last executing test programs:

1.958386734s ago: executing program 3 (id=1191):
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffd000)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000008000000040000000000000700000000030000000000000f0100000000000000000000020200000000002e2e5f"], 0x0, 0x44, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x6)
write$tun(r4, &(0x7f00000007c0)=ANY=[], 0x36)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r5, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r6, 0x0, 0x30, 0x1, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], &(0x7f0000000500)=[0x2], 0x0, 0x1f}}, 0x3c)
sendfile(r0, r0, 0x0, 0x24002deb)
ioctl$LOOP_CLR_FD(r0, 0x4c01)

1.543559899s ago: executing program 3 (id=1201):
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1)
mlockall(0x3)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0x1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={0x1}, 0x4)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x400, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x3548, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x4}}}}]}, 0x78}}, 0x0)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0xe, &(0x7f00000008c0)=""/59, &(0x7f0000000900)=0x3b)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newtfilter={0x78, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x48, 0x2, [@TCA_BASIC_EMATCHES={0x44, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x38, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x1, 0x0, 0x0, {{}, {0x0, 0x0, 0x1}}}, @TCF_EM_META={0x24, 0x2, 0x0, 0x0, {{0x0, 0x4, 0x4}, [@TCA_EM_META_HDR={0xc}, @TCA_EM_META_RVALUE={0x4, 0x3, [@TCF_META_TYPE_VAR]}, @TCA_EM_META_LVALUE={0x5, 0x2, [@TCF_META_TYPE_VAR='3', @TCF_META_TYPE_VAR]}]}}]}]}]}}]}, 0x78}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x4, 0xfffffffc, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x2)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

1.324035932s ago: executing program 1 (id=1211):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000180), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x242, 0x0)
pwrite64(r0, &(0x7f0000000000)='2', 0x1, 0x8080c61)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r1, 0x0, 0x0, 0x8000c62)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)

966.176527ms ago: executing program 4 (id=1215):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
ustat(0x5, &(0x7f0000000300))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000001280)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
rmdir(&(0x7f0000000140)='./file2\x00')
ioctl$FITRIM(r2, 0xc0185879, &(0x7f0000000080)={0x81, 0x100002000, 0x9})

959.557267ms ago: executing program 1 (id=1217):
r0 = gettid()
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f0000000000)=0x6, 0x4)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f0000000080), 0x10)
sched_getscheduler(0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x281c2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
open(0x0, 0x80, 0x74)
pread64(r4, &(0x7f00000002c0)=""/124, 0x7c, 0x7)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0}, 0x18)
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)=ANY=[], 0x0)
close_range(r3, 0xffffffffffffffff, 0x10000000000000)
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$SG_IO(r5, 0x2285, &(0x7f00000005c0)={0x53, 0x0, 0x0, 0x0, @buffer={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x12, 0x0, 0x0})
ioctl$SCSI_IOCTL_SEND_COMMAND(r5, 0x1, &(0x7f0000003300)=ANY=[@ANYBLOB="00100000ad01000000000100eda15a9a136dacfd4d7d3ebe39a78708c0033da92d169b87141ad06b630ae1c4317073341db389f09bc9dcb0da88ca32161a0b8c085d23e56065069b10f7a214cbe086aa8a2714385959605282ec1ce4fa920ecf62cd70e786abbf220571e22d9f88fa630c76a8febe86dbe30b97d1e7b2cba3b310907a5a687b6dfaf0af68e1b85059ce0f67e6679f76b8bd7b589d2c6e02d65d7b0911e1b426ca432a3c6a0abee5dfc7623fee6ea40c8b796a4c01cfa8139e82fc35e0c885a74e3bf045369115ab1d4516b297075cffd55c49d7e4265047da8506a81d778a69c3733efccfd54473e398e36d0abd15d7d29f5b708d281a2be175a7f2030bd71d69419a8698b3122afc107016841cb6d7c997ecb5c1d8598b982f27bc33e5ef953f3749c45a94b32dee9e0fd537cf2812e1feb0a030a4310935a3c18bf5236f9c05b06234568f28a5421e47962008e14df867325240ffb501ad54852182dbec4fb6302f9ea632d64a434b9c2c8105f29955f909cca14518487e1e8e3a7feb9c129a5e8c71ce227a2b38d6a106ddddd4a078e9a33c31fdeb4a3fbb85ff69195a9b1775de6fbcee85f7e87afc67dd49174557bf55eb4e900842f767f8b1cd828e51428da5e173d5c1e2da8f11fb62156ff291b5414075eb0d36ecb75179cf6febddb8062d43ae6f187c3b72de552c016a53c29660b1487f3b785085555e81dc19c8c6ec8737ea54b6fa185d414723877a3b445e275e34b0834e4f83d118d7430f3b8ec17bdbbce875b9a8c76da35703917facaccce76a3d379bf2449dde39b9c9f95d659d58cc255c2b28af0ac4aa4e7de6b314254cf17af4c34a336a6360a8ee01984a39784f2ea10f9cc0c1311fcf582b0eefd7b7a6663513f4716237b3951fc205b804eb90d3b58b7d9cd1182b1bb579c374e656a3e43d85b84134c5ec3e43da3b89e04651fcde72f5c9e29a37c373baed9961fa54b68094c74a476c4e64f5d6685d303819ee1802a503dda1b08c086a344e2477c925a06596ea208c55ca90ddec8265aa222e3b6605fc1f37e06fe6a39b345ecb701d71eed9b77cf037e0273497edd3cabc07641a40b2c443cd25e9a442313888079268547d1593210fa82fc87635a45def495ca194663668203443e498d89860010c30503eaf6f8a1be26d55f3eaa89bbcafb01b34d5b2a89c4e909c98b9d52a80e6503da0d0a10dd0826be7274d9bbd0004a5f1d3ba49ef7f1680b89985fffb51a8b9393fc37cf4160e65986257b4324b5a9424b203469a06dba801c1b559348fc2dcea2f3e27c63b9ab7bb2925a93de6cb8a7fa400d754cdce8c3b426edb204606fe8bc67beb6575241329eb1d37082c2a01c4df6377c97140fe4ad07129d27d32379700333e5d8c4d9ea2c9c0bff2994351d83c37f1fe69296a09c690bf96a80e787b218bfc88513a0bfd1979a41bb9f5145969d51e5a394e267ff4edd8215ac44a5b82386492c55b762b32e812ac5dc87543e38e11f5377f9bc07eb7751a49fc804959e5df05d80b11fbebc51c47cf19896cc21c049c8b853530eb539bf01bf82701a08a333384b51757881ff1c07f36e0699be117c4944abdb0464eabd06e8353f575a5d221328f520e7a1561bbe4c6626201ac67d4f8a88d11442f3f1f6f83f686694fe27f53d0d406675f0d255aeced049a3902d215b9806bd04e729ab8db8fd4b20f6337fdbccf24867be62b4fe7169a4b88ad0a35ce502119c2d4de6f623df635419b2a5f90030303d45dbaa532beb433f34c697841c66217af1763d7d6c9091970fdde3dad04a692a6d7109286816e450425344cc5f5f8977b73f8d23a89dca4b0416dbe2f258edc2425f21073c7ef5f60da141ecec6aa79575fdbd1fe2e0b2d041a67c0c75c8843e361984884638546781dc075beafac3049908c64400862233e0c3c7cb2bacd1dbe1d57f8801367b365cd00596d595a88c1a8f853e88a5e7f2e03276dc41334e5eaac9a19cb25e75bac0ef3567673eae6137562c81416a011713682b666fd80fbeccbfbce209e2b5c1cf77ecee36c6dc03d8a8d0caa2a8dd43b47d25581a1a8b86c0c729f5dcd638ffcfee34e7e7469a9857737d40920555dc87cc4199a67b279cdf520380387effa7bdca2060892c5b85c09ed7c821dedf25bba870330fdef88c0ecfe2f61566d0af1c5caacc9e947146ec61d17911147e931699b585feee016cf83a022d4fe69401b7ab2aebc79f60005f7a224470ae8239ebd6661bd718f6b394af81f23d66a431f0284912ad12218027909a7c000841142016efb80bcc826d4654981799a71384299468ba232aebaf6e0781b42dc95a017f7935cd0998c429a6d06c1c82b6eed90243aa6088592eb5b04f59799157ecc3ab2e7fe67725eb0025a447c5181d9bd160dc207ec96e9d397dde6f4f6213fb5904f7c33e53af58db2fd09c4ed14c56fec00dc1d1231e7f7633c7af6f2524209621e3172a18cef7e0a415bfd366b2202c49c756ca6acabe1b8ec64a32e8af03fdcfa2f73db0ffa25c68264d96987b727f52dcf40849bcd3dfa5ba4dabe36097c6e29c3877cee6fc2fa9915042d2b5dcf973b9e6aa88108a3eaadf20260ca34abdb46d943b2c07dcb5dbf9cd5e2fb3edc6f0836a8271f883e839c21cfe82df0da40fe3f3296d164c8ef130c90282f468837774d33f078534499cc38830b553e2279af5776b1310ed3dfe8f0ebe3323cf57a2c1561237b12e3a1763f04efd3597308f8e4020390c8754df34c7afa1f5bf6eafb27a6ad14a2a8408fbf8585b4a518ca538a75c1b9b3a8f1efd667075ed4a48291a9e98d40c3b636aa50f24f4b93f472146da0314717d2a4fe55461bd9aeee177574a7e68b7302f46d097014d77d93394653db6a27a898adb4bb844259e60c365ac913df48cf37af538e0f04f75cf36ec88250e12d5439496cfa02a722c5057a527741fce597f539326d1f258289254c5b5439d15bfbd5980be6f68950c4b0877e4ce2d67878dad44b3c1ff2cfee9a96f70b67a517a7482b82cb83255537e2a00baa091bdde5d38f0d2a9da16f1977f2d2cfad22d18f22c839ee0c8275955a9c2c5e14efa73114ca810c38f6cc56dab3e18ed2d2b2e74c2d9a9663db591679758d890fd326a9cbef579b0d7b7f309ef759f6a762763a760e8a11381ff7ece8b111de2ca77073a989690b19449dfeec9b16ed7a821a825e243c6c191dbe382419adba7625c33272d79a95ee5c9aa6e9a0ff53dc1a453b765c38ea5bf1ee9494a0fb4e3f7254fb407694a9b2a5810e775cb38eaf4ed4d68134b9187b23c96748f34ae69582c925b775c463ec55e92b2724abc518cdeb64a2369530a48a47854ec1c1c8fbe67d3db4c2fcae15807a8fa1abb7f127f1d09d3e5d3824a5a6aaf7e3c8653890037355a2a3d05c8aba2ed2a60b639227f78b9fe06ca51157c9fe3fb0b3913d782f2a747ad0bb3c4ed7b72071a0767010d56d728fd46757ee3335a8c6e2ea89b5f25bf16ae84f697e90cc345777b5bf1fe038ef99dffbe8c33dc2076715458ce720b5bad442460e1c8e5e1a669809878f5eb64353927a54ee4c80927919b17810f595fd23d463405bec7631401cfeafbe07ee3980662415900eb79091e4c7a500f1bced7c051bbe701097065fe72a7010f925fcec2f4dfbb1107a259108069c1cef118b0c2c85ab67c7b7beda5c61ea17dc999bc9b6cb0b7ec603d8437c9953aba441ed58104005447b08dabe95149d33228e16ea697e81f16e6787c6fb74cad170c1074c92eb47289c029d65ac4bb61abe57ac9f0e9ed203ac7f344cf882a48f0d8f80d912dac436da53238c0b07ca0fd42a000c85b6b1c59e9b67a8efed5847884d4747da10864abe22cf3ebdee512fcd99a31cedb3d38fd4c8aed46222bedbfcc60b7ea6099989335639fa3ae5f2afb8afd8830e3052919124b9b793f61e77368fcb0dd59eb24bbaa25b465aa7834bc3dce12bbe6ac61cb503f0a6cda50d83e4b0b928d80131900f3e5688eada6e08772c33fc061654de67fc7fb770c65717806ccf85553a663f4e0e67c1a7f6801f36716faf48999ec925ffdcd78717d710da0f0b72644bba67186dec7942d0756df1e0b74a91fa9cf733109d7ab9e3540f871dce8d7e123027727ddee3798a2319a646433c05aa676bf2044b91b092e039e3e30e2264728b27edd7a759f8bd9b727a7131b76e437e4f7e60a1e54ed402b18d11dfc30934cb323f2e3d125fe1144a17258ca480ffb62df4b50597a4f67f55a2223c47ec493e8dbea66eb937f549b6669ca67824b76163887206ec8b775e22da2c29a83e4a7f2948b295592e0306f3e4a81e9f752c8de68062693d30e45d76a6b447ca7b28e957e8e95a675c8dc5eebbd3499824c1c46f5317a56cce77c28fbd320075421532e23d826317c1f755b5cec3c061ffaa28b2bfe1888072200775b53395441389f48b405740f8d636d6defe1490729679dcc81fa9fed141e8d0672adf5dbc654f6bac8e396f85a52af44d358409feda79c440a1980fe6e916a6122a31526fc1b1122e23b1dea8f29aa9bdd27eadc5ed6ff0522bc61a24f24c6940b467ca42f87488f958581e37faeb07253fa3fb48418b253a99c6f438862ab2840b1f721f90c7285330921bb1e25a103dac4fc14be6bf4dea0df2f3663cdc845645e775b952e9ee3cb6acfe12f45687324dda39ae5ef00f1ec5af5a8546864a8f412cf0f9b0fc764b084fa0272c82132a104ad1347e4eb7bd1f97bdbd891b68c1b5c752f0a2bd4bf7c58c11e051c0267a3e96b50fa694a6c406f639f60ddf6f8c4599d19500b2f5e3551b27e227f66bca52975f53afd9a6aa8e30fe0e9ee3b9ba8fb83c6973c80aec067632e8acb0f048935ddb64d2ba2ed3a90df1e04bfc4274ba050a5f3840b9124f0959b7dd6a36dc8446cc5b9ae09a09607a382eff8965c0caab84cddef11110a7d709bf183f5cf468ba5a216bb15c3d946bbb0af6d3d81b4efb8f420e317a5b71b298b778aa6ec3a94358ca4e5b78caf8331a577b24cb43c393f321bb7225bd72e73ac1b54cec24d84fffc8779fe4fcd1396c9c58924ce7f70714432c9d43e22a224f4c02c1ba675bd162b5ced170f866296b010ee7441dacd7b64c4c92be7ebcdc75638d51f5b2d3d1cf5d5b3f77a70421d36acc799d58b0e301a6673ef45925beee779c5067fa14d25335643846c18d987645bf5957c6856c117f9961da7b98308f93e9975a9b63d2758ed851602a37375d03ace200606e3fae7a94d21d79059d6b550c25b2d8a1b210377a660a0a60f379f3d78accd7e4e0eb1019dff324feecba8f6ff75f9c96a8aa985e50878bed70f6b3bee98144c5cfe4397f2717aba840f9f4797b78020f9b31134c0c0bf41fb254"])
sendmsg$can_bcm(r2, 0x0, 0x0)
sendmsg$can_bcm(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYBLOB='\a'], 0x48}, 0x1, 0x0, 0x0, 0xc4}, 0x0)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_inet_sctp_SIOCINQ(r6, 0x541b, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000003feffff720a00fef8ffffff71a400fe0000000071302000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00fe040400007203000000000000b500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0xffffffffffffff20, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
tgkill(r0, r0, 0x3f)
kcmp(r0, r0, 0x5, 0xffffffffffffffff, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="bf000100000000006111140000000000040000000000000095000000000000001abe5201462857a3db65e291772afa2114f5963ed660b870d974d2252829f8290f8d02e3b0096b3df3e6585851cb7efb50a982b66e14716ffe33a164c3d1ff5798fc4bd6d3e5ab096e9ad743eb00"], &(0x7f0000000080)='GPL\x00', 0x2, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1d43, 0x10, &(0x7f0000000000), 0x76, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

837.212669ms ago: executing program 4 (id=1219):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x9, 0x4, 0x2, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, &(0x7f0000000040), &(0x7f0000000140)=r1}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r2, &(0x7f0000000040)}, 0x20)

836.699069ms ago: executing program 2 (id=1220):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

789.965839ms ago: executing program 4 (id=1222):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x1e8, 0x0, 0x8, 0xfa04, 0xc0, 0x6c02, 0x150, 0x194, 0x194, 0x150, 0x194, 0x3, 0x0, {[{{@ip={@empty=0x1e00, @local, 0x0, 0x0, 'veth0_to_hsr\x00', 'veth0_virt_wifi\x00', {}, {}, 0x6}, 0x0, 0x98, 0xc0, 0x0, {0x0, 0x74020000}, [@common=@inet=@socket3={{0x28}}]}, @common=@inet=@SYNPROXY={0x28}}, {{@ip={@broadcast, @rand_addr, 0x0, 0x0, '\x00', 'tunl0\x00'}, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x248)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
listen(r5, 0x1)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="0c04000010000104000000000000000000480000", @ANYRES32=r5, @ANYBLOB="101000000000000008000d0005000000e40316", @ANYRES16=r5], 0x40c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r6 = getuid()
mount$cgroup(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x200020, &(0x7f0000000680)={[{@none}, {@favordynmods}, {}], [{@audit}, {@euid_lt={'euid<', 0xee01}}, {@hash}, {@fsuuid={'fsuuid', 0x3d, {[0x38, 0x62, 0x31, 0x33, 0x1, 0x36, 0x66, 0x65], 0x2d, [0x35, 0x37, 0x66, 0x39], 0x2d, [0x63, 0x66, 0x39, 0x63], 0x2d, [0x66, 0x65, 0x51, 0x61], 0x2d, [0x35, 0x35, 0x33, 0x37, 0x61, 0x38, 0x65, 0x65]}}}, {@func={'func', 0x3d, 'FILE_MMAP'}}, {@audit}, {@flag='nomand'}, {@euid_gt={'euid>', r6}}, {@subj_user={'subj_user', 0x3d, 'kfree\x00'}}]})
r7 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000500)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a320000000008004100727865001400330076657468305f746f5f626f6e64"], 0x38}, 0x1, 0x0, 0x0, 0x20000854}, 0x0)

789.345879ms ago: executing program 4 (id=1223):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f00000000c0)={[{@nolazytime}, {@auto_da_alloc}, {@data_err_ignore}]}, 0x3, 0x4cd, &(0x7f0000000c80)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=")
r0 = open(&(0x7f0000000340)='./file1\x00', 0x185102, 0x1)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
write$P9_RGETATTR(r0, &(0x7f0000000140)={0xa0, 0x19, 0x1, {0x402, {0x2, 0x4, 0x7}, 0x0, 0x0, 0x0, 0x3, 0x6c, 0x5, 0x0, 0x8, 0x4, 0x0, 0x9, 0x7, 0x1, 0x2, 0x0, 0x2, 0x8, 0x5}}, 0xa0)
write$P9_RAUTH(r0, &(0x7f0000000080)={0x14, 0x67, 0x1, {0x40, 0x3, 0x3}}, 0x14)

771.801379ms ago: executing program 2 (id=1225):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000180), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x242, 0x0)
pwrite64(r0, &(0x7f0000000000)='2', 0x1, 0x8080c61)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r1, 0x0, 0x0, 0x8000c62)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000340)={0xff, 0x8, 0x86e8, 0x7ff, 0x3})

574.298602ms ago: executing program 0 (id=1227):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000780)='./cgroup\x00', 0x12000, &(0x7f0000000740)={[{@nolazytime}, {@dax_inode}, {@data_err_ignore}]}, 0x3, 0x4cd, &(0x7f0000000c80)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
mount$9p_rdma(0x0, &(0x7f00000005c0)='./cgroup\x00', &(0x7f0000000600), 0x2800004, &(0x7f0000000640)=ANY=[@ANYBLOB='trans=r'])
open(&(0x7f0000000340)='./file1\x00', 0x185102, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x9, 0x4, 0x2, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, &(0x7f0000000040), &(0x7f0000000140)=r1}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r2, &(0x7f0000000040)}, 0x20)

565.006332ms ago: executing program 4 (id=1228):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000180), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x242, 0x0)
pwrite64(r0, &(0x7f0000000000)='2', 0x1, 0x8080c61)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r1, 0x0, 0x0, 0x8000c62)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)

485.653233ms ago: executing program 0 (id=1229):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f00000000c0), 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r2, 0x107, 0xf, &(0x7f0000000000), 0x4)
socket$inet_udp(0x2, 0x2, 0x0)
sendto$inet6(r0, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)

