal pblock 2 (length 1)
[  135.481547][ T7737] EXT4-fs (loop1): Remounting filesystem read-only
[  135.490653][ T7737] EXT4-fs (loop1): 1 orphan inode deleted
[  135.497609][ T7737] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.511857][ T7737] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.608503][ T7751] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  135.621080][ T7751] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1302'.
[  135.658131][ T7755] syzkaller0: entered promiscuous mode
[  135.664359][ T7755] syzkaller0: entered allmulticast mode
[  135.955435][ T7782] loop3: detected capacity change from 0 to 1024
[  135.964333][ T7782] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  135.973439][ T7782] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  136.011634][ T7783] lo speed is unknown, defaulting to 1000
[  136.329621][ T7782] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  136.434098][ T7782] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 2: comm syz.3.1314: lblock 2 mapped to illegal pblock 2 (length 1)
[  136.460325][ T7790] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1316'.
[  136.478581][ T7788] loop4: detected capacity change from 0 to 1024
[  136.504249][ T7782] EXT4-fs (loop3): Remounting filesystem read-only
[  136.511224][ T7782] EXT4-fs (loop3): 1 orphan inode deleted
[  136.519022][ T7792] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1317'.
[  136.531297][ T7782] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.557399][ T7788] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.573529][ T7788] ext4 filesystem being mounted at /269/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.594432][ T7782] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.643027][ T7792] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1317'.
[  136.760819][ T7802] syzkaller0: entered promiscuous mode
[  136.766638][ T7802] syzkaller0: entered allmulticast mode
[  136.876831][ T7819] loop1: detected capacity change from 0 to 1024
[  136.902090][ T7819] EXT4-fs: Ignoring removed mblk_io_submit option
[  136.919865][ T7819] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.957044][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.995571][ T7825] loop2: detected capacity change from 0 to 1024
[  137.014524][ T7827] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  137.026410][ T7825] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.042459][ T7827] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  137.048908][ T7825] ext4 filesystem being mounted at /280/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  137.067972][ T7833] loop4: detected capacity change from 0 to 512
[  137.077245][ T7833] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1327: bg 0: block 5: invalid block bitmap
[  137.099258][ T7833] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  137.110865][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.111327][ T7836] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  137.130570][ T7833] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1327: invalid indirect mapped block 3 (level 2)
[  137.131808][ T7836] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  137.170438][ T7833] EXT4-fs (loop4): 2 truncates cleaned up
[  137.176988][ T7833] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.191011][ T7833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.200398][ T7838] loop1: detected capacity change from 0 to 512
[  137.213236][ T7838] journal_path: Non-blockdev passed as './bus'
[  137.219668][ T7838] EXT4-fs: error: could not find journal device path
[  137.351586][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.452549][ T7847] syzkaller0: entered promiscuous mode
[  137.460353][ T7847] syzkaller0: entered allmulticast mode
[  137.595807][   T30] kauditd_printk_skb: 566 callbacks suppressed
[  137.595828][   T30] audit: type=1400 audit(1749436570.164:7640): avc:  denied  { accept } for  pid=7856 comm="syz.4.1336" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  137.629540][ T7857] IPv6: Can't replace route, no match found
[  137.695035][   T30] audit: type=1326 audit(1749436570.264:7641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7860 comm="syz.3.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  137.719855][   T30] audit: type=1326 audit(1749436570.264:7642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7860 comm="syz.3.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  137.748013][   T30] audit: type=1326 audit(1749436570.314:7643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7860 comm="syz.3.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  137.772788][   T30] audit: type=1326 audit(1749436570.314:7644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7860 comm="syz.3.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  137.797889][   T30] audit: type=1326 audit(1749436570.314:7645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7860 comm="syz.3.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  137.823372][   T30] audit: type=1326 audit(1749436570.314:7646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7860 comm="syz.3.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  137.851575][   T30] audit: type=1326 audit(1749436570.314:7647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7860 comm="syz.3.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  137.880528][   T30] audit: type=1326 audit(1749436570.314:7648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7860 comm="syz.3.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  137.906862][   T30] audit: type=1326 audit(1749436570.394:7649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7860 comm="syz.3.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  138.068005][ T7876] FAULT_INJECTION: forcing a failure.
[  138.068005][ T7876] name failslab, interval 1, probability 0, space 0, times 0
[  138.081991][ T7876] CPU: 1 UID: 0 PID: 7876 Comm: syz.4.1341 Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(voluntary) 
[  138.082043][ T7876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  138.082062][ T7876] Call Trace:
[  138.082070][ T7876]  <TASK>
[  138.082080][ T7876]  __dump_stack+0x1d/0x30
[  138.082107][ T7876]  dump_stack_lvl+0xe8/0x140
[  138.082134][ T7876]  dump_stack+0x15/0x1b
[  138.082228][ T7876]  should_fail_ex+0x265/0x280
[  138.082276][ T7876]  should_failslab+0x8c/0xb0
[  138.082308][ T7876]  kmem_cache_alloc_noprof+0x50/0x310
[  138.082345][ T7876]  ? audit_log_start+0x365/0x6c0
[  138.082410][ T7876]  audit_log_start+0x365/0x6c0
[  138.082452][ T7876]  ? __rcu_read_unlock+0x4f/0x70
[  138.082485][ T7876]  audit_seccomp+0x48/0x100
[  138.082573][ T7876]  ? __seccomp_filter+0x68c/0x10d0
[  138.082602][ T7876]  __seccomp_filter+0x69d/0x10d0
[  138.082628][ T7876]  ? _raw_spin_unlock_bh+0x36/0x40
[  138.082752][ T7876]  ? lock_sock_nested+0x112/0x140
[  138.082830][ T7876]  __secure_computing+0x82/0x150
[  138.082864][ T7876]  syscall_trace_enter+0xcf/0x1e0
[  138.082897][ T7876]  do_syscall_64+0xac/0x200
[  138.082985][ T7876]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  138.083118][ T7876]  ? clear_bhb_loop+0x40/0x90
[  138.083146][ T7876]  ? clear_bhb_loop+0x40/0x90
[  138.083175][ T7876]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.083203][ T7876] RIP: 0033:0x7f24e816d33c
[  138.083225][ T7876] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  138.086086][ T7876] RSP: 002b:00007f24e67b6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  138.086115][ T7876] RAX: ffffffffffffffda RBX: 00007f24e8396080 RCX: 00007f24e816d33c
[  138.086131][ T7876] RDX: 000000000000000f RSI: 00007f24e67b60a0 RDI: 0000000000000005
[  138.086147][ T7876] RBP: 00007f24e67b6090 R08: 0000000000000000 R09: 0000000000000000
[  138.086209][ T7876] R10: 0000200000000e40 R11: 0000000000000246 R12: 0000000000000001
[  138.086226][ T7876] R13: 0000000000000000 R14: 00007f24e8396080 R15: 00007ffdd6674308
[  138.086286][ T7876]  </TASK>
[  138.380569][ T7886] loop2: detected capacity change from 0 to 512
[  138.384175][ T7885] syzkaller0: entered promiscuous mode
[  138.394607][ T7885] syzkaller0: entered allmulticast mode
[  138.416343][ T7886] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  138.443940][ T7886] EXT4-fs (loop2): 1 truncate cleaned up
[  138.451353][ T7881] loop1: detected capacity change from 0 to 1024
[  138.464086][ T7886] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.464454][ T7889] loop4: detected capacity change from 0 to 1024
[  138.514906][ T7881] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.533947][ T7889] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.548961][ T7881] ext4 filesystem being mounted at /245/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.564744][ T7889] ext4 filesystem being mounted at /277/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.566841][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.607192][ T7897] 9pnet_fd: Insufficient options for proto=fd
[  138.824292][ T7910] loop3: detected capacity change from 0 to 1024
[  138.867635][ T7910] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.886692][ T7910] ext4 filesystem being mounted at /255/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.961102][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.004657][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.009273][ T7921] loop2: detected capacity change from 0 to 512
[  139.023184][ T7921] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  139.048205][ T7923] syzkaller0: entered promiscuous mode
[  139.055134][ T7923] syzkaller0: entered allmulticast mode
[  139.066388][ T7921] EXT4-fs (loop2): 1 truncate cleaned up
[  139.076749][ T7921] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.118045][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.166773][ T7929] loop2: detected capacity change from 0 to 512
[  139.189182][ T7929] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz.2.1361: invalid block
[  139.191176][ T7930] loop1: detected capacity change from 0 to 1024
[  139.213287][ T7930] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  139.224818][ T7929] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1361: invalid indirect mapped block 4294967295 (level 1)
[  139.248864][ T7930] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  139.262645][ T7929] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1361: invalid indirect mapped block 4294967295 (level 1)
[  139.280091][ T7930] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  139.289405][ T7933] loop4: detected capacity change from 0 to 512
[  139.298957][ T7930] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 2: comm syz.1.1360: lblock 2 mapped to illegal pblock 2 (length 1)
[  139.314122][ T7933] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  139.316329][ T7929] EXT4-fs (loop2): 2 truncates cleaned up
[  139.333091][ T7930] EXT4-fs (loop1): Remounting filesystem read-only
[  139.334584][ T7929] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.363530][ T7933] EXT4-fs (loop4): 1 truncate cleaned up
[  139.379766][ T7930] EXT4-fs (loop1): 1 orphan inode deleted
[  139.384729][ T7933] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.401800][ T7930] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.420794][ T7938] netlink: 136 bytes leftover after parsing attributes in process `+}[@'.
[  139.432356][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.443950][ T7930] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.484037][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.496378][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.536005][ T7944] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  139.536162][ T7944] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  139.563751][ T7948] loop3: detected capacity change from 0 to 512
[  139.582803][ T7948] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  139.600271][ T7948] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1368'.
[  139.617657][ T7948] Cannot find del_set index 3 as target
[  139.657277][ T7950] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  139.657932][ T7956] loop4: detected capacity change from 0 to 512
[  139.674876][ T7958] loop3: detected capacity change from 0 to 512
[  139.687658][ T7958] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  139.705571][ T7956] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1371: bg 0: block 5: invalid block bitmap
[  139.731921][ T7956] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  139.735363][ T7958] EXT4-fs (loop3): 1 truncate cleaned up
[  139.747814][ T7956] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1371: invalid indirect mapped block 3 (level 2)
[  139.769839][ T7956] EXT4-fs (loop4): 2 truncates cleaned up
[  139.780248][ T7956] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.783386][ T7958] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.831528][ T7956] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.896824][ T7970] netlink: 136 bytes leftover after parsing attributes in process `+}[@'.
