last executing test programs:

1m12.482483047s ago: executing program 1 (id=10358):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, 0x0, 0x0)
open(&(0x7f0000000040)='./file2\x00', 0x181042, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val={'init_itable', 0x3d, 0x8000}}, {@nodiscard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {}, {@nobarrier}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")

1m12.221357601s ago: executing program 1 (id=10363):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x34, 0x2, 0x6, 0x401, 0x0, 0x0, {0x3, 0x0, 0x8}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x4000000)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
open_by_handle_at(r2, &(0x7f0000000240)=@reiserfs_2={0x8, 0x2, {0xb}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105042, 0x1e7)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket(0x10, 0x80002, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c230000, 0x3, 0x7ffffffe, @thr={0x0, 0x0}})
arch_prctl$ARCH_REQ_XCOMP_GUEST_PERM(0x1021, 0x400000000000f)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000001c0)={0x1, &(0x7f0000000000)=[{0x6, 0x3, 0x1, 0x7fff0001}]})
flistxattr(r5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000e80)={<r9=>0xffffffffffffffff}, 0x111, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r8, &(0x7f00000000c0)={0x13, 0x10, 0x8, {0x0, r9, 0x1}}, 0x18)
sendmsg$nl_route(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001100a7cc4a372eaf541d002007000000", @ANYRES32=r1, @ANYBLOB="00000000100000001c001a80080002802d00", @ANYRES16=r4, @ANYRES32=r4], 0x44}}, 0x0)

1m12.131330652s ago: executing program 1 (id=10366):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000100)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f00000000c0)='dctcp\x00', 0x6)
getsockopt$inet6_tcp_buf(r2, 0x6, 0x1a, 0x0, &(0x7f0000000300))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x9, 0x0, 0x7ffc0002}]})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
r6 = open(&(0x7f00000001c0)='./file1\x00', 0x20042, 0x45)
r7 = open(&(0x7f0000000200)='./file2\x00', 0x100, 0x123)
copy_file_range(r7, 0x0, r6, 0x0, 0x3df1, 0x0)
r8 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x169)
pwritev2(r8, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3)
ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f00000000c0)=<r9=>0x0)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_DEV_UP(r10, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r9], 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x8000)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$kcm(0x29, 0x2, 0x0)

1m10.125584621s ago: executing program 1 (id=10380):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x10005, r1}, 0x38)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x1208002, &(0x7f00000001c0), 0x1, 0x5df, &(0x7f0000002f80)="$eJzs3c9vFFUcAPDv2/6gpWgLMSoepIkxkCgtLWCI8QBXQxr8ES9erLQgUqChNVo0oSR4MTFejDHx5EH8L5TIlZOePHjxZEiIGo4mrpntTumP2ZaWtlOZzydZ9s28Hd6b7n73vX373mwAldWf/VOL2BsRkymiN83O57VHM7N/7nH3/v7kdHZLUa+/8WeK1NyXPz4173uaB3dFxM8/pdjTtrzcqZkr50cnJsYvN7cHpy9MDk7NXDl47sLo2fGz4xeHXxo+dvTI0WNDh9Z1XlcL9p28/v6HvZ+NvP3dN/+koe9/G0lxPF5tPnDheWyU/uhv/E3S8qyeYxtdWEnamq+ThU9xai+xQqxJ/vx1RMRT0Rttcf/J641PXyu1csCmqqeIOlBRSfxDReX9gPyz/dLPwbVSeiXAVrh7Ym4AYHn8t8+NDUZXY2xg570UC4d1UkSsb2RusV0RcfvWyPUzt0aux2rjcJ0bUCAwb/ZaRDxdFP+pEf990RV9jfivLYr/rF9wqnmf7X99neUvHSrejHF4oNhc/HetGP/RIv7fWRD/766z/P77yfe6F8V/93pPCQAAAAAAACrr5omIeLHo+//a/PyfKJj/0xMRxzeg/P4l28u//6/d2YBigAJ3T0S8Ujj/t5bP/u1ra6Yea8wH6Ehnzk2MH4qIxyPiQHTsyLaHVijj4Od7vm6V19+c/5ffsvJvN+cCNutxp33H4mPGRqdHH/a8gYi71yKeKZz/m+bb/1TQ/mfvB5MPWMae52+capW3evwDm6X+bcT+wvb//lUr0srX5xhs9AcG817Bcs9+/MUPrcpfb/y7xAQ8vKz937ly/PelhdfrmVp7GYdn2uut8tbb/+9MbzYuOZMvCfpodHr68lBEZzrZlu1dtH947XWGR1EeD3m8ZPF/4LmVx/+K+v/dETG75P9Ofy1eU5x78t+e31vVR/8fypPF/9ia2v+1J4Zv9P3YqvwHa/+PNNr6A809xv9gzld5mC5ZG18Qju1FWVtdXwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlek2sB8ulYbGIjoiYgnYmdt4tLU9AtnLn1wcSzLa/z+fy3/pd/eue2U//5/34Lt4SXbhyNid0R82dbd2B44fWlirOyTBwAAAAAAAAAAAAAAAAAAgG2ip8X6/8wfbWXXDth07WVXAChNQfz/UkY9gK2n/YfqEv9QXbWyKwCURvsP1SX+obrEP1SX+IfqEv8AAAAAAPBI2b3v5q8pImZf7m7cMp3NvI5SawZsNlP/obpc4geqy9QfqC6f8YG0Sn5Xy4NWO3Ilk6cf4mAAAAAAAAAAAAAAqJz9e63/h6qy/h+qy/p/qK58/f++Bfv0+6EaxDoQq6zkL1z/v+pRAAAAAAAAAAAAAMBGmpq5cn50YmL8ssRb26MaW5mo1+tXs1fBdqnP/zyRT4XfLvVZksjX+j3YUeW9JwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIv9FwAA///xeSTO")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x89440c, 0x0, 0x1, 0x0, &(0x7f0000000140))
chdir(&(0x7f00000003c0)='./bus\x00')
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x66960000)
mkdir(&(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x26)
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_clone3(&(0x7f0000000740)={0x8180080, &(0x7f0000000000)=<r2=>0xffffffffffffffff, &(0x7f0000000200), &(0x7f00000002c0)=<r3=>0x0, {0x39}, 0x0, 0x0, &(0x7f00000004c0)=""/237, &(0x7f00000005c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0], 0x3}, 0x58)
timer_create(0x7, &(0x7f0000000600)={0x0, 0x2f, 0x4, @tid=r3}, &(0x7f00000007c0))
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x2010042, &(0x7f0000000000)={[{@subsystem='hugetlb'}, {@subsystem='memory'}, {@subsystem='cpuacct'}]})
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r5}, 0x10)
symlink(&(0x7f0000001780)='./file0/../file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x3, 0x18, &(0x7f0000000680)=@raw=[@ldst={0x86f4501fcd089fc8, 0x0, 0x6, 0x9, 0x2, 0x50, 0x4}, @tail_call, @map_val={0x18, 0x3, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x5}, @map_val={0x18, 0x7, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xfffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r4}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r4}}, @map_fd={0x18, 0x2, 0x1, 0x0, r4}, @cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffffd}], &(0x7f0000000880)='syzkaller\x00', 0x1, 0x5, &(0x7f00000008c0)=""/5, 0x41100, 0x14, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000e40)={0x5, 0x9, 0x3, 0x1}, 0x10, 0x0, 0xffffffffffffffff, 0x4, &(0x7f0000001040)=[0xffffffffffffffff, r4, r6, 0xffffffffffffffff, r4, r2, r4, r4, r4], &(0x7f0000001080)=[{0x2, 0x2, 0x7, 0xa}, {0x4, 0x4, 0xa, 0x4}, {0x4, 0x3, 0xc, 0x8}, {0x4, 0x4, 0x9, 0x3}], 0x10, 0x8, @void, @value}, 0x94)
mount(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x2086421, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
rseq(&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
unshare(0x2040400)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)

1m9.147949926s ago: executing program 1 (id=10386):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000100)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f00000000c0)='dctcp\x00', 0x6)
getsockopt$inet6_tcp_buf(r2, 0x6, 0x1a, 0x0, &(0x7f0000000300))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x9, 0x0, 0x7ffc0002}]})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
r6 = open(&(0x7f00000001c0)='./file1\x00', 0x20042, 0x45)
r7 = open(&(0x7f0000000200)='./file2\x00', 0x100, 0x123)
copy_file_range(r7, 0x0, r6, 0x0, 0x3df1, 0x0)
r8 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x169)
pwritev2(r8, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3)
ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f00000000c0)=<r9=>0x0)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_DEV_UP(r10, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=<r11=>0xffffffffffffffff, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r9], 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x8000)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000e8f9bde8110000", @ANYRES32, @ANYRESHEX=r11], &(0x7f0000000500)='GPL\x00', 0x0, 0x26, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$kcm(0x29, 0x2, 0x0)

1m8.359806507s ago: executing program 1 (id=10396):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000100)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f00000000c0)='dctcp\x00', 0x6)
getsockopt$inet6_tcp_buf(r2, 0x6, 0x1a, 0x0, &(0x7f0000000300))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x9, 0x0, 0x7ffc0002}]})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
r6 = open(&(0x7f00000001c0)='./file1\x00', 0x20042, 0x45)
r7 = open(&(0x7f0000000200)='./file2\x00', 0x100, 0x123)
copy_file_range(r7, 0x0, r6, 0x0, 0x3df1, 0x0)
r8 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x169)
pwritev2(r8, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3)
ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f00000000c0)=<r9=>0x0)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_DEV_UP(r10, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=<r11=>0xffffffffffffffff, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r9], 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x8000)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000e8f9bde8110000", @ANYRES32, @ANYRESHEX=r11], &(0x7f0000000500)='GPL\x00', 0x0, 0x26, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$kcm(0x29, 0x2, 0x0)

