last executing test programs:

2.706199755s ago: executing program 1 (id=2761):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x8, 0x5, 0x7, 0x8, 0x0, 0x80000001, 0x100, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0x8000000000000000, 0x5}, 0x4, 0x1, 0x9, 0x2, 0x10000, 0x9, 0x9, 0x0, 0x7f, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000680)={{r0}, &(0x7f0000000600), &(0x7f0000000640)='%pB    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

2.656595246s ago: executing program 0 (id=2764):
perf_event_open(0x0, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x0, 0x0}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x9, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r1, 0x65, 0x2, &(0x7f00000000c0)=0xf, 0x4)
setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, 0x0, 0x0)
bind$can_raw(r1, &(0x7f0000000100), 0x10)
bind$can_raw(r1, &(0x7f0000000140), 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

2.587142826s ago: executing program 0 (id=2765):
io_setup(0x102, &(0x7f0000000240)=<r0=>0x0)
connect$can_bcm(0xffffffffffffffff, &(0x7f0000000000), 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002740)={0xc, 0x5, &(0x7f0000000500)=ANY=[@ANYRESDEC], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r1, 0x0, 0x6}, 0x18)
io_submit(r0, 0x1, &(0x7f0000000100)=[&(0x7f00000000c0)={0x400000, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000200)="0500000093c21faf16da39de706f646800580f02000000003f420f000000000000580f02000000003f420f00000000000029ffffff000000", 0x38}])
mmap(&(0x7f00008f6000/0x3000)=nil, 0x3000, 0x0, 0x30, r2, 0x27c7e000)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000140)=<r3=>0x0)
ptrace$setregs(0xf, r3, 0x7, &(0x7f00000002c0)="255b93c1f12e3bc7e0855c231e6c945911910a6703b0c0893d491d18652c210ea7f526ff656f2b4212e13cf68f34366612d898a6782a6b9dfc1622aa9c018fe3d26ad30329adfd4d045c")
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb01001800000000000000680000006800000002000000000000000100000d0a0000000001000000000000000000000900000d"], &(0x7f0000000f40)=""/4080, 0x82, 0xff0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000071118f00000000008510000002000000850000000000000000009500a50500"/48], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r7, 0x29, 0x8, &(0x7f00000000c0)=0x4d, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
getsockopt$inet6_buf(r7, 0x29, 0x6, &(0x7f0000000140)=""/19, &(0x7f0000000240)=0x14)
r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000001100), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000001140)={'batadv0\x00', <r9=>0x0})
sendmsg$BATADV_CMD_TP_METER_CANCEL(r5, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000001180)={0x1c, r8, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x4008010)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00222200000096231306010003000000002a90a08358477609b3"], 0x0}, 0x0)
r10 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r10, 0x84, 0x7c, &(0x7f0000002580)={0x0, 0x9, 0x4}, &(0x7f00000025c0)=0x8)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r11 = syz_usb_connect$cdc_ncm(0x4, 0x103, &(0x7f0000002600)={{0x12, 0x1, 0x110, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xf1, 0x2, 0x1, 0x97, 0x70, 0x1, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xb, 0x24, 0x6, 0x0, 0x1, "ea1dfd96a3c6"}, {0x5, 0x24, 0x0, 0xa}, {0xd, 0x24, 0xf, 0x1, 0x7, 0x9, 0x5, 0x2}, {0x6, 0x24, 0x1a, 0x1, 0x20}, [@call_mgmt={0x5, 0x24, 0x1, 0x2, 0x1}, @mdlm_detail={0x66, 0x24, 0x13, 0xf, "c9664c0ebe925d626b98c442a38c3dcc7fe66f1a1b2942c18882ed3ed04b261924fcca2b9454247f0be87f3a0dbec615b9e8da1ab6317283d0b7e9c5041a01457de5967a2d8a5e501092fed5ccfb742f07f93e308cbde8864e6f5148a37e75b522fc"}, @mbim_extended={0x8, 0x24, 0x1c, 0x9, 0xc2, 0x9}, @network_terminal={0x7, 0x24, 0xa, 0x5, 0x1, 0x5, 0xe}, @mdlm={0x15, 0x24, 0x12, 0x1000}]}, {{0x9, 0x5, 0x81, 0x3, 0x20, 0x0, 0xcc, 0x2d}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x10, 0xf, 0x1, 0xf}}, {{0x9, 0x5, 0x3, 0x2, 0x48, 0x7, 0x8, 0x7}}}}}}}]}}, &(0x7f0000000800)={0xa, &(0x7f0000000340)={0xa, 0x6, 0x200, 0x6, 0x4, 0x10, 0x20, 0x8}, 0x1a4, &(0x7f0000000600)={0x5, 0xf, 0x1a4, 0x4, [@wireless={0xb, 0x10, 0x1, 0x8, 0x28, 0x3, 0x4, 0x3, 0x4}, @generic={0xce, 0x10, 0x2, "ba63fdd30a8857ee61637521667116a28fdde8367517b57ff56a6a05bb5aa1d59b2551cbb7efd96a4552aa2b1b4ad4d56500729bb1d430501bb571898d3b7f8462d66bec4b499e2895866f540aa2bcb24d0a4ddb37cd60b59407cdc59ba86c2d259de76eac047e01f15e96bb88bf64fa49824ecad2dcf2dc54dc08a73175f2b17b91e9db743046fe50b7d3a7667d0df2f72890d82351fcfd235ddb86896d3a1145bd33c5b38fd6a21740f5d031aa9b27e136ac74b9ee94b6477fa7ce88b752dcf488cc722b8ef0fe37a465"}, @ss_container_id={0x14, 0x10, 0x4, 0x9, "49566ccb6c57b56cdca3bc9f307cc40c"}, @generic={0xb2, 0x10, 0x1, "435036dc81bf3d722228ed9e8a2b89cca5da37259be6f0770b327ed1f539822e85eef6734857e8acc0d9067274ed87a887a144c022aac1352b77bb84e79948bf84c0eee359b7ae2e23889eade8dfe8f89a3044f08129b55c3a561e8eec0198a2b13749b0f72b906b56311d62a3443669c38a96cc043bbf5f0784497a9921ce0b198d02a8522845bfbd977cd6be590beb90b9a22ad53f3651204c4324f75b7e5d53714394ce5f7e424eb697eee1cd68"}]}, 0x5, [{0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x438}}, {0x37, &(0x7f00000003c0)=ANY=[@ANYBLOB="37031f23458cd665852239c766aa7d33920923f869005eddb2b98c8c03ccd1ed3756858ebf41abbabc7f"]}, {0x17, &(0x7f00000007c0)=@string={0x17, 0x3, "90646a68ba9fc01fafeb3b143891a226a1ecc9cdb5"}}, {0xdb, &(0x7f00000008c0)=@string={0xdb, 0x3, "50bcff4b05d440cac0aa5100670893c972df45fa76dc775617d41bfcc5c1a2c2e8006b73c1955fac5950ebcb347dc133abaa1dad78f0e2e7a39cb58f47619e29ebed19893d485478bae85071ca7bb2fb05a58b605716cf9a205022a6ecd1f7b9433f8ce0148199f2adadcb3519c3459380d8c4aaa880661a74b53ab0d7158679b4e59fdc29adee2928f91ee0359828dcce81ea7455c0661fa39d70f00b817068f89680e9b9dcd8d41900baaac8e0764c1e5e36d70aec42cdfb301bd4386c53b42a1352720df1505e644e19af3810f6e9558671380f6c052ef8"}}, {0xd4, &(0x7f0000000ac0)=@string={0xd4, 0x3, "ea45543be65aeb017fb44763d612cab6d5be91628d63c5c55a7f4eb8f4438c0b9cbd420dc6c29ea6ccb36c5e1f8e81448c391756468c31f5a0fc21016c1e0aeefbbedb491aaeceb1c8b86cdfe447468bb6bfda664d4196b6fbd4c5f4eba0aa158bea8ca003608a8a1bad81181f61c19cce42712ca88b0ecc8d7e31fa7a25c293f3685086302f5805324ef535064099b11f50c9af7dc1bb6603780c3a059677f6f3cab7086e5f6d3249c5263c1e766fdc4ed00b614e2e5e61e99bd283e0a84d04bd37d5c5ad69e30f860456a0cc52cd2b629f"}}]})
mount(&(0x7f0000002480)=@sg0, &(0x7f00000024c0)='./file0\x00', &(0x7f0000002500)='mqueue\x00', 0x1802400, &(0x7f0000002540)='!!\x00')
syz_usb_connect$hid(0x4, 0x3f, &(0x7f0000000f00)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x0, 0x16c0, 0x5e1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x8, 0x10, 0x9, [{{0x9, 0x4, 0x0, 0xd7, 0x2, 0x3, 0x1, 0x0, 0x9, {0x9, 0x21, 0x7f, 0x37, 0x1, {0x22, 0xfa8}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0xff, 0x9, 0x4}}, [{{0x9, 0x5, 0x2, 0x3, 0x40, 0x10, 0x7, 0x1}}]}}}]}}]}}, &(0x7f0000002400)={0xa, &(0x7f0000001f40)={0xa, 0x6, 0x310, 0x6, 0x0, 0x81, 0xff, 0xc}, 0x130, &(0x7f0000001f80)={0x5, 0xf, 0x130, 0x4, [@generic={0xe8, 0x10, 0xa, "eca4648389a4fa25e75cd1e096e46531063f6caba914f347d4562ce85c255eefecca60009c41461d411ed8cd0e719db4fe96ed11213f87e527ec173b7bc416606e98b9e24b89f4a64d48fd9a1e7186a86b7109b776326d2185887f20415472c16e0a212fef1a10baa01321dbf56e173368a8eda148a39703a8e47e84230755704b2d36f87fe2d42e09f085fc077e5bbf3ace86429b067011720c474e97e5df30248e2be89f2c1c7dcfdbc0d20b188d1870d1f3fe8de2a03305e99b8cc113dc9c2b472cc7d214c151fc347c0dfade5625bc8241704f99c4485bd4643c11cb58e22790099c1a"}, @ss_container_id={0x14, 0x10, 0x4, 0xf, "1e94c50f1b98d4b40b5dbb01623e3b1b"}, @wireless={0xb, 0x10, 0x1, 0xc, 0x0, 0x3, 0x8, 0x0, 0x9}, @ssp_cap={0x24, 0x10, 0xa, 0x5, 0x6, 0x9, 0xf000, 0x0, [0x0, 0x30, 0xf, 0xf, 0xf0, 0x5f00]}]}, 0x7, [{0x4, &(0x7f00000020c0)=@lang_id={0x4, 0x3, 0x410}}, {0x25, &(0x7f0000002100)=ANY=[@ANYBLOB="2503ecfc73944ff48e46fc6df0664bb36a8cdbff1a5e0300"/37]}, {0xd3, &(0x7f0000002140)=@string={0xd3, 0x3, "c1f3c47813061b8861a929b83558c43f81705eb9539557255aab073344645a18ab2df041a846a37c7afa000e7bb37b9992c6247c90bc86426883000b25004964648d992d4b7dfe6dc07f1751dace58a5ca4cce13869a77aa78f745d4f1200710459dd49361bae19bbf9b76807610508a2eea131a6492da5098ce9772bf76ca5fbb9677dda09cac80d32d42464be0ab10bdffb5f5ed0e280316a573c1cb7be4f8af3ebfacd1a889aebf95f80214939bab9c158fefe36e8aa3236db1dc8aea01d50e931085602b3381ea9c36491827b3cee9"}}, {0xc1, &(0x7f0000002240)=ANY=[@ANYBLOB="c1037e51926a2c6db7e5e47215a7e473cf635805ae893dbab1901367a5b80d2493b33ba02b7e84799e543313a86c2a6113d82495e266e8f730abe24896df654a207e772540d7db97dabae14360c2c4d07bc1a0785549c618eee4777cf4a19b077511ef901dc39d97112398fa1db6cdeddbe9bc3ae865d5392ef1cf616b0cf4ec854b85af5c8687624cdb9ff36131ad43aa29a39318246252c1fbc7e251b561abd18bd49a4c7d16b47cfaeb16f0fef0b690d907176ae258c3bbaa476db675ce03"]}, {0x4, &(0x7f0000002340)=@lang_id={0x4, 0x3, 0xc0a}}, {0x4, &(0x7f0000002380)=@lang_id={0x4, 0x3, 0x444}}, {0x4, &(0x7f00000023c0)=@lang_id={0x4, 0x3, 0xc04}}]})
syz_usb_control_io$cdc_ncm(r11, &(0x7f0000000a00)={0x14, &(0x7f0000000bc0)={0x20, 0xd, 0xd1, {0xd1, 0x11, "62959f9b95830fd137f07adcbdb5ce4d4ce15d8c9bf4f8b18d93d86dcf8dcda8ae915cc8c90f30033804a0fd4d2e6a4b9665b73e73c34915c25555186d6cac732ff69356454b628d565f4e2a2bbf03cfe42b47c0df931a16615321763c8329cd0696953cdb167ca60b901774ee599c8d03a63bd17d9aa6a43569d605cc617996c6958d230d8c382f5da5406a343bd5c8b53bf12db1bc9a4be6d516599de4932d2bf390e20d583edb4b7a8ccb27bcdb30cc2aa6347d8865c95003065a54e138c91af08351c6afd15d25d0cbf5b82676"}}, &(0x7f00000009c0)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000e80)={0x44, &(0x7f0000000a40)={0x0, 0x31}, &(0x7f0000000cc0)={0x0, 0xa, 0x1, 0x78}, &(0x7f0000000d00)={0x0, 0x8, 0x1, 0x3}, &(0x7f0000000d40)={0x20, 0x80, 0x1c, {0x3, 0xfff, 0xbd, 0x7, 0x1df1, 0xfff3, 0x6, 0xffff, 0xbb, 0x2, 0x4, 0x8}}, &(0x7f0000000d80)={0x20, 0x85, 0x4, 0xffffffff}, &(0x7f0000000dc0)={0x20, 0x83, 0x2}, &(0x7f0000000e00)={0x20, 0x87, 0x2, 0x5}, &(0x7f0000000e40)={0x20, 0x89, 0x2, 0x1}})

2.571314937s ago: executing program 1 (id=2766):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00'}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a00)={0x1c, r2, 0x9c3fa077fa966179, 0x4, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r3 = creat(0x0, 0x1f4)
r4 = dup2(r3, r3)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200000a, 0x1, 0x8})
ioctl$BLKTRACESETUP(r4, 0x1276, 0x0)

2.544699817s ago: executing program 1 (id=2767):
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x143a82, 0x8)
r2 = dup(r1)
r3 = open(&(0x7f0000000100)='./bus\x00', 0x40542, 0x0)
sendfile(r2, r3, 0x0, 0x8000fffffffe)

1.849174126s ago: executing program 2 (id=2780):
r0 = socket$inet6(0xa, 0x80002, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB='t'], 0x74}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r6, &(0x7f00000002c0)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000980)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$inet(r3, &(0x7f0000000540)={&(0x7f0000000200)={0x2, 0x4e20, @remote}, 0x10, &(0x7f0000000280)=[{&(0x7f0000000340)="6976dfc982d1cf79df84a973c87fa20f3d0418ba592bc6c3e03fdbd701f344661c8bd6c3e26b887869f106b252aa1904285384d8e8ff295c3e5d70874fa141707c1bc43b46891ca7d61227ac3ba96a6d00ea173a47876c858185", 0x5a}, {&(0x7f00000003c0)="28d47ada9e967b027b55c2b87b1e8d88434bfe079bd861a78e88f1c29df2e741a7fd2d7307cef782f2aed7ee3896152e7531fd5acefcb406c5e8db2d04ec93b5c79d2954782542765bffeb34aa43bcdbec0ed6b882d31730fa56b45810ecfae4f68bf967d46fd8fc00a652416c54024699ee7355e01adad44d3b0a121a3069edaa2c70d2c7d40067150e82fd", 0x8c}], 0x2, &(0x7f0000000480)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x6}}, @ip_ttl={{0x14, 0x0, 0x2, 0x7fff}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r7, @loopback, @local}}}, @ip_retopts={{0x20, 0x0, 0x7, {[@ssrr={0x89, 0xf, 0x22, [@rand_addr=0x64010102, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback]}]}}}, @ip_tos_u8={{0x11}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x193}}], 0xa0}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r8, &(0x7f0000000000)={0x0, 0x40000, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000002010101000000000000000002000000040001801800028014000180080001007f00000108000200ac1414aa140019800800010004000000080002"], 0x44}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

1.792974967s ago: executing program 0 (id=2781):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x401, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1ffc, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x120, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000d80)={&(0x7f0000000180)='kfree\x00'}, 0x18)
socket$inet6_tcp(0xa, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00'}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)

1.681654108s ago: executing program 1 (id=2782):
r0 = io_uring_setup(0x4d3f, &(0x7f0000000240)={0x0, 0xca6a, 0x40, 0x1, 0x6})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, 0x0, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000100)='rxrpc\x00', 0x0, &(0x7f0000000280)="0000000000000004ff6943b80000000800000028f2000000008607000000ebb01f63dd65dd530700a28f2cbf86f474fad8cb594ed9fabe9ec277bb8d0000009c238532dd4c6ee9eddd58a599264432dc88941a476f8674c3b25a20e8d25504d773dd523add126ab51ca15c9d0436b3d0164bda8d9ed4e88158a20d3c55bd06050b964a5503bd0ef4b3a0823ad11bfae501057d95ba3e8d12893e6201c24e96b3031a817db4aa92e708a23ec370714940856977cb6f99f8ddc11996d1d5587f9c325bf5c2f77088d08a05af40a5392711377de42a66c2adee5a0612b9", 0xdc, r2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/slabinfo\x00', 0x0, 0x0)
pread64(r4, &(0x7f0000000280)=""/155, 0x9b, 0x8000000)
pread64(r4, &(0x7f0000000180)=""/203, 0xcb, 0xd222)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYRES8], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000400)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x3ff, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
connect$inet(r1, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='module_request\x00', r6}, 0x18)
socketpair(0x3, 0x1, 0xe6e, &(0x7f0000000200))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f0000000380)=ANY=[@ANYBLOB="91103a000000000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000), 0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000180)={r7, 0x20, &(0x7f0000000140)={&(0x7f0000000040)=""/45, 0x2d, 0x0, &(0x7f0000000080)=""/161, 0xa1}}, 0x10)

1.653648969s ago: executing program 2 (id=2783):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c80)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x400000000000004)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_SCRNMAP(r3, 0x4b52, &(0x7f0000000180))
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000000040)=0x1000000, 0x4)
writev(r2, &(0x7f0000000100)=[{&(0x7f0000000180)="480000001400190d7ebdeb75fd0d9c562c84d8c033aae421962ea6ff3cd3c461ebe430a2ed7a80ffe0090f000000000000a2bc5603ca00000f7f89000000200000004a24", 0x44}], 0x1)
sendmsg$NFT_MSG_GETTABLE(r2, 0x0, 0x50)
bind$xdp(r1, &(0x7f0000000080)={0x2c, 0x4, 0x0, 0x19}, 0x10)
ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
close_range(r4, 0xffffffffffffffff, 0x0)