[  139.909678][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.939023][ T7977] loop3: detected capacity change from 0 to 1024
[  139.947377][ T7977] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  139.976001][ T7977] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  139.999668][ T7977] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  140.010040][ T7988] 9pnet_fd: Insufficient options for proto=fd
[  140.010905][ T7977] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 2: comm syz.3.1379: lblock 2 mapped to illegal pblock 2 (length 1)
[  140.031396][ T7977] EXT4-fs (loop3): Remounting filesystem read-only
[  140.038385][ T7977] EXT4-fs (loop3): 1 orphan inode deleted
[  140.044708][ T7977] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.092620][ T7991] syzkaller0: entered promiscuous mode
[  140.096671][ T7992] loop1: detected capacity change from 0 to 2048
[  140.099719][ T7991] syzkaller0: entered allmulticast mode
[  140.114420][ T7977] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.138110][ T7992] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.278923][ T8014] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  140.305080][ T8014] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1386'.
[  140.322964][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.360163][ T8013] netlink: 136 bytes leftover after parsing attributes in process `+}[@'.
[  140.408583][ T8024] loop2: detected capacity change from 0 to 512
[  140.420350][ T8024] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1398: bg 0: block 5: invalid block bitmap
[  140.433890][ T8024] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  140.447281][ T8024] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1398: invalid indirect mapped block 3 (level 2)
[  140.475224][ T8031] loop1: detected capacity change from 0 to 1024
[  140.485417][ T8024] EXT4-fs (loop2): 2 truncates cleaned up
[  140.487960][ T8033] 9pnet_fd: Insufficient options for proto=fd
[  140.492098][ T8024] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.515762][ T8024] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.531523][ T8031] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.548842][ T8031] ext4 filesystem being mounted at /255/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.697960][ T8043] net_ratelimit: 245 callbacks suppressed
[  140.697982][ T8043] netlink: zone id is out of range
[  140.729645][ T8043] netlink: zone id is out of range
[  140.762977][ T8043] netlink: zone id is out of range
[  140.768894][ T8043] netlink: zone id is out of range
[  140.782899][ T8043] netlink: zone id is out of range
[  140.788773][ T8043] netlink: zone id is out of range
[  140.789667][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.795450][ T8043] netlink: zone id is out of range
[  140.809993][ T8043] netlink: zone id is out of range
[  140.816083][ T8043] netlink: zone id is out of range
[  140.821717][ T8043] netlink: zone id is out of range
[  140.846544][ T8046] IPv6: Can't replace route, no match found
[  140.851549][ T8048] loop1: detected capacity change from 0 to 512
[  140.880075][ T8048] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  140.910583][ T8048] EXT4-fs (loop1): 1 truncate cleaned up
[  140.926526][ T8048] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.976822][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.007795][ T8058] loop1: detected capacity change from 0 to 1024
[  141.056994][ T8059] netlink: 136 bytes leftover after parsing attributes in process `+}[@'.
[  141.062153][ T8065] loop1: detected capacity change from 0 to 512
[  141.090411][ T8065] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.1411: invalid block
[  141.105509][ T8065] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1411: invalid indirect mapped block 4294967295 (level 1)
[  141.123138][ T8065] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1411: invalid indirect mapped block 4294967295 (level 1)
[  141.140080][ T8065] EXT4-fs (loop1): 2 truncates cleaned up
[  141.146685][ T8065] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  141.174865][ T8070] loop2: detected capacity change from 0 to 1024
[  141.180239][ T8072] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  141.199326][ T8072] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  141.212248][ T8070] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.227788][ T8065] netlink: 136 bytes leftover after parsing attributes in process `+}[@'.
[  141.260911][ T8070] ext4 filesystem being mounted at /300/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  141.306153][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.317138][ T8084] IPv6: Can't replace route, no match found
[  141.360099][ T8087] 9pnet_fd: Insufficient options for proto=fd
[  141.417951][ T8089] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  141.430280][ T8089] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  141.564371][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.589306][ T8096] loop2: detected capacity change from 0 to 512
[  141.608642][ T8096] loop2: detected capacity change from 0 to 2048
[  141.617125][ T8096] EXT4-fs: Ignoring removed bh option
[  141.634844][ T8096] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.681052][ T8102] loop1: detected capacity change from 0 to 512
[  141.688484][ T8102] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  141.701400][ T8102] EXT4-fs (loop1): 1 truncate cleaned up
[  141.708908][ T8102] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  141.745449][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.888465][ T8114] loop4: detected capacity change from 0 to 512
[  141.920828][ T8114] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  141.923752][ T8119] syzkaller0: entered promiscuous mode
[  141.935640][ T8119] syzkaller0: entered allmulticast mode
[  141.950344][ T8114] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1428'.
[  141.966528][ T8120] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1421'.
[  141.987734][ T8114] Cannot find del_set index 3 as target
[  142.008412][ T8117] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1421'.
[  142.044114][ T8127] loop4: detected capacity change from 0 to 1024
[  142.058645][ T8127] EXT4-fs (loop4): filesystem is read-only
[  142.079642][ T8125] loop1: detected capacity change from 0 to 1024
[  142.087360][ T8127] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  142.101875][ T8127] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  142.123944][ T8127] EXT4-fs error (device loop4): ext4_get_journal_inode:5796: comm syz.4.1433: inode #1: comm syz.4.1433: iget: illegal inode #
[  142.124040][ T8125] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.161075][ T8127] EXT4-fs (loop4): no journal found
[  142.167228][ T8127] EXT4-fs (loop4): can't get journal size
[  142.203546][ T8125] ext4 filesystem being mounted at /268/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.216404][ T8137] loop3: detected capacity change from 0 to 1024
[  142.226640][ T8108] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  142.240721][ T8127] EXT4-fs (loop4): failed to initialize system zone (-22)
[  142.242121][ T8108] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 15 with max blocks 641 with error 28
[  142.252077][ T8137] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.261805][ T8108] EXT4-fs (loop2): This should not happen!! Data will be lost
[  142.261805][ T8108] 
[  142.276664][ T8127] EXT4-fs (loop4): mount failed
[  142.285080][ T8108] EXT4-fs (loop2): Total free blocks count 0
[  142.285102][ T8108] EXT4-fs (loop2): Free/Dirty block details
[  142.285116][ T8108] EXT4-fs (loop2): free_blocks=2415919104
[  142.285133][ T8108] EXT4-fs (loop2): dirty_blocks=8224
[  142.285146][ T8108] EXT4-fs (loop2): Block reservation details
[  142.285157][ T8108] EXT4-fs (loop2): i_reserved_data_blocks=514
[  142.287165][ T8137] ext4 filesystem being mounted at /264/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.352050][ T8142] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  142.382510][ T8142] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  142.394210][ T8142] 9pnet_fd: Insufficient options for proto=fd
[  142.468864][ T5855] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  142.537285][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.557589][ T8151] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  142.566859][ T8151] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  142.610152][ T8153] loop1: detected capacity change from 0 to 512
[  142.631763][   T30] kauditd_printk_skb: 748 callbacks suppressed
[  142.631783][   T30] audit: type=1326 audit(1749436575.194:8392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8136 comm="syz.3.1436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  142.661857][   T30] audit: type=1326 audit(1749436575.194:8393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8136 comm="syz.3.1436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  142.687343][ T8153] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.1443: invalid block
[  142.700989][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.711087][ T8153] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1443: invalid indirect mapped block 4294967295 (level 1)
[  142.734189][ T8153] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1443: invalid indirect mapped block 4294967295 (level 1)
[  142.755195][ T8153] EXT4-fs (loop1): 2 truncates cleaned up
[  142.761888][ T8156] loop2: detected capacity change from 0 to 512
[  142.763769][ T8153] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.774541][ T8156] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz.2.1441: invalid block
[  142.799321][ T8156] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1441: invalid indirect mapped block 4294967295 (level 1)
[  142.815871][ T8156] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1441: invalid indirect mapped block 4294967295 (level 1)
[  142.832013][ T8156] EXT4-fs (loop2): 2 truncates cleaned up
[  142.837095][ T8153] netlink: 136 bytes leftover after parsing attributes in process `+}[@'.
[  142.838591][ T8156] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.886522][ T8156] netlink: 136 bytes leftover after parsing attributes in process `+}[@'.
[  142.909462][ T8167] loop1: detected capacity change from 0 to 512
[  142.917020][ T8167] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  142.931955][ T8167] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1444'.
[  142.954088][ T8167] Cannot find del_set index 3 as target
[  142.987925][   T30] audit: type=1326 audit(1749436575.554:8394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8173 comm="syz.2.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8f0c3e929 code=0x7ffc0000
[  143.018596][   T30] audit: type=1326 audit(1749436575.584:8395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8173 comm="syz.2.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa8f0c3e929 code=0x7ffc0000
[  143.042886][   T30] audit: type=1326 audit(1749436575.584:8396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8173 comm="syz.2.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8f0c3e929 code=0x7ffc0000
[  143.067124][   T30] audit: type=1326 audit(1749436575.584:8397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8173 comm="syz.2.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8f0c3e929 code=0x7ffc0000
[  143.069044][ T8176] loop1: detected capacity change from 0 to 1024
[  143.091346][   T30] audit: type=1326 audit(1749436575.584:8398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8173 comm="syz.2.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa8f0c3e929 code=0x7ffc0000
[  143.122293][   T30] audit: type=1326 audit(1749436575.584:8399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8173 comm="syz.2.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8f0c3e929 code=0x7ffc0000
[  143.147749][   T30] audit: type=1326 audit(1749436575.584:8400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8173 comm="syz.2.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8f0c3e929 code=0x7ffc0000
[  143.171587][   T30] audit: type=1326 audit(1749436575.584:8401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8173 comm="syz.2.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa8f0c3d290 code=0x7ffc0000
[  143.196896][ T8176] EXT4-fs (loop1): filesystem is read-only
[  143.214339][ T8176] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  143.224589][ T8176] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  143.235096][ T8176] EXT4-fs error (device loop1): ext4_get_journal_inode:5796: comm syz.1.1449: inode #1: comm syz.1.1449: iget: illegal inode #
[  143.268102][ T8176] EXT4-fs (loop1): no journal found
[  143.273554][ T8176] EXT4-fs (loop1): can't get journal size
[  143.292389][ T8184] loop3: detected capacity change from 0 to 1024
[  143.303659][ T8176] EXT4-fs (loop1): failed to initialize system zone (-22)
[  143.317553][ T8184] ext4 filesystem being mounted at /269/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.328656][ T8176] EXT4-fs (loop1): mount failed
[  143.460049][ T8194] loop1: detected capacity change from 0 to 1024
[  143.473363][ T8194] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  143.496198][ T8194] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  143.516591][ T8194] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  143.545897][ T8194] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 2: comm syz.1.1456: lblock 2 mapped to illegal pblock 2 (length 1)
[  143.569580][ T8194] EXT4-fs (loop1): Remounting filesystem read-only
[  143.578755][ T8194] EXT4-fs (loop1): 1 orphan inode deleted
[  143.599762][ T8204] loop4: detected capacity change from 0 to 512
[  143.608719][ T8204] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  143.657416][ T8204] EXT4-fs (loop4): 1 truncate cleaned up
[  143.670588][ T8209] SELinux:  Context šàô	óâE>7�2Ü=)êѪcÉÖcÀºfÍ©‚guÑ®>·§¡Üf¶T͇â8ÿ.%Ž[Ì—/�-ô�à is not valid (left unmapped).