1m8.359420517s ago: executing program 32 (id=10396):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000100)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f00000000c0)='dctcp\x00', 0x6)
getsockopt$inet6_tcp_buf(r2, 0x6, 0x1a, 0x0, &(0x7f0000000300))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x9, 0x0, 0x7ffc0002}]})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
r6 = open(&(0x7f00000001c0)='./file1\x00', 0x20042, 0x45)
r7 = open(&(0x7f0000000200)='./file2\x00', 0x100, 0x123)
copy_file_range(r7, 0x0, r6, 0x0, 0x3df1, 0x0)
r8 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x169)
pwritev2(r8, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3)
ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f00000000c0)=<r9=>0x0)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_DEV_UP(r10, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=<r11=>0xffffffffffffffff, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r9], 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x8000)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000e8f9bde8110000", @ANYRES32, @ANYRESHEX=r11], &(0x7f0000000500)='GPL\x00', 0x0, 0x26, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$kcm(0x29, 0x2, 0x0)

3.441580229s ago: executing program 0 (id=11121):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
mknod$loop(&(0x7f0000000200)='./file0\x00', 0x2000, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
close(r0)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x812418, 0x0, 0xff, 0x0, &(0x7f00000007c0))
munmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000010000000800000008"], 0x48)
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000006c0), 0x4080, 0x0)
connect$pppl2tp(r3, &(0x7f0000000dc0)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x3, 0x4, 0x4, 0x4, {0xa, 0x4e23, 0x2, @mcast1, 0x6}}}, 0x3a)
r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0x400}, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x8003}, 0x0, &(0x7f0000000200))
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
io_uring_enter(r6, 0x6e2, 0x600, 0x1, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r7, 0x0, 0x6}, 0x18)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000318110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x18)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)={0x2, 0x4, 0x8, 0x1, 0x80, r2, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000680)={{0x1, 0x1, 0x18, r9}, './file0\x00'})

3.264050202s ago: executing program 3 (id=11123):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000100)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x9, 0x0, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x3df1, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0))
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000e8f9bde8110000", @ANYRES32=r3, @ANYRESHEX], &(0x7f0000000500)='GPL\x00', 0x0, 0x26, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$kcm(0x29, 0x2, 0x0)

3.180209923s ago: executing program 3 (id=11125):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="05000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x10000002}, 0x18)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x4110, 0x0, 0x0, 0x5, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x2000400, 0x0, 0xfffffebf, 0x0, 0x0, 0x0)

3.141725704s ago: executing program 3 (id=11126):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "08000f000000000000008000"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x801}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket(0x2b, 0x6, 0x5)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_MAC_ACL(r4, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)={0x88, r5, 0x200, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x401, 0x2e}}}}, [@NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_MAC_ADDRS={0x40, 0xa6, 0x0, 0x1, [{0xa}, {0xa}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x800}, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
socket$inet6_sctp(0xa, 0x1, 0x84)
r7 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000380), 0x80000, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r7, 0xc0189378, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r0, {r8}}, './file0\x00'})
r9 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r10}, &(0x7f0000000180), &(0x7f00000001c0)=r9}, 0x20)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r11}, 0x10)
creat(&(0x7f0000000980)='./bus\x00', 0x19)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
bind$unix(0xffffffffffffffff, &(0x7f0000000040)=@abs={0x1}, 0x2)
r12 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_ALM_READ(r12, 0x40187013, &(0x7f0000000040))
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, <r13=>0xffffffffffffffff}, 0x0)
dup(r13)

3.103780545s ago: executing program 0 (id=11128):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100000000000000000000fc000a20000000000a03000000000000000000070000000900010073797a30000000004c00"], 0xec}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, 0x0, 0x0)

3.029580465s ago: executing program 5 (id=11129):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000400008500000072000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a7c000000060a0b0400000000000000000200000150000480240029440039a063ab97636b6574000014000280080002400080080001006e6174001c0002800800054000000003080001400000000008000240000000020900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0xa4}}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, 0x0, 0x0)
open(&(0x7f0000000040)='./file2\x00', 0x181042, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val={'init_itable', 0x3d, 0x8000}}, {@nodiscard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {}, {@nobarrier}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")

2.976677477s ago: executing program 0 (id=11130):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x2}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0)
mbind(&(0x7f00005f7000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x8000, 0x0, 0x2, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x109, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r3}, 0x18)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x8c, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4041}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x90, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}]}, @CTA_NAT_SRC={0x4}]}, 0x90}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x14)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002d00)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000003000000010000000000000e02000000000000000000000001000084000000000000000003000000000000210000000000000006040000000061"], 0x0, 0x4f, 0x0, 0x8, 0x0, 0x0, @void, @value}, 0x20)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000040)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
socketpair(0xb9650ac7bbbfc8b6, 0x2, 0x7, &(0x7f0000000000))

2.975053086s ago: executing program 3 (id=11131):
munlockall()
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000e4ffffffeaffb6080000010000807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000039000"/72], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b000000070000006a0000000800000001"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="21080400000000000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x24)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000002c7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='mm_page_free\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="00ddffff01"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
io_uring_setup(0x218a, &(0x7f0000000240)={0x0, 0x3ffffffc, 0x800, 0x4, 0x221})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
flistxattr(r3, 0x0, 0x0)

2.831672759s ago: executing program 5 (id=11132):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x11, 0x4, &(0x7f0000000080)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xad}]}, &(0x7f0000000000)='GPL\x00', 0x4, 0x87, &(0x7f0000000480)=""/135, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x21)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@newtaction={0x104, 0x30, 0x300, 0x71bd2a, 0x25dfdbff, {}, [{0xf0, 0x1, [@m_gact={0x60, 0x17, 0x0, 0x0, {{0x9}, {0x34, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x2, 0x1ae8, 0x5}}, @TCA_GACT_PARMS={0x18, 0x2, {0x9, 0x8, 0x0, 0xbd1c, 0x4}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x583, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}, @m_sample={0x30, 0x12, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}, @m_bpf={0x2c, 0x10, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_simple={0x30, 0x2, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x3, 0x3}}}}]}]}, 0x104}, 0x1, 0x0, 0x0, 0x4000810}, 0x20040800)
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfe38, &(0x7f0000000380), 0x0, &(0x7f0000000b40)=""/199, 0xbf}}], 0x1, 0x0, &(0x7f0000000400)={0x77359400})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x16}}, 0x10, &(0x7f0000000280)=[{&(0x7f0000000340)="69f9cb5322f2924bacc60ab6db6d52a2e794c3cbf30a78e5536302ca6c6289d88e725896cc144212a795f80b2e1984006c751848d9c773c3ac06b2b6b5ea35c68f57961e26668d892f0d662c28cf44895e4464763820865d2d261df67ebb71f7039b427bb863df96d0613eafc1404953f35fbfe65b73ffbe6def7c4f2d7c0ce844bbb9b575c2b8ca50ef10fe9bec7cb4a4722d33407b0112a4cab7208cb17f9429be97ad2b7937", 0xa7}, {&(0x7f0000000540)="98c0d6db270ac9d1d11e6a11e37c23ef6d7f38ba4998216382e72ba60352ca412ca5e065ccfa464a20324f9291a3613d5cf96705bcd238806b2b8c9f6b78bed506f19e8c4099a5cd1dd38486d5e0b3d1fac2ad1ae98ecd764a3217dd8b8199dd877c7d87a718bd930a70a0ca4f2361cacfe7cb9916bfdb3b17ff1351277615018cc88f81efce11affab888237356ffe0ea8b92ae2248b9b16c688f5fdef07141353fd3c96b765993661a7ff3bd31d1c6df6ba55994dc6077ad553e8f7458bd27d0ec55fce4b9f82072ee8c5e2623f8e941b79360c9d082027b5c3bd07c50d3b987b6fa480db744e5408fd171d710b556", 0xf0}, {&(0x7f0000000780)="6e5e37e5b9e141a4289dbc5de409899658f010e31ff7f6384fa209bd087e7a92c2ae4c03771b171e0b4446037d490fac480426b267c73ca9f1228539a563159987bce47abe5952b08b51862a05de2adc4c2a71e9dd061868e807eb323fea86f85191eae5a72174708cab57acc4b0cddb53b7bf6222430cfcdb98920b44dd7dbfb375919d4fa12e598db0ed2ab6a4ab969ef3b352340b78a1d3e00358df08fd1e93a2c1738f629abba67af2770471caecacbe238d1d9dbb120644c3450ac376e9ad70d5", 0xc3}, {&(0x7f0000000880)="880c113e69f7dc7cbbd8f7fc7c702443a060b675c8bcbff13d4fdfd5732c51b73f02ce70ceb9f0f56fd0186136459a4b5524ae94295685703ca0300f9d0fdb0367f55efa061d1c83cbda07f7bd7c492f1a612b85cae27adb8845084ff4ab269baf5a18e6726bfcb740bbdc15a2acc35d778a1dcab1367fcd778cb83148e16b1d3cff62bc72754aa3fe02153b6157a7f29acdb19df551e2256bdc5ce15430818b3191a0b047dbcbffc1611f5b5bbbb6c58c855408ce471a43e88724ecd823e5096fb3ff2d63d437eabee38caebbdbbd82f0c0ea30112a87b00bb152702c34bd6098170d4c9ed9", 0xe6}, {&(0x7f0000000980)="895e2d488e9062e62090872dc372c61ee4d63a8c9ad750b4989d87dda0cd8740fe90c62e687a9587535b359f34c6c44754eeb6d7b7882357f1872c8ac9498881bf3eade62227094062752570aea37c871ef3611be7b202dbb4029e056a8cc543060ca6693075f5825ab290cccdfc8828256ee45834299f6ea9d68342f1b36730842ac148151e14280e803bde5cacb44ba185ac97a5281f9947076e9d6bbd36c7c09a70752e22fa", 0xa7}, {0x0}], 0x6}, 0x4000)
r2 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xfd, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x0, 0x0, 0xffffffbe, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f00000001c0)='cpu>20\t&&')
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000580)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce81ea038800fe08000e40000200875a65969ff57b00ff020000000000000000000000000001"], 0xfdef)
r3 = socket(0x10, 0x3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000500)='kfree\x00', r4, 0x0, 0x2}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettclass={0x24, 0x2a, 0x400, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xfff1, 0x4}, {0xfff1, 0xa}, {0x2, 0xfff3}}, ["", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x8080)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'sit0\x00'})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r6, {0x10, 0x4}, {0x0, 0x9}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

