last executing test programs:

2.282844886s ago: executing program 1 (id=3539):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0x100c416, &(0x7f00000000c0)={[{@dots}, {@fat=@discard}, {@fat=@nfs_nostale_ro}, {@fat=@nfs}, {@fat=@sys_immutable}, {@nodots}, {@dots}, {@nodots}, {@nodots}, {@dots}, {@fat=@allow_utime}, {@nodots}, {@nodots}, {}, {@fat=@dos1xfloppy}, {@dots}, {@dots}, {@nodots}, {@fat=@flush}, {@dots}, {@dots}, {@dots}]}, 0x1, 0x1f0, &(0x7f0000000300)="$eJzs3cFqE1EUANCbmiYTcdGdIAgjLnRV1C+oSAUxIFSy0J2gK7NqN6mb9jP8Bf/LD5CuspEncSadGNMYBjKj9ZxN7uS+l/fuDJlkk5sUha+3P0eWdWLnIA5i2om92Im58wAArpNpSvEtFdreCwDQjA0+/783vCUAYMtev3n78ulweHiU51nExflkNBkVj0X++Yvh4aP8p71q1sVkMrpxmX+cL393mOV342aZf1LMzy/TvYgY9eLh/SI/yz17Ncx/nd+P91uuHQAAAAAAAAAAAAAAAAAAAAAA2nI38rmV/X3295fzgzJfHC30B1rq39ONO93ysGoPlM6aKAoAAAAAAAAAAAAAAAAAAAD+MSennz6+G48/HFdBPyIWn+muGHN10ClfeKPB7Qc7UW/6oCyzxqKd8hRtt8DB6ou7SRDdv+Xq1A3yBtYarD29Kc2C1e+CeVuMK6f3ImL96g+O6m5+mlIaf7l3fHIaae3g6h7Rb/SOBAAAAAAAAAAAAAAAAAAA/6+FX33/JmtjQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQgur//2sEZxFxK/44eL7WbmTtFgsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC19SMAAP//j3Mj5w==")
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r2)
syz_emit_ethernet(0x7a, &(0x7f0000000600)=ANY=[@ANYBLOB="856b0100e400aaaaaaaaaaaa86dd60381f3400442f00fc000000000000000000000000000000ff020000000000000000000000000001042081000002000000000800000086dd08"], 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r6, r5, 0x26, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r6}, &(0x7f0000000000), &(0x7f0000000080)=r2}, 0x20)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9c}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
recvmsg$unix(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x0)
sendmsg$inet(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0)
sendmsg$inet(r4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x44000)

2.185832208s ago: executing program 1 (id=3541):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e000000000000"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

2.145503428s ago: executing program 1 (id=3543):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x677c, 0x4)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0xa0e54044ef4acb5, &(0x7f0000000340)={0x11, 0xd}, 0x14)
sendfile(r2, r1, 0x0, 0x7ffff000)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
setpriority(0x1, 0x0, 0x8)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
socket$packet(0x11, 0x2, 0x300)

1.521775328s ago: executing program 0 (id=3558):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_genetlink_get_family_id$devlink(&(0x7f0000000180), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x400, &(0x7f0000000280)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c757466383d302c7379735f696d6d757461626c652c646973636172642c73686f72746e616d653d77696e6e742c6572726f72733d636f6e74696e75652c636865636b3d6e6f726d616c2c73686f72746e616d653d6c6f7765722c757466383d312c00293959f341dccdc5111ea83e745767e01f7e4973a30c6c1676d239f19403224a6a110bbf4dd0ba2107d7d2e682eeaf23c79dc49ec6c3472595b4f7faf15e28f6f19e4aa6949c71a94fc411d21810602fa6b0a49ac25404c42bbfab2196a7b6b6e9f567550d99ea86b601c992c8a4e3581c9f5a8188db81814da71095fad2f27bb5d2cc07e7d48847f99cb7d7cd4db7bc1223b313ae"], 0xfd, 0x2ae, &(0x7f0000000800)="$eJzs3M9r02AYwPFn3bq1HVt7EEFBfNCLXsJW/4IiG4gFZa6iHoTMpVoa29HESkXcbl69+T8Mj94E5z+wizfv4mUIgpcdZJEljc1m90vWpa7fD4y8y/s+ed/8aHkSmnfj3pun1bJjlE1XEimVhKRWZFMkJwkJDbWXCb88KlErcnX855cLd+4/uFkoFmfmVGcL89fyqjp58ePzl+8ufXLH776f/DAm67mHGz/yX9fPrp/b2JoPt1531dSFet01F2xLFytO1VC9bVumY2ml5liNHfVlu7601FKztjiRWWpYjqNmraVVq6VuXd1GS83HZqWmhmHoREYGzfCRI0qrc3NmoSeDQRzS3VY2GgVzuGtlafUkBgUAAPrL3/m/nEj+/6TiaMXR2kH5f0LI/3vHz/+3uiaNOB2S2zcABTPT/vzuRP4PAAAAAAAAAAAAAAAAAAAAAMD/YNPzsp7nZcNl+DcmIinZSgWtvGzc40Rv7H/+RcL/IyFDMQ4Xxyzy4l5KxH7dLDVLwTKoL5SlIrZYMpUU+eVfD21BefZGcWZKfTlZs5fb8f5LgmNhfCjXPX46iNdI/HKzlJRMtP+8ZOVM9/j8rvikiDRLo3LlciTekKx8fiR1sWXRv6478a+mVa/fKu7qP+23AwAAAADgNDD0j9zO+99gNknD0HDakF31wcrO8wHJHvB8QGVtVDrxI3J+JL79BgAAAABgkDitF1XTtq3GIBfScvSoQTx0RvvnYPs29jxvebvRIbf8Ni2yR1VC9qzqdeG7iPTBAT/uwrdnwQk8TOM4v5UAAAAA9EIn6Y97JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADK7DTh4Wtv+Xucci3Q3Hs5cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAf/gdAAD//9maFWk=")
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x45)

1.36144114s ago: executing program 0 (id=3562):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./bus\x00', 0x2000006, &(0x7f0000000900)={[{@shortname_mixed}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@iocharset={'iocharset', 0x3d, 'maccroatian'}}, {@uni_xlate}, {@fat=@tz_utc}, {@numtail}, {@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'cp437'}}, {@shortname_winnt}, {@rodir}, {@shortname_mixed}, {@fat=@nocase}, {@shortname_lower}, {@shortname_mixed}, {@fat=@errors_remount}, {@numtail}]}, 0x25, 0x34f, &(0x7f00000004c0)="$eJzs3T9sG2UUAPDnXhKnESUekCqYDBsSqpogBpgSVUWqyABFFv8WLJryJzaVYmEpDHG8gComEAsSTGwdYOyMGBBiY2ClSKiAWOhWqRGHbJ/tc+xQZ3Boxe83RE/v+9597y6n3CVKvrzeiq1L83H51q2bsbhYiLm1c2txuxClOBFJ9OzFRB8tTM4DAPe422kaf6U9d5/9yVI/8uwHgPtX9/n/5qlhoniE4qsPzKIlAGDGpvz+//mJ2SszawsAmKGx5/9jI8MHfsw/N/idAADg/vXiK68+t74RcbFcXoyof9isNCvxzHB8/XK8HbXYjLOxHPsRvReF3ttC5+OzFzbOny13/FaKSqeiWYmot5qV3pvCetKtL8ZKLEcpq08H9UmnfqVbX46IvVZ3/agXmpX5WMrW/3kpNmM1luOhsfqICxvnV8vZASr1fn0roh2L/ZPo9H8mluPHN+JK1OJSdGqH/e+ulMvn0o2R+ua1YnceAAAAAAAAAAAAAAAAAAAAAADMwpnyQGmw/01abzU/uHhwQmlkf5xKbzjbH6jd2x8oLfZ357maHNwfaHR/nmZlLk78p2cOAAAAAAAAAAAAAAAAAAAA947GzkJUa7XN7cbO+1v5oJXLvPv9V9+ejP7QXFb6TjKsiiw5cpz+xNyRkxgskQ7K02RkThYkEf3Je9Vr1wcd5+cUB2cxVt4JimNDhaynaq126tFfP59U9Xcn2Otmkhi7LKNBIVs/N1R/sJNYjIj9w6oOD1bvMudGmqaHle9+Nl4VhYi5OHIbUwTf3Xzr4Scbp5/qZr7JNn14/Inll258+uUfW9VatHtXplZb2G7sp1McudPr+FCSu38K2XUuTLgTJgftYaa93dipJj/9+fIjH/9wYHIy+f5J85n3Dl/r64OZhV5QiCj1L8K/tTo/4eafHLx2Z3D3Hv0Td/qLter13V9+n7Yq90XCRh0AAAAAAAAAAAAAAAAAAHAscn8rfgRPvzC7jgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+A3//38uaI9lpgnutGJ8qLi53Th08ZPHeqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyP/RMAAP//rShzCQ==")
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x62a0, 0x4, 0xf8, 0xfffffffb}, {0x800, 0x9, 0x1, 0x9}]}, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000807020000f8ffffffb703000008000000b70400001f0c5a000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f00000001c0)=@filter={'filter\x00', 0x42, 0x4, 0x278, 0xffffffff, 0xf8, 0xf8, 0x1b8, 0xffffffff, 0xffffffff, 0x2d8, 0x2d8, 0x2d8, 0xffffffff, 0x4, 0x0, {[{{@ip={@empty, @loopback, 0x0, 0x0, 'veth0_to_batadv\x00', 'wlan0\x00', {}, {}, 0x11}, 0x0, 0x70, 0x98, 0x0, {0x100000000000000}}, @REJECT={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x8}}}, {{@ip={@multicast2, @private=0xa010102, 0x0, 0x0, 'veth1_virt_wifi\x00', '\x00', {}, {}, 0x0, 0x1}, 0x0, 0x70, 0xb0}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2d8)

1.012768775s ago: executing program 4 (id=3563):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0x100c416, &(0x7f00000000c0)={[{@dots}, {@fat=@discard}, {@fat=@nfs_nostale_ro}, {@fat=@nfs}, {@fat=@sys_immutable}, {@nodots}, {@dots}, {@nodots}, {@nodots}, {@dots}, {@fat=@allow_utime}, {@nodots}, {@nodots}, {}, {@fat=@dos1xfloppy}, {@dots}, {@dots}, {@nodots}, {@fat=@flush}, {@dots}, {@dots}, {@dots}]}, 0x1, 0x1f0, &(0x7f0000000300)="$eJzs3cFqE1EUANCbmiYTcdGdIAgjLnRV1C+oSAUxIFSy0J2gK7NqN6mb9jP8Bf/LD5CuspEncSadGNMYBjKj9ZxN7uS+l/fuDJlkk5sUha+3P0eWdWLnIA5i2om92Im58wAArpNpSvEtFdreCwDQjA0+/783vCUAYMtev3n78ulweHiU51nExflkNBkVj0X++Yvh4aP8p71q1sVkMrpxmX+cL393mOV342aZf1LMzy/TvYgY9eLh/SI/yz17Ncx/nd+P91uuHQAAAAAAAAAAAAAAAAAAAAAA2nI38rmV/X3295fzgzJfHC30B1rq39ONO93ysGoPlM6aKAoAAAAAAAAAAAAAAAAAAAD+MSennz6+G48/HFdBPyIWn+muGHN10ClfeKPB7Qc7UW/6oCyzxqKd8hRtt8DB6ou7SRDdv+Xq1A3yBtYarD29Kc2C1e+CeVuMK6f3ImL96g+O6m5+mlIaf7l3fHIaae3g6h7Rb/SOBAAAAAAAAAAAAAAAAAAA/6+FX33/JmtjQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQgur//2sEZxFxK/44eL7WbmTtFgsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC19SMAAP//j3Mj5w==")
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r2)
syz_emit_ethernet(0x7a, &(0x7f0000000600)=ANY=[@ANYBLOB="856b0100e400aaaaaaaaaaaa86dd60381f3400442f00fc000000000000000000000000000000ff020000000000000000000000000001042081000002000000000800000086dd08"], 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r6, r5, 0x26, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r6}, &(0x7f0000000000), &(0x7f0000000080)=r2}, 0x20)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9c}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
recvmsg$unix(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x0)
sendmsg$inet(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0)
sendmsg$inet(r4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x44000)
syz_io_uring_setup(0x9fa, &(0x7f0000000200)={0x0, 0xcb9, 0x1000, 0x2, 0x28e}, &(0x7f0000000000), &(0x7f0000000180))
syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')

846.460487ms ago: executing program 4 (id=3567):
syz_mount_image$iso9660(&(0x7f0000000280), &(0x7f0000000000)='./file0\x00', 0x800000, &(0x7f0000000f80)=ANY=[], 0x3, 0x5a9, &(0x7f0000000540)="$eJzs3V9v0+odwPGfS8vaToJpmxCqCn1oN6lIJTgJBEXc4DlPUkNiR7aD2qutoimqSGGiTFp7A73ZhrQ3we1exKS9k70BtNtdnKMc2Y5p0uZPT//lnOr7iU79xP7F/j1u5N9xsR8LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQwy6ZZtaQquM21tRgdsn3aklTJvssT9d3v2cyZLsiRvSfTE/L7WTW7d8eLr4V/ViU+eTdvExHk2nZ/+WtXz39zeRE+vkhCV+K3b39NxutVvP9ycKnx57wOato1wk8p2ZVppQTeKpYKJgPV8uBKjtVHawHoa4p29dW6Plq2b6vssViXunMutdwKyWrqtOZTx7kTLOgnmfq2vIDz334PBPYq0616riVOCZaHMU8ib6IL5xQhdpq3xTZbjXzo5Lc2m41sycJyo0Kypm5XDaby2ULj4uPn5jm5LEZ5hFyLGL8X1qM1zkfwYHTm7BL6RfSEVcaIvIpfqeOvGwpiS+e1I4tSV4daf3//UM9dLuGyIR06n9a5W8fLp6TuP7fTd7d/Vb/F6Sn/g/I5aJehsin3jm7sif78kY2pCUtacr7eO7CJec1vldFtLjiSCCeOFITK56jOnOUFKUgBTHlj7IqZQlESVkcqYqWQNYlkFC01GRGbPFFiyWheOKLkmWx5b4oyUpRipIXJVoysi6eNMSVipTEitYysyXb8X7PD8lR0qDsSYJyQ4Ko/zi78zx8A2fS7pz/AwAAAACAq8uI//oenf9PyZ24VXaq2hx3WgAAAAAA4BzF//I/H02motYdMTj/BwAAAADgqjHie+yS6/8XklZ6JxR/BAAAAAAA4IqIz/zvXk/fLojB+T8AAAAAAFfNP9LRd/+UjgF4dIz9oP4L49//E9+fMg7qa78zdqwoytq5loRfO7rGsDxn3OisJJ4UJjvvbD1vdEa/PBwEcyL++XVr1Fj/Rt8EjPbNY10anID8U+4lMfc2k+lmuiTZymzZqeqM7VWfZsWybkyEei38y9vtv0rc/c9u7YYhW9utZubVu9ZmnMtBtJaDnc7OOzaO4sBcvmt/iMdbiO+56NvjqXK6az+7tdlku2Z3/ye6d+DJ+v83WUxiFmeT6Wxv/6ej/mczg3rfySJ7pp5HWSwlHV5ajhtLy32yyI3KItedxan2xVISMyyLfJTFf6IVDcgif8YsAGBctkZUIeN44e8+ynUfwIYc5Y5W94mTVfeh/3vxrM8RfTmJWZ6L85qc63NEN0fVFfOM1e1fXc9AasfpH2bR/pgsimpsO/Gxt6p+iRZ/GbjdoJozol147cPOn+XW7t7+g+2djdfN1823uVy+YD4yzcc5mYq70ZlQewAAffR5xs5hZf4+qv9DI+La/ejwrDq5kODIWfWvv11SkJFX8k5asikr8d0G8RUHfdc623UZwsqIs9bZrie8rAw/q/vU/aCXvrFG8vijb+uNe5S/8N8DAACXaXFEHT5J/V8Zcd7dW8uPPiF4cC0HAAAXQ/tfjdnw74bvGyJSLGatcFUr37NfKN8pVbRy3FD79qrlVrSq+17o2V41arx0SjpQQaNe9/xQlT1f1b3AWYuf/K46j34PdM1yQ8cO6lVtBVrZnhtadqhKTmCreuMPVSdY1X784aCubafs2FboeK4KvIZv64xSgdZdgU5Ju6FTdqKmq+q+U7P8dfXSqzZqWpV0YPtOPfSSFabbctyy59fi1WbGvbMBAPiJ2N3bf7PRajXfX2Bj3H0EAAC9uqv0zLiTAQAAAAAAAAAAAAAAAAAAAAAAfZ373X5TcvE3FP5sGukYu505M0ODD067LYnHNRQZGpwOpHzK7vz3bB/v33h2wb8CQ370p/7fPs22VM+c63KKnCcv6WbcEzfGczwCcHl+CAAA//9Ba0vg")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000000000000)