[  143.750731][ T8216] loop4: detected capacity change from 0 to 512
[  143.759103][ T8216] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  143.804997][ T8222] loop1: detected capacity change from 0 to 512
[  143.815076][ T8224] loop4: detected capacity change from 0 to 1024
[  143.831194][ T8222] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  143.844397][ T8224] EXT4-fs (loop4): filesystem is read-only
[  143.851202][ T8224] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  143.862489][ T8224] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  143.863694][ T8227] 9pnet_fd: Insufficient options for proto=fd
[  143.905967][ T8224] EXT4-fs error (device loop4): ext4_get_journal_inode:5796: comm syz.4.1467: inode #1: comm syz.4.1467: iget: illegal inode #
[  143.908390][ T8222] EXT4-fs (loop1): 1 truncate cleaned up
[  143.931942][ T8224] EXT4-fs (loop4): no journal found
[  143.937670][ T8224] EXT4-fs (loop4): can't get journal size
[  143.956992][ T8224] EXT4-fs (loop4): failed to initialize system zone (-22)
[  143.964686][ T8224] EXT4-fs (loop4): mount failed
[  143.999665][ T8238] loop3: detected capacity change from 0 to 1024
[  144.018867][ T8238] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  144.031600][ T8238] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  144.041215][ T8247] loop4: detected capacity change from 0 to 512
[  144.049629][ T8238] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  144.051168][ T8247] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  144.071687][ T8247] EXT4-fs (loop4): 1 truncate cleaned up
[  144.077942][ T8244] loop1: detected capacity change from 0 to 1024
[  144.082126][ T8238] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 2: comm syz.3.1473: lblock 2 mapped to illegal pblock 2 (length 1)
[  144.102022][ T8238] EXT4-fs (loop3): Remounting filesystem read-only
[  144.110752][ T8238] EXT4-fs (loop3): 1 orphan inode deleted
[  144.111487][ T8244] ext4 filesystem being mounted at /277/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.272893][ T8272] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  144.308398][ T8272] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  144.332688][ T8272] 9pnet_fd: Insufficient options for proto=fd
[  144.449794][ T8282] loop4: detected capacity change from 0 to 1024
[  144.459675][ T8282] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  144.474034][ T8282] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  144.505312][ T8282] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  144.515806][ T8282] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 2: comm syz.4.1482: lblock 2 mapped to illegal pblock 2 (length 1)
[  144.530801][ T8282] EXT4-fs (loop4): Remounting filesystem read-only
[  144.538171][ T8291] loop3: detected capacity change from 0 to 512
[  144.548449][ T8282] EXT4-fs (loop4): 1 orphan inode deleted
[  144.549025][ T8291] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.1487: invalid block
[  144.556255][ T8287] loop1: detected capacity change from 0 to 512
[  144.570340][ T8291] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1487: invalid indirect mapped block 4294967295 (level 1)
[  144.591196][ T8291] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1487: invalid indirect mapped block 4294967295 (level 1)
[  144.592420][ T8287] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1484: bg 0: block 5: invalid block bitmap
[  144.608071][ T8291] EXT4-fs (loop3): 2 truncates cleaned up
[  144.620522][ T8287] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  144.637279][ T8287] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1484: invalid indirect mapped block 3 (level 2)
[  144.655976][ T8287] EXT4-fs (loop1): 2 truncates cleaned up
[  144.783605][ T8308] loop3: detected capacity change from 0 to 1024
[  144.802222][ T8308] ext4 filesystem being mounted at /278/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.980037][ T8327] loop2: detected capacity change from 0 to 1024
[  145.001047][ T8331] syzkaller0: entered promiscuous mode
[  145.007655][ T8331] syzkaller0: entered allmulticast mode
[  145.010226][ T8329] loop4: detected capacity change from 0 to 1024
[  145.038163][ T8327] EXT4-fs (loop2): filesystem is read-only
[  145.053061][ T8329] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  145.064453][ T8327] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  145.079639][ T8327] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  145.096424][ T8329] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  145.113414][ T8327] EXT4-fs error (device loop2): ext4_get_journal_inode:5796: comm syz.2.1498: inode #1: comm syz.2.1498: iget: illegal inode #
[  145.133622][ T8327] EXT4-fs (loop2): no journal found
[  145.141466][ T8327] EXT4-fs (loop2): can't get journal size
[  145.148581][ T8329] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  145.171975][ T8329] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 2: comm syz.4.1499: lblock 2 mapped to illegal pblock 2 (length 1)
[  145.176234][ T8327] EXT4-fs (loop2): failed to initialize system zone (-22)
[  145.189555][ T8329] EXT4-fs (loop4): Remounting filesystem read-only
[  145.208540][ T8329] EXT4-fs (loop4): 1 orphan inode deleted
[  145.228503][ T8327] EXT4-fs (loop2): mount failed
[  145.297476][ T8344] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  145.307547][ T8347] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  145.325149][ T8347] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  145.338118][ T8347] 9pnet_fd: Insufficient options for proto=fd
[  145.368901][ T8355] loop1: detected capacity change from 0 to 512
[  145.378940][ T8355] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1507: bg 0: block 5: invalid block bitmap
[  145.396702][ T8355] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  145.407735][ T8355] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1507: invalid indirect mapped block 3 (level 2)
[  145.422607][ T8355] EXT4-fs (loop1): 2 truncates cleaned up
[  145.442432][ T8359] FAULT_INJECTION: forcing a failure.
[  145.442432][ T8359] name failslab, interval 1, probability 0, space 0, times 0
[  145.456930][ T8359] CPU: 1 UID: 0 PID: 8359 Comm: syz.2.1511 Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(voluntary) 
[  145.457049][ T8359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  145.457067][ T8359] Call Trace:
[  145.457076][ T8359]  <TASK>
[  145.457087][ T8359]  __dump_stack+0x1d/0x30
[  145.457116][ T8359]  dump_stack_lvl+0xe8/0x140
[  145.457162][ T8359]  dump_stack+0x15/0x1b
[  145.457186][ T8359]  should_fail_ex+0x265/0x280
[  145.457235][ T8359]  should_failslab+0x8c/0xb0
[  145.457267][ T8359]  kmem_cache_alloc_node_noprof+0x57/0x320
[  145.457313][ T8359]  ? __alloc_skb+0x101/0x320
[  145.457406][ T8359]  __alloc_skb+0x101/0x320
[  145.457463][ T8359]  netlink_alloc_large_skb+0xba/0xf0
[  145.457509][ T8359]  netlink_sendmsg+0x3cf/0x6b0
[  145.457535][ T8359]  ? __pfx_netlink_sendmsg+0x10/0x10
[  145.457565][ T8359]  __sock_sendmsg+0x142/0x180
[  145.457664][ T8359]  ____sys_sendmsg+0x31e/0x4e0
[  145.457699][ T8359]  ___sys_sendmsg+0x17b/0x1d0
[  145.457749][ T8359]  __x64_sys_sendmsg+0xd4/0x160
[  145.457817][ T8359]  x64_sys_call+0x2999/0x2fb0
[  145.457846][ T8359]  do_syscall_64+0xd2/0x200
[  145.457876][ T8359]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  145.457912][ T8359]  ? clear_bhb_loop+0x40/0x90
[  145.457964][ T8359]  ? clear_bhb_loop+0x40/0x90
[  145.458004][ T8359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.458033][ T8359] RIP: 0033:0x7fa8f0c3e929
[  145.458053][ T8359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.458078][ T8359] RSP: 002b:00007fa8ef2a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  145.458159][ T8359] RAX: ffffffffffffffda RBX: 00007fa8f0e65fa0 RCX: 00007fa8f0c3e929
[  145.458173][ T8359] RDX: 0000000000000000 RSI: 00002000000007c0 RDI: 0000000000000007
[  145.458189][ T8359] RBP: 00007fa8ef2a7090 R08: 0000000000000000 R09: 0000000000000000
[  145.458204][ T8359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  145.458221][ T8359] R13: 0000000000000000 R14: 00007fa8f0e65fa0 R15: 00007ffd6e549ff8
[  145.458244][ T8359]  </TASK>
[  145.463831][ T8363] __nla_validate_parse: 3 callbacks suppressed
[  145.463852][ T8363] netlink: 136 bytes leftover after parsing attributes in process `+}[@'.
[  145.514008][ T8369] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  145.711364][ T8369] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  145.832278][ T8377] loop1: detected capacity change from 0 to 1024
[  145.842343][ T8377] EXT4-fs (loop1): filesystem is read-only
[  145.849388][ T8377] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  145.861212][ T8377] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  145.874930][ T8377] EXT4-fs error (device loop1): ext4_get_journal_inode:5796: comm syz.1.1516: inode #1: comm syz.1.1516: iget: illegal inode #
[  145.888016][ T8381] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  145.902161][ T8377] EXT4-fs (loop1): no journal found
[  145.907810][ T8377] EXT4-fs (loop1): can't get journal size
[  145.917428][ T8377] EXT4-fs (loop1): failed to initialize system zone (-22)
[  145.939675][ T8377] EXT4-fs (loop1): mount failed
[  146.000674][ T8397] loop1: detected capacity change from 0 to 512
[  146.009477][ T8397] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.1525: invalid block
[  146.024292][ T8397] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1525: invalid indirect mapped block 4294967295 (level 1)
[  146.039021][ T8397] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1525: invalid indirect mapped block 4294967295 (level 1)
[  146.054767][ T8397] EXT4-fs (loop1): 2 truncates cleaned up
[  146.092282][ T8397] netlink: 136 bytes leftover after parsing attributes in process `+}[@'.