463.369763ms ago: executing program 2 (id=1230):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=<r2=>r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095", @ANYRES16=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000680)=ANY=[@ANYRES64=0x0, @ANYRES64=r1, @ANYRESOCT=r2], &(0x7f0000000040)='GPL\x00', 0x0, 0xfffffffffffffda1, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0xffffffffffffff7b)
r4 = memfd_secret(0x80000)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000e40)={0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount_setattr(0xffffffffffffffff, 0x0, 0x8000, 0x0, 0x0)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x508, 0x0, 0x18c, 0x203, 0x348, 0x19030000, 0x438, 0x2e0, 0x2e0, 0x438, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {0x20}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}, {}, {}, {0x80}, {}, {}, {0x6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x1}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0xf0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5be)
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r4, 0x89fb, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$inet(0x2, 0x6, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)=@generic={&(0x7f00000000c0)='./file0\x00'}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$UHID_CREATE2(r7, 0x0, 0x119)
syz_mount_image$ext4(&(0x7f0000000580)='ext2\x00', &(0x7f00000006c0)='./file0\x00', 0x1008082, &(0x7f0000000d80)={[], [{@context={'context', 0x3d, 'system_u'}}, {@uid_eq}, {@dont_appraise}, {@audit}, {@uid_lt}, {@smackfsdef={'smackfsdef', 0x3d, 'rpfilter\x00'}}, {@smackfsroot={'smackfsroot', 0x3d, '/dev/hidraw#\x00'}}]}, 0x0, 0x5ef, &(0x7f0000000780)="$eJzs3c9vFFUcAPDvbH/QUrCFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2puy2s/1Fu1uYzydZ+ua9Hd5bhu++t6/vzQZQWoPpH5WIfRExnUT0J/OLZZ2RFQ4uPO/+P5+eSR9JVKtv/pVEkuXlz0+yn33ZyT0R8cvPSeztWF7vzNzVC+NTU5NXsuPh2YvTwzNzVw+dvzh+bvLc5KXRl0ePHzt67PjI4QdNWYdrBXmnbnzwUf/nY+98/+2/ycgPv48lcSJey55Y/zo2y2AM1v5NkuVFfcc3u7I26cguTv0lTgqvVlfrGsWa5dcvvTpPx81d9aHWH5+93tbGAVuqmkRUgZJKxD+UVD4OyD/bL/0cXGnLqARohXsnFyYAlsd/58LcYPTU5gZ23k8aJuGSiDi8CfXviog7t8dunL09diO2aB4OKDZ/PSKeKYr/pBb/A9ETA7X4rzTEfzouOJ39TPPf2GD9S6eKxT+0zkL896wY/9Ek/t+ti//3Nlj/4IPk+70N8d+70ZcEAAAAAAAApXXrZES8VPT7/8ri+p8oWP/TFxEnNqH+wSXHy3//X7m7CdUABe6djHi1cP1vJV/9O9CRpXbX1gN0JWfPT00ejognIuJgdO1Ij0dWqOPQF3u/aVY2mK3/yx9p/XeytYBZO+527mg8Z2J8dvxhXzcQce96xLOF63+Txf4/Kej/0/eD6TXWsfeFm6ebla0e/8BWqX4XceBB/99dH/+5ZOX7cwzXxgPD+ahguec++fLHZvVvNP6z9yKLBOEhpP3/zsLx/2L8DyT19+uZWX8dR+Y6q83K8vjvz47XOv7vTt6q3XKmO8v7eHx29spIRHdyqiPNbcgfXX+b4RGzey1PyuMhj5c0/g8+v/L8X9H4P+1455f83cnfjXuKc0/91/dHs/YY/0P7pPE/sa7+f/2J0ZsDPzWrf23zf0drff3BLMf8Hyz4Og/T7sb8+igcWEh0FhRtYDQPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFQiYlcklaHFdKUyNBTRFxFPxs6OuDwz++LZyx9emkjLat//X8m/6bd/4TjJv/9/oO54dMnxkYjYExFfdfTWjofOXJ6aaPeLBwAAAAAAAAAAAAAAAAAAgG2ir8n+/9SfHe1uHbDlOtvdAKBtCuL/13a0A2g9/T+Ul/iH8hL/UF7iH8prg/HftdntAFpP/w/lJf6hvMQ/AAAAAAA8Vvbsv/VbEhHzr/TWHqnurMz6Hni8VdrdAKBt3OIHysvSHygvn/GBZJXynqYnrXbmSqbPPMTJAAAAAAAAAAAAAFA6B/bZ/w9lZf8/lJf9/1Be+f7//W1uB9B6PuMDscpO/sL9/6ueBQAAAAAAAAAAAABsppm5qxfGp6Ymr0i8vT2a0cpEtVq9lv4v2C7tecQT+VL47dKeJYl8r+/azmrfexIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANDo/wAAAP//V2Afqg==")
ioctl$sock_netdev_private(r6, 0x89d6, 0x0)
syz_open_dev$hidraw(&(0x7f00000004c0), 0xfffffffffefffffc, 0x10a002)
fcntl$setlease(r4, 0x400, 0x0)
fsetxattr$system_posix_acl(r5, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x12, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3, 0x0, 0x100}, 0x18)
r8 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r8, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x32803e, 0x1000, 0xfffffffc, 0x7}, 0x20)

462.009823ms ago: executing program 3 (id=1231):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x4})
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0), 0x1, 0x789, &(0x7f0000001240)="$eJzs3M9rG2caAOB3JlacH96VF/awe8kuJJBAiGzHl+RU91J6CQQCvabGHhvjsRUsObXdQJzeCoU0vrSlUNp7j70WQvoH9FYCLfTWQ6G0qXtoe1GRLCuJIylKYkeJ+zww1veNvpn3fWfkzzPgUQB/W/+v/0gihiLiYkQUm+vTiDjYaB2KWN8at3nv2lR9SaJWu/RzUt8sNmvF1r6S5uvRaGwS/4mIO4WI0+88GreyujY/mefZUrM/Ul24MlJZXTsztzA5m81mi2Pj50fPjY+fGx3ftVpPvHH+8K2vX9vY+OaL6s1jA2eSmGjUHc3adi3QA7aOSSEmdqxf3ItgfZT0MGbgOeQBAEB39ev8A81rs0IU40C3qzQXcAAAAPBSqg3WevVHzyMBAACAF0wS/c4AAAAA2Fvb/wew/WzvXj0H28lPr0bEcLv4A41niCMORSEijmwmDz1+kGxtBs9k/UZE3J5o8/nr5Ynm7kbvNw/vzh7Zbbfr889Eu/knbc0/0Wb+Gdj+7oRn1Hn+ux//QIf572KPMb785L+FjvFvVFbePdYuftKKn3SI/2aP8W9uvHer03u1zyJOtv37kzwUq8v3Q4zMzOXtfrVa6d7589TdzvVHHHkkfpI0oibd67/SY/1vb/46v94l/qnj3c//VvzBh7arfybeb+aRRsSt5mu9v7EjxvGFb796NHKyvh1/usPxb3/+X2/V/2mP9X//+eBKj0MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgIY2IoUjSUqudpqVSxNGI+HccSfNypXp6pry8OF1/L2I4CunMXJ6NRkRxq5/U+2ON9v3+2R398Yj413eHt4LO5VlpqpxP97t4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWo5GxFAkaSki0oj4rZimpVK/swIAAAB23XC/EwAAAAD2nPt/AAAA2P+e9v4/2eU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH3t4oUL9aW2ee/aVL0/fXV1eb589cx0VpkvLSxPlabKS1dKs+XybJ6VpsoLj9tfGhFj52N5ZaSaVaojldW1ywvl5cXq5bmFydnsclZ4LlUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwpIYaS5KWIiJttNO0VIr4R0QMRyGZmcuz0Yj4Z0TcLRYG6/2xficNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArqusrs1P5nm29HI3avurnJ4bkUS8AGl0aHzUPCvdxiTrEXn2Q3Nkn1JNm+GfZT9Plvz1xxyWfjf+14e5CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/qusrs1P5nm2VOl3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPRX+mMSEfXlZPHE0M53Dya/FxuvEfHWx5c+WJmsVpfG6ut/aa2vfthcf/aBDa8/zxoAAABg33vlSQZv36dv38cDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0qrK6Nj+Z59nSHjbiRr+rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnsZfAQAA//9bFLc7")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1db)
r2 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040), 0x10)
listen(r2, 0x0)
r3 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r3, &(0x7f0000000080), 0x10)
sendmmsg(r3, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b700000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r5, 0x800448d7, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r6, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)

448.233044ms ago: executing program 0 (id=1232):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x9, 0x4, 0x2, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r3}, &(0x7f0000000040), &(0x7f0000000140)=r2}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r3, &(0x7f0000000040)}, 0x20)

381.207644ms ago: executing program 0 (id=1233):
syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffd000)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000008000000040000000000000700000000030000000000000f0100000000000000000000020200000000002e2e5f"], 0x0, 0x44, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x6)
write$tun(r3, &(0x7f00000007c0)=ANY=[], 0x36)
r4 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r4, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x30, 0x1, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], &(0x7f0000000500)=[0x2], 0x0, 0x1f}}, 0x3c)

331.170935ms ago: executing program 3 (id=1234):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x1e8, 0x0, 0x8, 0xfa04, 0xc0, 0x6c02, 0x150, 0x194, 0x194, 0x150, 0x194, 0x3, 0x0, {[{{@ip={@empty=0x1e00, @local, 0x0, 0x0, 'veth0_to_hsr\x00', 'veth0_virt_wifi\x00', {}, {}, 0x6}, 0x0, 0x98, 0xc0, 0x0, {0x0, 0x74020000}, [@common=@inet=@socket3={{0x28}}]}, @common=@inet=@SYNPROXY={0x28}}, {{@ip={@broadcast, @rand_addr, 0x0, 0x0, '\x00', 'tunl0\x00'}, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x248)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
listen(r5, 0x1)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="0c04000010000104000000000000000000480000", @ANYRES32=r5, @ANYBLOB="101000000000000008000d0005000000e40316", @ANYRES16=r5], 0x40c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r6 = getuid()
mount$cgroup(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x200020, &(0x7f0000000680)={[{@none}, {@favordynmods}, {}], [{@audit}, {@euid_lt={'euid<', 0xee01}}, {@hash}, {@fsuuid={'fsuuid', 0x3d, {[0x38, 0x62, 0x31, 0x33, 0x1, 0x36, 0x66, 0x65], 0x2d, [0x35, 0x37, 0x66, 0x39], 0x2d, [0x63, 0x66, 0x39, 0x63], 0x2d, [0x66, 0x65, 0x51, 0x61], 0x2d, [0x35, 0x35, 0x33, 0x37, 0x61, 0x38, 0x65, 0x65]}}}, {@func={'func', 0x3d, 'FILE_MMAP'}}, {@audit}, {@flag='nomand'}, {@euid_gt={'euid>', r6}}, {@subj_user={'subj_user', 0x3d, 'kfree\x00'}}]})
r7 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000500)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a320000000008004100727865001400330076657468305f746f5f626f6e64"], 0x38}, 0x1, 0x0, 0x0, 0x20000854}, 0x0)

314.010075ms ago: executing program 2 (id=1244):
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f00000000c0), 0x2, 0xbd1, &(0x7f0000002380)="$eJzs3M1rHOcZAPBnRquVbKtduZRS91KVUmwoXUsuMrUp1C4uvfRQaK8Fq/LKCK0/kFRcyTqskn8gX+dALoEkJiGH+OxLQnLNJbGvCTkETFCsBEJIFGY/pI2lleR4V6PIvx+8mvedd7TP8+ywO/PC7gbwxBrJ/qQRxyLiYhJRau5PI6JY7w1G1BrHra4sTX65sjSZxNravz5LIomIBytLk63HSprbI83BYES8/9ckfvb05rhzC4szE9VqZbY5Pjl/5frJuYXFP0xfmbhcuVy5Onb6T+Onxk+PnhnvWq1ffXTu9he/+fsnta9f/ebW58+/nMS5GGrOtdfRLSMxsv6ctCtExES3g+Wkr1lPe51JYYd/SnucFAAAHaVt93C/iFL0xcbNWyne/iDX5AAAAICuWOuLWAMAAAAOuMT6HwAAAA641ucAHqwsTbZavp9I2Fv3z0fEcKP+1WZrzBSiVt8ORn9EHH6QRPvXWpPGvz22kYj4+N6ZN7IWPfoe8nZqyxHxy63Of1Kvf7j+Le7N9acRMdqF+CMPjX9M9Z/rQvy86wfgyXTnfONCtvn6l67f/8QW17/CFteuHyLv61/r/m910/3fRv19He7//rnLGDdfefFGp7ms/j/f/tvrrZbFz7aPVdQjuL8c8avCVvUn6/UnHeq/uMsYpW9vVDrN5V3/2ksRx2Pr+luS7X+f6OTUdLUy2vi7ZYzl98Zf6xQ/7/qz83+4Q/2t33/qdP6v7zLGfy5ceHPTznsb3e3rTz8tJv+u94rNPf+fmJ+fHYsoJv/YvP/U9rm0jmk9Rlb/id9u//rfqv7sPaHWfB6ytcByc5uNn3oo5l9u3XyrUz6t9V+e5/9Sh/PfXv+7hc3n/5ldxvjdO8+d6DTXvv7NWha/tRYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJY0IoYiScvr/TQtlyOORMTP43BavTY3//upa/+7eimbixiO/nRquloZjYhSY5xk47F6f2N86qHxHyPiaES8UDpUH5cnr1Uv5V08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA645ExFAkaTki0ohYLaVpuZx3VgAAAEDXDeedAAAAANBz1v8AAABw8Fn/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GNHf33nbhIRtbOH6i1TbM7155oZ0Gtp3gkAuenLOwEgN4W8EwBy84hrfLcLcAAlO8wPdpwZ6HouAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxfx4/duZtERO3soXrLFJtz/blmBvRa2tZPcswD2Ht9200W9i4PYO95icOTyxof2GntP7hxTO37MwM9ywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/Weo3pK0HBHF5r5yOeInETEc/cnUdLUyGhE/jYgPS/0D2Xgs55wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovrmFxZmJarUym3XSaHbW9/Sg09eM3MMQvekkjbxr+yWfg90ZeHanY/4bjxmiGPui0n3ayfNdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvMwtLM5MVKuV2bm8MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyNrewODNRrVZme9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzXQAAAP//jAsGRw==")
r0 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x25, 0x6, @void}, 0x10)
ioctl$BTRFS_IOC_QGROUP_LIMIT(r0, 0x8030942b, &(0x7f0000000100)={0x1, {0x24, 0x2, 0xa5, 0x80000001, 0x1}})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}})
mount$bpf(0x0, 0x0, 0x0, 0x400008, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
lseek(r2, 0x10001, 0x0)

282.042116ms ago: executing program 1 (id=1235):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f00000000c0), 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r1}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r3, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r3, &(0x7f0000000040)={&(0x7f0000001340)=@hci={0x1f, 0x0, 0x12}, 0x80, &(0x7f0000000140)=[{&(0x7f00000006c0)="62042712590200000000002f1eafbcf706e12b30087f5c582d26116642c47a5f8786ee601e65ab3c06d4b8bf4a81cb3e247345af215542f41ddf82f618438a34f90186cee8441e2305e495d04ad68ab8fef69df82de6456fbb48b63f60c9c9097be968ea872c4801e5d0711b4373c7224ed7a9cbd49d40f82bdb6afc0036824be26fc96e49a70e90797e6caa1b38ddacb3cb2b3eac7c068a185b644582f25edfa3d6a46e2a894ca809a422a6a29bd7145bb6e7992570484d6a710292ea0c3f97b7cbff701684b13c5593262534a7af9eab48f2ca2d74d9a4de33", 0x15}, {&(0x7f0000000c00)="294f28dfe56d2c8ba23606bc7ecd1f634665cb5bed07bac5684da6eb21da1d6926910c5a0c653b0106869a804dd2a44ce42557b2e32e2bd367e9d01a5e7380cc4fc8e7c9044cc4115b978ca7427d749beaefdf2e48b369cb169ad7b1ced26bb161297c7e56a3e83e91b379c179017f8b4657d1b22eca6bca33036d33e1a684059c53cea91ca6637ac780ab2bcfc22a666cd4e5876f11e9aee4724b7cb59731c97e70ebd7f7483994eb07de2f3c6a9448c3206cff6d290b433f331c2399e99ee3bdecf5689eddc3e549966c1106a933bbc47b65ca6e9d7efbee6e3b1dbe87313111e85336d6890002db17751b6044f964dc90ea466f90856112be7f0a54b39a3f66cc4c39544300093158af39cdde429f50d8c750", 0x114}, {&(0x7f0000000a40)="0a985d7879f1bbff16c7d66e33657e452299fd0ef8c2afda588eb05891b7da030e01452a7986bea19b59c98dc2996c0ea09604d00ea48336d0c813d83025aca8623a5915ddddce2c11c5e374f2e0f387d2398fe0b899ff60dc7a73addcf253cf32aafbe2b9f90799e7fc583bdd9b564697ba988080270bdceb4714219a2d4c229fffb0d86fb286e3553a8b3ac02badc66ada5fceabe5f63c79da96e641a45901128063d6e1e31b11bcfbc3e70bd3c8c6c0be9f653f977f16", 0xfff0}, {&(0x7f0000000840)="6f4720baeb54", 0x6}], 0x4}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, [@call={0x85, 0x0, 0x0, 0xad}]}, &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
dup2(0xffffffffffffffff, r5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='xprtrdma_decode_seg\x00', r4, 0x0, 0xffffffffffffffff}, 0x18)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r6, 0x0, 0x60, &(0x7f0000000440)={'filter\x00', 0x4, 0x4, 0x3c8, 0xe8, 0x0, 0x0, 0x2e0, 0x2e0, 0x2e0, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1d0}}, {{@arp={@multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xff000000, 0xff, 0xd, 0x5, {@empty, {[0xff, 0x0, 0xff]}}, {@empty, {[0xff, 0x0, 0x0, 0x0, 0x0, 0xff]}}, 0x6, 0x8a2d, 0x1000, 0x100, 0xa, 0xc, 'sit0\x00', 'team0\x00', {0xff}, {}, 0x0, 0x290}, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x0, 0xff03}}}, {{@arp={@multicast2, @multicast1, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@link_local}, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 'xfrm0\x00', 'pim6reg\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@local, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000100)='kfree\x00', r7, 0x0, 0xfffffffa}, 0x18)
sendto$inet6(r0, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)

231.817037ms ago: executing program 1 (id=1236):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000212c1400001e0a05010000000000000000070000000900020073797a31000000000900010073797a300000000000140380300000802c000180250001"], 0x14b0}, 0x1, 0x0, 0x0, 0x4008091}, 0x4)

189.474957ms ago: executing program 1 (id=1237):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r2}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

188.407807ms ago: executing program 3 (id=1238):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0x2000008a, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x16, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
socket$netlink(0x10, 0x3, 0xa)
setrlimit(0x40000000000008, &(0x7f0000000080)={0x0, 0x6})

184.648327ms ago: executing program 4 (id=1239):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f00000000c0)={[{@nolazytime}, {@auto_da_alloc}, {@data_err_ignore}]}, 0x3, 0x4cd, &(0x7f0000000c80)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=")
r0 = open(&(0x7f0000000340)='./file1\x00', 0x185102, 0x1)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
write$P9_RGETATTR(r0, &(0x7f0000000140)={0xa0, 0x19, 0x1, {0x402, {0x2, 0x4, 0x7}, 0x0, 0x0, 0x0, 0x3, 0x6c, 0x5, 0x0, 0x8, 0x4, 0x0, 0x9, 0x7, 0x1, 0x2, 0x0, 0x2, 0x8, 0x5}}, 0xa0)
write$P9_RAUTH(r0, &(0x7f0000000080)={0x14, 0x67, 0x1, {0x40, 0x3, 0x3}}, 0x14)

126.055948ms ago: executing program 2 (id=1240):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10) (async, rerun: 64)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) (async, rerun: 64)
ioprio_set$pid(0x3, 0x0, 0x0) (async)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYRESOCT=0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000180)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x2000000000c0, 0x2000000000f0, 0x200000000120], 0xf9ffff00, 0x0, 0x0}, 0x108) (async)
r5 = syz_genetlink_get_family_id$fou(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$FOU_CMD_GET(r3, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000640)={0x20, r5, 0x401, 0x70bd29, 0x25dfdbfd, {}, [@FOU_ATTR_TYPE={0x5}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x400c000}, 0x20000004) (async, rerun: 64)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) (rerun: 64)
ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCGIDLE32(r6, 0x8008743f, &(0x7f0000000100)) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r7}, 0x10) (async, rerun: 32)
pipe2(&(0x7f0000001cc0), 0x80000) (rerun: 32)
dup(0xffffffffffffffff)

119.482038ms ago: executing program 1 (id=1241):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000180), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x242, 0x0)
pwrite64(r0, &(0x7f0000000000)='2', 0x1, 0x8080c61)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r1, 0x0, 0x0, 0x8000c62)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000340)={0xff, 0x8, 0x86e8, 0x7ff, 0x3})

