last executing test programs:

3.414911854s ago: executing program 4 (id=5425):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000140)='ceph\x00', &(0x7f0000000180), &(0x7f0000000040), 0x1d4, r0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r3)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r4, 0x0)
syz_emit_ethernet(0x9e, &(0x7f0000000080)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x68, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x1a, 0xc2, 0x0, 0x0, 0x0, {[@mptcp=@ack={0x1e, 0x13, 0x80, 0x1, "8c0cec4ba6136fae926d2232def5fb"}, @sack={0x5, 0x12, [0x0, 0x0, 0x0, 0x0]}, @exp_fastopen={0xfe, 0xd, 0xf989, "eeb3fef90baf70793c"}, @md5sig={0x13, 0x12, "7224407c80fe8a3616b4bf3400006cc8"}, @mptcp=@ack={0x1e, 0x9, 0x0, 0x4, "5882a08027"}, @exp_fastopen={0xfe, 0x4}]}}}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f00000001c0)={0x8, <r6=>0x0}, 0x8)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000200)={r6, 0x0, 0x18}, 0xc)
r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r7, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r8 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r9 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r9, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000440)=@secondary)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r8, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000500)=@chain={'key_or_keyring:', r9})
close(r1)

2.930529229s ago: executing program 3 (id=5439):
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, 0x0, 0x4044854)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0a00000004000000040000000200000000000000", @ANYRES32, @ANYBLOB="eb70bbfc89e8e09fe5f879b3dd839b000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000900)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020fe29817a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000400704000000000000b7040000100000206a0700fe000000008500000005000000b70000000a00000095000000000000000000c2c62f6004ad13aa957e2af5e49a53c2868f0399d909a63796c113a80c19aab9d607000000b6c9483be3f0d3253730e714c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637c48468766af540439fce41f144631ac262dcae18c3d1a1fbe96dc86035b44174f7c0620254ab6d285e6b343185089a0f119e31975e551558050800000000000000125d67857f290870093f38153608561a2128a79cce912d1f05de330800a9f5422bee8ca49166f6a587f2f593775afcd071efc5a972f757521b7b38ec273c2ad3e406f8c124f7dc1c4553229a69df4b2780e6da4420d71489fe383e0b5ce08b750502f2b8add8d2dddde19ac050537e973782b4053150580035fb2c579e1b2100000033d1ee8cab6d236f05b1f7b9f78fd5abfe033eb79f7a0b498366f5edfe311258016fbf47d9c85bf5325bf61419372be377022433e20900a262b20bb8b36de7b0e6c5ebfc5baec1ebe58d4af587d33e2935ad68da6e0fea5c21301f5d002b51a5b60fc741cb2c5d4cd5e896774f9293a6435558795043404ac6eafc8310fbcacca7f971b260fd06d4590ded8429fcd1c9a8dbbdedb32675388df363c0bc536e00448208b72405ebf27ddb402e5a2d675aaad92e183cef1eadc1661140fb567b55c72907a1aca75277a5f0022b1e957ba737f10f1161c5ae6e2cc64072ff3b4e76084922242e63d4b7806e30f786cff147e4bc819060678319a0e5534f5a0db52526c30000000000000000000000a63705b1a60525620acca06d57c055059df7651768310c9085c5f86be6ab819506961ad51f18b35fdc3fd4d0a0dbbdcd494ef168931f27748787bee95d739fef7ee67dd21c34647de82707e41d7db6d981a4fcf0bbd3d38ebb7a2489e28c6b28c0f70092ffb016b7766399555f3e6b538c2c862d17e53eaeb2036f9f0ab6e95e71bda4b5bbf53344264ad93bac1207b31d6e9c78181c7fe204c0b7582d1c762857f2a2e0c60f4a4855591a4f70f94df9629e470701103c40c8f6d3a3068091d62b58999e0a046f9509cb8ddc2a9ad4e0f1f85e5f076218b4b931acdff0c34fc5bdbad17ec481f1c9b17727c14e053e315d0d8d03c24ddaba65c5ce5b1aa04d1f767e25662b155d49460ec720d54044ac2856c11407835f341e2614bcae270000000001000000df7f736aab5d713240b2f40ec7be8251eba969686b2670ddc1a84df6ab12ab3e0cf8747837062233935704ebbd943ef0c5fef29513c7c1d6d2611796dccb45bdfd9e6533ad3574be5b9ea70e0c3b41a32067c03f5f8ed147cd0655c90d656f66eaed18a3c284c4f19417b5d91431759356db5d45ea40c9866957105b6252b0c028c672049ce163126f143f5758faf2a43f4c4f45a69b4e9113f85ae531085c11c75edbdee5af454757cdaff396c15ab9b210c202ffaea96d1bac60c6d6c56a4babc659858789bd479334e13e1c7876f95429431e61400815788c1397b260600d78e7513c58d9ac9474d392cc06f789753e1e7ebf5f1b55e2a64b9150c6580bf48e7bff763034801cccf403108d127b959ffc425a563ea2b90fbe779fd7d2ebfe94"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$kcm(0x11, 0x2, 0x300)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @multicast2}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
sendmmsg$inet(r2, &(0x7f0000001600)=[{{&(0x7f0000000300)={0x2, 0x4e23, @private=0xa010100}, 0x10, &(0x7f0000000340)=[{&(0x7f0000000580)="755e2f671662b3c1260ca7fb84bfc9b1c4435cd1bbc43304722cefcf2bc7534251a9cfb10de104026b448f43c1a2d7be008f7d7f5a76e29ac66bb768a1652c3e2a5463f4d70437b1e57494a5ce7449237d1ca5bcf69f193b3cc74a87d386017d85c67a2cf88841f9a099efae3f05d3b1a8634f905620b5bd231f0aaf18dc92c564ce592f38d8f964d99cb7ad7faeb14e16022cf2cb2ee2e6dee9dad3d9699e5d61214361d7306ee5fe08e7381a4e83bd63dd8ad3dcecdb8232b062548e01521639afa095", 0xc4}], 0x1, &(0x7f0000000680)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x10}}, @ip_ttl={{0x14, 0x0, 0x2, 0x5}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @broadcast, @rand_addr=0x64010101}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x9}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x9}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x6}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4d}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x80000000}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @loopback}}}], 0xe8}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000780)="8cdeca32a4cf9c0184a7bf7f0afdf8e9d0edc107a7138dcd3869efd27c9b70382794e5481f563b429531d36cfda3d0ea2c228b9c90c2c85a09904f88cc6dc0b17d9f1439a05dc27543db27902488ff893346080641d00b406dc36643f971f5c064c80d44b00fa5459b2c7d8b9b794e922ff42c10ef69249ab43f1573cc56f03ef2575a7427f42e194ad02325c3c06899d3482b4ef51f9b210cd94a4f", 0x9c}, {&(0x7f0000000840)="f25612b2c36d8f21658454ba2833046217e0e9f74bdb09e85d86ae588644c6b2e257534fc1063bb1c318bb3304bd702a3c740883f5027183a8cb9173892faa855a624e5af8723f5be12d1817ffa1eec09dcaa9d6e3dfc3cc3fc42b2ff2a4805103500c2f2629f8ec2acaa4bb0ea576e04a7367b32ea7e20583ad90b85728a2814a56e96d9b26a46c0732ab259bca93c2ee613883e347e8ddc9fda2c0688813770fe840beeb60605d1beeeea8586ea6516c826f41057bfa45a3f4e65de2b361", 0xbf}], 0x2, &(0x7f0000000e00)=[@ip_retopts={{0x54, 0x0, 0x7, {[@rr={0x7, 0x13, 0xcc, [@loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote, @private=0xa010102]}, @rr={0x7, 0xb, 0x75, [@loopback, @loopback]}, @cipso={0x86, 0x22, 0xffffffffffffffff, [{0x7, 0xf, "78d0426b5bcc066d88f6c547be"}, {0x1, 0xd, "6d534c3560016039c8ff67"}]}, @ra={0x94, 0x4, 0x1}]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x7fff}}], 0x70}}, {{&(0x7f0000000e80)={0x2, 0x4e23, @private=0xa010102}, 0x10, &(0x7f00000011c0)=[{&(0x7f0000000ec0)="14957f2a6a4bf5e9d764781de175dac48284e8a1af1bfc083469a0e510b5360d663a8f688910b4ddab593a12ef9bd69b61ed4936b6417fa7bbdff2a8b8fe75f0680c3df3be454f909d25374fdf31", 0x4e}, {&(0x7f0000000f40)="5d43edcd760e47d47df7ddda5b1a611b8147efe79a19038beb36c9ad38142dc21126", 0x22}, {&(0x7f0000000f80)="ec450444858d7e43de4b4da2e5d418fcca4bb46667e0ab4bfe6d297f3db906749fcf378c16677fd8df145806721a419eec663a540b9f3ac6e5e17b97c73d92c3dbf7bf4def79d29cd9ab1d0c8873598a08bbdef093b4775a75b263d3483d9437320a255c88e3b5482aef", 0x6a}, {&(0x7f0000001000)="440647fb65458b02eff9f1ef98e414d8701ee07532e6127685665dfbf214bf7d5483ec7b8ac80d09d0abca71f07a638a9ec58b57ce34274422dcd3ccec7746f277c3149f50c35d9ca54728952005b2159951e7966336329d01c4d2f32aeb22f484e77a5a3bdbbf9c62d2f5727d735d0fae766611e0042655e1d4399426451bd08349afa3265ed41ee59e7726c337fe600bbb265f44327d90b61ab188205ce83a1e204835910013e9fb6ec9b745ff7b49c8da9ba95a030b8f0a61f6a1e7dbc4a5e1250ea64bf4d356a9296e3a17983c4d5bf80a9c8e26a2dc1e1749ae269f66f7279badb1ca9f18bb96cb3f1e48ec238882b9fd7eef18c1a3f5e2f8c1", 0xfc}, {&(0x7f0000001100)="4befa4fa7feca4f16b", 0x9}, {&(0x7f0000001140)="bbe842409e599b3aaee37341f5dea8b8e1eace5fde424185513a56f12461e17265ceda2956911962a3dbf9f486d91316253df7e7eb", 0x35}, {&(0x7f0000001180)="4a715da6e6cce803412039ada7", 0xd}], 0x7}}, {{0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000001240)="08fb65eae09a090bac5b5a44b7350d65a7bc0a5f8b3e804b77c7b5a11f4281eb02cd007b448712f38879fa6c4fe9447c433657aefe16aa2ebc", 0x39}, {&(0x7f0000001280)="b8d890ffb92f9bd5858cfec767ea1b6f040b9e6d907f52f04dea0ea61ef1609ff0f170f3bca2fae3ba1f523c6f080e292b46803b5a6e3b38e0c4441eb2735833557bc8ebb0", 0x45}, {&(0x7f0000001300)="cf5599e02b35f6110e277a5d6b8a572b777137c69a169287f3b60e25a53adaa98b6cebd2f7a17e834832557fa14f40e066ea6c85c2526444c9b679ba59eb017c4a13eeb5", 0x44}, {&(0x7f0000001380)="87a0e8387fe12fa48e9a5c81969d71051d7c1087456bf7fdba1d83da629db01b221e82cb8ca9fd3489c888103f257fb897186fcee58a9b1412f2bcb836f2ad3cd462232aba2901ec5482c5aee17bca3cd0779e4784eb0e190551a0fdfea0fab3302ce7508abcad98716bbeea9d914e05523a8410899f1f09249b765d9da57f943e957b352ca5005830f58a3f1460b8d1b2d33a3d3b6e5451451a380c022b066cbadacbb10d558e986c612d7d62ebe66e1f0a2f6dd51c2fa7cf5e26df14a2fb22fb5ab450e7d14ea82a080754faebe65b555641a40b13863be04cd45972e4bb5fc719f4caf821140391ef8ae8359ad23c28de4c3ee48a0245", 0xf8}], 0x4, &(0x7f0000001500)=[@ip_ttl={{0x14, 0x0, 0x2, 0x4}}, @ip_retopts={{0x58, 0x0, 0x7, {[@end, @end, @timestamp_prespec={0x44, 0x34, 0x3e, 0x3, 0x3, [{@remote}, {@loopback, 0x10000e}, {@loopback, 0x10001}, {@empty, 0x7}, {@dev={0xac, 0x14, 0x14, 0x29}, 0xf6fc}, {@empty, 0x3}]}, @timestamp={0x44, 0x10, 0xc9, 0x0, 0x7, [0x13, 0x8, 0x1]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010102, @multicast1}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xde}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x81}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x1}}], 0xd8}}], 0x4, 0x60cd894)

2.874574254s ago: executing program 3 (id=5441):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0)
lsm_get_self_attr(0x64, 0x0, &(0x7f0000000080), 0x0)

2.81085421s ago: executing program 3 (id=5442):
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x1004010, 0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x6, 0x2}, 0x2400}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = epoll_create1(0x0)
r2 = dup(r0)
mount$9p_tcp(&(0x7f0000000080), &(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000100), 0x1110000, &(0x7f0000000140)={'trans=tcp,', {'port', 0x3d, 0x4e20}, 0x2c, {[{@uname={'uname', 0x3d, '\x00'}}, {@privport}], [{@obj_user}]}})
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
syz_io_uring_setup(0x416f, &(0x7f0000000780)={0x0, 0x7a7f, 0x10100, 0x0, 0x230}, &(0x7f0000001240)=<r3=>0x0, &(0x7f0000001340)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r7=>0x0}, &(0x7f0000000280)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r5, 0x84, 0x17, &(0x7f00000001c0)=ANY=[@ANYRES32=r7], 0x9)

2.322189785s ago: executing program 4 (id=5450):
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vxcan0\x00'})
rt_sigprocmask(0x2, &(0x7f0000000000)={[0xfffffffffffffffb]}, 0x0, 0x8)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x301, 0x0)
write$binfmt_script(r0, &(0x7f00000000c0), 0xfffffff9)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)=@newqdisc={0x24, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x4e23, 0x81, @loopback, 0x78}, 0x1c)
write$binfmt_misc(r0, 0x0, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7a680000)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000000c0)="d800000018008103e00312ba0d8105040a600300ff0f040b067c55a1bc000900b80006990700000015000500fef32702d3001500030001400200000901ac040098007f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b66bce0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f00000e9703000000000000", 0xcb}], 0x1}, 0x0)
ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x0, @empty, 0x80000}, @nfc={0x27, 0x0, 0x1, 0x6}, @nl=@unspec, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)='veth0_macvtap\x00', 0x0, 0xfdffffff})
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x1, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000380))
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

1.913954923s ago: executing program 3 (id=5461):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0x200202, 0x0)
r0 = gettid()
process_vm_readv(r0, &(0x7f0000001140)=[{&(0x7f0000000000)=""/87, 0x57}, {&(0x7f0000000100)=""/4103, 0x1007}], 0x2, &(0x7f00000011c0)=[{0xfffffffffffffffc}], 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000480)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getitimer(0xe, 0x0)
statx(0xffffffffffffffff, 0x0, 0x6000, 0x153146e58b5e3128, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/exec\x00')
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$nl_rdma(0x10, 0x3, 0x14)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x58, '\x00', 0x0, 0x25, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
faccessat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x5)
fcntl$lock(r5, 0x6, &(0x7f0000002000)={0x1})
fcntl$lock(r5, 0x26, &(0x7f00000031c0))
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.51210728s ago: executing program 0 (id=5466):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000060000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
kexec_load(0x0, 0x0, 0x0, 0x0)

1.430611178s ago: executing program 0 (id=5468):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000180)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[], [{@rootcontext={'rootcontext', 0x3d, 'staff_u'}}], 0x6b}})

1.381312842s ago: executing program 0 (id=5471):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x20, 0x30}, 0xc)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff0000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
sendto$inet6(r0, &(0x7f00000002c0)="9e", 0x1a000, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000c80)='|', 0x1, 0xbcff, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x0, 0x20}, 0xc)
sendmsg$inet6(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)='h', 0x34000}], 0x1}, 0x0)

1.358650575s ago: executing program 1 (id=5472):
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x1004010, 0x0, 0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x6, 0x2}, 0x2400}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = epoll_create1(0x0)
r2 = dup(r0)
mount$9p_tcp(&(0x7f0000000080), &(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000100), 0x1110000, &(0x7f0000000140)={'trans=tcp,', {'port', 0x3d, 0x4e20}, 0x2c, {[{@uname={'uname', 0x3d, '\x00'}}, {@privport}], [{@obj_user}]}})
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
syz_io_uring_setup(0x416f, &(0x7f0000000780)={0x0, 0x7a7f, 0x10100, 0x0, 0x230}, &(0x7f0000001240), &(0x7f0000001340))
r3 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r6=>0x0}, &(0x7f0000000280)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r4, 0x84, 0x17, &(0x7f00000001c0)=ANY=[@ANYRES32=r6], 0x9)