[  146.150594][ T8412] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  146.159539][ T8412] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  146.165457][ T8411] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  146.169680][ T8412] 9pnet_fd: Insufficient options for proto=fd
[  146.246330][ T8419] loop1: detected capacity change from 0 to 1024
[  146.254095][ T8419] EXT4-fs (loop1): filesystem is read-only
[  146.261892][ T8419] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  146.275992][ T8419] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  146.292281][ T8419] EXT4-fs error (device loop1): ext4_get_journal_inode:5796: comm syz.1.1533: inode #1: comm syz.1.1533: iget: illegal inode #
[  146.309346][ T8419] EXT4-fs (loop1): no journal found
[  146.315001][ T8419] EXT4-fs (loop1): can't get journal size
[  146.327113][ T8419] EXT4-fs (loop1): failed to initialize system zone (-22)
[  146.335717][ T8419] EXT4-fs (loop1): mount failed
[  146.361011][ T8424] loop2: detected capacity change from 0 to 1024
[  146.377774][ T8424] ext4 filesystem being mounted at /313/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.407268][ T8432] loop4: detected capacity change from 0 to 512
[  146.415025][ T8432] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  146.429140][ T8432] EXT4-fs (loop4): 1 truncate cleaned up
[  146.489368][ T8437] net_ratelimit: 296 callbacks suppressed
[  146.489389][ T8437] netlink: zone id is out of range
[  146.501830][ T8437] netlink: zone id is out of range
[  146.507890][ T8437] netlink: zone id is out of range
[  146.513627][ T8437] netlink: zone id is out of range
[  146.519385][ T8437] netlink: zone id is out of range
[  146.527829][ T8437] netlink: zone id is out of range
[  146.534234][ T8437] netlink: zone id is out of range
[  146.540260][ T8437] netlink: zone id is out of range
[  146.548689][ T8437] netlink: zone id is out of range
[  146.555122][ T8437] netlink: zone id is out of range
[  146.581954][ T8442] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  146.621657][ T8446] loop4: detected capacity change from 0 to 512
[  146.639899][ T8446] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.1542: invalid block
[  146.661967][ T8446] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1542: invalid indirect mapped block 4294967295 (level 1)
[  146.680140][ T8451] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  146.700504][ T8451] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  146.708603][ T8446] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1542: invalid indirect mapped block 4294967295 (level 1)
[  146.727251][ T8446] EXT4-fs (loop4): 2 truncates cleaned up
[  146.776454][ T8446] netlink: 136 bytes leftover after parsing attributes in process `+}[@'.
[  146.794099][ T8459] syzkaller0: entered promiscuous mode
[  146.800771][ T8459] syzkaller0: entered allmulticast mode
[  146.904889][ T8464] loop4: detected capacity change from 0 to 512
[  146.927715][ T8464] EXT4-fs (loop4): too many log groups per flexible block group
[  146.936625][ T8464] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  146.944764][ T8464] EXT4-fs (loop4): mount failed
[  146.959247][ T8466] loop2: detected capacity change from 0 to 512
[  146.968985][ T8466] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1549: bg 0: block 5: invalid block bitmap
[  146.983418][ T8466] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  147.010963][ T8466] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1549: invalid indirect mapped block 3 (level 2)
[  147.029979][ T8466] EXT4-fs (loop2): 2 truncates cleaned up
[  147.102605][ T8476] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  147.131612][ T8482] 9pnet_fd: Insufficient options for proto=fd
[  147.189701][ T8486] loop4: detected capacity change from 0 to 1024
[  147.215730][ T8486] ext4 filesystem being mounted at /326/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  147.375062][ T8494] loop3: detected capacity change from 0 to 1024
[  147.395396][ T8499] loop2: detected capacity change from 0 to 512
[  147.413295][ T8497] syzkaller0: entered promiscuous mode
[  147.419472][ T8497] syzkaller0: entered allmulticast mode
[  147.439180][ T8494] EXT4-fs (loop3): filesystem is read-only
[  147.440598][ T8499] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz.2.1560: invalid block
[  147.450685][ T8494] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  147.460699][ T8499] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1560: invalid indirect mapped block 4294967295 (level 1)
[  147.495175][ T8494] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  147.506106][ T8494] EXT4-fs error (device loop3): ext4_get_journal_inode:5796: comm syz.3.1558: inode #1: comm syz.3.1558: iget: illegal inode #
[  147.506793][ T8499] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1560: invalid indirect mapped block 4294967295 (level 1)
[  147.520277][ T8494] EXT4-fs (loop3): no journal found
[  147.539430][ T8494] EXT4-fs (loop3): can't get journal size
[  147.541332][ T8499] EXT4-fs (loop2): 2 truncates cleaned up
[  147.546866][ T8494] EXT4-fs (loop3): failed to initialize system zone (-22)
[  147.559703][ T8494] EXT4-fs (loop3): mount failed
[  147.607348][ T8499] netlink: 136 bytes leftover after parsing attributes in process `+}[@'.
[  147.633845][   T30] kauditd_printk_skb: 646 callbacks suppressed
[  147.633888][   T30] audit: type=1326 audit(1749436580.194:9038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8504 comm="syz.4.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f24e816e929 code=0x7ffc0000
[  147.663785][   T30] audit: type=1326 audit(1749436580.194:9039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8504 comm="syz.4.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f24e816e963 code=0x7ffc0000
[  147.690711][   T30] audit: type=1326 audit(1749436580.254:9040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8504 comm="syz.4.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f24e816d3df code=0x7ffc0000
[  147.715404][   T30] audit: type=1326 audit(1749436580.254:9041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8504 comm="syz.4.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f24e816e9b7 code=0x7ffc0000
[  147.739355][ T8507] loop4: detected capacity change from 0 to 1024
[  147.745910][   T30] audit: type=1326 audit(1749436580.304:9042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8504 comm="syz.4.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f24e816d290 code=0x7ffc0000
[  147.769819][   T30] audit: type=1326 audit(1749436580.304:9043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8504 comm="syz.4.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f24e816e52b code=0x7ffc0000
[  147.804768][   T30] audit: type=1326 audit(1749436580.374:9044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8504 comm="syz.4.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f24e816d58a code=0x7ffc0000
[  147.830245][   T30] audit: type=1326 audit(1749436580.394:9045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8504 comm="syz.4.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f24e816d58a code=0x7ffc0000
[  147.855324][   T30] audit: type=1326 audit(1749436580.394:9046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8504 comm="syz.4.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f24e816d197 code=0x7ffc0000
[  147.879592][   T30] audit: type=1326 audit(1749436580.394:9047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8504 comm="syz.4.1562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f24e81700ca code=0x7ffc0000
[  147.880251][ T8509] loop3: detected capacity change from 0 to 512
[  147.917930][ T8507] ext4 filesystem being mounted at /327/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  147.939075][ T8519] 9pnet_fd: Insufficient options for proto=fd
[  147.959154][ T8509] EXT4-fs (loop3): too many log groups per flexible block group
[  147.967423][ T8509] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  147.974634][ T8521] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  147.999202][ T8527] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.008268][ T8527] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  148.018461][ T8509] EXT4-fs (loop3): mount failed
[  148.099970][ T8528] netlink: 136 bytes leftover after parsing attributes in process `+}[@'.
[  148.120704][ T8537] loop2: detected capacity change from 0 to 2048
[  148.257441][ T8553] 9pnet_fd: Insufficient options for proto=fd
[  148.284455][ T8555] loop2: detected capacity change from 0 to 512
[  148.289614][ T8557] syzkaller0: entered promiscuous mode
[  148.298769][ T8557] syzkaller0: entered allmulticast mode
[  148.315232][ T8555] ext4 filesystem being mounted at /324/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  148.341174][ T8555] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #18: comm +}[@: corrupted inode contents
[  148.356336][ T8555] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #18: comm +}[@: mark_inode_dirty error
[  148.373823][ T8555] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #18: comm +}[@: corrupted inode contents
[  148.389538][ T8555] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2991: inode #18: comm +}[@: mark_inode_dirty error
[  148.395268][ T8559] loop4: detected capacity change from 0 to 512
[  148.401954][ T8555] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2994: inode #18: comm +}[@: mark inode dirty (error -117)
[  148.429781][ T8555] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[  148.432476][ T8559] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1583: bg 0: block 5: invalid block bitmap
[  148.456288][ T8559] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  148.472819][ T8559] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1583: invalid indirect mapped block 3 (level 2)
[  148.489489][ T8559] EXT4-fs (loop4): 2 truncates cleaned up
[  148.689838][ T8593] 9pnet_fd: Insufficient options for proto=fd
[  148.726518][ T8596] syzkaller0: entered promiscuous mode
[  148.732323][ T8596] syzkaller0: entered allmulticast mode
[  148.788120][ T8601] 9pnet_fd: Insufficient options for proto=fd
[  148.831527][ T8607] 9pnet_fd: Insufficient options for proto=fd
[  148.838243][ T8603] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  148.961252][ T8616] loop2: detected capacity change from 0 to 1024
[  148.978882][ T8616] EXT4-fs (loop2): filesystem is read-only
[  148.987207][ T8616] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  149.002640][ T8620] loop1: detected capacity change from 0 to 512
[  149.003513][ T8630] 9pnet_fd: Insufficient options for proto=fd
[  149.012484][ T8616] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  149.027480][ T8620] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1605: bg 0: block 5: invalid block bitmap
[  149.040728][ T8620] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  149.051216][ T8620] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1605: invalid indirect mapped block 3 (level 2)
[  149.073031][ T8616] EXT4-fs error (device loop2): ext4_get_journal_inode:5796: comm syz.2.1603: inode #1: comm syz.2.1603: iget: illegal inode #
[  149.092842][ T8616] EXT4-fs (loop2): no journal found
[  149.098293][ T8616] EXT4-fs (loop2): can't get journal size
[  149.108164][ T8637] 9pnet_fd: Insufficient options for proto=fd
[  149.117822][ T8616] EXT4-fs (loop2): failed to initialize system zone (-22)
[  149.125732][ T8616] EXT4-fs (loop2): mount failed
[  149.147532][ T8620] EXT4-fs (loop1): 2 truncates cleaned up
[  149.192067][ T8640] syzkaller0: entered promiscuous mode
[  149.197714][ T8640] syzkaller0: entered allmulticast mode
[  149.215622][ T8642] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  149.274434][ T8651] 9pnet_fd: Insufficient options for proto=fd
[  149.390932][ T8663] ALSA: seq fatal error: cannot create timer (-19)
[  149.430660][ T8670] 9pnet_fd: Insufficient options for proto=fd
[  149.459235][ T8673] loop4: detected capacity change from 0 to 512
[  149.483989][ T8673] EXT4-fs (loop4): too many log groups per flexible block group
[  149.492057][ T8673] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  149.500826][ T8673] EXT4-fs (loop4): mount failed
[  149.530494][ T8686] syzkaller0: entered promiscuous mode
[  149.536982][ T8686] syzkaller0: entered allmulticast mode
[  149.544976][ T8687] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1626'.
[  149.558564][ T8679] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1626'.