88.655118ms ago: executing program 2 (id=1242):
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1)
mlockall(0x3)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0x1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={0x1}, 0x4)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x400, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x3548, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x4}}}}]}, 0x78}}, 0x0)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0xe, &(0x7f00000008c0)=""/59, &(0x7f0000000900)=0x3b)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newtfilter={0x78, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x48, 0x2, [@TCA_BASIC_EMATCHES={0x44, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x38, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x1, 0x0, 0x0, {{}, {0x0, 0x0, 0x1}}}, @TCF_EM_META={0x24, 0x2, 0x0, 0x0, {{0x0, 0x4, 0x4}, [@TCA_EM_META_HDR={0xc}, @TCA_EM_META_RVALUE={0x4, 0x3, [@TCF_META_TYPE_VAR]}, @TCA_EM_META_LVALUE={0x5, 0x2, [@TCF_META_TYPE_VAR='3', @TCF_META_TYPE_VAR]}]}}]}]}]}}]}, 0x78}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x4, 0xfffffffc, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x2)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

54.319699ms ago: executing program 0 (id=1243):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x9, 0x4, 0x2, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r3}, &(0x7f0000000040), &(0x7f0000000140)=r2}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r3, &(0x7f0000000040)}, 0x20)

547.21µs ago: executing program 3 (id=1245):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f0000000340)={[{@resgid}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@norecovery}, {@user_xattr}]}, 0xfd, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
sendmsg$key(0xffffffffffffffff, 0x0, 0x20000000)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x26, &(0x7f0000000000)={0x1, 0x0, 0x2})
fcntl$lock(r1, 0x25, &(0x7f00000000c0)={0x0, 0x0, 0x2000000})
close(0xffffffffffffffff)

0s ago: executing program 0 (id=1246):
r0 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f00000004c0)={[{@acl}, {@barrier}, {@barrier_val}, {@sysvgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x587, &(0x7f0000002100)="$eJzs3U1rG9caAOB3ZMn5cO6NAyHcexeXQBZNSSPHdj9SKDRdljY00O5TYSsmWI6CJYfYDTRZNJtuSiiU0kDpD+i+y9A/0F8RaAOhBNMuSkFl5JGt2JIdOzJSoueBSc6ZD595feY9PqORUABD62T6Ty7ivxHxVRJxtG1bPrKNJ9f2W31yayZdkmg0Pv49iSRb19o/yf4fyyr/iYifv4g4k9vabm15Zb5UqZQXs/pEfeH6RG155ezVhdJcea58bWp6+vwb01Nvv/Vmz2J99dKf33704P3zX55a/ebHR8fuJXEhjmTb2uN4DrfbKydLf2elQlzYtONkDxobJEm/T4A9GcnyvBDpGHA0RrKsB15+n0dEY02uAQyZpJn/YxvjADAkWvOA1r19j+6DXxiP31u7AWrGPtoef37ttZE42Lw3OryaPHVnlN7vjveg/bSNn367fy9dYvvXIQ7tUAfYldt3IuJcPr91/E+y8W/vzjVfPN7e5jaG7e8P9NODdP7zWqf5X259/hMd5j9jHXJ3L3bO/9yjHjTTVTr/e6fj/Hd96BofyWr/as75CsmVq5XyuYj4d0ScjsKBtL7d85zzqw8b3ba1z//SJW2/NRfMzuNR/sDTx8yW6qWIGH2euFse34n4X75T/Ml6/ycd+j/9fVzq+BMLW9acKN//f7f2d45/fzV+iHilY/9vPNFKtn8+OdG8HiZaV8VWf9w98Uu39vsdf9r/h7ePfzxpf15b230b3x/8q9xt216v/9Hkk2a5lQQ3S/X64mTEaPJhs36wff3UxrGtemv/NP7Tp7Yf/zpd/+nN16fPGP/d43e77joI/T+7q/7ffeHhB5991639Z+v/15ul09mabPzrLLtWnvUEn/f3BwAAAAAAAIMkFxFHIskV18u5XLG49v6O43E4V6nW6meuVJeuzUbzs7LjUci1nnQfbXs/xGT2fthWfWpTfToijkXE1yOHmvXiTLUy2+/gAQAAAAAAAAAAAAAAAAAAYECMdfn8f+rXkX6fHbDvml9scKDfZwH0w45f+d+Lb3oCBtKO+Q+8tOQ/DC/5D8NL/sPwkv8wvOQ/DC/5D8NL/gMAAAAAAAAAAAAAAAAAAAAAAAAAAEBPXbp4MV0aq09uzaT12RvLS/PVG2dny7X54sLSTHGmuni9OFetzlXKxZnqwk4/r1KtXp+ciqWbE/VyrT5RW165vFBdula/fHWhNFe+XC5s7Jrb38gAAAAAAAAAAAAAAAAAAADgxVFbXpkvVSrlRYWuhXdjIE5jPwNcs6fD84MShUKXwp2se3d3VB8HJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADY5J8AAAD//9ybLZI=") (async, rerun: 32)
chdir(&(0x7f0000000100)='./file0\x00') (async, rerun: 32)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (async)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$cont(0x1f, r1, 0x0, 0xfffffffffffffffd) (async, rerun: 64)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) (rerun: 64)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 32)
r4 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 32)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'sit0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0) (async)
openat$incfs(r0, &(0x7f00000001c0)='.pending_reads\x00', 0x240080, 0x2) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{0x1}, &(0x7f0000000480), &(0x7f0000000580)='%ps    \x00'}, 0x20)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) (async)
syz_clone3(&(0x7f0000000300)={0x385200080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="020000000400000008000000"], 0x48) (async)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$unix(0x1, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r7}, 0x10)
semget$private(0x0, 0x6, 0x0) (async)
link(&(0x7f0000000440)='./file0\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async, rerun: 64)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240), 0xc0802, 0x0) (rerun: 64)
ioctl$PPPIOCNEWUNIT(r8, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r8, 0x40047451, &(0x7f0000000080)=0x4)
ioctl$PPPIOCSFLAGS1(r8, 0x40047459, &(0x7f0000000100)=0x2000004)

kernel console output (not intermixed with test programs):