1.323431928s ago: executing program 4 (id=5474):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000280)='./file0\x00', 0x2224480, 0x0, 0xfb, 0x0, &(0x7f0000000240))
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x2000400, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
ftruncate(r1, 0xc17a)
timer_create(0x2, 0x0, &(0x7f0000000180))
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001400)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x20, 0x3, &(0x7f0000000f80)=ANY=[@ANYBLOB="030000000000000000000000000001000000000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='mm_page_free\x00', r2}, 0x10)
r3 = socket$kcm(0x28, 0x5, 0x0)
setsockopt$sock_attach_bpf(r3, 0x28, 0x6, 0x0, 0x44)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0)
r5 = socket(0x10, 0x1, 0x4)
getsockopt$nfc_llcp(r5, 0x11, 0xb, 0x0, 0x2000005b)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYRES16=0x0, @ANYBLOB="7a803f8fa36beee18f7ebae7ef3e0f68fb79463ab02d594407b51f2ec4f3141042", @ANYBLOB='\x00'/20, @ANYRES64=r4, @ANYRES32, @ANYBLOB="3068b8547da2e509fceda94f36936d9d453c1cd6abaac779ddeddbe8f308a3a70aa11bb3a6ecb7b3f2e3489d6d26e75adf0b1f9e25cd0e116427cb88c550d47ab8cb427181b3e512614cec29bc75c7baa04e3082fc5a8485e4b83414bdfadf9f71b1e075aea81ac5107955213ceb28b76e477df328ceaf55128a3947518f39d10c521ad75a5218d2c9827cdd560fa79edb6b3e3272013c10ab4388a48198ca1df9fc07cf5c485612f883c8e701fe428ae12c8b686f9382e310241184a8593cfe077e3db1c42fe8518c6711f4ff43b2012956d013bf67eec9164a495138754d34965abe9cd35e808e6b45bde6d7072fe343558b0852b2d44c89256318b78d397fec8f08e820ff6d481db1c3a8f367c4296c158f6cdfccc1bfec031eb677d6e4dcff5a607f342a66c4a6947778bd6e11cd0644596778ef658de5f3fcc80bec023e9cc1d86426330fb9ead04d970fe9ccc90c9968a8050ac80d47ddc64202461e57406cb847b47d6a80fe82333c69d4fc1c283209dbdfdcc4e32fbfe2d93eef9c7d652741426eafc0772eb114d54287913b7b12fa147d7f016a1e93b26248097e0733fa8c2e18d8ca042a0b3ffef36a33ea82c777c66547e87846eceaea3637444d35815eaf7ca70d9138acfd49b69e61f8"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, 0x0)
r6 = socket(0x0, 0x3, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket(0x0, 0x3, 0xfffffffe)
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'})
sendmsg$nl_route(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0x2004c005}, 0xe0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/18, @ANYRES32=r10, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)

1.223478107s ago: executing program 4 (id=5476):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r3, &(0x7f0000000040)={0xc0, 0x4e20, @loopback}, 0x10)

1.201585069s ago: executing program 4 (id=5478):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), r1)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x34, r3, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG={0x5, 0x7, 0x5}, @ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x34}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000100)={'ip_vti0\x00', &(0x7f00000000c0)={'syztnl0\x00', <r4=>0x0, 0x7, 0x8000, 0x9, 0x2, {{0x8, 0x4, 0x1, 0xd, 0x20, 0x66, 0x0, 0x10, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0xf}, {[@generic={0x94, 0xc, "2d47b263c927cd460173"}]}}}}})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000001c0)={'erspan0\x00', &(0x7f0000000140)={'syztnl1\x00', <r5=>0x0, 0x7, 0x8000, 0xfffffffd, 0x1, {{0xb, 0x4, 0x1, 0x29, 0x2c, 0x64, 0x0, 0x7f, 0x17, 0x0, @multicast2, @remote, {[@noop, @generic={0xf, 0x7, "03fa18b80c"}, @lsrr={0x83, 0xf, 0xe2, [@private=0xffff, @empty, @broadcast]}, @noop]}}}}})
sendmsg$ETHTOOL_MSG_WOL_SET(r1, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x48, r3, 0x20, 0x70bd2c, 0x25dfdbfb, {}, [@ETHTOOL_A_WOL_SOPASS={0x16, 0x3, "19ebdc89b3ee56ff1e913cd03065dbdda195"}, @ETHTOOL_A_WOL_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x40041)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r6, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xfe, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r8}, 0x10)
stat(&(0x7f00000013c0)='./file0\x00', 0x0)

1.178552841s ago: executing program 4 (id=5479):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)={0x15, 0x65, 0xffff, 0x0, 0x8, '9P2000.u'}, 0x15)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff0180"], 0x15)
r2 = dup(r1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x100000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000001340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0x6b}})

1.155694093s ago: executing program 2 (id=5481):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000180)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[], [{@rootcontext={'rootcontext', 0x3d, 'staff_u'}}], 0x6b}})

1.133667826s ago: executing program 2 (id=5482):
mlockall(0x1)

1.07853953s ago: executing program 3 (id=5483):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x840000000002, 0x3, 0xff)
openat$tun(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r1, &(0x7f0000000440)=[{{&(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a9050000000074640000000000003552bde5c064c6", 0x15}, {&(0x7f0000000340)="174640b6d80fb2eedc81ba60ccbb9d", 0xf}], 0x2}}, {{&(0x7f00000004c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000000c0)=[{0x0}], 0x1}}], 0x2, 0x4000040)

1.064665862s ago: executing program 3 (id=5484):
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vxcan0\x00'})
rt_sigprocmask(0x2, &(0x7f0000000000)={[0xfffffffffffffffb]}, 0x0, 0x8)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x301, 0x0)
write$binfmt_script(r0, &(0x7f00000000c0), 0xfffffff9)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)=@newqdisc={0x24, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x4e23, 0x81, @loopback, 0x78}, 0x1c)
write$binfmt_misc(r0, 0x0, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7a680000)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000000c0)="d800000018008103e00312ba0d8105040a600300ff0f040b067c55a1bc000900b80006990700000015000500fef32702d3001500030001400200000901ac040098007f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b66bce0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f00000e9703000000000000", 0xcb}], 0x1}, 0x0)
ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x0, @empty, 0x80000}, @nfc={0x27, 0x0, 0x1, 0x6}, @nl=@unspec, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)='veth0_macvtap\x00', 0x0, 0xfdffffff})
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x1, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000380))
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

838.963802ms ago: executing program 2 (id=5485):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x8, &(0x7f0000000000), 0x1, 0x51a, &(0x7f0000001200)="$eJzs3U9sI1cZAPBvJsnam6ZNCj0AKnQphQWt1k68bVT1QjlVCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMAYkDUk/ckTjAjUs5IBVYgRokJFx5bGedP06sbGJv499PGvnNvLG/93Y071mfN/MCGFu3ImI/Im5ExLsRMds5nnS2eLO9tc775NGD5YNHD5aTaDbf+WeS1beORc97Wp7pfGY+In7wVsSPkmNB/xRR393bWKpUytudQ8VGdatY3927u15dWiuvlTdLpcWFxfnX771WurS+vlT9zcc3I+L3v/vyR3/c/9ZPWs2a6dT19uMytbs+dRinZTIivncVwUZgotOfGxd584XexGVKI+JzEfFydv/PxkR2NY86epm+PcTWAQBXodmcjeZs7z4AcN2lWQ4sSQudXMBMpGmh0M7hvRDTaaVWb9xZre1srrRzZXMxla6uV8rznVzhXEwlq+uT5YWs3N2vlEvH9u9FxPMR8bPczWy/sFyrrIzyiw8AjLFnjs3//8m1538A4JrLPy7mRtkOAGB48qNuAAAwdOZ/ABg/5n8AGD/mfwAYP+Z/ABg/5n8AGCvff/vt1tY86Dz/euW93Z2N2nt3V8r1jUJ1Z7mwXNveKqzVamvZM3uq531epVbbWng1dt4vNsr1RrG+u3e/WtvZbNzPnut9vzw1lF4BAGd5/qUP/5JExP4bN7Mtep73f+5c/eJVtw64SumoGwCMzMSoGwCMzMnVvoBxIR8P4+v/zWYzetbujYiHh6Weh4H2/S9CHwwUJrVuKDx9bn/xCfL/wGea/D+Mr4vl/32Xh+tA/h/GV7OZWPMfAMaMHD+QnFPf+/v/fLNnZ7Df/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBamsm2JC101gKfiTQtFCKejYi5mEpW1yvl+Yh4LiL+nJvKtfYXIsK6QQDwWZb+Pems/3V79pWZ47U3cv/NZa8R8eNfvPPz95caje2FiBvJvw6PNz7oHC+Nov0AwHm683R3Hu/65NGD5e42zPZ8/J324qKtuAedrV0zGZPZaz7LNUz/O+nst7W+r0xcQvz9hxHxhdP6n2S5kbnOyqfH47diPzvU+OmR+GlW135t/Vt8/hLaAuPmw9b48+Zp918at7LX0+//fDZCPbnu+HdwYvxLD8e/iT7j361BY7z6h++eONicbdc9jPjSZMRB98N7xp9u/KRP/FcGjP/XF7/ycr+65i8jbsdp/U+OxCo2qlvF+u7e3fXq0lp5rbxZKi0uLM6/fu+1UjHLURe7meqT/vHGnef6xW/1f7pP/Pw5/f/6gP3/1f/e/eFXz4j/za+dfv1fOCN+a078xoDxl6Z/m+9X14q/0qf/513/OwPG/+hveysDngoADEF9d29jqVIpbz95IX/mOellhBigkETsX3GIx4Xcr3/61vkn54bWngsWol/VxNPSwmtTyD0dzRigMOqRCbhqj2/6UbcEAAAAAAAAAAAAAADoZxh/TjTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9fRoAAP//j4/W2A==")
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
renameat2(r1, 0x0, r0, 0x0, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc00000000000000", @ANYRES32, @ANYBLOB='\x00'/20], 0x48)

477.042166ms ago: executing program 0 (id=5486):
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/vmcoreinfo', 0xa0180, 0x0)
syz_io_uring_setup(0x279, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000000)=<r0=>0x0)
syz_io_uring_setup(0x60e6, &(0x7f0000000280), &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000180))
syz_io_uring_submit(r1, r0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x4, 0xc3a8, 0x1, 0x38880, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x10000000, 0x0, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000f6498b20a3e100000000", @ANYRES32=<r7=>r5, @ANYBLOB], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x8401)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0400000000000000fd00"/20, @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r10 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r11}, 0x10)
ioctl$USBDEVFS_ALLOW_SUSPEND(r8, 0x5522)
ioctl$USBDEVFS_BULK(r8, 0x5523, 0x0)
ioctl$USBDEVFS_FORBID_SUSPEND(r8, 0x5521)
bpf$MAP_CREATE(0x0, &(0x7f0000000cc0)=ANY=[@ANYBLOB="09020000000000000f000480001e680f46de6a6f00ce80a815f9caa3b9c3368c9ed3a274e521a4f66e7b16c711f430b8a0f43fc602dcac1aaa3135f386dbf48769aa37cb6015d6cb00c7f1f983b42a854978eba0224b3bd99545ce79b78ec71f0cfb5d0302bf50657c4970efc2742e08d892d9bd0721cfee077542af85d4e2b56f88b5e66e4dad70bb2849cbce18bd63b1e2ea53d316704e08a7183e54a6460073920068378b16e48bfd4e98b6930a60d7f4407b51c6ea073b98ef143f796c79863f4bc80671560d162ca4234c6636e16058ea77fba43e012fd9361bb4aa9a540323cb000000", @ANYRES32, @ANYBLOB="1000"/20, @ANYRES32=r10, @ANYRESDEC=r6, @ANYBLOB='\x00'/28], 0x50)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYRES8=r7, @ANYRESOCT=r3], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xfffffffffffffe01)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r12}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f00000001c0)=[{0x200000000006, 0x0, 0x2, 0x7ffc0802}]})
arch_prctl$ARCH_GET_XCOMP_SUPP(0x1021, &(0x7f00000005c0))
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
brk(0x20ffc004)
syncfs(r13)
unlink(&(0x7f0000000080)='./file0\x00')
shmget$private(0x0, 0x400000, 0x20, &(0x7f000000e000/0x400000)=nil)

476.887486ms ago: executing program 2 (id=5487):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="440000001000090600000000000000", @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64000000000c000280050001000600000008000a0079"], 0x44}}, 0x0)

476.411106ms ago: executing program 1 (id=5488):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x53d, &(0x7f0000000a80)="$eJzs3c9vHFcdAPDvjH82TesEeoAKSIBCQFF2400bVb20uYBQVQlRcUAcUmNvLJNdr/GuS20s4f4NIIHECf4EDkgckHriwI0jEgeEVA5IASxQjATSopkdO1t7TZbsepd6Px9pMvPmzcz3vWxm39u3m3kBTKyrEbEXEbMR8VZELBT7k2KJ1zpLdtzD/d3lg/3d5STa7Tf/muT52b7oOifzdHHN+Yj42pcjvpWcjNvc3rm/VKtVN4t0uVXfKDe3d26s1ZdWq6vV9Url9uLtmy/feqkytLpeqf/8wZfWXv/6r375yfd/u/fF72XFuljkdddjmDpVnzmKk5mOiNfPItgYTBXr2TGXgyeTRsRHIuIz+f2/EFP5v04A4DxrtxeivdCdBgDOuzQfA0vSUkSkadEJKHXG8J6LC2mt0Wxdv9fYWl/pjJVdipn03lqtevPy3O+/kx88k2TpxTwvz8/TlWPpWxFxOSJ+OPdUni4tN2or4+nyAMDEe7q7/Y+If8ylaanU16k9vtUDAD405sddAABg5LT/ADB5tP8AMHn6aP+LL/v3zrwsAMBo+PwPAJNH+w8Ak0f7DwAT5atvvJEt7YPi+dcrb29v3W+8fWOl2rxfqm8tl5Ybmxul1UZjNX9mT/1x16s1GhuLL8bWO+VWtdkqN7d37tYbW+utu/lzve9WZ0ZSKwDgv7l85b3fJRGx98pT+RJdczloq+F8S8ddAGBspgY5WQcBPtTM9gWTq68mPO8k/ObMywKMR8+Hec/33PygH/8PQfzOCP6vXPt4/+P/5niG88X4P0yuJxv/f3Xo5QBGz/g/TK52Ozk+5//sURYAcC4N8BO+9veH1QkBxupxk3kP5ft/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOGcuRsS3I0lL+VzgafZnWipFPBMRl2ImubdWq96MiGfjSkTMzGXpxXEXGgAYUPrnpJj/69rCCxeP584m/5zL1xHx3Z+8+aN3llqtzcVs/9+O9s8dTh9WeXTeAPMKAgBDlrfflWLd9UH+4f7u8uEyyvI8uBP/LqYiXj7Y382XTs50ZDsj5vO+xIW/JzFdnDMfEc9HxNQQ4u+9GxEf61X/JB8buVTMfNodP4rYz4w0fvqB+Gme11lnna+PDqEsMGneuxMRr/W6/9K4mq973//z+TvU4B7c6Vzs8L3voCv+dBFpqkf87J6/2m+MF3/9lRM72wudvHcjnp/uFT85ip+cEv+FPuP/4ROf+sGrp+S1fxpxLXrH745VbtU3ys3tnRtr9aXV6mp1vVK5vXj75su3XqqU8zHq8uFI9Ul/eeX6s6eVLav/hVPiz/es/+zRuZ/rs/4/+9db3/z0o+Tc8fhf+Gzv1/+5nvE7sjbx833GX7rwi1On787ir5xS/8e9/tf7jP/+n3ZW+jwUABiB5vbO/aVarbo50Eb2KXQY1zmxkRWxv4MPu4uDBf1jnEUtnnBj5qz+Vs98Y/qorzjcK38ju+KIq5MOvRYDbTwcVazxvScBo/Hoph93SQAAAAAAAAAAAAAAgNOM4r8ujbuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CQAA//+zi8zo")
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) (async)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000080), &(0x7f0000000180)=0xffffffffffffffe7) (async, rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_request_blocks\x00', r1, 0x0, 0x554}, 0x18) (async, rerun: 64)
lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=r0, @ANYBLOB="040000000000800008000000", @ANYRES32=r0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0) (async, rerun: 32)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000003fffffe218110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x48, 0x600}, [@IFLA_MTU={0x8, 0x4, 0x60}, @IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}]}, 0x3c}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r4, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={&(0x7f0000000ac0)='mm_page_free_batched\x00', r5}, 0x10) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, 0xffffffffffffffff, 0x0) (async)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
socketpair$unix(0x1, 0x2, 0x0, 0x0)

440.115569ms ago: executing program 2 (id=5489):
socket$kcm(0x10, 0x2, 0x4)
ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000280)={0x0, @generic={0x17, "62ffa66ae19b67b844b3e0908148"}, @nfc={0x27, 0x0, 0xfffffffe, 0x6}, @ax25={0x3, @default, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x2})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001880))
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000002200)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002600)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
unshare(0x42000000)

366.234886ms ago: executing program 1 (id=5490):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), r1)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x34, r3, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG={0x5, 0x7, 0x5}, @ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x34}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000100)={'ip_vti0\x00', &(0x7f00000000c0)={'syztnl0\x00', <r4=>0x0, 0x7, 0x8000, 0x9, 0x2, {{0x8, 0x4, 0x1, 0xd, 0x20, 0x66, 0x0, 0x10, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0xf}, {[@generic={0x94, 0xc, "2d47b263c927cd460173"}]}}}}})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000001c0)={'erspan0\x00', &(0x7f0000000140)={'syztnl1\x00', <r5=>0x0, 0x7, 0x8000, 0xfffffffd, 0x1, {{0xb, 0x4, 0x1, 0x29, 0x2c, 0x64, 0x0, 0x7f, 0x17, 0x0, @multicast2, @remote, {[@noop, @generic={0xf, 0x7, "03fa18b80c"}, @lsrr={0x83, 0xf, 0xe2, [@private=0xffff, @empty, @broadcast]}, @noop]}}}}})
sendmsg$ETHTOOL_MSG_WOL_SET(r1, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x48, r3, 0x20, 0x70bd2c, 0x25dfdbfb, {}, [@ETHTOOL_A_WOL_SOPASS={0x16, 0x3, "19ebdc89b3ee56ff1e913cd03065dbdda195"}, @ETHTOOL_A_WOL_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x40041)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000300)={'#! ', './bus', [{0x20, '\'{-'}]}, 0xd)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, 0xffffffffffffffff, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xfe, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
stat(&(0x7f00000013c0)='./file0\x00', 0x0)

356.993567ms ago: executing program 0 (id=5491):
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x24, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x20000000000002c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000002dc0)={0x0, 0x0, &(0x7f00000029c0)=[{&(0x7f00000016c0)}], 0x1}, 0x41)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x13, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="620ac4ff00000000711070000000000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/power/resume', 0x201, 0x184)
write$cgroup_int(r0, &(0x7f0000000040)=0x900, 0x12)