[  149.576420][ T8679] loop3: detected capacity change from 0 to 1024
[  149.587538][ T8679] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  149.599011][ T8679] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  149.659018][ T8699] 9pnet_fd: Insufficient options for proto=fd
[  149.670399][ T8679] JBD2: no valid journal superblock found
[  149.678788][ T8679] EXT4-fs (loop3): Could not load journal inode
[  149.760409][ T8705] loop1: detected capacity change from 0 to 512
[  149.785504][ T8705] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1633: bg 0: block 5: invalid block bitmap
[  149.791917][ T8709] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  149.818073][ T8715] 9pnet_fd: Insufficient options for proto=fd
[  149.824629][ T8705] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  149.860818][ T8709] vhci_hcd: default hub control req: 6001 v8001 i0001 l0
[  149.870834][ T8705] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1633: invalid indirect mapped block 3 (level 2)
[  149.893682][ T8719] syz2: rxe_newlink: already configured on veth0_to_bond
[  149.903011][ T8705] EXT4-fs (loop1): 2 truncates cleaned up
[  149.919250][ T8721] loop2: detected capacity change from 0 to 512
[  149.939470][ T8723] loop3: detected capacity change from 0 to 512
[  149.947795][ T8723] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  149.963306][ T8721] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  149.982027][ T8723] EXT4-fs (loop3): 1 truncate cleaned up
[  150.002586][ T8727] 9pnet_fd: Insufficient options for proto=fd
[  150.013003][ T8721] EXT4-fs (loop2): 1 truncate cleaned up
[  150.163908][ T8748] FAULT_INJECTION: forcing a failure.
[  150.163908][ T8748] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  150.179807][ T8748] CPU: 1 UID: 0 PID: 8748 Comm: syz.2.1647 Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(voluntary) 
[  150.180022][ T8748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  150.180046][ T8748] Call Trace:
[  150.180055][ T8748]  <TASK>
[  150.180066][ T8748]  __dump_stack+0x1d/0x30
[  150.180091][ T8748]  dump_stack_lvl+0xe8/0x140
[  150.180111][ T8748]  dump_stack+0x15/0x1b
[  150.180128][ T8748]  should_fail_ex+0x265/0x280
[  150.180262][ T8748]  should_fail+0xb/0x20
[  150.180370][ T8748]  should_fail_usercopy+0x1a/0x20
[  150.180397][ T8748]  _copy_from_user+0x1c/0xb0
[  150.180430][ T8748]  memdup_user+0x5e/0xd0
[  150.180518][ T8748]  strndup_user+0x68/0xb0
[  150.180542][ T8748]  perf_ioctl+0x58a/0x12e0
[  150.180574][ T8748]  ? ioctl_has_perm+0x289/0x2a0
[  150.180670][ T8748]  ? do_vfs_ioctl+0xd1e/0x11d0
[  150.180713][ T8748]  ? selinux_file_ioctl+0x2e3/0x370
[  150.180740][ T8748]  ? __fget_files+0x184/0x1c0
[  150.180763][ T8748]  ? __pfx_perf_ioctl+0x10/0x10
[  150.180815][ T8748]  __se_sys_ioctl+0xce/0x140
[  150.180859][ T8748]  __x64_sys_ioctl+0x43/0x50
[  150.180919][ T8748]  x64_sys_call+0x19a8/0x2fb0
[  150.180947][ T8748]  do_syscall_64+0xd2/0x200
[  150.180973][ T8748]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  150.181053][ T8748]  ? clear_bhb_loop+0x40/0x90
[  150.181144][ T8748]  ? clear_bhb_loop+0x40/0x90
[  150.181176][ T8748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.181252][ T8748] RIP: 0033:0x7fa8f0c3e929
[  150.181268][ T8748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.181287][ T8748] RSP: 002b:00007fa8ef2a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  150.181420][ T8748] RAX: ffffffffffffffda RBX: 00007fa8f0e65fa0 RCX: 00007fa8f0c3e929
[  150.181433][ T8748] RDX: 00002000000001c0 RSI: 0000000040082406 RDI: 0000000000000006
[  150.181457][ T8748] RBP: 00007fa8ef2a7090 R08: 0000000000000000 R09: 0000000000000000
[  150.181471][ T8748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  150.181487][ T8748] R13: 0000000000000000 R14: 00007fa8f0e65fa0 R15: 00007ffd6e549ff8
[  150.181512][ T8748]  </TASK>
[  150.491738][ T8757] 9pnet_fd: Insufficient options for proto=fd
[  150.569915][ T8768] SELinux:  policydb magic number 0x861a698c does not match expected magic number 0xf97cff8c
[  150.582583][ T8768] SELinux: failed to load policy
[  150.604985][ T8762] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  150.608609][ T8768] netlink: 'syz.4.1658': attribute type 7 has an invalid length.
[  150.613822][ T8762] vhci_hcd: default hub control req: 6001 v8001 i0001 l0
[  150.622078][ T8768] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1658'.
[  150.645010][ T8773] 9pnet_fd: Insufficient options for proto=fd
[  150.665319][ T8773] loop2: detected capacity change from 0 to 512
[  150.694849][ T8773] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1660: bg 0: block 5: invalid block bitmap
[  150.729856][ T8779] loop3: detected capacity change from 0 to 1024
[  150.739810][ T8781] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1662'.
[  150.741428][ T8773] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  150.756670][ T8779] ext4 filesystem being mounted at /302/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  150.760856][ T8773] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1660: invalid indirect mapped block 3 (level 2)
[  150.773804][ T8781] Cannot find del_set index 3 as target
[  150.786188][ T8773] EXT4-fs (loop2): 2 truncates cleaned up
[  150.853723][ T8793] loop4: detected capacity change from 0 to 1024
[  150.861738][ T8793] EXT4-fs (loop4): filesystem is read-only
[  150.871409][ T8793] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  150.881498][ T8793] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  150.894086][ T8793] EXT4-fs error (device loop4): ext4_get_journal_inode:5796: comm syz.4.1665: inode #1: comm syz.4.1665: iget: illegal inode #
[  150.911191][ T8793] EXT4-fs (loop4): no journal found
[  150.916665][ T8793] EXT4-fs (loop4): can't get journal size
[  150.924227][ T8793] EXT4-fs (loop4): failed to initialize system zone (-22)
[  150.931655][ T8793] EXT4-fs (loop4): mount failed
[  150.971089][ T8799] loop4: detected capacity change from 0 to 512
[  150.984080][ T8799] EXT4-fs (loop4): too many log groups per flexible block group
[  150.992201][ T8799] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  151.017638][ T8799] EXT4-fs (loop4): mount failed
[  151.123243][ T8816] loop3: detected capacity change from 0 to 2048
[  151.213885][ T8823] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  151.229148][ T8823] vhci_hcd: default hub control req: 6001 v8001 i0001 l0
[  151.241436][ T8830] FAULT_INJECTION: forcing a failure.
[  151.241436][ T8830] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  151.257295][ T8829] loop3: detected capacity change from 0 to 1024
[  151.257298][ T8830] CPU: 0 UID: 0 PID: 8830 Comm: +}[@ Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(voluntary) 
[  151.257361][ T8830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  151.257374][ T8830] Call Trace:
[  151.257382][ T8830]  <TASK>
[  151.257392][ T8830]  __dump_stack+0x1d/0x30
[  151.257420][ T8830]  dump_stack_lvl+0xe8/0x140
[  151.257449][ T8830]  dump_stack+0x15/0x1b
[  151.257475][ T8830]  should_fail_ex+0x265/0x280
[  151.257537][ T8830]  should_fail+0xb/0x20
[  151.257597][ T8830]  should_fail_usercopy+0x1a/0x20
[  151.257628][ T8830]  _copy_from_iter+0xcf/0xe40
[  151.257661][ T8830]  ? __build_skb_around+0x1a0/0x200
[  151.257733][ T8830]  ? __alloc_skb+0x223/0x320
[  151.257784][ T8830]  netlink_sendmsg+0x471/0x6b0
[  151.257902][ T8830]  ? __pfx_netlink_sendmsg+0x10/0x10
[  151.257937][ T8830]  __sock_sendmsg+0x142/0x180
[  151.258000][ T8830]  ____sys_sendmsg+0x31e/0x4e0
[  151.258101][ T8830]  ___sys_sendmsg+0x17b/0x1d0
[  151.258164][ T8830]  __x64_sys_sendmsg+0xd4/0x160
[  151.258203][ T8830]  x64_sys_call+0x2999/0x2fb0
[  151.258236][ T8830]  do_syscall_64+0xd2/0x200
[  151.258353][ T8830]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  151.258396][ T8830]  ? clear_bhb_loop+0x40/0x90
[  151.258457][ T8830]  ? clear_bhb_loop+0x40/0x90
[  151.258491][ T8830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.258549][ T8830] RIP: 0033:0x7fa8f0c3e929
[  151.258579][ T8830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.258614][ T8830] RSP: 002b:00007fa8ef2a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  151.258642][ T8830] RAX: ffffffffffffffda RBX: 00007fa8f0e65fa0 RCX: 00007fa8f0c3e929
[  151.258661][ T8830] RDX: 0000000004000c00 RSI: 0000200000000180 RDI: 0000000000000003
[  151.258690][ T8830] RBP: 00007fa8ef2a7090 R08: 0000000000000000 R09: 0000000000000000
[  151.258709][ T8830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.258758][ T8830] R13: 0000000000000000 R14: 00007fa8f0e65fa0 R15: 00007ffd6e549ff8
[  151.258795][ T8830]  </TASK>
[  151.309645][ T8832] 9pnet_fd: Insufficient options for proto=fd
[  151.313343][ T8829] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  151.413190][ T8838] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1679'.
[  151.446254][ T8829] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  151.497707][ T8838] Cannot find del_set index 3 as target
[  151.524587][ T8832] loop4: detected capacity change from 0 to 512
[  151.537865][ T8844] 9pnet_fd: Insufficient options for proto=fd
[  151.543568][ T8829] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  151.564981][ T8832] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1677: bg 0: block 5: invalid block bitmap
[  151.578660][ T8832] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  151.579142][ T8829] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 2: comm syz.3.1674: lblock 2 mapped to illegal pblock 2 (length 1)
[  151.589113][ T8832] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1677: invalid indirect mapped block 3 (level 2)
[  151.618675][ T8832] EXT4-fs (loop4): 2 truncates cleaned up
[  151.645271][ T8848] loop1: detected capacity change from 0 to 512
[  151.652475][ T8829] EXT4-fs (loop3): Remounting filesystem read-only
[  151.659449][ T8829] EXT4-fs (loop3): 1 orphan inode deleted
[  151.675134][ T8848] EXT4-fs (loop1): too many log groups per flexible block group
[  151.683075][ T8848] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  151.690070][ T8848] EXT4-fs (loop1): mount failed
[  151.709229][ T8862] loop2: detected capacity change from 0 to 512
[  151.721878][ T8862] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  151.742327][ T8862] EXT4-fs (loop2): 1 truncate cleaned up
[  151.817516][ T8875] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  151.828169][ T8875] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  151.852953][ T8878] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1695'.