2.68616943s ago: executing program 5 (id=11134):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba9432})
readv(r0, &(0x7f00000001c0)=[{&(0x7f0000001400)=""/227, 0x10}], 0x4)
r1 = socket$kcm(0x2, 0xa, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0xffffffffffffffff}, 0x18)
ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0)

2.533702763s ago: executing program 0 (id=11135):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = syz_open_dev$usbfs(&(0x7f0000000340), 0x206, 0x8401)
ioctl$USBDEVFS_ALLOW_SUSPEND(r3, 0x5522)
ioctl$USBDEVFS_BULK(r3, 0x5523, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r4}, 0x10)
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)

2.363505515s ago: executing program 4 (id=11137):
socket$inet_sctp(0x2, 0x1, 0x84)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000140)=ANY=[], 0x20)

2.255968377s ago: executing program 4 (id=11138):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r0, &(0x7f0000001180)=[{{&(0x7f0000000140)={0xa, 0x0, 0x9, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x4}, 0x1c, &(0x7f00000005c0)=[{&(0x7f0000000240)="81", 0x1}], 0x1}}, {{&(0x7f0000000080)={0xa, 0x4e22, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x5}, 0x1c, &(0x7f0000000780)=[{&(0x7f0000000300)="8c", 0x1}], 0x1}}, {{&(0x7f00000001c0)={0xa, 0x4e24, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8}, 0x1c, 0x0}}], 0x3, 0x4004851)
setsockopt(r0, 0x84, 0x14, &(0x7f0000000040)="020000000980ffff", 0x8) (fail_nth: 2)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff02000000000000000000000000000100000000330000000a0101010000000000000000000000000000000000004e340100000000000000000000000000000004000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000a0000002bbd70000000000000000200000000000000000008000020ffffffdf2c0027cc"], 0x124}}, 0x0)

1.907735862s ago: executing program 4 (id=11142):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000100)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f00000000c0)='dctcp\x00', 0x6)
getsockopt$inet6_tcp_buf(r2, 0x6, 0x1a, 0x0, &(0x7f0000000300))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x9, 0x0, 0x7ffc0002}]})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
r5 = open(&(0x7f00000001c0)='./file1\x00', 0x20042, 0x45)
r6 = open(&(0x7f0000000200)='./file2\x00', 0x100, 0x123)
copy_file_range(r6, 0x0, r5, 0x0, 0x3df1, 0x0)
r7 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x169)
pwritev2(r7, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3)
ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=<r8=>0x0)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_DEV_UP(r9, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=<r10=>0xffffffffffffffff, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r8], 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x8000)
r11 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000e8f9bde8110000", @ANYRES32=r11, @ANYRESHEX=r10], &(0x7f0000000500)='GPL\x00', 0x0, 0x26, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$kcm(0x29, 0x2, 0x0)

1.819540053s ago: executing program 2 (id=11143):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000300)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000580)={0x0, 0x0, 0x0, 'queue0\x00'})

1.785149504s ago: executing program 5 (id=11144):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mq_notify(0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000003"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r3}, 0x10)
socket$inet(0x2, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
pipe(&(0x7f00000008c0)={<r5=>0xffffffffffffffff})
read(r5, &(0x7f0000032440)=""/102364, 0x18fdc)

1.766442774s ago: executing program 2 (id=11145):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)

1.764751104s ago: executing program 3 (id=11146):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x2}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0)
mbind(&(0x7f00005f7000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x8000, 0x0, 0x2, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x109, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r3}, 0x18)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x8c, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4041}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x90, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}]}, @CTA_NAT_SRC={0x4}]}, 0x90}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x14)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002d00)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000003000000010000000000000e02000000000000000000000001000084000000000000000003000000000000210000000000000006040000000061"], 0x0, 0x4f, 0x0, 0x8, 0x0, 0x0, @void, @value}, 0x20)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000040)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
socketpair(0xb9650ac7bbbfc8b6, 0x2, 0x7, &(0x7f0000000000))

1.320026721s ago: executing program 0 (id=11147):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioprio_set$pid(0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0, 0x0, 0xfffffffffffffffe}, 0x18)
prctl$PR_SET_NAME(0xf, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000001740)='.\x00', 0x515001, 0x488)
io_uring_setup(0x7d9a, &(0x7f0000000240)={0x0, 0xdf07, 0x2, 0x1, 0x1})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0xc0a85320, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x40505330, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x40505330, &(0x7f00000001c0)={0x800100, 0xfffffffd, 0x2, 0x6, 0x1101, 0x1})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', 0x0)
shmat(0x0, &(0x7f0000ffd000/0x1000)=nil, 0x7000)
syz_clone3(&(0x7f00000006c0)={0x102102180, 0x0, 0x0, 0x0, {0x29}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r3, 0x541c, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)

1.289852541s ago: executing program 4 (id=11148):
socket$inet_sctp(0x2, 0x1, 0x84)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000140)=ANY=[], 0x20)

1.227957842s ago: executing program 0 (id=11149):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000480), 0x1a1040, 0x0)
ioctl$AUTOFS_IOC_FAIL(r5, 0x4c80, 0x7000000)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)

1.044153265s ago: executing program 4 (id=11150):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
bpf$MAP_CREATE(0x0, 0x0, 0x48)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)

511.693093ms ago: executing program 2 (id=11151):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000002540)=ANY=[@ANYBLOB="61159d000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081383409ed2912c811ae63f03212a5331c2a4ead000000000000000000005574d074fa7e93447a88c0fbab48660aae7cdf367ef0e4538279b6113de5b94e1056f443305145c9"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r2 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, 0x0)
ioctl$TCFLSH(r1, 0x5608, 0x0)
sync_file_range(r1, 0x7fff, 0x400002, 0x2)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
move_pages(0x0, 0x4, &(0x7f0000000500)=[&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil], &(0x7f0000000540)=[0x7, 0x8, 0x9, 0x6, 0x6], &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4)
ioctl$TUNSETIFF(r3, 0x400454da, &(0x7f0000000080)={'batadv0\x00'})
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000002140)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff0200}]})
fstat(r4, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r5=>0x0, <r6=>0x0})
lchown(&(0x7f0000000040)='./bus\x00', r5, 0x0)
ioctl$HIDIOCGUCODE(0xffffffffffffffff, 0xc018480d, &(0x7f0000000340)={0x1, 0x1, 0x0, 0x101, 0x9, 0xffffff28})
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in=@multicast2, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in6=@initdev}, 0x0, @in=@broadcast}}, &(0x7f00000003c0)=0xe8)
setresuid(r5, 0xee01, r7)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)={0x1000, 0x10ffff, 0xfffffffd, 0x0, 0xfffff05b})
r8 = io_uring_setup(0x4b7c, &(0x7f0000000440)={0x0, 0xfed7, 0x208a, 0x1, 0x206})
io_uring_enter(r8, 0x25e, 0x59ba, 0x40, &(0x7f00000004c0)={[0x4]}, 0x8)
capset(&(0x7f0000000240)={0x20071026}, &(0x7f0000000280)={0xf, 0xf, 0xc3c, 0xa, 0x5, 0x2})
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
r9 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x103442, 0x0)
ioctl$TUNSETIFF(r9, 0x400454da, &(0x7f0000000140)={'batadv0\x00', 0x4000})
lchown(&(0x7f0000000380)='./bus\x00', r5, r6)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r10}, 0x18)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000100)={'pimreg0\x00', 0x1})
r11 = accept$packet(0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000180)=0x14)
readahead(r11, 0x9e4, 0xffffffffffffffff)

443.571134ms ago: executing program 5 (id=11152):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = syz_open_dev$usbfs(&(0x7f0000000340), 0x206, 0x8401)
ioctl$USBDEVFS_ALLOW_SUSPEND(r3, 0x5522)
ioctl$USBDEVFS_BULK(r3, 0x5523, 0x0)
ioctl$USBDEVFS_FORBID_SUSPEND(r3, 0x5521)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r5}, 0x10)
lstat(0x0, 0x0)

191.436048ms ago: executing program 5 (id=11153):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000100)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f00000000c0)='dctcp\x00', 0x6)
getsockopt$inet6_tcp_buf(r2, 0x6, 0x1a, 0x0, &(0x7f0000000300))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x9, 0x0, 0x7ffc0002}]})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
r5 = open(&(0x7f00000001c0)='./file1\x00', 0x20042, 0x45)
r6 = open(&(0x7f0000000200)='./file2\x00', 0x100, 0x123)
copy_file_range(r6, 0x0, r5, 0x0, 0x3df1, 0x0)
r7 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x169)
pwritev2(r7, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3)
ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=<r8=>0x0)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_DEV_UP(r9, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=<r10=>0xffffffffffffffff, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r8], 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x8000)
r11 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000e8f9bde8110000", @ANYRES32=r11, @ANYRESHEX=r10], &(0x7f0000000500)='GPL\x00', 0x0, 0x26, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$kcm(0x29, 0x2, 0x0)