1.452363981s ago: executing program 1 (id=2784):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket(0x2, 0x80805, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@deltfilter={0x68, 0x2d, 0x8, 0x70bd28, 0x25dfdbfe, {0x0, 0x0, 0x0, r5, {0x10, 0x1f}, {0x9, 0x6}, {0xfff1, 0x1}}, [@filter_kind_options=@f_basic={{0xa}, {0x18, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0x8, 0x9}}, @TCA_BASIC_POLICE={0xc, 0x4, [@TCA_POLICE_RESULT={0x8, 0x5, 0x9}]}]}}, @TCA_RATE={0x6, 0x5, {0x5, 0x1}}, @TCA_CHAIN={0x8, 0xb, 0x7}, @filter_kind_options=@f_flow={{0x9}, {0x4}}]}, 0x68}, 0x1, 0x0, 0x0, 0x80}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r6=>0x0]}, &(0x7f0000000040)=0x8)
r7 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x5, 0xa5d4}, 0x4c58, 0x5, 0x0, 0x1, 0x6, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x13, r7, 0x0)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040))
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000400)=0x11)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000000)={0x7, 0x0, 0xa, 0x6, r6}, 0x10)
setsockopt$inet_sctp_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f0000000100)={r6, 0x1000, 0x5e, "d0217d1128a6db2a5972b26152e2aa33cabe9f4232e3d4e0d88a138ac13ea2185871f61359106ecba1f067a76aaeca765152c62f421230136367451004dc34e39c53ea9f537b87f8df38ea49e2e213eaf561bee4d64dbd204540ec6ee5c8"}, 0x66)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r9}, 0x8)
setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000180)=0x1, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x7, 0x4, 0x8, 0x10, 0x40b44, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
sendmsg$NFT_BATCH(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f68737200"], 0xfc}}, 0x0)

1.342249853s ago: executing program 2 (id=2786):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

1.287431643s ago: executing program 1 (id=2787):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB], 0x0, 0x401, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1ffc, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x120, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000d80)={&(0x7f0000000180)='kfree\x00'}, 0x18)
socket$inet6_tcp(0xa, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00'}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)

1.142456885s ago: executing program 4 (id=2789):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x8, 0x5, 0x7, 0x8, 0x0, 0x80000001, 0x100, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0x8000000000000000, 0x5}, 0x4, 0x1, 0x9, 0x2, 0x10000, 0x9, 0x9, 0x0, 0x7f, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000680)={{r0}, &(0x7f0000000600), &(0x7f0000000640)='%pB    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

1.094207586s ago: executing program 3 (id=2790):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a3000000000ac000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d68001280340001800a0001006c696d697400f213240002800c00024000000000000010000c0001400000000000000001080004400000000130000180080001006475700024000280080002400000000c080002400000000d080001400000001608000240000000130800034000000110f0020000160a01020000000000000000020000020900020073797a3100000000d00003800800014000000000040003800800014000000000b80003801400010068737230000000000a0000000000000014000100626f6e645f736c6176655f3100000000140001006e6963766630000000000000000000001400010077673200000000000000000000000000140001006272696467655f736c6176655f3100001400010070696d367265673100000000000000001400010064766d72703100000000000000000000140001007465616d5f736c6176655f300000000014000100726f736530000000000000000000000000020380b80003801400010076657468315f766972745f7769666900140001006272696467655f736c6176655f300000140001006d6163766c616e30000000000000000014000100776731000000000000000000000000001400010062617461647630000000000000000000140001"], 0x418}, 0x1, 0x0, 0x0, 0x8001}, 0x20050000)

1.079932736s ago: executing program 2 (id=2791):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xd, &(0x7f0000000a00)=ANY=[@ANYRES32=r0, @ANYRES32=r0, @ANYRES64=r0], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7c6f95425a98427, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000b00)='xen_mc_flush_reason\x00', r1, 0x0, 0x100000000000}, 0x18)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_read_part_table(0x5f8, &(0x7f0000000bc0)="$eJzs0zGIU3ccB/Bf0jNXBRE7uTVchliXEzJer2BDfBwBcwSLDiK62SGLTh1iAoaKg2eHiOByDpbCGSq0TiKCIOLFQcgkinZREYciuFjFpuTu3XItB4UctPD5wHuP/+//+70vfx4v+F/Lxu/D4TATEcPJDdqGrdE9t778zVJl/1x+fl/9YEQmjkTE9+//+GG0k1kbTN86la6fpevSrYnG+aXk7EJ3+64b+Q8PsrEa0I5YuV72Lx8d5znZHLtP7bmTaQ923qzGlU9jeWZb4/CJXvGLbO/h+9H2n+nn3rJuLD+u/Ouz93ac6ZxMvsxFPEqaz5NX2bdvkgOXFqdzF1r14uu9ad+xcQWu0/h4KHft6t1y58XW0v1qrdb9+cnFQrNyu3N60C88fnfueNr3dKO/CwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/4zdp/bc+Twz2HmzGleWv1qe2dY4fKJXLLd6D+d//frH/E9TkVnpm96k/Ouz93ac6ZxMFr6b/fZR0nyevMq+fZMcuLQ4nbvQqhdf7037jv3DbG4M+Y2Ph3LXrt4td15sLd2v1mrdLXGx0Kzc7pwe9AuP3507Hp/9Uq5GPJ0cxWXHkAgAAAAAAAAAAAAAAAAAAAB/V9k/l5/fVz8YkYkjETGzOPdkVB9Ormx/stY3lT6frdajdGuicX4pObvQ3b7rRv7Dg9/Sejsb0Y6Il/3LRzdOnticA/Gv/BUAAP//FI2HuA==")
r3 = socket$l2tp(0x2, 0x2, 0x73)
recvmsg(r3, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000004c0)=""/86, 0x56}, {&(0x7f0000000540)=""/87, 0x57}, {&(0x7f00000005c0)=""/254, 0xfe}], 0x3}, 0x0)

1.042174686s ago: executing program 4 (id=2792):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f0000000340), 0x1, 0x5af, &(0x7f00000005c0)="$eJzs3U1oG9kdAPD/SFadDzd2oYW25BDaQgohsp2PNu0puZYGAjkUekmFrBhj2QqW3MbGB+ceSnMobcklvbWHPe6yhz0se1nYy173ssueF8LG7EKcQ1bL6MNObMkrZyPLsX4/GGnevJH+783oP9I8ZlAAQ+tM+pCJ+FlE3Egixl+oG4lW5Znmepsba8VnG2vFJOr1m18mkUTE0421Ynv9pPV8MiLWI+KnEfFBLuJcZnfc6srqfKFcLi21ypO1hTuT1ZXV83MLhdnSbGnx4m9/d/nKpcvTrffqKLe/vt7/7MHf73/8h0cP/v/W6fXiPwtJXI2xVt2L/XidmtskF1d3LL/Uj2ADlAy6AbySbCvP01T6SYxHtpX1ndTHD7RpQJ/VRyPq+5Gs72t14DBL9pf/wJHR/h2Qnv92PJ3O9vf3x+NrzROQNP5ma2rWjDTHJuJY49zkxFfJS2cm6fnmRH+bxhBYvxcRUyMj6eevPTVrktbn79VNvY4G0lfvX2vuqN37P7N1/IkOx5+x9tjp99Q+/m3uOv5tx892Of7d6DHG8z9//p+u8e9F/Lxj/GQrftIhfiYi/tJj/Id/evdKt7r6fyPORuf4bcn2+PBo7BwfvjA9eXuuXJpqPkYc3x3jvbOnf79X/090id8csz3W+JrptP3v9Nj/dz58+xfdxrDT+L/+5d77v9P2T7v5jx7j/+jp//7Yre7xveRJ+itgv/s/Xfaox/i/uXrm0y5VHfYWAAAAAAAAAADQq0zjWrYkk9+az2Ty+eY9vD+OE5lypVo7d7uyvDjTvOZtInKZ1pVWjXuFJyKXpOXp1vW47fKFHeWL7euIs8cb5XyxUp4ZcN8BAAAAAAAAAAAAAAAAAADgsDi54/7/r7ON+/93/l01cFR1/8tv4KiT/zC8Xs7/JGJ0YE0BDpjvfxhadfkPw0v+w/CS/zC85D8ML/kPw0v+w/CS/wAAAAAAAAAAAAAAAAAAAAAAAAAA0Bc3rl9Pp/qzjbViWp4ZWVmer/z1/EypOp9fWC7mi5Wl5/nZSmW2XMoXKwvf9X7lSuXOVCwu352slaq1yerK6q2FyvJi7dbcQmG2dKuUO5BeAQAAAAAAAAAAAAAAAAAAwJtlrDElmXxEZBrzmUw+H/HDiJiIXHJ7rlyaiohTEfFJNjealqcH3WgAAAAAAAAAAAAAAAAAAAA4Yqorq/OFcrm0NCQzI7uWfNR95YhYf73NSN9xX68anS+Uc619dVi24Zs2c2rvdbKx98vbqXJYunNAM4M7JgEAAAAAAAAAAAAAAAAAwLDavum311d8098GAQAAAAAAAAAAAAAAAAAAwFDKfJFERDqdHf/V2M7aHySb2cZzRPzt4c1/3S3UakvT6fInW8tr/24tvzCI9gO9audpO48BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAbdWV1flCuVxa6uPMoPsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Cq+DQAA//+xOM2M")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8f70000000000ff000044850000000e000000650000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x5c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x5c}}, 0x0)

968.192738ms ago: executing program 3 (id=2793):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8f70000000000ff000044850000000e000000650000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
r4 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
mq_timedsend(r4, 0x0, 0x0, 0x6, 0x0)
mq_timedreceive(r4, &(0x7f0000004600)=""/102381, 0xfffffceb, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000000680)=@newtaction={0x90, 0x30, 0x216822a75a8bdd29, 0xffe4, 0x0, {}, [{0x7c, 0x1, [@m_connmark={0x34, 0x2, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x90}}, 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r2, 0x84009422, &(0x7f0000000740)={0x0, 0x0, {0x0, @struct, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r4, 0xc400941d, &(0x7f0000000b40)={r6, 0x8, 0x8000000000000001, 0x1})
sendmsg$nl_route(r5, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=@getroute={0x14, 0x1a, 0x100, 0x70bd27, 0x25dfdbff, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x91}, 0x24000800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x5c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x5c}}, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r5, 0x10e, 0x1, &(0x7f0000000240)=0x9, 0x4)

871.223739ms ago: executing program 3 (id=2794):
r0 = io_uring_setup(0x4d3f, &(0x7f0000000240)={0x0, 0xca6a, 0x40, 0x1, 0x6})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, 0x0, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000100)='rxrpc\x00', 0x0, &(0x7f0000000280)="0000000000000004ff6943b80000000800000028f2000000008607000000ebb01f63dd65dd530700a28f2cbf86f474fad8cb594ed9fabe9ec277bb8d0000009c238532dd4c6ee9eddd58a599264432dc88941a476f8674c3b25a20e8d25504d773dd523add126ab51ca15c9d0436b3d0164bda8d9ed4e88158a20d3c55bd06050b964a5503bd0ef4b3a0823ad11bfae501057d95ba3e8d12893e6201c24e96b3031a817db4aa92e708a23ec370714940856977cb6f99f8ddc11996d1d5587f9c325bf5c2f77088d08a05af40a5392711377de42a66c2adee5a0612b9", 0xdc, r2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/slabinfo\x00', 0x0, 0x0)
pread64(r4, &(0x7f0000000280)=""/155, 0x9b, 0x8000000)
pread64(r4, &(0x7f0000000180)=""/203, 0xcb, 0xd222)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYRES8], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000400)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x3ff, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
connect$inet(r1, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='module_request\x00', r6}, 0x18)
socketpair(0x3, 0x1, 0xe6e, &(0x7f0000000200))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f0000000380)=ANY=[@ANYBLOB="91103a000000000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000), 0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000180)={r7, 0x20, &(0x7f0000000140)={&(0x7f0000000040)=""/45, 0x2d, 0x0, &(0x7f0000000080)=""/161, 0xa1}}, 0x10)

870.113239ms ago: executing program 4 (id=2795):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000680)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x48400, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
openat$ppp(0xffffffffffffff9c, 0x0, 0x800, 0x0)
socketpair(0x3b, 0x2, 0x5c1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='mm_page_free\x00', r1}, 0x18)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
syz_clone(0xe50c1700, 0x0, 0x0, 0x0, 0x0, 0x0)
close(0x3)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
sendmsg$NFT_BATCH(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a1c000000080a01030000000000000000010000090800094000000002e4000000160a010400000000000000000500000a9400038090000380140001006d6163766c616e300000000000000000140001007465616d5f736c6176655f31000000001400010076657468305f746f5f7465616d0000001400010076657468305f766c616e00000000000014000100626f6e645f736c6176655f3100000000140001006261746164765f736c6176655f300000140001006c6f00000000000000000000000000000900010073797a30000000000c00054000000000000000030900020073797a32000000000900020073797a30000000000900020073797a320000000024000000080a010200000000000000000100000608000b4000000003080009400000000320000000120a010200000000000000000a0000000c00064000000000000000055c0300000e0a01020000000000000000010000063c0303804800008044000180400001005e8f949fa64e0a74aacf74bc574929d2670df7faeed45654565bd160e91ddc0765e1d6594b3ddfef5721f2c28f8159cb800900090073797a32000000000c00044000000000000000010c000440000000000000000d0e000640aff40577465f302e6b4f00000800034000000002c000064024a820b9421c7ca03262dc66b9fdca46d8e72099cf9c839252a5768a7d1891922637c3f1561b72d5835a5090d98f805dcc3d2f07ac8fb3e2439b9c4ff5c348065124301592deb804733f578c4ff93c56786a4729b137d220c920c502fa56386f2fcc2c02ecb1f5da56c2aa93a708d9544d7bcb338a1417ff660e337a2c53cfbda3b8d41a4a9e9ee6ef001d89c436441bda90723eade87b4dba6a2d8a0ee90cec583490524bb40de4ada4307adb3852e9aaf00d06dd1a811b6a4416480c00078008000100647570000900090073797a3000000000e40000800c0005400000000000000003d4000a80ce000100de9863ef5159654fd3e8851a2b1dcef9c108de6fc4f50880c7e550fb91ebafe2bc2f937a2320e1a919b255b1fe7e1edef164ae59cfd1010c37fc98aae2d90c9cb536bfe8230415412be7382b2acadcccd562f6ec6cb6aca3df51ea177aeb47f06fc24cd5fe580a1983d804b1be9a8a3bf4f68dd50a75a5e2d20a5c2ff66638d13a5b2ef759014005337fb485ad7e34bfb61b2df697c853eb3bccd9385c9149604aaed02b77c63cc4d2cacf15faf5e6c8b88f4a3ccf189611b5b8fbaabb54aadc4a5fea7f15cc2a4a9da60000f40000800c000540000000000000cd3608000340000000020800034000000003380006402ebba42a44577b143aaa0027eab4c90f32e76f1e0742bd216c08ad1b36379f15c78886c58bbc897c9ec1aa95ba6eadd3041432268100064026eb0893987e69cbc5bc740731193667d512ebf2e4fc0cd30ebd392a5416a0d7f43db14e600c04af5d737d14e343abf4371209753dd882488c072676cf4e586b09f7b189aba6b68fb0984517d3b5f7b10c36a0cb1b23a37b155b5a9528ce7867f63d830eba61d913c88d171c4c1a17de4a6d03414358ed9d05b13701330000000c00044000000000800000010900090073797a32000000000900010073797a300000000048000000060a010100000000000000000a00000508000a400000000008000b400000000208000a400000000008000b400000000408000b40000000020c000640000000000000000204010000140a03000000000000000000050000050900020073797a30000000000900010073797a3100000000c9000800933ba8cd153c62f9e8515251dfe792d62adb3f4545d6e0fa64c3f224094e24d937d2cf6a6e61d22f0a26b6040e72fc32c1340fa290e2db764a0f7fe136ea00826b038f2bf11bb59eedd29dc8dcc210f4a08b59a8f9a35678be03f5652cd645dd183e3bb4cb3bdb18d3e4b118794cb2a7870f0d6b1f7879e7252af8fa34a89d3905f94d33f2f0bee0e4206f001da9af574d21b967e4b56745dea762fc345038b518b0631efb0362d25803f591e9ba47962c8090bde59a4712c81aaf5dbc264e19e034950a960000000900010073797a3000000000140000001100010000000000000000000100000a"], 0x614}}, 0x40)

752.35955ms ago: executing program 3 (id=2796):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c80)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x400000000000004)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_SCRNMAP(r3, 0x4b52, &(0x7f0000000180))
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000000040)=0x1000000, 0x4)
writev(r2, &(0x7f0000000100)=[{&(0x7f0000000180)="480000001400190d7ebdeb75fd0d9c562c84d8c033aae421962ea6ff3cd3c461ebe430a2ed7a80ffe0090f000000000000a2bc5603ca00000f7f89000000200000004a24", 0x44}], 0x1)
sendmsg$NFT_MSG_GETTABLE(r2, 0x0, 0x50)
bind$xdp(r1, &(0x7f0000000080)={0x2c, 0x4, 0x0, 0x19}, 0x10)
ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
close_range(r4, 0xffffffffffffffff, 0x0)

641.342722ms ago: executing program 0 (id=2797):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket(0x2, 0x80805, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@deltfilter={0x68, 0x2d, 0x8, 0x70bd28, 0x25dfdbfe, {0x0, 0x0, 0x0, r5, {0x10, 0x1f}, {0x9, 0x6}, {0xfff1, 0x1}}, [@filter_kind_options=@f_basic={{0xa}, {0x18, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0x8, 0x9}}, @TCA_BASIC_POLICE={0xc, 0x4, [@TCA_POLICE_RESULT={0x8, 0x5, 0x9}]}]}}, @TCA_RATE={0x6, 0x5, {0x5, 0x1}}, @TCA_CHAIN={0x8, 0xb, 0x7}, @filter_kind_options=@f_flow={{0x9}, {0x4}}]}, 0x68}, 0x1, 0x0, 0x0, 0x80}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r6=>0x0]}, &(0x7f0000000040)=0x8)
r7 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x5, 0xa5d4}, 0x4c58, 0x5, 0x0, 0x1, 0x6, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x13, r7, 0x0)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040))
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000400)=0x11)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000000)={0x7, 0x0, 0xa, 0x6, r6}, 0x10)
setsockopt$inet_sctp_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f0000000100)={r6, 0x1000, 0x5e, "d0217d1128a6db2a5972b26152e2aa33cabe9f4232e3d4e0d88a138ac13ea2185871f61359106ecba1f067a76aaeca765152c62f421230136367451004dc34e39c53ea9f537b87f8df38ea49e2e213eaf561bee4d64dbd204540ec6ee5c8"}, 0x66)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r9}, 0x8)
setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000180)=0x1, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x7, 0x4, 0x8, 0x10, 0x40b44, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
sendmsg$NFT_BATCH(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f68737200"], 0xfc}}, 0x0)

417.403785ms ago: executing program 0 (id=2798):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x8, 0x5, 0x7, 0x8, 0x0, 0x80000001, 0x100, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0x8000000000000000, 0x5}, 0x4, 0x1, 0x9, 0x2, 0x10000, 0x9, 0x9, 0x0, 0x7f, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000680)={{r0}, &(0x7f0000000600), &(0x7f0000000640)='%pB    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX])

324.178476ms ago: executing program 4 (id=2799):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x8, 0x5, 0x7, 0x8, 0x0, 0x80000001, 0x100, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0x8000000000000000, 0x5}, 0x4, 0x1, 0x9, 0x2, 0x10000, 0x9, 0x9, 0x0, 0x7f, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000680)={{r0}, &(0x7f0000000600), &(0x7f0000000640)='%pB    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
lchown(&(0x7f0000000300)='./file0\x00', 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)