[  151.976300][ T8899] 9pnet_fd: Insufficient options for proto=fd
[  152.045896][ T8907] loop4: detected capacity change from 0 to 2048
[  152.208101][ T8927] 9pnet_fd: Insufficient options for proto=fd
[  152.250484][ T8932] 9pnet_fd: Insufficient options for proto=fd
[  152.275359][ T8934] 9pnet_fd: Insufficient options for proto=fd
[  152.298643][ T8937] loop3: detected capacity change from 0 to 512
[  152.305712][ T8937] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  152.316813][ T8937] EXT4-fs (loop3): 1 truncate cleaned up
[  152.354607][ T8941] loop3: detected capacity change from 0 to 2048
[  152.391614][ T8945] loop3: detected capacity change from 0 to 512
[  152.404004][ T8945] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  152.417090][ T8945] EXT4-fs (loop3): 1 truncate cleaned up
[  152.467795][ T8952] loop3: detected capacity change from 0 to 1024
[  152.475842][ T8952] EXT4-fs (loop3): filesystem is read-only
[  152.481842][ T8952] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  152.492003][ T8952] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  152.502600][ T8952] EXT4-fs error (device loop3): ext4_get_journal_inode:5796: comm syz.3.1720: inode #1: comm syz.3.1720: iget: illegal inode #
[  152.516603][ T8952] EXT4-fs (loop3): no journal found
[  152.521892][ T8952] EXT4-fs (loop3): can't get journal size
[  152.529081][ T8952] EXT4-fs (loop3): failed to initialize system zone (-22)
[  152.536473][ T8952] EXT4-fs (loop3): mount failed
[  152.568697][ T8959] 9pnet_fd: Insufficient options for proto=fd
[  152.604281][ T8961] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  152.654481][   T30] kauditd_printk_skb: 332 callbacks suppressed
[  152.654500][   T30] audit: type=1326 audit(1749436585.224:9378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8966 comm="syz.3.1727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  152.686834][ T8967] loop1: detected capacity change from 0 to 512
[  152.693333][   T30] audit: type=1326 audit(1749436585.224:9379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8966 comm="syz.3.1727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  152.717250][   T30] audit: type=1326 audit(1749436585.224:9380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8966 comm="syz.3.1727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  152.741203][   T30] audit: type=1326 audit(1749436585.224:9381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8966 comm="syz.3.1727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  152.764995][   T30] audit: type=1326 audit(1749436585.224:9382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8966 comm="syz.3.1727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  152.767356][ T8967] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  152.788599][   T30] audit: type=1326 audit(1749436585.224:9383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8966 comm="syz.3.1727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  152.788640][   T30] audit: type=1326 audit(1749436585.224:9384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8966 comm="syz.3.1727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  152.788676][   T30] audit: type=1326 audit(1749436585.224:9385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8966 comm="syz.3.1727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  152.788743][   T30] audit: type=1326 audit(1749436585.224:9386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8966 comm="syz.3.1727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  152.788779][   T30] audit: type=1326 audit(1749436585.224:9387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8966 comm="syz.3.1727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f60ae929 code=0x7ffc0000
[  152.929270][ T8972] loop3: detected capacity change from 0 to 512
[  152.930688][ T8967] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1726'.
[  152.955065][ T8972] EXT4-fs (loop3): too many log groups per flexible block group
[  152.963021][ T8972] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  152.970347][ T8972] EXT4-fs (loop3): mount failed
[  153.012500][ T8979] loop4: detected capacity change from 0 to 512
[  153.033781][ T8979] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  153.050634][ T8979] EXT4-fs (loop4): 1 truncate cleaned up
[  153.081659][ T8988] syzkaller0: entered promiscuous mode
[  153.087800][ T8988] syzkaller0: entered allmulticast mode
[  153.112097][ T8993] loop1: detected capacity change from 0 to 1024
[  153.121376][ T8993] EXT4-fs (loop1): filesystem is read-only
[  153.129311][ T8993] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  153.140448][ T8993] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  153.153668][ T8993] EXT4-fs error (device loop1): ext4_get_journal_inode:5796: comm syz.1.1739: inode #1: comm syz.1.1739: iget: illegal inode #
[  153.174386][ T8999] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  153.182708][ T8999] vhci_hcd: default hub control req: 6001 v8001 i0001 l0
[  153.182873][ T8993] EXT4-fs (loop1): no journal found
[  153.195384][ T8993] EXT4-fs (loop1): can't get journal size
[  153.214696][ T8993] EXT4-fs (loop1): failed to initialize system zone (-22)
[  153.222222][ T8993] EXT4-fs (loop1): mount failed
[  153.245558][ T9004] loop4: detected capacity change from 0 to 512
[  153.259941][ T9004] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  153.268613][ T9010] loop1: detected capacity change from 0 to 512
[  153.277789][ T9010] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  153.285835][ T9004] EXT4-fs (loop4): 1 truncate cleaned up
[  153.295242][ T9008] 9pnet_fd: Insufficient options for proto=fd
[  153.332498][ T9010] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1745'.
[  153.349581][ T9017] loop3: detected capacity change from 0 to 512
[  153.360172][ T9017] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1748: bg 0: block 5: invalid block bitmap
[  153.374753][ T9017] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  153.383970][ T9017] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1748: invalid indirect mapped block 3 (level 2)
[  153.399907][ T9017] EXT4-fs (loop3): 2 truncates cleaned up
[  153.408421][ T9022] loop1: detected capacity change from 0 to 512
[  153.416796][ T9022] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  153.429519][ T9022] EXT4-fs (loop1): 1 truncate cleaned up
[  153.533539][ T9032] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  153.541227][ T9032] vhci_hcd: default hub control req: 6001 v8001 i0001 l0
[  153.619953][ T9034] loop3: detected capacity change from 0 to 2048
[  153.722484][ T9051] loop1: detected capacity change from 0 to 512
[  153.734064][ T9051] EXT4-fs (loop1): too many log groups per flexible block group
[  153.742231][ T9051] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  153.750757][ T9051] EXT4-fs (loop1): mount failed
[  153.797741][ T9056] loop4: detected capacity change from 0 to 512
[  153.807726][ T9056] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  153.831137][ T9056] EXT4-fs (loop4): 1 truncate cleaned up
[  153.854376][ T9060] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  153.867946][ T9062] 9pnet_fd: Insufficient options for proto=fd
[  153.884973][ T9060] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  153.948871][ T9070] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  153.958230][ T9070] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  153.990444][ T9072] loop1: detected capacity change from 0 to 2048
[  154.075351][ T9082] program syz.4.1769 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  154.140627][ T9084] FAULT_INJECTION: forcing a failure.
[  154.140627][ T9084] name failslab, interval 1, probability 0, space 0, times 0
[  154.153586][ T9084] CPU: 0 UID: 0 PID: 9084 Comm: syz.4.1770 Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(voluntary) 
[  154.153616][ T9084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  154.153631][ T9084] Call Trace:
[  154.153639][ T9084]  <TASK>
[  154.153649][ T9084]  __dump_stack+0x1d/0x30
[  154.153675][ T9084]  dump_stack_lvl+0xe8/0x140
[  154.153698][ T9084]  dump_stack+0x15/0x1b
[  154.153761][ T9084]  should_fail_ex+0x265/0x280
[  154.153907][ T9084]  ? __hw_addr_add_ex+0x162/0x440
[  154.153942][ T9084]  should_failslab+0x8c/0xb0
[  154.153967][ T9084]  __kmalloc_cache_noprof+0x4c/0x320
[  154.154000][ T9084]  __hw_addr_add_ex+0x162/0x440
[  154.154136][ T9084]  dev_addr_init+0xb1/0x120
[  154.154172][ T9084]  alloc_netdev_mqs+0x212/0xab0
[  154.154193][ T9084]  ? __pfx_hsr_dev_setup+0x10/0x10
[  154.154218][ T9084]  rtnl_create_link+0x239/0x710
[  154.154292][ T9084]  rtnl_newlink_create+0x14c/0x620
[  154.154323][ T9084]  ? security_capable+0x83/0x90
[  154.154356][ T9084]  ? netlink_ns_capable+0x86/0xa0
[  154.154391][ T9084]  rtnl_newlink+0xf29/0x12d0
[  154.154489][ T9084]  ? xas_load+0x413/0x430
[  154.154508][ T9084]  ? __memcg_slab_free_hook+0x135/0x230
[  154.154544][ T9084]  ? __kfree_skb+0x109/0x150
[  154.154563][ T9084]  ? __rcu_read_unlock+0x4f/0x70
[  154.154631][ T9084]  ? avc_has_perm_noaudit+0x1b1/0x200
[  154.154665][ T9084]  ? selinux_capable+0x1f9/0x270
[  154.154708][ T9084]  ? security_capable+0x83/0x90
[  154.154755][ T9084]  ? ns_capable+0x7d/0xb0
[  154.154776][ T9084]  ? __pfx_rtnl_newlink+0x10/0x10
[  154.154875][ T9084]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  154.154976][ T9084]  netlink_rcv_skb+0x120/0x220
[  154.154997][ T9084]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  154.155032][ T9084]  rtnetlink_rcv+0x1c/0x30
[  154.155056][ T9084]  netlink_unicast+0x5a1/0x670
[  154.155163][ T9084]  netlink_sendmsg+0x58b/0x6b0
[  154.155239][ T9084]  ? __pfx_netlink_sendmsg+0x10/0x10
[  154.155263][ T9084]  __sock_sendmsg+0x142/0x180
[  154.155294][ T9084]  ____sys_sendmsg+0x31e/0x4e0
[  154.155400][ T9084]  ___sys_sendmsg+0x17b/0x1d0
[  154.155437][ T9084]  __x64_sys_sendmsg+0xd4/0x160
[  154.155464][ T9084]  x64_sys_call+0x2999/0x2fb0
[  154.155577][ T9084]  do_syscall_64+0xd2/0x200
[  154.155600][ T9084]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  154.155637][ T9084]  ? clear_bhb_loop+0x40/0x90
[  154.155660][ T9084]  ? clear_bhb_loop+0x40/0x90
[  154.155684][ T9084]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.155707][ T9084] RIP: 0033:0x7f24e816e929
[  154.155723][ T9084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.155767][ T9084] RSP: 002b:00007f24e67d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  154.155788][ T9084] RAX: ffffffffffffffda RBX: 00007f24e8395fa0 RCX: 00007f24e816e929
[  154.155863][ T9084] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  154.155876][ T9084] RBP: 00007f24e67d7090 R08: 0000000000000000 R09: 0000000000000000
[  154.155890][ T9084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  154.155902][ T9084] R13: 0000000000000000 R14: 00007f24e8395fa0 R15: 00007ffdd6674308
[  154.155922][ T9084]  </TASK>
[  154.600216][ T9102] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  154.617681][ T9102] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  154.632980][ T9102] 9pnet_fd: Insufficient options for proto=fd
[  154.643120][ T9104] loop4: detected capacity change from 0 to 512
[  154.650391][ T9104] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  154.662577][ T9104] EXT4-fs (loop4): 1 truncate cleaned up
[  154.742313][ T9111] loop3: detected capacity change from 0 to 2048
[  154.787582][ T9117] loop4: detected capacity change from 0 to 512
[  154.797590][ T9117] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.1781: invalid block
[  154.828188][ T9117] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1781: invalid indirect mapped block 4294967295 (level 1)
[  154.843991][ T9120] loop3: detected capacity change from 0 to 1024
[  154.849522][ T9122] loop2: detected capacity change from 0 to 512
[  154.853602][ T9117] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1781: invalid indirect mapped block 4294967295 (level 1)
[  154.860857][ T9122] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  154.875316][ T9117] EXT4-fs (loop4): 2 truncates cleaned up
[  154.891550][ T9122] EXT4-fs (loop2): 1 truncate cleaned up
[  154.898638][ T9120] ext4 filesystem being mounted at /331/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.935344][ T9117] netlink: 136 bytes leftover after parsing attributes in process `+}[@'.