190.870168ms ago: executing program 2 (id=11154):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000000085000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000002540)=ANY=[@ANYBLOB="61159d000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081383409ed2912c811ae63f03212a5331c2a4ead000000000000000000005574d074fa7e93447a88c0fbab48660aae7cdf367ef0e4538279b6113de5b94e1056f443305145c9"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r2 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, 0x0)
ioctl$TCFLSH(r1, 0x5608, 0x0)
sync_file_range(r1, 0x7fff, 0x400002, 0x2)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
move_pages(0x0, 0x3, &(0x7f0000000500)=[&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil], &(0x7f0000000540)=[0x7, 0x8, 0x9, 0x6, 0x6], &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4)
ioctl$TUNSETIFF(r3, 0x400454da, &(0x7f0000000080)={'batadv0\x00'})
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000002140)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff0200}]})
fstat(r4, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r5=>0x0, <r6=>0x0})
lchown(&(0x7f0000000040)='./bus\x00', r5, 0x0)
ioctl$HIDIOCGUCODE(0xffffffffffffffff, 0xc018480d, &(0x7f0000000340)={0x1, 0x1, 0x0, 0x101, 0x9, 0xffffff28})
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in=@multicast2, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in6=@initdev}, 0x0, @in=@broadcast}}, &(0x7f00000003c0)=0xe8)
setresuid(r5, 0xee01, r7)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)={0x1000, 0x10ffff, 0xfffffffd, 0x0, 0xfffff05b})
r8 = io_uring_setup(0x4b7c, &(0x7f0000000440)={0x0, 0xfed7, 0x208a, 0x1, 0x206})
io_uring_enter(r8, 0x25e, 0x59ba, 0x40, &(0x7f00000004c0)={[0x4]}, 0x8)
capset(&(0x7f0000000240)={0x20071026}, &(0x7f0000000280)={0xf, 0xf, 0xc3c, 0xa, 0x5, 0x2})
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
r9 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x103442, 0x0)
ioctl$TUNSETIFF(r9, 0x400454da, &(0x7f0000000140)={'batadv0\x00', 0x4000})
lchown(&(0x7f0000000380)='./bus\x00', r5, r6)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000400)='kfree\x00', r10}, 0x18)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000100)={'pimreg0\x00', 0x1})
r11 = accept$packet(0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000180)=0x14)
readahead(r11, 0x9e4, 0xffffffffffffffff)

161.647658ms ago: executing program 3 (id=11155):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
mknod$loop(&(0x7f0000000200)='./file0\x00', 0x2000, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
close(r0)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x812418, 0x0, 0xff, 0x0, &(0x7f00000007c0))
munmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000010000000800000008"], 0x48)
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000006c0), 0x4080, 0x0)
connect$pppl2tp(r3, &(0x7f0000000dc0)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x3, 0x4, 0x4, 0x4, {0xa, 0x4e23, 0x2, @mcast1, 0x6}}}, 0x3a)
r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0x400}, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x8003}, 0x0, &(0x7f0000000200))
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
io_uring_enter(r6, 0x6e2, 0x600, 0x1, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r7, 0x0, 0x6}, 0x18)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000318110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x18)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)={0x2, 0x4, 0x8, 0x1, 0x80, r2, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000680)={{0x1, 0x1, 0x18, r9}, './file0\x00'})

148.682548ms ago: executing program 2 (id=11156):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000300)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000580)={0x0, 0x0, 0x0, 'queue0\x00'})

120.999959ms ago: executing program 4 (id=11157):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000000), 0x10)
unshare(0x2a020400)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYRESOCT, @ANYRES64=0x0, @ANYRES64=<r1=>0x2710, @ANYBLOB="455521e92134db04c4b212279e926656a41c490f3cafc8805f9b2289eb6f8b26c87d7333ce361bbe00bd1fa00cdbaae101333c059d4f9eca1820ff9b288b5ac6c59a69005dc16593a85d02a9b587fc55c992e822ad0e3681cbc9c9a73eadf2f361d753bd9dec29b351d14bd07dd70c60da5aa8f3b313629a3f255612bb4837b831ce9021fe855b06e8c238c5dffbe218d8a8e1c7c3ce847e62e4b8a6ecd198c52dd2819c449d444d6c4e100045082c3ca807f8a7ed1fecedee9389ad7ac0ef7aa543524947272c1f25bd9004a66a375efea7143061c62c1a57e1504736c5ac2dd9155b"], 0x80}, 0x1, 0x0, 0x0, 0x4000090}, 0x0)
fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x3, 0xc, &(0x7f00000007c0)=ANY=[@ANYRES8=r0, @ANYRESOCT=r0, @ANYBLOB="c6ddcd7e78cd85c4cd2f6e95a689d5cf0427f232d9e87882ab927e0aedb35cc6d4ce1f1b425271ddd97486019ef5a259030b33f4cc72246866cceb5d1c0b01ed7dde79766ca4e99215a7dd055567fe44d551eb4571dbeb033504e0e19f609521e5c6651aaa8763ac75392fc48576dfdc64f7b98305d630396feab8b8d1fb672b420903e1d7e282372157417520eeffdc86726d1088b28b046ae6d16048", @ANYRESHEX=r1], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x32)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x40, 0x9, 0x7ffc0002}]})
renameat(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0)

0s ago: executing program 2 (id=11158):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r0, &(0x7f0000001180)=[{{&(0x7f0000000140)={0xa, 0x0, 0x9, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x4}, 0x1c, &(0x7f00000005c0)=[{&(0x7f0000000240)="81", 0x1}], 0x1}}, {{&(0x7f0000000080)={0xa, 0x4e22, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x5}, 0x1c, &(0x7f0000000780)=[{&(0x7f0000000300)="8c", 0x1}], 0x1}}, {{&(0x7f00000001c0)={0xa, 0x4e24, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8}, 0x1c, 0x0}}], 0x3, 0x4004851)
setsockopt(r0, 0x84, 0x14, &(0x7f0000000040)="020000000980ffff", 0x8)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
write$UHID_INPUT(r3, &(0x7f0000001040)={0xa, {"a2e3ad214fc752f91b2909004bf70e0dd038e7ff7fc6e5539b326c078b089b3b083844090890e0878f0e1ac6e7049b3d6d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b333b0d076c0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0afc9397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6258742317662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab96b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e0088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76ccc2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c826467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb204466cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2e57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849d11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f9d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f0712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073da5b0000d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1ccced94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89234b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d876a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff02000000000000000000000000000100000000330000000a0101010000000000000000000000000000000000004e340100000000000000000000000000000004000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000a0000002bbd70000000000000000200000000000000000008000020ffffffdf2c0027cc"], 0x124}}, 0x0)

kernel console output (not intermixed with test programs):