323.726436ms ago: executing program 0 (id=2800):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
clock_nanosleep(0xfffffff2, 0x0, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)
r2 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x14)
fcntl$setsig(r2, 0xa, 0x13)
fcntl$setlease(r2, 0x400, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000440)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x5437, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x0, 0x1000002a, 0x0, 0x0, 0x10000000101, 0x2, 0x1, 0x7, 0xbefffffc}, 0x0)
ioctl$MON_IOCG_STATS(0xffffffffffffffff, 0x80089203, &(0x7f00000000c0))

307.813756ms ago: executing program 4 (id=2801):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

232.297037ms ago: executing program 3 (id=2802):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x8, 0x5, 0x7, 0x8, 0x0, 0x80000001, 0x100, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0x8000000000000000, 0x5}, 0x4, 0x1, 0x9, 0x2, 0x10000, 0x9, 0x9, 0x0, 0x7f, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000680)={{r0}, &(0x7f0000000600), &(0x7f0000000640)='%pB    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
lchown(&(0x7f0000000300)='./file0\x00', 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)

220.422897ms ago: executing program 2 (id=2803):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x8, 0x5, 0x7, 0x8, 0x0, 0x80000001, 0x100, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0x8000000000000000, 0x5}, 0x4, 0x1, 0x9, 0x2, 0x10000, 0x9, 0x9, 0x0, 0x7f, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000680)={{r0}, &(0x7f0000000600), &(0x7f0000000640)='%pB    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

128.672438ms ago: executing program 3 (id=2804):
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xb, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='GPL\x00', 0xf, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (fail_nth: 8)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f00000010c0)=0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x2000000000000000, 0x0, 0x50)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000b40)=@raw={'raw\x00', 0x3c1, 0x3, 0x410, 0x0, 0x9403, 0x0, 0x230, 0x2c0, 0x340, 0x3d8, 0x3d8, 0x340, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x208, 0x230, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@unspec=@physdev={{0x68}, {'ip6tnl0\x00', {0xff}, 'erspan0\x00', {}, 0x8, 0x2}}]}, @common=@unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00', 0x0, {0x8}}}, {{@uncond, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x0, 0xfffffffc]}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x470)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0x39, &(0x7f00000000c0)=ANY=[], 0x38)
pread64(r2, &(0x7f0000000080)=""/237, 0xed, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x4e20, @dev}, 0x10)

116.369249ms ago: executing program 2 (id=2805):
r0 = syz_open_dev$MSR(&(0x7f0000000000), 0x401, 0x0)
ioctl$BTRFS_IOC_BALANCE_CTL(r0, 0x40049421, 0x2)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={<r1=>0x0}, &(0x7f0000000080)=0xc)
ptrace$pokeuser(0x6, r1, 0xe931, 0x8)
r2 = socket$caif_seqpacket(0x25, 0x5, 0x0)
sendto(r2, &(0x7f00000000c0)="62bc4bc00743ee3e3f782e1a2da3486628cb0f6c99bf21d619d449c4909325efcf0341ea5d6fe0ca5cf5e071c723bb3d9276fb49abb3c0cafcbc9dbfc169ccf5c1bd0142ccaeceed06a727d05b3824dc5e6c252dbb67806bdc6b025bcaa2e4fdbc44186dfc4e36", 0x67, 0x20040040, &(0x7f0000000140)=@sco, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000340)={'tunl0\x00', &(0x7f0000000280)={'sit0\x00', <r3=>0x0, 0x20, 0x80, 0x0, 0x1, {{0x25, 0x4, 0x0, 0x39, 0x94, 0x68, 0x0, 0x9, 0x29, 0x0, @broadcast, @local, {[@timestamp_addr={0x44, 0x24, 0x8f, 0x1, 0xd, [{@local}, {@dev={0xac, 0x14, 0x14, 0x19}}, {@local, 0x6a4c}, {@loopback, 0xa8}]}, @ssrr={0x89, 0x7, 0x43, [@multicast2]}, @timestamp_addr={0x44, 0x3c, 0xd, 0x1, 0xf, [{@multicast1, 0x9}, {@private=0xa010101, 0x3}, {@loopback, 0x8}, {@broadcast, 0x4}, {@remote, 0x3}, {@local, 0x2}, {@rand_addr=0x64010101, 0xb}]}, @timestamp_prespec={0x44, 0xc, 0xa3, 0x3, 0x3, [{@rand_addr=0x64010102, 0x1}]}, @timestamp={0x44, 0xc, 0x58, 0x0, 0x1, [0xfffffffc, 0x3]}]}}}}})
r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000380), 0x2000, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000440)={0x8, <r5=>0x0}, 0x8)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x13, &(0x7f0000000480)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1ad, 0x0, 0x0, 0x0, 0x7}, {}, {}, [@jmp={0x5, 0x1, 0x1, 0x9, 0xa, 0xffffffffffffffc0, 0xfffffffffffffffc}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @ldst={0x3, 0x3, 0x2, 0x2, 0x9, 0xfffffffffffffff4, 0xfffffffffffffff0}, @exit], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000540)='GPL\x00', 0x5b9c, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x6, 0x3}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x8, 0xa, 0x9}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[0x1, 0x1, 0x1], &(0x7f0000000640)=[{0x3, 0x1, 0x9, 0x9}, {0x3, 0x3, 0x7, 0x5}, {0x2, 0x4, 0x10, 0x2}, {0x1, 0x4, 0x7, 0xb}, {0x0, 0x4, 0x4, 0x1}, {0x5, 0x2, 0x1}, {0x0, 0x5, 0xb, 0x2}, {0x1, 0x5, 0x1, 0x6}], 0x10, 0x1, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x13, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000200)='syzkaller\x00', 0x9, 0x16, &(0x7f0000000240)=""/22, 0x40f00, 0x1a, '\x00', r3, @fallback=0xb, r4, 0x8, &(0x7f00000003c0)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000400)={0x5, 0x4, 0x11}, 0x10, r5, r6, 0x4, 0x0, &(0x7f0000000780)=[{0x0, 0x1, 0x10, 0x6}, {0x5, 0x1, 0x2}, {0x5, 0x4, 0x7, 0xe}, {0x0, 0x4, 0xc}], 0x10, 0x2, @void, @value}, 0x94)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$ARPT_SO_GET_REVISION_TARGET(r8, 0x0, 0x63, &(0x7f0000000880)={'icmp\x00'}, &(0x7f00000008c0)=0x1e)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000009c0)={r4, 0x20, &(0x7f0000000980)={&(0x7f0000000900), 0x0, <r9=>0x0, &(0x7f0000000940)=""/20, 0x14}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000a00)=r9, 0x4)
getsockopt$IP_VS_SO_GET_VERSION(r8, 0x0, 0x480, &(0x7f0000000a40), &(0x7f0000000a80)=0x40)
r10 = openat$cgroup_ro(r4, &(0x7f0000000ac0)='cgroup.kill\x00', 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000b00)={r4, <r11=>0xffffffffffffffff}, 0x4)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000e40)={0x1e, 0x1c, &(0x7f0000000b40)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfad, 0x0, 0x0, 0x0, 0x3}, [@alu={0x4, 0x0, 0x0, 0x6, 0x2b1c108d851ffe2e, 0xffffffffffffffc0}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r11}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0x4}, @cb_func={0x18, 0x0, 0x4, 0x0, 0x2}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x7}, @func={0x85, 0x0, 0x1, 0x0, 0x5}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x80}, @map_fd={0x18, 0x4, 0x1, 0x0, r4}]}, &(0x7f0000000c40)='syzkaller\x00', 0x3, 0xf8, &(0x7f0000000c80)=""/248, 0x40f00, 0x22, '\x00', 0x0, @sk_lookup=0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000d80)={0x0, 0x6, 0x48000000, 0x5}, 0x10, r5, r7, 0x6, 0x0, &(0x7f0000000dc0)=[{0x4, 0x2, 0xe, 0x8}, {0x1, 0x3, 0x6, 0x2}, {0x5, 0x1, 0xc, 0x6}, {0x5, 0x1, 0x0, 0x4}, {0x2, 0x3, 0x5, 0xc}, {0x3, 0x3, 0x10, 0x1}], 0x10, 0x200, @void, @value}, 0x94)
close_range(r6, r0, 0x2)
setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r10, 0x84, 0x7, &(0x7f0000000f00)={0x1ff}, 0x4)
r13 = socket$inet6_icmp(0xa, 0x2, 0x3a)
sendto$inet6(r13, &(0x7f0000000f40)="b130de8a037645e7d424e3515e2290be9b896917509769afb9a7c728e80b429da1f932744d70e996f1829d542c152f2343d8327cc0af6e06912e251312671e50d7a39bf3604a2798f4256718f6f92e4347d52687cebb3746c3cf8645c48dd4dac859c2e5e192201221186ae248c92aa548521bd7f01773812ae6aa9282dab6e5616f323e9a9a60564966c3e80d49f725806e3902cdea2be4203e828c3958f7221245dc5c465be63cbad68f5fe0abb5e801f7fa69b0eb6957055efaa6", 0xbc, 0x44, &(0x7f0000001000)={0xa, 0x4e22, 0x8001, @local, 0xe2a}, 0x1c)
r14 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r15 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000001080), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADDDEF(r14, &(0x7f0000001140)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000001100)={&(0x7f00000010c0)={0x28, r15, 0x4, 0x70bd2d, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast2}]}, 0x28}, 0x1, 0x0, 0x0, 0x4cc0}, 0x20000040)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001200)={{r4}, &(0x7f0000001180), &(0x7f00000011c0)=r12}, 0x20)
r16 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x7, '\x00', 0x0, r10, 0x1, 0x3, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
r17 = getpid()
kcmp(r1, r17, 0x5, r16, r13)

0s ago: executing program 4 (id=2806):
r0 = io_uring_setup(0x4d3f, &(0x7f0000000240)={0x0, 0xca6a, 0x40, 0x1, 0x6})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, 0x0, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000100)='rxrpc\x00', 0x0, &(0x7f0000000280)="0000000000000004ff6943b80000000800000028f2000000008607000000ebb01f63dd65dd530700a28f2cbf86f474fad8cb594ed9fabe9ec277bb8d0000009c238532dd4c6ee9eddd58a599264432dc88941a476f8674c3b25a20e8d25504d773dd523add126ab51ca15c9d0436b3d0164bda8d9ed4e88158a20d3c55bd06050b964a5503bd0ef4b3a0823ad11bfae501057d95ba3e8d12893e6201c24e96b3031a817db4aa92e708a23ec370714940856977cb6f99f8ddc11996d1d5587f9c325bf5c2f77088d08a05af40a5392711377de42a66c2adee5a0612b9", 0xdc, r2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/slabinfo\x00', 0x0, 0x0)
pread64(r4, &(0x7f0000000280)=""/155, 0x9b, 0x8000000)
pread64(r4, &(0x7f0000000180)=""/203, 0xcb, 0xd222)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYRES8], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000400)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x3ff, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
connect$inet(r1, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='module_request\x00', r6}, 0x18)
socketpair(0x3, 0x1, 0xe6e, &(0x7f0000000200))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f0000000380)=ANY=[@ANYBLOB="91103a000000000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000), 0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000180)={r7, 0x20, &(0x7f0000000140)={&(0x7f0000000040)=""/45, 0x2d, 0x0, &(0x7f0000000080)=""/161, 0xa1}}, 0x10)

kernel console output (not intermixed with test programs):