[  155.000288][ T9135] loop2: detected capacity change from 0 to 1024
[  155.040989][ T9135] ext4 filesystem being mounted at /360/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.164147][ T9150] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  155.173275][ T9152] loop4: detected capacity change from 0 to 2048
[  155.181443][ T9150] vhci_hcd: default hub control req: 6001 v8001 i0001 l0
[  155.183086][ T9148] net_ratelimit: 92 callbacks suppressed
[  155.183106][ T9148] netlink: zone id is out of range
[  155.217366][ T9148] netlink: zone id is out of range
[  155.224173][ T9148] netlink: zone id is out of range
[  155.230221][ T9148] netlink: zone id is out of range
[  155.236189][ T9148] netlink: zone id is out of range
[  155.241430][ T9148] netlink: zone id is out of range
[  155.246663][ T9148] netlink: zone id is out of range
[  155.251920][ T9148] netlink: zone id is out of range
[  155.258567][ T9148] netlink: zone id is out of range
[  155.263949][ T9148] netlink: zone id is out of range
[  155.344134][ T9161] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  155.362787][ T9161] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  155.412249][ T9172] loop1: detected capacity change from 0 to 1024
[  155.443240][ T9172] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  155.452856][ T9172] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  155.465049][ T9172] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  155.465180][ T9168] netlink: 136 bytes leftover after parsing attributes in process `+}[@'.
[  155.474390][ T9172] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 2: comm syz.1.1800: lblock 2 mapped to illegal pblock 2 (length 1)
[  155.497107][ T9172] EXT4-fs (loop1): Remounting filesystem read-only
[  155.504359][ T9172] EXT4-fs (loop1): 1 orphan inode deleted
[  155.530966][ T9178] loop2: detected capacity change from 0 to 512
[  155.538138][ T9178] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  155.550165][ T9178] EXT4-fs (loop2): 1 truncate cleaned up
[  155.582990][ T9181] FAULT_INJECTION: forcing a failure.
[  155.582990][ T9181] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  155.596175][ T9181] CPU: 1 UID: 0 PID: 9181 Comm: syz.1.1804 Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(voluntary) 
[  155.596206][ T9181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  155.596228][ T9181] Call Trace:
[  155.596236][ T9181]  <TASK>
[  155.596245][ T9181]  __dump_stack+0x1d/0x30
[  155.596298][ T9181]  dump_stack_lvl+0xe8/0x140
[  155.596317][ T9181]  dump_stack+0x15/0x1b
[  155.596333][ T9181]  should_fail_ex+0x265/0x280
[  155.596377][ T9181]  should_fail+0xb/0x20
[  155.596476][ T9181]  should_fail_usercopy+0x1a/0x20
[  155.596503][ T9181]  _copy_to_user+0x20/0xa0
[  155.596532][ T9181]  simple_read_from_buffer+0xb5/0x130
[  155.596666][ T9181]  proc_fail_nth_read+0x100/0x140
[  155.596694][ T9181]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  155.596718][ T9181]  vfs_read+0x19d/0x6f0
[  155.596736][ T9181]  ? __rcu_read_unlock+0x4f/0x70
[  155.596766][ T9181]  ? __fget_files+0x184/0x1c0
[  155.596859][ T9181]  ksys_read+0xda/0x1a0
[  155.596884][ T9181]  __x64_sys_read+0x40/0x50
[  155.596903][ T9181]  x64_sys_call+0x2d77/0x2fb0
[  155.596927][ T9181]  do_syscall_64+0xd2/0x200
[  155.596969][ T9181]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  155.597000][ T9181]  ? clear_bhb_loop+0x40/0x90
[  155.597028][ T9181]  ? clear_bhb_loop+0x40/0x90
[  155.597131][ T9181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.597159][ T9181] RIP: 0033:0x7fd1be9ed33c
[  155.597179][ T9181] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  155.597203][ T9181] RSP: 002b:00007fd1bd057030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  155.597228][ T9181] RAX: ffffffffffffffda RBX: 00007fd1bec15fa0 RCX: 00007fd1be9ed33c
[  155.597243][ T9181] RDX: 000000000000000f RSI: 00007fd1bd0570a0 RDI: 0000000000000003
[  155.597288][ T9181] RBP: 00007fd1bd057090 R08: 0000000000000000 R09: 0000000000000000
[  155.597303][ T9181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  155.597319][ T9181] R13: 0000000000000001 R14: 00007fd1bec15fa0 R15: 00007ffd577e2c28
[  155.597344][ T9181]  </TASK>
[  155.598915][ T9187] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  155.697020][ T9190] loop1: detected capacity change from 0 to 512
[  155.715702][ T9190] EXT4-fs (loop1): too many log groups per flexible block group
[  155.722044][ T9187] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  155.726733][ T9190] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  155.735250][ T9187] 9pnet_fd: Insufficient options for proto=fd
[  155.739567][ T9190] EXT4-fs (loop1): mount failed
[  155.949608][ T9207] loop1: detected capacity change from 0 to 512
[  155.965416][ T9207] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.1813: invalid block
[  155.978030][ T9207] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1813: invalid indirect mapped block 4294967295 (level 1)
[  155.994255][ T9207] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1813: invalid indirect mapped block 4294967295 (level 1)
[  156.008796][ T9207] EXT4-fs (loop1): 2 truncates cleaned up
[  156.041780][ T9207] netlink: 136 bytes leftover after parsing attributes in process `+}[@'.
[  156.096795][ T9225] loop4: detected capacity change from 0 to 512
[  156.106324][ T9225] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1815: bg 0: block 5: invalid block bitmap
[  156.119975][ T9225] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  156.139496][ T9225] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1815: invalid indirect mapped block 3 (level 2)
[  156.153941][ T9225] EXT4-fs (loop4): 2 truncates cleaned up
[  156.171319][ T9228] loop1: detected capacity change from 0 to 1024
[  156.179582][ T9228] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  156.196546][ T9228] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  156.208406][ T9228] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  156.218566][ T9228] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 2: comm syz.1.1816: lblock 2 mapped to illegal pblock 2 (length 1)
[  156.233290][ T9228] EXT4-fs (loop1): Remounting filesystem read-only
[  156.240446][ T9228] EXT4-fs (loop1): 1 orphan inode deleted
[  156.287778][ T9233] syzkaller0: entered promiscuous mode
[  156.293420][ T9233] syzkaller0: entered allmulticast mode
[  156.406220][ T9244] loop1: detected capacity change from 0 to 1024
[  156.414977][ T9244] EXT4-fs (loop1): filesystem is read-only
[  156.421810][ T9244] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  156.433774][ T9244] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  156.444602][ T9244] EXT4-fs error (device loop1): ext4_get_journal_inode:5796: comm syz.1.1823: inode #1: comm syz.1.1823: iget: illegal inode #
[  156.459682][ T9244] EXT4-fs (loop1): no journal found
[  156.464998][ T9244] EXT4-fs (loop1): can't get journal size
[  156.472503][ T9252] 9pnet_fd: Insufficient options for proto=fd
[  156.479325][ T9253] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1826'.
[  156.489292][ T9244] EXT4-fs (loop1): failed to initialize system zone (-22)
[  156.498672][ T9244] EXT4-fs (loop1): mount failed
[  156.509610][ T9253] Cannot find del_set index 3 as target
[  156.532238][ T9257] loop2: detected capacity change from 0 to 512
[  156.551413][ T9257] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1828: bg 0: block 5: invalid block bitmap
[  156.568002][ T9257] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  156.577023][ T9257] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1828: invalid indirect mapped block 3 (level 2)
[  156.591783][ T9257] EXT4-fs (loop2): 2 truncates cleaned up
[  156.666407][ T9275] loop4: detected capacity change from 0 to 512
[  156.673811][ T9275] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  156.685446][ T9275] EXT4-fs (loop4): 1 truncate cleaned up
[  156.783198][ T9288] FAULT_INJECTION: forcing a failure.
[  156.783198][ T9288] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  156.796534][ T9288] CPU: 0 UID: 0 PID: 9288 Comm: syz.4.1840 Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(voluntary) 
[  156.796573][ T9288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  156.796590][ T9288] Call Trace:
[  156.796598][ T9288]  <TASK>
[  156.796642][ T9288]  __dump_stack+0x1d/0x30
[  156.796698][ T9288]  dump_stack_lvl+0xe8/0x140
[  156.796724][ T9288]  dump_stack+0x15/0x1b
[  156.796745][ T9288]  should_fail_ex+0x265/0x280
[  156.796874][ T9288]  should_fail+0xb/0x20
[  156.796912][ T9288]  should_fail_usercopy+0x1a/0x20
[  156.796933][ T9288]  _copy_from_iter+0xcf/0xe40
[  156.797034][ T9288]  ? __build_skb_around+0x1a0/0x200
[  156.797152][ T9288]  ? __build_skb+0x59/0x70
[  156.797191][ T9288]  ? is_vmalloc_addr+0x37/0x90
[  156.797218][ T9288]  netlink_sendmsg+0x471/0x6b0
[  156.797250][ T9288]  ? __pfx_netlink_sendmsg+0x10/0x10
[  156.797321][ T9288]  __sock_sendmsg+0x142/0x180
[  156.797398][ T9288]  ____sys_sendmsg+0x31e/0x4e0
[  156.797427][ T9288]  ___sys_sendmsg+0x17b/0x1d0
[  156.797462][ T9288]  __x64_sys_sendmsg+0xd4/0x160
[  156.797495][ T9288]  x64_sys_call+0x2999/0x2fb0
[  156.797523][ T9288]  do_syscall_64+0xd2/0x200
[  156.797638][ T9288]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  156.797669][ T9288]  ? clear_bhb_loop+0x40/0x90
[  156.797698][ T9288]  ? clear_bhb_loop+0x40/0x90
[  156.797728][ T9288]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.797756][ T9288] RIP: 0033:0x7f24e816e929
[  156.797789][ T9288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.797897][ T9288] RSP: 002b:00007f24e67d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  156.797916][ T9288] RAX: ffffffffffffffda RBX: 00007f24e8395fa0 RCX: 00007f24e816e929
[  156.797933][ T9288] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  156.797948][ T9288] RBP: 00007f24e67d7090 R08: 0000000000000000 R09: 0000000000000000
[  156.797960][ T9288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.797972][ T9288] R13: 0000000000000000 R14: 00007f24e8395fa0 R15: 00007ffdd6674308
[  156.798037][ T9288]  </TASK>
[  157.064493][ T9292] 9pnet_fd: Insufficient options for proto=fd
[  157.066580][ T9293] loop4: detected capacity change from 0 to 512
[  157.091066][ T9294] loop3: detected capacity change from 0 to 1024
[  157.098657][ T9293] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  157.116425][ T9293] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1843'.