ll use data=ordered instead of data journaling mode
[  680.414193][   T29] audit: type=1326 audit(1748750159.513:63721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=397 comm="syz.4.10448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=172 compat=0 ip=0x7fd77bace969 code=0x7ffc0000
[  680.438058][   T29] audit: type=1326 audit(1748750159.513:63722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=397 comm="syz.4.10448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd77bace969 code=0x7ffc0000
[  680.472800][  T394] EXT4-fs (loop3): 1 truncate cleaned up
[  680.480964][  T394] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  680.503059][  T394] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  680.576373][  T420] loop0: detected capacity change from 0 to 2048
[  680.699916][  T426] loop4: detected capacity change from 0 to 2048
[  681.315450][  T433] loop3: detected capacity change from 0 to 1017
[  681.323989][  T433] EXT4-fs (loop3): bad geometry: block count 512 exceeds size of device (508 blocks)
[  681.474817][  T441] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10462'.
[  681.492773][  T451] loop3: detected capacity change from 0 to 2048
[  681.515359][  T438] bridge_slave_0: left allmulticast mode
[  681.521047][  T438] bridge_slave_0: left promiscuous mode
[  681.527022][  T438] bridge0: port 1(bridge_slave_0) entered disabled state
[  681.544798][  T438] bridge_slave_1: left allmulticast mode
[  681.550557][  T438] bridge_slave_1: left promiscuous mode
[  681.556391][  T438] bridge0: port 2(bridge_slave_1) entered disabled state
[  681.574733][  T438] bond0: (slave bond_slave_0): Releasing backup interface
[  681.586140][  T438] bond0: (slave bond_slave_1): Releasing backup interface
[  681.596408][  T438] team0: Port device team_slave_0 removed
[  681.606290][  T438] team0: Port device team_slave_1 removed
[  681.625341][  T459] netlink: 32 bytes leftover after parsing attributes in process `syz.2.10469'.
[  681.634614][  T459] netlink: 24 bytes leftover after parsing attributes in process `syz.2.10469'.
[  681.644293][  T464] FAULT_INJECTION: forcing a failure.
[  681.644293][  T464] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  681.657501][  T464] CPU: 1 UID: 0 PID: 464 Comm: syz.3.10471 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  681.657533][  T464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  681.657604][  T464] Call Trace:
[  681.657614][  T464]  <TASK>
[  681.657631][  T464]  __dump_stack+0x1d/0x30
[  681.657658][  T464]  dump_stack_lvl+0xe8/0x140
[  681.657684][  T464]  dump_stack+0x15/0x1b
[  681.657701][  T464]  should_fail_ex+0x265/0x280
[  681.657905][  T464]  should_fail+0xb/0x20
[  681.658099][  T464]  should_fail_usercopy+0x1a/0x20
[  681.658157][  T464]  _copy_from_user+0x1c/0xb0
[  681.658223][  T464]  ___sys_sendmsg+0xc1/0x1d0
[  681.658266][  T464]  __x64_sys_sendmsg+0xd4/0x160
[  681.658308][  T464]  x64_sys_call+0x2999/0x2fb0
[  681.658364][  T464]  do_syscall_64+0xd2/0x200
[  681.658398][  T464]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  681.658424][  T464]  ? clear_bhb_loop+0x40/0x90
[  681.658512][  T464]  ? clear_bhb_loop+0x40/0x90
[  681.658542][  T464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  681.658608][  T464] RIP: 0033:0x7f1122d8e969
[  681.658633][  T464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  681.658656][  T464] RSP: 002b:00007f11213f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  681.658725][  T464] RAX: ffffffffffffffda RBX: 00007f1122fb5fa0 RCX: 00007f1122d8e969
[  681.658742][  T464] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  681.658758][  T464] RBP: 00007f11213f7090 R08: 0000000000000000 R09: 0000000000000000
[  681.658774][  T464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  681.658884][  T464] R13: 0000000000000000 R14: 00007f1122fb5fa0 R15: 00007ffee88abc28
[  681.658927][  T464]  </TASK>
[  681.895853][  T462] FAULT_INJECTION: forcing a failure.
[  681.895853][  T462] name failslab, interval 1, probability 0, space 0, times 0
[  681.908586][  T462] CPU: 0 UID: 0 PID: 462 Comm: syz.5.10470 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  681.908618][  T462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  681.908662][  T462] Call Trace:
[  681.908670][  T462]  <TASK>
[  681.908679][  T462]  __dump_stack+0x1d/0x30
[  681.908700][  T462]  dump_stack_lvl+0xe8/0x140
[  681.908720][  T462]  dump_stack+0x15/0x1b
[  681.908737][  T462]  should_fail_ex+0x265/0x280
[  681.908852][  T462]  should_failslab+0x8c/0xb0
[  681.908875][  T462]  kmem_cache_alloc_node_noprof+0x57/0x320
[  681.908905][  T462]  ? __alloc_skb+0x101/0x320
[  681.908938][  T462]  __alloc_skb+0x101/0x320
[  681.908969][  T462]  netlink_alloc_large_skb+0xba/0xf0
[  681.909035][  T462]  netlink_sendmsg+0x3cf/0x6b0
[  681.909143][  T462]  ? __pfx_netlink_sendmsg+0x10/0x10
[  681.909172][  T462]  __sock_sendmsg+0x142/0x180
[  681.909296][  T462]  ____sys_sendmsg+0x31e/0x4e0
[  681.909327][  T462]  ___sys_sendmsg+0x17b/0x1d0
[  681.909449][  T462]  __x64_sys_sendmsg+0xd4/0x160
[  681.909486][  T462]  x64_sys_call+0x2999/0x2fb0
[  681.909535][  T462]  do_syscall_64+0xd2/0x200
[  681.909570][  T462]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  681.909649][  T462]  ? clear_bhb_loop+0x40/0x90
[  681.909675][  T462]  ? clear_bhb_loop+0x40/0x90
[  681.909704][  T462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  681.909730][  T462] RIP: 0033:0x7f2d679ee969
[  681.909746][  T462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  681.909765][  T462] RSP: 002b:00007f2d66057038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  681.909783][  T462] RAX: ffffffffffffffda RBX: 00007f2d67c15fa0 RCX: 00007f2d679ee969
[  681.909796][  T462] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000009
[  681.909820][  T462] RBP: 00007f2d66057090 R08: 0000000000000000 R09: 0000000000000000
[  681.909836][  T462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  681.909911][  T462] R13: 0000000000000000 R14: 00007f2d67c15fa0 R15: 00007ffd16889678
[  681.909931][  T462]  </TASK>
[  682.126283][  T473] loop3: detected capacity change from 0 to 512
[  682.134292][  T473] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  682.145416][  T473] EXT4-fs (loop3): 1 truncate cleaned up
[  682.151575][  T473] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  682.338694][  T490] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10479'.
[  682.360405][  T490] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  682.368195][  T490] batman_adv: batadv0: Removing interface: batadv_slave_0
[  682.376468][  T490] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  682.384095][  T490] batman_adv: batadv0: Removing interface: batadv_slave_1
[  682.438627][  T500] loop0: detected capacity change from 0 to 2048
[  682.505692][  T507] netlink: 32 bytes leftover after parsing attributes in process `syz.2.10484'.
[  682.514852][  T507] netlink: 24 bytes leftover after parsing attributes in process `syz.2.10484'.
[  682.544174][  T513] loop4: detected capacity change from 0 to 512
[  682.555738][  T513] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  682.634572][  T513] EXT4-fs (loop4): 1 truncate cleaned up
[  682.641037][  T513] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  682.656372][  T513] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  683.060812][  T527] loop4: detected capacity change from 0 to 1024
[  683.105912][  T527] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  683.136039][  T527] ext4 filesystem being mounted at /328/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  683.280473][T25607] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:49: lblock 1 mapped to illegal pblock 1 (length 8)
[  683.310944][T25607] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 8 with error 117
[  683.323347][T25607] EXT4-fs (loop4): This should not happen!! Data will be lost
[  683.323347][T25607] 
[  683.381384][T28450] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  683.591621][T29812] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  683.673616][  T552] loop5: detected capacity change from 0 to 2048
[  683.925889][  T563] netlink: 76 bytes leftover after parsing attributes in process `syz.4.10501'.
[  684.336421][  T567] loop5: detected capacity change from 0 to 512
[  684.350710][  T567] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.10503: casefold flag without casefold feature
[  684.365357][  T567] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.10503: couldn't read orphan inode 15 (err -117)
[  684.381561][  T567] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  684.488785][  T575] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10505'.
[  684.737400][  T589] loop3: detected capacity change from 0 to 2048
[  685.003002][   T29] kauditd_printk_skb: 470 callbacks suppressed
[  685.003018][   T29] audit: type=1326 audit(1748750164.153:64193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=583 comm="syz.3.10510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1122d85927 code=0x7ffc0000
[  685.032825][   T29] audit: type=1326 audit(1748750164.153:64194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=583 comm="syz.3.10510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1122d2ab39 code=0x7ffc0000
[  685.056258][   T29] audit: type=1326 audit(1748750164.153:64195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=583 comm="syz.3.10510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1122d8e969 code=0x7ffc0000
[  685.301723][   T29] audit: type=1326 audit(1748750164.243:64196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=583 comm="syz.3.10510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1122d85927 code=0x7ffc0000
[  685.325354][   T29] audit: type=1326 audit(1748750164.243:64197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=583 comm="syz.3.10510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1122d2ab39 code=0x7ffc0000
[  685.348790][   T29] audit: type=1326 audit(1748750164.243:64198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=583 comm="syz.3.10510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=450 compat=0 ip=0x7f1122d8e969 code=0x7ffc0000
[  685.372481][   T29] audit: type=1326 audit(1748750164.243:64199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=583 comm="syz.3.10510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1122d8e969 code=0x7ffc0000
[  685.396017][   T29] audit: type=1326 audit(1748750164.243:64200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=583 comm="syz.3.10510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1122d8e969 code=0x7ffc0000
[  685.419867][   T29] audit: type=1326 audit(1748750164.253:64201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=583 comm="syz.3.10510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1122d85927 code=0x7ffc0000
[  685.443395][   T29] audit: type=1326 audit(1748750164.253:64202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=583 comm="syz.3.10510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1122d2ab39 code=0x7ffc0000
[  685.567889][  T609] loop0: detected capacity change from 0 to 1017
[  685.584953][T32690] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  685.633450][  T609] EXT4-fs (loop0): bad geometry: block count 512 exceeds size of device (508 blocks)
[  686.056530][  T635] loop4: detected capacity change from 0 to 1024
[  686.074992][  T636] loop3: detected capacity change from 0 to 1024
[  686.096583][  T635] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  686.184769][  T635] ext4 filesystem being mounted at /336/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  686.203891][  T630] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #15: block 8: comm syz.4.10526: lblock 8 mapped to illegal pblock 8 (length 1)
[  686.225041][  T630] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 1 with error 117
[  686.237503][  T630] EXT4-fs (loop4): This should not happen!! Data will be lost
[  686.237503][  T630] 
[  686.267864][  T636] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  686.271855][  T653] loop0: detected capacity change from 0 to 1024
[  686.306966][  T656] loop5: detected capacity change from 0 to 2048
[  686.318710][  T630] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  686.326024][  T636] ext4 filesystem being mounted at /178/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  686.333633][  T630] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 475 with error 28
[  686.356403][  T630] EXT4-fs (loop4): This should not happen!! Data will be lost
[  686.356403][  T630] 
[  686.366109][  T630] EXT4-fs (loop4): Total free blocks count 0
[  686.366538][T25603] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:45: lblock 1 mapped to illegal pblock 1 (length 7)
[  686.372086][  T630] EXT4-fs (loop4): Free/Dirty block details
[  686.372135][  T630] EXT4-fs (loop4): free_blocks=4293918720
[  686.372150][  T630] EXT4-fs (loop4): dirty_blocks=480