ack.
[  122.829041][ T8823] ext4 filesystem being mounted at /390/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  122.861946][ T8823] FAULT_INJECTION: forcing a failure.
[  122.861946][ T8823] name failslab, interval 1, probability 0, space 0, times 0
[  122.874713][ T8823] CPU: 0 UID: 0 PID: 8823 Comm: syz.1.1771 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  122.874746][ T8823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  122.874759][ T8823] Call Trace:
[  122.874767][ T8823]  <TASK>
[  122.874777][ T8823]  __dump_stack+0x1d/0x30
[  122.874873][ T8823]  dump_stack_lvl+0xe8/0x140
[  122.874903][ T8823]  dump_stack+0x15/0x1b
[  122.874921][ T8823]  should_fail_ex+0x265/0x280
[  122.874964][ T8823]  should_failslab+0x8c/0xb0
[  122.875055][ T8823]  kmem_cache_alloc_node_noprof+0x57/0x320
[  122.875087][ T8823]  ? __alloc_skb+0x101/0x320
[  122.875119][ T8823]  __alloc_skb+0x101/0x320
[  122.875150][ T8823]  netlink_alloc_large_skb+0xba/0xf0
[  122.875215][ T8823]  netlink_sendmsg+0x3cf/0x6b0
[  122.875254][ T8823]  ? __pfx_netlink_sendmsg+0x10/0x10
[  122.875384][ T8823]  __sock_sendmsg+0x145/0x180
[  122.875440][ T8823]  ____sys_sendmsg+0x31e/0x4e0
[  122.875477][ T8823]  ___sys_sendmsg+0x17b/0x1d0
[  122.875532][ T8823]  __x64_sys_sendmsg+0xd4/0x160
[  122.875581][ T8823]  x64_sys_call+0x2999/0x2fb0
[  122.875609][ T8823]  do_syscall_64+0xd2/0x200
[  122.875704][ T8823]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  122.875739][ T8823]  ? clear_bhb_loop+0x40/0x90
[  122.875766][ T8823]  ? clear_bhb_loop+0x40/0x90
[  122.875795][ T8823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.875817][ T8823] RIP: 0033:0x7f86dcb1e969
[  122.875904][ T8823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.875923][ T8823] RSP: 002b:00007f86db187038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  122.875942][ T8823] RAX: ffffffffffffffda RBX: 00007f86dcd45fa0 RCX: 00007f86dcb1e969
[  122.875954][ T8823] RDX: 000000002004c8d4 RSI: 0000200000006040 RDI: 0000000000000008
[  122.876036][ T8823] RBP: 00007f86db187090 R08: 0000000000000000 R09: 0000000000000000
[  122.876050][ T8823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  122.876064][ T8823] R13: 0000000000000000 R14: 00007f86dcd45fa0 R15: 00007ffcf002cf88
[  122.876089][ T8823]  </TASK>
[  123.095512][ T8842] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1777'.
[  123.127945][ T8842] wireguard0: entered promiscuous mode
[  123.148171][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.354178][ T8867] loop4: detected capacity change from 0 to 512
[  123.365613][ T8867] EXT4-fs (loop4): too many log groups per flexible block group
[  123.373404][ T8867] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  123.381503][ T8867] EXT4-fs (loop4): mount failed
[  123.389670][ T8867] 9pnet_fd: Insufficient options for proto=fd
[  123.723254][   T29] kauditd_printk_skb: 157 callbacks suppressed
[  123.723275][   T29] audit: type=1400 audit(1748471886.519:4576): avc:  denied  { create } for  pid=8913 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  123.872843][   T29] audit: type=1400 audit(1748471886.529:4577): avc:  denied  { read } for  pid=8848 comm="syz.1.1779" path="/dev/rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  123.896515][   T29] audit: type=1400 audit(1748471886.529:4578): avc:  denied  { module_request } for  pid=8853 comm="syz.0.1780" kmod="block-major-0-0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  123.918991][   T29] audit: type=1326 audit(1748471886.549:4579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8913 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c957de969 code=0x7ffc0000
[  123.942195][   T29] audit: type=1326 audit(1748471886.549:4580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8913 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7f0c957de969 code=0x7ffc0000
[  123.965585][   T29] audit: type=1326 audit(1748471886.549:4581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8913 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c957de969 code=0x7ffc0000
[  123.988508][   T29] audit: type=1326 audit(1748471886.549:4582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8913 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f0c957de969 code=0x7ffc0000
[  124.011465][   T29] audit: type=1400 audit(1748471886.549:4583): avc:  denied  { open } for  pid=8913 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  124.030241][   T29] audit: type=1400 audit(1748471886.549:4584): avc:  denied  { perfmon } for  pid=8913 comm="+}[@" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  124.051879][   T29] audit: type=1400 audit(1748471886.549:4585): avc:  denied  { kernel } for  pid=8913 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  124.184945][ T8951] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1791'.
[  124.199102][ T8953] loop0: detected capacity change from 0 to 1024
[  124.217515][ T8951] wireguard0: entered promiscuous mode
[  124.225686][ T8953] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  124.381962][ T8971] blktrace: Concurrent blktraces are not allowed on loop7
[  124.441513][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.523922][ T8994] loop1: detected capacity change from 0 to 512
[  124.546770][ T8994] EXT4-fs (loop1): too many log groups per flexible block group
[  124.554692][ T8994] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  124.565038][ T8994] EXT4-fs (loop1): mount failed
[  124.589867][ T8994] 9pnet_fd: Insufficient options for proto=fd
[  124.616679][ T9005] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=53 sclass=netlink_tcpdiag_socket pid=9005 comm=syz.0.1801
[  124.934553][ T9024] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=53 sclass=netlink_tcpdiag_socket pid=9024 comm=syz.0.1802
[  125.058034][ T9054] loop0: detected capacity change from 0 to 1024
[  125.076338][ T9054] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  125.245882][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.283142][ T9075] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  125.289733][ T9075] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  125.298080][ T9075] vhci_hcd vhci_hcd.0: Device attached
[  125.351901][ T9085] vhci_hcd: connection closed
[  125.352098][  T110] vhci_hcd: stop threads
[  125.361138][  T110] vhci_hcd: release socket
[  125.365654][  T110] vhci_hcd: disconnect device
[  125.382926][ T9093] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  125.609270][ T9102] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=53 sclass=netlink_tcpdiag_socket pid=9102 comm=syz.2.1814
[  125.840916][ T9107] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=53 sclass=netlink_tcpdiag_socket pid=9107 comm=syz.0.1815
[  126.000555][ T9118] loop0: detected capacity change from 0 to 1024
[  126.019627][ T9118] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.244664][ T9144] Invalid ELF header magic: != ELF
[  126.250255][ T9137] loop4: detected capacity change from 0 to 1024
[  126.271499][ T9137] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.422405][ T9151] hub 6-0:1.0: USB hub found
[  126.427573][ T9151] hub 6-0:1.0: 8 ports detected
[  126.450956][ T9151] loop3: detected capacity change from 0 to 2048
[  126.536473][ T9156] loop1: detected capacity change from 0 to 1024
[  126.555547][ T9156] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.711908][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.735023][ T9167] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1830'.
[  126.744053][ T9167] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1830'.
[  126.752958][ T9167] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1830'.
[  126.843177][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.878461][ T9176] syzkaller0: entered promiscuous mode
[  126.884031][ T9176] syzkaller0: entered allmulticast mode
[  126.967267][ T9179] loop0: detected capacity change from 0 to 1024
[  126.976563][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.985941][ T9179] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.998197][ T9179] ext4 filesystem being mounted at /370/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.342635][ T9192] Invalid ELF header magic: != ELF
[  127.847276][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.942309][ T9226] loop0: detected capacity change from 0 to 512
[  127.967992][ T9226] EXT4-fs (loop0): too many log groups per flexible block group
[  127.975921][ T9226] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  127.988277][ T9226] EXT4-fs (loop0): mount failed
[  127.998031][ T9226] 9pnet_fd: Insufficient options for proto=fd
[  128.262458][ T9271] blktrace: Concurrent blktraces are not allowed on loop7
[  128.414361][ T9287] blktrace: Concurrent blktraces are not allowed on loop5
[  128.661007][ T9313] hub 6-0:1.0: USB hub found
[  128.674626][ T9313] hub 6-0:1.0: 8 ports detected
[  128.728249][   T29] kauditd_printk_skb: 580 callbacks suppressed
[  128.728263][   T29] audit: type=1326 audit(1748471891.529:5166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9307 comm="syz.2.1849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0c957d5927 code=0x7ffc0000
[  128.761088][ T9313] loop2: detected capacity change from 0 to 2048
[  128.774208][   T29] audit: type=1326 audit(1748471891.559:5167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9307 comm="syz.2.1849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0c9577ab39 code=0x7ffc0000
[  128.797701][   T29] audit: type=1326 audit(1748471891.559:5168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9307 comm="syz.2.1849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0c957d5927 code=0x7ffc0000
[  128.821059][   T29] audit: type=1326 audit(1748471891.559:5169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9307 comm="syz.2.1849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0c9577ab39 code=0x7ffc0000
[  128.844583][   T29] audit: type=1326 audit(1748471891.559:5170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9307 comm="syz.2.1849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c957de969 code=0x7ffc0000
[  128.868486][   T29] audit: type=1326 audit(1748471891.579:5171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9307 comm="syz.2.1849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0c957d5927 code=0x7ffc0000
[  128.891845][   T29] audit: type=1326 audit(1748471891.579:5172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9307 comm="syz.2.1849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0c9577ab39 code=0x7ffc0000
[  128.915255][   T29] audit: type=1326 audit(1748471891.579:5173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9307 comm="syz.2.1849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c957de969 code=0x7ffc0000
[  128.955151][   T29] audit: type=1326 audit(1748471891.689:5174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9311 comm="syz.1.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86dcb1e969 code=0x7ffc0000
[  128.978744][   T29] audit: type=1326 audit(1748471891.689:5175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9311 comm="syz.1.1851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86dcb1e969 code=0x7ffc0000
[  129.023096][ T9319] blktrace: Concurrent blktraces are not allowed on loop1
[  129.177555][ T9329] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  129.231063][ T9335] blktrace: Concurrent blktraces are not allowed on loop3
[  129.337506][ T9350] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  129.409493][ T9346] Invalid ELF header magic: != ELF
[  129.453970][ T9357] syzkaller0: entered promiscuous mode
[  129.459565][ T9357] syzkaller0: entered allmulticast mode
[  129.849994][ T9417] blktrace: Concurrent blktraces are not allowed on loop1
[  129.922049][ T9422] veth0: entered promiscuous mode
[  129.929521][ T9424] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1872'.
[  130.157247][ T9433] hub 6-0:1.0: USB hub found
[  130.162069][ T9433] hub 6-0:1.0: 8 ports detected
[  130.176802][ T9433] loop0: detected capacity change from 0 to 2048
[  130.649069][ T9448] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  131.550376][ T9514] Invalid ELF header magic: != ELF
[  131.583789][ T9522] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  131.855768][ T9559] bridge0: entered promiscuous mode
[  131.861101][ T9559] macvlan2: entered promiscuous mode
[  132.108233][ T9588] Invalid ELF header magic: != ELF
[  132.145665][ T9598] netlink: 'syz.4.1905': attribute type 13 has an invalid length.
[  132.197335][ T9598] gretap0: refused to change device tx_queue_len
[  132.204831][ T9598] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  132.271416][ T9596] hub 6-0:1.0: USB hub found
[  132.281174][ T9596] hub 6-0:1.0: 8 ports detected
[  132.313612][ T9596] loop0: detected capacity change from 0 to 2048
[  132.356636][ T9606] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1907'.
[  132.375331][ T9606] wireguard0: entered promiscuous mode
[  132.475973][ T9618] netlink: 'syz.0.1911': attribute type 13 has an invalid length.
[  132.498720][ T9618] gretap0: refused to change device tx_queue_len
[  132.515361][ T9618] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  132.623770][ T9627] Invalid ELF header magic: != ELF
[  132.739254][ T9645] netlink: 'syz.2.1916': attribute type 13 has an invalid length.
[  132.749079][ T9640] hub 6-0:1.0: USB hub found
[  132.753792][ T9645] gretap0: refused to change device tx_queue_len
[  132.753816][ T9640] hub 6-0:1.0: 8 ports detected
[  132.774845][ T9645] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  132.790557][ T9640] loop0: detected capacity change from 0 to 2048
[  132.827520][ T9650] loop1: detected capacity change from 0 to 512
[  132.842485][ T9650] ext4: Unknown parameter 'nouser_xattr'
[  132.849399][ T9655] netlink: 'syz.2.1918': attribute type 13 has an invalid length.
[  132.872016][ T9655] gretap0: refused to change device tx_queue_len
[  132.880823][ T9655] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  133.201783][ T9688] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1923'.
[  133.245816][ T9688] wireguard0: entered promiscuous mode
[  133.270281][ T9692] hub 6-0:1.0: USB hub found
[  133.281178][ T9692] hub 6-0:1.0: 8 ports detected
[  133.306033][ T9692] loop1: detected capacity change from 0 to 2048
[  133.487620][ T9722] Invalid ELF header magic: != ELF
[  133.535306][ T9727] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  133.541964][ T9727] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  133.556975][ T9727] vhci_hcd vhci_hcd.0: Device attached
[  133.573343][ T9728] vhci_hcd: connection closed
[  133.574461][   T37] vhci_hcd: stop threads
[  133.583521][   T37] vhci_hcd: release socket
[  133.588235][   T37] vhci_hcd: disconnect device
[  133.674592][ T9737] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1934'.
[  133.678503][ T9738] loop1: detected capacity change from 0 to 512
[  133.695978][ T9738] EXT4-fs (loop1): too many log groups per flexible block group
[  133.703708][ T9738] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  133.710847][ T9738] EXT4-fs (loop1): mount failed
[  133.719397][ T9738] 9pnet_fd: Insufficient options for proto=fd
[  133.728523][ T9737] wireguard0: entered promiscuous mode
[  133.834645][ T9745] netlink: 'syz.2.1935': attribute type 13 has an invalid length.
[  133.845074][ T9745] gretap0: refused to change device tx_queue_len
[  133.852082][ T9745] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  134.239243][   T29] kauditd_printk_skb: 881 callbacks suppressed
[  134.239333][   T29] audit: type=1326 audit(1748471897.039:6057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9776 comm="syz.4.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bd96de969 code=0x7ffc0000
[  134.269562][   T29] audit: type=1326 audit(1748471897.039:6058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9776 comm="syz.4.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f5bd96de969 code=0x7ffc0000
[  134.293293][   T29] audit: type=1326 audit(1748471897.039:6059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9776 comm="syz.4.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bd96de969 code=0x7ffc0000
[  134.317018][   T29] audit: type=1326 audit(1748471897.039:6060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9776 comm="syz.4.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f5bd96de969 code=0x7ffc0000
[  134.340633][   T29] audit: type=1326 audit(1748471897.039:6061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9776 comm="syz.4.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bd96de969 code=0x7ffc0000
[  134.364298][   T29] audit: type=1326 audit(1748471897.039:6062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9776 comm="syz.4.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f5bd96de969 code=0x7ffc0000
[  134.387909][   T29] audit: type=1326 audit(1748471897.039:6063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9776 comm="syz.4.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5bd96d5927 code=0x7ffc0000
[  134.411579][   T29] audit: type=1326 audit(1748471897.039:6064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9776 comm="syz.4.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5bd967ab39 code=0x7ffc0000
[  134.434933][   T29] audit: type=1326 audit(1748471897.039:6065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9776 comm="syz.4.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bd96de969 code=0x7ffc0000
[  134.436918][ T9786] loop4: detected capacity change from 0 to 2048
[  134.458347][   T29] audit: type=1326 audit(1748471897.039:6066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9776 comm="syz.4.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f5bd96de969 code=0x7ffc0000
[  134.629891][ T9807] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  134.728963][ T9817] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1946'.
[  134.749890][ T9817] wireguard0: entered promiscuous mode
[  134.941597][ T9839] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  134.948172][ T9839] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  134.957484][ T9839] vhci_hcd vhci_hcd.0: Device attached
[  134.973052][ T9843] vhci_hcd: connection closed
[  134.973187][ T1474] vhci_hcd: stop threads
[  134.982325][ T1474] vhci_hcd: release socket
[  134.986805][ T1474] vhci_hcd: disconnect device
[  135.166561][ T9853] loop2: detected capacity change from 0 to 512
[  135.206182][ T9853] EXT4-fs (loop2): too many log groups per flexible block group
[  135.213945][ T9853] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  135.236800][ T9853] EXT4-fs (loop2): mount failed
[  135.249756][ T9853] 9pnet_fd: Insufficient options for proto=fd
[  135.311754][ T9858] loop3: detected capacity change from 0 to 512
[  135.335193][ T9858] EXT4-fs (loop3): too many log groups per flexible block group
[  135.342966][ T9858] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  135.350512][ T9858] EXT4-fs (loop3): mount failed
[  135.366625][ T9858] 9pnet_fd: Insufficient options for proto=fd
[  135.557942][ T9876] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  135.608389][ T9884] hub 9-0:1.0: USB hub found
[  135.614562][ T9884] hub 9-0:1.0: 8 ports detected
[  135.990423][ T9945] bridge_slave_0: left allmulticast mode
[  135.996341][ T9945] bridge_slave_0: left promiscuous mode
[  136.002056][ T9945] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.013792][ T9945] bridge_slave_1: left allmulticast mode
[  136.019687][ T9945] bridge_slave_1: left promiscuous mode
[  136.025497][ T9945] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.038615][ T9945] bond0: (slave bond_slave_0): Releasing backup interface
[  136.052519][ T9945] bond0: (slave bond_slave_1): Releasing backup interface
[  136.067682][ T9945] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  136.075335][ T9945] batman_adv: batadv0: Removing interface: batadv_slave_0
[  136.090331][ T9945] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  136.097908][ T9945] batman_adv: batadv0: Removing interface: batadv_slave_1
[  136.162577][ T9964] syz2: rxe_newlink: already configured on veth0_to_bond
[  136.262867][ T9975] syz2: rxe_newlink: already configured on veth0_to_bond
[  136.331124][ T9994] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1974'.
[  136.360143][ T9994] wireguard0: entered promiscuous mode
[  136.506526][T10018] loop3: detected capacity change from 0 to 512
[  136.524919][T10018] EXT4-fs (loop3): too many log groups per flexible block group
[  136.532651][T10018] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  136.539660][T10018] EXT4-fs (loop3): mount failed
[  136.546711][T10018] 9pnet_fd: Insufficient options for proto=fd
[  136.576664][T10023] loop2: detected capacity change from 0 to 2048
[  136.620190][T10025] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  136.688674][T10031] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  137.326578][T10065] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  137.341308][T10062] syz2: rxe_newlink: already configured on veth0_to_bond
[  137.378117][T10070] loop4: detected capacity change from 0 to 2048
[  138.210253][T10103] loop2: detected capacity change from 0 to 512
[  138.225251][T10103] EXT4-fs (loop2): too many log groups per flexible block group
[  138.233048][T10103] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  138.239997][T10103] EXT4-fs (loop2): mount failed
[  138.247607][T10103] 9pnet_fd: Insufficient options for proto=fd
[  138.467303][T10136] FAULT_INJECTION: forcing a failure.
[  138.467303][T10136] name failslab, interval 1, probability 0, space 0, times 0
[  138.480156][T10136] CPU: 0 UID: 0 PID: 10136 Comm: syz.1.2007 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  138.480199][T10136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  138.480215][T10136] Call Trace:
[  138.480222][T10136]  <TASK>
[  138.480230][T10136]  __dump_stack+0x1d/0x30
[  138.480252][T10136]  dump_stack_lvl+0xe8/0x140
[  138.480272][T10136]  dump_stack+0x15/0x1b
[  138.480358][T10136]  should_fail_ex+0x265/0x280
[  138.480387][T10136]  ? __se_sys_mount+0xef/0x2e0
[  138.480421][T10136]  should_failslab+0x8c/0xb0
[  138.480477][T10136]  __kmalloc_cache_noprof+0x4c/0x320
[  138.480508][T10136]  ? memdup_user+0x99/0xd0
[  138.480531][T10136]  __se_sys_mount+0xef/0x2e0
[  138.480561][T10136]  ? fput+0x8f/0xc0
[  138.480639][T10136]  ? ksys_write+0x192/0x1a0
[  138.480679][T10136]  __x64_sys_mount+0x67/0x80
[  138.480807][T10136]  x64_sys_call+0xd36/0x2fb0
[  138.480836][T10136]  do_syscall_64+0xd2/0x200
[  138.480918][T10136]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  138.481009][T10136]  ? clear_bhb_loop+0x40/0x90
[  138.481032][T10136]  ? clear_bhb_loop+0x40/0x90
[  138.481065][T10136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.481093][T10136] RIP: 0033:0x7f86dcb1e969
[  138.481112][T10136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.481141][T10136] RSP: 002b:00007f86db187038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  138.481166][T10136] RAX: ffffffffffffffda RBX: 00007f86dcd45fa0 RCX: 00007f86dcb1e969
[  138.481249][T10136] RDX: 00002000000002c0 RSI: 0000200000000080 RDI: 0000000000000000