 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.431769][ T5444] RSP: 002b:00007f0fb8156e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   76.431852][ T5444] RAX: ffffffffffffffda RBX: 000000000000052e RCX: 00007f0fb9aee969
[   76.431868][ T5444] RDX: 00007f0fb8156ef0 RSI: 0000000000000000 RDI: 00007f0fb9b71444
[   76.431957][ T5444] RBP: 0000200000000640 R08: 00007f0fb8156bb7 R09: 00007f0fb8156e40
[   76.431973][ T5444] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[   76.431989][ T5444] R13: 00007f0fb8156ef0 R14: 00007f0fb8156eb0 R15: 00002000000001c0
[   76.432014][ T5444]  </TASK>
[   76.504046][ T5442] loop2: detected capacity change from 0 to 512
[   76.567904][   T29] audit: type=1400 audit(23778975.650:1462): avc:  denied  { create } for  pid=5445 comm="syz.3.654" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   76.627632][ T5440] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.633593][ T5442] Quota error (device loop2): v2_read_file_info: Can't read info structure
[   76.690524][ T5442] EXT4-fs warning (device loop2): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[   76.706597][ T5442] EXT4-fs (loop2): mount failed
[   76.719429][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.732596][ T5455] loop0: detected capacity change from 0 to 512
[   76.784463][   T29] audit: type=1400 audit(23778975.880:1463): avc:  denied  { checkpoint_restore } for  pid=5460 comm="syz.2.657" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   76.811045][ T5455] 9pnet: Could not find request transport: r
[   76.813517][   T29] audit: type=1400 audit(23778975.910:1464): avc:  denied  { create } for  pid=5460 comm="syz.2.657" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   76.873257][   T29] audit: type=1400 audit(23778975.970:1465): avc:  denied  { mounton } for  pid=5460 comm="syz.2.657" path="/155/file0" dev="tmpfs" ino=834 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   76.930545][   T29] audit: type=1400 audit(23778976.010:1466): avc:  denied  { unlink } for  pid=3320 comm="syz-executor" name="file0" dev="tmpfs" ino=834 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   76.959594][ T5471] SELinux:  policydb string S does not match my string SE Linux
[   76.970308][ T5471] SELinux: failed to load policy
[   76.983653][ T5474] FAULT_INJECTION: forcing a failure.
[   76.983653][ T5474] name failslab, interval 1, probability 0, space 0, times 0
[   76.991836][ T5476] loop4: detected capacity change from 0 to 512
[   76.996433][ T5474] CPU: 0 UID: 0 PID: 5474 Comm: syz.0.662 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(voluntary) 
[   76.996475][ T5474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   76.996494][ T5474] Call Trace:
[   76.996503][ T5474]  <TASK>
[   76.996592][ T5474]  __dump_stack+0x1d/0x30
[   76.996659][ T5474]  dump_stack_lvl+0xe8/0x140
[   76.996687][ T5474]  dump_stack+0x15/0x1b
[   76.996709][ T5474]  should_fail_ex+0x265/0x280
[   76.996757][ T5474]  should_failslab+0x8c/0xb0
[   76.996827][ T5474]  kmem_cache_alloc_noprof+0x50/0x310
[   76.996855][ T5474]  ? audit_log_start+0x365/0x6c0
[   76.996899][ T5474]  audit_log_start+0x365/0x6c0
[   76.997011][ T5474]  audit_seccomp+0x48/0x100
[   76.997086][ T5474]  ? __seccomp_filter+0x68c/0x10d0
[   76.997131][ T5474]  __seccomp_filter+0x69d/0x10d0
[   76.997224][ T5474]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   76.997261][ T5474]  ? vfs_write+0x75e/0x8d0
[   76.997297][ T5474]  ? __rcu_read_unlock+0x4f/0x70
[   76.997338][ T5474]  ? __fget_files+0x184/0x1c0
[   76.997478][ T5474]  __secure_computing+0x82/0x150
[   76.997507][ T5474]  syscall_trace_enter+0xcf/0x1e0
[   76.997615][ T5474]  do_syscall_64+0xaa/0x1a0
[   76.997648][ T5474]  ? clear_bhb_loop+0x40/0x90
[   76.997679][ T5474]  ? clear_bhb_loop+0x40/0x90
[   76.997786][ T5474]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.997815][ T5474] RIP: 0033:0x7f1ce23ad37c
[   76.997835][ T5474] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   76.997865][ T5474] RSP: 002b:00007f1ce0a17030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   76.997934][ T5474] RAX: ffffffffffffffda RBX: 00007f1ce25d5fa0 RCX: 00007f1ce23ad37c
[   76.997951][ T5474] RDX: 000000000000000f RSI: 00007f1ce0a170a0 RDI: 0000000000000005
[   76.997969][ T5474] RBP: 00007f1ce0a17090 R08: 0000000000000000 R09: 0000000000000000
[   76.997986][ T5474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.998003][ T5474] R13: 0000000000000000 R14: 00007f1ce25d5fa0 R15: 00007fffe28fffb8
[   76.998028][ T5474]  </TASK>
[   76.998054][ T5474] audit: audit_lost=4 audit_rate_limit=0 audit_backlog_limit=64
[   77.229162][ T5476] 9pnet: Could not find request transport: r
[   77.235385][ T5480] loop1: detected capacity change from 0 to 2048
[   77.271640][ T3309]  loop1: p3 p4 < >
[   77.279251][ T5485] loop4: detected capacity change from 0 to 2048
[   77.291022][ T5480]  loop1: p3 p4 < >
[   77.321582][ T5485] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.382251][ T3635] udevd[3635]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   77.390394][ T3309] udevd[3309]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   77.418319][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.444211][ T5499] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   77.453488][ T5499] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   77.465527][ T5503] SELinux:  policydb string S does not match my string SE Linux
[   77.475039][ T3635] udevd[3635]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   77.488987][ T3309] udevd[3309]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   77.505428][ T5501] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[   77.509326][ T5503] SELinux: failed to load policy
[   77.515427][ T5499] netlink: '+}[@': attribute type 10 has an invalid length.
[   77.543883][ T5499] team0: Device hsr_slave_0 failed to register rx_handler
[   77.585651][ T5509] loop3: detected capacity change from 0 to 512
[   77.595911][ T5499] netlink: 20 bytes leftover after parsing attributes in process `+}[@'.
[   77.609111][ T5513] macvtap0: refused to change device tx_queue_len
[   77.634547][ T5509] 9pnet: Could not find request transport: r
[   77.666875][ T5519] geneve2: entered promiscuous mode
[   77.678755][ T5520] pim6reg1: entered promiscuous mode
[   77.684185][ T5520] pim6reg1: entered allmulticast mode
[   77.746751][ T5524] loop0: detected capacity change from 0 to 2048
[   77.797075][ T5524] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.801212][ T5535] loop4: detected capacity change from 0 to 512
[   77.832128][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.872879][ T5535] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.893755][ T5541] loop3: detected capacity change from 0 to 1024
[   77.899267][ T5543] SELinux:  Context system_u:object_r:iptables_exec_t:s0 is not valid (left unmapped).
[   77.901152][ T5541] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   77.923214][ T5541] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   77.945166][ T5541] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[   77.945936][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.954697][ T5541] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #3: block 2: comm syz.3.687: lblock 2 mapped to illegal pblock 2 (length 1)
[   77.980870][ T5541] EXT4-fs (loop3): Remounting filesystem read-only
[   77.989029][ T5541] EXT4-fs (loop3): 1 orphan inode deleted
[   77.999692][ T5541] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.012665][ T5541] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.024877][ T5532] netlink: 11 bytes leftover after parsing attributes in process `syz.2.684'.
[   78.039414][ T5551] loop4: detected capacity change from 0 to 512
[   78.086999][ T5551] 9pnet: Could not find request transport: r
[   78.117952][ T5556] FAULT_INJECTION: forcing a failure.
[   78.117952][ T5556] name failslab, interval 1, probability 0, space 0, times 0
[   78.130772][ T5556] CPU: 1 UID: 0 PID: 5556 Comm: syz.4.692 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(voluntary) 
[   78.130811][ T5556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   78.130828][ T5556] Call Trace:
[   78.130837][ T5556]  <TASK>
[   78.130848][ T5556]  __dump_stack+0x1d/0x30
[   78.130875][ T5556]  dump_stack_lvl+0xe8/0x140
[   78.130901][ T5556]  dump_stack+0x15/0x1b
[   78.130923][ T5556]  should_fail_ex+0x265/0x280
[   78.130969][ T5556]  should_failslab+0x8c/0xb0
[   78.131004][ T5556]  kmem_cache_alloc_noprof+0x50/0x310
[   78.131024][ T5556]  ? mas_alloc_nodes+0x265/0x520
[   78.131056][ T5556]  mas_alloc_nodes+0x265/0x520
[   78.131093][ T5556]  mas_preallocate+0x456/0x680
[   78.131130][ T5556]  mmap_region+0x966/0x1470
[   78.131192][ T5556]  do_mmap+0x9de/0xc20
[   78.131231][ T5556]  vm_mmap_pgoff+0x17a/0x2e0
[   78.131265][ T5556]  ksys_mmap_pgoff+0xc2/0x310
[   78.131299][ T5556]  ? __x64_sys_mmap+0x49/0x70
[   78.131327][ T5556]  x64_sys_call+0x1602/0x2fb0
[   78.131353][ T5556]  do_syscall_64+0xd0/0x1a0
[   78.131384][ T5556]  ? clear_bhb_loop+0x40/0x90
[   78.131410][ T5556]  ? clear_bhb_loop+0x40/0x90
[   78.131432][ T5556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.131453][ T5556] RIP: 0033:0x7f7f9a7fe9a3
[   78.131468][ T5556] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[   78.131496][ T5556] RSP: 002b:00007f7f98e66e18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   78.131521][ T5556] RAX: ffffffffffffffda RBX: 0000000000000441 RCX: 00007f7f9a7fe9a3
[   78.131537][ T5556] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[   78.131553][ T5556] RBP: 0000200000001042 R08: 00000000ffffffff R09: 0000000000000000
[   78.131569][ T5556] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000009
[   78.131584][ T5556] R13: 00007f7f98e66ef0 R14: 00007f7f98e66eb0 R15: 00002000000001c0
[   78.131603][ T5556]  </TASK>
[   78.347330][ T5541] loop3: detected capacity change from 0 to 512
[   78.383103][ T5541] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.687: Failed to acquire dquot type 1
[   78.402692][ T5541] EXT4-fs (loop3): 1 truncate cleaned up
[   78.409334][ T5541] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.427275][ T5541] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.853029][ T5573] netlink: 8 bytes leftover after parsing attributes in process `syz.4.696'.
[   79.025600][ T5586] loop4: detected capacity change from 0 to 512
[   79.106605][ T5586] 9pnet: Could not find request transport: r
[   79.122378][ T5589] loop0: detected capacity change from 0 to 512
[   79.234638][ T5589] 9pnet: Could not find request transport: r
[   79.289231][ T5593] loop2: detected capacity change from 0 to 2048
[   79.391336][ T5593] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.467181][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.532884][ T5616] loop3: detected capacity change from 0 to 512
[   79.534419][ T5621] loop4: detected capacity change from 0 to 512
[   79.571492][ T5626] loop0: detected capacity change from 0 to 512
[   79.588915][ T5616] 9pnet: Could not find request transport: r
[   79.617669][ T5621] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.637117][ T5626] 9pnet: Could not find request transport: r
[   79.660619][ T5631] SELinux:  policydb string SE Li… does not match my string SE Linux
[   79.678228][ T5631] SELinux: failed to load policy
[   79.753010][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.865933][ T5659] openvswitch: netlink: Message has 6 unknown bytes.
[   79.877409][ T5663] loop3: detected capacity change from 0 to 512
[   79.921686][ T5663] 9pnet: Could not find request transport: r
[   79.935107][ T5666] loop0: detected capacity change from 0 to 1024
[   79.993539][ T5672] IPv6: Can't replace route, no match found
[   79.999622][ T5669] loop4: detected capacity change from 0 to 2048
[   80.011459][ T5666] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.025888][ T5673] loop3: detected capacity change from 0 to 512
[   80.045314][ T5669] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.062256][ T5669] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.733: bg 0: block 408: padding at end of block bitmap is not set
[   80.062745][ T5666] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz.0.732: Allocating blocks 497-513 which overlap fs metadata
[   80.079539][ T5669] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   80.106237][ T5673] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.152882][ T5680] EXT4-fs (loop0): pa ffff888106d23e00: logic 16, phys. 145, len 23
[   80.160975][ T5680] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[   80.171621][ T5680] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[   80.172521][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.183870][ T5680] EXT4-fs (loop0): This should not happen!! Data will be lost
[   80.183870][ T5680] 
[   80.202591][ T5680] EXT4-fs (loop0): Total free blocks count 0
[   80.208603][ T5680] EXT4-fs (loop0): Free/Dirty block details
[   80.214597][ T5680] EXT4-fs (loop0): free_blocks=16
[   80.219681][ T5680] EXT4-fs (loop0): dirty_blocks=0
[   80.224751][ T5680] EXT4-fs (loop0): Block reservation details
[   80.230801][ T5680] EXT4-fs (loop0): i_reserved_data_blocks=0
[   80.242900][ T5685] loop3: detected capacity change from 0 to 512
[   80.269718][ T5680] syz.0.732 (5680) used greatest stack depth: 9592 bytes left
[   80.342597][ T5691] loop1: detected capacity change from 0 to 512
[   80.384903][ T5695] FAULT_INJECTION: forcing a failure.
[   80.384903][ T5695] name failslab, interval 1, probability 0, space 0, times 0
[   80.397656][ T5695] CPU: 0 UID: 0 PID: 5695 Comm: syz.0.739 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(voluntary) 
[   80.397692][ T5695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   80.397704][ T5695] Call Trace:
[   80.397724][ T5695]  <TASK>
[   80.397732][ T5695]  __dump_stack+0x1d/0x30
[   80.397753][ T5695]  dump_stack_lvl+0xe8/0x140
[   80.397777][ T5695]  dump_stack+0x15/0x1b
[   80.397799][ T5695]  should_fail_ex+0x265/0x280
[   80.397971][ T5695]  should_failslab+0x8c/0xb0
[   80.398003][ T5695]  kmem_cache_alloc_noprof+0x50/0x310
[   80.398027][ T5695]  ? prepare_creds+0x37/0x4c0
[   80.398130][ T5695]  prepare_creds+0x37/0x4c0
[   80.398162][ T5695]  __sys_setgid+0x6a/0x1d0
[   80.398206][ T5695]  __x64_sys_setgid+0x1e/0x30
[   80.398306][ T5695]  x64_sys_call+0xeaf/0x2fb0
[   80.398337][ T5695]  do_syscall_64+0xd0/0x1a0
[   80.398367][ T5695]  ? clear_bhb_loop+0x40/0x90
[   80.398394][ T5695]  ? clear_bhb_loop+0x40/0x90
[   80.398485][ T5695]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.398507][ T5695] RIP: 0033:0x7f1ce23ae969
[   80.398523][ T5695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.398547][ T5695] RSP: 002b:00007f1ce0a17038 EFLAGS: 00000246 ORIG_RAX: 000000000000006a
[   80.398566][ T5695] RAX: ffffffffffffffda RBX: 00007f1ce25d5fa0 RCX: 00007f1ce23ae969
[   80.398660][ T5695] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   80.398677][ T5695] RBP: 00007f1ce0a17090 R08: 0000000000000000 R09: 0000000000000000
[   80.398694][ T5695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.398711][ T5695] R13: 0000000000000000 R14: 00007f1ce25d5fa0 R15: 00007fffe28fffb8
[   80.398755][ T5695]  </TASK>
[   80.637780][ T5701] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[   80.644346][ T5701] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   80.652147][ T5701] vhci_hcd vhci_hcd.0: Device attached
[   80.662673][ T5701] xt_TPROXY: Can be used only with -p tcp or -p udp
[   80.672201][ T5702] vhci_hcd: connection closed
[   80.672383][ T2174] vhci_hcd: stop threads
[   80.681459][ T2174] vhci_hcd: release socket
[   80.685950][ T2174] vhci_hcd: disconnect device
[   80.709700][ T5706] loop1: detected capacity change from 0 to 512
[   80.727025][ T5710] loop0: detected capacity change from 0 to 512
[   80.761904][ T5710] 9pnet: Could not find request transport: r
[   80.791813][ T5715] loop0: detected capacity change from 0 to 512
[   80.819085][   T37] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 0 with max blocks 1 with error 28
[   80.831476][   T37] EXT4-fs (loop4): This should not happen!! Data will be lost
[   80.831476][   T37] 
[   80.841346][   T37] EXT4-fs (loop4): Total free blocks count 0
[   80.847730][   T37] EXT4-fs (loop4): Free/Dirty block details
[   80.853815][   T37] EXT4-fs (loop4): free_blocks=16
[   80.858863][   T37] EXT4-fs (loop4): dirty_blocks=16
[   80.864067][   T37] EXT4-fs (loop4): Block reservation details
[   80.870138][   T37] EXT4-fs (loop4): i_reserved_data_blocks=1
[   81.036984][ T5732] netlink: 4 bytes leftover after parsing attributes in process `syz.1.753'.
[   81.058216][ T5732] netlink: 4 bytes leftover after parsing attributes in process `syz.1.753'.
[   81.185622][ T5746] loop2: detected capacity change from 0 to 512
[   81.234327][ T5749] netlink: 12 bytes leftover after parsing attributes in process `syz.3.760'.
[   81.382417][ T5764] loop3: detected capacity change from 0 to 512
[   81.410015][ T5771] loop0: detected capacity change from 0 to 512
[   81.634844][ T5792] loop3: detected capacity change from 0 to 512
[   81.697685][ T5794] loop0: detected capacity change from 0 to 512
[   81.704459][ T5794] EXT4-fs: Ignoring removed nomblk_io_submit option
[   81.711309][ T5794] ext2: Bad value for 'resgid'
[   81.716100][ T5794] ext2: Bad value for 'resgid'
[   81.799339][ T5792] 9pnet: Could not find request transport: r
[   81.833196][   T29] kauditd_printk_skb: 349 callbacks suppressed
[   81.833213][   T29] audit: type=1400 audit(23778980.930:1811): avc:  denied  { firmware_load } for  pid=5788 comm="syz.0.773" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[   81.872448][ T5794] netlink: 4 bytes leftover after parsing attributes in process `syz.0.773'.
[   81.963463][ T5808] FAULT_INJECTION: forcing a failure.
[   81.963463][ T5808] name failslab, interval 1, probability 0, space 0, times 0
[   81.976209][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz.3.780 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(voluntary) 
[   81.976238][ T5808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   81.976310][ T5808] Call Trace:
[   81.976318][ T5808]  <TASK>
[   81.976328][ T5808]  __dump_stack+0x1d/0x30
[   81.976355][ T5808]  dump_stack_lvl+0xe8/0x140
[   81.976588][ T5808]  dump_stack+0x15/0x1b
[   81.976612][ T5808]  should_fail_ex+0x265/0x280
[   81.976655][ T5808]  should_failslab+0x8c/0xb0
[   81.976762][ T5808]  __kvmalloc_node_noprof+0x126/0x4d0
[   81.976791][ T5808]  ? alloc_netdev_mqs+0x8b7/0xab0
[   81.976817][ T5808]  ? __kmalloc_cache_noprof+0x22e/0x320
[   81.976878][ T5808]  alloc_netdev_mqs+0x8b7/0xab0
[   81.976907][ T5808]  rtnl_create_link+0x239/0x710
[   81.976935][ T5808]  rtnl_newlink_create+0x151/0x630
[   81.976975][ T5808]  ? __schedule+0x6a2/0xb20
[   81.977082][ T5808]  rtnl_newlink+0xf29/0x12d0
[   81.977197][ T5808]  ? bpf_trace_run3+0x12c/0x1d0
[   81.977306][ T5808]  ? perf_cgroup_switch+0x132/0x450
[   81.977344][ T5808]  ? __kfree_skb+0x109/0x150
[   81.977369][ T5808]  ? trace_reschedule_exit+0xd/0xc0
[   81.977441][ T5808]  ? __kfree_skb+0x109/0x150
[   81.977460][ T5808]  ? __rcu_read_unlock+0x4f/0x70
[   81.977488][ T5808]  ? avc_has_perm_noaudit+0x1b1/0x200
[   81.977518][ T5808]  ? selinux_capable+0x1f9/0x270
[   81.977579][ T5808]  ? security_capable+0x83/0x90
[   81.977616][ T5808]  ? ns_capable+0x7d/0xb0
[   81.977643][ T5808]  ? __pfx_rtnl_newlink+0x10/0x10
[   81.977706][ T5808]  rtnetlink_rcv_msg+0x5fe/0x6d0
[   81.977737][ T5808]  netlink_rcv_skb+0x123/0x220
[   81.977770][ T5808]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   81.977849][ T5808]  rtnetlink_rcv+0x1c/0x30
[   81.977878][ T5808]  netlink_unicast+0x5a1/0x670
[   81.978060][ T5808]  netlink_sendmsg+0x58b/0x6b0
[   81.978081][ T5808]  ? __pfx_netlink_sendmsg+0x10/0x10
[   81.978178][ T5808]  __sock_sendmsg+0x145/0x180
[   81.978216][ T5808]  ____sys_sendmsg+0x31e/0x4e0
[   81.978248][ T5808]  ___sys_sendmsg+0x17b/0x1d0
[   81.978341][ T5808]  __x64_sys_sendmsg+0xd4/0x160
[   81.978375][ T5808]  x64_sys_call+0x2999/0x2fb0
[   81.978438][ T5808]  do_syscall_64+0xd0/0x1a0
[   81.978462][ T5808]  ? clear_bhb_loop+0x40/0x90
[   81.978489][ T5808]  ? clear_bhb_loop+0x40/0x90
[   81.978556][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.978577][ T5808] RIP: 0033:0x7f0fb9aee969
[   81.978591][ T5808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.978664][ T5808] RSP: 002b:00007f0fb8157038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   81.978688][ T5808] RAX: ffffffffffffffda RBX: 00007f0fb9d15fa0 RCX: 00007f0fb9aee969
[   81.978705][ T5808] RDX: 00000000000000e4 RSI: 0000200000000280 RDI: 0000000000000003
[   81.978790][ T5808] RBP: 00007f0fb8157090 R08: 0000000000000000 R09: 0000000000000000
[   81.978802][ T5808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   81.978894][ T5808] R13: 0000000000000000 R14: 00007f0fb9d15fa0 R15: 00007ffedd4c56b8
[   81.978917][ T5808]  </TASK>
[   82.439245][   T29] audit: type=1400 audit(23778981.520:1812): avc:  denied  { name_bind } for  pid=5819 comm="syz.1.787" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   82.460873][   T29] audit: type=1400 audit(23778981.520:1813): avc:  denied  { setopt } for  pid=5819 comm="syz.1.787" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   82.480098][   T29] audit: type=1400 audit(23778981.520:1814): avc:  denied  { connect } for  pid=5819 comm="syz.1.787" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   82.501684][ T5824] FAULT_INJECTION: forcing a failure.
[   82.501684][ T5824] name failslab, interval 1, probability 0, space 0, times 0
[   82.514406][ T5824] CPU: 0 UID: 0 PID: 5824 Comm: syz.1.788 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(voluntary) 
[   82.514470][ T5824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   82.514483][ T5824] Call Trace:
[   82.514491][ T5824]  <TASK>
[   82.514498][ T5824]  __dump_stack+0x1d/0x30
[   82.514566][ T5824]  dump_stack_lvl+0xe8/0x140
[   82.514593][ T5824]  dump_stack+0x15/0x1b
[   82.514614][ T5824]  should_fail_ex+0x265/0x280
[   82.514657][ T5824]  should_failslab+0x8c/0xb0
[   82.514800][ T5824]  kmem_cache_alloc_noprof+0x50/0x310
[   82.514823][ T5824]  ? __anon_vma_prepare+0x70/0x2f0
[   82.514853][ T5824]  __anon_vma_prepare+0x70/0x2f0
[   82.514899][ T5824]  do_wp_page+0x17fa/0x23e0
[   82.514937][ T5824]  ? __lruvec_stat_mod_folio+0xd6/0x120
[   82.515036][ T5824]  ? __rcu_read_lock+0x37/0x50
[   82.515075][ T5824]  handle_mm_fault+0x6dc/0x2ae0
[   82.515118][ T5824]  ? mas_walk+0xf2/0x120
[   82.515199][ T5824]  do_user_addr_fault+0x636/0x1090
[   82.515240][ T5824]  ? fpregs_assert_state_consistent+0x84/0xa0
[   82.515283][ T5824]  exc_page_fault+0x54/0xc0
[   82.515352][ T5824]  asm_exc_page_fault+0x26/0x30
[   82.515402][ T5824] RIP: 0033:0x7ff73f6e0cc3
[   82.515434][ T5824] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[   82.515500][ T5824] RSP: 002b:00007ff73de864a0 EFLAGS: 00010202
[   82.515520][ T5824] RAX: 0000000000000400 RBX: 00007ff73de86540 RCX: 00007ff735a67000
[   82.515535][ T5824] RDX: 00007ff73de866e0 RSI: 0000000000000001 RDI: 00007ff73de865e0