808.913638ms ago: executing program 1 (id=3570):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./bus\x00', 0x2000006, &(0x7f0000000900)={[{@shortname_mixed}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@iocharset={'iocharset', 0x3d, 'maccroatian'}}, {@uni_xlate}, {@fat=@tz_utc}, {@numtail}, {@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'cp437'}}, {@shortname_winnt}, {@rodir}, {@shortname_mixed}, {@fat=@nocase}, {@shortname_lower}, {@shortname_mixed}, {@fat=@errors_remount}, {@numtail}]}, 0x25, 0x34f, &(0x7f00000004c0)="$eJzs3T9sG2UUAPDnXhKnESUekCqYDBsSqpogBpgSVUWqyABFFv8WLJryJzaVYmEpDHG8gComEAsSTGwdYOyMGBBiY2ClSKiAWOhWqRGHbJ/tc+xQZ3Boxe83RE/v+9597y6n3CVKvrzeiq1L83H51q2bsbhYiLm1c2txuxClOBFJ9OzFRB8tTM4DAPe422kaf6U9d5/9yVI/8uwHgPtX9/n/5qlhoniE4qsPzKIlAGDGpvz+//mJ2SszawsAmKGx5/9jI8MHfsw/N/idAADg/vXiK68+t74RcbFcXoyof9isNCvxzHB8/XK8HbXYjLOxHPsRvReF3ttC5+OzFzbOny13/FaKSqeiWYmot5qV3pvCetKtL8ZKLEcpq08H9UmnfqVbX46IvVZ3/agXmpX5WMrW/3kpNmM1luOhsfqICxvnV8vZASr1fn0roh2L/ZPo9H8mluPHN+JK1OJSdGqH/e+ulMvn0o2R+ua1YnceAAAAAAAAAAAAAAAAAAAAAADMwpnyQGmw/01abzU/uHhwQmlkf5xKbzjbH6jd2x8oLfZ357maHNwfaHR/nmZlLk78p2cOAAAAAAAAAAAAAAAAAAAA947GzkJUa7XN7cbO+1v5oJXLvPv9V9+ejP7QXFb6TjKsiiw5cpz+xNyRkxgskQ7K02RkThYkEf3Je9Vr1wcd5+cUB2cxVt4JimNDhaynaq126tFfP59U9Xcn2Otmkhi7LKNBIVs/N1R/sJNYjIj9w6oOD1bvMudGmqaHle9+Nl4VhYi5OHIbUwTf3Xzr4Scbp5/qZr7JNn14/Inll258+uUfW9VatHtXplZb2G7sp1McudPr+FCSu38K2XUuTLgTJgftYaa93dipJj/9+fIjH/9wYHIy+f5J85n3Dl/r64OZhV5QiCj1L8K/tTo/4eafHLx2Z3D3Hv0Td/qLter13V9+n7Yq90XCRh0AAAAAAAAAAAAAAAAAAHAscn8rfgRPvzC7jgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+A3//38uaI9lpgnutGJ8qLi53Th08ZPHeqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyP/RMAAP//rShzCQ==")
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x62a0, 0x4, 0xf8, 0xfffffffb}, {0x800, 0x9, 0x1, 0x9}]}, 0x10)
open(&(0x7f0000000600)='.\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000807020000f8ffffffb703000008000000b70400001f0c5a000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000001c0)=@filter={'filter\x00', 0x42, 0x4, 0x278, 0xffffffff, 0xf8, 0xf8, 0x1b8, 0xffffffff, 0xffffffff, 0x2d8, 0x2d8, 0x2d8, 0xffffffff, 0x4, 0x0, {[{{@ip={@empty, @loopback, 0x0, 0x0, 'veth0_to_batadv\x00', 'wlan0\x00', {}, {}, 0x11}, 0x0, 0x70, 0x98, 0x0, {0x100000000000000}}, @REJECT={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x8}}}, {{@ip={@multicast2, @private=0xa010102, 0x0, 0x0, 'veth1_virt_wifi\x00', '\x00', {}, {}, 0x0, 0x1}, 0x0, 0x70, 0xb0}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2d8)

788.768538ms ago: executing program 4 (id=3571):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f00000001c0)=@filter={'filter\x00', 0x42, 0x4, 0x278, 0xffffffff, 0xf8, 0xf8, 0x1b8, 0xffffffff, 0xffffffff, 0x2d8, 0x2d8, 0x2d8, 0xffffffff, 0x4, 0x0, {[{{@ip={@empty, @loopback, 0x0, 0x0, 'veth0_to_batadv\x00', 'wlan0\x00', {}, {}, 0x11}, 0x0, 0x70, 0x98, 0x0, {0x100000000000000}}, @REJECT={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x8}}}, {{@ip={@multicast2, @private=0xa010102, 0x0, 0x0, 'veth1_virt_wifi\x00', '\x00', {}, {}, 0x0, 0x1}, 0x0, 0x70, 0xb0}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2d8)

788.321738ms ago: executing program 0 (id=3572):
socket$inet6_udp(0xa, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
getrandom(0x0, 0x0, 0x0)

763.089779ms ago: executing program 1 (id=3573):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
syz_emit_ethernet(0x6c, &(0x7f0000000080)={@link_local, @link_local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x3, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @multicast1}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x6558, 0x0, 0x0, [0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x800, [0x0]}}}}}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000008c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000014ac1414aa00000000000000001400020002000000e000000200000000000004000d0001007564703a734e07caea"], 0x54}}, 0x4050)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r3, 0x84, 0xf, &(0x7f0000000380)={0x0, @in6={{0xa, 0x4e21, 0x7, @dev={0xfe, 0x80, '\x00', 0x2e}, 0x8000}}, 0x2, 0x5, 0x4, 0x9, 0x1}, &(0x7f0000000240)=0x98)
syz_emit_ethernet(0xae, &(0x7f0000000440)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd60f4adf700382900000000000000000000f9000000000000ff020000000000000000000000000001"], 0x0)

746.219999ms ago: executing program 0 (id=3574):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x30, 0xffffffffffffffff, 0x2000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x7f, 0x7ffc0002}]})
openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$kcm(0x10, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
socket$packet(0x11, 0x3, 0x300)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0x15)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, 0x0, 0x15)
chown(0x0, 0xee00, 0x0)

722.532199ms ago: executing program 4 (id=3577):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e000000000000000500"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
creat(&(0x7f0000000380)='./file0\x00', 0x0)

720.752279ms ago: executing program 0 (id=3578):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000006880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000ffdbdf250f00000008000300", @ANYRES32=r3, @ANYBLOB="05002f"], 0x24}, 0x1, 0x0, 0x0, 0x48000}, 0x0)

704.344599ms ago: executing program 1 (id=3579):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x68, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0x7, 0xfffffffffffffffc}, 0x103200, 0x1, 0x840000, 0xc, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0x5, 0xffffffffffffffff, 0x8)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010e7010000000000000000000000000a20000000000a03000000000000000000070000000c00044000000000000000021c000000090a010400000000000000000700000008000a4000000003"], 0x64}, 0x1, 0x0, 0x0, 0x4004001}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='wbt_lat\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x3, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_256={{0x304}, "6ae04425ace3f60c", "acba84f0a6731f234db1cc7f3f382ad796bd667cb12ea99509873931d2873103", "0f9dafb4", "ec3fff9afd96e6c0"}, 0x38)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4)
ioctl$int_in(r3, 0x5421, &(0x7f0000000140)=0x1)
writev(r3, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="44000000b0d9c92796348c0b3e399e41f6250310", @ANYRES32=0x0, @ANYBLOB="1000000000000000240012800b000100627269646765"], 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="030000000000000028"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x4000000000000c1, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x6a)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
move_pages(0x0, 0x2064, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], &(0x7f0000001180), &(0x7f0000000000), 0x0)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]})
close_range(r5, 0xffffffffffffffff, 0x0)

681.168729ms ago: executing program 4 (id=3581):
syz_mount_image$iso9660(&(0x7f0000000280), &(0x7f0000000000)='./file0\x00', 0x800000, &(0x7f0000000f80)=ANY=[], 0x3, 0x5a9, &(0x7f0000000540)="$eJzs3V9v0+odwPGfS8vaToJpmxCqCn1oN6lIJTgJBEXc4DlPUkNiR7aD2qutoimqSGGiTFp7A73ZhrQ3we1exKS9k70BtNtdnKMc2Y5p0uZPT//lnOr7iU79xP7F/j1u5N9xsR8LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQwy6ZZtaQquM21tRgdsn3aklTJvssT9d3v2cyZLsiRvSfTE/L7WTW7d8eLr4V/ViU+eTdvExHk2nZ/+WtXz39zeRE+vkhCV+K3b39NxutVvP9ycKnx57wOato1wk8p2ZVppQTeKpYKJgPV8uBKjtVHawHoa4p29dW6Plq2b6vssViXunMutdwKyWrqtOZTx7kTLOgnmfq2vIDz334PBPYq0616riVOCZaHMU8ib6IL5xQhdpq3xTZbjXzo5Lc2m41sycJyo0Kypm5XDaby2ULj4uPn5jm5LEZ5hFyLGL8X1qM1zkfwYHTm7BL6RfSEVcaIvIpfqeOvGwpiS+e1I4tSV4daf3//UM9dLuGyIR06n9a5W8fLp6TuP7fTd7d/Vb/F6Sn/g/I5aJehsin3jm7sif78kY2pCUtacr7eO7CJec1vldFtLjiSCCeOFITK56jOnOUFKUgBTHlj7IqZQlESVkcqYqWQNYlkFC01GRGbPFFiyWheOKLkmWx5b4oyUpRipIXJVoysi6eNMSVipTEitYysyXb8X7PD8lR0qDsSYJyQ4Ko/zi78zx8A2fS7pz/AwAAAACAq8uI//oenf9PyZ24VXaq2hx3WgAAAAAA4BzF//I/H02motYdMTj/BwAAAADgqjHie+yS6/8XklZ6JxR/BAAAAAAA4IqIz/zvXk/fLojB+T8AAAAAAFfNP9LRd/+UjgF4dIz9oP4L49//E9+fMg7qa78zdqwoytq5loRfO7rGsDxn3OisJJ4UJjvvbD1vdEa/PBwEcyL++XVr1Fj/Rt8EjPbNY10anID8U+4lMfc2k+lmuiTZymzZqeqM7VWfZsWybkyEei38y9vtv0rc/c9u7YYhW9utZubVu9ZmnMtBtJaDnc7OOzaO4sBcvmt/iMdbiO+56NvjqXK6az+7tdlku2Z3/ye6d+DJ+v83WUxiFmeT6Wxv/6ej/mczg3rfySJ7pp5HWSwlHV5ajhtLy32yyI3KItedxan2xVISMyyLfJTFf6IVDcgif8YsAGBctkZUIeN44e8+ynUfwIYc5Y5W94mTVfeh/3vxrM8RfTmJWZ6L85qc63NEN0fVFfOM1e1fXc9AasfpH2bR/pgsimpsO/Gxt6p+iRZ/GbjdoJozol147cPOn+XW7t7+g+2djdfN1823uVy+YD4yzcc5mYq70ZlQewAAffR5xs5hZf4+qv9DI+La/ejwrDq5kODIWfWvv11SkJFX8k5asikr8d0G8RUHfdc623UZwsqIs9bZrie8rAw/q/vU/aCXvrFG8vijb+uNe5S/8N8DAACXaXFEHT5J/V8Zcd7dW8uPPiF4cC0HAAAXQ/tfjdnw74bvGyJSLGatcFUr37NfKN8pVbRy3FD79qrlVrSq+17o2V41arx0SjpQQaNe9/xQlT1f1b3AWYuf/K46j34PdM1yQ8cO6lVtBVrZnhtadqhKTmCreuMPVSdY1X784aCubafs2FboeK4KvIZv64xSgdZdgU5Ju6FTdqKmq+q+U7P8dfXSqzZqWpV0YPtOPfSSFabbctyy59fi1WbGvbMBAPiJ2N3bf7PRajXfX2Bj3H0EAAC9uqv0zLiTAQAAAAAAAAAAAAAAAAAAAAAAfZ373X5TcvE3FP5sGukYu505M0ODD067LYnHNRQZGpwOpHzK7vz3bB/v33h2wb8CQ370p/7fPs22VM+c63KKnCcv6WbcEzfGczwCcHl+CAAA//9Ba0vg")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000000000000)

672.92468ms ago: executing program 0 (id=3582):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x677c, 0x4)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0xa0e54044ef4acb5, &(0x7f0000000340)={0x11, 0xd}, 0x14)
sendfile(r2, r1, 0x0, 0x7ffff000)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
setpriority(0x1, 0x0, 0x8)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
socket$packet(0x11, 0x2, 0x300)

562.228461ms ago: executing program 4 (id=3586):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000006c0)='kmem_cache_free\x00', r1, 0x0, 0x2000}, 0x18)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0xf5}, 0x18)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
r4 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r4)
syz_usb_connect(0x0, 0x36, &(0x7f0000000280)=ANY=[], 0x0)
ioctl$EVIOCGBITSW(r4, 0x40095505, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
prctl$PR_CAPBSET_DROP(0x18, 0x4)
creat(&(0x7f0000000300)='./file0\x00', 0x80)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
ioctl$TUNSETIFF(r5, 0x400454ca, 0x0)
writev(r5, &(0x7f0000001900)=[{&(0x7f0000000100)="8de7ee2c58dad9f5660ffdc988ca", 0xe}, {0x0}], 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
socket(0x10, 0x3, 0x0)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0x6, &(0x7f0000000d40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad1f50ad32d3fd25dfd73a015e0ca6a0f68a7d007f15451dfb265a0e3ccae669e173a64bc1cfd5587d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661ca3dbe74bd09de8793dbcceef76b2e5feecf9c66c54c3b3ffe1b4ce25d7c983c044c06cd0a48dfe3e26e7a23129d6607fd28a69989d552af6d9a9df2c3af36e0360050011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234512596b696418f163d1a13ed38ae82f87925bfacba831f2743f541cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b70a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a92895614cd50cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba73c31b05c00fba8a4aee676d7c45bb29671a68ee2e60da7b01a2e5785a238afa4aba70c07fcd95bf8b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf334178b04963d67dd5a5707e618a1ef9057fec00f9e930219fa8d30e716de8cde9c60f0000000c3b64d10f0939b42b788daa7075fa542242b00f6bf9b64ad460e386b6f388351fbdacb3ad074574ee9d450f9dcfaef1be95ff3c449e6482e4403174618c20e887d6f320616d31d78a0e5421d5742cc58b14f41132b49e89093fa92509fd90cf2df6d1404f6b8f810d7b94d421971b77a3270153a0d57cccfe27872f3e8e44480f93c33421986a7737842627301fb2fee8cabab074adaa2024ff57e609ba2f4d83b3bbf52309484532416f48f43b31395c6f45fee8f1682a4e8d5e3b9ae634ed24fb0e8b5fadaf5cb7eea62b7bb4264e72950c9dc791d771acc26108cdb6ef24c813d082a86d9b879bdf5aefdfd905a2bd4ea36b0b54915a68fe149db154a8340017e1855511e9c0fe62d0cf559c53967d030e0877b4da0c088540bb6dd072a5ef7e9396f65d262c825d2567cda67e155ad7eb64435283c02e219f302f1ac840502a29439cca6d7e9de98ab0ac07f73df8a0fe0ea07a81cccd9524d35ab3b93a1f811d329be0bef1341097f03fdbaec2edc4b09243bbbaf8a8"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
fstatfs(r8, &(0x7f0000000500)=""/186)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380), r9)
sendmsg$TIPC_NL_KEY_SET(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000e00000fdffffff03000000400001802c0004001400010002000000ac14140f000000000000000014000200020000000a01010200000000000000000d0001007564703a73797a3000000000975ece494e857638ddd31d8b58c6f8c5f7e48f6dc0a4f9658c3a0041"], 0x54}}, 0x0)

268.971256ms ago: executing program 3 (id=3595):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
syz_open_dev$tty20(0xc, 0x4, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3)
sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x8000)
write$nci(r1, &(0x7f0000000500)=ANY=[@ANYRES16, @ANYRES16], 0x4)

230.813196ms ago: executing program 2 (id=3596):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), r2)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0003000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0)

211.798647ms ago: executing program 2 (id=3597):
recvmmsg(0xffffffffffffffff, &(0x7f0000005400)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=""/4096, 0x1000}}], 0x1, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)
sendmmsg$inet6(r0, 0x0, 0x0, 0x0)

169.548287ms ago: executing program 2 (id=3598):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0x0, 0x0, &(0x7f0000000280), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

169.141337ms ago: executing program 3 (id=3599):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000200)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f00000001c0)=@filter={'filter\x00', 0x42, 0x4, 0x278, 0xffffffff, 0xf8, 0xf8, 0x1b8, 0xffffffff, 0xffffffff, 0x2d8, 0x2d8, 0x2d8, 0xffffffff, 0x4, 0x0, {[{{@ip={@empty, @loopback, 0x0, 0x0, 'veth0_to_batadv\x00', 'wlan0\x00', {}, {}, 0x11}, 0x0, 0x70, 0x98, 0x0, {0x100000000000000}}, @REJECT={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x8}}}, {{@ip={@multicast2, @private=0xa010102, 0x0, 0x0, 'veth1_virt_wifi\x00', '\x00', {}, {}, 0x0, 0x1}, 0x0, 0x70, 0xb0}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2d8)

168.777567ms ago: executing program 3 (id=3600):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x30, 0xffffffffffffffff, 0x2000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x7f, 0x7ffc0002}]})
openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$kcm(0x10, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
socket$packet(0x11, 0x3, 0x300)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0x15)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, 0x0, 0x15)
chown(0x0, 0xee00, 0x0)

140.634848ms ago: executing program 2 (id=3601):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_genetlink_get_family_id$devlink(&(0x7f0000000180), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x400, &(0x7f0000000280)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c757466383d302c7379735f696d6d757461626c652c646973636172642c73686f72746e616d653d77696e6e742c6572726f72733d636f6e74696e75652c636865636b3d6e6f726d616c2c73686f72746e616d653d6c6f7765722c757466383d312c00293959f341dccdc5111ea83e745767e01f7e4973a30c6c1676d239f19403224a6a110bbf4dd0ba2107d7d2e682eeaf23c79dc49ec6c3472595b4f7faf15e28f6f19e4aa6949c71a94fc411d21810602fa6b0a49ac25404c42bbfab2196a7b6b6e9f567550d99ea86b601c992c8a4e3581c9f5a8188db81814da71095fad2f27bb5d2cc07e7d48847f99cb7d7cd4db7bc1223b313ae"], 0xfd, 0x2ae, &(0x7f0000000800)="$eJzs3M9r02AYwPFn3bq1HVt7EEFBfNCLXsJW/4IiG4gFZa6iHoTMpVoa29HESkXcbl69+T8Mj94E5z+wizfv4mUIgpcdZJEljc1m90vWpa7fD4y8y/s+ed/8aHkSmnfj3pun1bJjlE1XEimVhKRWZFMkJwkJDbWXCb88KlErcnX855cLd+4/uFkoFmfmVGcL89fyqjp58ePzl+8ufXLH776f/DAm67mHGz/yX9fPrp/b2JoPt1531dSFet01F2xLFytO1VC9bVumY2ml5liNHfVlu7601FKztjiRWWpYjqNmraVVq6VuXd1GS83HZqWmhmHoREYGzfCRI0qrc3NmoSeDQRzS3VY2GgVzuGtlafUkBgUAAPrL3/m/nEj+/6TiaMXR2kH5f0LI/3vHz/+3uiaNOB2S2zcABTPT/vzuRP4PAAAAAAAAAAAAAAAAAAAAAMD/YNPzsp7nZcNl+DcmIinZSgWtvGzc40Rv7H/+RcL/IyFDMQ4Xxyzy4l5KxH7dLDVLwTKoL5SlIrZYMpUU+eVfD21BefZGcWZKfTlZs5fb8f5LgmNhfCjXPX46iNdI/HKzlJRMtP+8ZOVM9/j8rvikiDRLo3LlciTekKx8fiR1sWXRv6478a+mVa/fKu7qP+23AwAAAADgNDD0j9zO+99gNknD0HDakF31wcrO8wHJHvB8QGVtVDrxI3J+JL79BgAAAABgkDitF1XTtq3GIBfScvSoQTx0RvvnYPs29jxvebvRIbf8Ni2yR1VC9qzqdeG7iPTBAT/uwrdnwQk8TOM4v5UAAAAA9EIn6Y97JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADK7DTh4Wtv+Xucci3Q3Hs5cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAf/gdAAD//9maFWk=")
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x45)