[  138.481331][T10136] RBP: 00007f86db187090 R08: 0000200000000240 R09: 0000000000000000
[  138.481347][T10136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  138.481383][T10136] R13: 0000000000000000 R14: 00007f86dcd45fa0 R15: 00007ffcf002cf88
[  138.481411][T10136]  </TASK>
[  138.482447][T10133] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10133 comm=syz.3.2008
[  138.760183][T10168] loop4: detected capacity change from 0 to 2048
[  138.815439][T10180] Invalid ELF header magic: != ELF
[  139.059240][T10210] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  139.581282][   T29] kauditd_printk_skb: 236 callbacks suppressed
[  139.581296][   T29] audit: type=1326 audit(1748471902.379:6303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10233 comm="syz.1.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86dcb1e969 code=0x7ffc0000
[  139.611370][   T29] audit: type=1326 audit(1748471902.379:6304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10233 comm="syz.1.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86dcb1e969 code=0x7ffc0000
[  139.635143][   T29] audit: type=1326 audit(1748471902.379:6305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10233 comm="syz.1.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f86dcb1e969 code=0x7ffc0000
[  139.658714][   T29] audit: type=1326 audit(1748471902.379:6306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10233 comm="syz.1.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86dcb1e969 code=0x7ffc0000
[  139.660197][T10235] loop1: detected capacity change from 0 to 2048
[  139.682405][   T29] audit: type=1326 audit(1748471902.379:6307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10233 comm="syz.1.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f86dcb1e969 code=0x7ffc0000
[  139.682447][   T29] audit: type=1326 audit(1748471902.379:6308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10233 comm="syz.1.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86dcb1e969 code=0x7ffc0000
[  139.736223][   T29] audit: type=1326 audit(1748471902.379:6309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10233 comm="syz.1.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f86dcb1e969 code=0x7ffc0000
[  139.759811][   T29] audit: type=1326 audit(1748471902.379:6310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10233 comm="syz.1.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f86dcb15927 code=0x7ffc0000
[  139.783446][   T29] audit: type=1326 audit(1748471902.379:6311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10233 comm="syz.1.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f86dcabab39 code=0x7ffc0000
[  139.807350][   T29] audit: type=1326 audit(1748471902.379:6312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10233 comm="syz.1.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86dcb1e969 code=0x7ffc0000
[  139.922142][T10245] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  139.939386][T10246] loop3: detected capacity change from 0 to 512
[  139.956114][T10246] EXT4-fs (loop3): too many log groups per flexible block group
[  139.964040][T10246] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  139.971531][T10246] EXT4-fs (loop3): mount failed
[  140.012004][T10246] 9pnet_fd: Insufficient options for proto=fd
[  140.278109][T10274] hub 6-0:1.0: USB hub found
[  140.282968][T10274] hub 6-0:1.0: 8 ports detected
[  140.301443][T10274] loop1: detected capacity change from 0 to 2048
[  140.389931][T10280] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  140.830233][T10336] loop3: detected capacity change from 0 to 1024
[  140.860396][T10336] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.889372][T10345] netlink: 80 bytes leftover after parsing attributes in process `syz.2.2051'.
[  140.920669][T10345] wireguard0: entered promiscuous mode
[  140.953779][T10354] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  141.274965][T10394] hub 9-0:1.0: USB hub found
[  141.280115][T10394] hub 9-0:1.0: 8 ports detected
[  141.294077][T10395] loop4: detected capacity change from 0 to 512
[  141.345383][T10395] EXT4-fs (loop4): too many log groups per flexible block group
[  141.353369][T10395] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  141.369103][T10395] EXT4-fs (loop4): mount failed
[  141.391106][T10395] 9pnet_fd: Insufficient options for proto=fd
[  141.582171][T10415] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2066'.
[  141.682174][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.776069][T10437] Invalid ELF header magic: != ELF
[  141.933605][T10446] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2077'.
[  142.092103][T10462] loop4: detected capacity change from 0 to 512
[  142.098762][T10462] ext4: Unknown parameter 'nouser_xattr'
[  142.428459][T10476] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2088'.
[  142.482305][T10480] loop0: detected capacity change from 0 to 2048
[  142.547927][T10486] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2093'.
[  142.567644][T10486] wireguard0: entered promiscuous mode
[  142.588245][T10491] loop2: detected capacity change from 0 to 512
[  142.605577][T10491] EXT4-fs (loop2): too many log groups per flexible block group
[  142.613613][T10491] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  142.623340][T10491] EXT4-fs (loop2): mount failed
[  142.632383][T10491] 9pnet_fd: Insufficient options for proto=fd
[  143.047290][T10521] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  143.423555][T10534] netlink: 80 bytes leftover after parsing attributes in process `syz.2.2109'.
[  143.442715][T10534] wireguard0: entered promiscuous mode
[  143.761305][T10557] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  143.766738][T10560] loop1: detected capacity change from 0 to 1024
[  143.792339][T10560] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.853812][T10567] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  143.860505][T10567] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  143.869222][T10567] vhci_hcd vhci_hcd.0: Device attached
[  143.883614][T10570] loop2: detected capacity change from 0 to 512
[  143.895088][T10570] EXT4-fs (loop2): too many log groups per flexible block group
[  143.902847][T10570] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  143.911398][T10570] EXT4-fs (loop2): mount failed
[  143.919612][T10570] 9pnet_fd: Insufficient options for proto=fd
[  143.927251][T10568] vhci_hcd: connection closed
[  143.927477][   T12] vhci_hcd: stop threads
[  143.936438][   T12] vhci_hcd: release socket
[  143.940894][   T12] vhci_hcd: disconnect device
[  144.444452][T10584] netlink: 80 bytes leftover after parsing attributes in process `syz.4.2122'.
[  144.462787][T10584] wireguard0: entered promiscuous mode
[  144.616736][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.705427][T10599] Invalid ELF header magic: != ELF
[  144.775007][   T29] kauditd_printk_skb: 442 callbacks suppressed
[  144.775065][   T29] audit: type=1326 audit(1748471907.579:6755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10601 comm="syz.2.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c957de969 code=0x7ffc0000
[  144.805066][   T29] audit: type=1326 audit(1748471907.579:6756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10601 comm="syz.2.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f0c957de969 code=0x7ffc0000
[  144.829341][   T29] audit: type=1326 audit(1748471907.579:6757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10601 comm="syz.2.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c957de969 code=0x7ffc0000
[  144.853371][   T29] audit: type=1326 audit(1748471907.579:6758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10601 comm="syz.2.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c957de969 code=0x7ffc0000
[  144.859045][T10603] hub 6-0:1.0: USB hub found
[  144.877472][   T29] audit: type=1326 audit(1748471907.579:6759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10601 comm="syz.2.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f0c957de969 code=0x7ffc0000
[  144.884186][T10603] hub 6-0:1.0: 8 ports detected
[  144.906024][   T29] audit: type=1326 audit(1748471907.579:6760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10601 comm="syz.2.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c957de969 code=0x7ffc0000
[  144.906108][   T29] audit: type=1326 audit(1748471907.579:6761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10601 comm="syz.2.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f0c957de969 code=0x7ffc0000
[  144.958202][   T29] audit: type=1326 audit(1748471907.579:6762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10601 comm="syz.2.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0c957d5927 code=0x7ffc0000
[  144.960645][T10603] loop2: detected capacity change from 0 to 2048
[  144.981641][   T29] audit: type=1326 audit(1748471907.579:6763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10601 comm="syz.2.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0c9577ab39 code=0x7ffc0000
[  144.981727][   T29] audit: type=1326 audit(1748471907.579:6764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10601 comm="syz.2.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c957de969 code=0x7ffc0000
[  145.074745][T10607] loop0: detected capacity change from 0 to 2048
[  145.492773][T10623] loop1: detected capacity change from 0 to 164
[  145.502287][T10623] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  145.516870][T10623] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2133'.
[  145.526088][T10623] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2133'.
[  145.538593][T10625] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=53 sclass=netlink_tcpdiag_socket pid=10625 comm=syz.4.2131
[  145.553221][T10623] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  145.555864][T10624] loop3: detected capacity change from 0 to 2048
[  145.564903][T10623] rock: directory entry would overflow storage
[  145.574029][T10623] rock: sig=0x4f50, size=4, remaining=3
[  145.574056][T10623] iso9660: Corrupted directory entry in block 4 of inode 1792
[  145.605376][T10627] loop1: detected capacity change from 0 to 1024
[  145.638025][T10627] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.704000][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.788061][T10639] loop4: detected capacity change from 0 to 2048
[  145.884997][T10651] netlink: 80 bytes leftover after parsing attributes in process `syz.4.2142'.
[  145.905510][T10651] wireguard0: entered promiscuous mode
[  146.248104][T10672] loop4: detected capacity change from 0 to 1024
[  146.286179][T10672] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.380178][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.422873][T10677] loop0: detected capacity change from 0 to 2048
[  146.656170][T10689] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2154'.
[  146.676714][T10689] wireguard0: entered promiscuous mode
[  146.701597][T10691] loop3: detected capacity change from 0 to 8192
[  146.851322][T10714] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  147.275880][T10764] loop3: detected capacity change from 0 to 2048
[  147.457427][T10787] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  147.541089][T10801] hub 6-0:1.0: USB hub found
[  147.546145][T10801] hub 6-0:1.0: 8 ports detected
[  147.568304][T10801] loop0: detected capacity change from 0 to 2048
[  147.902728][T10850] loop2: detected capacity change from 0 to 2048
[  147.973022][T10861] loop2: detected capacity change from 0 to 164
[  147.981865][T10861] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  147.996235][T10861] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2181'.
[  148.005443][T10861] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2181'.
[  148.017050][T10861] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  148.026231][T10861] rock: directory entry would overflow storage
[  148.032430][T10861] rock: sig=0x4f50, size=4, remaining=3
[  148.038118][T10861] iso9660: Corrupted directory entry in block 4 of inode 1792
[  148.050558][T10866] FAULT_INJECTION: forcing a failure.
[  148.050558][T10866] name failslab, interval 1, probability 0, space 0, times 0
[  148.063360][T10866] CPU: 0 UID: 0 PID: 10866 Comm: syz.4.2182 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  148.063394][T10866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  148.063409][T10866] Call Trace:
[  148.063416][T10866]  <TASK>
[  148.063424][T10866]  __dump_stack+0x1d/0x30
[  148.063449][T10866]  dump_stack_lvl+0xe8/0x140
[  148.063474][T10866]  dump_stack+0x15/0x1b
[  148.063531][T10866]  should_fail_ex+0x265/0x280
[  148.063567][T10866]  ? __se_sys_mount+0xef/0x2e0
[  148.063693][T10866]  should_failslab+0x8c/0xb0
[  148.063718][T10866]  __kmalloc_cache_noprof+0x4c/0x320
[  148.063747][T10866]  ? memdup_user+0x99/0xd0
[  148.063810][T10866]  __se_sys_mount+0xef/0x2e0
[  148.063876][T10866]  ? fput+0x8f/0xc0
[  148.063950][T10866]  ? ksys_write+0x192/0x1a0
[  148.064036][T10866]  __x64_sys_mount+0x67/0x80
[  148.064099][T10866]  x64_sys_call+0xd36/0x2fb0
[  148.064126][T10866]  do_syscall_64+0xd2/0x200
[  148.064206][T10866]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  148.064237][T10866]  ? clear_bhb_loop+0x40/0x90
[  148.064263][T10866]  ? clear_bhb_loop+0x40/0x90
[  148.064354][T10866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.064376][T10866] RIP: 0033:0x7f5bd96de969
[  148.064394][T10866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.064418][T10866] RSP: 002b:00007f5bd7d47038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  148.064441][T10866] RAX: ffffffffffffffda RBX: 00007f5bd9905fa0 RCX: 00007f5bd96de969
[  148.064559][T10866] RDX: 00002000000002c0 RSI: 0000200000000080 RDI: 0000000000000000
[  148.064574][T10866] RBP: 00007f5bd7d47090 R08: 0000200000000240 R09: 0000000000000000
[  148.064596][T10866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.064612][T10866] R13: 0000000000000000 R14: 00007f5bd9905fa0 R15: 00007fffb0bd30a8
[  148.064638][T10866]  </TASK>
[  148.586084][T10918] loop4: detected capacity change from 0 to 1024
[  148.595944][T10918] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.205867][T11001] loop3: detected capacity change from 0 to 512
[  149.218534][T11001] ext4: Unknown parameter 'nouser_xattr'
[  149.288845][T11009] loop1: detected capacity change from 0 to 512
[  149.304339][T11009] EXT4-fs: Ignoring removed nobh option
[  149.311907][T11009] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.2195: invalid indirect mapped block 256 (level 2)
[  149.327669][T11009] EXT4-fs (loop1): 2 truncates cleaned up
[  149.339384][T11009] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.356474][T11009] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2195: bg 0: block 5: invalid block bitmap
[  149.387360][T11009] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  149.399690][T11009] EXT4-fs (loop1): This should not happen!! Data will be lost
[  149.399690][T11009] 
[  149.409382][T11009] EXT4-fs (loop1): Total free blocks count 0
[  149.415407][T11009] EXT4-fs (loop1): Free/Dirty block details
[  149.421329][T11009] EXT4-fs (loop1): free_blocks=0
[  149.426339][T11009] EXT4-fs (loop1): dirty_blocks=66
[  149.431485][T11009] EXT4-fs (loop1): Block reservation details
[  149.437540][T11009] EXT4-fs (loop1): i_reserved_data_blocks=66
[  149.465687][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.546524][ T1474] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 49 with error 28
[  149.663638][T11033] loop2: detected capacity change from 0 to 512
[  149.679362][T11037] loop4: detected capacity change from 0 to 512
[  149.703191][T11033] EXT4-fs (loop2): too many log groups per flexible block group
[  149.711193][T11033] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  149.719895][T11009] syz.1.2195 (11009) used greatest stack depth: 9984 bytes left
[  149.740673][T11037] ext4: Unknown parameter 'nouser_xattr'
[  149.747571][T11033] EXT4-fs (loop2): mount failed
[  149.756798][T11033] 9pnet_fd: Insufficient options for proto=fd
[  149.973048][   T29] kauditd_printk_skb: 592 callbacks suppressed
[  149.973103][   T29] audit: type=1326 audit(1748471912.769:7357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11049 comm="syz.0.2205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  149.983428][T11050] loop0: detected capacity change from 0 to 2048
[  150.023692][   T29] audit: type=1326 audit(1748471912.769:7358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11049 comm="syz.0.2205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  150.047517][   T29] audit: type=1326 audit(1748471912.769:7359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11049 comm="syz.0.2205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  150.071066][   T29] audit: type=1326 audit(1748471912.769:7360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11049 comm="syz.0.2205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  150.094665][   T29] audit: type=1326 audit(1748471912.769:7361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11049 comm="syz.0.2205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  150.118246][   T29] audit: type=1326 audit(1748471912.769:7362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11049 comm="syz.0.2205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  150.141794][   T29] audit: type=1326 audit(1748471912.769:7363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11049 comm="syz.0.2205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f16572ce9a3 code=0x7ffc0000
[  150.165178][   T29] audit: type=1326 audit(1748471912.769:7364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11049 comm="syz.0.2205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f16572cd41f code=0x7ffc0000
[  150.188595][   T29] audit: type=1326 audit(1748471912.789:7365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11049 comm="syz.0.2205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f16572ce9f7 code=0x7ffc0000
[  150.212067][   T29] audit: type=1326 audit(1748471912.789:7366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11049 comm="syz.0.2205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f16572cd2d0 code=0x7ffc0000
[  150.231093][T11057] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2207'.
[  150.258155][T11057] wireguard0: entered promiscuous mode
[  150.281206][T11061] loop4: detected capacity change from 0 to 1024
[  150.296902][T11061] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  150.634597][T11101] Invalid ELF header magic: != ELF
[  150.984985][T11143] loop0: detected capacity change from 0 to 512
[  150.991788][T11143] ext4: Unknown parameter 'nouser_xattr'
[  150.992922][T11140] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  151.004031][T11140] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  151.012520][T11140] vhci_hcd vhci_hcd.0: Device attached
[  151.041413][T11144] vhci_hcd: connection closed
[  151.041585][   T31] vhci_hcd: stop threads
[  151.050771][   T31] vhci_hcd: release socket
[  151.055264][   T31] vhci_hcd: disconnect device
[  151.108439][T11151] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2220'.
[  151.135948][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.165762][T11151] wireguard0: entered promiscuous mode
[  151.198695][T11155] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  151.265553][T11160] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  151.272204][T11160] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  151.304363][T11160] vhci_hcd vhci_hcd.0: Device attached
[  151.355500][T11164] vhci_hcd: connection closed
[  151.355711][   T31] vhci_hcd: stop threads
[  151.365615][   T31] vhci_hcd: release socket
[  151.370138][   T31] vhci_hcd: disconnect device
[  151.385683][T11169] Invalid ELF header magic: != ELF
[  151.643052][T11190] loop3: detected capacity change from 0 to 1024
[  151.664266][T11192] loop1: detected capacity change from 0 to 512
[  151.670873][T11192] EXT4-fs: Ignoring removed oldalloc option
[  151.677719][T11192] EXT4-fs: dax option not supported
[  151.687239][T11190] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  151.857291][T11200] hub 6-0:1.0: USB hub found
[  151.862052][T11200] hub 6-0:1.0: 8 ports detected
[  152.384557][T11219] Invalid ELF header magic: != ELF
[  152.466979][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.594979][T11230] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  152.601638][T11230] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  152.609752][T11230] vhci_hcd vhci_hcd.0: Device attached
[  152.657107][T11231] vhci_hcd: connection closed
[  152.657359][   T37] vhci_hcd: stop threads
[  152.666410][   T37] vhci_hcd: release socket
[  152.670860][   T37] vhci_hcd: disconnect device
[  153.119829][T11280] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  153.222879][T11295] netlink: 80 bytes leftover after parsing attributes in process `syz.4.2253'.
[  153.323337][T11303] wireguard0: entered promiscuous mode
[  153.495895][T11320] loop1: detected capacity change from 0 to 2048
[  153.510110][T11328] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  153.755952][T11354] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  153.924724][T11359] loop0: detected capacity change from 0 to 164
[  153.963058][T11359] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  154.222071][T11371] hub 6-0:1.0: USB hub found
[  154.228193][T11372] loop0: detected capacity change from 0 to 512
[  154.235907][T11371] hub 6-0:1.0: 8 ports detected
[  154.257002][T11372] EXT4-fs (loop0): too many log groups per flexible block group
[  154.264783][T11372] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  154.273217][T11372] EXT4-fs (loop0): mount failed
[  154.287607][T11372] 9pnet_fd: Insufficient options for proto=fd
[  154.298363][T11376] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  154.369105][T11386] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  154.557589][T11404] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  154.564786][T11401] loop2: detected capacity change from 0 to 2048
[  154.978320][   T29] kauditd_printk_skb: 712 callbacks suppressed
[  154.978335][   T29] audit: type=1326 audit(1748471917.779:8079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11367 comm="syz.3.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f58dbb75927 code=0x7ffc0000
[  155.029567][   T29] audit: type=1326 audit(1748471917.809:8080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11367 comm="syz.3.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f58dbb1ab39 code=0x7ffc0000
[  155.053075][   T29] audit: type=1326 audit(1748471917.809:8081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11367 comm="syz.3.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f58dbb7e969 code=0x7ffc0000
[  155.076785][   T29] audit: type=1326 audit(1748471917.819:8082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11367 comm="syz.3.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f58dbb75927 code=0x7ffc0000
[  155.100479][   T29] audit: type=1326 audit(1748471917.819:8083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11367 comm="syz.3.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f58dbb1ab39 code=0x7ffc0000