[   82.515547][ T5824] RBP: 00000000000000f9 R08: 0000000000000009 R09: 00000000000001c6
[   82.515638][ T5824] R10: 00000000000001d4 R11: 00007ff73de86540 R12: 0000000000000001
[   82.515654][ T5824] R13: 00007ff73f8bbfc0 R14: 0000000000000020 R15: 00007ff73de865e0
[   82.515680][ T5824]  </TASK>
[   82.515692][ T5824] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   82.641787][   T29] audit: type=1326 audit(23778981.730:1815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5825 comm="syz.2.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed133e969 code=0x7ffc0000
[   82.666205][ T5824] loop1: detected capacity change from 0 to 512
[   82.674178][   T29] audit: type=1326 audit(23778981.730:1816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5825 comm="syz.2.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feed133e969 code=0x7ffc0000
[   82.761392][   T29] audit: type=1326 audit(23778981.730:1817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5825 comm="syz.2.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed133e969 code=0x7ffc0000
[   82.784678][   T29] audit: type=1326 audit(23778981.730:1818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5825 comm="syz.2.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feed133e969 code=0x7ffc0000
[   82.808019][   T29] audit: type=1326 audit(23778981.730:1819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5825 comm="syz.2.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed133e969 code=0x7ffc0000
[   82.831210][   T29] audit: type=1326 audit(23778981.730:1820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5825 comm="syz.2.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7feed133e969 code=0x7ffc0000
[   82.944241][ T5835] netlink: 'syz.1.792': attribute type 13 has an invalid length.
[   83.095188][ T5835] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   83.104148][ T5835] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   83.113228][ T5835] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   83.122306][ T5835] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   83.167364][ T5850] loop3: detected capacity change from 0 to 8192
[   83.191768][ T5853] loop2: detected capacity change from 0 to 2048
[   83.275818][ T3309]  loop3: p1 p2 < > p3 p4 < p5 >
[   83.280900][ T3309] loop3: partition table partially beyond EOD, truncated
[   83.297134][ T3309] loop3: p1 size 100663296 extends beyond EOD, truncated
[   83.312116][ T3309] loop3: p2 start 591104 is beyond EOD, truncated
[   83.318580][ T3309] loop3: p3 start 33572980 is beyond EOD, truncated
[   83.325843][ T3309] loop3: p5 size 100663296 extends beyond EOD, truncated
[   83.343096][ T5850]  loop3: p1 p2 < > p3 p4 < p5 >
[   83.348123][ T5850] loop3: partition table partially beyond EOD, truncated
[   83.376116][ T5850] loop3: p1 size 100663296 extends beyond EOD, truncated
[   83.395055][ T5850] loop3: p2 start 591104 is beyond EOD, truncated
[   83.396396][ T5864] loop2: detected capacity change from 0 to 2048
[   83.401605][ T5850] loop3: p3 start 33572980 is beyond EOD, truncated
[   83.416970][ T5850] loop3: p5 size 100663296 extends beyond EOD, truncated
[   83.822527][ T5915] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   83.869454][ T5915] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   83.910902][ T5915] program syz.2.802 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   84.260934][ T5952] pim6reg1: entered promiscuous mode
[   84.266279][ T5952] pim6reg1: entered allmulticast mode
[   84.277083][ T5954] sctp: [Deprecated]: syz.4.810 (pid 5954) Use of struct sctp_assoc_value in delayed_ack socket option.
[   84.277083][ T5954] Use struct sctp_sack_info instead
[   84.297147][ T5956] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[   84.390760][ T5960] loop4: detected capacity change from 0 to 512
[   84.409010][ T5963] loop1: detected capacity change from 0 to 128
[   84.409714][ T5960] 9pnet: Could not find request transport: r
[   84.452301][ T5967] loop4: detected capacity change from 0 to 512
[   84.594478][ T5983] loop2: detected capacity change from 0 to 512
[   84.607433][ T5980] vhci_hcd: invalid port number 96
[   84.612719][ T5980] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   84.719560][ T5993] loop1: detected capacity change from 0 to 1024
[   84.780138][ T5993] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.818: Failed to acquire dquot type 0
[   84.835293][ T5993] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   84.865619][ T5993] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #13: comm syz.1.818: corrupted inode contents
[   84.898045][ T5993] EXT4-fs error (device loop1): ext4_dirty_inode:6103: inode #13: comm syz.1.818: mark_inode_dirty error
[   84.949680][ T6003] loop2: detected capacity change from 0 to 1024
[   84.969068][ T5993] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #13: comm syz.1.818: corrupted inode contents
[   84.983715][ T5993] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #13: comm syz.1.818: mark_inode_dirty error
[   84.985731][ T6003] EXT4-fs (loop2): VFS: Can't find ext4 filesystem
[   85.003381][ T5993] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #13: comm syz.1.818: corrupted inode contents
[   85.021989][ T5993] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[   85.031195][ T5993] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #13: comm syz.1.818: corrupted inode contents
[   85.053276][ T6003] netlink: 4 bytes leftover after parsing attributes in process `syz.2.824'.
[   85.128654][ T5993] EXT4-fs error (device loop1): ext4_truncate:4255: inode #13: comm syz.1.818: mark_inode_dirty error
[   85.139963][ T5993] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[   85.192420][ T5993] EXT4-fs (loop1): 1 truncate cleaned up
[   85.243240][ T5980] netlink: 16 bytes leftover after parsing attributes in process `syz.1.818'.
[   85.403790][ T6026] netlink: 20 bytes leftover after parsing attributes in process `syz.0.834'.
[   85.502894][ T6033] netlink: 8 bytes leftover after parsing attributes in process `syz.2.836'.
[   85.561920][ T6037] loop2: detected capacity change from 0 to 512
[   85.606220][ T6037] 9pnet: Could not find request transport: r
[   85.614824][ T6040] FAULT_INJECTION: forcing a failure.
[   85.614824][ T6040] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   85.628796][ T6040] CPU: 1 UID: 0 PID: 6040 Comm: syz.0.839 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(voluntary) 
[   85.628934][ T6040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   85.628949][ T6040] Call Trace:
[   85.628958][ T6040]  <TASK>
[   85.628968][ T6040]  __dump_stack+0x1d/0x30
[   85.629035][ T6040]  dump_stack_lvl+0xe8/0x140
[   85.629060][ T6040]  dump_stack+0x15/0x1b
[   85.629076][ T6040]  should_fail_ex+0x265/0x280
[   85.629194][ T6040]  should_fail+0xb/0x20
[   85.629279][ T6040]  should_fail_usercopy+0x1a/0x20
[   85.629304][ T6040]  _copy_to_user+0x20/0xa0
[   85.629328][ T6040]  simple_read_from_buffer+0xb5/0x130
[   85.629420][ T6040]  proc_fail_nth_read+0x100/0x140
[   85.629449][ T6040]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   85.629609][ T6040]  vfs_read+0x19d/0x6f0
[   85.629634][ T6040]  ? __rcu_read_unlock+0x4f/0x70
[   85.629706][ T6040]  ? __fget_files+0x184/0x1c0
[   85.629745][ T6040]  ksys_read+0xda/0x1a0
[   85.629778][ T6040]  __x64_sys_read+0x40/0x50
[   85.629816][ T6040]  x64_sys_call+0x2d77/0x2fb0
[   85.629840][ T6040]  do_syscall_64+0xd0/0x1a0
[   85.629948][ T6040]  ? clear_bhb_loop+0x40/0x90
[   85.629976][ T6040]  ? clear_bhb_loop+0x40/0x90
[   85.629997][ T6040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.630096][ T6040] RIP: 0033:0x7f1ce23ad37c
[   85.630112][ T6040] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   85.630136][ T6040] RSP: 002b:00007f1ce0a17030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   85.630159][ T6040] RAX: ffffffffffffffda RBX: 00007f1ce25d5fa0 RCX: 00007f1ce23ad37c
[   85.630177][ T6040] RDX: 000000000000000f RSI: 00007f1ce0a170a0 RDI: 0000000000000006
[   85.630260][ T6040] RBP: 00007f1ce0a17090 R08: 0000000000000000 R09: 0000000000000000
[   85.630276][ T6040] R10: 0000200000001400 R11: 0000000000000246 R12: 0000000000000001
[   85.630297][ T6040] R13: 0000000000000000 R14: 00007f1ce25d5fa0 R15: 00007fffe28fffb8
[   85.630324][ T6040]  </TASK>
[   86.092234][ T6059] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   86.101325][ T6058] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   86.109981][ T6058] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   86.139077][ T6059] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   86.261426][ T6048] 9pnet_fd: Insufficient options for proto=fd
[   86.579956][ T6076] loop4: detected capacity change from 0 to 512
[   86.646681][ T6083] loop4: detected capacity change from 0 to 512
[   86.701877][ T6087] FAULT_INJECTION: forcing a failure.
[   86.701877][ T6087] name failslab, interval 1, probability 0, space 0, times 0
[   86.714753][ T6087] CPU: 0 UID: 0 PID: 6087 Comm: +}[@ Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(voluntary) 
[   86.714803][ T6087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   86.714819][ T6087] Call Trace:
[   86.714826][ T6087]  <TASK>
[   86.714836][ T6087]  __dump_stack+0x1d/0x30
[   86.714863][ T6087]  dump_stack_lvl+0xe8/0x140
[   86.714936][ T6087]  dump_stack+0x15/0x1b
[   86.714957][ T6087]  should_fail_ex+0x265/0x280
[   86.714999][ T6087]  should_failslab+0x8c/0xb0
[   86.715115][ T6087]  kmem_cache_alloc_noprof+0x50/0x310
[   86.715170][ T6087]  ? audit_log_start+0x365/0x6c0
[   86.715288][ T6087]  audit_log_start+0x365/0x6c0
[   86.715336][ T6087]  audit_seccomp+0x48/0x100
[   86.715371][ T6087]  ? __seccomp_filter+0x68c/0x10d0
[   86.715455][ T6087]  __seccomp_filter+0x69d/0x10d0
[   86.715493][ T6087]  ? update_load_avg+0x1da/0x820
[   86.715531][ T6087]  ? __list_add_valid_or_report+0x38/0xe0
[   86.715567][ T6087]  ? _raw_spin_unlock+0x26/0x50
[   86.715630][ T6087]  ? finish_task_switch+0xad/0x2b0
[   86.715663][ T6087]  __secure_computing+0x82/0x150
[   86.715684][ T6087]  syscall_trace_enter+0xcf/0x1e0
[   86.715749][ T6087]  do_syscall_64+0xaa/0x1a0
[   86.715849][ T6087]  ? clear_bhb_loop+0x40/0x90
[   86.715880][ T6087]  ? clear_bhb_loop+0x40/0x90
[   86.715955][ T6087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.715976][ T6087] RIP: 0033:0x7f7f9a7fd37c
[   86.715991][ T6087] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   86.716063][ T6087] RSP: 002b:00007f7f98e67030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   86.716085][ T6087] RAX: ffffffffffffffda RBX: 00007f7f9aa25fa0 RCX: 00007f7f9a7fd37c
[   86.716098][ T6087] RDX: 000000000000000f RSI: 00007f7f98e670a0 RDI: 0000000000000005
[   86.716111][ T6087] RBP: 00007f7f98e67090 R08: 0000000000000000 R09: 0000000000000000
[   86.716125][ T6087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.716153][ T6087] R13: 0000000000000000 R14: 00007f7f9aa25fa0 R15: 00007ffdeb5ef708
[   86.716172][ T6087]  </TASK>
[   87.003234][   T29] kauditd_printk_skb: 189 callbacks suppressed
[   87.003253][   T29] audit: type=1400 audit(23778986.100:2006): avc:  denied  { read } for  pid=6093 comm="syz.4.859" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   87.003586][ T6095] netlink: 'syz.4.859': attribute type 3 has an invalid length.
[   87.066318][   T29] audit: type=1326 audit(23778986.160:2007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6096 comm="syz.2.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed133e969 code=0x7ffc0000
[   87.089672][ T6099] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[   87.096208][ T6099] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   87.103961][ T6099] vhci_hcd vhci_hcd.0: Device attached
[   87.122517][ T6099] xt_TPROXY: Can be used only with -p tcp or -p udp
[   87.140544][ T6100] vhci_hcd: connection closed
[   87.140781][ T5880] vhci_hcd: stop threads
[   87.140931][   T29] audit: type=1326 audit(23778986.160:2008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6096 comm="syz.2.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed133e969 code=0x7ffc0000
[   87.145506][ T5880] vhci_hcd: release socket
[   87.149722][   T29] audit: type=1326 audit(23778986.160:2009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6096 comm="syz.2.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feed133e969 code=0x7ffc0000
[   87.172920][ T5880] vhci_hcd: disconnect device
[   87.205299][   T29] audit: type=1326 audit(23778986.160:2010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6096 comm="syz.2.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed133e969 code=0x7ffc0000
[   87.228461][   T29] audit: type=1326 audit(23778986.160:2011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6096 comm="syz.2.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed133e969 code=0x7ffc0000
[   87.250284][ T6105] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[   87.252183][   T29] audit: type=1326 audit(23778986.160:2012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6096 comm="syz.2.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feed133e969 code=0x7ffc0000
[   87.258637][ T6105] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   87.281860][   T29] audit: type=1326 audit(23778986.160:2013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6096 comm="syz.2.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed133e969 code=0x7ffc0000
[   87.289560][ T6105] vhci_hcd vhci_hcd.0: Device attached
[   87.312599][   T29] audit: type=1326 audit(23778986.160:2014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6096 comm="syz.2.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed133e969 code=0x7ffc0000
[   87.341774][   T29] audit: type=1326 audit(23778986.160:2015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6096 comm="syz.2.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feed133e969 code=0x7ffc0000
[   87.367778][ T6106] vhci_hcd: connection closed
[   87.368076][ T3413] vhci_hcd: stop threads
[   87.377049][ T3413] vhci_hcd: release socket
[   87.381635][ T3413] vhci_hcd: disconnect device
[   87.426671][ T6114] program syz.0.866 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   87.436088][ T6114] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[   87.482353][ T6118] loop0: detected capacity change from 0 to 512
[   87.510120][ T6120] netlink: 4 bytes leftover after parsing attributes in process `syz.0.869'.
[   87.519425][ T6120] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6120 comm=syz.0.869
[   87.519445][ T6121] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6121 comm=syz.0.869
[   87.569830][ T6123] FAULT_INJECTION: forcing a failure.
[   87.569830][ T6123] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   87.583081][ T6123] CPU: 0 UID: 0 PID: 6123 Comm: syz.0.870 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(voluntary) 
[   87.583120][ T6123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   87.583137][ T6123] Call Trace:
[   87.583145][ T6123]  <TASK>
[   87.583155][ T6123]  __dump_stack+0x1d/0x30
[   87.583190][ T6123]  dump_stack_lvl+0xe8/0x140
[   87.583213][ T6123]  dump_stack+0x15/0x1b
[   87.583245][ T6123]  should_fail_ex+0x265/0x280
[   87.583325][ T6123]  should_fail+0xb/0x20
[   87.583364][ T6123]  should_fail_usercopy+0x1a/0x20
[   87.583429][ T6123]  _copy_from_user+0x1c/0xb0
[   87.583452][ T6123]  kstrtouint_from_user+0x69/0xf0
[   87.583485][ T6123]  ? avc_policy_seqno+0x15/0x30
[   87.583512][ T6123]  proc_fail_nth_write+0x50/0x160
[   87.583613][ T6123]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   87.583663][ T6123]  vfs_write+0x266/0x8d0
[   87.583758][ T6123]  ? vfs_read+0x47f/0x6f0
[   87.583789][ T6123]  ? __rcu_read_unlock+0x4f/0x70
[   87.583819][ T6123]  ? __fget_files+0x184/0x1c0
[   87.583883][ T6123]  ksys_write+0xda/0x1a0
[   87.583912][ T6123]  __x64_sys_write+0x40/0x50
[   87.583945][ T6123]  x64_sys_call+0x2cdd/0x2fb0
[   87.584050][ T6123]  do_syscall_64+0xd0/0x1a0
[   87.584087][ T6123]  ? clear_bhb_loop+0x40/0x90
[   87.584110][ T6123]  ? clear_bhb_loop+0x40/0x90
[   87.584131][ T6123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.584166][ T6123] RIP: 0033:0x7f1ce23ad41f
[   87.584186][ T6123] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   87.584210][ T6123] RSP: 002b:00007f1ce0a17030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   87.584273][ T6123] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1ce23ad41f
[   87.584290][ T6123] RDX: 0000000000000001 RSI: 00007f1ce0a170a0 RDI: 0000000000000006
[   87.584303][ T6123] RBP: 00007f1ce0a17090 R08: 0000000000000000 R09: 0000000000000000
[   87.584371][ T6123] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   87.584387][ T6123] R13: 0000000000000000 R14: 00007f1ce25d5fa0 R15: 00007fffe28fffb8
[   87.584418][ T6123]  </TASK>
[   87.805528][ T6127] loop1: detected capacity change from 0 to 512
[   87.822505][ T6129] loop0: detected capacity change from 0 to 512
[   87.915680][ T6136] FAULT_INJECTION: forcing a failure.
[   87.915680][ T6136] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   87.928950][ T6136] CPU: 1 UID: 0 PID: 6136 Comm: syz.3.874 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(voluntary) 
[   87.928987][ T6136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   87.929000][ T6136] Call Trace:
[   87.929006][ T6136]  <TASK>
[   87.929013][ T6136]  __dump_stack+0x1d/0x30
[   87.929035][ T6136]  dump_stack_lvl+0xe8/0x140
[   87.929059][ T6136]  dump_stack+0x15/0x1b
[   87.929095][ T6136]  should_fail_ex+0x265/0x280
[   87.929209][ T6136]  should_fail+0xb/0x20
[   87.929248][ T6136]  should_fail_usercopy+0x1a/0x20
[   87.929300][ T6136]  _copy_to_user+0x20/0xa0
[   87.929347][ T6136]  simple_read_from_buffer+0xb5/0x130
[   87.929383][ T6136]  proc_fail_nth_read+0x100/0x140
[   87.929425][ T6136]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   87.929497][ T6136]  vfs_read+0x19d/0x6f0
[   87.929524][ T6136]  ? __rcu_read_unlock+0x4f/0x70
[   87.929552][ T6136]  ? __rcu_read_unlock+0x4f/0x70
[   87.929600][ T6136]  ? __fget_files+0x184/0x1c0
[   87.929648][ T6136]  ksys_read+0xda/0x1a0
[   87.929684][ T6136]  __x64_sys_read+0x40/0x50
[   87.929710][ T6136]  x64_sys_call+0x2d77/0x2fb0
[   87.929774][ T6136]  do_syscall_64+0xd0/0x1a0
[   87.929838][ T6136]  ? clear_bhb_loop+0x40/0x90
[   87.929872][ T6136]  ? clear_bhb_loop+0x40/0x90
[   87.929902][ T6136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.929989][ T6136] RIP: 0033:0x7f0fb9aed37c
[   87.930009][ T6136] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   87.930034][ T6136] RSP: 002b:00007f0fb8157030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   87.930059][ T6136] RAX: ffffffffffffffda RBX: 00007f0fb9d15fa0 RCX: 00007f0fb9aed37c
[   87.930074][ T6136] RDX: 000000000000000f RSI: 00007f0fb81570a0 RDI: 0000000000000005
[   87.930172][ T6136] RBP: 00007f0fb8157090 R08: 0000000000000000 R09: 0000000000000000
[   87.930189][ T6136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   87.930205][ T6136] R13: 0000000000000000 R14: 00007f0fb9d15fa0 R15: 00007ffedd4c56b8
[   87.930226][ T6136]  </TASK>
[   88.152625][ T6138] batman_adv: batadv0: Adding interface: dummy0
[   88.158912][ T6138] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.205885][ T6138] batman_adv: batadv0: Interface activated: dummy0
[   88.232932][ T6140] loop1: detected capacity change from 0 to 1024
[   88.234505][ T6145] loop3: detected capacity change from 0 to 512
[   88.247353][ T6140] EXT4-fs (loop1): VFS: Can't find ext4 filesystem
[   88.286038][ T6138] batadv0: mtu less than device minimum
[   88.292209][ T6138] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   88.303181][ T6138] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   88.314029][ T6138] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   88.324829][ T6138] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   88.335744][ T6138] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   88.336081][ T6138] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   88.336527][ T6138] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   88.336870][ T6138] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   88.337431][ T6138] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   88.341839][ T6143] netlink: 4 bytes leftover after parsing attributes in process `syz.1.875'.
[   88.430844][ T6162] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[   88.430892][ T6162] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   88.430918][ T6162] vhci_hcd vhci_hcd.0: Device attached
[   88.432036][ T6162] xt_TPROXY: Can be used only with -p tcp or -p udp
[   88.433019][ T6160] FAULT_INJECTION: forcing a failure.
[   88.433019][ T6160] name failslab, interval 1, probability 0, space 0, times 0
[   88.433131][ T6160] CPU: 0 UID: 0 PID: 6160 Comm: syz.1.884 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(voluntary) 
[   88.433166][ T6160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   88.433183][ T6160] Call Trace:
[   88.433190][ T6160]  <TASK>
[   88.433199][ T6160]  __dump_stack+0x1d/0x30
[   88.433222][ T6160]  dump_stack_lvl+0xe8/0x140
[   88.433241][ T6160]  dump_stack+0x15/0x1b
[   88.433323][ T6160]  should_fail_ex+0x265/0x280
[   88.433369][ T6160]  should_failslab+0x8c/0xb0
[   88.433432][ T6160]  kmem_cache_alloc_node_noprof+0x57/0x320
[   88.433457][ T6160]  ? __alloc_skb+0x101/0x320
[   88.433490][ T6160]  __alloc_skb+0x101/0x320
[   88.433565][ T6160]  ? audit_log_start+0x365/0x6c0
[   88.433681][ T6160]  audit_log_start+0x380/0x6c0
[   88.433749][ T6160]  audit_seccomp+0x48/0x100
[   88.433784][ T6160]  ? __seccomp_filter+0x68c/0x10d0
[   88.433813][ T6160]  __seccomp_filter+0x69d/0x10d0
[   88.433837][ T6160]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   88.433887][ T6160]  ? vfs_write+0x75e/0x8d0
[   88.433915][ T6160]  ? __rcu_read_unlock+0x4f/0x70
[   88.433961][ T6160]  ? __fget_files+0x184/0x1c0
[   88.434005][ T6160]  __secure_computing+0x82/0x150
[   88.434034][ T6160]  syscall_trace_enter+0xcf/0x1e0
[   88.434068][ T6160]  do_syscall_64+0xaa/0x1a0
[   88.434180][ T6160]  ? clear_bhb_loop+0x40/0x90
[   88.434206][ T6160]  ? clear_bhb_loop+0x40/0x90
[   88.434232][ T6160]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.434254][ T6160] RIP: 0033:0x7ff73f81e969
[   88.434273][ T6160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.434368][ T6160] RSP: 002b:00007ff73de87038 EFLAGS: 00000246 ORIG_RAX: 00000000000001cb
[   88.434388][ T6160] RAX: ffffffffffffffda RBX: 00007ff73fa45fa0 RCX: 00007ff73f81e969
[   88.434404][ T6160] RDX: 0000200000000040 RSI: ffffffffffffffff RDI: 0000000000000064
[   88.434421][ T6160] RBP: 00007ff73de87090 R08: 0000000000000000 R09: 0000000000000000
[   88.434463][ T6160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.434480][ T6160] R13: 0000000000000000 R14: 00007ff73fa45fa0 R15: 00007ffe53e72b08
[   88.434506][ T6160]  </TASK>
[   88.434764][ T6163] vhci_hcd: connection closed
[   88.435258][ T5880] vhci_hcd: stop threads
[   88.435267][ T5880] vhci_hcd: release socket
[   88.435360][ T5880] vhci_hcd: disconnect device