139.748608ms ago: executing program 3 (id=3602):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0a000000040000000300000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xe, 0x0, &(0x7f0000000280)="432275e2065074ef2415f73227b2", 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

116.006348ms ago: executing program 2 (id=3603):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x9, 0x3, 0x8, 0x4, 0x2, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffffc}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x15, 0x10, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffff5}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000240)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @sk_reuseport, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'veth0_virt_wifi\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000880)='+}[@\x00')
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000a40)={[{@journal_async_commit}, {@oldalloc}, {@nolazytime}, {@bh}]}, 0x2, 0x5ba, &(0x7f0000000a80)="$eJzs3c1vVFUbAPDnTqeF0ve1lRgVF6bREEiUlhYw+LGAPSGI7txYaSHI8BFao0UTS4IbE+PGRBJXLsT/QoluXZm4cOHGlSFBY9hojI65M3eGYTrTTkunF3t/v2Q659wzM+dc6NNz5p5zZgIorPH0RyliV0RcSiJGW8rKkRWO1x935/f3TqW3JKrVV35LIsmONR6fZPcj2ZP/Ho34/pskdg4sr3d+8cq5mUpl7nKWn1w4f2lyfvHKvrPnZ87MnZm7MP3c9OFDBw8dntp/X+dXakkfu/bm26MfHn/ti8/+Sqa+/Ol4Ekfi19P1stbz2CjjMR5/VKvvtx9P/10Pb3RlORlo/p7clbQf4IFVzmJkKCIei9EYaPnfHI0PXs61cUBfVZOIKlBQifiHgmqMAxrv7Xt7H1zq86gE2Ay3j6Y/BzvEf7l+bTDGYjAidrc9r8MlvXVJ6/ju2+PX0lv06Toc0NnS1W1Zqj3+k1psjsX2Wm7HndI913nTEcCJ7D49fnKd9Y+35cU/bJ6lqxHxeKfx/+rx/3pL/L+xzvrFPwAAAAAAAGycm0cj4tlO83+lbG5uezxVm/9L6vN/P9zdIXhkA+pfff6vdGsDqgE6uH004qWO63+ba3zHBrLc/+urAZPTZytz+yPioYjYG4Pb0vzUCnXs+2jn9W5lrev/0ltaf2MtYNaOW+Vt9z5ndmZh5n7OGai7fTXiiXL39T9p/5+09v+Z9O/BpR7r2Ln7xoluZavHP9Av1c8j9nTs/5PmY5KVP59jsjYemGyMCpZ78t2Pv+pWv/iH/KT9/46V438saf28nvm1vf5QRBxYLFe7la93/D+UvDrQeP3UOzMLC5enIoaSY8uPT6+tzbBVNeKhES9p/O99euXrf83xf0scDkfEUo91PvrPyM/dyvT/kJ80/mfX1P+vPTF9Y+zrbvX31v8frPXpe7Mjrv/BynoN0LzbCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/RaWI+F8kpYlmulSamIgYiYhHYkepcnF+4ZnTF9+6MJuW1b7/v9T4pt/Rej5pfP//WEt+ui1/ICIejohPBoZr+YlTFyuzeZ88AAAAAAAAAAAAAAAAAAAAPCBGuuz/T/0ykHfrgL4rZ/fiHYqnnHcDgNyIfygu8Q/FJf6huMQ/FNc64990AWwB+n8oqsHeHra93+0A8qD/BwAAAACALeXmi89fTyJi6YXh2i01lJU1JwaHzRHAVlTKuwFAbqzhheIyrIfi6nHxL7CFJc3Un9VO5d1X/yf9aRAAAAAAAAAAAAAAsMyeXTd/XHX/P7Al2f8PxWX/PxSX/f9QXN7jA6vt4rf/HwAAAAAAAAAAAADyN7945dxMpTJ3uTVx8tP2IxISm58YjIgHoBndE4PRp1ceWik8NyeR8x8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg6d8AAAD//xjQJD4=")

23.000589ms ago: executing program 3 (id=3604):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000100000000000000040000850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX])
creat(&(0x7f0000000380)='./file0\x00', 0x0)

20.41901ms ago: executing program 3 (id=3605):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e000000000000000500"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
creat(&(0x7f0000000380)='./file0\x00', 0x0)

0s ago: executing program 2 (id=3606):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), r3)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0003000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0)

kernel console output (not intermixed with test programs):