[  155.123984][   T29] audit: type=1326 audit(1748471917.819:8084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11367 comm="syz.3.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f58dbb7e969 code=0x7ffc0000
[  155.147656][   T29] audit: type=1326 audit(1748471917.819:8085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11367 comm="syz.3.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f58dbb75927 code=0x7ffc0000
[  155.171145][   T29] audit: type=1326 audit(1748471917.819:8086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11367 comm="syz.3.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f58dbb1ab39 code=0x7ffc0000
[  155.194649][   T29] audit: type=1326 audit(1748471917.819:8087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11367 comm="syz.3.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f58dbb7e969 code=0x7ffc0000
[  155.230969][   T29] audit: type=1326 audit(1748471918.029:8088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11417 comm="syz.3.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58dbb7e969 code=0x7ffc0000
[  155.261287][T11418] loop3: detected capacity change from 0 to 2048
[  155.528432][T11433] loop3: detected capacity change from 0 to 2048
[  155.648254][T11451] loop4: detected capacity change from 0 to 1024
[  155.676083][T11451] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  156.200147][T11460] loop2: detected capacity change from 0 to 2048
[  156.237242][T11462] netlink: 80 bytes leftover after parsing attributes in process `syz.0.2299'.
[  156.272327][T11462] wireguard0: entered promiscuous mode
[  156.531444][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.555104][T11498] netlink: 80 bytes leftover after parsing attributes in process `syz.0.2309'.
[  156.670038][T11498] wireguard0: entered promiscuous mode
[  156.829669][T11508] loop1: detected capacity change from 0 to 2048
[  156.936371][T11515] loop2: detected capacity change from 0 to 2048
[  157.018250][T11517] Invalid ELF header magic: != ELF
[  157.178829][T11530] Invalid ELF header magic: != ELF
[  157.325943][T11536] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=53 sclass=netlink_tcpdiag_socket pid=11536 comm=syz.0.2320
[  157.435011][T11548] loop3: detected capacity change from 0 to 512
[  157.444878][T11548] EXT4-fs (loop3): too many log groups per flexible block group
[  157.452615][T11548] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  157.459535][T11548] EXT4-fs (loop3): mount failed
[  157.466519][T11548] 9pnet_fd: Insufficient options for proto=fd
[  157.563632][T11554] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  157.819225][T11573] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  157.825828][T11573] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  157.834297][T11573] vhci_hcd vhci_hcd.0: Device attached
[  157.915374][T11581] FAULT_INJECTION: forcing a failure.
[  157.915374][T11581] name failslab, interval 1, probability 0, space 0, times 0
[  157.928241][T11581] CPU: 0 UID: 0 PID: 11581 Comm: syz.1.2335 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  157.928307][T11581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  157.928319][T11581] Call Trace:
[  157.928325][T11581]  <TASK>
[  157.928333][T11581]  __dump_stack+0x1d/0x30
[  157.928362][T11581]  dump_stack_lvl+0xe8/0x140
[  157.928390][T11581]  dump_stack+0x15/0x1b
[  157.928414][T11581]  should_fail_ex+0x265/0x280
[  157.928526][T11581]  should_failslab+0x8c/0xb0
[  157.928551][T11581]  kmem_cache_alloc_node_noprof+0x57/0x320
[  157.928583][T11581]  ? __alloc_skb+0x101/0x320
[  157.928615][T11581]  __alloc_skb+0x101/0x320
[  157.928644][T11581]  ? audit_log_start+0x365/0x6c0
[  157.928688][T11581]  audit_log_start+0x380/0x6c0
[  157.928734][T11581]  audit_seccomp+0x48/0x100
[  157.928827][T11581]  ? __seccomp_filter+0x68c/0x10d0
[  157.928900][T11581]  __seccomp_filter+0x69d/0x10d0
[  157.928932][T11581]  ? update_load_avg+0x1da/0x820
[  157.929009][T11581]  ? __list_add_valid_or_report+0x38/0xe0
[  157.929039][T11581]  ? _raw_spin_unlock+0x26/0x50
[  157.929142][T11581]  __secure_computing+0x82/0x150
[  157.929172][T11581]  syscall_trace_enter+0xcf/0x1e0
[  157.929225][T11581]  do_syscall_64+0xac/0x200
[  157.929264][T11581]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  157.929326][T11581]  ? clear_bhb_loop+0x40/0x90
[  157.929354][T11581]  ? clear_bhb_loop+0x40/0x90
[  157.929384][T11581]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.929408][T11581] RIP: 0033:0x7f86dcb1e969
[  157.929427][T11581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.929452][T11581] RSP: 002b:00007f86db187038 EFLAGS: 00000246 ORIG_RAX: 000000000000002b
[  157.929540][T11581] RAX: ffffffffffffffda RBX: 00007f86dcd45fa0 RCX: 00007f86dcb1e969
[  157.929556][T11581] RDX: 0000200000000780 RSI: 0000200000000700 RDI: ffffffffffffffff
[  157.929573][T11581] RBP: 00007f86db187090 R08: 0000000000000000 R09: 0000000000000000
[  157.929643][T11581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  157.929659][T11581] R13: 0000000000000000 R14: 00007f86dcd45fa0 R15: 00007ffcf002cf88
[  157.929684][T11581]  </TASK>
[  158.095917][T11574] vhci_hcd: connection closed
[  158.186765][   T37] vhci_hcd: stop threads
[  158.195834][   T37] vhci_hcd: release socket
[  158.200341][   T37] vhci_hcd: disconnect device
[  158.334229][T11579] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=53 sclass=netlink_tcpdiag_socket pid=11579 comm=syz.4.2334
[  158.401811][   T10] vhci_hcd: vhci_device speed not set
[  158.464011][T11595] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  158.730901][T11633] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  159.558197][T11681] loop1: detected capacity change from 0 to 512
[  159.620030][T11681] EXT4-fs (loop1): too many log groups per flexible block group
[  159.627812][T11681] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  159.631622][T11683] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  159.641110][T11683] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  159.641529][T11681] EXT4-fs (loop1): mount failed
[  159.649881][T11683] vhci_hcd vhci_hcd.0: Device attached
[  159.685068][T11685] vhci_hcd: connection closed
[  159.685861][  T110] vhci_hcd: stop threads
[  159.694864][  T110] vhci_hcd: release socket
[  159.699379][  T110] vhci_hcd: disconnect device
[  159.714141][T11681] 9pnet_fd: Insufficient options for proto=fd
[  159.724772][T11691] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  160.058618][   T29] kauditd_printk_skb: 684 callbacks suppressed
[  160.058637][   T29] audit: type=1326 audit(1748471922.859:8771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11709 comm="syz.0.2359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  160.101191][T11710] loop0: detected capacity change from 0 to 2048
[  160.108754][   T29] audit: type=1326 audit(1748471922.889:8772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11709 comm="syz.0.2359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  160.132411][   T29] audit: type=1326 audit(1748471922.889:8773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11709 comm="syz.0.2359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  160.156595][   T29] audit: type=1326 audit(1748471922.889:8774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11709 comm="syz.0.2359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  160.180429][   T29] audit: type=1326 audit(1748471922.889:8775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11709 comm="syz.0.2359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  160.204157][   T29] audit: type=1326 audit(1748471922.889:8776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11709 comm="syz.0.2359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  160.227867][   T29] audit: type=1326 audit(1748471922.889:8777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11709 comm="syz.0.2359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  160.251559][   T29] audit: type=1326 audit(1748471922.889:8778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11709 comm="syz.0.2359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  160.275080][   T29] audit: type=1326 audit(1748471922.889:8779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11709 comm="syz.0.2359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f16572c5927 code=0x7ffc0000
[  160.298689][   T29] audit: type=1326 audit(1748471922.889:8780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11709 comm="syz.0.2359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f165726ab39 code=0x7ffc0000
[  160.526462][T11719] Invalid ELF header magic: != ELF
[  160.766708][T11755] loop4: detected capacity change from 0 to 512
[  160.790554][T11754] loop2: detected capacity change from 0 to 2048
[  160.797881][T11755] EXT4-fs (loop4): too many log groups per flexible block group
[  160.805667][T11755] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  160.821997][T11755] EXT4-fs (loop4): mount failed
[  160.835804][T11755] 9pnet_fd: Insufficient options for proto=fd
[  160.859681][T11762] netlink: 'syz.3.2377': attribute type 10 has an invalid length.
[  160.867625][T11762] netlink: 'syz.3.2377': attribute type 19 has an invalid length.
[  160.875610][T11762] netlink: 156 bytes leftover after parsing attributes in process `syz.3.2377'.
[  161.046398][T11765] Invalid ELF header magic: != ELF
[  161.094810][T11784] loop3: detected capacity change from 0 to 1024
[  161.105271][T11784] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  161.148676][T11784] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  161.156813][T11784] EXT4-fs (loop3): orphan cleanup on readonly fs
[  161.163784][T11784] EXT4-fs error (device loop3): __ext4_get_inode_loc:4450: comm syz.3.2384: Invalid inode table block 0 in block_group 0
[  161.177347][T11784] EXT4-fs (loop3): Remounting filesystem read-only
[  161.184425][T11784] EXT4-fs (loop3): 1 truncate cleaned up
[  161.190732][T11784] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  161.378364][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.430126][T11799] loop1: detected capacity change from 0 to 512
[  161.495585][T11799] EXT4-fs: Ignoring removed nobh option
[  161.551084][T11800] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=53 sclass=netlink_tcpdiag_socket pid=11800 comm=syz.3.2386
[  161.565381][T11799] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.2387: invalid indirect mapped block 256 (level 2)
[  161.579439][T11799] EXT4-fs (loop1): 2 truncates cleaned up
[  161.585814][T11799] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.626227][T11807] loop4: detected capacity change from 0 to 2048
[  161.720648][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.882414][T11820] Invalid ELF header magic: != ELF
[  162.122982][T11841] loop2: detected capacity change from 0 to 512
[  162.201387][T11847] loop0: detected capacity change from 0 to 2048
[  162.209660][T11841] EXT4-fs (loop2): too many log groups per flexible block group
[  162.217442][T11841] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  162.225598][T11841] EXT4-fs (loop2): mount failed
[  162.270097][T11841] 9pnet_fd: Insufficient options for proto=fd
[  162.321445][T11852] loop0: detected capacity change from 0 to 512
[  162.328252][T11852] EXT4-fs: Ignoring removed nobh option
[  162.336059][T11852] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.2402: invalid indirect mapped block 256 (level 2)
[  162.350634][T11852] EXT4-fs (loop0): 2 truncates cleaned up
[  162.357256][T11852] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.389711][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.399946][T11855] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2403'.
[  162.526563][T11867] Invalid ELF header magic: != ELF
[  162.748976][T11882] loop4: detected capacity change from 0 to 2048
[  162.848703][T11889] loop4: detected capacity change from 0 to 512
[  162.855461][T11889] EXT4-fs: Ignoring removed nobh option
[  162.862675][T11889] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.2415: invalid indirect mapped block 256 (level 2)
[  162.878502][T11889] EXT4-fs (loop4): 2 truncates cleaned up
[  162.884832][T11889] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.900092][T11891] loop2: detected capacity change from 0 to 512
[  162.935772][T11891] EXT4-fs (loop2): too many log groups per flexible block group
[  162.943664][T11891] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  162.950803][T11891] EXT4-fs (loop2): mount failed
[  162.964312][T11897] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  162.973911][T11891] 9pnet_fd: Insufficient options for proto=fd
[  162.981586][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.174518][T11905] Invalid ELF header magic: != ELF
[  163.507604][T11916] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2421'.
[  163.779239][T11939] loop2: detected capacity change from 0 to 2048
[  163.877455][T11955] loop4: detected capacity change from 0 to 2048
[  163.953139][T11967] loop4: detected capacity change from 0 to 512
[  163.959769][T11967] EXT4-fs: Ignoring removed nobh option
[  163.968242][T11967] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.2428: invalid indirect mapped block 256 (level 2)
[  163.982443][T11967] EXT4-fs (loop4): 2 truncates cleaned up
[  163.990732][T11967] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.039005][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.063612][T11979] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  164.666872][T12043] loop2: detected capacity change from 0 to 512
[  164.684794][T12043] EXT4-fs: Ignoring removed nobh option
[  164.700380][T12043] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.2440: invalid indirect mapped block 256 (level 2)
[  164.708374][T12050] loop0: detected capacity change from 0 to 2048
[  164.719447][T12043] EXT4-fs (loop2): 2 truncates cleaned up
[  164.729248][T12043] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.778023][T12052] syz2: rxe_newlink: already configured on veth0_to_bond
[  164.790536][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.915867][T12058] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  164.922446][T12058] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  164.930555][T12058] vhci_hcd vhci_hcd.0: Device attached
[  165.057593][T12061] Invalid ELF header magic: != ELF
[  165.093756][   T29] kauditd_printk_skb: 598 callbacks suppressed
[  165.093775][   T29] audit: type=1326 audit(1748471927.879:9377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12057 comm="syz.2.2444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=267 compat=0 ip=0x7f0c957de969 code=0x7ffc0000
[  165.126178][T12064] vhci_hcd: connection closed
[  165.128824][T12070] loop3: detected capacity change from 0 to 1024
[  165.152335][   T12] vhci_hcd: stop threads
[  165.156713][   T12] vhci_hcd: release socket
[  165.161197][   T12] vhci_hcd: disconnect device
[  165.183915][ T3374] usb 5-1: new low-speed USB device number 4 using vhci_hcd
[  165.187029][   T29] audit: type=1326 audit(1748471927.899:9378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12057 comm="syz.2.2444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c957de969 code=0x7ffc0000
[  165.191509][ T3374] usb 5-1: enqueue for inactive port 0
[  165.214840][   T29] audit: type=1326 audit(1748471927.899:9379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12057 comm="syz.2.2444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c957de969 code=0x7ffc0000
[  165.227570][ T3374] usb 5-1: enqueue for inactive port 0
[  165.262664][ T3374] usb 5-1: enqueue for inactive port 0
[  165.272357][T12070] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.320919][   T29] audit: type=1400 audit(1748471928.119:9380): avc:  denied  { setattr } for  pid=12073 comm="syz.0.2448" name="file0" dev="tmpfs" ino=2625 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  165.343989][ T3374] vhci_hcd: vhci_device speed not set
[  165.411244][   T29] audit: type=1400 audit(1748471928.209:9381): avc:  denied  { read } for  pid=12080 comm="syz.0.2449" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  165.436108][   T29] audit: type=1400 audit(1748471928.209:9382): avc:  denied  { open } for  pid=12080 comm="syz.0.2449" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  165.459480][   T29] audit: type=1400 audit(1748471928.209:9383): avc:  denied  { ioctl } for  pid=12080 comm="syz.0.2449" path="/dev/ppp" dev="devtmpfs" ino=140 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  165.555538][   T29] audit: type=1400 audit(1748471928.359:9384): avc:  denied  { ioctl } for  pid=12092 comm="syz.4.2451" path="socket:[28078]" dev="sockfs" ino=28078 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  165.580358][   T29] audit: type=1400 audit(1748471928.359:9385): avc:  denied  { bind } for  pid=12092 comm="syz.4.2451" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  165.622985][T12097] loop0: detected capacity change from 0 to 2048
[  165.668937][T12103] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  165.704490][T12107] netlink: 80 bytes leftover after parsing attributes in process `syz.2.2457'.
[  165.736190][   T29] audit: type=1326 audit(1748471928.539:9386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12108 comm="syz.4.2458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bd96de969 code=0x7ffc0000
[  165.771434][T12107] wireguard0: entered promiscuous mode
[  165.861497][T12119] FAULT_INJECTION: forcing a failure.
[  165.861497][T12119] name failslab, interval 1, probability 0, space 0, times 0
[  165.874277][T12119] CPU: 1 UID: 0 PID: 12119 Comm: syz.0.2460 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  165.874306][T12119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  165.874318][T12119] Call Trace:
[  165.874324][T12119]  <TASK>
[  165.874331][T12119]  __dump_stack+0x1d/0x30
[  165.874358][T12119]  dump_stack_lvl+0xe8/0x140
[  165.874425][T12119]  dump_stack+0x15/0x1b
[  165.874466][T12119]  should_fail_ex+0x265/0x280
[  165.874504][T12119]  should_failslab+0x8c/0xb0
[  165.874529][T12119]  kmem_cache_alloc_node_noprof+0x57/0x320
[  165.874555][T12119]  ? __alloc_skb+0x101/0x320
[  165.874582][T12119]  __alloc_skb+0x101/0x320
[  165.874656][T12119]  netlink_alloc_large_skb+0xba/0xf0
[  165.874686][T12119]  netlink_sendmsg+0x3cf/0x6b0
[  165.874768][T12119]  ? __pfx_netlink_sendmsg+0x10/0x10
[  165.874819][T12119]  __sock_sendmsg+0x145/0x180
[  165.874871][T12119]  ____sys_sendmsg+0x31e/0x4e0
[  165.874910][T12119]  ___sys_sendmsg+0x17b/0x1d0
[  165.875132][T12119]  __x64_sys_sendmsg+0xd4/0x160
[  165.875174][T12119]  x64_sys_call+0x2999/0x2fb0
[  165.875202][T12119]  do_syscall_64+0xd2/0x200
[  165.875274][T12119]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  165.875310][T12119]  ? clear_bhb_loop+0x40/0x90
[  165.875338][T12119]  ? clear_bhb_loop+0x40/0x90
[  165.875372][T12119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.875463][T12119] RIP: 0033:0x7f16572ce969
[  165.875482][T12119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.875504][T12119] RSP: 002b:00007f1655937038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  165.875526][T12119] RAX: ffffffffffffffda RBX: 00007f16574f5fa0 RCX: 00007f16572ce969
[  165.875541][T12119] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  165.875555][T12119] RBP: 00007f1655937090 R08: 0000000000000000 R09: 0000000000000000
[  165.875569][T12119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.875608][T12119] R13: 0000000000000000 R14: 00007f16574f5fa0 R15: 00007ffc68d49038
[  165.875681][T12119]  </TASK>
[  166.114815][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.127616][T12121] loop0: detected capacity change from 0 to 512
[  166.165331][T12121] EXT4-fs: Ignoring removed nobh option
[  166.186235][T12121] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.2461: invalid indirect mapped block 256 (level 2)
[  166.204192][T12121] EXT4-fs (loop0): 2 truncates cleaned up
[  166.214335][T12121] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.268697][T12136] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2466'.
[  166.283644][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.313633][T12139] loop1: detected capacity change from 0 to 2048
[  166.363136][T12147] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  166.445592][T12154] loop1: detected capacity change from 0 to 2048
[  166.525600][T12167] loop2: detected capacity change from 0 to 1024
[  166.570053][T12171] loop0: detected capacity change from 0 to 512
[  166.571884][T12167] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.606008][T12171] EXT4-fs (loop0): too many log groups per flexible block group
[  166.613939][T12171] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  166.626362][T12171] EXT4-fs (loop0): mount failed
[  166.639175][T12171] 9pnet_fd: Insufficient options for proto=fd
[  166.709053][T12192] netlink: 80 bytes leftover after parsing attributes in process `syz.4.2474'.
[  166.729376][T12192] wireguard0: entered promiscuous mode
[  166.760210][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.853933][T12212] loop2: detected capacity change from 0 to 2048
[  166.866621][T12215] netlink: 'syz.4.2476': attribute type 10 has an invalid length.
[  166.874616][T12215] netlink: 'syz.4.2476': attribute type 19 has an invalid length.
[  166.882758][T12215] netlink: 156 bytes leftover after parsing attributes in process `syz.4.2476'.
[  167.020250][T12234] loop3: detected capacity change from 0 to 512
[  167.020751][T12236] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2479'.
[  167.027031][T12234] EXT4-fs: Ignoring removed nobh option
[  167.043292][T12234] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.2478: invalid indirect mapped block 256 (level 2)
[  167.057627][T12234] EXT4-fs (loop3): 2 truncates cleaned up
[  167.065415][T12234] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.072009][T12239] loop4: detected capacity change from 0 to 2048
[  167.094575][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.139225][T12241] syz2: rxe_newlink: already configured on veth0_to_bond
[  167.157136][T12245] loop4: detected capacity change from 0 to 512
[  167.164530][T12245] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors
[  167.175463][T12245] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 not in group (block 2)!
[  167.185553][T12245] EXT4-fs (loop4): group descriptors corrupted!
[  167.257431][T12250] loop3: detected capacity change from 0 to 2048
[  167.516508][T12281] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2490'.
[  167.550044][T12286] loop4: detected capacity change from 0 to 512
[  167.556786][T12286] EXT4-fs: Ignoring removed nobh option
[  167.566633][T12286] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.2491: invalid indirect mapped block 256 (level 2)
[  167.580467][T12286] EXT4-fs (loop4): 2 truncates cleaned up
[  167.587870][T12286] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.615036][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.689866][T12302] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  167.713488][T12305] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  167.755302][T12310] loop4: detected capacity change from 0 to 2048