[  157.133476][ T9294] EXT4-fs (loop3): filesystem is read-only
[  157.143448][ T9294] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  157.164466][ T9293] Cannot find del_set index 3 as target
[  157.186008][ T9294] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  157.211167][ T9294] EXT4-fs error (device loop3): ext4_get_journal_inode:5796: comm syz.3.1841: inode #1: comm syz.3.1841: iget: illegal inode #
[  157.225534][ T9294] EXT4-fs (loop3): no journal found
[  157.231497][ T9294] EXT4-fs (loop3): can't get journal size
[  157.297447][ T9294] EXT4-fs (loop3): failed to initialize system zone (-22)
[  157.317635][ T9316] loop4: detected capacity change from 0 to 512
[  157.332838][ T9294] EXT4-fs (loop3): mount failed
[  157.346673][ T9316] EXT4-fs (loop4): too many log groups per flexible block group
[  157.355167][ T9316] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  157.386134][ T9316] EXT4-fs (loop4): mount failed
[  157.579604][ T9352] loop3: detected capacity change from 0 to 1024
[  157.587462][ T9352] EXT4-fs (loop3): filesystem is read-only
[  157.594575][ T9352] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  157.604785][ T9352] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  157.605037][ T9354] loop4: detected capacity change from 0 to 2048
[  157.615156][ T9352] EXT4-fs error (device loop3): ext4_get_journal_inode:5796: comm syz.3.1861: inode #1: comm syz.3.1861: iget: illegal inode #
[  157.635984][ T9352] EXT4-fs (loop3): no journal found
[  157.641339][ T9352] EXT4-fs (loop3): can't get journal size
[  157.648534][ T9352] EXT4-fs (loop3): failed to initialize system zone (-22)
[  157.655865][ T9352] EXT4-fs (loop3): mount failed
[  157.663138][   T30] kauditd_printk_skb: 801 callbacks suppressed
[  157.663156][   T30] audit: type=1326 audit(1749436590.234:10185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9353 comm="syz.4.1862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24e816e929 code=0x7ffc0000
[  157.693541][   T30] audit: type=1326 audit(1749436590.234:10186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9353 comm="syz.4.1862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f24e816e929 code=0x7ffc0000
[  157.720701][   T30] audit: type=1326 audit(1749436590.284:10187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9353 comm="syz.4.1862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24e816e929 code=0x7ffc0000
[  157.744924][   T30] audit: type=1326 audit(1749436590.284:10188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9353 comm="syz.4.1862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24e816e929 code=0x7ffc0000
[  157.776865][   T30] audit: type=1326 audit(1749436590.324:10189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9353 comm="syz.4.1862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f24e816e929 code=0x7ffc0000
[  157.800906][   T30] audit: type=1326 audit(1749436590.324:10190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9353 comm="syz.4.1862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24e816e929 code=0x7ffc0000
[  157.871830][ T9366] loop4: detected capacity change from 0 to 512
[  157.887211][ T9366] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  157.908662][ T9372] 9pnet_fd: Insufficient options for proto=fd
[  157.929357][   T30] audit: type=1326 audit(1749436590.494:10191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9374 comm="syz.0.1870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fc044e929 code=0x7ffc0000
[  157.930108][ T9366] EXT4-fs (loop4): 1 truncate cleaned up
[  157.960331][   T30] audit: type=1326 audit(1749436590.534:10192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9374 comm="syz.0.1870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fc044e929 code=0x7ffc0000
[  157.984575][   T30] audit: type=1326 audit(1749436590.534:10193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9374 comm="syz.0.1870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f0fc044e929 code=0x7ffc0000
[  158.005175][ T9375] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  158.008411][   T30] audit: type=1326 audit(1749436590.534:10194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9374 comm="syz.0.1870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fc044e929 code=0x7ffc0000
[  158.016022][ T9375] vhci_hcd: default hub control req: 6001 v8001 i0001 l0
[  158.047785][ T9377] lo speed is unknown, defaulting to 1000
[  158.162128][ T9385] loop4: detected capacity change from 0 to 1024
[  158.185539][ T9385] ext4 filesystem being mounted at /404/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  158.198665][ T9391] loop3: detected capacity change from 0 to 2048
[  158.285046][ T9396] syzkaller0: entered promiscuous mode
[  158.290630][ T9396] syzkaller0: entered allmulticast mode
[  158.470931][ T9411] netlink: 830 bytes leftover after parsing attributes in process `syz.3.1883'.
[  158.500735][ T9416] loop1: detected capacity change from 0 to 512
[  158.525559][ T9422] loop3: detected capacity change from 0 to 512
[  158.543038][ T9416] EXT4-fs (loop1): too many log groups per flexible block group
[  158.551092][ T9416] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  158.553892][ T9428] 9pnet_fd: Insufficient options for proto=fd
[  158.568461][ T9416] EXT4-fs (loop1): mount failed
[  158.577818][ T9422] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.1889: invalid block
[  158.590222][ T9417] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  158.602123][ T9417] vhci_hcd: default hub control req: 6001 v8001 i0001 l0
[  158.611620][ T9422] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1889: invalid indirect mapped block 4294967295 (level 1)
[  158.632337][ T9422] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1889: invalid indirect mapped block 4294967295 (level 1)
[  158.649788][ T9422] EXT4-fs (loop3): 2 truncates cleaned up
[  158.674705][ T9438] loop2: detected capacity change from 0 to 1024
[  158.682033][ T9438] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  158.692246][ T9422] netlink: 136 bytes leftover after parsing attributes in process `+}[@'.
[  158.692246][ T9438] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  158.692377][ T9422] ==================================================================
[  158.701963][ T9438] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  158.711642][ T9422] BUG: KCSAN: data-race in _prb_read_valid / data_alloc
[  158.711707][ T9422] 
[  158.711714][ T9422] write to 0xffffffff86869b58 of 8 bytes by task 9438 on cpu 0:
[  158.711733][ T9422]  data_alloc+0x271/0x2b0
[  158.711770][ T9422]  prb_reserve+0x808/0xaf0
[  158.724336][ T9438] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 2: comm syz.2.1894: lblock 2 mapped to illegal pblock 2 (length 1)
[  158.728295][ T9422]  vprintk_store+0x56d/0x860
[  158.737161][ T9438] EXT4-fs (loop2): Remounting filesystem read-only
[  158.737924][ T9422]  vprintk_emit+0x178/0x650
[  158.750069][ T9422]  vprintk_default+0x26/0x30
[  158.755581][ T9438] EXT4-fs (loop2): 1 orphan inode deleted
[  158.768402][ T9422]  vprintk+0x1d/0x30
[  158.768443][ T9422]  _printk+0x79/0xa0
[  158.802880][ T9422]  __ext4_msg+0x18f/0x1a0
[  158.807888][ T9422]  ext4_fill_super+0x1eb6/0x34e0
[  158.813318][ T9422]  get_tree_bdev_flags+0x291/0x300
[  158.818512][ T9422]  get_tree_bdev+0x1f/0x30
[  158.822993][ T9422]  ext4_get_tree+0x1c/0x30
[  158.828857][ T9422]  vfs_get_tree+0x54/0x1d0
[  158.835058][ T9422]  do_new_mount+0x207/0x680
[  158.839972][ T9422]  path_mount+0x4a4/0xb20
[  158.844582][ T9422]  __se_sys_mount+0x28f/0x2e0
[  158.849590][ T9422]  __x64_sys_mount+0x67/0x80
[  158.854566][ T9422]  x64_sys_call+0xd36/0x2fb0
[  158.859291][ T9422]  do_syscall_64+0xd2/0x200
[  158.863842][ T9422]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.869957][ T9422] 
[  158.872500][ T9422] read to 0xffffffff86869b58 of 16 bytes by task 9422 on cpu 1:
[  158.880290][ T9422]  _prb_read_valid+0x1bc/0x920
[  158.885104][ T9422]  prb_final_commit+0x136/0x1e0
[  158.890206][ T9422]  vprintk_store+0x741/0x860
[  158.895017][ T9422]  vprintk_emit+0x178/0x650
[  158.899559][ T9422]  vprintk_default+0x26/0x30
[  158.904178][ T9422]  vprintk+0x1d/0x30
[  158.908102][ T9422]  _printk+0x79/0xa0
[  158.912042][ T9422]  __nla_validate_parse+0x1738/0x1d00
[  158.917658][ T9422]  __nla_parse+0x40/0x60
[  158.922179][ T9422]  qdisc_get_stab+0x73/0x4b0
[  158.926918][ T9422]  qdisc_create+0x4ba/0x9e0
[  158.931459][ T9422]  tc_modify_qdisc+0x9bd/0x1380
[  158.936343][ T9422]  rtnetlink_rcv_msg+0x657/0x6d0
[  158.941394][ T9422]  netlink_rcv_skb+0x120/0x220
[  158.946177][ T9422]  rtnetlink_rcv+0x1c/0x30
[  158.950728][ T9422]  netlink_unicast+0x5a1/0x670
[  158.955566][ T9422]  netlink_sendmsg+0x58b/0x6b0
[  158.960358][ T9422]  __sock_sendmsg+0x142/0x180
[  158.965733][ T9422]  ____sys_sendmsg+0x31e/0x4e0
[  158.970839][ T9422]  ___sys_sendmsg+0x17b/0x1d0
[  158.975752][ T9422]  __x64_sys_sendmsg+0xd4/0x160
[  158.981437][ T9422]  x64_sys_call+0x2999/0x2fb0
[  158.986323][ T9422]  do_syscall_64+0xd2/0x200
[  158.991035][ T9422]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.997057][ T9422] 
[  158.999402][ T9422] Reported by Kernel Concurrency Sanitizer on:
[  159.005572][ T9422] CPU: 1 UID: 0 PID: 9422 Comm: +}[@ Not tainted 6.15.0-syzkaller-13804-g939f15e640f1 #0 PREEMPT(voluntary) 
[  159.017927][ T9422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  159.028118][ T9422] ==================================================================