4) failed
[  207.734432][T11510] syz.0.2957: attempt to access beyond end of device
[  207.734432][T11510] loop0: rw=3, sector=226, nr_sectors = 6 limit=128
[  207.745939][T11516] FAT-fs (loop4): Directory bread(block 165) failed
[  207.759573][T11514] netlink: 'syz.1.2959': attribute type 10 has an invalid length.
[  207.770164][T11510] syz.0.2957: attempt to access beyond end of device
[  207.770164][T11510] loop0: rw=2051, sector=232, nr_sectors = 2 limit=128
[  207.779718][T11516] FAT-fs (loop4): Directory bread(block 166) failed
[  207.793362][T11514] team0: Device veth1_macvtap failed to register rx_handler
[  207.802474][T11516] FAT-fs (loop4): Directory bread(block 167) failed
[  207.809181][T11516] FAT-fs (loop4): Directory bread(block 168) failed
[  207.817234][T11516] FAT-fs (loop4): Directory bread(block 169) failed
[  207.839179][T11516] FAT-fs (loop4): Directory bread(block 162) failed
[  207.847266][T11516] FAT-fs (loop4): Directory bread(block 163) failed
[  207.869547][T11472] batman_adv: batadv0: Adding interface: batadv_slave_0
[  207.876577][T11472] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  207.902594][T11472] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  207.915142][T11516] syz.4.2960: attempt to access beyond end of device
[  207.915142][T11516] loop4: rw=3, sector=226, nr_sectors = 6 limit=128
[  207.928956][T11516] syz.4.2960: attempt to access beyond end of device
[  207.928956][T11516] loop4: rw=2051, sector=232, nr_sectors = 2 limit=128
[  207.968483][T11472] batman_adv: batadv0: Adding interface: batadv_slave_1
[  207.975559][T11472] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  208.001539][T11472] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  208.001690][T11525] loop4: detected capacity change from 0 to 512
[  208.023555][T11525] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  208.048427][T11472] hsr_slave_0: entered promiscuous mode
[  208.054789][T11525] EXT4-fs (loop4): 1 truncate cleaned up
[  208.054814][T11472] hsr_slave_1: entered promiscuous mode
[  208.062764][T11525] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  208.066712][T11472] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  208.086445][T11472] Cannot create hsr debugfs directory
[  208.103533][T11520] lo speed is unknown, defaulting to 1000
[  208.130820][T11525] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  208.146439][T11525] EXT4-fs (loop4): Remounting filesystem read-only
[  208.158217][T11525] EXT4-fs warning (device loop4): ext4_evict_inode:279: xattr delete (err -30)
[  208.238945][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.343250][T11548] lo speed is unknown, defaulting to 1000
[  208.379298][T11556] loop2: detected capacity change from 0 to 512
[  208.511754][   T29] kauditd_printk_skb: 598 callbacks suppressed
[  208.511771][   T29] audit: type=1326 audit(1747514325.961:254445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11557 comm="syz.1.2974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd79782e969 code=0x7ffc0000
[  208.702660][T11565] loop0: detected capacity change from 0 to 164
[  208.727120][   T29] audit: type=1400 audit(1747514326.161:254446): avc:  denied  { remount } for  pid=11564 comm="syz.0.2976" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  208.770120][T11565] loop0: detected capacity change from 0 to 1024
[  208.780576][T11565] EXT4-fs: Ignoring removed nobh option
[  208.786240][T11565] ext2: Unknown parameter 'dont_hash'
[  208.799232][   T29] audit: type=1400 audit(1747514326.201:254447): avc:  denied  { read write } for  pid=11564 comm="syz.0.2976" name="rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  208.802253][T11565] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  208.823827][   T29] audit: type=1400 audit(1747514326.201:254448): avc:  denied  { open } for  pid=11564 comm="syz.0.2976" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  209.001874][T11472] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  209.011047][T11472] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  209.042615][T11472] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  209.054440][T11472] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  209.098468][T11472] 8021q: adding VLAN 0 to HW filter on device bond0
[  209.122888][T11472] 8021q: adding VLAN 0 to HW filter on device team0
[  209.135583][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.142695][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[  209.162936][ T1856] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.170030][ T1856] bridge0: port 2(bridge_slave_1) entered forwarding state
[  209.233112][T11472] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  209.243627][T11472] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  209.319005][T11590] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2983'.
[  209.347987][T11472] 8021q: adding VLAN 0 to HW filter on device batadv0
[  209.360479][T11593] FAULT_INJECTION: forcing a failure.
[  209.360479][T11593] name failslab, interval 1, probability 0, space 0, times 0
[  209.373331][T11593] CPU: 1 UID: 0 PID: 11593 Comm: syz.4.2984 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  209.373447][T11593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  209.373464][T11593] Call Trace:
[  209.373472][T11593]  <TASK>
[  209.373518][T11593]  __dump_stack+0x1d/0x30
[  209.373544][T11593]  dump_stack_lvl+0xe8/0x140
[  209.373639][T11593]  dump_stack+0x15/0x1b
[  209.373661][T11593]  should_fail_ex+0x265/0x280
[  209.373704][T11593]  should_failslab+0x8c/0xb0
[  209.373851][T11593]  kmem_cache_alloc_noprof+0x50/0x310
[  209.373951][T11593]  ? getname_flags+0x80/0x3b0
[  209.374061][T11593]  getname_flags+0x80/0x3b0
[  209.374102][T11593]  io_renameat_prep+0x135/0x1b0
[  209.374142][T11593]  io_submit_sqes+0x5cb/0x1000
[  209.374191][T11593]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  209.374308][T11593]  ? __rcu_read_unlock+0x4f/0x70
[  209.374333][T11593]  ? get_pid_task+0x96/0xd0
[  209.374353][T11593]  ? proc_fail_nth_write+0x12d/0x160
[  209.374420][T11593]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  209.374449][T11593]  ? vfs_write+0x75e/0x8d0
[  209.374473][T11593]  ? __rcu_read_unlock+0x4f/0x70
[  209.374520][T11593]  ? __fget_files+0x184/0x1c0
[  209.374559][T11593]  ? fput+0x8f/0xc0
[  209.374644][T11593]  __x64_sys_io_uring_enter+0x78/0x90
[  209.374686][T11593]  x64_sys_call+0x28c8/0x2fb0
[  209.374712][T11593]  do_syscall_64+0xd0/0x1a0
[  209.374737][T11593]  ? clear_bhb_loop+0x40/0x90
[  209.374799][T11593]  ? clear_bhb_loop+0x40/0x90
[  209.374837][T11593]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.374864][T11593] RIP: 0033:0x7f607bc0e969
[  209.374879][T11593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.374938][T11593] RSP: 002b:00007f607a277038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  209.374962][T11593] RAX: ffffffffffffffda RBX: 00007f607be35fa0 RCX: 00007f607bc0e969
[  209.374977][T11593] RDX: 0000000000000000 RSI: 0000000000003516 RDI: 0000000000000006
[  209.374990][T11593] RBP: 00007f607a277090 R08: 0000000000000000 R09: 0000000000000000
[  209.375001][T11593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  209.375067][T11593] R13: 0000000000000000 R14: 00007f607be35fa0 R15: 00007ffdff799fe8
[  209.375092][T11593]  </TASK>
[  209.634633][T11597] Cannot find add_set index 0 as target
[  209.657288][   T29] audit: type=1326 audit(1747514327.071:254449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11596 comm="syz.1.2985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd79782e969 code=0x7ffc0000
[  209.681050][   T29] audit: type=1326 audit(1747514327.071:254450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11596 comm="syz.1.2985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd79782e969 code=0x7ffc0000
[  209.704999][   T29] audit: type=1326 audit(1747514327.071:254451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11596 comm="syz.1.2985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd79782e969 code=0x7ffc0000
[  209.728770][   T29] audit: type=1326 audit(1747514327.071:254452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11596 comm="syz.1.2985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd79782e969 code=0x7ffc0000
[  209.752734][   T29] audit: type=1326 audit(1747514327.071:254453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11596 comm="syz.1.2985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd79782e969 code=0x7ffc0000
[  209.776501][   T29] audit: type=1326 audit(1747514327.071:254454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11596 comm="syz.1.2985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd79782e969 code=0x7ffc0000
[  209.806510][T11472] veth0_vlan: entered promiscuous mode
[  209.815743][T11472] veth1_vlan: entered promiscuous mode
[  209.825272][T11604] lo speed is unknown, defaulting to 1000
[  209.856789][T11611] loop0: detected capacity change from 0 to 512
[  209.861247][T11472] veth0_macvtap: entered promiscuous mode
[  209.877986][T11472] veth1_macvtap: entered promiscuous mode
[  209.885097][T11611] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  209.894578][T11611] EXT4-fs (loop0): 1 truncate cleaned up
[  209.900674][T11611] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.901777][T11472] batman_adv: batadv0: Interface activated: batadv_slave_0
[  209.927321][T11472] batman_adv: batadv0: Interface activated: batadv_slave_1
[  209.938361][T11472] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  209.947372][T11472] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  209.956216][T11472] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  209.965080][T11472] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  210.022230][T11624] loop3: detected capacity change from 0 to 512
[  210.029522][T11624] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  210.045546][T11624] EXT4-fs (loop3): 1 truncate cleaned up
[  210.064677][ T3324] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.093642][T11624] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  210.154528][T11624] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  210.216162][T11624] EXT4-fs (loop3): Remounting filesystem read-only
[  210.223532][T11624] EXT4-fs warning (device loop3): ext4_evict_inode:279: xattr delete (err -30)
[  210.302685][T11472] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.339288][T11633] lo speed is unknown, defaulting to 1000
[  210.340340][T11643] loop3: detected capacity change from 0 to 512
[  210.353155][T11643] EXT4-fs: Ignoring removed i_version option
[  210.359237][T11643] EXT4-fs: Ignoring removed mblk_io_submit option
[  210.367047][T11643] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  210.396639][T11643] EXT4-fs (loop3): can't mount with data_err=abort, fs mounted w/o journal
[  210.414962][T11643] netlink: 'syz.3.2994': attribute type 10 has an invalid length.
[  210.433063][T11643] team0: Device veth1_macvtap failed to register rx_handler
[  210.445884][T11643] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  210.459112][T11643] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2994'.
[  210.474937][T11643] loop3: detected capacity change from 0 to 128
[  210.479392][T11633] chnl_net:caif_netlink_parms(): no params data found
[  210.554608][T11633] bridge0: port 1(bridge_slave_0) entered blocking state
[  210.561840][T11633] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.569099][T11633] bridge_slave_0: entered allmulticast mode
[  210.575842][T11633] bridge_slave_0: entered promiscuous mode
[  210.587502][T11633] bridge0: port 2(bridge_slave_1) entered blocking state
[  210.594720][T11633] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.607367][T11633] bridge_slave_1: entered allmulticast mode
[  210.614436][T11633] bridge_slave_1: entered promiscuous mode
[  210.620989][T11652] lo speed is unknown, defaulting to 1000
[  210.656986][T11633] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  210.682392][T11633] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  210.714087][   T56] team0: left allmulticast mode
[  210.719005][   T56] team0: left promiscuous mode
[  210.724020][   T56] bridge0: port 1(team0) entered disabled state
[  210.780164][T11663] loop4: detected capacity change from 0 to 128
[  210.787412][T11663] FAT-fs (loop4): Directory bread(block 162) failed
[  210.788118][T11633] team0: Port device team_slave_0 added
[  210.801037][T11633] team0: Port device team_slave_1 added
[  210.806830][T11663] FAT-fs (loop4): Directory bread(block 163) failed
[  210.813773][T11663] FAT-fs (loop4): Directory bread(block 164) failed
[  210.820463][T11663] FAT-fs (loop4): Directory bread(block 165) failed
[  210.827802][T11663] FAT-fs (loop4): Directory bread(block 166) failed
[  210.835200][T11663] FAT-fs (loop4): Directory bread(block 167) failed
[  210.841924][T11663] FAT-fs (loop4): Directory bread(block 168) failed
[  210.848783][T11663] FAT-fs (loop4): Directory bread(block 169) failed
[  210.856592][   T56] tipc: Disabling bearer <udp:syz0>
[  210.856735][T11663] FAT-fs (loop4): Directory bread(block 162) failed
[  210.862002][   T56] tipc: Left network mode
[  210.876410][T11663] FAT-fs (loop4): Directory bread(block 163) failed
[  210.876470][T11633] batman_adv: batadv0: Adding interface: batadv_slave_0
[  210.883668][T11663] syz.4.2998: attempt to access beyond end of device
[  210.883668][T11663] loop4: rw=3, sector=226, nr_sectors = 6 limit=128
[  210.890070][T11633] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.914338][T11663] syz.4.2998: attempt to access beyond end of device
[  210.914338][T11663] loop4: rw=2051, sector=232, nr_sectors = 2 limit=128
[  210.929313][T11633] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  210.932008][T11633] batman_adv: batadv0: Adding interface: batadv_slave_1
[  210.960302][T11633] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.986350][T11633] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  211.002015][   T56] hsr_slave_0: left promiscuous mode
[  211.084949][ T3394] lo speed is unknown, defaulting to 1000
[  211.090769][ T3394] infiniband syz0: ib_query_port failed (-19)
[  211.106291][T11674] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3002'.
[  211.125539][T11674] macsec0: entered allmulticast mode
[  211.135263][T11633] hsr_slave_0: entered promiscuous mode
[  211.141785][T11633] hsr_slave_1: entered promiscuous mode
[  211.147924][T11633] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  211.155663][T11633] Cannot create hsr debugfs directory
[  211.188262][T11678] loop4: detected capacity change from 0 to 512
[  211.195144][T11678] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  211.217873][T11678] EXT4-fs (loop4): 1 truncate cleaned up
[  211.225313][T11678] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  211.244516][T11678] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  211.263505][T11678] EXT4-fs (loop4): Remounting filesystem read-only
[  211.277709][T11678] EXT4-fs warning (device loop4): ext4_evict_inode:279: xattr delete (err -30)
[  211.296887][T11683] loop2: detected capacity change from 0 to 256
[  211.317494][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.383419][T11699] loop4: detected capacity change from 0 to 128
[  211.392462][T11699] FAT-fs (loop4): Directory bread(block 162) failed
[  211.399087][T11699] FAT-fs (loop4): Directory bread(block 163) failed
[  211.406062][T11699] FAT-fs (loop4): Directory bread(block 164) failed
[  211.414185][T11699] FAT-fs (loop4): Directory bread(block 165) failed
[  211.421241][T11699] FAT-fs (loop4): Directory bread(block 166) failed
[  211.427869][T11699] FAT-fs (loop4): Directory bread(block 167) failed
[  211.435713][T11699] FAT-fs (loop4): Directory bread(block 168) failed
[  211.442750][T11699] FAT-fs (loop4): Directory bread(block 169) failed
[  211.450131][T11699] FAT-fs (loop4): Directory bread(block 162) failed
[  211.457425][T11699] FAT-fs (loop4): Directory bread(block 163) failed
[  211.464704][T11699] syz.4.3011: attempt to access beyond end of device
[  211.464704][T11699] loop4: rw=3, sector=226, nr_sectors = 6 limit=128
[  211.478141][T11699] syz.4.3011: attempt to access beyond end of device
[  211.478141][T11699] loop4: rw=2051, sector=232, nr_sectors = 2 limit=128
[  211.544559][T11633] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  211.562574][T11694] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  211.571166][T11633] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  211.572374][T11694] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  211.590863][T11707] loop4: detected capacity change from 0 to 128
[  211.603062][T11633] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  211.620533][T11694] tipc: Started in network mode
[  211.625573][T11694] tipc: Node identity ac14140f, cluster identity 4711
[  211.637234][T11694] tipc: New replicast peer: 10.1.1.2
[  211.642633][T11694] tipc: Enabled bearer <udp:syz0>, priority 10
[  211.649554][T11709] loop3: detected capacity change from 0 to 128
[  211.657773][T11701] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  211.666386][T11701] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  211.683832][T11633] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  211.738759][T11633] 8021q: adding VLAN 0 to HW filter on device bond0
[  211.751966][T11711] loop4: detected capacity change from 0 to 512
[  211.759358][T11711] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  211.771657][T11711] EXT4-fs (loop4): 1 truncate cleaned up
[  211.777991][T11711] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  211.792455][T11633] 8021q: adding VLAN 0 to HW filter on device team0
[  211.797210][T11711] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  211.813552][T11633] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  211.813578][T11633] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  211.834906][T11711] EXT4-fs (loop4): Remounting filesystem read-only
[  211.842076][T11711] EXT4-fs warning (device loop4): ext4_evict_inode:279: xattr delete (err -30)
[  211.843054][ T1740] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.858126][ T1740] bridge0: port 1(bridge_slave_0) entered forwarding state
[  211.867821][ T1740] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.874981][ T1740] bridge0: port 2(bridge_slave_1) entered forwarding state
[  211.883592][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.917683][T11633] 8021q: adding VLAN 0 to HW filter on device batadv0
[  211.998033][T11633] veth0_vlan: entered promiscuous mode
[  212.006908][T11633] veth1_vlan: entered promiscuous mode
[  212.020275][T11633] veth0_macvtap: entered promiscuous mode
[  212.032949][T11633] veth1_macvtap: entered promiscuous mode
[  212.043938][T11633] batman_adv: batadv0: Interface activated: batadv_slave_0
[  212.052559][T11633] batman_adv: batadv0: Interface activated: batadv_slave_1
[  212.061098][T11729] SELinux: failed to load policy
[  212.066868][T11633] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  212.075658][T11633] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  212.084434][T11633] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  212.093403][T11633] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  212.107852][T11729] netlink: 'syz.4.3021': attribute type 4 has an invalid length.
[  212.246743][T11744] loop2: detected capacity change from 0 to 512
[  212.271947][T11744] EXT4-fs (loop2): write access unavailable, skipping orphan cleanup
[  212.281402][T11744] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  212.293046][T11749] loop4: detected capacity change from 0 to 512
[  212.305341][T11749] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  212.321576][T11744] EXT4-fs error (device loop2): ext4_lookup:1793: inode #2: comm syz.2.3025: deleted inode referenced: 12
[  212.339803][T11749] EXT4-fs (loop4): 1 truncate cleaned up
[  212.370334][T11749] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  212.372747][T11744] EXT4-fs error (device loop2): ext4_lookup:1793: inode #2: comm syz.2.3025: deleted inode referenced: 12
[  212.414183][T11749] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  212.462308][T11749] EXT4-fs (loop4): Remounting filesystem read-only
[  212.467092][T11744] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3025'.
[  212.481547][T11749] EXT4-fs warning (device loop4): ext4_evict_inode:279: xattr delete (err -30)
[  212.526875][T11133] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.565255][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.622231][T11777] SELinux: syz.4.3033 (11777) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  212.623674][T11780] loop2: detected capacity change from 0 to 128
[  212.650773][ T3413] tipc: Node number set to 2886997007
[  212.716901][T11757] chnl_net:caif_netlink_parms(): no params data found
[  212.776100][   T56] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.787095][T11757] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.794454][T11757] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.803043][T11757] bridge_slave_0: entered allmulticast mode
[  212.809777][T11757] bridge_slave_0: entered promiscuous mode
[  212.818054][T11757] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.825223][T11757] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.832543][T11757] bridge_slave_1: entered allmulticast mode
[  212.839123][T11757] bridge_slave_1: entered promiscuous mode
[  212.860367][   T56] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.873895][T11757] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  212.894813][T11757] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  212.921594][T11757] team0: Port device team_slave_0 added
[  212.928361][   T56] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.941807][T11757] team0: Port device team_slave_1 added
[  212.961986][T11757] batman_adv: batadv0: Adding interface: batadv_slave_0
[  212.969126][T11757] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.995190][T11757] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  212.997898][T11799] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  213.007670][T11757] batman_adv: batadv0: Adding interface: batadv_slave_1
[  213.021162][T11757] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  213.025660][T11799] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  213.047164][T11757] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  213.078485][   T56] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.090945][T11803] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3040'.
[  213.102975][T11803] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3040'.
[  213.112202][T11803] FAULT_INJECTION: forcing a failure.