[  167.925921][T12342] loop2: detected capacity change from 0 to 512
[  167.935806][T12342] EXT4-fs (loop2): too many log groups per flexible block group
[  167.943673][T12342] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  167.951196][T12342] EXT4-fs (loop2): mount failed
[  167.960112][T12342] 9pnet_fd: Insufficient options for proto=fd
[  168.335524][T12382] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2502'.
[  168.364805][T12384] loop1: detected capacity change from 0 to 512
[  168.371426][T12384] EXT4-fs: Ignoring removed nobh option
[  168.386805][T12384] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.2503: invalid indirect mapped block 256 (level 2)
[  168.405261][T12384] EXT4-fs (loop1): 2 truncates cleaned up
[  168.425338][T12384] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.491486][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.546521][T12389] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  168.590326][T12391] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  168.671114][T12402] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  168.677881][T12402] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  168.695840][T12402] vhci_hcd vhci_hcd.0: Device attached
[  168.770296][T12410] loop4: detected capacity change from 0 to 2048
[  168.787412][T12411] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=53 sclass=netlink_tcpdiag_socket pid=12411 comm=syz.1.2509
[  168.883070][T12415] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2513'.
[  168.927635][T12403] vhci_hcd: connection closed
[  168.927772][   T37] vhci_hcd: stop threads
[  168.936816][   T37] vhci_hcd: release socket
[  168.941244][   T37] vhci_hcd: disconnect device
[  168.946089][ T3374] usb 1-1: new low-speed USB device number 3 using vhci_hcd
[  168.955104][ T3374] usb 1-1: enqueue for inactive port 0
[  168.982438][ T3374] usb 1-1: enqueue for inactive port 0
[  168.994842][ T3374] usb 1-1: enqueue for inactive port 0
[  169.074846][ T3374] vhci_hcd: vhci_device speed not set
[  169.275441][T12430] loop1: detected capacity change from 0 to 2048
[  169.300752][T12435] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  169.312311][T12432] syz2: rxe_newlink: already configured on veth0_to_bond
[  169.411239][T12443] loop3: detected capacity change from 0 to 512
[  169.436609][T12443] EXT4-fs (loop3): too many log groups per flexible block group
[  169.444482][T12443] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  169.452308][T12443] EXT4-fs (loop3): mount failed
[  169.460409][T12443] 9pnet_fd: Insufficient options for proto=fd
[  169.482057][T12449] loop0: detected capacity change from 0 to 2048
[  169.978114][T12507] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  169.991395][T12510] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  170.014813][T12513] loop2: detected capacity change from 0 to 1024
[  170.041198][T12513] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.105214][   T29] kauditd_printk_skb: 532 callbacks suppressed
[  170.105234][   T29] audit: type=1326 audit(1748471932.899:9919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12518 comm="syz.0.2534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f16572cd2d0 code=0x7ffc0000
[  170.135340][   T29] audit: type=1326 audit(1748471932.899:9920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12518 comm="syz.0.2534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f16572cd41f code=0x7ffc0000
[  170.169281][T12521] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  170.175884][T12521] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  170.184633][T12521] vhci_hcd vhci_hcd.0: Device attached
[  170.187578][T12531] netlink: 'syz.4.2536': attribute type 10 has an invalid length.
[  170.198610][T12531] netlink: 'syz.4.2536': attribute type 19 has an invalid length.
[  170.206478][T12531] netlink: 156 bytes leftover after parsing attributes in process `syz.4.2536'.
[  170.216077][   T29] audit: type=1326 audit(1748471932.999:9921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12518 comm="syz.0.2534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f16572cd5ca code=0x7ffc0000
[  170.239564][   T29] audit: type=1326 audit(1748471932.999:9922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12518 comm="syz.0.2534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  170.246559][T12525] vhci_hcd: connection closed
[  170.263201][   T29] audit: type=1326 audit(1748471932.999:9923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12518 comm="syz.0.2534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  170.291676][   T29] audit: type=1326 audit(1748471932.999:9924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12518 comm="syz.0.2534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=267 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  170.315510][   T29] audit: type=1326 audit(1748471932.999:9925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12518 comm="syz.0.2534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  170.339043][   T29] audit: type=1326 audit(1748471933.009:9926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12518 comm="syz.0.2534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  170.362601][   T29] audit: type=1326 audit(1748471933.009:9927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12518 comm="syz.0.2534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  170.387271][   T29] audit: type=1326 audit(1748471933.009:9928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12518 comm="syz.0.2534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  170.387986][   T12] vhci_hcd: stop threads
[  170.415207][   T12] vhci_hcd: release socket
[  170.419642][   T12] vhci_hcd: disconnect device
[  170.443953][ T3374] usb 1-1: new low-speed USB device number 4 using vhci_hcd
[  170.451327][ T3374] usb 1-1: enqueue for inactive port 0
[  170.461445][T12538] loop4: detected capacity change from 0 to 512
[  170.468963][ T3374] usb 1-1: enqueue for inactive port 0
[  170.474607][ T3374] usb 1-1: enqueue for inactive port 0
[  170.475734][T12538] EXT4-fs: Ignoring removed nobh option
[  170.482521][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.489063][T12538] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.2539: invalid indirect mapped block 256 (level 2)
[  170.509849][T12538] EXT4-fs (loop4): 2 truncates cleaned up
[  170.523590][T12538] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.543949][ T3374] vhci_hcd: vhci_device speed not set
[  170.581374][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.747919][T12556] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  170.818703][T12567] loop1: detected capacity change from 0 to 2048
[  170.930050][T12584] loop0: detected capacity change from 0 to 512
[  170.946503][T12584] EXT4-fs (loop0): too many log groups per flexible block group
[  170.954312][T12584] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  170.962170][T12584] EXT4-fs (loop0): mount failed
[  170.969924][T12584] 9pnet_fd: Insufficient options for proto=fd
[  171.400573][T12644] loop2: detected capacity change from 0 to 1024
[  171.427476][T12644] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.573765][T12672] FAULT_INJECTION: forcing a failure.
[  171.573765][T12672] name failslab, interval 1, probability 0, space 0, times 0
[  171.586573][T12672] CPU: 1 UID: 0 PID: 12672 Comm: syz.4.2549 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  171.586613][T12672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  171.586629][T12672] Call Trace:
[  171.586636][T12672]  <TASK>
[  171.586644][T12672]  __dump_stack+0x1d/0x30
[  171.586666][T12672]  dump_stack_lvl+0xe8/0x140
[  171.586761][T12672]  dump_stack+0x15/0x1b
[  171.586784][T12672]  should_fail_ex+0x265/0x280
[  171.586862][T12672]  ? getname_flags+0x208/0x3b0
[  171.586888][T12672]  should_failslab+0x8c/0xb0
[  171.586912][T12672]  __kmalloc_cache_noprof+0x4c/0x320
[  171.586947][T12672]  getname_flags+0x208/0x3b0
[  171.586970][T12672]  io_unlinkat_prep+0x14f/0x1b0
[  171.586993][T12672]  io_submit_sqes+0x5e2/0xfd0
[  171.587091][T12672]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  171.587167][T12672]  ? 0xffffffff81000000
[  171.587180][T12672]  ? __rcu_read_unlock+0x4f/0x70
[  171.587202][T12672]  ? get_pid_task+0x96/0xd0
[  171.587228][T12672]  ? proc_fail_nth_write+0x12d/0x160
[  171.587303][T12672]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  171.587382][T12672]  ? vfs_write+0x75e/0x8e0
[  171.587421][T12672]  ? __rcu_read_unlock+0x4f/0x70
[  171.587459][T12672]  ? __fget_files+0x184/0x1c0
[  171.587504][T12672]  ? fput+0x8f/0xc0
[  171.587528][T12672]  __x64_sys_io_uring_enter+0x78/0x90
[  171.587560][T12672]  x64_sys_call+0x28c8/0x2fb0
[  171.587648][T12672]  do_syscall_64+0xd2/0x200
[  171.587734][T12672]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  171.587768][T12672]  ? clear_bhb_loop+0x40/0x90
[  171.587822][T12672]  ? clear_bhb_loop+0x40/0x90
[  171.587868][T12672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.587897][T12672] RIP: 0033:0x7f5bd96de969
[  171.587917][T12672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.587981][T12672] RSP: 002b:00007f5bd7d47038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  171.588008][T12672] RAX: ffffffffffffffda RBX: 00007f5bd9905fa0 RCX: 00007f5bd96de969
[  171.588024][T12672] RDX: 0000000000000000 RSI: 0000000000001d69 RDI: 0000000000000003
[  171.588041][T12672] RBP: 00007f5bd7d47090 R08: 0000000000000000 R09: 0000000000000000
[  171.588134][T12672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.588151][T12672] R13: 0000000000000000 R14: 00007f5bd9905fa0 R15: 00007fffb0bd30a8
[  171.588178][T12672]  </TASK>
[  171.830160][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.861177][T12675] netlink: 'syz.3.2551': attribute type 10 has an invalid length.
[  171.869213][T12675] netlink: 'syz.3.2551': attribute type 19 has an invalid length.
[  171.877076][T12675] netlink: 156 bytes leftover after parsing attributes in process `syz.3.2551'.
[  171.890752][T12677] loop1: detected capacity change from 0 to 512
[  171.899748][T12677] EXT4-fs: Ignoring removed nobh option
[  171.929175][T12677] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.2552: invalid indirect mapped block 256 (level 2)
[  171.977065][T12677] EXT4-fs (loop1): 2 truncates cleaned up
[  171.983566][T12677] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.016863][T12677] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2552: bg 0: block 5: invalid block bitmap
[  172.066275][T12677] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  172.078570][T12677] EXT4-fs (loop1): This should not happen!! Data will be lost
[  172.078570][T12677] 
[  172.088372][T12677] EXT4-fs (loop1): Total free blocks count 0
[  172.094445][T12677] EXT4-fs (loop1): Free/Dirty block details
[  172.100368][T12677] EXT4-fs (loop1): free_blocks=0
[  172.105409][T12677] EXT4-fs (loop1): dirty_blocks=66
[  172.110548][T12677] EXT4-fs (loop1): Block reservation details
[  172.116650][T12677] EXT4-fs (loop1): i_reserved_data_blocks=66
[  172.122961][T12690] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  172.129566][T12690] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  172.140103][T12690] vhci_hcd vhci_hcd.0: Device attached
[  172.159944][ T1474] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 64 with error 28
[  172.172590][T12696] vhci_hcd: connection closed
[  172.173342][   T12] vhci_hcd: stop threads
[  172.178208][T12701] loop3: detected capacity change from 0 to 512
[  172.188949][   T12] vhci_hcd: release socket
[  172.193380][   T12] vhci_hcd: disconnect device
[  172.205071][T12701] EXT4-fs (loop3): too many log groups per flexible block group
[  172.212834][T12701] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  172.221139][T12705] loop0: detected capacity change from 0 to 512
[  172.227951][T12705] EXT4-fs: Ignoring removed nomblk_io_submit option
[  172.234805][T12705] EXT4-fs: Ignoring removed mblk_io_submit option
[  172.239252][T12701] EXT4-fs (loop3): mount failed
[  172.243171][T12705] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  172.254637][T12705] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[  172.258619][T12701] 9pnet_fd: Insufficient options for proto=fd
[  172.263380][T12705] EXT4-fs (loop0): 1 truncate cleaned up
[  172.274922][T12705] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.311618][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.351517][T12712] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2562'.
[  172.399968][T12717] loop1: detected capacity change from 0 to 2048
[  172.600902][T12721] loop0: detected capacity change from 0 to 512
[  172.614901][T12721] EXT4-fs (loop0): too many log groups per flexible block group
[  172.622756][T12721] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  172.630518][T12721] EXT4-fs (loop0): mount failed
[  172.637397][T12721] 9pnet_fd: Insufficient options for proto=fd
[  172.856854][T12732] loop4: detected capacity change from 0 to 1024
[  172.864952][T12732] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  172.877209][T12732] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  172.885336][T12732] EXT4-fs (loop4): orphan cleanup on readonly fs
[  172.892204][T12732] EXT4-fs error (device loop4): __ext4_get_inode_loc:4450: comm syz.4.2568: Invalid inode table block 0 in block_group 0
[  172.906869][T12732] EXT4-fs (loop4): Remounting filesystem read-only
[  172.913533][T12732] EXT4-fs (loop4): 1 truncate cleaned up
[  172.920258][T12732] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  172.953516][T12737] loop2: detected capacity change from 0 to 512
[  172.960478][T12737] EXT4-fs: Ignoring removed nobh option
[  172.969380][T12737] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.2570: invalid indirect mapped block 256 (level 2)
[  172.983779][T12737] EXT4-fs (loop2): 2 truncates cleaned up
[  172.991416][T12737] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.008170][T12737] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.2570: bg 0: block 5: invalid block bitmap
[  173.023702][T12737] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  173.037634][T12737] EXT4-fs (loop2): This should not happen!! Data will be lost
[  173.037634][T12737] 
[  173.047560][T12737] EXT4-fs (loop2): Total free blocks count 0
[  173.053671][T12737] EXT4-fs (loop2): Free/Dirty block details
[  173.059682][T12737] EXT4-fs (loop2): free_blocks=0
[  173.064846][T12737] EXT4-fs (loop2): dirty_blocks=66
[  173.069976][T12737] EXT4-fs (loop2): Block reservation details
[  173.076091][T12737] EXT4-fs (loop2): i_reserved_data_blocks=66
[  173.095831][ T1474] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 64 with error 28
[  173.138794][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.153656][T12745] loop2: detected capacity change from 0 to 1024
[  173.161219][T12745] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  173.181612][T12745] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  173.192696][T12745] EXT4-fs (loop2): orphan cleanup on readonly fs
[  173.206556][T12745] EXT4-fs error (device loop2): __ext4_get_inode_loc:4450: comm syz.2.2572: Invalid inode table block 0 in block_group 0
[  173.219547][T12745] EXT4-fs (loop2): Remounting filesystem read-only
[  173.226735][T12745] EXT4-fs (loop2): 1 truncate cleaned up
[  173.239182][T12745] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  173.269131][T12754] netlink: 'syz.1.2575': attribute type 10 has an invalid length.
[  173.277314][T12754] netlink: 'syz.1.2575': attribute type 19 has an invalid length.
[  173.285408][T12754] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2575'.
[  173.376835][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.517817][T12781] loop0: detected capacity change from 0 to 2048
[  174.251885][T12874] loop1: detected capacity change from 0 to 2048
[  174.269496][T12878] netlink: 'syz.4.2586': attribute type 10 has an invalid length.
[  174.277499][T12878] netlink: 'syz.4.2586': attribute type 19 has an invalid length.
[  174.285429][T12878] netlink: 156 bytes leftover after parsing attributes in process `syz.4.2586'.
[  174.439763][T12890] loop0: detected capacity change from 0 to 512
[  174.459392][T12890] EXT4-fs (loop0): too many log groups per flexible block group
[  174.467207][T12890] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  174.482616][T12890] EXT4-fs (loop0): mount failed
[  174.487794][T12884] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=53 sclass=netlink_tcpdiag_socket pid=12884 comm=syz.2.2587
[  174.504398][T12890] 9pnet_fd: Insufficient options for proto=fd
[  174.597498][T12897] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=53 sclass=netlink_tcpdiag_socket pid=12897 comm=syz.4.2590
[  175.186680][T12920] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  175.256690][T12922] netlink: 'syz.0.2598': attribute type 10 has an invalid length.
[  175.264619][T12922] netlink: 'syz.0.2598': attribute type 19 has an invalid length.
[  175.272445][T12922] netlink: 156 bytes leftover after parsing attributes in process `syz.0.2598'.
[  175.381442][T12930] loop1: detected capacity change from 0 to 2048
[  175.896080][   T29] kauditd_printk_skb: 121 callbacks suppressed
[  175.896100][   T29] audit: type=1326 audit(1748471938.699:10046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12951 comm="syz.0.2607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  175.951863][   T29] audit: type=1326 audit(1748471938.699:10047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12951 comm="syz.0.2607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  175.975652][   T29] audit: type=1326 audit(1748471938.729:10048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12951 comm="syz.0.2607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  175.993390][T12952] loop0: detected capacity change from 0 to 2048
[  175.999326][   T29] audit: type=1326 audit(1748471938.729:10049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12951 comm="syz.0.2607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  176.029359][   T29] audit: type=1326 audit(1748471938.729:10050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12951 comm="syz.0.2607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  176.053141][   T29] audit: type=1326 audit(1748471938.729:10051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12951 comm="syz.0.2607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  176.076897][   T29] audit: type=1326 audit(1748471938.729:10052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12951 comm="syz.0.2607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  176.100587][   T29] audit: type=1326 audit(1748471938.729:10053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12951 comm="syz.0.2607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  176.124196][   T29] audit: type=1326 audit(1748471938.729:10054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12951 comm="syz.0.2607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f16572ce969 code=0x7ffc0000
[  176.147836][   T29] audit: type=1326 audit(1748471938.729:10055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12951 comm="syz.0.2607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f16572ce9a3 code=0x7ffc0000
[  176.252864][T12964] netlink: 'syz.3.2610': attribute type 10 has an invalid length.
[  176.260893][T12964] netlink: 'syz.3.2610': attribute type 19 has an invalid length.
[  176.268848][T12964] netlink: 156 bytes leftover after parsing attributes in process `syz.3.2610'.
[  176.291053][T12965] loop1: detected capacity change from 0 to 512
[  176.306623][T12965] EXT4-fs (loop1): too many log groups per flexible block group
[  176.314388][T12965] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  176.321432][T12965] EXT4-fs (loop1): mount failed
[  176.329779][T12965] 9pnet_fd: Insufficient options for proto=fd
[  176.680524][T12977] infiniband syz!: set down
[  176.685124][T12977] infiniband syz!: added team_slave_0
[  176.700158][T12977] RDS/IB: syz!: added
[  176.704779][T12977] smc: adding ib device syz! with port count 1
[  176.712636][T12977] smc:    ib device syz! port 1 has pnetid 
[  177.411355][T13017] syz!: rxe_newlink: already configured on team_slave_0
[  177.423348][T13017] netlink: 'syz.2.2621': attribute type 39 has an invalid length.
[  177.512298][T13022] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  177.540361][T13022] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.607089][T13022] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.696343][T13022] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.738561][T13053] loop0: detected capacity change from 0 to 2048
[  177.749686][T13022] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.798103][T13022] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  177.811072][T13022] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  177.823668][T13022] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  177.836447][T13022] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  177.925316][T13076] loop3: detected capacity change from 0 to 1024
[  177.936174][T13076] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.076924][T13099] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  178.115067][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.160566][T13110] loop1: detected capacity change from 0 to 1024
[  178.178361][T13110] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.354303][T13126] loop2: detected capacity change from 0 to 1024
[  178.361769][T13126] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  178.373564][T13126] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  178.373610][ T3321] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.381701][T13126] EXT4-fs (loop2): orphan cleanup on readonly fs
[  178.397927][T13126] EXT4-fs error (device loop2): __ext4_get_inode_loc:4450: comm syz.2.2637: Invalid inode table block 0 in block_group 0
[  178.412587][T13126] EXT4-fs (loop2): Remounting filesystem read-only
[  178.417550][T13129] netlink: 'syz.1.2638': attribute type 10 has an invalid length.
[  178.419775][T13126] EXT4-fs (loop2): 1 truncate cleaned up
[  178.427129][T13129] netlink: 'syz.1.2638': attribute type 19 has an invalid length.
[  178.437484][T13126] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  178.440565][T13129] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2638'.
[  178.511781][T13131] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  178.606796][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.623586][T13142] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  178.840396][T13163] loop1: detected capacity change from 0 to 2048
[  178.841268][T13165] 9pnet_fd: Insufficient options for proto=fd
[  178.889848][T13170] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2654'.
[  178.983519][T13176] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  179.272982][T13189] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=53 sclass=netlink_tcpdiag_socket pid=13189 comm=syz.3.2661