292.616293ms ago: executing program 2 (id=5492):
socket$kcm(0x10, 0x2, 0x4)
ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000280)={0x0, @generic={0x17, "62ffa66ae19b67b844b3e0908148"}, @nfc={0x27, 0x0, 0xfffffffe, 0x6}, @ax25={0x3, @default, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x2})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001880))
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000002200)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002600)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
unshare(0x42000000) (fail_nth: 2)

292.237083ms ago: executing program 1 (id=5493):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000180)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[], [{@rootcontext={'rootcontext', 0x3d, 'staff_u'}}], 0x6b}})

62.734194ms ago: executing program 1 (id=5494):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x840000000002, 0x3, 0xff)
openat$tun(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r1, &(0x7f0000000440)=[{{&(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a9050000000074640000000000003552bde5c064c6", 0x15}, {&(0x7f0000000340)="174640b6d80fb2eedc81ba60ccbb9d", 0xf}], 0x2}}, {{&(0x7f00000004c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000280)}], 0x1}}], 0x2, 0x4000040)

4.71568ms ago: executing program 0 (id=5495):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000008bd60000000000000000181100002d167a8af27107a4b1aae531b8bc9542263a2b3726a4d4260354dc1c6c45ad82714071e8b1bd0f10957b9e4d59c46e10c1e2e9d4f970915b5cb4368d33148203be9a5ad06cca8cd8fc6812cffeb903ee6e74", @ANYRESOCT=r0, @ANYBLOB="0000000000000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000000200000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r3=>0x0}) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x12, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4000000010003b1500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002000128008000100687372001400028008000100", @ANYRES32=r3, @ANYBLOB="08000200", @ANYRES32=r5, @ANYBLOB="aecee3f739e2f81eb76cb9f3257feb66bbf2b8360df4116449dcc96aedc768503f15d123d596b93ec100ec9924a446accaf8953b7c0daaa371a463d8c5ed9db03b007022d8901b82739eecc244bad5a0f946e823578a55a22f7351f2fe660b4589ca40b65b6b8aeb995738f54bbe5c7ad6836c2097e52f24c1ee2a76e760cae994e000fb9948acaf4f968e7a03659be3847754f94c168c27ef61d83dd4fad248f99b0f6c526d83f96cbed9"], 0x40}, 0x1, 0x0, 0x0, 0x4008040}, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6}, 0x10)
r7 = epoll_create1(0x0) (async)
r8 = socket$unix(0x1, 0x5, 0x0)
setsockopt$sock_int(r8, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4) (async)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r8, &(0x7f0000000100)={0xa0028000}) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r5, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, @void, @value}, 0x94) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r9 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0) (async)
r10 = socket$netlink(0x10, 0x3, 0x0)
r11 = socket$inet_udp(0x2, 0x2, 0x0)
r12 = dup3(r10, r11, 0x0) (async)
r13 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000040)={'gre0\x00', <r14=>0x0})
sendmsg$nl_route(r12, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000080)=ANY=[@ANYBLOB="200000001000010400"/20, @ANYRES32=r14, @ANYBLOB="e000000000000200"], 0x20}}, 0x4) (async)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r9, 0xc0189377, &(0x7f0000000300)={{0x1, 0x1, 0x18, <r15=>r0, {0x4, 0x6}}, './file0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@bloom_filter={0x1e, 0xfa, 0xfff, 0x7fffffff, 0x11800, r9, 0x7fff, '\x00', r14, r9, 0x3, 0x3, 0x2, 0x6, @void, @value, @value=r15}, 0x50)
fcntl$lock(r9, 0x24, &(0x7f0000000140)={0x300, 0x1, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff}) (async)
ioctl$PPPIOCSACTIVE(r9, 0x40107446, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{0x0, 0x3, 0x6, 0x6}, {0x1, 0x70, 0xf, 0x4}, {0x6, 0x5, 0xa, 0x1}, {0x4, 0x6, 0x1, 0x3}, {0x26f2, 0x7f, 0x0, 0xffff}, {0x8, 0xb, 0x9, 0x168}, {0x80, 0x6, 0x4, 0x4}]})
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)

0s ago: executing program 1 (id=5496):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003ec0)={{0x14, 0x10, 0xc00e}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x4000000, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xc0}}, 0x0)

kernel console output (not intermixed with test programs):