[  213.112202][T11803] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  213.125376][T11803] CPU: 0 UID: 0 PID: 11803 Comm: syz.3.3040 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  213.125412][T11803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  213.125427][T11803] Call Trace:
[  213.125464][T11803]  <TASK>
[  213.125517][T11803]  __dump_stack+0x1d/0x30
[  213.125551][T11803]  dump_stack_lvl+0xe8/0x140
[  213.125569][T11803]  dump_stack+0x15/0x1b
[  213.125585][T11803]  should_fail_ex+0x265/0x280
[  213.125621][T11803]  should_fail+0xb/0x20
[  213.125666][T11803]  should_fail_usercopy+0x1a/0x20
[  213.125691][T11803]  _copy_to_user+0x20/0xa0
[  213.125719][T11803]  simple_read_from_buffer+0xb5/0x130
[  213.125785][T11803]  proc_fail_nth_read+0x100/0x140
[  213.125864][T11803]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  213.125942][T11803]  vfs_read+0x19d/0x6f0
[  213.125970][T11803]  ? __rcu_read_unlock+0x4f/0x70
[  213.126106][T11803]  ? __fget_files+0x184/0x1c0
[  213.126144][T11803]  ksys_read+0xda/0x1a0
[  213.126178][T11803]  __x64_sys_read+0x40/0x50
[  213.126236][T11803]  x64_sys_call+0x2d77/0x2fb0
[  213.126264][T11803]  do_syscall_64+0xd0/0x1a0
[  213.126294][T11803]  ? clear_bhb_loop+0x40/0x90
[  213.126321][T11803]  ? clear_bhb_loop+0x40/0x90
[  213.126393][T11803]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.126451][T11803] RIP: 0033:0x7f8fe619d37c
[  213.126468][T11803] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  213.126492][T11803] RSP: 002b:00007f8fe4807030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  213.126516][T11803] RAX: ffffffffffffffda RBX: 00007f8fe63c5fa0 RCX: 00007f8fe619d37c
[  213.126532][T11803] RDX: 000000000000000f RSI: 00007f8fe48070a0 RDI: 0000000000000005
[  213.126554][T11803] RBP: 00007f8fe4807090 R08: 0000000000000000 R09: 0000000000000000
[  213.126574][T11803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  213.126589][T11803] R13: 0000000000000000 R14: 00007f8fe63c5fa0 R15: 00007ffd583627b8
[  213.126614][T11803]  </TASK>
[  213.339229][T11804] tipc: Started in network mode
[  213.344169][T11804] tipc: Node identity ac14140f, cluster identity 4711
[  213.351425][T11804] tipc: New replicast peer: 10.1.1.2
[  213.356874][T11804] tipc: Enabled bearer <udp:syz0>, priority 10
[  213.369179][T11806] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  213.371389][T11757] hsr_slave_0: entered promiscuous mode
[  213.380842][T11806] SELinux: failed to load policy
[  213.385296][T11757] hsr_slave_1: entered promiscuous mode
[  213.403751][T11757] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  213.415459][T11757] Cannot create hsr debugfs directory
[  213.498013][T11819] loop4: detected capacity change from 0 to 128
[  213.505878][T11819] FAT-fs (loop4): Directory bread(block 162) failed
[  213.519765][T11819] FAT-fs (loop4): Directory bread(block 163) failed
[  213.527306][   T29] kauditd_printk_skb: 788 callbacks suppressed
[  213.527324][   T29] audit: type=1326 audit(1747514330.971:255243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11813 comm="syz.0.3044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  213.527456][T11819] FAT-fs (loop4): Directory bread(block 164) failed
[  213.534259][   T29] audit: type=1326 audit(1747514330.971:255244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11813 comm="syz.0.3044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  213.559010][T11819] FAT-fs (loop4): Directory bread(block 165) failed
[  213.615103][T11819] FAT-fs (loop4): Directory bread(block 166) failed
[  213.620794][T11824] loop0: detected capacity change from 0 to 1024
[  213.621991][T11819] FAT-fs (loop4): Directory bread(block 167) failed
[  213.634914][   T29] audit: type=1326 audit(1747514331.061:255245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11823 comm="syz.0.3048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  213.640276][T11819] FAT-fs (loop4): Directory bread(block 168) failed
[  213.658802][   T29] audit: type=1326 audit(1747514331.061:255246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11823 comm="syz.0.3048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  213.666737][T11819] FAT-fs (loop4): Directory bread(block 169) failed
[  213.688986][   T29] audit: type=1326 audit(1747514331.061:255247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11823 comm="syz.0.3048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  213.714691][T11819] FAT-fs (loop4): Directory bread(block 162) failed
[  213.719323][   T29] audit: type=1326 audit(1747514331.061:255248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11823 comm="syz.0.3048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  213.729451][T11819] FAT-fs (loop4): Directory bread(block 163) failed
[  213.749552][   T29] audit: type=1326 audit(1747514331.061:255249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11823 comm="syz.0.3048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  213.749588][   T29] audit: type=1326 audit(1747514331.061:255250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11823 comm="syz.0.3048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  213.758507][T11819] syz.4.3045: attempt to access beyond end of device
[  213.758507][T11819] loop4: rw=3, sector=226, nr_sectors = 6 limit=128
[  213.779921][   T29] audit: type=1326 audit(1747514331.061:255251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11823 comm="syz.0.3048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  213.806002][T11819] syz.4.3045: attempt to access beyond end of device
[  213.806002][T11819] loop4: rw=2051, sector=232, nr_sectors = 2 limit=128
[  213.816603][   T29] audit: type=1326 audit(1747514331.061:255252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11823 comm="syz.0.3048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  213.883180][T11824] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  213.895461][T11828] loop3: detected capacity change from 0 to 1024
[  213.913498][T11833] loop4: detected capacity change from 0 to 128
[  213.922723][T11633] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.923647][   T56] bond0 (unregistering): Released all slaves
[  213.950663][   T56] bond1 (unregistering): Released all slaves
[  213.961431][T11826] batadv_slave_1: entered promiscuous mode
[  213.994633][T11833] syz.4.3049: attempt to access beyond end of device
[  213.994633][T11833] loop4: rw=0, sector=121, nr_sectors = 120 limit=128
[  214.013184][T11841] netlink: 'syz.0.3052': attribute type 1 has an invalid length.
[  214.028093][T11828] batadv_slave_1: left promiscuous mode
[  214.037892][   T56] tipc: Disabling bearer <udp:syz0>
[  214.043286][   T56] tipc: Left network mode
[  214.078504][T10530] kworker/u8:9: attempt to access beyond end of device
[  214.078504][T10530] loop4: rw=1, sector=241, nr_sectors = 800 limit=128
[  214.105585][T11850] loop2: detected capacity change from 0 to 1024
[  214.122216][T11850] EXT4-fs: Ignoring removed orlov option
[  214.122878][T11856] loop3: detected capacity change from 0 to 128
[  214.134848][   T56] hsr_slave_0: left promiscuous mode
[  214.139756][T11852] loop4: detected capacity change from 0 to 512
[  214.144591][T11856] FAT-fs (loop3): Directory bread(block 162) failed
[  214.147348][T11852] EXT4-fs: Ignoring removed i_version option
[  214.153268][   T56] veth0_macvtap: left promiscuous mode
[  214.159085][T11852] EXT4-fs: Ignoring removed mblk_io_submit option
[  214.171588][T11852] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  214.184669][T11852] EXT4-fs (loop4): can't mount with data_err=abort, fs mounted w/o journal
[  214.187190][T11856] FAT-fs (loop3): Directory bread(block 163) failed
[  214.205731][T11852] netlink: 'syz.4.3055': attribute type 10 has an invalid length.
[  214.223773][T11856] FAT-fs (loop3): Directory bread(block 164) failed
[  214.232557][T11856] FAT-fs (loop3): Directory bread(block 165) failed
[  214.239256][T11856] FAT-fs (loop3): Directory bread(block 166) failed
[  214.248596][T11856] FAT-fs (loop3): Directory bread(block 167) failed
[  214.259247][T11856] FAT-fs (loop3): Directory bread(block 168) failed
[  214.296553][T11856] FAT-fs (loop3): Directory bread(block 169) failed
[  214.313313][T11867] loop4: detected capacity change from 0 to 128
[  214.323238][T11856] FAT-fs (loop3): Directory bread(block 162) failed
[  214.343901][T11856] FAT-fs (loop3): Directory bread(block 163) failed
[  214.358382][T11852] team0: Device veth1_macvtap failed to register rx_handler
[  214.366181][T11856] syz.3.3058: attempt to access beyond end of device
[  214.366181][T11856] loop3: rw=3, sector=226, nr_sectors = 6 limit=128
[  214.379499][T11863] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3055'.
[  214.379533][T11856] syz.3.3058: attempt to access beyond end of device
[  214.379533][T11856] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128
[  214.436709][T11871] loop3: detected capacity change from 0 to 128
[  214.465909][T11873] netlink: 256 bytes leftover after parsing attributes in process `syz.4.3064'.
[  214.472054][T11869] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3062'.
[  214.475046][ T3394] tipc: Node number set to 2886997007
[  214.476779][T11871] vfat: Unexpected value for 'discard'
[  214.515888][T11871] loop3: detected capacity change from 0 to 512
[  214.550334][T11871] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.3063: casefold flag without casefold feature
[  214.564490][T11871] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.3063: couldn't read orphan inode 15 (err -117)
[  214.578455][T11871] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.714760][T11887] netlink: 'syz.2.3068': attribute type 1 has an invalid length.
[  214.874125][T11898] loop0: detected capacity change from 0 to 128
[  214.881719][T11898] FAT-fs (loop0): Directory bread(block 162) failed
[  214.888375][T11898] FAT-fs (loop0): Directory bread(block 163) failed
[  214.905400][T11898] FAT-fs (loop0): Directory bread(block 164) failed
[  214.913759][T11898] FAT-fs (loop0): Directory bread(block 165) failed
[  214.920411][T11898] FAT-fs (loop0): Directory bread(block 166) failed
[  214.935824][T11898] FAT-fs (loop0): Directory bread(block 167) failed
[  214.935991][T11757] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  214.943041][T11898] FAT-fs (loop0): Directory bread(block 168) failed
[  214.965226][T11472] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.967082][T11757] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  214.980941][T11902] loop4: detected capacity change from 0 to 512
[  214.981778][T11898] FAT-fs (loop0): Directory bread(block 169) failed
[  215.000512][   T56] IPVS: stop unused estimator thread 0...
[  215.010767][T11757] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  215.018050][T11906] loop3: detected capacity change from 0 to 1024
[  215.026280][T11898] FAT-fs (loop0): Directory bread(block 162) failed
[  215.039373][T11902] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  215.039729][T11906] loop3: detected capacity change from 0 to 1024
[  215.049941][T11757] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  215.060771][T11898] FAT-fs (loop0): Directory bread(block 163) failed
[  215.068073][T11898] syz.0.3072: attempt to access beyond end of device
[  215.068073][T11898] loop0: rw=3, sector=226, nr_sectors = 6 limit=128
[  215.081333][T11906] loop3: detected capacity change from 0 to 1024
[  215.081411][T11898] syz.0.3072: attempt to access beyond end of device
[  215.081411][T11898] loop0: rw=2051, sector=232, nr_sectors = 2 limit=128
[  215.096397][T11906] loop3: detected capacity change from 0 to 1024
[  215.120526][T11906] loop3: detected capacity change from 0 to 1024
[  215.140322][T11902] EXT4-fs (loop4): 1 truncate cleaned up
[  215.148032][T11906] loop3: detected capacity change from 0 to 1024
[  215.182746][T11902] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.192055][T11912] loop0: detected capacity change from 0 to 1024
[  215.197827][T11906] loop3: detected capacity change from 0 to 1024
[  215.201877][T11912] EXT4-fs: Ignoring removed orlov option
[  215.227220][T11906] loop3: detected capacity change from 0 to 1024
[  215.230564][T11912] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.240778][T11906] loop3: detected capacity change from 0 to 1024
[  215.259204][T11906] loop3: detected capacity change from 0 to 1024
[  215.272633][T11906] loop3: detected capacity change from 0 to 1024
[  215.275698][T11633] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.288115][T11906] loop3: detected capacity change from 0 to 1024
[  215.301427][T11906] loop3: detected capacity change from 0 to 1024
[  215.314182][T11906] loop3: detected capacity change from 0 to 1024
[  215.328134][T11906] loop3: detected capacity change from 0 to 1024
[  215.341909][T11906] loop3: detected capacity change from 0 to 1024
[  215.343337][T11757] 8021q: adding VLAN 0 to HW filter on device bond0
[  215.355562][T11906] loop3: detected capacity change from 0 to 1024
[  215.386760][T11757] 8021q: adding VLAN 0 to HW filter on device team0
[  215.394164][T11906] loop3: detected capacity change from 0 to 1024
[  215.400897][T11917] loop0: detected capacity change from 0 to 512
[  215.406910][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.414282][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[  215.419494][T11906] loop3: detected capacity change from 0 to 1024
[  215.434690][T11906] loop3: detected capacity change from 0 to 1024
[  215.441683][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.448850][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[  215.449019][T11906] loop3: detected capacity change from 0 to 1024
[  215.470480][T11917] EXT4-fs error (device loop0): ext4_iget_extra_inode:4693: inode #15: comm syz.0.3077: corrupted in-inode xattr: invalid ea_ino
[  215.497372][T11906] loop3: detected capacity change from 0 to 1024
[  215.505986][T11917] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.3077: couldn't read orphan inode 15 (err -117)
[  215.545685][T11906] loop3: detected capacity change from 0 to 1024
[  215.552993][T11917] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  215.581121][T11906] loop3: detected capacity change from 0 to 1024
[  215.588525][T11917] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.617179][T11906] loop3: detected capacity change from 0 to 1024
[  215.623275][T11924] loop2: detected capacity change from 0 to 1024
[  215.630195][T11924] EXT4-fs: Ignoring removed orlov option
[  215.648439][T11906] loop3: detected capacity change from 0 to 1024
[  215.680346][T11906] loop3: detected capacity change from 0 to 1024
[  215.689628][T11929] netlink: 'syz.2.3080': attribute type 13 has an invalid length.
[  215.697567][T11929] netlink: 24859 bytes leftover after parsing attributes in process `syz.2.3080'.
[  215.706339][T11906] loop3: detected capacity change from 0 to 1024
[  215.765271][T11757] 8021q: adding VLAN 0 to HW filter on device batadv0
[  215.779630][T11906] loop3: detected capacity change from 0 to 1024
[  215.794884][T11939] loop0: detected capacity change from 0 to 512
[  215.817589][T11939] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  215.833100][T11906] loop3: detected capacity change from 0 to 1024
[  215.849445][T11939] EXT4-fs (loop0): 1 truncate cleaned up
[  215.868285][T11939] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.935534][T11939] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  215.954062][T11956] loop3: detected capacity change from 0 to 164
[  215.974483][T11757] veth0_vlan: entered promiscuous mode
[  216.009438][T11939] EXT4-fs (loop0): Remounting filesystem read-only
[  216.009892][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.020798][T11939] EXT4-fs warning (device loop0): ext4_evict_inode:279: xattr delete (err -30)
[  216.038561][T11757] veth1_vlan: entered promiscuous mode
[  216.080859][T11757] veth0_macvtap: entered promiscuous mode
[  216.100906][T11757] veth1_macvtap: entered promiscuous mode
[  216.102164][T11633] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.112588][T11757] batman_adv: batadv0: Interface activated: batadv_slave_0
[  216.128665][T11964] loop2: detected capacity change from 0 to 1024
[  216.128697][T11757] batman_adv: batadv0: Interface activated: batadv_slave_1
[  216.146192][T11757] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  216.149525][T11961] loop4: detected capacity change from 0 to 1024
[  216.154995][T11757] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  216.161810][T11964] EXT4-fs: Ignoring removed orlov option
[  216.170053][T11757] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  216.184664][T11757] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  216.223412][T11961] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  216.228541][T11966] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3091'.
[  216.333004][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.356431][T11981] netlink: 56 bytes leftover after parsing attributes in process `syz.2.3096'.
[  216.363659][T11988] loop3: detected capacity change from 0 to 2048
[  216.418826][T11988] Alternate GPT is invalid, using primary GPT.
[  216.425412][T11988]  loop3: p2 p3 p7
[  216.443415][T11998] loop0: detected capacity change from 0 to 512
[  216.454457][T11998] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  216.469629][T11998] EXT4-fs (loop0): 1 truncate cleaned up
[  216.476047][T11998] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.500990][T11998] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  216.517980][T11998] EXT4-fs (loop0): Remounting filesystem read-only
[  216.530914][T11998] EXT4-fs warning (device loop0): ext4_evict_inode:279: xattr delete (err -30)
[  216.613313][T11633] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.678393][T12023] 9pnet_fd: Insufficient options for proto=fd
[  216.698267][T12024] wireguard0: entered promiscuous mode
[  216.704093][T12024] wireguard0: entered allmulticast mode
[  216.791949][T12034] FAULT_INJECTION: forcing a failure.
[  216.791949][T12034] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  216.805185][T12034] CPU: 1 UID: 0 PID: 12034 Comm: wÞ£ÿ Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  216.805239][T12034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  216.805251][T12034] Call Trace:
[  216.805257][T12034]  <TASK>
[  216.805266][T12034]  __dump_stack+0x1d/0x30
[  216.805292][T12034]  dump_stack_lvl+0xe8/0x140
[  216.805390][T12034]  dump_stack+0x15/0x1b
[  216.805411][T12034]  should_fail_ex+0x265/0x280
[  216.805449][T12034]  should_fail+0xb/0x20
[  216.805488][T12034]  should_fail_usercopy+0x1a/0x20
[  216.805559][T12034]  _copy_from_user+0x1c/0xb0
[  216.805588][T12034]  __se_sys_openat2+0xcb/0x1f0
[  216.805614][T12034]  __x64_sys_openat2+0x55/0x70
[  216.805662][T12034]  x64_sys_call+0x21e0/0x2fb0
[  216.805690][T12034]  do_syscall_64+0xd0/0x1a0
[  216.805720][T12034]  ? clear_bhb_loop+0x40/0x90
[  216.805746][T12034]  ? clear_bhb_loop+0x40/0x90
[  216.805846][T12034]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.805888][T12034] RIP: 0033:0x7f607bc0e969
[  216.805903][T12034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.805921][T12034] RSP: 002b:00007f607a277038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b5
[  216.805940][T12034] RAX: ffffffffffffffda RBX: 00007f607be35fa0 RCX: 00007f607bc0e969
[  216.805957][T12034] RDX: 0000200000000040 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  216.805974][T12034] RBP: 00007f607a277090 R08: 0000000000000000 R09: 0000000000000000
[  216.805986][T12034] R10: 0000000000000018 R11: 0000000000000246 R12: 0000000000000001
[  216.806040][T12034] R13: 0000000000000000 R14: 00007f607be35fa0 R15: 00007ffdff799fe8
[  216.806066][T12034]  </TASK>
[  217.005055][T12037] loop3: detected capacity change from 0 to 512
[  217.025298][T12037] EXT4-fs error (device loop3): ext4_iget_extra_inode:4693: inode #15: comm syz.3.3116: corrupted in-inode xattr: invalid ea_ino
[  217.048275][T12037] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.3116: couldn't read orphan inode 15 (err -117)
[  217.078309][T12037] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.091967][T12045] loop0: detected capacity change from 0 to 512
[  217.099717][T12045] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  217.113324][T11472] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.134584][T12045] EXT4-fs (loop0): 1 truncate cleaned up
[  217.140660][T12045] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.158960][T12045] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  217.174703][T12045] EXT4-fs (loop0): Remounting filesystem read-only
[  217.181447][T12045] EXT4-fs warning (device loop0): ext4_evict_inode:279: xattr delete (err -30)
[  217.205574][T12056] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  217.219240][T11633] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.233935][T12060] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  217.247602][T12060] bridge0: entered promiscuous mode
[  217.253485][T12060] macvlan2: entered promiscuous mode
[  217.322438][T12076] atomic_op ffff888118edb128 conn xmit_atomic 0000000000000000
[  217.440001][T12094] syz.4.3127: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  217.454679][T12094] CPU: 1 UID: 0 PID: 12094 Comm: syz.4.3127 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  217.454714][T12094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  217.454745][T12094] Call Trace:
[  217.454752][T12094]  <TASK>
[  217.454761][T12094]  __dump_stack+0x1d/0x30
[  217.454789][T12094]  dump_stack_lvl+0xe8/0x140
[  217.454815][T12094]  dump_stack+0x15/0x1b
[  217.454863][T12094]  warn_alloc+0x12b/0x1a0
[  217.454893][T12094]  ? update_curr+0x27f/0x320
[  217.454933][T12094]  ? enqueue_task_fair+0x86b/0x990
[  217.454966][T12094]  __vmalloc_node_range_noprof+0x9c/0xdf0
[  217.455025][T12094]  ? probe_sched_wakeup+0x85/0xa0
[  217.455053][T12094]  ? ttwu_do_activate+0x1cf/0x210
[  217.455076][T12094]  ? ___slab_alloc+0x275/0x900
[  217.455141][T12094]  ? avc_has_perm_noaudit+0x1b1/0x200
[  217.455164][T12094]  ? should_fail_ex+0x30/0x280
[  217.455276][T12094]  vmalloc_user_noprof+0x59/0x70
[  217.455300][T12094]  ? xskq_create+0x80/0xe0
[  217.455354][T12094]  xskq_create+0x80/0xe0
[  217.455449][T12094]  xsk_init_queue+0x95/0xf0
[  217.455490][T12094]  xsk_setsockopt+0x35c/0x510
[  217.455530][T12094]  ? __pfx_xsk_setsockopt+0x10/0x10
[  217.455558][T12094]  __sys_setsockopt+0x181/0x200
[  217.455617][T12094]  ? fpregs_restore_userregs+0xbb/0x190
[  217.455655][T12094]  __x64_sys_setsockopt+0x64/0x80
[  217.455705][T12094]  x64_sys_call+0x2bd5/0x2fb0
[  217.455733][T12094]  do_syscall_64+0xd0/0x1a0
[  217.455799][T12094]  ? clear_bhb_loop+0x40/0x90
[  217.455824][T12094]  ? clear_bhb_loop+0x40/0x90
[  217.455848][T12094]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.455948][T12094] RIP: 0033:0x7f607bc0e969