[  686.403525][  T630] EXT4-fs (loop4): Block reservation details
[  686.410489][  T653] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  686.423167][  T653] ext4 filesystem being mounted at /241/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  686.468386][  T653] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #15: block 8: comm syz.0.10530: lblock 8 mapped to illegal pblock 8 (length 1)
[  686.529183][  T653] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 1 with error 117
[  686.541591][  T653] EXT4-fs (loop0): This should not happen!! Data will be lost
[  686.541591][  T653] 
[  686.582637][  T632] EXT4-fs error (device loop3): ext4_map_blocks:816: inode #15: block 8: comm syz.3.10525: lblock 8 mapped to illegal pblock 8 (length 1)
[  686.600601][  T653] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  686.639516][  T653] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 475 with error 28
[  686.652087][  T653] EXT4-fs (loop0): This should not happen!! Data will be lost
[  686.652087][  T653] 
[  686.661766][  T653] EXT4-fs (loop0): Total free blocks count 0
[  686.667837][  T653] EXT4-fs (loop0): Free/Dirty block details
[  686.673799][  T653] EXT4-fs (loop0): free_blocks=4293918720
[  686.679612][  T653] EXT4-fs (loop0): dirty_blocks=480
[  686.683400][  T632] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 1 with error 117
[  686.684871][  T653] EXT4-fs (loop0): Block reservation details
[  686.697128][  T632] EXT4-fs (loop3): This should not happen!! Data will be lost
[  686.697128][  T632] 
[  686.754389][T25600] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:42: lblock 1 mapped to illegal pblock 1 (length 7)
[  686.796972][  T632] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  686.826271][  T632] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 475 with error 28
[  686.838856][  T632] EXT4-fs (loop3): This should not happen!! Data will be lost
[  686.838856][  T632] 
[  686.848677][  T632] EXT4-fs (loop3): Total free blocks count 0
[  686.854807][  T632] EXT4-fs (loop3): Free/Dirty block details
[  686.860714][  T632] EXT4-fs (loop3): free_blocks=4293918720
[  686.866480][  T632] EXT4-fs (loop3): dirty_blocks=480
[  686.871736][  T632] EXT4-fs (loop3): Block reservation details
[  686.965924][T20521] EXT4-fs error (device loop3): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:32: lblock 1 mapped to illegal pblock 1 (length 7)
[  686.988888][  T667] loop0: detected capacity change from 0 to 1024
[  687.088549][  T667] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  687.163021][  T667] ext4 filesystem being mounted at /242/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  687.200928][  T667] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #15: block 8: comm syz.0.10533: lblock 8 mapped to illegal pblock 8 (length 1)
[  687.239854][  T679] loop4: detected capacity change from 0 to 2048
[  687.283272][  T667] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 1 with error 117
[  687.295709][  T667] EXT4-fs (loop0): This should not happen!! Data will be lost
[  687.295709][  T667] 
[  687.322828][  T667] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  687.339172][  T667] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 475 with error 28
[  687.351696][  T667] EXT4-fs (loop0): This should not happen!! Data will be lost
[  687.351696][  T667] 
[  687.361408][  T667] EXT4-fs (loop0): Total free blocks count 0
[  687.367444][  T667] EXT4-fs (loop0): Free/Dirty block details
[  687.373442][  T667] EXT4-fs (loop0): free_blocks=4293918720
[  687.379183][  T667] EXT4-fs (loop0): dirty_blocks=480
[  687.384512][  T667] EXT4-fs (loop0): Block reservation details
[  687.420825][T20521] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:32: lblock 1 mapped to illegal pblock 1 (length 7)
[  687.572890][  T696] loop3: detected capacity change from 0 to 2048
[  687.704870][  T708] FAULT_INJECTION: forcing a failure.
[  687.704870][  T708] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  687.718091][  T708] CPU: 0 UID: 0 PID: 708 Comm: syz.5.10546 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  687.718122][  T708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  687.718203][  T708] Call Trace:
[  687.718210][  T708]  <TASK>
[  687.718218][  T708]  __dump_stack+0x1d/0x30
[  687.718242][  T708]  dump_stack_lvl+0xe8/0x140
[  687.718267][  T708]  dump_stack+0x15/0x1b
[  687.718319][  T708]  should_fail_ex+0x265/0x280
[  687.718361][  T708]  should_fail+0xb/0x20
[  687.718397][  T708]  should_fail_usercopy+0x1a/0x20
[  687.718430][  T708]  _copy_from_user+0x1c/0xb0
[  687.718466][  T708]  ___sys_sendmsg+0xc1/0x1d0
[  687.718508][  T708]  __x64_sys_sendmsg+0xd4/0x160
[  687.718549][  T708]  x64_sys_call+0x2999/0x2fb0
[  687.718587][  T708]  do_syscall_64+0xd2/0x200
[  687.718619][  T708]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  687.718688][  T708]  ? clear_bhb_loop+0x40/0x90
[  687.718710][  T708]  ? clear_bhb_loop+0x40/0x90
[  687.718732][  T708]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  687.718777][  T708] RIP: 0033:0x7f2d679ee969
[  687.718817][  T708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  687.718835][  T708] RSP: 002b:00007f2d66057038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  687.718957][  T708] RAX: ffffffffffffffda RBX: 00007f2d67c15fa0 RCX: 00007f2d679ee969
[  687.718970][  T708] RDX: 0000000000008000 RSI: 0000200000000780 RDI: 0000000000000006
[  687.718982][  T708] RBP: 00007f2d66057090 R08: 0000000000000000 R09: 0000000000000000
[  687.718999][  T708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  687.719015][  T708] R13: 0000000000000000 R14: 00007f2d67c15fa0 R15: 00007ffd16889678
[  687.719039][  T708]  </TASK>
[  688.053246][  T721] netlink: 32 bytes leftover after parsing attributes in process `syz.2.10550'.
[  688.062346][  T721] netlink: 24 bytes leftover after parsing attributes in process `syz.2.10550'.
[  688.062433][  T724] loop5: detected capacity change from 0 to 2048
[  688.080115][  T719] syz.3.10548 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  688.441269][  T741] loop3: detected capacity change from 0 to 2048
[  688.535607][  T740] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  688.875201][  T756] netlink: 32 bytes leftover after parsing attributes in process `syz.5.10562'.
[  688.884385][  T756] netlink: 24 bytes leftover after parsing attributes in process `syz.5.10562'.
[  688.909122][  T756] loop5: detected capacity change from 0 to 512
[  688.922174][  T756] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  688.945452][  T756] EXT4-fs (loop5): 1 truncate cleaned up
[  688.951590][  T756] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  689.005442][  T756] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  689.258145][  T773] loop0: detected capacity change from 0 to 2048
[  689.933872][  T796] loop3: detected capacity change from 0 to 164
[  689.980466][  T801] loop3: detected capacity change from 0 to 164
[  690.037720][   T29] kauditd_printk_skb: 515 callbacks suppressed
[  690.037738][   T29] audit: type=1400 audit(1748750169.194:64718): avc:  denied  { watch } for  pid=793 comm="syz.2.10573" path="/317/control" dev="tmpfs" ino=1696 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  690.113181][   T29] audit: type=1400 audit(1748750169.244:64719): avc:  denied  { execute } for  pid=793 comm="syz.2.10573" path="/317/cpu.stat" dev="tmpfs" ino=1697 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  690.185349][   T29] audit: type=1326 audit(1748750169.314:64720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=806 comm="syz.0.10577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  690.209099][   T29] audit: type=1326 audit(1748750169.314:64721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=806 comm="syz.0.10577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  690.232668][   T29] audit: type=1326 audit(1748750169.314:64722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=806 comm="syz.0.10577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  690.256314][   T29] audit: type=1326 audit(1748750169.314:64723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=806 comm="syz.0.10577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  690.279966][   T29] audit: type=1326 audit(1748750169.314:64724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=806 comm="syz.0.10577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  690.303513][   T29] audit: type=1326 audit(1748750169.314:64725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=806 comm="syz.0.10577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  690.327193][   T29] audit: type=1326 audit(1748750169.324:64726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=806 comm="syz.0.10577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  690.350813][   T29] audit: type=1326 audit(1748750169.324:64727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=806 comm="syz.0.10577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  690.766531][  T820] loop0: detected capacity change from 0 to 512
[  690.865218][  T820] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  690.996504][  T820] ext4 filesystem being mounted at /247/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  691.084841][  T820] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.10580: corrupted inode contents
[  691.156516][  T820] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.10580: mark_inode_dirty error
[  691.211124][  T820] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.10580: corrupted inode contents
[  691.211283][  T820] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.10580: mark_inode_dirty error
[  691.245964][  T830] loop4: detected capacity change from 0 to 512
[  691.309413][  T830] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  691.357760][  T830] EXT4-fs (loop4): 1 truncate cleaned up
[  691.358322][  T830] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  691.373487][  T836] pimreg: entered allmulticast mode
[  691.378853][  T836] pimreg: left allmulticast mode
[  691.380771][  T830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  691.577325][T29405] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  691.580093][  T838] FAULT_INJECTION: forcing a failure.
[  691.580093][  T838] name failslab, interval 1, probability 0, space 0, times 0
[  691.580127][  T838] CPU: 0 UID: 0 PID: 838 Comm: syz.5.10586 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  691.580225][  T838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  691.580239][  T838] Call Trace:
[  691.580247][  T838]  <TASK>
[  691.580256][  T838]  __dump_stack+0x1d/0x30
[  691.580285][  T838]  dump_stack_lvl+0xe8/0x140
[  691.580309][  T838]  dump_stack+0x15/0x1b
[  691.580409][  T838]  should_fail_ex+0x265/0x280
[  691.580452][  T838]  ? resv_map_alloc+0x57/0x190
[  691.580565][  T838]  should_failslab+0x8c/0xb0
[  691.580593][  T838]  __kmalloc_cache_noprof+0x4c/0x320
[  691.580630][  T838]  resv_map_alloc+0x57/0x190
[  691.580689][  T838]  hugetlbfs_get_inode+0x67/0x370
[  691.580733][  T838]  hugetlb_file_setup+0x192/0x3d0
[  691.580770][  T838]  ksys_mmap_pgoff+0x157/0x310
[  691.580955][  T838]  x64_sys_call+0x1602/0x2fb0
[  691.580980][  T838]  do_syscall_64+0xd2/0x200
[  691.581031][  T838]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  691.581126][  T838]  ? clear_bhb_loop+0x40/0x90
[  691.581183][  T838]  ? clear_bhb_loop+0x40/0x90
[  691.581206][  T838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  691.581228][  T838] RIP: 0033:0x7f2d679ee969
[  691.581243][  T838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  691.581314][  T838] RSP: 002b:00007f2d66057038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  691.581339][  T838] RAX: ffffffffffffffda RBX: 00007f2d67c15fa0 RCX: 00007f2d679ee969
[  691.581352][  T838] RDX: 0000000000000000 RSI: 0000000001400000 RDI: 0000200000000000
[  691.581365][  T838] RBP: 00007f2d66057090 R08: ffffffffffffffff R09: 0000000000000000
[  691.581378][  T838] R10: 00000000000c3072 R11: 0000000000000246 R12: 0000000000000001
[  691.581402][  T838] R13: 0000000000000000 R14: 00007f2d67c15fa0 R15: 00007ffd16889678
[  691.581429][  T838]  </TASK>
[  691.675331][  T843] loop4: detected capacity change from 0 to 2048
[  691.770163][  T848] loop5: detected capacity change from 0 to 2048
[  692.614754][  T858] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10593'.
[  693.113244][  T868] loop3: detected capacity change from 0 to 164
[  693.477478][  T873] loop3: detected capacity change from 0 to 1024
[  693.577690][  T873] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  693.577818][  T873] ext4 filesystem being mounted at /195/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  693.753418][  T879] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  693.868640][T25604] EXT4-fs error (device loop3): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:46: lblock 1 mapped to illegal pblock 1 (length 8)