[   88.792095][ T6180] loop1: detected capacity change from 0 to 512
[   88.798802][ T6180] EXT4-fs: Ignoring removed nomblk_io_submit option
[   88.805543][ T6180] ext2: Bad value for 'resgid'
[   88.810427][ T6180] ext2: Bad value for 'resgid'
[   88.917773][ T6180] netlink: 4 bytes leftover after parsing attributes in process `syz.1.888'.
[   88.972463][ T6184] FAULT_INJECTION: forcing a failure.
[   88.972463][ T6184] name failslab, interval 1, probability 0, space 0, times 0
[   88.985165][ T6184] CPU: 0 UID: 0 PID: 6184 Comm: syz.4.890 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(voluntary) 
[   88.985218][ T6184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   88.985242][ T6184] Call Trace:
[   88.985251][ T6184]  <TASK>
[   88.985261][ T6184]  __dump_stack+0x1d/0x30
[   88.985287][ T6184]  dump_stack_lvl+0xe8/0x140
[   88.985306][ T6184]  dump_stack+0x15/0x1b
[   88.985358][ T6184]  should_fail_ex+0x265/0x280
[   88.985398][ T6184]  should_failslab+0x8c/0xb0
[   88.985441][ T6184]  kmem_cache_alloc_node_noprof+0x57/0x320
[   88.985471][ T6184]  ? __alloc_skb+0x101/0x320
[   88.985563][ T6184]  __alloc_skb+0x101/0x320
[   88.985601][ T6184]  netlink_alloc_large_skb+0xba/0xf0
[   88.985633][ T6184]  netlink_sendmsg+0x3cf/0x6b0
[   88.985675][ T6184]  ? __pfx_netlink_sendmsg+0x10/0x10
[   88.985702][ T6184]  __sock_sendmsg+0x145/0x180
[   88.985805][ T6184]  ____sys_sendmsg+0x31e/0x4e0
[   88.985828][ T6184]  ___sys_sendmsg+0x17b/0x1d0
[   88.985862][ T6184]  __x64_sys_sendmsg+0xd4/0x160
[   88.985968][ T6184]  x64_sys_call+0x2999/0x2fb0
[   88.985988][ T6184]  do_syscall_64+0xd0/0x1a0
[   88.986081][ T6184]  ? clear_bhb_loop+0x40/0x90
[   88.986101][ T6184]  ? clear_bhb_loop+0x40/0x90
[   88.986122][ T6184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.986143][ T6184] RIP: 0033:0x7f7f9a7fe969
[   88.986193][ T6184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.986276][ T6184] RSP: 002b:00007f7f98e67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   88.986294][ T6184] RAX: ffffffffffffffda RBX: 00007f7f9aa25fa0 RCX: 00007f7f9a7fe969
[   88.986337][ T6184] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000005
[   88.986379][ T6184] RBP: 00007f7f98e67090 R08: 0000000000000000 R09: 0000000000000000
[   88.986389][ T6184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.986401][ T6184] R13: 0000000000000000 R14: 00007f7f9aa25fa0 R15: 00007ffdeb5ef708
[   88.986419][ T6184]  </TASK>
[   89.258844][ T6188] loop0: detected capacity change from 0 to 2048
[   89.259128][ T6190] loop3: detected capacity change from 0 to 2048
[   89.282439][ T6192] loop4: detected capacity change from 0 to 1024
[   89.316892][ T6192] EXT4-fs (loop4): VFS: Can't find ext4 filesystem
[   89.409731][ T6207] netlink: 4 bytes leftover after parsing attributes in process `syz.4.894'.
[   89.438680][ T6210] loop3: detected capacity change from 0 to 512
[   89.449551][ T6210] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   89.473090][ T6210] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 393220)!
[   89.483789][ T6210] EXT4-fs (loop3): group descriptors corrupted!
[   89.543044][ T6217] netlink: 4 bytes leftover after parsing attributes in process `syz.0.902'.
[   89.611202][ T6224] loop3: detected capacity change from 0 to 512
[   89.696191][ T6232] netlink: 14 bytes leftover after parsing attributes in process `syz.0.906'.
[   89.711931][ T6232] netlink: 'syz.0.906': attribute type 10 has an invalid length.
[   89.719846][ T6232] netlink: 40 bytes leftover after parsing attributes in process `syz.0.906'.
[   89.730343][ T6232] batadv0: entered promiscuous mode
[   89.735681][ T6232] batadv0: entered allmulticast mode
[   89.743952][ T6232] bridge0: port 3(batadv0) entered blocking state
[   89.750549][ T6232] bridge0: port 3(batadv0) entered disabled state
[   89.851952][ T6236] loop3: detected capacity change from 0 to 2048
[   89.890986][ T6238] loop0: detected capacity change from 0 to 2048
[   89.938838][ T6244] netlink: 4 bytes leftover after parsing attributes in process `syz.3.910'.
[   89.981873][ T6244] netlink: 4 bytes leftover after parsing attributes in process `syz.3.910'.
[   90.004488][ T6248] loop0: detected capacity change from 0 to 1024
[   90.016497][ T6248] EXT4-fs (loop0): VFS: Can't find ext4 filesystem
[   90.141674][ T6248] netlink: 4 bytes leftover after parsing attributes in process `syz.0.911'.
[   90.259965][ T6264] loop0: detected capacity change from 0 to 512
[   90.336542][ T6260] infiniband syz!: set active
[   90.341379][ T6260] infiniband syz!: added team_slave_0
[   90.348156][ T5926] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   90.357466][ T5926] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   90.369400][ T6264] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   90.397443][ T6264] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 393220)!
[   90.408133][ T6264] EXT4-fs (loop0): group descriptors corrupted!
[   90.513985][ T6260] RDS/IB: syz!: added
[   90.525749][ T6260] smc: adding ib device syz! with port count 1
[   90.545554][ T6260] smc:    ib device syz! port 1 has pnetid 
[   91.587447][ T6280] serio: Serial port ptm1
[   91.646106][ T6280] FAULT_INJECTION: forcing a failure.
[   91.646106][ T6280] name failslab, interval 1, probability 0, space 0, times 0
[   91.658834][ T6280] CPU: 0 UID: 0 PID: 6280 Comm: syz.0.923 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(voluntary) 
[   91.658910][ T6280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   91.658928][ T6280] Call Trace:
[   91.658937][ T6280]  <TASK>
[   91.658946][ T6280]  __dump_stack+0x1d/0x30
[   91.658972][ T6280]  dump_stack_lvl+0xe8/0x140
[   91.658998][ T6280]  dump_stack+0x15/0x1b
[   91.659066][ T6280]  should_fail_ex+0x265/0x280
[   91.659174][ T6280]  should_failslab+0x8c/0xb0
[   91.659215][ T6280]  kmem_cache_alloc_node_noprof+0x57/0x320
[   91.659299][ T6280]  ? __alloc_skb+0x101/0x320
[   91.659344][ T6280]  __alloc_skb+0x101/0x320
[   91.659408][ T6280]  alloc_uevent_skb+0x5c/0x120
[   91.659512][ T6280]  kobject_uevent_net_broadcast+0x23c/0x410
[   91.659748][ T6280]  kobject_uevent_env+0x43d/0x570
[   91.659783][ T6280]  ? device_pm_check_callbacks+0x683/0x6a0
[   91.659828][ T6280]  kobject_uevent+0x1d/0x30
[   91.659934][ T6280]  device_del+0x710/0x790
[   91.660010][ T6280]  serio_destroy_port+0x264/0x320
[   91.660043][ T6280]  serio_unregister_port+0xe1/0x100
[   91.660081][ T6280]  serport_ldisc_read+0x2cd/0x300
[   91.660173][ T6280]  tty_read+0x151/0x470
[   91.660207][ T6280]  ? _parse_integer_limit+0x170/0x190
[   91.660252][ T6280]  ? __import_iovec+0x428/0x540
[   91.660285][ T6280]  do_iter_readv_writev+0x421/0x4c0
[   91.660362][ T6280]  vfs_readv+0x1e3/0x670
[   91.660392][ T6280]  do_readv+0xe7/0x210
[   91.660411][ T6280]  __x64_sys_readv+0x45/0x50
[   91.660452][ T6280]  x64_sys_call+0x29af/0x2fb0
[   91.660481][ T6280]  do_syscall_64+0xd0/0x1a0
[   91.660513][ T6280]  ? clear_bhb_loop+0x40/0x90
[   91.660541][ T6280]  ? clear_bhb_loop+0x40/0x90
[   91.660647][ T6280]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.660672][ T6280] RIP: 0033:0x7f1ce23ae969
[   91.660741][ T6280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.660760][ T6280] RSP: 002b:00007f1ce0a17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[   91.660780][ T6280] RAX: ffffffffffffffda RBX: 00007f1ce25d5fa0 RCX: 00007f1ce23ae969
[   91.660792][ T6280] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000003
[   91.660805][ T6280] RBP: 00007f1ce0a17090 R08: 0000000000000000 R09: 0000000000000000
[   91.660822][ T6280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.660944][ T6280] R13: 0000000000000000 R14: 00007f1ce25d5fa0 R15: 00007fffe28fffb8
[   91.660996][ T6280]  </TASK>
[   92.284725][ T6292] loop1: detected capacity change from 0 to 512
[   92.384361][   T29] kauditd_printk_skb: 99 callbacks suppressed
[   92.384381][   T29] audit: type=1326 audit(23778991.470:2113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6296 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fb9aee969 code=0x7ffc0000
[   92.413829][   T29] audit: type=1326 audit(23778991.470:2114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6296 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0fb9aee969 code=0x7ffc0000
[   92.437094][   T29] audit: type=1326 audit(23778991.470:2115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6296 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fb9aee969 code=0x7ffc0000
[   92.460505][   T29] audit: type=1326 audit(23778991.470:2116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6296 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0fb9aee969 code=0x7ffc0000
[   92.483806][   T29] audit: type=1326 audit(23778991.470:2117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6296 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fb9aee969 code=0x7ffc0000
[   92.507036][   T29] audit: type=1326 audit(23778991.470:2118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6296 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0fb9aee969 code=0x7ffc0000
[   92.530233][   T29] audit: type=1326 audit(23778991.470:2119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6296 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fb9aee969 code=0x7ffc0000
[   92.533100][ T6297] audit: audit_backlog=65 > audit_backlog_limit=64
[   92.553415][   T29] audit: type=1326 audit(23778991.470:2120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6296 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0fb9aee969 code=0x7ffc0000
[   92.553454][   T29] audit: type=1326 audit(23778991.470:2121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6296 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fb9aee969 code=0x7ffc0000
[   92.739616][ T6308] loop1: detected capacity change from 0 to 512
[   92.752135][ T6306] loop2: detected capacity change from 0 to 2048
[   92.768444][ T6310] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[   92.775004][ T6310] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   92.782799][ T6310] vhci_hcd vhci_hcd.0: Device attached
[   92.788978][ T6306] EXT4-fs: Ignoring removed bh option
[   92.796608][ T6310] xt_TPROXY: Can be used only with -p tcp or -p udp
[   92.880049][ T6320] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   92.943371][ T6320] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   92.955665][ T6320] EXT4-fs (loop2): This should not happen!! Data will be lost
[   92.955665][ T6320] 
[   92.965426][ T6320] EXT4-fs (loop2): Total free blocks count 0
[   92.971472][ T6320] EXT4-fs (loop2): Free/Dirty block details
[   92.977389][ T6320] EXT4-fs (loop2): free_blocks=2415919104
[   92.983253][ T6320] EXT4-fs (loop2): dirty_blocks=304
[   92.988497][ T6320] EXT4-fs (loop2): Block reservation details
[   92.994618][ T6320] EXT4-fs (loop2): i_reserved_data_blocks=19
[   93.060272][    T9] usb 1-1: new high-speed USB device number 2 using vhci_hcd
[   93.123741][ T6323] __nla_validate_parse: 4 callbacks suppressed
[   93.123762][ T6323] netlink: 8 bytes leftover after parsing attributes in process `syz.2.935'.
[   93.180672][ T6327] pim6reg1: entered promiscuous mode
[   93.186309][ T6327] pim6reg1: entered allmulticast mode
[   93.440105][ T6311] vhci_hcd: connection reset by peer
[   93.445804][ T5926] vhci_hcd: stop threads
[   93.450104][ T5926] vhci_hcd: release socket
[   93.454559][ T5926] vhci_hcd: disconnect device
[   93.503220][ T6333] netlink: 4 bytes leftover after parsing attributes in process `syz.3.939'.
[   93.547082][ T6333] netlink: 4 bytes leftover after parsing attributes in process `syz.3.939'.
[   93.570865][ T5936] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28
[   93.577686][ T6335] loop3: detected capacity change from 0 to 512
[   93.584181][ T5936] EXT4-fs (loop2): This should not happen!! Data will be lost
[   93.584181][ T5936] 
[   93.674640][ T6339] loop2: detected capacity change from 0 to 164
[   93.682129][ T6339] ISOFS: unable to read i-node block
[   93.687487][ T6339] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   93.701731][ T6341] loop3: detected capacity change from 0 to 512
[   93.825746][ T6348] loop4: detected capacity change from 0 to 512
[   93.879547][ T6351] loop2: detected capacity change from 0 to 2048
[   93.910401][ T6351] EXT4-fs error (device loop2): ext4_find_extent:938: inode #2: comm syz.2.943: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   93.939318][ T6351] EXT4-fs error (device loop2): ext4_find_extent:938: inode #2: comm syz.2.943: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   93.984464][ T6351] EXT4-fs error (device loop2): ext4_find_extent:938: inode #2: comm syz.2.943: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   94.001776][ T6360] FAULT_INJECTION: forcing a failure.
[   94.001776][ T6360] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   94.015255][ T6360] CPU: 0 UID: 0 PID: 6360 Comm: syz.0.947 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(voluntary) 
[   94.015363][ T6360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.015377][ T6360] Call Trace:
[   94.015382][ T6360]  <TASK>
[   94.015389][ T6360]  __dump_stack+0x1d/0x30
[   94.015417][ T6360]  dump_stack_lvl+0xe8/0x140
[   94.015485][ T6360]  dump_stack+0x15/0x1b
[   94.015503][ T6360]  should_fail_ex+0x265/0x280
[   94.015544][ T6360]  should_fail_alloc_page+0xf2/0x100
[   94.015622][ T6360]  __alloc_frozen_pages_noprof+0xff/0x360
[   94.015704][ T6360]  __alloc_pages_noprof+0x9/0x20
[   94.015737][ T6360]  ___kmalloc_large_node+0x73/0x130
[   94.015766][ T6360]  __kmalloc_large_noprof+0x18/0xa0
[   94.015854][ T6360]  ksys_ioperm+0xff/0x2e0
[   94.015913][ T6360]  ? __x64_sys_ioperm+0xd/0x20
[   94.015934][ T6360]  x64_sys_call+0x1127/0x2fb0
[   94.015956][ T6360]  do_syscall_64+0xd0/0x1a0
[   94.015997][ T6360]  ? clear_bhb_loop+0x40/0x90
[   94.016021][ T6360]  ? clear_bhb_loop+0x40/0x90
[   94.016042][ T6360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.016114][ T6360] RIP: 0033:0x7f1ce23ae969
[   94.016134][ T6360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.016154][ T6360] RSP: 002b:00007f1ce0a17038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ad
[   94.016174][ T6360] RAX: ffffffffffffffda RBX: 00007f1ce25d5fa0 RCX: 00007f1ce23ae969
[   94.016212][ T6360] RDX: 0000000000000007 RSI: 0000000000000044 RDI: 0000000000000000
[   94.016227][ T6360] RBP: 00007f1ce0a17090 R08: 0000000000000000 R09: 0000000000000000
[   94.016239][ T6360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.016251][ T6360] R13: 0000000000000000 R14: 00007f1ce25d5fa0 R15: 00007fffe28fffb8
[   94.016270][ T6360]  </TASK>
[   94.284526][ T6295] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 2: invalid block bitmap
[   94.392014][ T6370] loop4: detected capacity change from 0 to 2048
[   94.400080][ T6370] EXT4-fs: Ignoring removed bh option
[   94.412061][ T6375] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[   94.555704][ T6385] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   94.613507][ T6385] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   94.625830][ T6385] EXT4-fs (loop4): This should not happen!! Data will be lost
[   94.625830][ T6385] 
[   94.635568][ T6385] EXT4-fs (loop4): Total free blocks count 0
[   94.641608][ T6385] EXT4-fs (loop4): Free/Dirty block details
[   94.647545][ T6385] EXT4-fs (loop4): free_blocks=2415919104
[   94.653379][ T6385] EXT4-fs (loop4): dirty_blocks=592
[   94.657922][ T6388] netlink: 8 bytes leftover after parsing attributes in process `syz.4.951'.
[   94.658579][ T6385] EXT4-fs (loop4): Block reservation details
[   94.673427][ T6385] EXT4-fs (loop4): i_reserved_data_blocks=40
[   94.712556][ T6390] netlink: 8 bytes leftover after parsing attributes in process `syz.1.957'.
[   94.725482][ T6390] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   94.827130][ T6392] loop2: detected capacity change from 0 to 8192
[   94.978920][ T6392]  loop2: p1 p2 < > p3 p4 < p5 >
[   94.984037][ T6392] loop2: partition table partially beyond EOD, truncated
[   95.002693][ T6392] loop2: p1 size 100663296 extends beyond EOD, truncated
[   95.030369][ T6392] loop2: p2 start 591104 is beyond EOD, truncated
[   95.036872][ T6392] loop2: p3 start 33572980 is beyond EOD, truncated
[   95.077525][ T6392] loop2: p5 size 100663296 extends beyond EOD, truncated
[   95.089000][ T6403] FAULT_INJECTION: forcing a failure.
[   95.089000][ T6403] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   95.102198][ T6403] CPU: 0 UID: 0 PID: 6403 Comm: syz.0.960 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(voluntary) 
[   95.102231][ T6403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   95.102247][ T6403] Call Trace:
[   95.102325][ T6403]  <TASK>
[   95.102335][ T6403]  __dump_stack+0x1d/0x30
[   95.102361][ T6403]  dump_stack_lvl+0xe8/0x140
[   95.102433][ T6403]  dump_stack+0x15/0x1b
[   95.102557][ T6403]  should_fail_ex+0x265/0x280
[   95.102592][ T6403]  should_fail+0xb/0x20
[   95.102707][ T6403]  should_fail_usercopy+0x1a/0x20
[   95.102735][ T6403]  _copy_from_user+0x1c/0xb0
[   95.102805][ T6403]  ___sys_sendmsg+0xc1/0x1d0
[   95.102841][ T6403]  __x64_sys_sendmsg+0xd4/0x160
[   95.102927][ T6403]  x64_sys_call+0x2999/0x2fb0
[   95.102956][ T6403]  do_syscall_64+0xd0/0x1a0
[   95.102980][ T6403]  ? clear_bhb_loop+0x40/0x90
[   95.103010][ T6403]  ? clear_bhb_loop+0x40/0x90
[   95.103036][ T6403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.103119][ T6403] RIP: 0033:0x7f1ce23ae969
[   95.103139][ T6403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.103158][ T6403] RSP: 002b:00007f1ce0a17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   95.103244][ T6403] RAX: ffffffffffffffda RBX: 00007f1ce25d5fa0 RCX: 00007f1ce23ae969
[   95.103258][ T6403] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000003
[   95.103271][ T6403] RBP: 00007f1ce0a17090 R08: 0000000000000000 R09: 0000000000000000
[   95.103283][ T6403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.103332][ T6403] R13: 0000000000000000 R14: 00007f1ce25d5fa0 R15: 00007fffe28fffb8
[   95.103356][ T6403]  </TASK>
[   95.385155][ T5889] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28
[   95.397787][ T5889] EXT4-fs (loop4): This should not happen!! Data will be lost
[   95.397787][ T5889] 
[   95.398277][ T6407] netlink: 4 bytes leftover after parsing attributes in process `syz.3.962'.
[   95.563706][ T6418] loop1: detected capacity change from 0 to 512
[   95.584326][ T6407] netlink: 4 bytes leftover after parsing attributes in process `syz.3.962'.
[   95.644433][ T6418] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.966: invalid indirect mapped block 256 (level 2)
[   95.669985][ T6428] netlink: 24 bytes leftover after parsing attributes in process `syz.0.970'.
[   95.679085][ T6418] EXT4-fs (loop1): 2 truncates cleaned up
[   95.687714][ T6418] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.966: bg 0: block 5: invalid block bitmap
[   95.701953][ T6425] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[   95.709434][ T6434] FAULT_INJECTION: forcing a failure.
[   95.709434][ T6434] name failslab, interval 1, probability 0, space 0, times 0
[   95.722305][ T6434] CPU: 0 UID: 0 PID: 6434 Comm: syz.3.974 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(voluntary) 
[   95.722344][ T6434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   95.722362][ T6434] Call Trace:
[   95.722369][ T6434]  <TASK>
[   95.722379][ T6434]  __dump_stack+0x1d/0x30
[   95.722453][ T6434]  dump_stack_lvl+0xe8/0x140
[   95.722481][ T6434]  dump_stack+0x15/0x1b
[   95.722501][ T6434]  should_fail_ex+0x265/0x280
[   95.722535][ T6434]  should_failslab+0x8c/0xb0
[   95.722595][ T6434]  kmem_cache_alloc_noprof+0x50/0x310
[   95.722615][ T6434]  ? getname_flags+0x80/0x3b0
[   95.722651][ T6434]  getname_flags+0x80/0x3b0
[   95.722698][ T6434]  user_path_at+0x28/0x130
[   95.722719][ T6434]  __se_sys_mount+0x25b/0x2e0
[   95.722753][ T6434]  ? fput+0x8f/0xc0
[   95.722804][ T6418] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   95.722778][ T6434]  __x64_sys_mount+0x67/0x80
[   95.722877][ T6434]  x64_sys_call+0xd36/0x2fb0
[   95.722937][ T6434]  do_syscall_64+0xd0/0x1a0
[   95.723037][ T6434]  ? clear_bhb_loop+0x40/0x90
[   95.723068][ T6434]  ? clear_bhb_loop+0x40/0x90
[   95.723098][ T6434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.723135][ T6434] RIP: 0033:0x7f0fb9aee969
[   95.723156][ T6434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.723181][ T6434] RSP: 002b:00007f0fb8157038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   95.723208][ T6434] RAX: ffffffffffffffda RBX: 00007f0fb9d15fa0 RCX: 00007f0fb9aee969
[   95.723225][ T6434] RDX: 0000200000000000 RSI: 0000200000000140 RDI: 0000000000000000
[   95.723304][ T6434] RBP: 00007f0fb8157090 R08: 00002000000001c0 R09: 0000000000000000
[   95.723356][ T6434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.723373][ T6434] R13: 0000000000000000 R14: 00007f0fb9d15fa0 R15: 00007ffedd4c56b8
[   95.723399][ T6434]  </TASK>
[   95.770568][ T6437] loop0: detected capacity change from 0 to 512
[   95.774321][ T6418] EXT4-fs (loop1): This should not happen!! Data will be lost
[   95.774321][ T6418] 
[   95.774337][ T6418] EXT4-fs (loop1): Total free blocks count 0
[   95.774350][ T6418] EXT4-fs (loop1): Free/Dirty block details
[   95.774361][ T6418] EXT4-fs (loop1): free_blocks=0
[   95.774373][ T6418] EXT4-fs (loop1): dirty_blocks=1
[   95.774384][ T6418] EXT4-fs (loop1): Block reservation details
[   95.963465][ T6418] EXT4-fs (loop1): i_reserved_data_blocks=1
[   95.996216][ T6447] loop4: detected capacity change from 0 to 1024
[   96.010451][ T6447] EXT4-fs (loop4): VFS: Can't find ext4 filesystem
[   96.020190][ T6442] netlink: 4 bytes leftover after parsing attributes in process `syz.3.978'.
[   96.072596][ T6442] netlink: 4 bytes leftover after parsing attributes in process `syz.3.978'.
[   96.304828][ T6467] capability: warning: `' uses 32-bit capabilities (legacy support in use)
[   96.322469][ T6482] loop1: detected capacity change from 0 to 512
[   96.843642][ T6522] loop3: detected capacity change from 0 to 512
[   96.859637][ T6525] loop0: detected capacity change from 0 to 164
[   96.880014][ T6525] ISOFS: unable to read i-node block
[   96.885484][ T6525] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   96.885495][ T6526] loop2: detected capacity change from 0 to 164
[   96.933789][ T6526] ISOFS: unable to read i-node block
[   96.939139][ T6526] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   96.954057][ T6535] loop0: detected capacity change from 0 to 512
[   96.981345][ T6537] loop1: detected capacity change from 0 to 2048
[   96.988283][ T6537] EXT4-fs: Ignoring removed bh option
[   97.041734][ T6544] loop3: detected capacity change from 0 to 512
[   97.141799][ T6555] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   97.162479][ T6555] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   97.174959][ T6555] EXT4-fs (loop1): This should not happen!! Data will be lost
[   97.174959][ T6555] 
[   97.184860][ T6555] EXT4-fs (loop1): Total free blocks count 0
[   97.191022][ T6555] EXT4-fs (loop1): Free/Dirty block details