826def9 code=0x7ffc0000
[  401.117994][ T3343] hid-generic 0000:0000:FFFFFFFF.0003: unknown main item tag 0x0
[  401.131765][T18648] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4929'.
[  401.149300][ T3343] hid-generic 0000:0000:FFFFFFFF.0003: unknown main item tag 0x0
[  401.182391][T18659] FAULT_INJECTION: forcing a failure.
[  401.182391][T18659] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  401.196499][ T3343] hid-generic 0000:0000:FFFFFFFF.0003: unknown main item tag 0x0
[  401.204216][T18659] CPU: 1 UID: 0 PID: 18659 Comm: syz.4.4934 Not tainted 6.11.0-syzkaller-09015-g18ba6034468e #0
[  401.204247][T18659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  401.204261][T18659] Call Trace:
[  401.204274][T18659]  <TASK>
[  401.204284][T18659]  dump_stack_lvl+0xf2/0x150
[  401.213326][ T3343] hid-generic 0000:0000:FFFFFFFF.0003: unknown main item tag 0x0
[  401.220998][T18659]  dump_stack+0x15/0x20
[  401.234061][ T3343] hid-generic 0000:0000:FFFFFFFF.0003: unknown main item tag 0x0
[  401.241710][T18659]  should_fail_ex+0x223/0x230
[  401.252160][ T3343] hid-generic 0000:0000:FFFFFFFF.0003: unknown main item tag 0x0
[  401.262157][T18659]  should_fail+0xb/0x10
[  401.269296][ T3343] hid-generic 0000:0000:FFFFFFFF.0003: hidraw0: <UNKNOWN> HID v0.01 Device [syz0] on syz0
[  401.272950][T18659]  should_fail_usercopy+0x1a/0x20
[  401.324745][T18659]  strncpy_from_user+0x25/0x200
[  401.329685][T18659]  ? kmem_cache_alloc_noprof+0x10c/0x290
[  401.335328][T18659]  getname_flags+0xb0/0x3b0
[  401.339879][T18659]  user_path_at+0x26/0x110
[  401.344404][T18659]  do_faccessat+0x396/0x640
[  401.348978][T18659]  __x64_sys_faccessat+0x43/0x50
[  401.354039][T18659]  x64_sys_call+0x1986/0x2d60
[  401.358761][T18659]  do_syscall_64+0xc9/0x1c0
[  401.363272][T18659]  ? clear_bhb_loop+0x55/0xb0
[  401.368011][T18659]  ? clear_bhb_loop+0x55/0xb0
[  401.372771][T18659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.378747][T18659] RIP: 0033:0x7f77d614def9
[  401.383198][T18659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.403009][T18659] RSP: 002b:00007f77d4dc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000010d
[  401.411430][T18659] RAX: ffffffffffffffda RBX: 00007f77d6305f80 RCX: 00007f77d614def9
[  401.419407][T18659] RDX: 0000000000000005 RSI: 0000000020000000 RDI: 0000000000000006
[  401.427439][T18659] RBP: 00007f77d4dc7090 R08: 0000000000000000 R09: 0000000000000000
[  401.435677][T18659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  401.443651][T18659] R13: 0000000000000000 R14: 00007f77d6305f80 R15: 00007fff88e18b58
[  401.451661][T18659]  </TASK>
[  401.456503][T18445] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  401.469995][T14963] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  401.485821][T13968] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  401.625383][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.633316][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.641136][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.649009][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.656811][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.664915][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.673025][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.681057][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.688924][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.696706][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.704508][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.712568][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.720454][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.728398][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.736341][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.744226][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.752077][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.760372][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.768300][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.776124][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.783915][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.791705][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.799460][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.807313][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.815073][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.822922][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.830678][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.838488][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.846314][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.854083][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.862010][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.869736][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: unknown main item tag 0x0
[  401.879032][ T3343] hid-generic 0000:0000:FFFFFFFF.0004: hidraw0: <UNKNOWN> HID v0.01 Device [syz0] on syz0
[  402.009282][T18734] loop2: detected capacity change from 0 to 512
[  402.021593][T18738] syz.3.4967[18738] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  402.021672][T18738] syz.3.4967[18738] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  402.034666][T18738] syz.3.4967[18738] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  402.036025][T18734] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  402.079820][T18734] ext4 filesystem being mounted at /17/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  402.107868][T18742] loop1: detected capacity change from 0 to 512
[  402.118120][T18734] EXT4-fs error (device loop2): ext4_acquire_dquot:6879: comm syz.2.4966: Failed to acquire dquot type 0
[  402.196851][T18375] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  402.208941][T18746] syz.4.4970: attempt to access beyond end of device
[  402.208941][T18746] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  402.222307][T18742] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  402.235788][T18742] ext4 filesystem being mounted at /277/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  402.262352][T18750] loop3: detected capacity change from 0 to 2048
[  402.295918][T18750] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  402.316550][T14963] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  402.379529][T18757] 
@ÿ: renamed from veth0_vlan (while UP)
[  402.386237][T18750] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4969: bg 0: block 274: padding at end of block bitmap is not set
[  402.411206][T18750] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 117
[  402.423866][T18750] EXT4-fs (loop3): This should not happen!! Data will be lost
[  402.423866][T18750] 
[  402.450164][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.458023][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.465845][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.473671][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.481723][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.489486][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.497343][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.505131][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.512936][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.520834][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.528779][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.536565][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.544330][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.552220][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.560068][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.568054][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.575945][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.584007][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.591831][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.599649][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.607601][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.615424][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.623267][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.631258][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.639060][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.646879][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.654802][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.662602][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.670360][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.673487][T18773] loop4: detected capacity change from 0 to 512
[  402.678390][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.692224][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.700071][  T992] hid-generic 0000:0000:FFFFFFFF.0005: unknown main item tag 0x0
[  402.712519][  T992] hid-generic 0000:0000:FFFFFFFF.0005: hidraw0: <UNKNOWN> HID v0.01 Device [syz0] on syz0
[  402.747134][T18773] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  402.761587][T18773] ext4 filesystem being mounted at /360/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  402.795993][T18773] EXT4-fs error (device loop4): ext4_acquire_dquot:6879: comm syz.4.4981: Failed to acquire dquot type 0
[  402.874171][T18787] loop0: detected capacity change from 0 to 512
[  402.894175][T18787] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  402.904079][T18788] loop1: detected capacity change from 0 to 2048
[  402.908271][T13968] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  402.913884][T18787] ext4 filesystem being mounted at /170/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  402.950194][T16223] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  402.978146][T18788] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  403.009621][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.017523][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.025305][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.033273][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.041212][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.049105][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.056903][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.064700][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.072495][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.080497][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.088369][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.096159][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.103943][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.111747][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.119674][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.127436][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.135251][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.143027][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.150775][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.158571][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.166401][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.171663][T18808] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  403.174165][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.190212][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.197996][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.205772][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.213582][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.221334][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.229177][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.236945][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.244757][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.252585][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.260380][  T992] hid-generic 0000:0000:FFFFFFFF.0006: unknown main item tag 0x0
[  403.270562][  T992] hid-generic 0000:0000:FFFFFFFF.0006: hidraw0: <UNKNOWN> HID v0.01 Device [syz0] on syz0
[  403.270736][T18750] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  403.320781][T18811] 
@ÿ: renamed from veth0_vlan (while UP)
[  403.348088][T18813] loop2: detected capacity change from 0 to 1024
[  403.376951][T18813] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  403.386458][T18819] FAULT_INJECTION: forcing a failure.
[  403.386458][T18819] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  403.388096][T18813] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[  403.400982][T18819] CPU: 1 UID: 0 PID: 18819 Comm: syz.4.4998 Not tainted 6.11.0-syzkaller-09015-g18ba6034468e #0
[  403.421006][T18819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  403.431172][T18819] Call Trace:
[  403.431507][T18813] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  403.434454][T18819]  <TASK>
[  403.444775][T18813] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  403.447445][T18819]  dump_stack_lvl+0xf2/0x150
[  403.456328][T18813] EXT4-fs (loop2): filesystem has both journal inode and journal device!
[  403.460694][T18819]  dump_stack+0x15/0x20
[  403.473341][T18819]  should_fail_ex+0x223/0x230
[  403.478118][T18819]  should_fail+0xb/0x10
[  403.482403][T18819]  should_fail_usercopy+0x1a/0x20
[  403.487517][T18819]  strncpy_from_user+0x25/0x200
[  403.492382][T18819]  ? kmem_cache_alloc_noprof+0x10c/0x290
[  403.498253][T18819]  getname_flags+0xb0/0x3b0
[  403.502834][T18819]  user_path_at+0x26/0x110
[  403.507269][T18819]  __se_sys_move_mount+0x13c/0x730
[  403.512447][T18819]  ? fput+0x14e/0x190
[  403.516495][T18819]  __x64_sys_move_mount+0x67/0x80
[  403.521622][T18819]  x64_sys_call+0x1b80/0x2d60
[  403.526331][T18819]  do_syscall_64+0xc9/0x1c0
[  403.530953][T18819]  ? clear_bhb_loop+0x55/0xb0
[  403.535680][T18819]  ? clear_bhb_loop+0x55/0xb0
[  403.540545][T18819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.546554][T18819] RIP: 0033:0x7f77d614def9
[  403.550974][T18819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  403.570720][T18819] RSP: 002b:00007f77d4dc7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ad
[  403.579144][T18819] RAX: ffffffffffffffda RBX: 00007f77d6305f80 RCX: 00007f77d614def9
[  403.587213][T18819] RDX: ffffffffffffff9c RSI: 0000000020000040 RDI: 0000000000000004
[  403.595197][T18819] RBP: 00007f77d4dc7090 R08: 0000000000000000 R09: 0000000000000000
[  403.603206][T18819] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[  403.611230][T18819] R13: 0000000000000000 R14: 00007f77d6305f80 R15: 00007fff88e18b58
[  403.619230][T18819]  </TASK>
[  403.640032][T14963] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  403.675540][T18825] +}[@[18825] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  403.675610][T18825] +}[@[18825] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  403.685955][T18829] loop2: detected capacity change from 0 to 1024
[  403.687848][T18825] +}[@[18825] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  403.698675][T18829] EXT4-fs: Ignoring removed nobh option
[  403.730413][T18825] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  403.741546][ T3316] hid-generic 0001:0000:0000.0007: item fetching failed at offset 6/56
[  403.750034][ T3316] hid-generic 0001:0000:0000.0007: probe with driver hid-generic failed with error -22
[  403.762864][T18829] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  403.802494][T18375] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  403.834902][T18835] loop4: detected capacity change from 0 to 1024
[  403.844891][T18837] loop0: detected capacity change from 0 to 164
[  403.852806][T18835] EXT4-fs: Ignoring removed nobh option
[  403.872259][T18837] Unable to read rock-ridge attributes
[  403.880274][T18840] +}[@[18840] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  403.880344][T18840] +}[@[18840] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  403.884470][T18837] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3601 sclass=netlink_route_socket pid=18837 comm=syz.0.5006
[  403.912984][T18840] +}[@[18840] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  403.919658][T18835] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  403.925234][T18840] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  403.932982][T18837] Unable to read rock-ridge attributes
[  403.956112][T18843] loop1: detected capacity change from 0 to 512
[  403.965468][  T992] hid-generic 0000:0000:FFFFFFFF.0008: unknown main item tag 0x0
[  403.973384][  T992] hid-generic 0000:0000:FFFFFFFF.0008: unknown main item tag 0x0
[  403.981260][  T992] hid-generic 0000:0000:FFFFFFFF.0008: unknown main item tag 0x0
[  403.989113][  T992] hid-generic 0000:0000:FFFFFFFF.0008: unknown main item tag 0x0
[  403.996890][  T992] hid-generic 0000:0000:FFFFFFFF.0008: unknown main item tag 0x0
[  404.001750][T18835] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  404.004753][  T992] hid-generic 0000:0000:FFFFFFFF.0008: unknown main item tag 0x0
[  404.021131][  T992] hid-generic 0000:0000:FFFFFFFF.0008: unknown main item tag 0x0
[  404.028942][  T992] hid-generic 0000:0000:FFFFFFFF.0008: unknown main item tag 0x0
[  404.036964][  T992] hid-generic 0000:0000:FFFFFFFF.0008: unknown main item tag 0x0
[  404.044787][  T992] hid-generic 0000:0000:FFFFFFFF.0008: unknown main item tag 0x0
[  404.052760][  T992] hid-generic 0000:0000:FFFFFFFF.0008: unknown main item tag 0x0
[  404.060586][T18835] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  404.060883][  T992] hid-generic 0000:0000:FFFFFFFF.0008: hidraw0: <UNKNOWN> HID v0.01 Device [syz0] on syz0
[  404.080673][T18843] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.5000: attempt to clear invalid blocks 2 len 1
[  404.095289][T18843] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  404.127348][T18843] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.5000: invalid indirect mapped block 1819239214 (level 0)
[  404.152586][T18850] loop0: detected capacity change from 0 to 164
[  404.170128][T18850] Unable to read rock-ridge attributes
[  404.176002][T18843] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.5000: invalid indirect mapped block 1819239214 (level 1)
[  404.213986][T18850] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3601 sclass=netlink_route_socket pid=18850 comm=syz.0.5009
[  404.227596][T18843] EXT4-fs (loop1): 1 truncate cleaned up
[  404.233862][T18843] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  404.247192][T18850] Unable to read rock-ridge attributes
[  404.268904][T18843] EXT4-fs warning (device loop1): dx_probe:833: inode #2: comm syz.1.5000: Unrecognised inode hash code 20
[  404.280475][T18843] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.5000: Corrupt directory, running e2fsck is recommended
[  404.295394][T18843] EXT4-fs warning (device loop1): dx_probe:833: inode #2: comm syz.1.5000: Unrecognised inode hash code 20
[  404.307024][T18843] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.5000: Corrupt directory, running e2fsck is recommended
[  404.335008][T18858] loop2: detected capacity change from 0 to 2048
[  404.341624][T18860] FAULT_INJECTION: forcing a failure.
[  404.341624][T18860] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  404.348263][T18843] EXT4-fs error (device loop1): ext4_find_dest_de:2069: inode #2: block 13: comm syz.1.5000: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[  404.354697][T18860] CPU: 0 UID: 0 PID: 18860 Comm: syz.0.5012 Not tainted 6.11.0-syzkaller-09015-g18ba6034468e #0
[  404.354728][T18860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  404.394592][T18860] Call Trace:
[  404.397892][T18860]  <TASK>
[  404.400840][T18860]  dump_stack_lvl+0xf2/0x150
[  404.405456][T18860]  dump_stack+0x15/0x20
[  404.409630][T18860]  should_fail_ex+0x223/0x230
[  404.414382][T18860]  should_fail+0xb/0x10
[  404.418625][T18860]  should_fail_usercopy+0x1a/0x20
[  404.423772][T18860]  strncpy_from_user+0x25/0x200
[  404.428716][T18860]  ? __fget_files+0x1d4/0x210
[  404.433432][T18860]  __se_sys_add_key+0x81/0x320
[  404.438275][T18860]  ? fput+0x14e/0x190
[  404.442295][T18860]  __x64_sys_add_key+0x67/0x80
[  404.447071][T18860]  x64_sys_call+0x157d/0x2d60
[  404.451841][T18860]  do_syscall_64+0xc9/0x1c0
[  404.456404][T18860]  ? clear_bhb_loop+0x55/0xb0
[  404.461092][T18860]  ? clear_bhb_loop+0x55/0xb0
[  404.465809][T18860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.471756][T18860] RIP: 0033:0x7fb3f826def9
[  404.476191][T18860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  404.495881][T18860] RSP: 002b:00007fb3f6ee1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  404.504428][T18860] RAX: ffffffffffffffda RBX: 00007fb3f8425f80 RCX: 00007fb3f826def9
[  404.512526][T18860] RDX: 0000000020000140 RSI: 0000000000000000 RDI: 0000000020000100
[  404.520624][T18860] RBP: 00007fb3f6ee1090 R08: 0000000021c6b2bf R09: 0000000000000000
[  404.528647][T18860] R10: 00000000000fffff R11: 0000000000000246 R12: 0000000000000001
[  404.536625][T18860] R13: 0000000000000000 R14: 00007fb3f8425f80 R15: 00007fff0f366e88
[  404.544609][T18860]  </TASK>
[  404.552590][T18861] EXT4-fs error (device loop1): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.1.5000: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[  404.626138][T18863] pim6reg1: entered promiscuous mode
[  404.631657][T18863] pim6reg1: entered allmulticast mode
[  404.657262][T18858] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  405.046338][T18878] 
@ÿ: renamed from veth0_vlan (while UP)
[  405.076191][   T36] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  405.088213][T13968] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  405.262325][   T36] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  405.352619][   T36] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  405.382404][T14963] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  405.434341][   T36] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  405.467090][T18882] lo speed is unknown, defaulting to 1000
[  405.537620][   T36] bridge_slave_1: left allmulticast mode
[  405.543370][   T36] bridge_slave_1: left promiscuous mode
[  405.549072][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  405.562016][   T36] bridge_slave_0: left promiscuous mode
[  405.567978][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  405.684411][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  405.695317][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  405.705841][   T36] bond0 (unregistering): Released all slaves