[  693.894445][T25604] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 8 with error 117
[  693.906912][T25604] EXT4-fs (loop3): This should not happen!! Data will be lost
[  693.906912][T25604] 
[  693.949883][T29812] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  694.088178][  T887] loop0: detected capacity change from 0 to 1024
[  694.137466][  T887] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  694.195484][  T887] ext4 filesystem being mounted at /252/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  694.210946][  T887] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #15: block 8: comm syz.0.10601: lblock 8 mapped to illegal pblock 8 (length 1)
[  694.273839][  T887] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 1 with error 117
[  694.286214][  T887] EXT4-fs (loop0): This should not happen!! Data will be lost
[  694.286214][  T887] 
[  694.360880][  T887] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  694.433026][  T887] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 475 with error 28
[  694.445590][  T887] EXT4-fs (loop0): This should not happen!! Data will be lost
[  694.445590][  T887] 
[  694.455349][  T887] EXT4-fs (loop0): Total free blocks count 0
[  694.461405][  T887] EXT4-fs (loop0): Free/Dirty block details
[  694.467464][  T887] EXT4-fs (loop0): free_blocks=4293918720
[  694.473330][  T887] EXT4-fs (loop0): dirty_blocks=480
[  694.478598][  T887] EXT4-fs (loop0): Block reservation details
[  694.499457][  T908] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  694.618131][T25604] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:46: lblock 1 mapped to illegal pblock 1 (length 7)
[  694.763833][  T917] loop0: detected capacity change from 0 to 2048
[  695.008860][  T929] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10614'.
[  695.111748][  T938] netlink: 32 bytes leftover after parsing attributes in process `syz.0.10617'.
[  695.120976][  T938] netlink: 24 bytes leftover after parsing attributes in process `syz.0.10617'.
[  695.146435][  T914] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  695.160583][  T937] loop0: detected capacity change from 0 to 512
[  695.201628][  T937] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  695.265241][  T937] EXT4-fs (loop0): 1 truncate cleaned up
[  695.271352][  T937] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  695.332636][  T937] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  695.675231][   T29] kauditd_printk_skb: 130 callbacks suppressed
[  695.675246][   T29] audit: type=1326 audit(1748750174.835:64858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=947 comm="syz.2.10619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  696.012319][   T29] audit: type=1326 audit(1748750175.155:64859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=947 comm="syz.2.10619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  696.035976][   T29] audit: type=1326 audit(1748750175.155:64860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=947 comm="syz.2.10619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  696.059660][   T29] audit: type=1326 audit(1748750175.155:64861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=947 comm="syz.2.10619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  696.083285][   T29] audit: type=1326 audit(1748750175.155:64862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=947 comm="syz.2.10619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  696.106786][   T29] audit: type=1326 audit(1748750175.155:64863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=947 comm="syz.2.10619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  696.130378][   T29] audit: type=1326 audit(1748750175.155:64864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=947 comm="syz.2.10619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  696.153906][   T29] audit: type=1326 audit(1748750175.155:64865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=947 comm="syz.2.10619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  696.177416][   T29] audit: type=1326 audit(1748750175.155:64866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=947 comm="syz.2.10619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  696.201110][   T29] audit: type=1326 audit(1748750175.155:64867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=947 comm="syz.2.10619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  696.515842][  T967] loop0: detected capacity change from 0 to 512
[  696.552575][  T967] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  696.676134][  T967] EXT4-fs (loop0): 1 truncate cleaned up
[  696.682670][  T967] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  696.732516][  T974] loop5: detected capacity change from 0 to 2048
[  696.742662][  T967] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  697.135723][  T983] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  697.441876][  T993] loop0: detected capacity change from 0 to 1024
[  697.474951][ T1003] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10627'.
[  697.518936][  T993] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  697.568013][  T993] ext4 filesystem being mounted at /260/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  697.677320][ T1018] loop3: detected capacity change from 0 to 2048
[  697.717612][  T991] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #15: block 8: comm syz.0.10632: lblock 8 mapped to illegal pblock 8 (length 1)
[  697.756279][  T991] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 1 with error 117
[  697.768769][  T991] EXT4-fs (loop0): This should not happen!! Data will be lost
[  697.768769][  T991] 
[  697.858929][  T991] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  697.919715][  T991] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 475 with error 28
[  697.932269][  T991] EXT4-fs (loop0): This should not happen!! Data will be lost
[  697.932269][  T991] 
[  697.942100][  T991] EXT4-fs (loop0): Total free blocks count 0
[  697.948123][  T991] EXT4-fs (loop0): Free/Dirty block details
[  697.954102][  T991] EXT4-fs (loop0): free_blocks=4293918720
[  697.959839][  T991] EXT4-fs (loop0): dirty_blocks=480
[  697.965141][  T991] EXT4-fs (loop0): Block reservation details
[  698.089456][ T1031] loop5: detected capacity change from 0 to 1015
[  698.168806][ T1031] EXT4-fs (loop5): bad geometry: block count 512 exceeds size of device (507 blocks)
[  698.452145][T25604] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:46: lblock 1 mapped to illegal pblock 1 (length 7)
[  698.709964][ T1038] netlink: 32 bytes leftover after parsing attributes in process `syz.0.10641'.
[  698.719134][ T1038] netlink: 24 bytes leftover after parsing attributes in process `syz.0.10641'.
[  698.744048][ T1038] loop0: detected capacity change from 0 to 512
[  698.804114][ T1038] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  698.832920][ T1038] EXT4-fs (loop0): 1 truncate cleaned up
[  698.925528][ T1050] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  699.032030][ T1050] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  699.330254][ T1064] loop5: detected capacity change from 0 to 2048
[  699.948737][ T1074] loop0: detected capacity change from 0 to 512
[  699.987464][ T1074] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  700.032179][ T1074] EXT4-fs (loop0): 1 truncate cleaned up
[  700.038853][ T1074] EXT4-fs mount: 3 callbacks suppressed
[  700.038870][ T1074] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  700.103489][ T1074] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  700.555699][ T1095] loop3: detected capacity change from 0 to 2048
[  700.813258][ T1102] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10662'.
[  700.830280][ T1100] loop5: detected capacity change from 0 to 2048
[  700.893904][ T1100] Alternate GPT is invalid, using primary GPT.
[  700.900205][ T1100]  loop5: p1 p2 p3
[  701.036708][   T29] kauditd_printk_skb: 256 callbacks suppressed
[  701.036725][   T29] audit: type=1400 audit(1748750180.195:65124): avc:  denied  { write } for  pid=1089 comm="syz.5.10658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  701.101271][   T29] audit: type=1400 audit(1748750180.195:65125): avc:  denied  { nlmsg_write } for  pid=1089 comm="syz.5.10658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  701.467427][   T29] audit: type=1326 audit(1748750180.625:65126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1121 comm="syz.5.10669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  701.491313][   T29] audit: type=1326 audit(1748750180.625:65127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1121 comm="syz.5.10669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  701.515084][   T29] audit: type=1326 audit(1748750180.625:65128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1121 comm="syz.5.10669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  701.552123][   T29] audit: type=1326 audit(1748750180.675:65129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1121 comm="syz.5.10669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  701.575917][   T29] audit: type=1326 audit(1748750180.675:65130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1121 comm="syz.5.10669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  701.599703][   T29] audit: type=1326 audit(1748750180.675:65131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1121 comm="syz.5.10669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  701.623331][   T29] audit: type=1326 audit(1748750180.675:65132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1121 comm="syz.5.10669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  701.646946][   T29] audit: type=1326 audit(1748750180.675:65133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1121 comm="syz.5.10669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  702.138736][ T1145] netlink: 32 bytes leftover after parsing attributes in process `syz.5.10679'.
[  702.147870][ T1145] netlink: 24 bytes leftover after parsing attributes in process `syz.5.10679'.
[  702.229354][ T1142] loop5: detected capacity change from 0 to 512
[  702.242776][ T1142] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  702.281139][ T1142] EXT4-fs (loop5): 1 truncate cleaned up
[  702.293969][ T1146] loop3: detected capacity change from 0 to 1024
[  702.304235][ T1142] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  702.328249][ T1142] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  702.368430][ T1146] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  702.408384][ T1146] ext4 filesystem being mounted at /217/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  702.429374][ T1161] loop4: detected capacity change from 0 to 2048
[  702.455213][ T1163] loop5: detected capacity change from 0 to 512
[  702.476299][ T1163] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  702.510430][ T1163] EXT4-fs (loop5): 1 truncate cleaned up
[  702.525175][ T1163] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  702.571229][ T1163] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  702.596282][T29812] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  702.760013][ T1170] loop3: detected capacity change from 0 to 2048
[  702.873564][ T1173] loop5: detected capacity change from 0 to 1024
[  702.915040][ T1173] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  702.933178][ T1173] ext4 filesystem being mounted at /56/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  702.961724][ T1179] loop4: detected capacity change from 0 to 512
[  702.984647][ T1179] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.10684: casefold flag without casefold feature
[  703.037962][ T1179] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.10684: couldn't read orphan inode 15 (err -117)
[  703.077463][ T1179] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  703.112745][ T1172] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #15: block 8: comm syz.5.10686: lblock 8 mapped to illegal pblock 8 (length 1)
[  703.141005][ T1172] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 1 with error 117
[  703.153407][ T1172] EXT4-fs (loop5): This should not happen!! Data will be lost
[  703.153407][ T1172] 
[  703.198328][ T1172] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  703.278822][ T1172] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 475 with error 28
[  703.291369][ T1172] EXT4-fs (loop5): This should not happen!! Data will be lost
[  703.291369][ T1172] 
[  703.301084][ T1172] EXT4-fs (loop5): Total free blocks count 0
[  703.307232][ T1172] EXT4-fs (loop5): Free/Dirty block details
[  703.313247][ T1172] EXT4-fs (loop5): free_blocks=4293918720
[  703.319126][ T1172] EXT4-fs (loop5): dirty_blocks=480
[  703.324384][ T1172] EXT4-fs (loop5): Block reservation details
[  703.467238][T25604] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:46: lblock 1 mapped to illegal pblock 1 (length 7)