[   97.196935][ T6555] EXT4-fs (loop1): free_blocks=2415919104
[   97.202890][ T6555] EXT4-fs (loop1): dirty_blocks=784
[   97.208168][ T6555] EXT4-fs (loop1): Block reservation details
[   97.214218][ T6555] EXT4-fs (loop1): i_reserved_data_blocks=49
[   97.239711][ T6566] loop2: detected capacity change from 0 to 128
[   97.262387][ T6569] netlink: 'syz.4.1021': attribute type 1 has an invalid length.
[   97.294798][ T6573] loop0: detected capacity change from 0 to 512
[   97.322364][ T6573] EXT4-fs mount: 72 callbacks suppressed
[   97.322383][ T6573] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.342255][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.398603][ T6578] loop3: detected capacity change from 0 to 2048
[   97.415030][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.451752][ T6578] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.502816][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.642937][   T29] kauditd_printk_skb: 10584 callbacks suppressed
[   97.642956][   T29] audit: type=1326 audit(23778996.740:12704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6592 comm="syz.0.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ce23ae969 code=0x7ffc0000
[   97.689668][   T29] audit: type=1326 audit(23778996.770:12705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6592 comm="syz.0.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ce23ae969 code=0x7ffc0000
[   97.713184][   T29] audit: type=1326 audit(23778996.770:12706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6592 comm="syz.0.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ce23ae969 code=0x7ffc0000
[   97.736624][   T29] audit: type=1326 audit(23778996.770:12707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6592 comm="syz.0.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ce23ae969 code=0x7ffc0000
[   97.760209][   T29] audit: type=1326 audit(23778996.770:12708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6592 comm="syz.0.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ce23ae969 code=0x7ffc0000
[   97.783753][   T29] audit: type=1326 audit(23778996.770:12709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6592 comm="syz.0.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ce23ae969 code=0x7ffc0000
[   97.807168][   T29] audit: type=1326 audit(23778996.770:12710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6592 comm="syz.0.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ce23ae969 code=0x7ffc0000
[   97.830667][   T29] audit: type=1326 audit(23778996.770:12711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6592 comm="syz.0.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ce23ae969 code=0x7ffc0000
[   97.854176][   T29] audit: type=1326 audit(23778996.770:12712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6592 comm="syz.0.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ce23ae969 code=0x7ffc0000
[   97.877683][   T29] audit: type=1326 audit(23778996.770:12713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6592 comm="syz.0.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ce23ae969 code=0x7ffc0000
[   97.951528][ T5877] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28
[   97.964197][ T5877] EXT4-fs (loop1): This should not happen!! Data will be lost
[   97.964197][ T5877] 
[   98.052388][ T6610] loop3: detected capacity change from 0 to 512
[   98.060734][ T6610] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1034: invalid indirect mapped block 256 (level 2)
[   98.148264][ T6613] loop0: detected capacity change from 0 to 164
[   98.182285][ T6613] ISOFS: unable to read i-node block
[   98.187625][ T6613] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   98.190231][    T9] vhci_hcd: vhci_device speed not set
[   98.197216][ T6610] EXT4-fs (loop3): 2 truncates cleaned up
[   98.220840][ T6610] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.260812][ T6610] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1034: bg 0: block 5: invalid block bitmap
[   98.301455][ T6610] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   98.313746][ T6610] EXT4-fs (loop3): This should not happen!! Data will be lost
[   98.313746][ T6610] 
[   98.323597][ T6610] EXT4-fs (loop3): Total free blocks count 0
[   98.329613][ T6610] EXT4-fs (loop3): Free/Dirty block details
[   98.335589][ T6610] EXT4-fs (loop3): free_blocks=0
[   98.340569][ T6610] EXT4-fs (loop3): dirty_blocks=1
[   98.345624][ T6610] EXT4-fs (loop3): Block reservation details
[   98.351669][ T6610] EXT4-fs (loop3): i_reserved_data_blocks=1
[   98.387698][ T6623] loop1: detected capacity change from 0 to 2048
[   98.399518][ T6622] loop0: detected capacity change from 0 to 128
[   98.422276][ T6623] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.507750][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.533850][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.652227][ T6634] loop3: detected capacity change from 0 to 2048
[   98.659005][ T6634] EXT4-fs: Ignoring removed bh option
[   98.684505][ T6634] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.736786][ T6642] loop1: detected capacity change from 0 to 512
[   98.787442][ T6645] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   98.814534][ T6642] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.823445][ T6645] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   98.839405][ T6645] EXT4-fs (loop3): This should not happen!! Data will be lost
[   98.839405][ T6645] 
[   98.849339][ T6645] EXT4-fs (loop3): Total free blocks count 0
[   98.855451][ T6645] EXT4-fs (loop3): Free/Dirty block details
[   98.861471][ T6645] EXT4-fs (loop3): free_blocks=2415919104
[   98.867212][ T6645] EXT4-fs (loop3): dirty_blocks=592
[   98.872476][ T6645] EXT4-fs (loop3): Block reservation details
[   98.878493][ T6645] EXT4-fs (loop3): i_reserved_data_blocks=55
[   98.922925][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.961511][ T6604] __nla_validate_parse: 6 callbacks suppressed
[   98.961531][ T6604] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1033'.
[   99.016972][ T6604] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1033'.
[   99.065383][ T6645] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1041'.
[   99.171896][ T6653] loop0: detected capacity change from 0 to 512
[   99.192987][ T6653] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.409989][ T6663] loop4: detected capacity change from 0 to 2048
[   99.422581][ T6663] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.450410][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.507270][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.525913][ T5886] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28
[   99.548770][ T6667] loop1: detected capacity change from 0 to 512
[   99.571530][ T6670] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[   99.578119][ T6670] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   99.585792][ T6667] 9pnet: Could not find request transport: r
[   99.585794][ T6670] vhci_hcd vhci_hcd.0: Device attached
[   99.589458][ T6670] xt_TPROXY: Can be used only with -p tcp or -p udp
[   99.609372][ T6671] vhci_hcd: connection closed
[   99.609638][ T5916] vhci_hcd: stop threads
[   99.618670][ T5916] vhci_hcd: release socket
[   99.623257][ T5916] vhci_hcd: disconnect device
[   99.696316][ T6678] loop4: detected capacity change from 0 to 164
[   99.714145][ T6680] loop1: detected capacity change from 0 to 512
[   99.724482][ T6678] ISOFS: unable to read i-node block
[   99.729802][ T6678] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   99.753860][ T6680] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.843503][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.932426][ T6701] loop3: detected capacity change from 0 to 2048
[   99.939179][ T6701] EXT4-fs: Ignoring removed bh option
[   99.958436][ T6704] loop4: detected capacity change from 0 to 2048
[   99.973346][ T6703] infiniband syz0: set down
[   99.977955][ T6703] infiniband syz0: added bond0
[   99.983430][ T6704] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.001282][ T6701] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.045151][ T6703] RDS/IB: syz0: added
[  100.050058][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.060988][ T6703] smc: adding ib device syz0 with port count 1
[  100.071134][ T6703] smc:    ib device syz0 port 1 has pnetid 
[  100.130381][ T6715] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  100.158762][ T6714] loop4: detected capacity change from 0 to 2048
[  100.161323][ T6715] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  100.177956][ T6715] EXT4-fs (loop3): This should not happen!! Data will be lost
[  100.177956][ T6715] 
[  100.187645][ T6715] EXT4-fs (loop3): Total free blocks count 0
[  100.193808][ T6715] EXT4-fs (loop3): Free/Dirty block details
[  100.199749][ T6715] EXT4-fs (loop3): free_blocks=2415919104
[  100.205540][ T6715] EXT4-fs (loop3): dirty_blocks=1872
[  100.210894][ T6715] EXT4-fs (loop3): Block reservation details
[  100.216917][ T6715] EXT4-fs (loop3): i_reserved_data_blocks=117
[  100.242649][ T6714] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.288778][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.366010][ T6725] loop4: detected capacity change from 0 to 164
[  100.377330][ T6725] ISOFS: unable to read i-node block
[  100.382693][ T6725] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  100.460443][ T6715] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1063'.
[  100.499931][ T6730] loop4: detected capacity change from 0 to 512
[  100.533931][ T6689] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1058'.
[  100.564232][ T6689] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1058'.
[  100.575156][ T6730] 9pnet: Could not find request transport: r
[  100.636092][ T6734] loop4: detected capacity change from 0 to 512
[  100.681841][ T6734] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.766343][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.780334][ T6740] netlink: 'syz.1.1073': attribute type 7 has an invalid length.
[  100.788116][ T6740] netlink: 'syz.1.1073': attribute type 8 has an invalid length.
[  100.830300][ T6740] net_ratelimit: 10 callbacks suppressed
[  100.830345][ T6740] netlink: zone id is out of range
[  100.833315][ T5916] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28
[  100.835999][ T6740] netlink: zone id is out of range
[  100.836009][ T6740] netlink: zone id is out of range
[  100.844272][ T6745] loop4: detected capacity change from 0 to 512
[  100.853770][ T6740] netlink: zone id is out of range
[  100.853778][ T6740] netlink: zone id is out of range
[  100.853784][ T6740] netlink: zone id is out of range
[  100.882183][ T6743] syz2: rxe_newlink: already configured on veth0_to_bond
[  100.885741][ T6740] netlink: zone id is out of range
[  100.898095][ T6740] netlink: zone id is out of range
[  100.903287][ T6740] netlink: zone id is out of range
[  100.908395][ T6740] netlink: zone id is out of range
[  100.949524][ T6745] EXT4-fs (loop4): 1 orphan inode deleted
[  100.956042][ T6745] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.970927][ T5916] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:47: Failed to release dquot type 1
[  100.988398][ T6752] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  101.009675][ T6760] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1080'.
[  101.019083][ T6760] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1080'.
[  101.077033][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.101329][ T6765] loop2: detected capacity change from 0 to 512
[  101.124819][ T6767] loop1: detected capacity change from 0 to 512
[  101.150864][ T6770] loop4: detected capacity change from 0 to 512
[  101.157704][ T6765] 9pnet: Could not find request transport: r
[  101.175870][ T6767] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.214610][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.215308][ T6770] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.310415][ T6784] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  101.403150][ T6792] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1092'.
[  101.419767][ T6792] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1092'.
[  101.460470][ T6801] loop0: detected capacity change from 0 to 512
[  101.469990][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.497310][ T6801] 9pnet: Could not find request transport: r
[  101.522982][ T6806] loop2: detected capacity change from 0 to 512
[  101.541998][ T6806] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1099: invalid indirect mapped block 256 (level 2)
[  101.557770][ T6806] EXT4-fs (loop2): 2 truncates cleaned up
[  101.564931][ T6806] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.582062][ T6806] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1099: bg 0: block 5: invalid block bitmap
[  101.626098][ T6816] loop3: detected capacity change from 0 to 164
[  101.633180][ T6806] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  101.645466][ T6806] EXT4-fs (loop2): This should not happen!! Data will be lost
[  101.645466][ T6806] 
[  101.655311][ T6806] EXT4-fs (loop2): Total free blocks count 0
[  101.655330][ T6816] ISOFS: unable to read i-node block
[  101.655347][ T6816] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  101.661433][ T6806] EXT4-fs (loop2): Free/Dirty block details
[  101.675688][ T6806] EXT4-fs (loop2): free_blocks=0
[  101.686677][ T6806] EXT4-fs (loop2): dirty_blocks=1
[  101.691858][ T6806] EXT4-fs (loop2): Block reservation details
[  101.697853][ T6806] EXT4-fs (loop2): i_reserved_data_blocks=1
[  101.724276][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.779187][ T6821] loop0: detected capacity change from 0 to 1024
[  101.799766][ T6821] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  101.809555][ T6821] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  101.823530][ T6821] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  101.832790][ T6821] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 2: comm syz.0.1105: lblock 2 mapped to illegal pblock 2 (length 1)
[  101.848188][ T6821] EXT4-fs (loop0): Remounting filesystem read-only
[  101.860355][ T6821] EXT4-fs (loop0): 1 orphan inode deleted
[  101.866315][ T6825] loop2: detected capacity change from 0 to 2048
[  101.870677][ T6821] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.909058][ T6825] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.930711][ T6821] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.959764][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.031462][ T6837] loop2: detected capacity change from 0 to 512
[  102.065048][ T6837] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.084163][ T6840] loop3: detected capacity change from 0 to 2048
[  102.121676][ T6821] loop0: detected capacity change from 0 to 512
[  102.143136][ T6840] EXT4-fs: Ignoring removed i_version option
[  102.158631][ T6821] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.1105: Failed to acquire dquot type 1
[  102.170227][ T6835] loop4: detected capacity change from 0 to 8192
[  102.189596][ T6840] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.207342][ T6821] EXT4-fs (loop0): 1 truncate cleaned up
[  102.264074][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.273889][ T6821] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.288006][ T6840] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 345: padding at end of block bitmap is not set
[  102.302053][ T6840] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 117
[  102.314548][ T6840] EXT4-fs (loop3): This should not happen!! Data will be lost
[  102.314548][ T6840] 
[  102.325277][ T6821] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.366129][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.435941][ T6857] loop2: detected capacity change from 0 to 512
[  102.457899][ T6857] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1114: invalid indirect mapped block 256 (level 2)
[  102.492609][ T6857] EXT4-fs (loop2): 2 truncates cleaned up
[  102.503805][ T6866] loop1: detected capacity change from 0 to 164
[  102.507785][ T6864] loop0: detected capacity change from 0 to 2048
[  102.519259][ T6857] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.535046][ T6866] ISOFS: unable to read i-node block
[  102.540445][ T6866] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  102.549819][ T6862] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  102.588749][ T6857] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1114: bg 0: block 5: invalid block bitmap
[  102.592773][ T6864] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.614816][ T6857] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  102.627092][ T6857] EXT4-fs (loop2): This should not happen!! Data will be lost
[  102.627092][ T6857] 
[  102.636901][ T6857] EXT4-fs (loop2): Total free blocks count 0
[  102.643039][ T6857] EXT4-fs (loop2): Free/Dirty block details
[  102.649182][ T6857] EXT4-fs (loop2): free_blocks=0
[  102.654239][   T29] kauditd_printk_skb: 315 callbacks suppressed
[  102.654251][ T6857] EXT4-fs (loop2): dirty_blocks=1
[  102.654255][   T29] audit: type=1326 audit(23779001.740:13024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6874 comm="syz.3.1122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0fb9aee969 code=0x7ffc0000
[  102.660553][ T6857] EXT4-fs (loop2): Block reservation details
[  102.667540][   T29] audit: type=1326 audit(23779001.760:13025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6874 comm="syz.3.1122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fb9aee969 code=0x7ffc0000
[  102.689019][ T6857] EXT4-fs (loop2): i_reserved_data_blocks=1
[  102.730152][   T29] audit: type=1326 audit(23779001.820:13026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6874 comm="syz.3.1122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fb9aee969 code=0x7ffc0000
[  102.753665][   T29] audit: type=1326 audit(23779001.820:13027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6874 comm="syz.3.1122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0fb9aee969 code=0x7ffc0000
[  102.777056][   T29] audit: type=1326 audit(23779001.820:13028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6874 comm="syz.3.1122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fb9aee969 code=0x7ffc0000
[  102.800514][   T29] audit: type=1326 audit(23779001.820:13029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6874 comm="syz.3.1122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0fb9aee969 code=0x7ffc0000
[  102.823830][   T29] audit: type=1326 audit(23779001.820:13030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6874 comm="syz.3.1122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fb9aee969 code=0x7ffc0000
[  102.823977][ T6877] loop4: detected capacity change from 0 to 512
[  102.847162][   T29] audit: type=1326 audit(23779001.820:13031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6874 comm="syz.3.1122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f0fb9aee969 code=0x7ffc0000
[  102.876880][   T29] audit: type=1326 audit(23779001.820:13032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6874 comm="syz.3.1122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fb9aee969 code=0x7ffc0000
[  102.900249][   T29] audit: type=1326 audit(23779001.820:13033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6874 comm="syz.3.1122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0fb9aee969 code=0x7ffc0000
[  102.926482][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.937876][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.947909][ T6877] 9pnet: Could not find request transport: r
[  102.961993][ T6880] macvlan2: entered promiscuous mode
[  102.967362][ T6880] bridge0: entered promiscuous mode
[  102.973704][ T6880] bridge0: port 1(macvlan2) entered blocking state
[  102.980440][ T6880] bridge0: port 1(macvlan2) entered disabled state
[  103.000046][ T6889] loop0: detected capacity change from 0 to 512
[  103.009695][ T6889] EXT4-fs: Invalid want_extra_isize 2097256
[  103.049907][ T6880] macvlan2: entered allmulticast mode
[  103.055462][ T6880] bridge0: entered allmulticast mode
[  103.080669][ T6880] macvlan2: left allmulticast mode
[  103.085849][ T6880] bridge0: left allmulticast mode
[  103.116535][ T6880] bridge0: left promiscuous mode
[  103.128366][ T6906] loop3: detected capacity change from 0 to 2048
[  103.138256][ T6905] FAULT_INJECTION: forcing a failure.
[  103.138256][ T6905] name failslab, interval 1, probability 0, space 0, times 0
[  103.151034][ T6905] CPU: 1 UID: 0 PID: 6905 Comm: syz.2.1133 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(voluntary) 
[  103.151110][ T6905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  103.151127][ T6905] Call Trace:
[  103.151135][ T6905]  <TASK>
[  103.151144][ T6905]  __dump_stack+0x1d/0x30
[  103.151171][ T6905]  dump_stack_lvl+0xe8/0x140
[  103.151238][ T6905]  dump_stack+0x15/0x1b
[  103.151265][ T6905]  should_fail_ex+0x265/0x280
[  103.151321][ T6905]  should_failslab+0x8c/0xb0
[  103.151355][ T6905]  kmem_cache_alloc_noprof+0x50/0x310
[  103.151380][ T6905]  ? audit_log_start+0x365/0x6c0
[  103.151496][ T6905]  audit_log_start+0x365/0x6c0
[  103.151570][ T6905]  audit_seccomp+0x48/0x100
[  103.151605][ T6905]  ? __seccomp_filter+0x68c/0x10d0
[  103.151635][ T6905]  __seccomp_filter+0x69d/0x10d0
[  103.151681][ T6905]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  103.151777][ T6905]  ? vfs_write+0x75e/0x8d0
[  103.151808][ T6905]  ? radix_tree_lookup+0xfa/0x140
[  103.151842][ T6905]  ? __ptrace_may_access+0x1c7/0x340
[  103.151925][ T6905]  __secure_computing+0x82/0x150
[  103.151955][ T6905]  syscall_trace_enter+0xcf/0x1e0
[  103.152027][ T6905]  do_syscall_64+0xaa/0x1a0
[  103.152054][ T6905]  ? clear_bhb_loop+0x40/0x90
[  103.152075][ T6905]  ? clear_bhb_loop+0x40/0x90
[  103.152104][ T6905]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.152326][ T6905] RIP: 0033:0x7feed133d37c
[  103.152353][ T6905] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  103.152379][ T6905] RSP: 002b:00007feecf9a7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  103.152405][ T6905] RAX: ffffffffffffffda RBX: 00007feed1565fa0 RCX: 00007feed133d37c
[  103.152430][ T6905] RDX: 000000000000000f RSI: 00007feecf9a70a0 RDI: 0000000000000006
[  103.152446][ T6905] RBP: 00007feecf9a7090 R08: 0000000000000000 R09: 0000000000000000
[  103.152459][ T6905] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  103.152474][ T6905] R13: 0000000000000000 R14: 00007feed1565fa0 R15: 00007fff7686f988
[  103.152501][ T6905]  </TASK>
[  103.390106][ T6906] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.424500][ T6917] loop1: detected capacity change from 0 to 512
[  103.432574][ T6914] loop0: detected capacity change from 0 to 164
[  103.440584][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.450222][ T6914] ISOFS: unable to read i-node block
[  103.455530][ T6914] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  103.486179][ T6917] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1136: invalid indirect mapped block 256 (level 2)