[  405.714167][T18912] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5030'.
[  405.723174][T18912] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  405.730567][T18912] batman_adv: batadv0: Removing interface: batadv_slave_0
[  405.738432][T18912] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  405.745873][T18912] batman_adv: batadv0: Removing interface: batadv_slave_1
[  405.763254][T18882] chnl_net:caif_netlink_parms(): no params data found
[  405.787864][   T36] hsr_slave_0: left promiscuous mode
[  405.795406][   T36] hsr_slave_1: left promiscuous mode
[  405.805404][   T36] bridge_slave_0: left allmulticast mode
[  405.811114][   T36] veth1_macvtap: left promiscuous mode
[  405.816623][   T36] veth0_macvtap: left promiscuous mode
[  405.822589][   T36] veth1_vlan: left promiscuous mode
[  405.827939][   T36] 
@ÿ: left promiscuous mode
[  405.884723][ T3339] infiniband syz0: ib_query_port failed (-19)
[  405.891359][   T36] pimreg (unregistering): left allmulticast mode
[  405.942679][   T36] team0 (unregistering): Port device team_slave_1 removed
[  405.954969][   T36] team0 (unregistering): Port device team_slave_0 removed
[  406.035907][T18882] bridge0: port 1(bridge_slave_0) entered blocking state
[  406.043328][T18882] bridge0: port 1(bridge_slave_0) entered disabled state
[  406.050668][T18882] bridge_slave_0: entered allmulticast mode
[  406.057268][T18882] bridge_slave_0: entered promiscuous mode
[  406.064390][T18882] bridge0: port 2(bridge_slave_1) entered blocking state
[  406.071474][T18882] bridge0: port 2(bridge_slave_1) entered disabled state
[  406.078640][T18882] bridge_slave_1: entered allmulticast mode
[  406.085591][T18882] bridge_slave_1: entered promiscuous mode
[  406.103728][T18882] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  406.114555][T18882] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  406.134409][T18882] team0: Port device team_slave_0 added
[  406.140944][T18882] team0: Port device team_slave_1 added
[  406.156649][T18882] batman_adv: batadv0: Adding interface: batadv_slave_0
[  406.163692][T18882] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  406.189674][T18882] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  406.201136][T18882] batman_adv: batadv0: Adding interface: batadv_slave_1
[  406.208081][T18882] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  406.234014][T18882] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  406.260664][T18882] hsr_slave_0: entered promiscuous mode
[  406.266939][T18882] hsr_slave_1: entered promiscuous mode
[  406.272873][T18882] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  406.280460][T18882] Cannot create hsr debugfs directory
[  406.319654][   T29] kauditd_printk_skb: 1171 callbacks suppressed
[  406.319674][   T29] audit: type=1326 audit(1727153370.387:30102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18926 comm="syz.1.5035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  406.349663][   T29] audit: type=1326 audit(1727153370.387:30103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18926 comm="syz.1.5035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  406.374375][   T29] audit: type=1326 audit(1727153370.387:30104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18926 comm="syz.1.5035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  406.398045][   T29] audit: type=1326 audit(1727153370.387:30105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18926 comm="syz.1.5035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  406.421746][   T29] audit: type=1326 audit(1727153370.387:30106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18926 comm="syz.1.5035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  406.445388][   T29] audit: type=1326 audit(1727153370.407:30107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18926 comm="syz.1.5035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  406.468973][   T29] audit: type=1326 audit(1727153370.407:30108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18926 comm="syz.1.5035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  406.492640][   T29] audit: type=1326 audit(1727153370.407:30109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18926 comm="syz.1.5035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  406.516635][   T29] audit: type=1326 audit(1727153370.407:30110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18926 comm="syz.1.5035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  406.540323][   T29] audit: type=1326 audit(1727153370.407:30111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18926 comm="syz.1.5035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  406.706264][T18936] loop2: detected capacity change from 0 to 2048
[  406.736152][T18942] loop1: detected capacity change from 0 to 512
[  406.752501][T18882] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  406.766573][T18942] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.5035: attempt to clear invalid blocks 2 len 1
[  406.792101][T18942] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  406.817787][T18882] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  406.823840][T18948] loop0: detected capacity change from 0 to 512
[  406.825367][T18942] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.5035: invalid indirect mapped block 1819239214 (level 0)
[  406.849327][T18942] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.5035: invalid indirect mapped block 1819239214 (level 1)
[  406.866946][T18948] ext4 filesystem being mounted at /183/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  406.878066][T18942] EXT4-fs (loop1): 1 truncate cleaned up
[  406.886541][T18948] EXT4-fs error (device loop0): ext4_acquire_dquot:6879: comm syz.0.5040: Failed to acquire dquot type 0
[  406.904135][T18882] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  406.924075][T18882] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  406.960343][T18942] EXT4-fs warning (device loop1): dx_probe:833: inode #2: comm syz.1.5035: Unrecognised inode hash code 20
[  406.972008][T18942] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.5035: Corrupt directory, running e2fsck is recommended
[  407.021200][T18942] EXT4-fs warning (device loop1): dx_probe:833: inode #2: comm syz.1.5035: Unrecognised inode hash code 20
[  407.032843][T18942] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.5035: Corrupt directory, running e2fsck is recommended
[  407.039489][T18882] 8021q: adding VLAN 0 to HW filter on device bond0
[  407.071491][T18882] 8021q: adding VLAN 0 to HW filter on device team0
[  407.092032][T16496] bridge0: port 1(bridge_slave_0) entered blocking state
[  407.099233][T16496] bridge0: port 1(bridge_slave_0) entered forwarding state
[  407.123843][T18942] EXT4-fs error (device loop1): ext4_find_dest_de:2069: inode #2: block 13: comm syz.1.5035: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[  407.148788][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[  407.155889][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[  407.194195][T18961] loop0: detected capacity change from 0 to 164
[  407.221609][T18959] EXT4-fs error (device loop1): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.1.5035: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[  407.291282][T18961] Unable to read rock-ridge attributes
[  407.302653][T18882] 8021q: adding VLAN 0 to HW filter on device batadv0
[  407.312100][T18961] Unable to read rock-ridge attributes
[  407.384280][T18972] loop3: detected capacity change from 0 to 512
[  407.420115][T18973] loop0: detected capacity change from 0 to 164
[  407.439111][T18972] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  407.463359][T18973] Unable to read rock-ridge attributes
[  407.492705][T18954] EXT4-fs error (device loop3): ext4_readdir:261: inode #2: block 3: comm +}[@: path /27/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  407.515510][T18973] Unable to read rock-ridge attributes
[  407.561787][T18983] FAULT_INJECTION: forcing a failure.
[  407.561787][T18983] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  407.575078][T18983] CPU: 1 UID: 0 PID: 18983 Comm: syz.0.5047 Not tainted 6.11.0-syzkaller-09015-g18ba6034468e #0
[  407.585508][T18983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  407.595584][T18983] Call Trace:
[  407.598875][T18983]  <TASK>
[  407.601825][T18983]  dump_stack_lvl+0xf2/0x150
[  407.606561][T18983]  dump_stack+0x15/0x20
[  407.610765][T18983]  should_fail_ex+0x223/0x230
[  407.615596][T18983]  should_fail+0xb/0x10
[  407.619794][T18983]  should_fail_usercopy+0x1a/0x20
[  407.621729][T18954] EXT4-fs (loop3): Remounting filesystem read-only
[  407.624848][T18983]  strncpy_from_user+0x25/0x200
[  407.636220][T18983]  ? __fget_files+0x1d4/0x210
[  407.640973][T18983]  __se_sys_add_key+0x81/0x320
[  407.645758][T18983]  ? fput+0x14e/0x190
[  407.649774][T18983]  __x64_sys_add_key+0x67/0x80
[  407.654688][T18983]  x64_sys_call+0x157d/0x2d60
[  407.659454][T18983]  do_syscall_64+0xc9/0x1c0
[  407.664011][T18983]  ? clear_bhb_loop+0x55/0xb0
[  407.668727][T18983]  ? clear_bhb_loop+0x55/0xb0
[  407.673435][T18983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.679400][T18983] RIP: 0033:0x7fb3f826def9
[  407.683840][T18983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  407.703915][T18983] RSP: 002b:00007fb3f6ee1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  407.712457][T18983] RAX: ffffffffffffffda RBX: 00007fb3f8425f80 RCX: 00007fb3f826def9
[  407.720437][T18983] RDX: 0000000020000140 RSI: 0000000000000000 RDI: 0000000020000100
[  407.728514][T18983] RBP: 00007fb3f6ee1090 R08: 000000002eaf0832 R09: 0000000000000000
[  407.736496][T18983] R10: 00000000000fffff R11: 0000000000000246 R12: 0000000000000001
[  407.744471][T18983] R13: 0000000000000000 R14: 00007fb3f8425f80 R15: 00007fff0f366e88
[  407.752466][T18983]  </TASK>
[  407.833606][T18882] veth0_vlan: entered promiscuous mode
[  407.852060][T18882] veth1_vlan: entered promiscuous mode
[  407.858296][T18987] syz.0.5048: attempt to access beyond end of device
[  407.858296][T18987] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  407.898493][T18882] veth0_macvtap: entered promiscuous mode
[  407.908551][T18882] veth1_macvtap: entered promiscuous mode
[  407.929240][T18882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  407.939887][T18882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  407.981731][T18882] batman_adv: batadv0: Interface activated: batadv_slave_0
[  408.003363][T18882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  408.013931][T18882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  408.035823][T18882] batman_adv: batadv0: Interface activated: batadv_slave_1
[  408.052247][T18882] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  408.061130][T18882] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  408.070126][T18882] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  408.078874][T18882] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  408.453522][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  408.482322][T19011] loop2: detected capacity change from 0 to 512
[  408.493312][T19011] ext4 filesystem being mounted at /42/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  408.701915][T19016] infiniband Syz1: RDMA CMA: cma_listen_on_dev, error -98
[  408.969494][T19031] +}[@[19031] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  408.969655][T19031] +}[@[19031] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  408.982857][T19031] +}[@[19031] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  409.025444][T19033] loop1: detected capacity change from 0 to 2048
[  409.049069][T19035] loop2: detected capacity change from 0 to 512
[  409.062626][T19035] ext4 filesystem being mounted at /46/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  409.094073][T19025] EXT4-fs error (device loop2): ext4_readdir:261: inode #2: block 3: comm +}[@: path /46/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  409.114605][T19025] EXT4-fs (loop2): Remounting filesystem read-only
[  409.180642][T19047] loop1: detected capacity change from 0 to 512
[  409.196855][T19047] ext4 filesystem being mounted at /287/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  409.284949][T19054] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5071'.
[  409.293983][T19054] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  409.301703][T19054] batman_adv: batadv0: Removing interface: batadv_slave_0
[  409.330427][T19054] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  409.337961][T19054] batman_adv: batadv0: Removing interface: batadv_slave_1
[  409.367957][T19056] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5072'.
[  409.376906][T19056] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5072'.
[  409.398694][T19056] bond1: entered promiscuous mode
[  409.403816][T19056] bond1: entered allmulticast mode
[  409.409323][T19056] 8021q: adding VLAN 0 to HW filter on device bond1
[  409.560104][T19069] loop1: detected capacity change from 0 to 512
[  409.577571][T19069] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.5074: attempt to clear invalid blocks 2 len 1
[  409.605944][T19069] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  409.636696][T19069] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.5074: invalid indirect mapped block 1819239214 (level 0)
[  409.683244][T19069] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.5074: invalid indirect mapped block 1819239214 (level 1)
[  409.715594][T19069] EXT4-fs (loop1): 1 truncate cleaned up
[  409.735097][T19069] EXT4-fs warning (device loop1): dx_probe:833: inode #2: comm syz.1.5074: Unrecognised inode hash code 20
[  409.746642][T19069] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.5074: Corrupt directory, running e2fsck is recommended
[  409.801446][T19069] EXT4-fs warning (device loop1): dx_probe:833: inode #2: comm syz.1.5074: Unrecognised inode hash code 20
[  409.813003][T19069] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.5074: Corrupt directory, running e2fsck is recommended
[  409.841975][T19069] EXT4-fs error (device loop1): ext4_find_dest_de:2069: inode #2: block 13: comm syz.1.5074: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[  409.926756][T19071] EXT4-fs error (device loop1): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.1.5074: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[  410.182475][T19088] loop2: detected capacity change from 0 to 164
[  410.190052][T19088] Unable to read rock-ridge attributes
[  410.205384][T19088] Unable to read rock-ridge attributes
[  410.338064][T19096] loop2: detected capacity change from 0 to 512
[  410.377370][T19096] ext4 filesystem being mounted at /54/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  410.455394][T19111] FAULT_INJECTION: forcing a failure.
[  410.455394][T19111] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  410.468562][T19111] CPU: 0 UID: 0 PID: 19111 Comm: syz.0.5092 Not tainted 6.11.0-syzkaller-09015-g18ba6034468e #0
[  410.478998][T19111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  410.489145][T19111] Call Trace:
[  410.492436][T19111]  <TASK>
[  410.495384][T19111]  dump_stack_lvl+0xf2/0x150
[  410.500010][T19111]  dump_stack+0x15/0x20
[  410.504221][T19111]  should_fail_ex+0x223/0x230
[  410.508966][T19111]  should_fail+0xb/0x10
[  410.513150][T19111]  should_fail_usercopy+0x1a/0x20
[  410.518271][T19111]  _copy_to_user+0x1e/0xa0
[  410.522788][T19111]  simple_read_from_buffer+0xa0/0x110
[  410.528197][T19111]  proc_fail_nth_read+0xf9/0x140
[  410.533159][T19111]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  410.538853][T19111]  vfs_read+0x195/0x720
[  410.543032][T19111]  ? __rcu_read_unlock+0x4e/0x70
[  410.547999][T19111]  ? __fget_files+0x1d4/0x210
[  410.552786][T19111]  ksys_read+0xeb/0x1b0
[  410.556986][T19111]  __x64_sys_read+0x42/0x50
[  410.561623][T19111]  x64_sys_call+0x27d3/0x2d60
[  410.566331][T19111]  do_syscall_64+0xc9/0x1c0
[  410.570969][T19111]  ? clear_bhb_loop+0x55/0xb0
[  410.575672][T19111]  ? clear_bhb_loop+0x55/0xb0
[  410.580442][T19111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.586380][T19111] RIP: 0033:0x7fb3f826c93c
[  410.590804][T19111] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  410.610587][T19111] RSP: 002b:00007fb3f6ee1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  410.619054][T19111] RAX: ffffffffffffffda RBX: 00007fb3f8425f80 RCX: 00007fb3f826c93c
[  410.627079][T19111] RDX: 000000000000000f RSI: 00007fb3f6ee10a0 RDI: 0000000000000003
[  410.635153][T19111] RBP: 00007fb3f6ee1090 R08: 0000000000000000 R09: 0000000000000000
[  410.643144][T19111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  410.651188][T19111] R13: 0000000000000001 R14: 00007fb3f8425f80 R15: 00007fff0f366e88
[  410.659265][T19111]  </TASK>
[  410.679468][T19115] syz.2.5093[19115] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  410.679562][T19115] syz.2.5093[19115] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  410.691565][T19115] syz.2.5093[19115] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  410.775573][T19127] loop2: detected capacity change from 0 to 512
[  410.794662][T19130] loop3: detected capacity change from 0 to 128
[  410.807006][T19130] FAULT_INJECTION: forcing a failure.
[  410.807006][T19130] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  410.820360][T19130] CPU: 0 UID: 0 PID: 19130 Comm: syz.3.5102 Not tainted 6.11.0-syzkaller-09015-g18ba6034468e #0
[  410.830864][T19130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  410.840992][T19130] Call Trace:
[  410.844364][T19130]  <TASK>
[  410.847325][T19130]  dump_stack_lvl+0xf2/0x150
[  410.851943][T19130]  dump_stack+0x15/0x20
[  410.856116][T19130]  should_fail_ex+0x223/0x230
[  410.860830][T19130]  should_fail_alloc_page+0xfd/0x110
[  410.866204][T19130]  __alloc_pages_noprof+0x109/0x360
[  410.871422][T19130]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  410.876831][T19130]  folio_alloc_noprof+0xee/0x130
[  410.881809][T19130]  filemap_alloc_folio_noprof+0x69/0x220
[  410.887491][T19130]  __filemap_get_folio+0x298/0x5b0
[  410.892715][T19130]  ? mntput+0x49/0x70
[  410.896725][T19130]  cont_write_begin+0x512/0x860
[  410.901609][T19130]  ? _parse_integer_limit+0x167/0x180
[  410.907072][T19130]  fat_write_begin+0x51/0xe0
[  410.911740][T19130]  ? __pfx_fat_get_block+0x10/0x10
[  410.916930][T19130]  generic_perform_write+0x1a8/0x4a0
[  410.922254][T19130]  __generic_file_write_iter+0xa1/0x120
[  410.927822][T19130]  generic_file_write_iter+0x77/0x1c0
[  410.933213][T19130]  vfs_write+0x76a/0x910
[  410.937497][T19130]  ? __pfx_generic_file_write_iter+0x10/0x10
[  410.943503][T19130]  ksys_write+0xeb/0x1b0
[  410.947924][T19130]  __x64_sys_write+0x42/0x50
[  410.952539][T19130]  x64_sys_call+0x27dd/0x2d60
[  410.957258][T19130]  do_syscall_64+0xc9/0x1c0
[  410.961788][T19130]  ? clear_bhb_loop+0x55/0xb0
[  410.966545][T19130]  ? clear_bhb_loop+0x55/0xb0
[  410.971250][T19130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.977200][T19130] RIP: 0033:0x7fa93919def9
[  410.981623][T19130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  411.001301][T19130] RSP: 002b:00007fa937e11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  411.009747][T19130] RAX: ffffffffffffffda RBX: 00007fa939355f80 RCX: 00007fa93919def9
[  411.017830][T19130] RDX: 000000000208e24b RSI: 0000000020000080 RDI: 0000000000000008
[  411.022341][T19127] ext4 filesystem being mounted at /58/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  411.025865][T19130] RBP: 00007fa937e11090 R08: 0000000000000000 R09: 0000000000000000
[  411.025884][T19130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  411.025899][T19130] R13: 0000000000000000 R14: 00007fa939355f80 R15: 00007ffcd1f7cb38
[  411.025924][T19130]  </TASK>
[  411.296527][T19149] netlink: 'syz.3.5108': attribute type 10 has an invalid length.
[  411.315477][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  411.325982][T19149] bridge0: port 2(bridge_slave_1) entered disabled state
[  411.333234][T19149] bridge0: port 1(bridge_slave_0) entered disabled state
[  411.363057][T19149] bridge0: port 2(bridge_slave_1) entered blocking state
[  411.370235][T19149] bridge0: port 2(bridge_slave_1) entered forwarding state
[  411.377596][T19149] bridge0: port 1(bridge_slave_0) entered blocking state
[  411.384828][T19149] bridge0: port 1(bridge_slave_0) entered forwarding state
[  411.405090][T19149] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  411.413928][   T29] kauditd_printk_skb: 632 callbacks suppressed
[  411.413942][   T29] audit: type=1326 audit(1727153375.497:30742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19150 comm="syz.3.5108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fa93919def9 code=0x7ffc0000
[  411.414930][T19152] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5108'.
[  411.420189][   T29] audit: type=1326 audit(1727153375.497:30743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19148 comm="syz.3.5108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa93919def9 code=0x7ffc0000
[  411.476726][   T29] audit: type=1326 audit(1727153375.497:30744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19148 comm="syz.3.5108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa93919def9 code=0x7ffc0000
[  411.479349][T19152] bridge_slave_1: left allmulticast mode
[  411.504099][   T29] audit: type=1326 audit(1727153375.537:30745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19148 comm="syz.3.5108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fa93919def9 code=0x7ffc0000
[  411.506061][T19152] bridge_slave_1: left promiscuous mode
[  411.506235][T19152] bridge0: port 2(bridge_slave_1) entered disabled state
[  411.529768][   T29] audit: type=1326 audit(1727153375.547:30746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19148 comm="syz.3.5108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa93919def9 code=0x7ffc0000
[  411.566273][   T29] audit: type=1326 audit(1727153375.547:30747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19148 comm="syz.3.5108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7fa93919def9 code=0x7ffc0000
[  411.590007][   T29] audit: type=1326 audit(1727153375.547:30748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19148 comm="syz.3.5108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa93919def9 code=0x7ffc0000