[  179.283316][T13201] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=53 sclass=netlink_tcpdiag_socket pid=13201 comm=syz.4.2663
[  179.300980][T13203] 9pnet_fd: Insufficient options for proto=fd
[  179.362202][T13207] loop0: detected capacity change from 0 to 256
[  179.369460][T13207] msdos: Unknown parameter '�?��H�(�B�����a��"!5�'
[  179.432408][T13211] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2669'.
[  179.499427][T13217] loop4: detected capacity change from 0 to 512
[  179.515369][T13217] EXT4-fs (loop4): too many log groups per flexible block group
[  179.523130][T13217] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  179.530173][T13217] EXT4-fs (loop4): mount failed
[  179.536964][T13219] syz2: rxe_newlink: already configured on veth0_to_bond
[  179.537909][T13217] 9pnet_fd: Insufficient options for proto=fd
[  179.782356][T13237] 9pnet_fd: Insufficient options for proto=fd
[  179.814672][T13241] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2681'.
[  179.820354][T13243] FAULT_INJECTION: forcing a failure.
[  179.820354][T13243] name failslab, interval 1, probability 0, space 0, times 0
[  179.836514][T13243] CPU: 0 UID: 0 PID: 13243 Comm: syz.1.2680 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  179.836549][T13243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  179.836566][T13243] Call Trace:
[  179.836575][T13243]  <TASK>
[  179.836585][T13243]  __dump_stack+0x1d/0x30
[  179.836614][T13243]  dump_stack_lvl+0xe8/0x140
[  179.836642][T13243]  dump_stack+0x15/0x1b
[  179.836689][T13243]  should_fail_ex+0x265/0x280
[  179.836729][T13243]  should_failslab+0x8c/0xb0
[  179.836762][T13243]  __kmalloc_noprof+0xa5/0x3e0
[  179.836794][T13243]  ? security_sk_alloc+0x52/0x120
[  179.836853][T13243]  security_sk_alloc+0x52/0x120
[  179.836893][T13243]  sk_prot_alloc+0xc2/0x190
[  179.836928][T13243]  sk_alloc+0x34/0x360
[  179.837033][T13243]  inet_create+0x3c0/0x780
[  179.837068][T13243]  __sock_create+0x2e9/0x5b0
[  179.837096][T13243]  sock_create_kern+0x38/0x50
[  179.837121][T13243]  mptcp_subflow_create_socket+0x84/0x630
[  179.837159][T13243]  __mptcp_nmpc_sk+0xb3/0x3b0
[  179.837263][T13243]  mptcp_sendmsg_fastopen+0x90/0x320
[  179.837297][T13243]  mptcp_sendmsg+0xe22/0xf00
[  179.837366][T13243]  ? selinux_socket_sendmsg+0x175/0x1b0
[  179.837436][T13243]  ? __pfx_mptcp_sendmsg+0x10/0x10
[  179.837465][T13243]  inet_sendmsg+0xc5/0xd0
[  179.837579][T13243]  __sock_sendmsg+0x102/0x180
[  179.837617][T13243]  ____sys_sendmsg+0x31e/0x4e0
[  179.837721][T13243]  ___sys_sendmsg+0x17b/0x1d0
[  179.837803][T13243]  __x64_sys_sendmsg+0xd4/0x160
[  179.837841][T13243]  x64_sys_call+0x2999/0x2fb0
[  179.837863][T13243]  do_syscall_64+0xd2/0x200
[  179.837902][T13243]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  179.838000][T13243]  ? clear_bhb_loop+0x40/0x90
[  179.838029][T13243]  ? clear_bhb_loop+0x40/0x90
[  179.838054][T13243]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.838084][T13243] RIP: 0033:0x7f86dcb1e969
[  179.838099][T13243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  179.838187][T13243] RSP: 002b:00007f86db187038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  179.838206][T13243] RAX: ffffffffffffffda RBX: 00007f86dcd45fa0 RCX: 00007f86dcb1e969
[  179.838223][T13243] RDX: 0000000030004001 RSI: 0000200000000080 RDI: 0000000000000003
[  179.838240][T13243] RBP: 00007f86db187090 R08: 0000000000000000 R09: 0000000000000000
[  179.838310][T13243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  179.838328][T13243] R13: 0000000000000000 R14: 00007f86dcd45fa0 R15: 00007ffcf002cf88
[  179.838355][T13243]  </TASK>
[  180.213601][T13257] loop3: detected capacity change from 0 to 2048
[  180.888206][T13297] 9pnet_fd: Insufficient options for proto=fd
[  180.982167][   T29] kauditd_printk_skb: 128 callbacks suppressed
[  180.982187][   T29] audit: type=1400 audit(1748471943.779:10182): avc:  denied  { ioctl } for  pid=13305 comm="+}[@" path="socket:[30345]" dev="sockfs" ino=30345 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sock_file permissive=1
[  181.017726][   T29] audit: type=1400 audit(1748471943.819:10183): avc:  denied  { read } for  pid=13305 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  181.076896][   T29] audit: type=1326 audit(1748471943.879:10184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13315 comm="syz.3.2697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58dbb7e969 code=0x7ffc0000
[  181.102200][   T29] audit: type=1326 audit(1748471943.879:10185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13315 comm="syz.3.2697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58dbb7e969 code=0x7ffc0000
[  181.126433][   T29] audit: type=1326 audit(1748471943.879:10186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13315 comm="syz.3.2697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f58dbb7e969 code=0x7ffc0000
[  181.150148][   T29] audit: type=1326 audit(1748471943.879:10187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13315 comm="syz.3.2697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58dbb7e969 code=0x7ffc0000
[  181.152300][T13317] loop0: detected capacity change from 0 to 512
[  181.173766][   T29] audit: type=1326 audit(1748471943.879:10188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13315 comm="syz.3.2697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f58dbb7e969 code=0x7ffc0000
[  181.173809][   T29] audit: type=1326 audit(1748471943.879:10189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13315 comm="syz.3.2697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58dbb7e969 code=0x7ffc0000
[  181.227327][   T29] audit: type=1326 audit(1748471943.879:10190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13315 comm="syz.3.2697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f58dbb7e969 code=0x7ffc0000
[  181.253368][T13317] EXT4-fs (loop0): too many log groups per flexible block group
[  181.261191][T13317] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  181.274010][T13317] EXT4-fs (loop0): mount failed
[  181.290564][T13317] 9pnet_fd: Insufficient options for proto=fd
[  181.316386][T13327] netlink: 'syz.2.2700': attribute type 20 has an invalid length.
[  181.324313][T13327] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2700'.
[  181.336861][T13329] netlink: 'syz.4.2701': attribute type 10 has an invalid length.
[  181.344846][T13329] netlink: 'syz.4.2701': attribute type 19 has an invalid length.
[  181.352898][T13329] netlink: 156 bytes leftover after parsing attributes in process `syz.4.2701'.
[  181.389944][T13336] 9pnet_fd: Insufficient options for proto=fd
[  181.639366][T13348] loop2: detected capacity change from 0 to 2048
[  181.923867][   T29] audit: type=1400 audit(1748471944.719:10191): avc:  denied  { create } for  pid=13355 comm="syz.0.2710" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  181.925908][T13356] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2710'.
[  181.966918][T13356] sch_tbf: burst 88 is lower than device veth1 mtu (1514) !
[  181.977509][   T23] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  181.978535][T13361] netlink: 'syz.1.2712': attribute type 20 has an invalid length.
[  181.985001][   T23] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  181.985031][   T23] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  181.992943][T13361] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2712'.
[  182.002098][   T23] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  182.024455][   T23] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  182.024536][   T23] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  182.024638][   T23] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  182.024665][   T23] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  182.024790][   T23] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  182.024816][   T23] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  182.024899][   T23] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  182.024921][   T23] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  182.024969][   T23] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  182.026932][   T23] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  182.026973][   T23] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  182.027822][   T23] hid-generic 0006:0000:0000.0001: hidraw0: VIRTUAL HID vffffff.00 Device [syz0] on syz1
[  182.045074][T13364] FAULT_INJECTION: forcing a failure.
[  182.045074][T13364] name failslab, interval 1, probability 0, space 0, times 0
[  182.131665][T13364] CPU: 0 UID: 0 PID: 13364 Comm: syz.1.2713 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  182.131758][T13364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  182.131834][T13364] Call Trace:
[  182.131843][T13364]  <TASK>
[  182.131853][T13364]  __dump_stack+0x1d/0x30
[  182.131877][T13364]  dump_stack_lvl+0xe8/0x140
[  182.131897][T13364]  dump_stack+0x15/0x1b
[  182.131914][T13364]  should_fail_ex+0x265/0x280
[  182.131946][T13364]  should_failslab+0x8c/0xb0
[  182.131976][T13364]  kmem_cache_alloc_noprof+0x50/0x310
[  182.132035][T13364]  ? skb_clone+0x151/0x1f0
[  182.132070][T13364]  skb_clone+0x151/0x1f0
[  182.132097][T13364]  __netlink_deliver_tap+0x2c9/0x500
[  182.132134][T13364]  netlink_unicast+0x64c/0x670
[  182.132160][T13364]  netlink_sendmsg+0x58b/0x6b0
[  182.132200][T13364]  ? __pfx_netlink_sendmsg+0x10/0x10
[  182.132277][T13364]  __sock_sendmsg+0x145/0x180
[  182.132383][T13364]  sock_write_iter+0x165/0x1b0
[  182.132489][T13364]  do_iter_readv_writev+0x3ee/0x4b0
[  182.132609][T13364]  vfs_writev+0x2c9/0x870
[  182.132654][T13364]  do_writev+0xe7/0x210
[  182.132686][T13364]  __x64_sys_writev+0x45/0x50
[  182.132730][T13364]  x64_sys_call+0x2006/0x2fb0
[  182.132815][T13364]  do_syscall_64+0xd2/0x200
[  182.132867][T13364]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  182.132905][T13364]  ? clear_bhb_loop+0x40/0x90
[  182.132934][T13364]  ? clear_bhb_loop+0x40/0x90
[  182.132964][T13364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.133011][T13364] RIP: 0033:0x7f86dcb1e969
[  182.133031][T13364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  182.133056][T13364] RSP: 002b:00007f86db187038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  182.133105][T13364] RAX: ffffffffffffffda RBX: 00007f86dcd45fa0 RCX: 00007f86dcb1e969
[  182.133122][T13364] RDX: 0000000000000001 RSI: 0000200000001200 RDI: 0000000000000003
[  182.133140][T13364] RBP: 00007f86db187090 R08: 0000000000000000 R09: 0000000000000000
[  182.133157][T13364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  182.133174][T13364] R13: 0000000000000000 R14: 00007f86dcd45fa0 R15: 00007ffcf002cf88
[  182.133202][T13364]  </TASK>
[  182.156490][T13367] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  182.525233][T13385] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2719'.
[  182.564284][T13388] loop4: detected capacity change from 0 to 512
[  182.576606][T13385] netlink: 154020 bytes leftover after parsing attributes in process `syz.2.2719'.
[  182.595423][T13388] EXT4-fs (loop4): too many log groups per flexible block group
[  182.603171][T13388] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  182.656222][T13388] EXT4-fs (loop4): mount failed
[  182.671776][T13388] 9pnet_fd: Insufficient options for proto=fd
[  182.690866][T13394] loop1: detected capacity change from 0 to 2048
[  182.702719][T13396] netlink: 'syz.3.2723': attribute type 20 has an invalid length.
[  182.738188][T13400] loop3: detected capacity change from 0 to 1024
[  182.748322][T13400] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  182.764420][T13400] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  182.772544][T13400] EXT4-fs (loop3): orphan cleanup on readonly fs
[  182.780476][T13404] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  182.780561][T13400] EXT4-fs error (device loop3): __ext4_get_inode_loc:4450: comm syz.3.2725: Invalid inode table block 0 in block_group 0
[  182.802648][T13400] EXT4-fs (loop3): Remounting filesystem read-only
[  182.809467][T13400] EXT4-fs (loop3): 1 truncate cleaned up
[  182.815821][T13400] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  182.901696][T13413] loop2: detected capacity change from 0 to 2048
[  182.948620][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.249694][T13435] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.275083][T13436] loop3: detected capacity change from 0 to 512
[  183.285944][T13436] EXT4-fs (loop3): too many log groups per flexible block group
[  183.293677][T13436] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  183.301177][T13436] EXT4-fs (loop3): mount failed
[  183.310058][T13435] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.311888][T13436] 9pnet_fd: Insufficient options for proto=fd
[  183.336332][T13443] netlink: 'syz.1.2739': attribute type 10 has an invalid length.
[  183.344377][T13443] netlink: 'syz.1.2739': attribute type 19 has an invalid length.
[  183.357124][T13435] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.378230][T13445] netlink: 'syz.1.2740': attribute type 10 has an invalid length.
[  183.416080][T13435] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.464287][T13435] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  183.480839][T13435] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  183.501500][T13435] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  183.521174][T13435] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  183.569279][T13460] __nla_validate_parse: 4 callbacks suppressed
[  183.569300][T13460] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2746'.
[  183.618008][T13468] FAULT_INJECTION: forcing a failure.
[  183.618008][T13468] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  183.631354][T13468] CPU: 1 UID: 0 PID: 13468 Comm: syz.1.2750 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  183.631390][T13468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  183.631409][T13468] Call Trace:
[  183.631416][T13468]  <TASK>
[  183.631424][T13468]  __dump_stack+0x1d/0x30
[  183.631461][T13468]  dump_stack_lvl+0xe8/0x140
[  183.631500][T13468]  dump_stack+0x15/0x1b
[  183.631517][T13468]  should_fail_ex+0x265/0x280
[  183.631546][T13468]  should_fail+0xb/0x20
[  183.631643][T13468]  should_fail_usercopy+0x1a/0x20
[  183.631681][T13468]  _copy_from_iter+0xcf/0xe40
[  183.631715][T13468]  ? __build_skb_around+0x1a0/0x200
[  183.631757][T13468]  ? __alloc_skb+0x223/0x320
[  183.631790][T13468]  netlink_sendmsg+0x471/0x6b0
[  183.631823][T13468]  ? __pfx_netlink_sendmsg+0x10/0x10
[  183.631873][T13468]  __sock_sendmsg+0x145/0x180
[  183.631914][T13468]  ____sys_sendmsg+0x31e/0x4e0
[  183.631945][T13468]  ___sys_sendmsg+0x17b/0x1d0
[  183.632026][T13468]  __x64_sys_sendmsg+0xd4/0x160
[  183.632066][T13468]  x64_sys_call+0x2999/0x2fb0
[  183.632088][T13468]  do_syscall_64+0xd2/0x200
[  183.632200][T13468]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  183.632235][T13468]  ? clear_bhb_loop+0x40/0x90
[  183.632264][T13468]  ? clear_bhb_loop+0x40/0x90
[  183.632287][T13468]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.632337][T13468] RIP: 0033:0x7f86dcb1e969
[  183.632364][T13468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.632388][T13468] RSP: 002b:00007f86db187038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  183.632412][T13468] RAX: ffffffffffffffda RBX: 00007f86dcd45fa0 RCX: 00007f86dcb1e969
[  183.632428][T13468] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 000000000000000a
[  183.632443][T13468] RBP: 00007f86db187090 R08: 0000000000000000 R09: 0000000000000000
[  183.632504][T13468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.632515][T13468] R13: 0000000000000000 R14: 00007f86dcd45fa0 R15: 00007ffcf002cf88
[  183.632537][T13468]  </TASK>
[  183.988005][T13491] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  184.003201][T13493] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2760'.
[  184.048980][T13496] loop2: detected capacity change from 0 to 2048
[  184.082714][T13499] loop3: detected capacity change from 0 to 1024
[  184.090516][T13499] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  184.102950][T13499] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  184.109859][T13504] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  184.111159][T13499] EXT4-fs (loop3): orphan cleanup on readonly fs
[  184.119678][T13504] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  184.127847][T13499] EXT4-fs error (device loop3): __ext4_get_inode_loc:4450: comm syz.3.2763: Invalid inode table block 0 in block_group 0
[  184.166229][T13499] EXT4-fs (loop3): Remounting filesystem read-only
[  184.193087][T13499] EXT4-fs (loop3): 1 truncate cleaned up
[  184.206339][T13499] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  184.378908][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.493237][T13548] validate_nla: 1 callbacks suppressed
[  184.493268][T13548] netlink: 'syz.4.2771': attribute type 10 has an invalid length.
[  184.506771][T13548] netlink: 'syz.4.2771': attribute type 19 has an invalid length.
[  184.514774][T13548] netlink: 156 bytes leftover after parsing attributes in process `syz.4.2771'.
[  184.558943][T13553] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  184.759147][T13585] loop4: detected capacity change from 0 to 128
[  184.844323][T13596] syz.4.2778: attempt to access beyond end of device
[  184.844323][T13596] loop4: rw=2049, sector=145, nr_sectors = 8 limit=128
[  184.898845][T13596] syz.4.2778: attempt to access beyond end of device
[  184.898845][T13596] loop4: rw=2049, sector=161, nr_sectors = 8 limit=128
[  184.898912][T13596] syz.4.2778: attempt to access beyond end of device
[  184.898912][T13596] loop4: rw=2049, sector=177, nr_sectors = 8 limit=128
[  184.899013][T13596] syz.4.2778: attempt to access beyond end of device
[  184.899013][T13596] loop4: rw=2049, sector=193, nr_sectors = 8 limit=128
[  184.899065][T13596] syz.4.2778: attempt to access beyond end of device
[  184.899065][T13596] loop4: rw=2049, sector=209, nr_sectors = 8 limit=128
[  184.899114][T13596] syz.4.2778: attempt to access beyond end of device
[  184.899114][T13596] loop4: rw=2049, sector=225, nr_sectors = 8 limit=128
[  184.899229][T13596] syz.4.2778: attempt to access beyond end of device
[  184.899229][T13596] loop4: rw=2049, sector=241, nr_sectors = 8 limit=128
[  184.899323][T13596] syz.4.2778: attempt to access beyond end of device
[  184.899323][T13596] loop4: rw=2049, sector=257, nr_sectors = 8 limit=128
[  184.899370][T13596] syz.4.2778: attempt to access beyond end of device
[  184.899370][T13596] loop4: rw=2049, sector=273, nr_sectors = 8 limit=128
[  184.899428][T13596] syz.4.2778: attempt to access beyond end of device
[  184.899428][T13596] loop4: rw=2049, sector=289, nr_sectors = 8 limit=128
[  185.365386][T13633] netlink: 'syz.4.2785': attribute type 10 has an invalid length.
[  185.373315][T13633] netlink: 'syz.4.2785': attribute type 19 has an invalid length.
[  185.381382][T13633] netlink: 156 bytes leftover after parsing attributes in process `syz.4.2785'.
[  185.609235][T13642] 9pnet_fd: Insufficient options for proto=fd
[  185.704636][T13647] loop2: detected capacity change from 0 to 2048
[  185.731721][T13652] loop4: detected capacity change from 0 to 1024
[  185.786392][T13652] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  185.814110][T13652] ext4 filesystem being mounted at /577/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  185.862850][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.336478][T13680] 9pnet_fd: Insufficient options for proto=fd
[  186.574175][T13691] 9pnet_fd: Insufficient options for proto=fd
[  186.628224][T13694] loop3: detected capacity change from 0 to 1024
[  186.636679][   T29] kauditd_printk_skb: 64 callbacks suppressed
[  186.636696][   T29] audit: type=1400 audit(1748471949.439:10252): avc:  denied  { create } for  pid=13695 comm="syz.2.2805" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  186.680420][   T29] audit: type=1400 audit(1748471949.459:10253): avc:  denied  { write } for  pid=13695 comm="syz.2.2805" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  186.680829][T13694] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  186.714100][T13694] ext4 filesystem being mounted at /534/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  186.738761][   T29] audit: type=1400 audit(1748471949.529:10254): avc:  denied  { create } for  pid=13695 comm="syz.2.2805" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  186.758532][   T29] audit: type=1400 audit(1748471949.529:10255): avc:  denied  { write } for  pid=13695 comm="syz.2.2805" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  186.778220][   T29] ==================================================================
[  186.778251][   T29] BUG: KCSAN: data-race in console_flush_all / console_flush_all
[  186.794030][   T29] 
[  186.796378][   T29] write to 0xffffffff86a20488 of 8 bytes by task 13696 on cpu 1:
[  186.804198][   T29]  console_flush_all+0x35a/0x730
[  186.809169][   T29]  console_unlock+0xa1/0x330
[  186.813783][   T29]  vprintk_emit+0x388/0x650
[  186.818315][   T29]  vprintk_default+0x26/0x30
[  186.822920][   T29]  vprintk+0x1d/0x30
[  186.826838][   T29]  _printk+0x79/0xa0
[  186.830766][   T29]  caif_disconnect_client+0x13d/0x150
[  186.836248][   T29]  caif_release+0xec/0x230
[  186.840779][   T29]  sock_close+0x6b/0x150
[  186.845067][   T29]  __fput+0x298/0x650
[  186.849076][   T29]  ____fput+0x1c/0x30
[  186.853097][   T29]  task_work_run+0x12e/0x1a0
[  186.857720][   T29]  do_exit+0x5dd/0x16f0
[  186.861917][   T29]  do_group_exit+0xff/0x140
[  186.866449][   T29]  get_signal+0xe59/0xf70
[  186.870812][   T29]  arch_do_signal_or_restart+0x96/0x480
[  186.876562][   T29]  exit_to_user_mode_loop+0x7a/0x100
[  186.881966][   T29]  do_syscall_64+0x1d6/0x200
[  186.886611][   T29]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.888117][T13694] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  186.892516][   T29] 
[  186.892524][   T29] read to 0xffffffff86a20488 of 8 bytes by task 29 on cpu 0:
[  186.911466][   T29]  console_flush_all+0x563/0x730
[  186.917045][   T29]  console_unlock+0xa1/0x330
[  186.921646][   T29]  vprintk_emit+0x388/0x650
[  186.926157][   T29]  vprintk_default+0x26/0x30
[  186.930756][   T29]  vprintk+0x1d/0x30
[  186.934688][   T29]  _printk+0x79/0xa0
[  186.938605][   T29]  kauditd_hold_skb+0x1b1/0x1c0
[  186.943468][   T29]  kauditd_send_queue+0x273/0x2c0
[  186.948506][   T29]  kauditd_thread+0x421/0x630
[  186.953192][   T29]  kthread+0x486/0x510
[  186.957275][   T29]  ret_from_fork+0xda/0x150
[  186.961791][   T29]  ret_from_fork_asm+0x1a/0x30
[  186.966573][   T29] 
[  186.968910][   T29] value changed: 0x0000000000001597 -> 0x0000000000001598
[  186.976027][   T29] 
[  186.978356][   T29] Reported by Kernel Concurrency Sanitizer on:
[  186.984510][   T29] CPU: 0 UID: 0 PID: 29 Comm: kauditd Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  186.996150][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  187.006224][   T29] ==================================================================
[  187.025799][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.