[  217.455968][T12094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.455991][T12094] RSP: 002b:00007f6079e12038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  217.456013][T12094] RAX: ffffffffffffffda RBX: 00007f607be36240 RCX: 00007f607bc0e969
[  217.456028][T12094] RDX: 0000000000000006 RSI: 000000000000011b RDI: 000000000000000d
[  217.456044][T12094] RBP: 00007f607bc90ab1 R08: 0000000000000004 R09: 0000000000000000
[  217.456056][T12094] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  217.456121][T12094] R13: 0000000000000000 R14: 00007f607be36240 R15: 00007ffdff799fe8
[  217.456171][T12094]  </TASK>
[  217.456191][T12094] Mem-Info:
[  217.458211][T12093] loop0: detected capacity change from 0 to 2048
[  217.468772][T12094] active_anon:4218 inactive_anon:14 isolated_anon:0
[  217.468772][T12094]  active_file:8185 inactive_file:12684 isolated_file:0
[  217.468772][T12094]  unevictable:0 dirty:376 writeback:0
[  217.468772][T12094]  slab_reclaimable:3206 slab_unreclaimable:14365
[  217.468772][T12094]  mapped:30427 shmem:420 pagetables:1029
[  217.468772][T12094]  sec_pagetables:0 bounce:0
[  217.468772][T12094]  kernel_misc_reclaimable:0
[  217.468772][T12094]  free:1833001 free_pcp:38038 free_cma:0
[  217.615808][T12093] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  217.617510][T12094] Node 0 active_anon:17084kB inactive_anon:56kB active_file:32740kB inactive_file:50736kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:121656kB dirty:1524kB writeback:0kB shmem:1760kB writeback_tmp:0kB kernel_stack:2992kB pagetables:4260kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  217.667385][T12093] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  217.670185][T12094] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  217.822444][T12094] lowmem_reserve[]: 0 2884 7863 7863
[  217.827849][T12094] Node 0 DMA32 free:2950032kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953564kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:0kB free_cma:0kB
[  217.856267][T12094] lowmem_reserve[]: 0 0 4978 4978
[  217.861505][T12094] Node 0 Normal free:4224620kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:19404kB inactive_anon:56kB active_file:32740kB inactive_file:50736kB unevictable:0kB writepending:1436kB present:5242880kB managed:5098244kB mlocked:0kB bounce:0kB free_pcp:139840kB local_pcp:11348kB free_cma:0kB
[  217.892083][T12094] lowmem_reserve[]: 0 0 0 0
[  217.896761][T12094] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  217.909562][T12094] Node 0 DMA32: 4*4kB (M) 4*8kB (M) 2*16kB (M) 4*32kB (M) 3*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2950032kB
[  217.925856][T12094] Node 0 Normal: 221*4kB (UE) 253*8kB (UME) 711*16kB (UME) 497*32kB (UME) 393*64kB (UM) 179*128kB (UM) 101*256kB (UME) 160*512kB (UM) 66*1024kB (UME) 11*2048kB (UM) 954*4096kB (UM) = 4183724kB
[  217.945190][T12094] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  217.954747][T12094] 21420 total pagecache pages
[  217.959517][T12094] 27 pages in swap cache
[  217.963860][T12094] Free swap  = 124888kB
[  217.968037][T12094] Total swap = 124996kB
[  217.972221][T12094] 2097051 pages RAM
[  217.976043][T12094] 0 pages HighMem/MovableOnly
[  217.980780][T12094] 80259 pages reserved
[  218.139492][T12126] loop4: detected capacity change from 0 to 1024
[  218.154903][T12124] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3147'.
[  218.200252][T12126] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  218.329429][T12132] loop3: detected capacity change from 0 to 2048
[  218.348645][   T31] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 345: padding at end of block bitmap is not set
[  218.385617][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.398184][   T31] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 836 with error 117
[  218.410805][   T31] EXT4-fs (loop0): This should not happen!! Data will be lost
[  218.410805][   T31] 
[  218.427918][T12132] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  218.440869][T12132] EXT4-fs error (device loop3): ext4_find_extent:938: inode #2: comm syz.3.3149: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  218.523956][T12140] SELinux: failed to load policy
[  218.541032][T12145] EXT4-fs error (device loop3): ext4_find_extent:938: inode #2: comm syz.3.3149: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  218.594223][T11472] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.678600][   T56] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 852 with max blocks 1 with error 28
[  218.691223][   T56] EXT4-fs (loop0): This should not happen!! Data will be lost
[  218.691223][   T56] 
[  218.700980][   T56] EXT4-fs (loop0): Total free blocks count 0
[  218.707111][   T56] EXT4-fs (loop0): Free/Dirty block details
[  218.713112][   T56] EXT4-fs (loop0): free_blocks=0
[  218.718147][   T56] EXT4-fs (loop0): dirty_blocks=16
[  218.723341][   T56] EXT4-fs (loop0): Block reservation details
[  218.741733][T12143] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  218.750201][T12143] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  218.781817][   T29] kauditd_printk_skb: 782 callbacks suppressed
[  218.781834][   T29] audit: type=1326 audit(1747514336.231:256035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12153 comm="syz.1.3157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9728fe969 code=0x7ffc0000
[  218.783385][T12158] loop3: detected capacity change from 0 to 512
[  218.789049][   T29] audit: type=1326 audit(1747514336.231:256036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12153 comm="syz.1.3157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd9728fe969 code=0x7ffc0000
[  218.832787][T12158] EXT4-fs: Ignoring removed oldalloc option
[  218.841843][   T29] audit: type=1326 audit(1747514336.231:256037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12153 comm="syz.1.3157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9728fe969 code=0x7ffc0000
[  218.841879][   T29] audit: type=1326 audit(1747514336.231:256038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12153 comm="syz.1.3157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fd9728fe969 code=0x7ffc0000
[  218.895454][   T29] audit: type=1326 audit(1747514336.231:256039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12153 comm="syz.1.3157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd9728f5927 code=0x7ffc0000
[  218.919229][   T29] audit: type=1326 audit(1747514336.231:256040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12153 comm="syz.1.3157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd97289ab39 code=0x7ffc0000
[  218.942837][   T29] audit: type=1326 audit(1747514336.231:256041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12153 comm="syz.1.3157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9728fe969 code=0x7ffc0000
[  218.943325][T12143] loop4: detected capacity change from 0 to 256
[  218.966566][   T29] audit: type=1326 audit(1747514336.231:256042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12153 comm="syz.1.3157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9728fe969 code=0x7ffc0000
[  219.032861][T12158] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.3158: Parent and EA inode have the same ino 15
[  219.047875][T12158] EXT4-fs (loop3): Remounting filesystem read-only
[  219.054546][T12158] EXT4-fs warning (device loop3): ext4_evict_inode:262: couldn't mark inode dirty (err -30)
[  219.074051][T12143] FAT-fs (loop4): Directory bread(block 64) failed
[  219.082087][   T29] audit: type=1326 audit(1747514336.321:256043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12153 comm="syz.1.3157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd9728f5927 code=0x7ffc0000
[  219.105784][   T29] audit: type=1326 audit(1747514336.321:256044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12153 comm="syz.1.3157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd97289ab39 code=0x7ffc0000
[  219.108323][T12143] FAT-fs (loop4): Directory bread(block 65) failed
[  219.129905][T12159] loop2: detected capacity change from 0 to 512
[  219.187866][T12158] EXT4-fs (loop3): 1 orphan inode deleted
[  219.216680][T12158] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  219.220859][T12143] FAT-fs (loop4): Directory bread(block 66) failed
[  219.251118][T12143] FAT-fs (loop4): Directory bread(block 67) failed
[  219.257786][T12143] FAT-fs (loop4): Directory bread(block 68) failed
[  219.260718][T12158] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.270265][T12143] FAT-fs (loop4): Directory bread(block 69) failed
[  219.300232][T12143] FAT-fs (loop4): Directory bread(block 70) failed
[  219.312300][T12143] FAT-fs (loop4): Directory bread(block 71) failed
[  219.318955][T12143] FAT-fs (loop4): Directory bread(block 72) failed
[  219.334556][T12143] FAT-fs (loop4): Directory bread(block 73) failed
[  219.369031][T12158] loop3: detected capacity change from 0 to 512
[  219.403365][T12158] EXT4-fs: Ignoring removed mblk_io_submit option
[  219.433848][T12158] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  219.470947][T12158] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  219.480783][T12158] EXT4-fs (loop3): orphan cleanup on readonly fs
[  219.487553][T12158] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.3158: Invalid block bitmap block 0 in block_group 0
[  219.550748][T12158] EXT4-fs (loop3): Remounting filesystem read-only
[  219.558126][T12158] EXT4-fs (loop3): 1 orphan inode deleted
[  219.585745][T12158] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  219.628787][T12169] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3159'.
[  219.637879][T12169] netlink: 152 bytes leftover after parsing attributes in process `syz.1.3159'.
[  219.704687][T11472] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.844623][T12178] loop3: detected capacity change from 0 to 512
[  219.902669][T12178] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  219.932546][T12178] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  219.979013][T11472] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.026609][T12182] loop3: detected capacity change from 0 to 1024
[  220.057995][T12182] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.144189][T11472] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.325339][T12191] loop2: detected capacity change from 0 to 164
[  220.333257][T12191] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  220.366773][T12197] loop3: detected capacity change from 0 to 1024
[  220.395400][T12197] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.428236][T11472] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.464137][T12208] loop3: detected capacity change from 0 to 1024
[  220.482456][T12208] EXT4-fs: Ignoring removed orlov option
[  220.491919][T12208] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.572925][T12213] @: renamed from vlan0 (while UP)
[  220.652802][T12220] netlink: 'syz.4.3177': attribute type 1 has an invalid length.
[  221.065138][T12231] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  221.069191][T12239] loop2: detected capacity change from 0 to 164
[  221.073729][T12231] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  221.132034][T12231] tipc: Started in network mode
[  221.136953][T12231] tipc: Node identity ac14140f, cluster identity 4711
[  221.144916][T12231] tipc: New replicast peer: 10.1.1.2
[  221.150302][T12231] tipc: Enabled bearer <udp:syz0>, priority 10
[  221.187336][T12243] random: crng reseeded on system resumption
[  221.190892][T12245] netlink: 'syz.2.3188': attribute type 1 has an invalid length.
[  221.270482][T12250] loop2: detected capacity change from 0 to 128
[  221.332842][T12254] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3192'.
[  221.422453][T11472] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.509946][T12273] 9pnet_fd: Insufficient options for proto=fd
[  221.547395][T12276] loop3: detected capacity change from 0 to 512
[  221.561437][T12276] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  221.585710][T12276] EXT4-fs (loop3): 1 truncate cleaned up
[  221.592803][T12276] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.619434][T12276] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  221.635199][T12276] EXT4-fs (loop3): Remounting filesystem read-only
[  221.642232][T12276] EXT4-fs warning (device loop3): ext4_evict_inode:279: xattr delete (err -30)
[  221.661980][T11472] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.690159][T12284] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3204'.
[  221.707225][T12286] netlink: 'syz.3.3203': attribute type 1 has an invalid length.
[  221.715202][T12286] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3203'.
[  221.761105][T12292] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3206'.
[  221.795731][T12284] loop0: detected capacity change from 0 to 1024
[  221.812699][T12284] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  221.834257][T12284] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  221.834453][T12284] EXT4-fs (loop0): orphan cleanup on readonly fs
[  221.835221][T12284] EXT4-fs error (device loop0): ext4_map_blocks:709: inode #3: block 3: comm syz.0.3204: lblock 3 mapped to illegal pblock 3 (length 1)
[  221.835403][T12284] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.3204: Failed to acquire dquot type 0
[  221.835623][T12284] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 3: comm syz.0.3204: lblock 3 mapped to illegal pblock 3 (length 1)
[  221.835896][T12284] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.3204: Failed to acquire dquot type 0
[  221.836066][T12284] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.3204: Freeing blocks not in datazone - block = 0, count = 4096
[  221.836300][T12284] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 3: comm syz.0.3204: lblock 3 mapped to illegal pblock 3 (length 1)
[  221.836415][T12284] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.3204: Failed to acquire dquot type 0
[  221.836515][T12284] EXT4-fs (loop0): 1 orphan inode deleted
[  221.841310][T12284] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  221.868959][T11633] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.909326][T12303] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3211'.
[  221.965377][T12309] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3213'.
[  222.124614][T12321] loop2: detected capacity change from 0 to 512
[  222.423444][   T10] tipc: Node number set to 2886997007
[  222.630222][T12332] chnl_net:caif_netlink_parms(): no params data found
[  222.680259][T12332] bridge0: port 1(bridge_slave_0) entered blocking state
[  222.687431][T12332] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.697497][T12332] bridge_slave_0: entered allmulticast mode
[  222.703957][T12332] bridge_slave_0: entered promiscuous mode
[  222.710889][T12332] bridge0: port 2(bridge_slave_1) entered blocking state
[  222.717973][T12332] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.726364][T12332] bridge_slave_1: entered allmulticast mode
[  222.730201][T12339] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  222.734177][T12332] bridge_slave_1: entered promiscuous mode
[  222.741698][T12339] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  222.783641][T12332] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  222.792835][T12339] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  222.801808][T12332] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  222.866323][T12332] team0: Port device team_slave_0 added
[  222.880273][T12332] team0: Port device team_slave_1 added
[  222.890562][T12367] loop3: detected capacity change from 0 to 1024
[  222.897477][T12367] EXT4-fs: Ignoring removed orlov option
[  222.905268][T12332] batman_adv: batadv0: Adding interface: batadv_slave_0
[  222.905365][T12367] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.912265][T12332] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  222.950815][T12332] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  222.966282][T12370] loop0: detected capacity change from 0 to 512
[  222.973590][T12332] batman_adv: batadv0: Adding interface: batadv_slave_1
[  222.980563][T12332] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  223.006565][T12332] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  223.021404][T12370] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  223.040550][T12332] hsr_slave_0: entered promiscuous mode
[  223.046758][T12332] hsr_slave_1: entered promiscuous mode
[  223.061802][T12370] EXT4-fs (loop0): 1 truncate cleaned up
[  223.075514][T12370] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.125282][T12370] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  223.140309][T12370] EXT4-fs (loop0): Remounting filesystem read-only
[  223.147757][T12332] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.157754][T12370] EXT4-fs warning (device loop0): ext4_evict_inode:279: xattr delete (err -30)
[  223.183755][T11633] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.213092][T12332] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.262387][T12332] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.315760][T12332] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.398413][T12332] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  223.416784][T12332] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  223.459007][T12332] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  223.476023][T12332] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  223.508885][T12332] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.516043][T12332] bridge0: port 2(bridge_slave_1) entered forwarding state
[  223.523495][T12332] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.530552][T12332] bridge0: port 1(bridge_slave_0) entered forwarding state
[  223.554978][T10530] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.563785][T10530] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.703277][T12390] loop0: detected capacity change from 0 to 512
[  223.840844][   T29] kauditd_printk_skb: 561 callbacks suppressed
[  223.840863][   T29] audit: type=1326 audit(1747514341.281:256598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12394 comm="syz.2.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f807f74e969 code=0x7ffc0000
[  223.870798][   T29] audit: type=1326 audit(1747514341.281:256599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12394 comm="syz.2.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f807f74e969 code=0x7ffc0000
[  223.917280][T12395] loop2: detected capacity change from 0 to 1024
[  223.930884][T11472] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.940871][   T29] audit: type=1326 audit(1747514341.351:256600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12394 comm="syz.2.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f807f74e969 code=0x7ffc0000
[  223.953982][T12390] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  223.964617][   T29] audit: type=1326 audit(1747514341.351:256601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12394 comm="syz.2.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f807f74e969 code=0x7ffc0000
[  223.964656][   T29] audit: type=1326 audit(1747514341.351:256602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12394 comm="syz.2.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f807f74e969 code=0x7ffc0000
[  223.964689][   T29] audit: type=1326 audit(1747514341.351:256603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12394 comm="syz.2.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f807f74e969 code=0x7ffc0000
[  223.974510][T12390] EXT4-fs (loop0): 1 truncate cleaned up
[  223.996613][   T29] audit: type=1326 audit(1747514341.351:256604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12394 comm="syz.2.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f807f74e969 code=0x7ffc0000
[  223.996653][   T29] audit: type=1326 audit(1747514341.351:256605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12394 comm="syz.2.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f807f74e9a3 code=0x7ffc0000
[  223.996782][   T29] audit: type=1326 audit(1747514341.351:256606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12394 comm="syz.2.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f807f74d41f code=0x7ffc0000
[  223.996833][   T29] audit: type=1326 audit(1747514341.361:256607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12394 comm="syz.2.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f807f74e9f7 code=0x7ffc0000
[  224.144973][T12390] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.186754][T12400] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3236'.
[  224.217152][T12332] 8021q: adding VLAN 0 to HW filter on device bond0
[  224.239322][T12332] 8021q: adding VLAN 0 to HW filter on device team0
[  224.249655][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[  224.256940][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[  224.298724][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[  224.305957][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[  224.315915][T11633] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.329454][T12407] loop2: detected capacity change from 0 to 164
[  224.359554][T12332] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  224.383647][T12416] loop2: detected capacity change from 0 to 256
[  224.411751][T12414] loop0: detected capacity change from 0 to 128
[  224.426030][T12414] FAT-fs (loop0): Directory bread(block 162) failed
[  224.434139][T12414] FAT-fs (loop0): Directory bread(block 163) failed
[  224.449487][T12414] FAT-fs (loop0): Directory bread(block 164) failed
[  224.464367][T12414] FAT-fs (loop0): Directory bread(block 165) failed
[  224.486764][T12332] 8021q: adding VLAN 0 to HW filter on device batadv0
[  224.494334][T12414] FAT-fs (loop0): Directory bread(block 166) failed
[  224.504258][T12414] FAT-fs (loop0): Directory bread(block 167) failed
[  224.511446][T12414] FAT-fs (loop0): Directory bread(block 168) failed
[  224.518404][T12414] FAT-fs (loop0): Directory bread(block 169) failed
[  224.537544][T12409] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  224.550828][T12409] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  224.587022][T12414] FAT-fs (loop0): Directory bread(block 162) failed
[  224.618363][T12409] tipc: Started in network mode
[  224.623347][T12409] tipc: Node identity ac14140f, cluster identity 4711
[  224.630341][T12414] FAT-fs (loop0): Directory bread(block 163) failed
[  224.637175][T12409] tipc: New replicast peer: 10.1.1.2
[  224.642582][T12409] tipc: Enabled bearer <udp:syz0>, priority 10
[  224.646453][T12433] SELinux:  policydb magic number 0x6c65732f does not match expected magic number 0xf97cff8c
[  224.655322][T12414] syz.0.3240: attempt to access beyond end of device
[  224.655322][T12414] loop0: rw=3, sector=226, nr_sectors = 6 limit=128