[  411.613620][   T29] audit: type=1326 audit(1727153375.547:30749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19148 comm="syz.3.5108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7fa93919def9 code=0x7ffc0000
[  411.637312][   T29] audit: type=1326 audit(1727153375.547:30750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19148 comm="syz.3.5108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa93919def9 code=0x7ffc0000
[  411.661052][   T29] audit: type=1326 audit(1727153375.547:30751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19148 comm="syz.3.5108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa93919def9 code=0x7ffc0000
[  411.686083][T19152] bridge_slave_0: left allmulticast mode
[  411.691790][T19152] bridge_slave_0: left promiscuous mode
[  411.697483][T19152] bridge0: port 1(bridge_slave_0) entered disabled state
[  411.727214][T19152] bond0: (slave bridge0): Releasing backup interface
[  411.821589][T19158] loop4: detected capacity change from 0 to 2048
[  411.904611][T19162] loop3: detected capacity change from 0 to 128
[  411.942034][T19168] loop0: detected capacity change from 0 to 128
[  412.082693][T19181] loop3: detected capacity change from 0 to 164
[  412.103851][T19181] Unable to read rock-ridge attributes
[  412.172887][T19187] loop4: detected capacity change from 0 to 512
[  412.188945][T19189] syz.3.5122[19189] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  412.189008][T19189] syz.3.5122[19189] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  412.209200][T19189] syz.3.5122[19189] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  412.260680][T19187] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.5115: attempt to clear invalid blocks 2 len 1
[  412.290471][T19195] FAULT_INJECTION: forcing a failure.
[  412.290471][T19195] name failslab, interval 1, probability 0, space 0, times 0
[  412.303128][T19195] CPU: 1 UID: 0 PID: 19195 Comm: +}[@ Not tainted 6.11.0-syzkaller-09015-g18ba6034468e #0
[  412.313093][T19195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  412.323229][T19195] Call Trace:
[  412.326563][T19195]  <TASK>
[  412.329572][T19195]  dump_stack_lvl+0xf2/0x150
[  412.334191][T19195]  dump_stack+0x15/0x20
[  412.338405][T19195]  should_fail_ex+0x223/0x230
[  412.343113][T19195]  ? security_file_alloc+0x32/0x100
[  412.348332][T19195]  should_failslab+0x8f/0xb0
[  412.353020][T19195]  kmem_cache_alloc_noprof+0x4c/0x290
[  412.358457][T19195]  security_file_alloc+0x32/0x100
[  412.363561][T19195]  alloc_empty_file+0x121/0x2f0
[  412.368438][T19195]  path_openat+0x6a/0x1fa0
[  412.372998][T19195]  ? _parse_integer_limit+0x167/0x180
[  412.378531][T19195]  ? _parse_integer+0x27/0x30
[  412.383259][T19195]  ? kstrtoull+0x110/0x140
[  412.387712][T19195]  ? kstrtouint+0x77/0xc0
[  412.392215][T19195]  do_filp_open+0xf7/0x200
[  412.396670][T19195]  do_sys_openat2+0xab/0x120
[  412.401289][T19195]  __x64_sys_open+0xe6/0x110
[  412.405931][T19195]  x64_sys_call+0x1321/0x2d60
[  412.410805][T19195]  do_syscall_64+0xc9/0x1c0
[  412.415341][T19195]  ? clear_bhb_loop+0x55/0xb0
[  412.420080][T19195]  ? clear_bhb_loop+0x55/0xb0
[  412.424776][T19195]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  412.430722][T19195] RIP: 0033:0x7f552f0ddef9
[  412.435214][T19195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  412.454868][T19195] RSP: 002b:00007f552dd57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  412.463328][T19195] RAX: ffffffffffffffda RBX: 00007f552f295f80 RCX: 00007f552f0ddef9
[  412.471405][T19195] RDX: 0000000000000017 RSI: 0000000000080080 RDI: 0000000020000040
[  412.477802][T19187] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  412.479384][T19195] RBP: 00007f552dd57090 R08: 0000000000000000 R09: 0000000000000000
[  412.501646][T19195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  412.509724][T19195] R13: 0000000000000000 R14: 00007f552f295f80 R15: 00007ffe9e826ea8
[  412.517795][T19195]  </TASK>
[  412.522437][T19187] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.5115: invalid indirect mapped block 1819239214 (level 0)
[  412.552077][T19187] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.5115: invalid indirect mapped block 1819239214 (level 1)
[  412.606330][T19187] EXT4-fs (loop4): 1 truncate cleaned up
[  412.638141][T19187] EXT4-fs warning (device loop4): dx_probe:833: inode #2: comm syz.4.5115: Unrecognised inode hash code 20
[  412.649757][T19187] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.5115: Corrupt directory, running e2fsck is recommended
[  412.680021][T19209] loop2: detected capacity change from 0 to 164
[  412.690503][T19187] EXT4-fs warning (device loop4): dx_probe:833: inode #2: comm syz.4.5115: Unrecognised inode hash code 20
[  412.701969][T19187] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.5115: Corrupt directory, running e2fsck is recommended
[  412.715817][T19209] Unable to read rock-ridge attributes
[  412.717192][T19187] EXT4-fs error (device loop4): ext4_find_dest_de:2069: inode #2: block 13: comm syz.4.5115: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[  412.742766][T19213] EXT4-fs error (device loop4): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.4.5115: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[  412.764773][T19209] Unable to read rock-ridge attributes
[  412.816220][T19217] loop2: detected capacity change from 0 to 164
[  412.845838][T19217] Unable to read rock-ridge attributes
[  413.016989][T19235] loop2: detected capacity change from 0 to 2048
[  413.041876][T19234] loop0: detected capacity change from 0 to 2048
[  413.048992][T19237] SELinux:  policydb version 1446001614 does not match my version range 15-33
[  413.069207][T19235] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  413.080318][T19237] SELinux: failed to load policy
[  413.085127][T19235] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 17 with error 28
[  413.090851][T19237] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5141'.
[  413.101354][T19235] EXT4-fs (loop2): This should not happen!! Data will be lost
[  413.101354][T19235] 
[  413.110278][T19237] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5141'.
[  413.119918][T19235] EXT4-fs (loop2): Total free blocks count 0
[  413.135207][T19235] EXT4-fs (loop2): Free/Dirty block details
[  413.141292][T19235] EXT4-fs (loop2): free_blocks=2415919104
[  413.147024][T19235] EXT4-fs (loop2): dirty_blocks=32
[  413.152163][T19235] EXT4-fs (loop2): Block reservation details
[  413.154693][T19234] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, 
[  413.158202][T19235] EXT4-fs (loop2): i_reserved_data_blocks=2
[  413.172672][T19234] block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  413.183256][T19234] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 17 with error 28
[  413.195760][T19234] EXT4-fs (loop0): This should not happen!! Data will be lost
[  413.195760][T19234] 
[  413.205604][T19234] EXT4-fs (loop0): Total free blocks count 0
[  413.211797][T19234] EXT4-fs (loop0): Free/Dirty block details
[  413.217908][T19234] EXT4-fs (loop0): free_blocks=2415919104
[  413.218402][T19248] loop1: detected capacity change from 0 to 164
[  413.223678][T19234] EXT4-fs (loop0): dirty_blocks=32
[  413.235109][T19234] EXT4-fs (loop0): Block reservation details
[  413.241128][T19234] EXT4-fs (loop0): i_reserved_data_blocks=2
[  413.258272][T19248] Unable to read rock-ridge attributes
[  413.270807][T19246] Unable to read rock-ridge attributes
[  413.701328][T19259] loop1: detected capacity change from 0 to 164
[  413.810935][T19259] Unable to read rock-ridge attributes
[  414.051702][T16496] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  414.064056][T16496] EXT4-fs (loop0): This should not happen!! Data will be lost
[  414.064056][T16496] 
[  414.146788][T19274] loop0: detected capacity change from 0 to 2048
[  414.382012][   T36] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  414.394287][   T36] EXT4-fs (loop2): This should not happen!! Data will be lost
[  414.394287][   T36] 
[  414.434469][T19287] loop4: detected capacity change from 0 to 164
[  414.441492][T19287] Unable to read rock-ridge attributes
[  414.448792][T19287] Unable to read rock-ridge attributes
[  414.763772][T19302] loop4: detected capacity change from 0 to 512
[  414.784594][T19302] EXT4-fs: Mount option(s) incompatible with ext2
[  414.800425][T19306] loop2: detected capacity change from 0 to 164
[  414.810592][T19306] Unable to read rock-ridge attributes
[  414.823826][T19306] Unable to read rock-ridge attributes
[  415.023769][T19318] loop2: detected capacity change from 0 to 164
[  415.031338][T19318] Unable to read rock-ridge attributes
[  415.039070][T19318] Unable to read rock-ridge attributes
[  415.083937][T19320] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5171'.
[  415.112006][T19320] xfrm1: entered promiscuous mode
[  415.117976][T19320] xfrm1: entered allmulticast mode
[  415.139411][T19320] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  415.751280][T19339] 
@ÿ: renamed from veth0_vlan (while UP)
[  415.886818][T19347] loop4: detected capacity change from 0 to 2048
[  416.071478][T19365] loop3: detected capacity change from 0 to 512
[  416.082057][T19365] ext4 filesystem being mounted at /65/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  416.177413][T19378] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  416.193632][T19380] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  416.680685][T19399] loop1: detected capacity change from 0 to 1024
[  416.688120][T19399] EXT4-fs (loop1): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  416.715263][   T29] kauditd_printk_skb: 631 callbacks suppressed
[  416.715294][   T29] audit: type=1400 audit(1727153380.788:31383): avc:  denied  { mounton } for  pid=19398 comm="syz.1.5203" path="/309/file1/file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  416.888501][T19410] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5207'.
[  416.904430][T19410] bond1: entered promiscuous mode
[  416.909583][T19410] bond1: entered allmulticast mode
[  416.915194][T19410] 8021q: adding VLAN 0 to HW filter on device bond1
[  417.142953][T19429] loop3: detected capacity change from 0 to 512
[  417.178069][T19429] ext4 filesystem being mounted at /70/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  417.259147][T19443] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5219'.
[  417.298214][T19443] bond2: entered promiscuous mode
[  417.303409][T19443] bond2: entered allmulticast mode
[  417.308751][T19443] 8021q: adding VLAN 0 to HW filter on device bond2
[  417.350812][T19449] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  417.737026][T19454] +}[@[19454] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  417.737091][T19454] +}[@[19454] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  417.748562][T19454] +}[@[19454] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  417.779096][T19456] loop4: detected capacity change from 0 to 512
[  417.801373][T19456] EXT4-fs mount: 41 callbacks suppressed
[  417.801387][T19456] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  417.821566][T19456] ext4 filesystem being mounted at /31/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  417.842653][T18882] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  418.047558][T19475] bond1: entered promiscuous mode
[  418.051773][T19473] loop4: detected capacity change from 0 to 2048
[  418.052675][T19475] bond1: entered allmulticast mode
[  418.064700][T19475] 8021q: adding VLAN 0 to HW filter on device bond1
[  418.084826][T19473] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  418.116261][T19473] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  418.134462][T19473] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 17 with error 28
[  418.147028][T19473] EXT4-fs (loop4): This should not happen!! Data will be lost
[  418.147028][T19473] 
[  418.156759][T19473] EXT4-fs (loop4): Total free blocks count 0
[  418.162992][T19473] EXT4-fs (loop4): Free/Dirty block details
[  418.169078][T19473] EXT4-fs (loop4): free_blocks=2415919104
[  418.174908][T19473] EXT4-fs (loop4): dirty_blocks=32
[  418.180118][T19473] EXT4-fs (loop4): Block reservation details
[  418.186119][T19473] EXT4-fs (loop4): i_reserved_data_blocks=2
[  418.371682][T19498] loop2: detected capacity change from 0 to 2048
[  418.391821][T19498] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  418.419050][T19498] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  418.442979][T19498] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 17 with error 28
[  418.455391][T19498] EXT4-fs (loop2): This should not happen!! Data will be lost
[  418.455391][T19498] 
[  418.465075][T19498] EXT4-fs (loop2): Total free blocks count 0
[  418.471102][T19498] EXT4-fs (loop2): Free/Dirty block details
[  418.477032][T19498] EXT4-fs (loop2): free_blocks=2415919104
[  418.482813][T19498] EXT4-fs (loop2): dirty_blocks=32
[  418.487944][T19498] EXT4-fs (loop2): Block reservation details
[  418.493962][T19498] EXT4-fs (loop2): i_reserved_data_blocks=2
[  418.505319][T19510] FAULT_INJECTION: forcing a failure.
[  418.505319][T19510] name failslab, interval 1, probability 0, space 0, times 0
[  418.518076][T19510] CPU: 1 UID: 0 PID: 19510 Comm: syz.3.5242 Not tainted 6.11.0-syzkaller-09015-g18ba6034468e #0
[  418.528558][T19510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  418.538749][T19510] Call Trace:
[  418.542048][T19510]  <TASK>
[  418.545009][T19510]  dump_stack_lvl+0xf2/0x150
[  418.549771][T19510]  dump_stack+0x15/0x20
[  418.553954][T19510]  should_fail_ex+0x223/0x230
[  418.558755][T19510]  ? x509_cert_parse+0x3b/0x440
[  418.563711][T19510]  should_failslab+0x8f/0xb0
[  418.568344][T19510]  __kmalloc_cache_noprof+0x4b/0x2a0
[  418.573658][T19510]  x509_cert_parse+0x3b/0x440
[  418.578369][T19510]  x509_key_preparse+0x3c/0x400
[  418.583244][T19510]  asymmetric_key_preparse+0x6b/0xc0
[  418.588744][T19510]  __key_create_or_update+0x29f/0x750
[  418.594188][T19510]  key_create_or_update+0x42/0x60
[  418.599321][T19510]  __se_sys_add_key+0x280/0x320
[  418.604368][T19510]  ? fput+0x14e/0x190
[  418.608456][T19510]  __x64_sys_add_key+0x67/0x80
[  418.613298][T19510]  x64_sys_call+0x157d/0x2d60
[  418.618082][T19510]  do_syscall_64+0xc9/0x1c0
[  418.622621][T19510]  ? clear_bhb_loop+0x55/0xb0
[  418.627434][T19510]  ? clear_bhb_loop+0x55/0xb0
[  418.632137][T19510]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.638252][T19510] RIP: 0033:0x7fa93919def9
[  418.642859][T19510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  418.662680][T19510] RSP: 002b:00007fa937e11038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  418.671141][T19510] RAX: ffffffffffffffda RBX: 00007fa939355f80 RCX: 00007fa93919def9
[  418.679357][T19510] RDX: 0000000020000140 RSI: 0000000000000000 RDI: 0000000020000100
[  418.687445][T19510] RBP: 00007fa937e11090 R08: 000000003186f534 R09: 0000000000000000
[  418.695498][T19510] R10: 00000000000fffff R11: 0000000000000246 R12: 0000000000000001
[  418.703538][T19510] R13: 0000000000000000 R14: 00007fa939355f80 R15: 00007ffcd1f7cb38
[  418.711544][T19510]  </TASK>
[  418.764346][T19512] bond3: entered promiscuous mode
[  418.769508][T19512] bond3: entered allmulticast mode
[  418.778587][T19512] 8021q: adding VLAN 0 to HW filter on device bond3
[  418.832671][T19515] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  418.857692][T16496] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  418.974128][T19523] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5247'.
[  419.017847][T19523] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5247'.
[  419.071710][   T29] audit: type=1326 audit(1727153383.148:31384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19532 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  419.094876][   T29] audit: type=1326 audit(1727153383.148:31385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19532 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  419.171591][   T29] audit: type=1326 audit(1727153383.148:31386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19532 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  419.194773][   T29] audit: type=1326 audit(1727153383.148:31387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19532 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  419.218102][   T29] audit: type=1326 audit(1727153383.148:31388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19532 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  419.241167][   T29] audit: type=1326 audit(1727153383.148:31389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19532 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  419.264411][   T29] audit: type=1326 audit(1727153383.148:31390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19532 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  419.273911][T19541] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  419.287571][   T29] audit: type=1326 audit(1727153383.208:31391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19531 comm="syz.4.5253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8dbcadef9 code=0x7ffc0000
[  419.319448][   T29] audit: type=1326 audit(1727153383.208:31392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19531 comm="syz.4.5253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8dbcadef9 code=0x7ffc0000
[  419.320103][ T2324] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  419.421149][T19551] loop0: detected capacity change from 0 to 2048
[  419.430979][T19551] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  419.439283][T19556] loop2: detected capacity change from 0 to 1024
[  419.445453][T19551] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  419.450299][T19556] EXT4-fs (loop2): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  419.465516][T19551] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 17 with error 28
[  419.486384][T19551] EXT4-fs (loop0): This should not happen!! Data will be lost
[  419.486384][T19551] 
[  419.496092][T19551] EXT4-fs (loop0): Total free blocks count 0
[  419.502200][T19551] EXT4-fs (loop0): Free/Dirty block details
[  419.508108][T19551] EXT4-fs (loop0): free_blocks=2415919104
[  419.513877][T19551] EXT4-fs (loop0): dirty_blocks=32
[  419.519010][T19551] EXT4-fs (loop0): Block reservation details
[  419.525325][T19551] EXT4-fs (loop0): i_reserved_data_blocks=2
[  419.553209][T19556] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  419.556668][T19562] loop3: detected capacity change from 0 to 512
[  419.581420][T19562] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  419.594502][T19562] ext4 filesystem being mounted at /92/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  419.630047][T19566] FAULT_INJECTION: forcing a failure.
[  419.630047][T19566] name failslab, interval 1, probability 0, space 0, times 0
[  419.642821][T19566] CPU: 0 UID: 0 PID: 19566 Comm: syz.2.5261 Not tainted 6.11.0-syzkaller-09015-g18ba6034468e #0
[  419.653355][T19566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  419.663525][T19566] Call Trace:
[  419.666825][T19566]  <TASK>
[  419.669778][T19566]  dump_stack_lvl+0xf2/0x150
[  419.674399][T19566]  dump_stack+0x15/0x20
[  419.678706][T19566]  should_fail_ex+0x223/0x230
[  419.683431][T19566]  ? ext4_expand_extra_isize_ea+0x7c9/0xf70
[  419.689461][T19566]  should_failslab+0x8f/0xb0
[  419.694094][T19566]  __kmalloc_noprof+0xa5/0x370
[  419.698929][T19566]  ext4_expand_extra_isize_ea+0x7c9/0xf70
[  419.704684][T19566]  __ext4_expand_extra_isize+0x243/0x280
[  419.710389][T19566]  __ext4_mark_inode_dirty+0x2c5/0x440
[  419.715950][T19566]  ext4_dirty_inode+0x91/0xb0
[  419.720663][T19566]  ? __pfx_ext4_dirty_inode+0x10/0x10
[  419.726089][T19566]  __mark_inode_dirty+0x166/0x7e0
[  419.731204][T19566]  file_modified_flags+0x2fd/0x330
[  419.736398][T19566]  file_modified+0x17/0x20
[  419.740840][T19566]  ext4_buffered_write_iter+0x1cc/0x370
[  419.746454][T19566]  ext4_file_write_iter+0x293/0xe10
[  419.751693][T19566]  ? __rcu_read_unlock+0x4e/0x70
[  419.756673][T19566]  ? mntput_no_expire+0x70/0x3c0
[  419.761742][T19566]  ? splice_from_pipe_next+0x332/0x390
[  419.767224][T19566]  ? iter_file_splice_write+0x102/0x980
[  419.772843][T19566]  iter_file_splice_write+0x5f1/0x980
[  419.778274][T19566]  ? __pfx_iter_file_splice_write+0x10/0x10
[  419.784371][T19566]  do_splice+0x98f/0x1120
[  419.788921][T19566]  ? get_pid_task+0x8e/0xc0
[  419.793543][T19566]  ? proc_fail_nth_write+0x12a/0x150
[  419.798905][T19566]  ? __fget_files+0x1d4/0x210
[  419.803693][T19566]  __se_sys_splice+0x24c/0x390
[  419.808552][T19566]  __x64_sys_splice+0x78/0x90
[  419.813272][T19566]  x64_sys_call+0x2945/0x2d60
[  419.818025][T19566]  do_syscall_64+0xc9/0x1c0
[  419.822613][T19566]  ? clear_bhb_loop+0x55/0xb0
[  419.827322][T19566]  ? clear_bhb_loop+0x55/0xb0
[  419.832101][T19566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.838019][T19566] RIP: 0033:0x7f552f0ddef9
[  419.842458][T19566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  419.862098][T19566] RSP: 002b:00007f552dd36038 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  419.870739][T19566] RAX: ffffffffffffffda RBX: 00007f552f296058 RCX: 00007f552f0ddef9
[  419.878738][T19566] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000004
[  419.886735][T19566] RBP: 00007f552dd36090 R08: 00001fffffffffff R09: 0000000000000000
[  419.894718][T19566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  419.902716][T19566] R13: 0000000000000001 R14: 00007f552f296058 R15: 00007ffe9e826ea8
[  419.910749][T19566]  </TASK>
[  419.999686][T18375] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  420.017290][T18445] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  420.028960][T16496] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  420.051658][T19569] loop4: detected capacity change from 0 to 164
[  420.060171][T19569] Unable to read rock-ridge attributes
[  420.096791][T19569] Unable to read rock-ridge attributes
[  420.108474][T19583] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  420.151512][T19593] FAULT_INJECTION: forcing a failure.
[  420.151512][T19593] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  420.161133][T19595] loop4: detected capacity change from 0 to 512
[  420.165090][T19593] CPU: 0 UID: 0 PID: 19593 Comm: syz.3.5275 Not tainted 6.11.0-syzkaller-09015-g18ba6034468e #0