[  103.495661][ T6921] loop3: detected capacity change from 0 to 512
[  103.517093][ T6917] EXT4-fs (loop1): 2 truncates cleaned up
[  103.530332][ T6917] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.545151][ T6917] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1136: bg 0: block 5: invalid block bitmap
[  103.559158][ T6917] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  103.564813][ T6921] 9pnet: Could not find request transport: r
[  103.571544][ T6917] EXT4-fs (loop1): This should not happen!! Data will be lost
[  103.571544][ T6917] 
[  103.587270][ T6917] EXT4-fs (loop1): Total free blocks count 0
[  103.593373][ T6917] EXT4-fs (loop1): Free/Dirty block details
[  103.599307][ T6917] EXT4-fs (loop1): free_blocks=0
[  103.604326][ T6917] EXT4-fs (loop1): dirty_blocks=1
[  103.609367][ T6917] EXT4-fs (loop1): Block reservation details
[  103.615469][ T6917] EXT4-fs (loop1): i_reserved_data_blocks=1
[  103.666960][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.719591][ T6941] loop1: detected capacity change from 0 to 512
[  103.733293][ T6945] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  103.741662][ T6945] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  103.753019][ T6941] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.787362][ T6949] FAULT_INJECTION: forcing a failure.
[  103.787362][ T6949] name failslab, interval 1, probability 0, space 0, times 0
[  103.800152][ T6949] CPU: 1 UID: 0 PID: 6949 Comm: syz.3.1147 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(voluntary) 
[  103.800199][ T6949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  103.800213][ T6949] Call Trace:
[  103.800219][ T6949]  <TASK>
[  103.800228][ T6949]  __dump_stack+0x1d/0x30
[  103.800280][ T6949]  dump_stack_lvl+0xe8/0x140
[  103.800301][ T6949]  dump_stack+0x15/0x1b
[  103.800323][ T6949]  should_fail_ex+0x265/0x280
[  103.800358][ T6949]  ? genl_start+0x117/0x390
[  103.800438][ T6949]  should_failslab+0x8c/0xb0
[  103.800546][ T6949]  __kmalloc_cache_noprof+0x4c/0x320
[  103.800574][ T6949]  ? __kfree_skb+0x109/0x150
[  103.800595][ T6949]  genl_start+0x117/0x390
[  103.800621][ T6949]  __netlink_dump_start+0x334/0x520
[  103.800734][ T6949]  genl_family_rcv_msg_dumpit+0x115/0x180
[  103.800765][ T6949]  ? __pfx_genl_start+0x10/0x10
[  103.800789][ T6949]  ? __pfx_genl_dumpit+0x10/0x10
[  103.800848][ T6949]  ? __pfx_genl_done+0x10/0x10
[  103.800882][ T6949]  genl_rcv_msg+0x3f0/0x460
[  103.800980][ T6949]  ? __pfx_batadv_bla_backbone_dump+0x10/0x10
[  103.801012][ T6949]  netlink_rcv_skb+0x123/0x220
[  103.801141][ T6949]  ? __pfx_genl_rcv_msg+0x10/0x10
[  103.801183][ T6949]  genl_rcv+0x28/0x40
[  103.801212][ T6949]  netlink_unicast+0x5a1/0x670
[  103.801324][ T6949]  netlink_sendmsg+0x58b/0x6b0
[  103.801345][ T6949]  ? __pfx_netlink_sendmsg+0x10/0x10
[  103.801364][ T6949]  __sock_sendmsg+0x145/0x180
[  103.801390][ T6949]  sock_sendmsg+0xc1/0x130
[  103.801459][ T6949]  ? mod_objcg_state+0x40e/0x530
[  103.801492][ T6949]  splice_to_socket+0x5fe/0x9a0
[  103.801520][ T6949]  ? avc_has_perm+0xd3/0x150
[  103.801590][ T6949]  ? __pfx_splice_to_socket+0x10/0x10
[  103.801685][ T6949]  direct_splice_actor+0x153/0x2a0
[  103.801740][ T6949]  ? shmem_file_open+0x31/0x40
[  103.801776][ T6949]  splice_direct_to_actor+0x30f/0x680
[  103.801806][ T6949]  ? __pfx_direct_splice_actor+0x10/0x10
[  103.801958][ T6949]  do_splice_direct+0xda/0x150
[  103.801987][ T6949]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  103.802021][ T6949]  do_sendfile+0x380/0x640
[  103.802042][ T6949]  __x64_sys_sendfile64+0x105/0x150
[  103.802152][ T6949]  x64_sys_call+0xb39/0x2fb0
[  103.802184][ T6949]  do_syscall_64+0xd0/0x1a0
[  103.802208][ T6949]  ? clear_bhb_loop+0x40/0x90
[  103.802229][ T6949]  ? clear_bhb_loop+0x40/0x90
[  103.802255][ T6949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.802279][ T6949] RIP: 0033:0x7f0fb9aee969
[  103.802297][ T6949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.802354][ T6949] RSP: 002b:00007f0fb8157038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  103.802389][ T6949] RAX: ffffffffffffffda RBX: 00007f0fb9d15fa0 RCX: 00007f0fb9aee969
[  103.802405][ T6949] RDX: 0000000000000000 RSI: 000000000000000d RDI: 000000000000000f
[  103.802420][ T6949] RBP: 00007f0fb8157090 R08: 0000000000000000 R09: 0000000000000000
[  103.802436][ T6949] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000001
[  103.802450][ T6949] R13: 0000000000000000 R14: 00007f0fb9d15fa0 R15: 00007ffedd4c56b8
[  103.802493][ T6949]  </TASK>
[  104.232143][ T6958] loop3: detected capacity change from 0 to 2048
[  104.251785][ T6958] EXT4-fs: Ignoring removed bh option
[  104.302146][ T6958] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.419042][ T6964] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  104.440671][ T6964] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  104.452972][ T6964] EXT4-fs (loop3): This should not happen!! Data will be lost
[  104.452972][ T6964] 
[  104.462651][ T6964] EXT4-fs (loop3): Total free blocks count 0
[  104.468709][ T6964] EXT4-fs (loop3): Free/Dirty block details
[  104.474752][ T6964] EXT4-fs (loop3): free_blocks=2415919104
[  104.480460][ T6965] loop4: detected capacity change from 0 to 512
[  104.482308][ T6965] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1153: invalid indirect mapped block 256 (level 2)
[  104.486816][ T6964] EXT4-fs (loop3): dirty_blocks=1024
[  104.486836][ T6964] EXT4-fs (loop3): Block reservation details
[  104.511619][ T6964] EXT4-fs (loop3): i_reserved_data_blocks=83
[  104.540527][ T6965] EXT4-fs (loop4): 2 truncates cleaned up
[  104.546753][ T6965] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.562984][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.605710][ T6965] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1153: bg 0: block 5: invalid block bitmap
[  104.650579][ T6965] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  104.662921][ T6965] EXT4-fs (loop4): This should not happen!! Data will be lost
[  104.662921][ T6965] 
[  104.672701][ T6965] EXT4-fs (loop4): Total free blocks count 0
[  104.678770][ T6965] EXT4-fs (loop4): Free/Dirty block details
[  104.684872][ T6965] EXT4-fs (loop4): free_blocks=0
[  104.689837][ T6965] EXT4-fs (loop4): dirty_blocks=1
[  104.694911][ T6965] EXT4-fs (loop4): Block reservation details
[  104.701022][ T6965] EXT4-fs (loop4): i_reserved_data_blocks=1
[  104.731356][ T6974] loop2: detected capacity change from 0 to 512
[  104.791043][ T6974] 9pnet: Could not find request transport: r
[  104.800533][ T6980] __nla_validate_parse: 14 callbacks suppressed
[  104.800548][ T6980] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1149'.
[  104.822407][ T6982] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1158'.
[  104.834390][ T6982] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1158'.
[  104.835167][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.884282][ T6984] loop2: detected capacity change from 0 to 2048
[  104.921042][ T6992] loop1: detected capacity change from 0 to 512
[  104.937053][ T6993] loop4: detected capacity change from 0 to 2048
[  104.948156][ T6984] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.970752][ T6993] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.989229][ T5877] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28
[  105.004292][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.011534][ T6992] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.032540][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.081508][ T7006] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  105.224194][ T7014] loop4: detected capacity change from 0 to 512
[  105.259412][ T7014] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1169: invalid indirect mapped block 256 (level 2)
[  105.281834][ T7019] loop2: detected capacity change from 0 to 1024
[  105.301416][ T7025] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1172'.
[  105.305652][ T7014] EXT4-fs (loop4): 2 truncates cleaned up
[  105.327521][ T7025] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1172'.
[  105.352458][ T7019] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.1171: Allocating blocks 497-513 which overlap fs metadata
[  105.383461][ T7014] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1169: bg 0: block 5: invalid block bitmap
[  105.399617][ T7019] EXT4-fs (loop2): pa ffff888106e54ee0: logic 16, phys. 145, len 23
[  105.407779][ T7019] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  105.429493][ T7028] loop0: detected capacity change from 0 to 2048
[  105.437370][ T7014] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  105.449753][ T7014] EXT4-fs (loop4): This should not happen!! Data will be lost
[  105.449753][ T7014] 
[  105.459439][ T7014] EXT4-fs (loop4): Total free blocks count 0
[  105.465472][ T7014] EXT4-fs (loop4): Free/Dirty block details
[  105.471500][ T7014] EXT4-fs (loop4): free_blocks=0
[  105.476467][ T7014] EXT4-fs (loop4): dirty_blocks=1
[  105.481654][ T7014] EXT4-fs (loop4): Block reservation details
[  105.487694][ T7014] EXT4-fs (loop4): i_reserved_data_blocks=1
[  105.504591][ T7028] EXT4-fs: Ignoring removed bh option
[  105.510892][ T7019] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[  105.522926][ T7037] loop1: detected capacity change from 0 to 2048
[  105.523237][ T7019] EXT4-fs (loop2): This should not happen!! Data will be lost
[  105.523237][ T7019] 
[  105.539176][ T7019] EXT4-fs (loop2): Total free blocks count 0
[  105.545238][ T7019] EXT4-fs (loop2): Free/Dirty block details
[  105.551164][ T7019] EXT4-fs (loop2): free_blocks=16
[  105.556243][ T7019] EXT4-fs (loop2): dirty_blocks=0
[  105.561317][ T7019] EXT4-fs (loop2): Block reservation details
[  105.567346][ T7019] EXT4-fs (loop2): i_reserved_data_blocks=0
[  105.649017][ T7045] loop4: detected capacity change from 0 to 2048
[  105.668657][ T7048] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  105.700717][ T7048] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  105.713016][ T7048] EXT4-fs (loop0): This should not happen!! Data will be lost
[  105.713016][ T7048] 
[  105.722774][ T7048] EXT4-fs (loop0): Total free blocks count 0
[  105.728675][ T7045] EXT4-fs: Ignoring removed orlov option
[  105.728760][ T7048] EXT4-fs (loop0): Free/Dirty block details
[  105.740403][ T7048] EXT4-fs (loop0): free_blocks=2415919104
[  105.746136][ T7048] EXT4-fs (loop0): dirty_blocks=1008
[  105.751491][ T7048] EXT4-fs (loop0): Block reservation details
[  105.757545][ T7048] EXT4-fs (loop0): i_reserved_data_blocks=78
[  105.764027][ T7045] EXT4-fs (loop4): can't enable nombcache during remount
[  105.821445][ T7057] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  105.891844][ T7048] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1173'.
[  105.922104][ T7062] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1182'.
[  105.964057][ T7022] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1163'.
[  106.011409][ T7022] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1163'.
[  106.045272][ T7072] loop1: detected capacity change from 0 to 512
[  106.108322][ T7072] 9pnet: Could not find request transport: r
[  106.214985][ T7080] loop4: detected capacity change from 0 to 512
[  106.239523][ T7078] loop1: detected capacity change from 0 to 2048
[  106.272523][ T7080] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1188: invalid indirect mapped block 256 (level 2)
[  106.311887][ T5877] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28
[  106.324640][ T5877] EXT4-fs (loop0): This should not happen!! Data will be lost
[  106.324640][ T5877] 
[  106.340844][ T7080] EXT4-fs (loop4): 2 truncates cleaned up
[  106.369684][ T7080] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1188: bg 0: block 5: invalid block bitmap
[  106.410473][ T7080] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  106.422929][ T7080] EXT4-fs (loop4): This should not happen!! Data will be lost
[  106.422929][ T7080] 
[  106.432631][ T7080] EXT4-fs (loop4): Total free blocks count 0
[  106.438716][ T7080] EXT4-fs (loop4): Free/Dirty block details
[  106.444725][ T7080] EXT4-fs (loop4): free_blocks=0
[  106.449742][ T7080] EXT4-fs (loop4): dirty_blocks=1
[  106.454821][ T7080] EXT4-fs (loop4): Block reservation details
[  106.461087][ T7080] EXT4-fs (loop4): i_reserved_data_blocks=1
[  106.489880][ T7092] loop1: detected capacity change from 0 to 512
[  106.511705][ T7090] loop2: detected capacity change from 0 to 1024
[  106.547210][ T7090] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.1192: Allocating blocks 497-513 which overlap fs metadata
[  106.565465][ T7099] loop0: detected capacity change from 0 to 512
[  106.584529][ T7090] EXT4-fs (loop2): pa ffff888106e54e70: logic 16, phys. 145, len 23
[  106.592726][ T7090] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  106.612718][ T7090] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[  106.625055][ T7090] EXT4-fs (loop2): This should not happen!! Data will be lost
[  106.625055][ T7090] 
[  106.634828][ T7090] EXT4-fs (loop2): Total free blocks count 0
[  106.640887][ T7090] EXT4-fs (loop2): Free/Dirty block details
[  106.646807][ T7090] EXT4-fs (loop2): free_blocks=16
[  106.651899][ T7090] EXT4-fs (loop2): dirty_blocks=0
[  106.656945][ T7090] EXT4-fs (loop2): Block reservation details
[  106.663137][ T7090] EXT4-fs (loop2): i_reserved_data_blocks=0
[  106.717041][ T7113] loop0: detected capacity change from 0 to 512
[  106.759338][ T7113] 9pnet: Could not find request transport: r
[  106.824073][ T7122] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1202'.
[  106.837933][ T7130] loop2: detected capacity change from 0 to 2048
[  106.894929][ T7135] loop4: detected capacity change from 0 to 512
[  106.924460][ T7135] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1205: invalid indirect mapped block 256 (level 2)
[  106.973123][ T7135] EXT4-fs (loop4): 2 truncates cleaned up
[  106.986604][ T7135] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1205: bg 0: block 5: invalid block bitmap
[  107.016344][ T7135] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  107.028646][ T7135] EXT4-fs (loop4): This should not happen!! Data will be lost
[  107.028646][ T7135] 
[  107.038574][ T7135] EXT4-fs (loop4): Total free blocks count 0
[  107.044741][ T7135] EXT4-fs (loop4): Free/Dirty block details
[  107.050688][ T7135] EXT4-fs (loop4): free_blocks=0
[  107.055670][ T7135] EXT4-fs (loop4): dirty_blocks=1
[  107.060743][ T7135] EXT4-fs (loop4): Block reservation details
[  107.066760][ T7135] EXT4-fs (loop4): i_reserved_data_blocks=1
[  107.100148][ T7147] loop1: detected capacity change from 0 to 1024
[  107.103452][ T7152] loop2: detected capacity change from 0 to 512
[  107.133975][ T7147] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.1211: Allocating blocks 497-513 which overlap fs metadata
[  107.154213][ T7147] EXT4-fs (loop1): pa ffff888106e54d90: logic 16, phys. 145, len 23
[  107.162385][ T7147] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  107.222035][ T7147] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[  107.234299][ T7147] EXT4-fs (loop1): This should not happen!! Data will be lost
[  107.234299][ T7147] 
[  107.244082][ T7147] EXT4-fs (loop1): Total free blocks count 0
[  107.250083][ T7147] EXT4-fs (loop1): Free/Dirty block details
[  107.256028][ T7147] EXT4-fs (loop1): free_blocks=16
[  107.261102][ T7147] EXT4-fs (loop1): dirty_blocks=0
[  107.266131][ T7147] EXT4-fs (loop1): Block reservation details
[  107.272178][ T7147] EXT4-fs (loop1): i_reserved_data_blocks=0
[  107.294868][ T7166] loop2: detected capacity change from 0 to 512
[  107.314199][ T7166] 9pnet: Could not find request transport: r
[  107.410271][ T7175] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  107.419088][ T7169] loop4: detected capacity change from 0 to 8192
[  107.430475][ T7175] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  107.439946][ T7175] program syz.1.1217 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  107.452998][ T7173] loop2: detected capacity change from 0 to 2048
[  107.534044][ T7183] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  107.574451][ T7189] loop4: detected capacity change from 0 to 512
[  107.577985][ T7190] loop2: detected capacity change from 0 to 1024
[  107.606818][ T7189] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1223: invalid indirect mapped block 256 (level 2)
[  107.627317][ T7189] EXT4-fs (loop4): 2 truncates cleaned up
[  107.636409][ T7189] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1223: bg 0: block 5: invalid block bitmap
[  107.650783][ T7189] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  107.663191][ T7189] EXT4-fs (loop4): This should not happen!! Data will be lost
[  107.663191][ T7189] 
[  107.672950][ T7189] EXT4-fs (loop4): Total free blocks count 0
[  107.679018][ T7189] EXT4-fs (loop4): Free/Dirty block details
[  107.684973][ T7189] EXT4-fs (loop4): free_blocks=0
[  107.690004][ T7189] EXT4-fs (loop4): dirty_blocks=1
[  107.695073][ T7189] EXT4-fs (loop4): Block reservation details
[  107.701119][ T7189] EXT4-fs (loop4): i_reserved_data_blocks=1
[  107.721858][ T7190] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.1225: Allocating blocks 497-513 which overlap fs metadata
[  107.745160][ T7203] loop0: detected capacity change from 0 to 512
[  107.755706][ T7190] EXT4-fs (loop2): pa ffff888106e54cb0: logic 16, phys. 145, len 23
[  107.763912][ T7190] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  107.777887][ T7190] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[  107.790285][ T7190] EXT4-fs (loop2): This should not happen!! Data will be lost
[  107.790285][ T7190] 
[  107.792227][ T7203] 9pnet: Could not find request transport: r
[  107.799926][ T7190] EXT4-fs (loop2): Total free blocks count 0
[  107.812082][ T7190] EXT4-fs (loop2): Free/Dirty block details
[  107.817999][ T7190] EXT4-fs (loop2): free_blocks=16
[  107.823083][ T7190] EXT4-fs (loop2): dirty_blocks=0
[  107.828166][ T7190] EXT4-fs (loop2): Block reservation details
[  107.834193][ T7190] EXT4-fs (loop2): i_reserved_data_blocks=0
[  107.882271][ T7209] loop4: detected capacity change from 0 to 1024
[  107.908166][ T7211] loop3: detected capacity change from 0 to 2048
[  107.914869][ T7209] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.1228: Allocating blocks 497-513 which overlap fs metadata
[  107.936081][ T7217] loop2: detected capacity change from 0 to 1024
[  107.936350][ T7209] EXT4-fs (loop4): pa ffff888106e54cb0: logic 16, phys. 145, len 23
[  107.942864][ T7217] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  107.950706][ T7209] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  107.987061][ T7209] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[  107.999383][ T7209] EXT4-fs (loop4): This should not happen!! Data will be lost
[  107.999383][ T7209] 
[  108.009231][ T7209] EXT4-fs (loop4): Total free blocks count 0
[  108.015277][ T7209] EXT4-fs (loop4): Free/Dirty block details
[  108.021520][ T7209] EXT4-fs (loop4): free_blocks=16
[  108.026698][ T7209] EXT4-fs (loop4): dirty_blocks=0
[  108.031779][ T7209] EXT4-fs (loop4): Block reservation details
[  108.037868][ T7209] EXT4-fs (loop4): i_reserved_data_blocks=0
[  108.089682][ T7226] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[  108.135210][ T7223] loop2: detected capacity change from 0 to 4096
[  108.148586][ T7223] EXT4-fs (loop2): shut down requested (1)
[  108.187323][   T29] kauditd_printk_skb: 230 callbacks suppressed
[  108.187362][   T29] audit: type=1400 audit(23779007.280:13262): avc:  denied  { create } for  pid=7232 comm="syz.3.1238" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  108.192113][ T7237] loop4: detected capacity change from 0 to 512
[  108.234718][ T7240] loop1: detected capacity change from 0 to 1024
[  108.272662][ T7237] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1239: invalid indirect mapped block 256 (level 2)
[  108.298876][ T7250] loop3: detected capacity change from 0 to 512
[  108.325933][ T7240] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.1241: Allocating blocks 497-513 which overlap fs metadata
[  108.342392][ T7237] EXT4-fs (loop4): 2 truncates cleaned up
[  108.351220][ T7255] ==================================================================
[  108.354111][ T7237] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1239: bg 0: block 5: invalid block bitmap
[  108.359316][ T7255] BUG: KCSAN: data-race in mas_state_walk / mas_wmb_replace
[  108.378800][ T7255] 
[  108.381129][ T7255] write to 0xffff8881192e0800 of 8 bytes by task 7253 on cpu 0:
[  108.388760][ T7255]  mas_wmb_replace+0x20e/0x14a0
[  108.393635][ T7255]  mas_wr_store_entry+0x17ae/0x2b60
[  108.398845][ T7255]  mas_store_prealloc+0x74d/0x9e0
[  108.403881][ T7255]  vma_iter_store_new+0x1c5/0x200
[  108.408925][ T7255]  vma_complete+0x125/0x570
[  108.413445][ T7255]  __split_vma+0x54c/0x610
[  108.417867][ T7255]  vma_modify+0x107/0x210
[  108.422213][ T7255]  vma_modify_flags+0x101/0x130
[  108.427079][ T7255]  mprotect_fixup+0x2cc/0x570
[  108.431756][ T7255]  do_mprotect_pkey+0x6d6/0x980
[  108.436618][ T7255]  __x64_sys_mprotect+0x48/0x60
[  108.441476][ T7255]  x64_sys_call+0x2794/0x2fb0
[  108.446173][ T7255]  do_syscall_64+0xd0/0x1a0
[  108.450689][ T7255]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.456594][ T7255] 
[  108.458917][ T7255] read to 0xffff8881192e0800 of 8 bytes by task 7255 on cpu 1:
[  108.466464][ T7255]  mas_state_walk+0x485/0x650
[  108.471150][ T7255]  mas_walk+0x30/0x120
[  108.475223][ T7255]  lock_vma_under_rcu+0xa2/0x2f0
[  108.480183][ T7255]  do_user_addr_fault+0x233/0x1090
[  108.485317][ T7255]  exc_page_fault+0x54/0xc0
[  108.489828][ T7255]  asm_exc_page_fault+0x26/0x30
[  108.494687][ T7255] 
[  108.497011][ T7255] value changed: 0xffff8881043710c1 -> 0xffff8881192e0800
[  108.504118][ T7255] 
[  108.506440][ T7255] Reported by Kernel Concurrency Sanitizer on:
[  108.512590][ T7255] CPU: 1 UID: 0 PID: 7255 Comm: syz.0.1246 Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(voluntary) 
[  108.525006][ T7255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  108.535064][ T7255] ==================================================================
[  108.551675][ T7239] EXT4-fs (loop1): pa ffff888106d234d0: logic 16, phys. 145, len 23
[  108.559809][ T7239] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  108.579922][   T29] audit: type=1400 audit(23779007.670:13263): avc:  denied  { lock } for  pid=7249 comm="syz.3.1245" path="/248/bus/cpuset.effective_cpus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  108.610281][ T7237] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  108.622585][ T7237] EXT4-fs (loop4): This should not happen!! Data will be lost
[  108.622585][ T7237] 
[  108.632274][ T7237] EXT4-fs (loop4): Total free blocks count 0
[  108.638267][ T7237] EXT4-fs (loop4): Free/Dirty block details
[  108.644209][ T7237] EXT4-fs (loop4): free_blocks=0
[  108.649237][ T7237] EXT4-fs (loop4): dirty_blocks=1
[  108.654311][ T7237] EXT4-fs (loop4): Block reservation details
[  108.660458][ T7237] EXT4-fs (loop4): i_reserved_data_blocks=1