[  224.673290][T12414] syz.0.3240: attempt to access beyond end of device
[  224.673290][T12414] loop0: rw=2051, sector=232, nr_sectors = 2 limit=128
[  224.678999][T12433] SELinux: failed to load policy
[  224.721299][T12431] loop2: detected capacity change from 0 to 128
[  224.745879][T12431] netlink: 256 bytes leftover after parsing attributes in process `syz.2.3245'.
[  224.755156][T12438] 9pnet: Could not find request transport: 
[  224.818664][T12332] veth0_vlan: entered promiscuous mode
[  224.829036][T12332] veth1_vlan: entered promiscuous mode
[  224.846041][T12332] veth0_macvtap: entered promiscuous mode
[  224.855936][T12332] veth1_macvtap: entered promiscuous mode
[  224.868297][T12332] batman_adv: batadv0: Interface activated: batadv_slave_0
[  224.882481][T12332] batman_adv: batadv0: Interface activated: batadv_slave_1
[  224.894932][T12332] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  224.903697][T12332] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  224.912548][T12332] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  224.921430][T12332] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  225.014389][T12458] FAULT_INJECTION: forcing a failure.
[  225.014389][T12458] name failslab, interval 1, probability 0, space 0, times 0
[  225.027264][T12458] CPU: 1 UID: 0 PID: 12458 Comm: syz.4.3217 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  225.027299][T12458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  225.027315][T12458] Call Trace:
[  225.027322][T12458]  <TASK>
[  225.027332][T12458]  __dump_stack+0x1d/0x30
[  225.027358][T12458]  dump_stack_lvl+0xe8/0x140
[  225.027382][T12458]  dump_stack+0x15/0x1b
[  225.027465][T12458]  should_fail_ex+0x265/0x280
[  225.027497][T12458]  should_failslab+0x8c/0xb0
[  225.027568][T12458]  kmem_cache_alloc_node_noprof+0x57/0x320
[  225.027595][T12458]  ? __alloc_skb+0x101/0x320
[  225.027630][T12458]  __alloc_skb+0x101/0x320
[  225.027708][T12458]  netlink_alloc_large_skb+0xba/0xf0
[  225.027739][T12458]  netlink_sendmsg+0x3cf/0x6b0
[  225.027761][T12458]  ? __pfx_netlink_sendmsg+0x10/0x10
[  225.027823][T12458]  __sock_sendmsg+0x145/0x180
[  225.027855][T12458]  ____sys_sendmsg+0x31e/0x4e0
[  225.027878][T12458]  ___sys_sendmsg+0x17b/0x1d0
[  225.027942][T12458]  __x64_sys_sendmsg+0xd4/0x160
[  225.027967][T12458]  x64_sys_call+0x2999/0x2fb0
[  225.027994][T12458]  do_syscall_64+0xd0/0x1a0
[  225.028024][T12458]  ? clear_bhb_loop+0x40/0x90
[  225.028115][T12458]  ? clear_bhb_loop+0x40/0x90
[  225.028158][T12458]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.028218][T12458] RIP: 0033:0x7fd0c966e969
[  225.028280][T12458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  225.028299][T12458] RSP: 002b:00007fd0c7cd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  225.028318][T12458] RAX: ffffffffffffffda RBX: 00007fd0c9895fa0 RCX: 00007fd0c966e969
[  225.028353][T12458] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000006
[  225.028368][T12458] RBP: 00007fd0c7cd7090 R08: 0000000000000000 R09: 0000000000000000
[  225.028384][T12458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  225.028400][T12458] R13: 0000000000000000 R14: 00007fd0c9895fa0 R15: 00007ffeada68e68
[  225.028424][T12458]  </TASK>
[  225.272737][T12464] loop0: detected capacity change from 0 to 128
[  225.304756][T12464] FAT-fs (loop0): Directory bread(block 162) failed
[  225.311598][T12464] FAT-fs (loop0): Directory bread(block 163) failed
[  225.318589][T12464] FAT-fs (loop0): Directory bread(block 164) failed
[  225.319639][T12468] loop2: detected capacity change from 0 to 256
[  225.327722][T12464] FAT-fs (loop0): Directory bread(block 165) failed
[  225.338695][T12464] FAT-fs (loop0): Directory bread(block 166) failed
[  225.345943][T12464] FAT-fs (loop0): Directory bread(block 167) failed
[  225.353430][T12464] FAT-fs (loop0): Directory bread(block 168) failed
[  225.360368][T12464] FAT-fs (loop0): Directory bread(block 169) failed
[  225.370333][T12464] FAT-fs (loop0): Directory bread(block 162) failed
[  225.377867][T12462] netlink: 'syz.1.3254': attribute type 1 has an invalid length.
[  225.385680][T12462] netlink: 228 bytes leftover after parsing attributes in process `syz.1.3254'.
[  225.395110][T12464] FAT-fs (loop0): Directory bread(block 163) failed
[  225.402208][T12464] syz.0.3255: attempt to access beyond end of device
[  225.402208][T12464] loop0: rw=3, sector=226, nr_sectors = 6 limit=128
[  225.430530][T12464] syz.0.3255: attempt to access beyond end of device
[  225.430530][T12464] loop0: rw=2051, sector=232, nr_sectors = 2 limit=128
[  225.500084][T12470] 9pnet: Could not find request transport: 
[  225.537546][T12482] netlink: 'syz.3.3261': attribute type 1 has an invalid length.
[  225.621322][T12493] loop3: detected capacity change from 0 to 1024
[  225.628527][T12493] EXT4-fs: Ignoring removed oldalloc option
[  225.634507][T12493] EXT4-fs: Ignoring removed bh option
[  225.650754][ T3393] tipc: Node number set to 2886997007
[  225.662944][T12493] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  225.673921][T12493] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  225.689196][T12493] JBD2: no valid journal superblock found
[  225.695123][T12493] EXT4-fs (loop3): Could not load journal inode
[  225.733893][T12507] 9pnet_fd: Insufficient options for proto=fd
[  225.856212][T12520] netlink: 'syz.2.3275': attribute type 1 has an invalid length.
[  225.883977][T12518] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3273'.
[  225.893621][T12503] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  225.904069][T12503] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  225.934846][T12503] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  225.966188][T12529] loop3: detected capacity change from 0 to 164
[  226.078262][T12546] netlink: 'syz.3.3287': attribute type 1 has an invalid length.
[  226.156450][T12551] loop3: detected capacity change from 0 to 1024
[  226.163680][T12551] EXT4-fs: Ignoring removed oldalloc option
[  226.169624][T12551] EXT4-fs: Ignoring removed bh option
[  226.176876][T12551] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  226.187869][T12551] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  226.199827][T12551] JBD2: no valid journal superblock found
[  226.205646][T12551] EXT4-fs (loop3): Could not load journal inode
[  226.320408][T12566] loop2: detected capacity change from 0 to 1024
[  226.376988][T12571] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3298'.
[  226.408052][T12575] netlink: 'syz.2.3300': attribute type 1 has an invalid length.
[  226.449535][T12581] loop0: detected capacity change from 0 to 128
[  226.450852][T12579] loop2: detected capacity change from 0 to 2048
[  226.458185][T12581] FAT-fs (loop0): Directory bread(block 162) failed
[  226.472320][T12581] FAT-fs (loop0): Directory bread(block 163) failed
[  226.479102][T12581] FAT-fs (loop0): Directory bread(block 164) failed
[  226.487123][T12581] FAT-fs (loop0): Directory bread(block 165) failed
[  226.497359][T12581] FAT-fs (loop0): Directory bread(block 166) failed
[  226.505172][T12581] FAT-fs (loop0): Directory bread(block 167) failed
[  226.512390][T12581] FAT-fs (loop0): Directory bread(block 168) failed
[  226.519163][T12581] FAT-fs (loop0): Directory bread(block 169) failed
[  226.529022][T12581] FAT-fs (loop0): Directory bread(block 162) failed
[  226.536107][T12581] FAT-fs (loop0): Directory bread(block 163) failed
[  226.544329][T12581] syz.0.3303: attempt to access beyond end of device
[  226.544329][T12581] loop0: rw=3, sector=226, nr_sectors = 6 limit=128
[  226.558030][T12581] syz.0.3303: attempt to access beyond end of device
[  226.558030][T12581] loop0: rw=2051, sector=232, nr_sectors = 2 limit=128
[  226.734314][T12591] loop0: detected capacity change from 0 to 1024
[  227.161581][T12615] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  227.170979][T12615] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  227.210078][T12615] tipc: Started in network mode
[  227.215020][T12615] tipc: Node identity ac14140f, cluster identity 4711
[  227.223562][T12615] tipc: New replicast peer: 10.1.1.2
[  227.228923][T12615] tipc: Enabled bearer <udp:syz0>, priority 10
[  227.300350][T12627] loop3: detected capacity change from 0 to 256
[  227.440801][T12634] loop3: detected capacity change from 0 to 1024
[  227.500404][T12639] dccp_close: ABORT with 20 bytes unread
[  227.509905][T12642] loop3: detected capacity change from 0 to 512
[  227.518027][T12642] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  227.540130][T12642] EXT4-fs (loop3): 1 truncate cleaned up
[  227.559528][T12650] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3329'.
[  227.562847][T12642] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  227.585389][T12642] EXT4-fs (loop3): Remounting filesystem read-only
[  227.593088][T12642] EXT4-fs warning (device loop3): ext4_evict_inode:279: xattr delete (err -30)
[  227.703769][T12663] SELinux:  policydb magic number 0x18 does not match expected magic number 0xf97cff8c
[  227.705096][T12661] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  227.722362][T12661] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  227.727148][T12663] SELinux: failed to load policy
[  227.731236][T12661] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  227.745007][T12661] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  227.773165][T12663] netlink: 'syz.2.3334': attribute type 4 has an invalid length.
[  227.866172][T12670] loop0: detected capacity change from 0 to 256
[  227.967723][T12679] loop3: detected capacity change from 0 to 1024
[  228.360755][ T3393] tipc: Node number set to 2886997007
[  228.594533][T12698] netlink: 'syz.3.3349': attribute type 4 has an invalid length.
[  228.645516][T12704] loop4: detected capacity change from 0 to 512
[  228.652809][T12704] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  228.664368][T12704] EXT4-fs (loop4): 1 truncate cleaned up
[  228.681862][T12704] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  228.701524][T12704] EXT4-fs (loop4): Remounting filesystem read-only
[  228.708156][T12704] EXT4-fs warning (device loop4): ext4_evict_inode:279: xattr delete (err -30)
[  228.755222][T12711] loop0: detected capacity change from 0 to 256
[  228.761981][T12713] netlink: 'syz.3.3355': attribute type 1 has an invalid length.
[  228.788066][T12711] FAT-fs (loop0): Directory bread(block 64) failed
[  228.794703][T12711] FAT-fs (loop0): Directory bread(block 65) failed
[  228.801587][T12711] FAT-fs (loop0): Directory bread(block 66) failed
[  228.808598][T12711] FAT-fs (loop0): Directory bread(block 67) failed
[  228.827759][   T31] dummy0: left allmulticast mode
[  228.833408][   T31] bridge0: port 3(dummy0) entered disabled state
[  228.841808][T12711] FAT-fs (loop0): Directory bread(block 68) failed
[  228.848480][T12711] FAT-fs (loop0): Directory bread(block 69) failed
[  228.855099][T12711] FAT-fs (loop0): Directory bread(block 70) failed
[  228.862133][T12711] FAT-fs (loop0): Directory bread(block 71) failed
[  228.865690][   T31] bridge_slave_1: left allmulticast mode
[  228.868774][T12711] FAT-fs (loop0): Directory bread(block 72) failed
[  228.874510][   T31] bridge_slave_1: left promiscuous mode
[  228.881074][T12711] FAT-fs (loop0): Directory bread(block 73) failed
[  228.886614][   T31] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.900443][   T29] kauditd_printk_skb: 748 callbacks suppressed
[  228.900458][   T29] audit: type=1326 audit(1747514346.341:257356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12710 comm="syz.0.3354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc674b5d2d0 code=0x7ffc0000
[  228.930600][   T29] audit: type=1326 audit(1747514346.341:257357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12710 comm="syz.0.3354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7fc674b5d6b7 code=0x7ffc0000
[  228.954404][   T29] audit: type=1326 audit(1747514346.341:257358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12710 comm="syz.0.3354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc674b5d2d0 code=0x7ffc0000
[  228.978083][   T29] audit: type=1326 audit(1747514346.341:257359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12710 comm="syz.0.3354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  229.001818][   T29] audit: type=1326 audit(1747514346.341:257360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12710 comm="syz.0.3354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  229.033168][T12727] loop4: detected capacity change from 0 to 128
[  229.040467][T12727] FAT-fs (loop4): bogus sectors per cluster 0
[  229.046702][T12727] FAT-fs (loop4): Can't find a valid FAT filesystem
[  229.057300][   T29] audit: type=1326 audit(1747514346.451:257361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12710 comm="syz.0.3354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  229.080985][   T29] audit: type=1326 audit(1747514346.451:257362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12710 comm="syz.0.3354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  229.104832][   T29] audit: type=1326 audit(1747514346.451:257363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12710 comm="syz.0.3354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  229.128757][   T29] audit: type=1326 audit(1747514346.451:257364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12710 comm="syz.0.3354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  229.152481][   T29] audit: type=1326 audit(1747514346.451:257365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12710 comm="syz.0.3354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  229.159506][T12737] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3373'.
[  229.234139][T12739] 9pnet: Could not find request transport: 
[  229.257772][T12744] nfs4: Bad value for 'source'
[  229.286267][T12742] loop4: detected capacity change from 0 to 2048
[  229.312659][T12742] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  229.326329][   T31] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  229.336527][   T31] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  229.346366][   T31] bond0 (unregistering): Released all slaves
[  229.357078][T12725] netlink: 'syz.2.3361': attribute type 4 has an invalid length.
[  229.394092][   T31] tipc: Disabling bearer <udp:syz0>
[  229.399391][   T31] tipc: Left network mode
[  229.467170][   T31] batman_adv: batadv0: Removing interface: batadv_slave_0
[  229.485218][T12753] loop2: detected capacity change from 0 to 256
[  229.510870][T12762] loop0: detected capacity change from 0 to 512
[  229.518986][T12755] netlink: 'syz.3.3370': attribute type 10 has an invalid length.
[  229.526894][T12755] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3370'.
[  229.536521][T12762] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  229.548514][   T31] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  229.555266][T12762] EXT4-fs (loop0): 1 truncate cleaned up
[  229.556019][   T31] batman_adv: batadv0: Removing interface: batadv_slave_1
[  229.580289][T12762] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  229.598778][   T31] veth0_macvtap: left promiscuous mode
[  229.604576][T12762] EXT4-fs (loop0): Remounting filesystem read-only
[  229.614070][   T31] veth1_vlan: left promiscuous mode
[  229.619384][T12762] EXT4-fs warning (device loop0): ext4_evict_inode:279: xattr delete (err -30)
[  229.632583][   T31] veth0_vlan: left promiscuous mode
[  229.692135][T12770] loop0: detected capacity change from 0 to 164
[  229.732730][   T31] team0 (unregistering): Port device team_slave_1 removed
[  229.758650][   T31] team0 (unregistering): Port device team_slave_0 removed
[  229.795663][T12772] loop0: detected capacity change from 0 to 2048
[  229.841962][T12772] ext4 filesystem being mounted at /70/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  229.861962][T12755] team0: Failed to send port change of device geneve1 via netlink (err -105)
[  229.871034][T12755] team0: Failed to send options change via netlink (err -105)
[  229.878532][T12755] team0: Port device geneve1 added
[  229.935510][   T51] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 345: padding at end of block bitmap is not set
[  229.970960][   T37] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 345: padding at end of block bitmap is not set
[  230.019421][T12596] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set
[  230.047249][   T37] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 127 with error 117
[  230.059915][   T37] EXT4-fs (loop0): This should not happen!! Data will be lost
[  230.059915][   T37] 
[  230.071530][   T51] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 687 with error 117
[  230.084125][   T51] EXT4-fs (loop4): This should not happen!! Data will be lost
[  230.084125][   T51] 
[  230.097292][T12776] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  230.137600][T12776] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  230.159344][T12776] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  230.190434][T10530] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 143 with max blocks 1 with error 117
[  230.203101][T10530] EXT4-fs (loop0): This should not happen!! Data will be lost
[  230.203101][T10530] 
[  230.255865][T12793] netlink: 'syz.1.3381': attribute type 4 has an invalid length.
[  230.284576][   T31] IPVS: stop unused estimator thread 0...
[  230.555244][T12808] dccp_close: ABORT with 20 bytes unread
[  230.593725][T12812] netlink: 'syz.3.3388': attribute type 1 has an invalid length.
[  230.967412][T12835] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3399'.
[  230.972317][T12833] SELinux: failed to load policy
[  231.023232][T12833] netlink: 'syz.0.3395': attribute type 4 has an invalid length.
[  231.385128][T12844] loop2: detected capacity change from 0 to 512
[  231.492325][T12842] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  231.545663][T12842] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  231.610244][T12854] loop2: detected capacity change from 0 to 512
[  231.719429][T12854] EXT4-fs: Ignoring removed nobh option
[  231.738041][T12858] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  232.082077][T12869] loop2: detected capacity change from 0 to 164
[  232.326306][T12875] netlink: 'syz.2.3415': attribute type 1 has an invalid length.
[  232.510967][T12885] loop3: detected capacity change from 0 to 128
[  232.548859][T12885] FAT-fs (loop3): Directory bread(block 162) failed
[  232.570012][T12885] FAT-fs (loop3): Directory bread(block 163) failed
[  232.593260][T12885] FAT-fs (loop3): Directory bread(block 164) failed
[  232.620839][T12885] FAT-fs (loop3): Directory bread(block 165) failed
[  232.623986][T12892] loop4: detected capacity change from 0 to 164
[  232.643981][T12885] FAT-fs (loop3): Directory bread(block 166) failed
[  232.672908][T12885] FAT-fs (loop3): Directory bread(block 167) failed
[  232.688519][T12885] FAT-fs (loop3): Directory bread(block 168) failed
[  232.695295][T12885] FAT-fs (loop3): Directory bread(block 169) failed
[  232.721357][T12885] FAT-fs (loop3): Directory bread(block 162) failed
[  232.728292][T12885] FAT-fs (loop3): Directory bread(block 163) failed
[  232.742991][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  232.750438][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  232.757983][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  232.768873][T12885] syz.3.3419: attempt to access beyond end of device
[  232.768873][T12885] loop3: rw=3, sector=226, nr_sectors = 6 limit=128
[  232.786660][T12895] loop4: detected capacity change from 0 to 1024
[  232.793206][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  232.793230][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  232.793251][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  232.793279][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  232.822902][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  232.830302][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  232.837739][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  232.845173][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  232.852711][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  232.860193][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  232.867624][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  232.875418][T12885] syz.3.3419: attempt to access beyond end of device
[  232.875418][T12885] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128
[  232.972978][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  232.980440][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  232.987920][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  232.995365][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  233.002830][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  233.003072][T12906] loop4: detected capacity change from 0 to 1024
[  233.010220][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  233.010249][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  233.031583][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  233.039033][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  233.046488][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  233.053929][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  233.061367][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  233.068761][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  233.076210][ T3395] hid-generic 0000:0003:0000.0001: unknown main item tag 0x0
[  233.090838][ T3395] hid-generic 0000:0003:0000.0001: hidraw0: <UNKNOWN> HID vffffff.fc Device [syz0] on syz0
[  233.129466][T12912] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3428'.
[  233.284291][T12908] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  233.293482][T12908] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  233.350934][T12908] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  233.353039][T12928] loop4: detected capacity change from 0 to 256
[  233.359868][T12929] loop0: detected capacity change from 0 to 128
[  233.378888][T12928] FAT-fs (loop4): Directory bread(block 64) failed
[  233.385904][T12929] FAT-fs (loop0): Directory bread(block 162) failed
[  233.392574][T12928] FAT-fs (loop4): Directory bread(block 65) failed
[  233.399187][T12929] FAT-fs (loop0): Directory bread(block 163) failed
[  233.407565][T12928] FAT-fs (loop4): Directory bread(block 66) failed
[  233.414157][T12928] FAT-fs (loop4): Directory bread(block 67) failed
[  233.421672][T12929] FAT-fs (loop0): Directory bread(block 164) failed
[  233.428496][T12928] FAT-fs (loop4): Directory bread(block 68) failed
[  233.435077][T12929] FAT-fs (loop0): Directory bread(block 165) failed
[  233.442910][T12928] FAT-fs (loop4): Directory bread(block 69) failed
[  233.449545][T12929] FAT-fs (loop0): Directory bread(block 166) failed