[  420.181375][T19593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  420.191477][T19593] Call Trace:
[  420.194765][T19593]  <TASK>
[  420.197738][T19593]  dump_stack_lvl+0xf2/0x150
[  420.202396][T19593]  dump_stack+0x15/0x20
[  420.206584][T19593]  should_fail_ex+0x223/0x230
[  420.211351][T19593]  should_fail+0xb/0x10
[  420.215537][T19593]  should_fail_usercopy+0x1a/0x20
[  420.220624][T19593]  _copy_to_iter+0xd3/0xd20
[  420.225207][T19593]  copy_page_to_iter+0x171/0x2b0
[  420.230183][T19593]  shmem_file_read_iter+0x408/0x550
[  420.235416][T19593]  vfs_read+0x5f6/0x720
[  420.239651][T19593]  ? __rcu_read_unlock+0x4e/0x70
[  420.244690][T19593]  ksys_read+0xeb/0x1b0
[  420.248904][T19593]  __x64_sys_read+0x42/0x50
[  420.253457][T19593]  x64_sys_call+0x27d3/0x2d60
[  420.258148][T19593]  do_syscall_64+0xc9/0x1c0
[  420.262713][T19593]  ? clear_bhb_loop+0x55/0xb0
[  420.267401][T19593]  ? clear_bhb_loop+0x55/0xb0
[  420.272109][T19593]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  420.278076][T19593] RIP: 0033:0x7fa93919def9
[  420.282566][T19593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  420.302185][T19593] RSP: 002b:00007fa937e11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  420.310607][T19593] RAX: ffffffffffffffda RBX: 00007fa939355f80 RCX: 00007fa93919def9
[  420.318608][T19593] RDX: 00000000fffffe47 RSI: 0000000020000180 RDI: 0000000000000004
[  420.326586][T19593] RBP: 00007fa937e11090 R08: 0000000000000000 R09: 0000000000000000
[  420.334572][T19593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  420.342546][T19593] R13: 0000000000000000 R14: 00007fa939355f80 R15: 00007ffcd1f7cb38
[  420.350579][T19593]  </TASK>
[  420.368095][T19596] loop1: detected capacity change from 0 to 2048
[  420.386421][T19595] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  420.404354][T19595] ext4 filesystem being mounted at /41/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  420.410021][T19596] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  420.444479][T18882] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  420.455205][T19596] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  420.467379][T19609] netlink: 32 bytes leftover after parsing attributes in process `syz.0.5281'.
[  420.472330][T19596] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 17 with error 28
[  420.491516][T19596] EXT4-fs (loop1): This should not happen!! Data will be lost
[  420.491516][T19596] 
[  420.501572][T19596] EXT4-fs (loop1): Total free blocks count 0
[  420.507622][T19596] EXT4-fs (loop1): Free/Dirty block details
[  420.513570][T19596] EXT4-fs (loop1): free_blocks=2415919104
[  420.519304][T19596] EXT4-fs (loop1): dirty_blocks=32
[  420.524469][T19596] EXT4-fs (loop1): Block reservation details
[  420.530511][T19596] EXT4-fs (loop1): i_reserved_data_blocks=2
[  420.875104][T19617] loop3: detected capacity change from 0 to 128
[  420.886137][T19619] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  420.896252][T19617] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  420.904229][T19617] FAT-fs (loop3): Filesystem has been set read-only
[  420.914972][T19617] syz.3.5283: attempt to access beyond end of device
[  420.914972][T19617] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  420.929627][T19617] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  420.937466][T19617] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  420.967572][T19617] syz.3.5283: attempt to access beyond end of device
[  420.967572][T19617] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  420.983469][T19617] syz.3.5283: attempt to access beyond end of device
[  420.983469][T19617] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  421.055306][   T36] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  421.066695][T19635] loop2: detected capacity change from 0 to 164
[  421.080063][T19635] Unable to read rock-ridge attributes
[  421.089979][T19635] Unable to read rock-ridge attributes
[  421.133380][T19646] loop2: detected capacity change from 0 to 512
[  421.168728][T19651] loop1: detected capacity change from 0 to 164
[  421.176628][T19646] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  421.189428][T19646] ext4 filesystem being mounted at /86/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  421.216975][T19651] Unable to read rock-ridge attributes
[  421.228276][T18375] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  421.238886][T19651] Unable to read rock-ridge attributes
[  421.255185][T19659] syz.4.5302: attempt to access beyond end of device
[  421.255185][T19659] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  421.277007][T19661] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  421.284288][T19663] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5303'.
[  421.328290][T19672] FAULT_INJECTION: forcing a failure.
[  421.328290][T19672] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  421.341486][T19672] CPU: 1 UID: 0 PID: 19672 Comm: syz.1.5307 Not tainted 6.11.0-syzkaller-09015-g18ba6034468e #0
[  421.351928][T19672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  421.361243][T19675] loop3: detected capacity change from 0 to 2048
[  421.361986][T19672] Call Trace:
[  421.361996][T19672]  <TASK>
[  421.374576][T19672]  dump_stack_lvl+0xf2/0x150
[  421.379187][T19672]  dump_stack+0x15/0x20
[  421.383365][T19672]  should_fail_ex+0x223/0x230
[  421.388234][T19672]  should_fail+0xb/0x10
[  421.392414][T19672]  should_fail_usercopy+0x1a/0x20
[  421.397478][T19672]  _copy_from_user+0x1e/0xd0
[  421.402125][T19672]  copy_msghdr_from_user+0x54/0x2a0
[  421.407382][T19672]  __sys_sendmsg+0x171/0x270
[  421.412017][T19672]  __x64_sys_sendmsg+0x46/0x50
[  421.416858][T19672]  x64_sys_call+0x2689/0x2d60
[  421.421550][T19672]  do_syscall_64+0xc9/0x1c0
[  421.426128][T19672]  ? clear_bhb_loop+0x55/0xb0
[  421.430844][T19672]  ? clear_bhb_loop+0x55/0xb0
[  421.435539][T19672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  421.441459][T19672] RIP: 0033:0x7f418698def9
[  421.445886][T19672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  421.465856][T19672] RSP: 002b:00007f4185607038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  421.474277][T19672] RAX: ffffffffffffffda RBX: 00007f4186b45f80 RCX: 00007f418698def9
[  421.482331][T19672] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  421.490308][T19672] RBP: 00007f4185607090 R08: 0000000000000000 R09: 0000000000000000
[  421.498740][T19672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  421.506714][T19672] R13: 0000000000000000 R14: 00007f4186b45f80 R15: 00007ffd89731a88
[  421.514781][T19672]  </TASK>
[  421.542959][T19680] loop0: detected capacity change from 0 to 512
[  421.561234][T19675] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  421.586317][T19675] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  421.588580][T19680] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  421.603456][T19675] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 17 with error 28
[  421.614660][T19680] ext4 filesystem being mounted at /231/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  421.626134][T19675] EXT4-fs (loop3): This should not happen!! Data will be lost
[  421.626134][T19675] 
[  421.646426][T19675] EXT4-fs (loop3): Total free blocks count 0
[  421.652278][T19692] loop1: detected capacity change from 0 to 164
[  421.652458][T19675] EXT4-fs (loop3): Free/Dirty block details
[  421.664725][T19675] EXT4-fs (loop3): free_blocks=2415919104
[  421.665743][T19692] Unable to read rock-ridge attributes
[  421.670466][T19675] EXT4-fs (loop3): dirty_blocks=32
[  421.670485][T19675] EXT4-fs (loop3): Block reservation details
[  421.682725][T19692] Unable to read rock-ridge attributes
[  421.687042][T19675] EXT4-fs (loop3): i_reserved_data_blocks=2
[  421.716409][T19693] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 27 with error 28
[  421.732208][T16223] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  421.743938][   T29] kauditd_printk_skb: 247 callbacks suppressed
[  421.743954][   T29] audit: type=1326 audit(1727153385.818:31640): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19676 comm="syz.4.5309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8dbcadef9 code=0x7ffc0000
[  421.776805][   T29] audit: type=1326 audit(1727153385.818:31641): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19676 comm="syz.4.5309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8dbcadef9 code=0x7ffc0000
[  421.803311][T19695] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5315'.
[  421.829641][T19699] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  421.853619][   T29] audit: type=1326 audit(1727153385.928:31642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19700 comm="syz.4.5317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8dbcadef9 code=0x7ffc0000
[  421.897956][   T29] audit: type=1326 audit(1727153385.928:31643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19700 comm="syz.4.5317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8dbcadef9 code=0x7ffc0000
[  421.921775][   T29] audit: type=1326 audit(1727153385.958:31644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19700 comm="syz.4.5317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd8dbcadef9 code=0x7ffc0000
[  421.945406][   T29] audit: type=1326 audit(1727153385.958:31645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19700 comm="syz.4.5317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8dbcadef9 code=0x7ffc0000
[  421.950614][T19709] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5321'.
[  421.969004][   T29] audit: type=1326 audit(1727153385.958:31646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19700 comm="syz.4.5317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8dbcadef9 code=0x7ffc0000
[  422.001622][   T29] audit: type=1326 audit(1727153385.958:31647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19700 comm="syz.4.5317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fd8dbcadef9 code=0x7ffc0000
[  422.005217][T19712] loop0: detected capacity change from 0 to 512
[  422.025154][   T29] audit: type=1326 audit(1727153385.958:31648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19700 comm="syz.4.5317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8dbcadef9 code=0x7ffc0000
[  422.055062][   T29] audit: type=1326 audit(1727153385.958:31649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19700 comm="syz.4.5317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8dbcadef9 code=0x7ffc0000
[  422.103400][T19718] loop4: detected capacity change from 0 to 512
[  422.121920][T19718] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.5317: attempt to clear invalid blocks 2 len 1
[  422.136835][T19718] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  422.151450][T19718] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.5317: invalid indirect mapped block 1819239214 (level 0)
[  422.163700][T19712] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  422.180891][T19718] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.5317: invalid indirect mapped block 1819239214 (level 1)
[  422.207696][T19727] loop2: detected capacity change from 0 to 512
[  422.231737][T19712] ext4 filesystem being mounted at /233/fiˆ supports timestamps until 2038-01-19 (0x7fffffff)
[  422.249070][T19718] EXT4-fs (loop4): 1 truncate cleaned up
[  422.257730][T19727] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  422.280665][T19730] loop1: detected capacity change from 0 to 164
[  422.288890][T19718] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  422.319697][T19727] ext4 filesystem being mounted at /95/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  422.331102][T19730] Unable to read rock-ridge attributes
[  422.338100][T16223] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  422.350197][T19730] Unable to read rock-ridge attributes
[  422.379424][T19718] EXT4-fs warning (device loop4): dx_probe:833: inode #2: comm syz.4.5317: Unrecognised inode hash code 20
[  422.390952][T19718] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.5317: Corrupt directory, running e2fsck is recommended
[  422.429537][T18375] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  422.458581][T19736] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  422.490032][T19740] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5328'.
[  422.563997][T19745] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  422.590715][T19747] 
@ÿ: renamed from veth0_vlan (while UP)
[  422.636904][T19749] loop0: detected capacity change from 0 to 512
[  422.651115][T19751] netlink: 48 bytes leftover after parsing attributes in process `syz.1.5335'.
[  422.740846][T19755] FAULT_INJECTION: forcing a failure.
[  422.740846][T19755] name failslab, interval 1, probability 0, space 0, times 0
[  422.753595][T19755] CPU: 1 UID: 0 PID: 19755 Comm: syz.1.5337 Not tainted 6.11.0-syzkaller-09015-g18ba6034468e #0
[  422.764075][T19755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  422.774443][T19755] Call Trace:
[  422.777801][T19755]  <TASK>
[  422.780738][T19755]  dump_stack_lvl+0xf2/0x150
[  422.785364][T19755]  dump_stack+0x15/0x20
[  422.789984][T19755]  should_fail_ex+0x223/0x230
[  422.794788][T19755]  ? __get_vm_area_node+0xf7/0x1b0
[  422.799916][T19755]  should_failslab+0x8f/0xb0
[  422.804580][T19755]  __kmalloc_cache_node_noprof+0x50/0x2b0
[  422.810334][T19755]  __get_vm_area_node+0xf7/0x1b0
[  422.815344][T19755]  __vmalloc_node_range_noprof+0x2c3/0xec0
[  422.821342][T19755]  ? bpf_prog_alloc_no_stats+0x49/0x360
[  422.826988][T19755]  ? mntput_no_expire+0x70/0x3c0
[  422.832021][T19755]  ? avc_has_perm_noaudit+0x1cc/0x210
[  422.837527][T19755]  ? selinux_capable+0x1f2/0x260
[  422.842503][T19755]  ? bpf_prog_alloc_no_stats+0x49/0x360
[  422.848232][T19755]  __vmalloc_noprof+0x5e/0x70
[  422.853033][T19755]  ? bpf_prog_alloc_no_stats+0x49/0x360
[  422.858616][T19755]  bpf_prog_alloc_no_stats+0x49/0x360
[  422.864105][T19755]  ? bpf_prog_alloc+0x28/0x150
[  422.868896][T19755]  bpf_prog_alloc+0x3a/0x150
[  422.870462][T19749] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  422.873501][T19755]  bpf_prog_load+0x4d1/0x1070
[  422.889650][T19749] ext4 filesystem being mounted at /236/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  422.890620][T19755]  ? __rcu_read_unlock+0x4e/0x70
[  422.906160][T19755]  __sys_bpf+0x463/0x7a0
[  422.910458][T19755]  __x64_sys_bpf+0x43/0x50
[  422.915012][T19755]  x64_sys_call+0x2625/0x2d60
[  422.919779][T19755]  do_syscall_64+0xc9/0x1c0
[  422.924389][T19755]  ? clear_bhb_loop+0x55/0xb0
[  422.929105][T19755]  ? clear_bhb_loop+0x55/0xb0
[  422.933831][T19755]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  422.939752][T19755] RIP: 0033:0x7f418698def9
[  422.944188][T19755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  422.963833][T19755] RSP: 002b:00007f4185607038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  422.972286][T19755] RAX: ffffffffffffffda RBX: 00007f4186b45f80 RCX: 00007f418698def9
[  422.980361][T19755] RDX: 0000000000000090 RSI: 0000000020000380 RDI: 0000000000000005
[  422.988493][T19755] RBP: 00007f4185607090 R08: 0000000000000000 R09: 0000000000000000
[  422.996470][T19755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  423.004456][T19755] R13: 0000000000000000 R14: 00007f4186b45f80 R15: 00007ffd89731a88
[  423.012467][T19755]  </TASK>
[  423.015672][T19755] syz.1.5337: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0
[  423.031964][T19755] CPU: 1 UID: 0 PID: 19755 Comm: syz.1.5337 Not tainted 6.11.0-syzkaller-09015-g18ba6034468e #0
[  423.042413][T19755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  423.052509][T19755] Call Trace:
[  423.055813][T19755]  <TASK>
[  423.058748][T19755]  dump_stack_lvl+0xf2/0x150
[  423.063357][T19755]  dump_stack+0x15/0x20
[  423.067596][T19755]  warn_alloc+0x145/0x1b0
[  423.072031][T19755]  __vmalloc_node_range_noprof+0x2e8/0xec0
[  423.077937][T19755]  ? mntput_no_expire+0x70/0x3c0
[  423.082893][T19755]  ? avc_has_perm_noaudit+0x1cc/0x210
[  423.088384][T19755]  ? selinux_capable+0x1f2/0x260
[  423.093409][T19755]  ? bpf_prog_alloc_no_stats+0x49/0x360
[  423.099014][T19755]  __vmalloc_noprof+0x5e/0x70
[  423.103706][T19755]  ? bpf_prog_alloc_no_stats+0x49/0x360
[  423.109283][T19755]  bpf_prog_alloc_no_stats+0x49/0x360
[  423.114679][T19755]  ? bpf_prog_alloc+0x28/0x150
[  423.119463][T19755]  bpf_prog_alloc+0x3a/0x150
[  423.124205][T19755]  bpf_prog_load+0x4d1/0x1070
[  423.128925][T19755]  ? __rcu_read_unlock+0x4e/0x70
[  423.133944][T19755]  __sys_bpf+0x463/0x7a0
[  423.138239][T19755]  __x64_sys_bpf+0x43/0x50
[  423.142747][T19755]  x64_sys_call+0x2625/0x2d60
[  423.147476][T19755]  do_syscall_64+0xc9/0x1c0
[  423.152027][T19755]  ? clear_bhb_loop+0x55/0xb0
[  423.156728][T19755]  ? clear_bhb_loop+0x55/0xb0
[  423.161439][T19755]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  423.167391][T19755] RIP: 0033:0x7f418698def9
[  423.171813][T19755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  423.191430][T19755] RSP: 002b:00007f4185607038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  423.199850][T19755] RAX: ffffffffffffffda RBX: 00007f4186b45f80 RCX: 00007f418698def9
[  423.207824][T19755] RDX: 0000000000000090 RSI: 0000000020000380 RDI: 0000000000000005
[  423.215967][T19755] RBP: 00007f4185607090 R08: 0000000000000000 R09: 0000000000000000
[  423.224061][T19755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  423.232131][T19755] R13: 0000000000000000 R14: 00007f4186b45f80 R15: 00007ffd89731a88
[  423.240114][T19755]  </TASK>
[  423.243290][T19755] Mem-Info:
[  423.246420][T19755] active_anon:5842 inactive_anon:1660 isolated_anon:0
[  423.246420][T19755]  active_file:14568 inactive_file:12696 isolated_file:0
[  423.246420][T19755]  unevictable:0 dirty:447 writeback:0
[  423.246420][T19755]  slab_reclaimable:2749 slab_unreclaimable:14327
[  423.246420][T19755]  mapped:21573 shmem:2633 pagetables:615
[  423.246420][T19755]  sec_pagetables:0 bounce:0
[  423.246420][T19755]  kernel_misc_reclaimable:0
[  423.246420][T19755]  free:1878137 free_pcp:2289 free_cma:0
[  423.291746][T19755] Node 0 active_anon:23368kB inactive_anon:6640kB active_file:58272kB inactive_file:50784kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86292kB dirty:1788kB writeback:0kB shmem:10532kB writeback_tmp:0kB kernel_stack:3072kB pagetables:2460kB sec_pagetables:0kB all_unreclaimable? no
[  423.319934][T19755] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  423.346826][T19755] lowmem_reserve[]: 0 2866 7844 0
[  423.351998][T19755] Node 0 DMA32 free:2950360kB boost:0kB min:4136kB low:7068kB high:10000kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953892kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:0kB free_cma:0kB
[  423.380788][T19755] lowmem_reserve[]: 0 0 4978 0
[  423.385672][T19755] Node 0 Normal free:4546828kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:23368kB inactive_anon:6640kB active_file:58272kB inactive_file:50784kB unevictable:0kB writepending:1788kB present:5242880kB managed:5098208kB mlocked:0kB bounce:0kB free_pcp:10040kB local_pcp:1936kB free_cma:0kB
[  423.416318][T19755] lowmem_reserve[]: 0 0 0 0
[  423.420891][T19755] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  423.433783][T19755] Node 0 DMA32: 4*4kB (M) 1*8kB (M) 4*16kB (M) 2*32kB (M) 3*64kB (M) 3*128kB (M) 2*256kB (M) 2*512kB (M) 3*1024kB (M) 2*2048kB (M) 718*4096kB (M) = 2950360kB
[  423.449961][T19755] Node 0 Normal: 27*4kB (UME) 840*8kB (ME) 405*16kB (ME) 106*32kB (UME) 86*64kB (ME) 64*128kB (UME) 38*256kB (UME) 48*512kB (UME) 41*1024kB (UME) 24*2048kB (UM) 1072*4096kB (UME) = 4546748kB
[  423.469028][T19755] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  423.478415][T19755] 31905 total pagecache pages
[  423.483148][T19755] 2008 pages in swap cache
[  423.487675][T19755] Free swap  = 116512kB
[  423.491880][T19755] Total swap = 124996kB
[  423.496049][T19755] 2097051 pages RAM
[  423.499892][T19755] 0 pages HighMem/MovableOnly
[  423.504606][T19755] 80186 pages reserved
[  423.530551][T16223] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  423.560103][T19758] syz.2.5339: attempt to access beyond end of device
[  423.560103][T19758] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  423.614637][T19766] loop0: detected capacity change from 0 to 512
[  423.643358][T19772] loop2: detected capacity change from 0 to 512
[  423.652271][T19766] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  423.668268][T19766] ext4 filesystem being mounted at /238/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  423.680686][T19772] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  423.703610][T19772] ext4 filesystem being mounted at /99/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  423.716177][T16223] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  423.752331][T19782] loop0: detected capacity change from 0 to 2048
[  423.782264][T18375] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  423.782311][T18882] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  423.803054][T19782] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  423.840065][T16223] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  423.870413][T19794] loop1: detected capacity change from 0 to 2048
[  423.894055][T19804] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  423.910305][T19794] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  423.923546][T19810] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  423.924204][T19794] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  423.947170][T19794] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 17 with error 28
[  423.959636][T19794] EXT4-fs (loop1): This should not happen!! Data will be lost
[  423.959636][T19794] 
[  423.969499][T19794] EXT4-fs (loop1): Total free blocks count 0
[  423.975528][T19794] EXT4-fs (loop1): Free/Dirty block details
[  423.981854][T19794] EXT4-fs (loop1): free_blocks=2415919104
[  423.987829][T19794] EXT4-fs (loop1): dirty_blocks=32
[  423.993030][T19794] EXT4-fs (loop1): Block reservation details
[  423.999237][T19794] EXT4-fs (loop1): i_reserved_data_blocks=2
[  424.009591][T19818] loop4: detected capacity change from 0 to 512
[  424.020810][T19818] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  424.033929][T19818] ext4 filesystem being mounted at /58/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  424.061818][T18882] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  424.074765][T19823] netlink: 48 bytes leftover after parsing attributes in process `syz.0.5359'.
[  424.135639][T19829] 
@ÿ: renamed from veth0_vlan (while UP)
[  424.325725][T19839] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5367'.
[  424.450100][T19845] FAULT_INJECTION: forcing a failure.
[  424.450100][T19845] name failslab, interval 1, probability 0, space 0, times 0
[  424.462847][T19845] CPU: 0 UID: 0 PID: 19845 Comm: syz.4.5370 Not tainted 6.11.0-syzkaller-09015-g18ba6034468e #0
[  424.473329][T19845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  424.483782][T19845] Call Trace:
[  424.487076][T19845]  <TASK>
[  424.490066][T19845]  dump_stack_lvl+0xf2/0x150
[  424.494732][T19845]  dump_stack+0x15/0x20
[  424.498949][T19845]  should_fail_ex+0x223/0x230
[  424.503653][T19845]  ? __alloc_skb+0x10b/0x310
[  424.508275][T19845]  should_failslab+0x8f/0xb0
[  424.512934][T19845]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  424.518931][T19845]  __alloc_skb+0x10b/0x310
[  424.523390][T19845]  audit_log_start+0x368/0x6b0
[  424.528229][T19845]  audit_seccomp+0x4b/0x130
[  424.532777][T19845]  __seccomp_filter+0x6fa/0x1180
[  424.537789][T19845]  ? proc_fail_nth_write+0x12a/0x150
[  424.543110][T19845]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  424.548787][T19845]  ? vfs_write+0x580/0x910
[  424.553312][T19845]  ? __fget_files+0x1d4/0x210
[  424.558107][T19845]  __secure_computing+0x9f/0x1c0
[  424.563086][T19845]  syscall_trace_enter+0xd1/0x1f0
[  424.568149][T19845]  ? fpregs_assert_state_consistent+0x83/0xa0
[  424.574266][T19845]  do_syscall_64+0xaa/0x1c0
[  424.578899][T19845]  ? clear_bhb_loop+0x55/0xb0
[  424.583646][T19845]  ? clear_bhb_loop+0x55/0xb0
[  424.588351][T19845]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  424.594331][T19845] RIP: 0033:0x7fd8dbcadef9
[  424.598856][T19845] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  424.618486][T19845] RSP: 002b:00007fd8da927038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ba
[  424.626962][T19845] RAX: ffffffffffffffda RBX: 00007fd8dbe65f80 RCX: 00007fd8dbcadef9
[  424.635028][T19845] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c
[  424.643009][T19845] RBP: 00007fd8da927090 R08: fffffffffffffd78 R09: 0000000000000000
[  424.651001][T19845] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001
[  424.658992][T19845] R13: 0000000000000000 R14: 00007fd8dbe65f80 R15: 00007ffddfcfad48
[  424.667054][T19845]  </TASK>
[  424.790350][T19855] loop2: detected capacity change from 0 to 512
[  424.822600][   T36] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  424.832454][T19864] loop3: detected capacity change from 0 to 1024
[  424.838877][T19855] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  424.853736][T19855] ext4 filesystem being mounted at /103/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  424.865365][T19864] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  424.898550][T18375] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  424.909583][T19868] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  424.924695][T19864] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=f054c01c, mo2=0002]
[  424.938904][T19864] System zones: 0-1, 3-36
[  424.954322][T19871] loop4: detected capacity change from 0 to 1024
[  424.964095][T19864] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  425.014087][T19871] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  425.207792][T18882] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  425.251198][T19892] FAULT_INJECTION: forcing a failure.
[  425.251198][T19892] name failslab, interval 1, probability 0, space 0, times 0
[  425.263970][T19892] CPU: 0 UID: 0 PID: 19892 Comm: syz.4.5388 Not tainted 6.11.0-syzkaller-09015-g18ba6034468e #0
[  425.274453][T19892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  425.284673][T19892] Call Trace:
[  425.287992][T19892]  <TASK>
[  425.290997][T19892]  dump_stack_lvl+0xf2/0x150
[  425.295624][T19892]  dump_stack+0x15/0x20
[  425.299809][T19892]  should_fail_ex+0x223/0x230
[  425.304558][T19892]  ? ext4_init_io_end+0x31/0xb0
[  425.309439][T19892]  should_failslab+0x8f/0xb0
[  425.314047][T19892]  kmem_cache_alloc_noprof+0x4c/0x290
[  425.319458][T19892]  ext4_init_io_end+0x31/0xb0
[  425.324228][T19892]  ext4_do_writepages+0x6c5/0x2130
[  425.329377][T19892]  ? trace_buffer_unlock_commit_regs+0x113/0x3a0
[  425.335760][T19892]  ? xa_load+0xb9/0xe0
[  425.339883][T19892]  ? memcg_list_lru_alloc+0xd2/0x740
[  425.345259][T19892]  ? bpf_bprintf_cleanup+0x82/0xb0
[  425.350406][T19892]  ? mod_objcg_state+0x2ea/0x4f0
[  425.355373][T19892]  ? mod_objcg_state+0x2ea/0x4f0
[  425.360411][T19892]  ? __rcu_read_unlock+0x4e/0x70
[  425.365459][T19892]  ? cmp_ex_search+0x56/0x70
[  425.370127][T19892]  ext4_writepages+0x159/0x2e0
[  425.374937][T19892]  ? __pfx_ext4_writepages+0x10/0x10
[  425.380264][T19892]  do_writepages+0x1d8/0x480
[  425.384871][T19892]  ? mntput_no_expire+0x70/0x3c0
[  425.389877][T19892]  ? _raw_spin_unlock+0x26/0x50
[  425.394748][T19892]  filemap_fdatawrite_wbc+0xdb/0x100
[  425.400152][T19892]  file_write_and_wait_range+0xc4/0x250
[  425.405866][T19892]  ext4_sync_file+0x12e/0x6c0
[  425.410600][T19892]  ? __pfx_ext4_sync_file+0x10/0x10
[  425.415958][T19892]  vfs_fsync_range+0x116/0x130
[  425.420793][T19892]  __se_sys_msync+0x34d/0x510
[  425.425490][T19892]  __x64_sys_msync+0x43/0x50
[  425.430094][T19892]  x64_sys_call+0x1074/0x2d60
[  425.434853][T19892]  do_syscall_64+0xc9/0x1c0
[  425.439403][T19892]  ? clear_bhb_loop+0x55/0xb0
[  425.444162][T19892]  ? clear_bhb_loop+0x55/0xb0
[  425.448933][T19892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  425.454847][T19892] RIP: 0033:0x7fd8dbcadef9
[  425.459271][T19892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  425.478897][T19892] RSP: 002b:00007fd8da927038 EFLAGS: 00000246 ORIG_RAX: 000000000000001a
[  425.487326][T19892] RAX: ffffffffffffffda RBX: 00007fd8dbe65f80 RCX: 00007fd8dbcadef9
[  425.495336][T19892] RDX: 0000000000000004 RSI: 087abbe8d1cc6ad9 RDI: 0000000020952000
[  425.503389][T19892] RBP: 00007fd8da927090 R08: 0000000000000000 R09: 0000000000000000
[  425.511365][T19892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  425.519345][T19892] R13: 0000000000000000 R14: 00007fd8dbe65f80 R15: 00007ffddfcfad48
[  425.527336][T19892]  </TASK>
[  425.591962][T19898] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5391'.
[  425.612541][T19900] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  425.686877][T19909] loop0: detected capacity change from 0 to 164
[  425.699887][T19909] Unable to read rock-ridge attributes
[  425.711227][T18445] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  425.725123][T19909] Unable to read rock-ridge attributes
[  425.809642][T19921] loop0: detected capacity change from 0 to 164
[  425.817285][T19921] Unable to read rock-ridge attributes
[  425.826972][T19921] Unable to read rock-ridge attributes
[  425.865934][T19925] loop3: detected capacity change from 0 to 2048
[  425.921110][T19925] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  425.940622][T19925] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  425.940676][T19934] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5405'.
[  425.955709][T19925] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 17 with error 28
[  425.976875][T19925] EXT4-fs (loop3): This should not happen!! Data will be lost
[  425.976875][T19925] 
[  425.986627][T19925] EXT4-fs (loop3): Total free blocks count 0
[  425.992859][T19925] EXT4-fs (loop3): Free/Dirty block details
[  425.998836][T19925] EXT4-fs (loop3): free_blocks=2415919104
[  426.004712][T19925] EXT4-fs (loop3): dirty_blocks=32
[  426.009868][T19925] EXT4-fs (loop3): Block reservation details
[  426.015873][T19925] EXT4-fs (loop3): i_reserved_data_blocks=2
[  426.044449][T19943] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5408'.
[  426.082078][T19947] loop4: detected capacity change from 0 to 164
[  426.090641][T19947] Unable to read rock-ridge attributes
[  426.109425][T19947] Unable to read rock-ridge attributes
[  426.197653][T19951] loop4: detected capacity change from 0 to 2048
[  426.227682][T19951] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  426.286378][T18882] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  426.783618][   T29] kauditd_printk_skb: 222 callbacks suppressed
[  426.783638][   T29] audit: type=1326 audit(1727153390.859:31870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19967 comm="syz.4.5419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8dbcadef9 code=0x7ffc0000
[  426.821392][T19973] loop0: detected capacity change from 0 to 164
[  426.845341][T19973] Unable to read rock-ridge attributes
[  426.852583][T19973] Unable to read rock-ridge attributes
[  426.868308][   T29] audit: type=1326 audit(1727153390.859:31871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19967 comm="syz.4.5419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8dbcadef9 code=0x7ffc0000
[  426.928879][   T29] audit: type=1400 audit(1727153390.989:31872): avc:  denied  { read } for  pid=19976 comm="syz.0.5423" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  426.948482][   T29] audit: type=1326 audit(1727153390.999:31873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19978 comm="syz.1.5424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  426.972218][   T29] audit: type=1326 audit(1727153390.999:31874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19978 comm="syz.1.5424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  426.995836][   T29] audit: type=1326 audit(1727153390.999:31875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19978 comm="syz.1.5424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  427.019592][   T29] audit: type=1326 audit(1727153390.999:31876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19978 comm="syz.1.5424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  427.043235][   T29] audit: type=1326 audit(1727153390.999:31877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19978 comm="syz.1.5424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  427.066936][   T29] audit: type=1326 audit(1727153390.999:31878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19978 comm="syz.1.5424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  427.090576][   T29] audit: type=1326 audit(1727153390.999:31879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19978 comm="syz.1.5424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f418698def9 code=0x7ffc0000
[  427.136482][T19983] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  427.162771][T19977] tipc: Started in network mode
[  427.167725][T19977] tipc: Node identity 4, cluster identity 4711
[  427.173968][T19977] tipc: Node number set to 4
[  427.255873][T16496] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  427.301259][T19999] FAULT_INJECTION: forcing a failure.
[  427.301259][T19999] name failslab, interval 1, probability 0, space 0, times 0
[  427.314038][T19999] CPU: 0 UID: 0 PID: 19999 Comm: syz.0.5433 Not tainted 6.11.0-syzkaller-09015-g18ba6034468e #0
[  427.324677][T19999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  427.334783][T19999] Call Trace:
[  427.338075][T19999]  <TASK>
[  427.341030][T19999]  dump_stack_lvl+0xf2/0x150
[  427.345766][T19999]  dump_stack+0x15/0x20
[  427.349945][T19999]  should_fail_ex+0x223/0x230
[  427.354718][T19999]  ? getname_flags+0x81/0x3b0
[  427.359513][T19999]  should_failslab+0x8f/0xb0
[  427.364128][T19999]  kmem_cache_alloc_noprof+0x4c/0x290
[  427.369558][T19999]  getname_flags+0x81/0x3b0
[  427.374099][T19999]  getname+0x17/0x20
[  427.378026][T19999]  do_sys_openat2+0x67/0x120
[  427.382700][T19999]  __x64_sys_open+0xe6/0x110
[  427.387370][T19999]  x64_sys_call+0x1321/0x2d60
[  427.392112][T19999]  do_syscall_64+0xc9/0x1c0
[  427.396677][T19999]  ? clear_bhb_loop+0x55/0xb0
[  427.401380][T19999]  ? clear_bhb_loop+0x55/0xb0
[  427.406177][T19999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  427.412160][T19999] RIP: 0033:0x7fb3f826def9
[  427.416608][T19999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  427.436298][T19999] RSP: 002b:00007fb3f6ee1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  427.444753][T19999] RAX: ffffffffffffffda RBX: 00007fb3f8425f80 RCX: 00007fb3f826def9
[  427.452750][T19999] RDX: 0000000000000000 RSI: 000000000014507e RDI: 0000000020000780
[  427.460753][T19999] RBP: 00007fb3f6ee1090 R08: 0000000000000000 R09: 0000000000000000
[  427.468793][T19999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  427.476786][T19999] R13: 0000000000000000 R14: 00007fb3f8425f80 R15: 00007fff0f366e88
[  427.484834][T19999]  </TASK>
[  427.491800][T19998] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5434'.
[  427.540167][T20005] syz.2.5435: attempt to access beyond end of device
[  427.540167][T20005] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  427.888089][T20029] FAULT_INJECTION: forcing a failure.
[  427.888089][T20029] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  427.893169][T20031] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5447'.
[  427.901195][T20029] CPU: 1 UID: 0 PID: 20029 Comm: syz.1.5446 Not tainted 6.11.0-syzkaller-09015-g18ba6034468e #0
[  427.901229][T20029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  427.901242][T20029] Call Trace:
[  427.901248][T20029]  <TASK>
[  427.936950][T20029]  dump_stack_lvl+0xf2/0x150
[  427.941678][T20029]  dump_stack+0x15/0x20
[  427.945930][T20029]  should_fail_ex+0x223/0x230
[  427.950649][T20029]  should_fail+0xb/0x10
[  427.954935][T20029]  should_fail_usercopy+0x1a/0x20
[  427.960083][T20029]  copy_fpstate_to_sigframe+0x5d7/0x770
[  427.965694][T20029]  ? copy_fpstate_to_sigframe+0xe3/0x770
[  427.971474][T20029]  ? dequeue_signal+0x28c/0x420
[  427.976355][T20029]  ? fpu__alloc_mathframe+0x95/0xd0
[  427.981559][T20029]  get_sigframe+0x2f3/0x430
[  427.986147][T20029]  x64_setup_rt_frame+0xa7/0x570
[  427.991094][T20029]  arch_do_signal_or_restart+0x287/0x4b0
[  427.996787][T20029]  syscall_exit_to_user_mode+0x59/0x130
[  428.002379][T20029]  do_syscall_64+0xd6/0x1c0
[  428.006894][T20029]  ? clear_bhb_loop+0x55/0xb0
[  428.011608][T20029]  ? clear_bhb_loop+0x55/0xb0
[  428.016346][T20029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.022310][T20029] RIP: 0033:0x7f418698def7
[  428.026786][T20029] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  428.046510][T20029] RSP: 002b:00007f4185607038 EFLAGS: 00000246 ORIG_RAX: 0000000000000049
[  428.055043][T20029] RAX: 0000000000000049 RBX: 00007f4186b45f80 RCX: 00007f418698def9
[  428.063038][T20029] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000008
[  428.071013][T20029] RBP: 00007f4185607090 R08: 0000000000000000 R09: 0000000000000000
[  428.079018][T20029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  428.086989][T20029] R13: 0000000000000000 R14: 00007f4186b45f80 R15: 00007ffd89731a88
[  428.094976][T20029]  </TASK>
[  428.111663][T20035] loop2: detected capacity change from 0 to 512
[  428.182784][T20035] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  428.196684][T20035] ext4 filesystem being mounted at /124/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  428.286672][T18375] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  428.554546][T20061] loop2: detected capacity change from 0 to 512
[  428.581683][T20064] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  428.597836][T20061] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  428.620196][T20061] ext4 filesystem being mounted at /126/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  428.641268][T20072] loop0: detected capacity change from 0 to 512
[  428.672778][T20072] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  428.698718][T18375] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  428.712818][T20072] ext4 filesystem being mounted at /269/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  428.855224][T16223] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  428.893085][T20079] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5464'.
[  428.969908][T20082] syz.0.5465: attempt to access beyond end of device
[  428.969908][T20082] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  429.086403][T20088] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  429.202807][T20098] loop2: detected capacity change from 0 to 512
[  429.220034][T20098] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  429.236297][T20098] ext4 filesystem being mounted at /131/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  429.243472][T20100] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5474'.
[  429.284037][T18375] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  429.310898][T20108] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5475'.
[  429.336508][T20112] syz.2.5477: attempt to access beyond end of device
[  429.336508][T20112] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  429.381708][T20120] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  429.702897][T20131] loop2: detected capacity change from 0 to 512
[  429.730671][T20131] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  429.744020][T20131] ext4 filesystem being mounted at /137/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  429.806919][T18375] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  430.036652][T20137] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5487'.
[  430.047296][T20140] loop1: detected capacity change from 0 to 512
[  430.061574][T20140] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  430.079386][T20140] ext4 filesystem being mounted at /363/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  430.109455][T20147] syz.2.5489[20147] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  430.109623][T20147] syz.2.5489[20147] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  430.123055][T14963] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  430.144352][T20147] syz.2.5489[20147] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  430.194502][T20152] syz.0.5491: attempt to access beyond end of device
[  430.194502][T20152] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  430.256513][T20154] syz.2.5492[20154] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  430.256599][T20154] syz.2.5492[20154] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  430.260244][T20156] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  430.288120][T20154] syz.2.5492[20154] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  430.288793][T20154] FAULT_INJECTION: forcing a failure.
[  430.288793][T20154] name failslab, interval 1, probability 0, space 0, times 0
[  430.312918][T20154] CPU: 0 UID: 0 PID: 20154 Comm: syz.2.5492 Not tainted 6.11.0-syzkaller-09015-g18ba6034468e #0
[  430.323390][T20154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  430.333457][T20154] Call Trace:
[  430.336824][T20154]  <TASK>
[  430.339772][T20154]  dump_stack_lvl+0xf2/0x150
[  430.344538][T20154]  dump_stack+0x15/0x20
[  430.348727][T20154]  should_fail_ex+0x223/0x230
[  430.353451][T20154]  ? copy_cgroup_ns+0x167/0x370
[  430.358383][T20154]  should_failslab+0x8f/0xb0
[  430.363011][T20154]  __kmalloc_cache_noprof+0x4b/0x2a0
[  430.368404][T20154]  copy_cgroup_ns+0x167/0x370
[  430.373114][T20154]  create_new_namespaces+0x1d8/0x430
[  430.378451][T20154]  unshare_nsproxy_namespaces+0xe6/0x120
[  430.384158][T20154]  ksys_unshare+0x3da/0x720
[  430.388697][T20154]  ? ksys_write+0x17a/0x1b0
[  430.393295][T20154]  __x64_sys_unshare+0x1f/0x30
[  430.398188][T20154]  x64_sys_call+0x2c8d/0x2d60
[  430.402949][T20154]  do_syscall_64+0xc9/0x1c0
[  430.407540][T20154]  ? clear_bhb_loop+0x55/0xb0
[  430.412234][T20154]  ? clear_bhb_loop+0x55/0xb0
[  430.416964][T20154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  430.422912][T20154] RIP: 0033:0x7f552f0ddef9
[  430.427337][T20154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  430.447071][T20154] RSP: 002b:00007f552dd57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  430.455544][T20154] RAX: ffffffffffffffda RBX: 00007f552f295f80 RCX: 00007f552f0ddef9
[  430.463624][T20154] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000042000000
[  430.471695][T20154] RBP: 00007f552dd57090 R08: 0000000000000000 R09: 0000000000000000
[  430.479778][T20154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  430.487768][T20154] R13: 0000000000000000 R14: 00007f552f295f80 R15: 00007ffe9e826ea8
[  430.495972][T20154]  </TASK>
[  430.534406][T20162] ==================================================================
[  430.542538][T20162] BUG: KCSAN: data-race in mas_wr_store_entry / mtree_range_walk
[  430.550299][T20162] 
[  430.552624][T20162] write to 0xffff888104224e10 of 8 bytes by task 20160 on cpu 1:
[  430.560345][T20162]  mas_wr_store_entry+0x146b/0x2d00
[  430.565562][T20162]  mas_store_prealloc+0x6bf/0x960
[  430.570603][T20162]  commit_merge+0x441/0x740
[  430.575121][T20162]  vma_expand+0x211/0x360
[  430.579463][T20162]  vma_merge_new_range+0x2cf/0x3e0
[  430.584619][T20162]  mmap_region+0x887/0x16e0
[  430.589150][T20162]  do_mmap+0x718/0xb60
[  430.593324][T20162]  vm_mmap_pgoff+0x133/0x290
[  430.597931][T20162]  ksys_mmap_pgoff+0xd0/0x330
[  430.602629][T20162]  x64_sys_call+0x1884/0x2d60
[  430.607324][T20162]  do_syscall_64+0xc9/0x1c0
[  430.611840][T20162]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  430.617746][T20162] 
[  430.620075][T20162] read to 0xffff888104224e10 of 8 bytes by task 20162 on cpu 0:
[  430.627718][T20162]  mtree_range_walk+0x1b4/0x460
[  430.632594][T20162]  mas_walk+0x16e/0x320
[  430.636760][T20162]  lock_vma_under_rcu+0x95/0x260
[  430.641719][T20162]  exc_page_fault+0x150/0x650
[  430.646406][T20162]  asm_exc_page_fault+0x26/0x30
[  430.651267][T20162] 
[  430.653590][T20162] value changed: 0x00007fb3f6ec0fff -> 0xffffffff8529e680
[  430.660695][T20162] 
[  430.663018][T20162] Reported by Kernel Concurrency Sanitizer on:
[  430.669167][T20162] CPU: 0 UID: 0 PID: 20162 Comm: syz.0.5495 Not tainted 6.11.0-syzkaller-09015-g18ba6034468e #0
[  430.679673][T20162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  430.689820][T20162] ==================================================================