[  233.456463][T12928] FAT-fs (loop4): Directory bread(block 70) failed
[  233.463106][T12928] FAT-fs (loop4): Directory bread(block 71) failed
[  233.469695][T12929] FAT-fs (loop0): Directory bread(block 167) failed
[  233.476540][T12928] FAT-fs (loop4): Directory bread(block 72) failed
[  233.483130][T12929] FAT-fs (loop0): Directory bread(block 168) failed
[  233.489844][T12928] FAT-fs (loop4): Directory bread(block 73) failed
[  233.496436][T12929] FAT-fs (loop0): Directory bread(block 169) failed
[  233.506546][T12929] FAT-fs (loop0): Directory bread(block 162) failed
[  233.513538][T12929] FAT-fs (loop0): Directory bread(block 163) failed
[  233.533842][T12929] syz.0.3436: attempt to access beyond end of device
[  233.533842][T12929] loop0: rw=3, sector=226, nr_sectors = 6 limit=128
[  233.547133][T12929] syz.0.3436: attempt to access beyond end of device
[  233.547133][T12929] loop0: rw=2051, sector=232, nr_sectors = 2 limit=128
[  233.604464][T12934] loop0: detected capacity change from 0 to 1024
[  233.615955][T12932] loop4: detected capacity change from 0 to 1024
[  233.624542][T12932] EXT4-fs: Ignoring removed oldalloc option
[  233.630467][T12932] EXT4-fs: Ignoring removed bh option
[  233.636383][T12932] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  233.647387][T12932] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  233.658060][T12932] JBD2: no valid journal superblock found
[  233.663920][T12932] EXT4-fs (loop4): Could not load journal inode
[  233.689769][T12938] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3439'.
[  233.760579][T12947] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3443'.
[  233.782515][T12950] loop0: detected capacity change from 0 to 1024
[  233.789123][T12950] EXT4-fs: Ignoring removed orlov option
[  233.900048][T12957] IPVS: set_ctl: invalid protocol: 98 127.0.0.1:20004
[  233.976537][   T29] kauditd_printk_skb: 363 callbacks suppressed
[  233.976556][   T29] audit: type=1326 audit(1747514351.421:257729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12962 comm="syz.3.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fe619e969 code=0x7ffc0000
[  234.006766][   T29] audit: type=1326 audit(1747514351.431:257730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12962 comm="syz.3.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8fe619e969 code=0x7ffc0000
[  234.030595][   T29] audit: type=1326 audit(1747514351.431:257731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12962 comm="syz.3.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fe619e969 code=0x7ffc0000
[  234.054492][   T29] audit: type=1326 audit(1747514351.431:257732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12962 comm="syz.3.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f8fe619e969 code=0x7ffc0000
[  234.078200][   T29] audit: type=1326 audit(1747514351.431:257733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12962 comm="syz.3.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8fe6195927 code=0x7ffc0000
[  234.101867][   T29] audit: type=1326 audit(1747514351.431:257734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12962 comm="syz.3.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8fe613ab39 code=0x7ffc0000
[  234.125909][   T29] audit: type=1326 audit(1747514351.431:257735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12962 comm="syz.3.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fe619e969 code=0x7ffc0000
[  234.149757][   T29] audit: type=1326 audit(1747514351.431:257736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12962 comm="syz.3.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fe619e969 code=0x7ffc0000
[  234.173532][   T29] audit: type=1326 audit(1747514351.431:257737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12962 comm="syz.3.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8fe6195927 code=0x7ffc0000
[  234.197164][   T29] audit: type=1326 audit(1747514351.431:257738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12962 comm="syz.3.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8fe613ab39 code=0x7ffc0000
[  234.264391][T12970] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3450'.
[  234.329521][T12976] loop3: detected capacity change from 0 to 1024
[  234.336253][T12976] EXT4-fs: Ignoring removed oldalloc option
[  234.342207][T12976] EXT4-fs: Ignoring removed bh option
[  234.355284][T12976] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  234.366359][T12976] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  234.384773][T12979] netlink: 'syz.2.3454': attribute type 10 has an invalid length.
[  234.392758][T12979] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3454'.
[  234.402872][T12976] JBD2: no valid journal superblock found
[  234.406554][T12979] team0: Failed to send port change of device geneve1 via netlink (err -105)
[  234.408643][T12976] EXT4-fs (loop3): Could not load journal inode
[  234.417730][T12979] team0: Failed to send options change via netlink (err -105)
[  234.431175][T12979] team0: Port device geneve1 added
[  234.963582][T12986] loop2: detected capacity change from 0 to 1024
[  234.969523][T12988] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3457'.
[  235.022074][T12994] loop3: detected capacity change from 0 to 256
[  235.043049][T12998] loop4: detected capacity change from 0 to 512
[  235.050252][T12998] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  235.051685][T12997] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3460'.
[  235.064154][T12998] EXT4-fs (loop4): 1 truncate cleaned up
[  235.084991][T12998] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  235.106975][T12998] EXT4-fs (loop4): Remounting filesystem read-only
[  235.113568][T12998] EXT4-fs warning (device loop4): ext4_evict_inode:279: xattr delete (err -30)
[  235.225233][T13008] loop4: detected capacity change from 0 to 512
[  235.244523][T13008] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  235.282670][T13008] EXT4-fs (loop4): 1 truncate cleaned up
[  235.313768][T13025] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3472'.
[  235.352733][T13008] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  235.368714][T13008] EXT4-fs (loop4): Remounting filesystem read-only
[  235.376299][T13008] EXT4-fs warning (device loop4): ext4_evict_inode:279: xattr delete (err -30)
[  235.670822][T13045] loop0: detected capacity change from 0 to 512
[  235.774818][T13045] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  235.784955][T13045] EXT4-fs (loop0): 1 truncate cleaned up
[  236.026497][T13057] loop4: detected capacity change from 0 to 1024
[  236.034772][T13057] EXT4-fs: Ignoring removed orlov option
[  236.136575][T13067] loop3: detected capacity change from 0 to 128
[  236.222941][T13067] FAT-fs (loop3): Directory bread(block 162) failed
[  236.229573][T13067] FAT-fs (loop3): Directory bread(block 163) failed
[  236.342817][T13067] FAT-fs (loop3): Directory bread(block 164) failed
[  236.381390][T13070] loop0: detected capacity change from 0 to 1024
[  236.388152][T13070] EXT4-fs: Ignoring removed oldalloc option
[  236.394114][T13070] EXT4-fs: Ignoring removed bh option
[  236.399949][T13067] FAT-fs (loop3): Directory bread(block 165) failed
[  236.406697][T13070] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  236.417702][T13070] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  236.427403][T13067] FAT-fs (loop3): Directory bread(block 166) failed
[  236.435490][T13070] JBD2: no valid journal superblock found
[  236.441280][T13070] EXT4-fs (loop0): Could not load journal inode
[  236.453364][T13067] FAT-fs (loop3): Directory bread(block 167) failed
[  236.493840][T13073] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3486'.
[  236.538319][T13067] FAT-fs (loop3): Directory bread(block 168) failed
[  236.548654][T13067] FAT-fs (loop3): Directory bread(block 169) failed
[  236.609577][T13067] FAT-fs (loop3): Directory bread(block 162) failed
[  236.616329][T13067] FAT-fs (loop3): Directory bread(block 163) failed
[  236.634533][T13067] syz.3.3484: attempt to access beyond end of device
[  236.634533][T13067] loop3: rw=3, sector=226, nr_sectors = 6 limit=128
[  236.658163][T13067] syz.3.3484: attempt to access beyond end of device
[  236.658163][T13067] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128
[  236.795240][T13094] loop0: detected capacity change from 0 to 128
[  236.822286][T13094] FAT-fs (loop0): Directory bread(block 162) failed
[  236.829046][T13094] FAT-fs (loop0): Directory bread(block 163) failed
[  236.837086][T13094] FAT-fs (loop0): Directory bread(block 164) failed
[  236.849508][T13094] FAT-fs (loop0): Directory bread(block 165) failed
[  236.913507][T13094] FAT-fs (loop0): Directory bread(block 166) failed
[  236.914363][T12332] EXT4-fs unmount: 31 callbacks suppressed
[  236.914380][T12332] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.920279][T13094] FAT-fs (loop0): Directory bread(block 167) failed
[  236.946504][T13098] loop3: detected capacity change from 0 to 1024
[  236.946779][T13094] FAT-fs (loop0): Directory bread(block 168) failed
[  236.962412][T13094] FAT-fs (loop0): Directory bread(block 169) failed
[  236.971029][T13098] EXT4-fs: Ignoring removed oldalloc option
[  236.977006][T13098] EXT4-fs: Ignoring removed bh option
[  236.987463][T13098] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  236.998477][T13098] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  237.019170][T13094] FAT-fs (loop0): Directory bread(block 162) failed
[  237.025952][T13094] FAT-fs (loop0): Directory bread(block 163) failed
[  237.034522][T13094] syz.0.3495: attempt to access beyond end of device
[  237.034522][T13094] loop0: rw=3, sector=226, nr_sectors = 6 limit=128
[  237.049113][T13103] SELinux: failed to load policy
[  237.056750][T13098] JBD2: no valid journal superblock found
[  237.062636][T13098] EXT4-fs (loop3): Could not load journal inode
[  237.064415][T13094] syz.0.3495: attempt to access beyond end of device
[  237.064415][T13094] loop0: rw=2051, sector=232, nr_sectors = 2 limit=128
[  237.072132][T13103] netlink: 'syz.1.3500': attribute type 4 has an invalid length.
[  237.115083][T13108] 9pnet: Could not find request transport: 
[  237.192266][T13120] loop2: detected capacity change from 0 to 256
[  237.213058][T13122] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3508'.
[  237.224499][T13122] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3508'.
[  237.250857][T13117] SELinux: failed to load policy
[  237.303200][T13117] netlink: 'syz.4.3506': attribute type 4 has an invalid length.
[  237.357308][T13138] loop4: detected capacity change from 0 to 1024
[  237.377553][T13142] netlink: 'syz.3.3514': attribute type 10 has an invalid length.
[  237.385517][T13142] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3514'.
[  237.396426][T13138] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.460178][T12332] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.474906][T13147] loop3: detected capacity change from 0 to 256
[  237.490255][T13147] FAT-fs (loop3): Directory bread(block 64) failed
[  237.500256][T13147] FAT-fs (loop3): Directory bread(block 65) failed
[  237.507289][T13147] FAT-fs (loop3): Directory bread(block 66) failed
[  237.513950][T13147] FAT-fs (loop3): Directory bread(block 67) failed
[  237.521178][T13147] FAT-fs (loop3): Directory bread(block 68) failed
[  237.533703][T13147] FAT-fs (loop3): Directory bread(block 69) failed
[  237.535861][T13151] 9pnet: Could not find request transport: 
[  237.556641][T13147] FAT-fs (loop3): Directory bread(block 70) failed
[  237.563480][T13147] FAT-fs (loop3): Directory bread(block 71) failed
[  237.570345][T13147] FAT-fs (loop3): Directory bread(block 72) failed
[  237.577230][T13147] FAT-fs (loop3): Directory bread(block 73) failed
[  237.665907][T13162] loop3: detected capacity change from 0 to 256
[  237.706278][T13163] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3521'.
[  237.873307][T13182] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3530'.
[  237.955897][T13187] loop3: detected capacity change from 0 to 2048
[  237.972392][T13187] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.984608][T13187] ext4 filesystem being mounted at /136/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  238.122414][   T56] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 345: padding at end of block bitmap is not set
[  238.155846][   T56] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 645 with error 117
[  238.168465][   T56] EXT4-fs (loop3): This should not happen!! Data will be lost
[  238.168465][   T56] 
[  238.257508][T13200] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  238.289048][T13197] loop2: detected capacity change from 0 to 1024
[  238.300038][T13197] EXT4-fs: Ignoring removed oldalloc option
[  238.306370][T13197] EXT4-fs: Ignoring removed bh option
[  238.324811][T13202] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3537'.
[  238.361962][T13197] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  238.373007][T13197] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  238.401201][T13197] JBD2: no valid journal superblock found
[  238.406977][T13197] EXT4-fs (loop2): Could not load journal inode
[  238.448716][T13209] loop2: detected capacity change from 0 to 256
[  238.706790][T13230] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3549'.
[  238.864973][T13187] syz.3.3532 (13187) used greatest stack depth: 6168 bytes left
[  238.895243][   T31] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 661 with max blocks 2 with error 28
[  238.907763][   T31] EXT4-fs (loop3): This should not happen!! Data will be lost
[  238.907763][   T31] 
[  238.917446][   T31] EXT4-fs (loop3): Total free blocks count 0
[  238.923449][   T31] EXT4-fs (loop3): Free/Dirty block details
[  238.929477][   T31] EXT4-fs (loop3): free_blocks=0
[  238.934448][   T31] EXT4-fs (loop3): dirty_blocks=16
[  238.939590][   T31] EXT4-fs (loop3): Block reservation details
[  238.951878][T13234] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  238.960496][T13234] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  239.016373][T13240] loop0: detected capacity change from 0 to 256
[  239.037492][T13234] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  239.166333][T13251] loop0: detected capacity change from 0 to 128
[  239.182425][T13251] FAT-fs (loop0): Directory bread(block 162) failed
[  239.189184][T13251] FAT-fs (loop0): Directory bread(block 163) failed
[  239.200634][T13251] FAT-fs (loop0): Directory bread(block 164) failed
[  239.209962][T13251] FAT-fs (loop0): Directory bread(block 165) failed
[  239.217890][T13251] FAT-fs (loop0): Directory bread(block 166) failed
[  239.226396][T13251] FAT-fs (loop0): Directory bread(block 167) failed
[  239.233204][T13251] FAT-fs (loop0): Directory bread(block 168) failed
[  239.239913][T13251] FAT-fs (loop0): Directory bread(block 169) failed
[  239.250538][T13251] FAT-fs (loop0): Directory bread(block 162) failed
[  239.257312][T13251] FAT-fs (loop0): Directory bread(block 163) failed
[  239.265752][T13251] syz.0.3558: attempt to access beyond end of device
[  239.265752][T13251] loop0: rw=3, sector=226, nr_sectors = 6 limit=128
[  239.279134][T13251] syz.0.3558: attempt to access beyond end of device
[  239.279134][T13251] loop0: rw=2051, sector=232, nr_sectors = 2 limit=128
[  239.323373][   T29] kauditd_printk_skb: 336 callbacks suppressed
[  239.323392][   T29] audit: type=1326 audit(1747514356.771:258075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13258 comm="syz.3.3561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fe619e969 code=0x7ffc0000
[  239.333173][T13261] loop0: detected capacity change from 0 to 256
[  239.361676][   T29] audit: type=1326 audit(1747514356.771:258076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13258 comm="syz.3.3561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8fe619e969 code=0x7ffc0000
[  239.385477][   T29] audit: type=1326 audit(1747514356.771:258077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13260 comm="syz.0.3562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  239.409253][   T29] audit: type=1326 audit(1747514356.771:258078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13260 comm="syz.0.3562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  239.432976][   T29] audit: type=1326 audit(1747514356.771:258079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13260 comm="syz.0.3562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  239.456835][   T29] audit: type=1326 audit(1747514356.771:258080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13260 comm="syz.0.3562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  239.480606][   T29] audit: type=1326 audit(1747514356.771:258081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13260 comm="syz.0.3562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  239.491634][T13261] FAT-fs (loop0): Directory bread(block 64) failed
[  239.504318][   T29] audit: type=1326 audit(1747514356.771:258082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13260 comm="syz.0.3562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fc674b5e969 code=0x7ffc0000
[  239.534614][   T29] audit: type=1326 audit(1747514356.771:258083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13260 comm="syz.0.3562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc674b5e9a3 code=0x7ffc0000
[  239.558217][   T29] audit: type=1326 audit(1747514356.771:258084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13260 comm="syz.0.3562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc674b5d41f code=0x7ffc0000
[  239.591664][T13259] loop3: detected capacity change from 0 to 1024
[  239.598047][T13261] FAT-fs (loop0): Directory bread(block 65) failed
[  239.610781][T13261] FAT-fs (loop0): Directory bread(block 66) failed
[  239.613863][T13259] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.617363][T13261] FAT-fs (loop0): Directory bread(block 67) failed
[  239.650900][T13261] FAT-fs (loop0): Directory bread(block 68) failed
[  239.657447][T13261] FAT-fs (loop0): Directory bread(block 69) failed
[  239.680862][T13261] FAT-fs (loop0): Directory bread(block 70) failed
[  239.693271][T13261] FAT-fs (loop0): Directory bread(block 71) failed
[  239.709321][T13265] loop4: detected capacity change from 0 to 256
[  239.718915][T13261] FAT-fs (loop0): Directory bread(block 72) failed
[  239.731221][T11472] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.742010][T13261] FAT-fs (loop0): Directory bread(block 73) failed
[  239.847060][T13275] loop4: detected capacity change from 0 to 164
[  239.952773][T13286] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  239.980880][T13294] netlink: 'syz.3.3576': attribute type 10 has an invalid length.
[  239.988744][T13294] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3576'.
[  240.022855][T13303] loop0: detected capacity change from 0 to 1024
[  240.041618][T13303] EXT4-fs: Ignoring removed orlov option
[  240.051535][T13303] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  240.076514][T13309] loop4: detected capacity change from 0 to 164
[  240.094508][T13311] loop3: detected capacity change from 0 to 256
[  240.113233][T13302] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3579'.
[  240.253294][T13327] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  240.289854][T13329] loop2: detected capacity change from 0 to 1024
[  240.337365][T13314] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  240.359188][T13314] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  240.387154][T13314] tipc: Started in network mode
[  240.392150][T13314] tipc: Node identity ac14140f, cluster identity 4711
[  240.399139][T13314] tipc: New replicast peer: 10.1.1.2
[  240.404520][T13314] tipc: Enabled bearer <udp:syz0>, priority 10
[  240.544453][T13352] loop2: detected capacity change from 0 to 128
[  240.598291][T13354] loop2: detected capacity change from 0 to 1024
[  240.607189][T13354] EXT4-fs: Ignoring removed oldalloc option
[  240.613147][T13354] EXT4-fs: Ignoring removed bh option
[  240.619178][T13354] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  240.626426][T13358] 9pnet_fd: Insufficient options for proto=fd
[  240.630166][T13354] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  240.647997][T13354] JBD2: no valid journal superblock found
[  240.653829][T13354] EXT4-fs (loop2): Could not load journal inode
[  240.679631][T13303] ==================================================================
[  240.687769][T13303] BUG: KCSAN: data-race in __filemap_remove_folio / filemap_write_and_wait_range
[  240.696917][T13303] 
[  240.699252][T13303] read-write to 0xffff888104bfa200 of 8 bytes by task 13312 on cpu 0:
[  240.707419][T13303]  __filemap_remove_folio+0x1bc/0x2a0
[  240.712840][T13303]  __remove_mapping+0x338/0x460
[  240.717732][T13303]  remove_mapping+0x22/0x90
[  240.722284][T13303]  mapping_try_invalidate+0x26a/0x3f0
[  240.727718][T13303]  invalidate_mapping_pages+0x27/0x40
[  240.733136][T13303]  ext4_file_write_iter+0xe70/0xf00
[  240.738397][T13303]  iter_file_splice_write+0x5ef/0x970
[  240.743785][T13303]  direct_splice_actor+0x156/0x2a0
[  240.748932][T13303]  splice_direct_to_actor+0x312/0x680
[  240.754317][T13303]  do_splice_direct+0xda/0x150
[  240.759107][T13303]  do_sendfile+0x380/0x640
[  240.763560][T13303]  __x64_sys_sendfile64+0x105/0x150
[  240.768804][T13303]  x64_sys_call+0xb39/0x2fb0
[  240.773415][T13303]  do_syscall_64+0xd0/0x1a0
[  240.777948][T13303]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.783871][T13303] 
[  240.786222][T13303] read to 0xffff888104bfa200 of 8 bytes by task 13303 on cpu 1:
[  240.793870][T13303]  filemap_write_and_wait_range+0x59/0x340
[  240.799725][T13303]  ext4_file_write_iter+0xe04/0xf00
[  240.804974][T13303]  iter_file_splice_write+0x5ef/0x970
[  240.810369][T13303]  direct_splice_actor+0x156/0x2a0
[  240.815504][T13303]  splice_direct_to_actor+0x312/0x680
[  240.820902][T13303]  do_splice_direct+0xda/0x150
[  240.825703][T13303]  do_sendfile+0x380/0x640
[  240.830150][T13303]  __x64_sys_sendfile64+0x105/0x150
[  240.835391][T13303]  x64_sys_call+0xb39/0x2fb0
[  240.840009][T13303]  do_syscall_64+0xd0/0x1a0
[  240.844531][T13303]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.850457][T13303] 
[  240.852792][T13303] value changed: 0x0000000000000001 -> 0x0000000000000000
[  240.859924][T13303] 
[  240.862275][T13303] Reported by Kernel Concurrency Sanitizer on:
[  240.868430][T13303] CPU: 1 UID: 0 PID: 13303 Comm: syz.0.3582 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  240.880936][T13303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  240.890998][T13303] ==================================================================
[  240.997456][T11633] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.460769][   T36] tipc: Node number set to 2886997007