[  703.556157][ T1198] netlink: 32 bytes leftover after parsing attributes in process `syz.5.10691'.
[  703.565328][ T1198] netlink: 24 bytes leftover after parsing attributes in process `syz.5.10691'.
[  703.620304][ T1198] loop5: detected capacity change from 0 to 512
[  703.631373][ T1198] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  703.677152][ T1198] EXT4-fs (loop5): 1 truncate cleaned up
[  703.686294][ T1198] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  703.733669][ T1207] loop3: detected capacity change from 0 to 2048
[  703.755329][ T1198] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  703.852637][ T1211] loop3: detected capacity change from 0 to 512
[  703.942247][ T1211] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  703.956092][ T1211] ext4 filesystem being mounted at /221/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  703.968316][ T1208] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  703.998263][ T1211] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.10695: corrupted inode contents
[  704.028037][ T1211] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #2: comm syz.3.10695: mark_inode_dirty error
[  704.045762][ T1211] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.10695: corrupted inode contents
[  704.053139][ T1218] loop5: detected capacity change from 0 to 2048
[  704.091919][ T1211] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.10695: mark_inode_dirty error
[  704.231772][ T1225] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10700'.
[  704.318413][T29812] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  704.516006][ T1235] loop3: detected capacity change from 0 to 2048
[  704.640398][ T1221] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  704.920296][ T1253] loop0: detected capacity change from 0 to 512
[  704.927876][ T1249] netlink: 32 bytes leftover after parsing attributes in process `syz.5.10707'.
[  704.937009][ T1249] netlink: 24 bytes leftover after parsing attributes in process `syz.5.10707'.
[  704.948595][ T1253] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  704.965051][ T1253] EXT4-fs (loop0): 1 truncate cleaned up
[  705.001406][ T1253] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  705.014551][ T1249] loop5: detected capacity change from 0 to 512
[  705.022158][ T1249] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  705.036110][ T1253] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  705.046197][ T1249] EXT4-fs (loop5): 1 truncate cleaned up
[  705.083473][ T1249] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  705.152532][ T1249] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  705.164475][ T1263] loop0: detected capacity change from 0 to 512
[  705.186759][ T1263] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  705.212229][ T1263] EXT4-fs (loop0): 1 truncate cleaned up
[  705.225913][ T1263] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  705.264903][ T1263] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  706.102782][   T29] kauditd_printk_skb: 336 callbacks suppressed
[  706.102800][   T29] audit: type=1326 audit(1748750185.266:65470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1293 comm="syz.0.10721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  706.180728][   T29] audit: type=1326 audit(1748750185.336:65471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1278 comm="syz.2.10719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  706.204476][   T29] audit: type=1326 audit(1748750185.336:65472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1278 comm="syz.2.10719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  706.395659][ T1307] loop0: detected capacity change from 0 to 512
[  706.436166][   T29] audit: type=1326 audit(1748750185.596:65473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1308 comm="syz.5.10725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  706.460074][   T29] audit: type=1326 audit(1748750185.596:65474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1308 comm="syz.5.10725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  706.483718][   T29] audit: type=1326 audit(1748750185.596:65475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1308 comm="syz.5.10725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  706.507381][   T29] audit: type=1326 audit(1748750185.596:65476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1308 comm="syz.5.10725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  706.531067][   T29] audit: type=1326 audit(1748750185.596:65477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1308 comm="syz.5.10725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  706.554735][   T29] audit: type=1326 audit(1748750185.596:65478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1308 comm="syz.5.10725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  706.578389][   T29] audit: type=1326 audit(1748750185.596:65479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1308 comm="syz.5.10725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  706.626853][ T1307] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  706.760682][ T1307] ext4 filesystem being mounted at /280/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  706.780086][ T1305] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  706.790714][ T1307] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.10724: corrupted inode contents
[  707.081011][ T1307] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.10724: mark_inode_dirty error
[  707.096562][ T1307] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.10724: corrupted inode contents
[  707.112265][ T1307] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.10724: mark_inode_dirty error
[  707.317404][T29405] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  707.658373][ T1335] loop5: detected capacity change from 0 to 512
[  707.701436][ T1335] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  707.755556][ T1335] EXT4-fs (loop5): 1 truncate cleaned up
[  707.765040][ T1335] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  707.821912][ T1335] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  707.891663][T28450] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  707.955757][ T1346] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10735'.
[  708.140897][ T1356] loop5: detected capacity change from 0 to 1024
[  708.306061][ T1370] loop0: detected capacity change from 0 to 1024
[  708.323080][ T1356] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  708.345565][ T1356] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  708.525088][ T1349] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #15: block 8: comm syz.5.10736: lblock 8 mapped to illegal pblock 8 (length 1)
[  708.549800][ T1349] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 1 with error 117
[  708.562194][ T1349] EXT4-fs (loop5): This should not happen!! Data will be lost
[  708.562194][ T1349] 
[  708.690024][ T1382] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  708.715374][ T1386] loop4: detected capacity change from 0 to 512
[  708.722822][ T1349] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  708.728918][ T1370] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  708.738430][ T1349] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 475 with error 28
[  708.762514][ T1349] EXT4-fs (loop5): This should not happen!! Data will be lost
[  708.762514][ T1349] 
[  708.772287][ T1349] EXT4-fs (loop5): Total free blocks count 0
[  708.778301][ T1349] EXT4-fs (loop5): Free/Dirty block details
[  708.784289][ T1349] EXT4-fs (loop5): free_blocks=4293918720
[  708.786833][ T1386] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  708.790033][ T1349] EXT4-fs (loop5): dirty_blocks=480
[  708.790052][ T1349] EXT4-fs (loop5): Block reservation details
[  708.822233][ T1370] ext4 filesystem being mounted at /285/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  708.840499][ T1386] ext4 filesystem being mounted at /365/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  708.951825][ T1386] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.10745: corrupted inode contents
[  708.972996][ T1386] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm syz.4.10745: mark_inode_dirty error
[  708.991100][T25604] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:46: lblock 1 mapped to illegal pblock 1 (length 7)
[  709.026486][T25599] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:41: lblock 1 mapped to illegal pblock 1 (length 8)
[  709.041324][ T1386] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.10745: corrupted inode contents
[  709.053670][T25599] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 8 with error 117
[  709.066127][T25599] EXT4-fs (loop0): This should not happen!! Data will be lost
[  709.066127][T25599] 
[  709.081970][ T1386] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.10745: mark_inode_dirty error
[  709.118974][T29405] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  709.530095][ T1408] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10751'.
[  709.558114][T28450] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  709.615650][ T1413] netlink: 32 bytes leftover after parsing attributes in process `syz.4.10752'.
[  709.624867][ T1413] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10752'.
[  709.678500][ T1413] loop4: detected capacity change from 0 to 512
[  709.702977][ T1413] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  709.723397][ T1413] EXT4-fs (loop4): 1 truncate cleaned up
[  709.730061][ T1413] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  709.752354][ T1413] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  709.765461][ T1423] loop3: detected capacity change from 0 to 2048
[  710.024416][ T1429] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  710.186443][ T1437] loop5: detected capacity change from 0 to 1024
[  710.242572][ T1437] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  710.255995][ T1437] ext4 filesystem being mounted at /69/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  710.321540][ T1435] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #15: block 8: comm syz.5.10761: lblock 8 mapped to illegal pblock 8 (length 1)
[  710.339517][ T1447] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10763'.
[  710.345619][ T1435] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 1 with error 117
[  710.360944][ T1435] EXT4-fs (loop5): This should not happen!! Data will be lost
[  710.360944][ T1435] 
[  710.442931][ T1435] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  710.469829][ T1435] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 475 with error 28
[  710.482441][ T1435] EXT4-fs (loop5): This should not happen!! Data will be lost
[  710.482441][ T1435] 
[  710.492220][ T1435] EXT4-fs (loop5): Total free blocks count 0
[  710.498227][ T1435] EXT4-fs (loop5): Free/Dirty block details
[  710.504209][ T1435] EXT4-fs (loop5): free_blocks=4293918720
[  710.509949][ T1435] EXT4-fs (loop5): dirty_blocks=480
[  710.515197][ T1435] EXT4-fs (loop5): Block reservation details
[  710.547571][ T1452] loop4: detected capacity change from 0 to 2048
[  710.825934][T25603] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:45: lblock 1 mapped to illegal pblock 1 (length 7)
[  710.945557][ T1470] loop0: detected capacity change from 0 to 512
[  710.955128][ T1470] ext2: Bad value for 'mb_optimize_scan'
[  710.964267][ T1470] xt_CT: You must specify a L4 protocol and not use inversions on it
[  711.012405][ T1471] loop5: detected capacity change from 0 to 1024
[  711.142804][ T1471] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  711.156476][ T1471] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  711.168103][   T29] kauditd_printk_skb: 329 callbacks suppressed
[  711.168116][   T29] audit: type=1326 audit(1748750190.326:65809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1467 comm="syz.5.10769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2d679ed2d0 code=0x7ffc0000
[  711.202634][   T29] audit: type=1326 audit(1748750190.366:65810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1467 comm="syz.5.10769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f2d679ed6b7 code=0x7ffc0000
[  711.226399][   T29] audit: type=1326 audit(1748750190.366:65811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1467 comm="syz.5.10769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2d679ed2d0 code=0x7ffc0000
[  711.250074][   T29] audit: type=1326 audit(1748750190.366:65812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1467 comm="syz.5.10769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  711.273772][   T29] audit: type=1326 audit(1748750190.366:65813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1467 comm="syz.5.10769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  711.285015][ T1468] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #15: block 8: comm syz.5.10769: lblock 8 mapped to illegal pblock 8 (length 8)
[  711.320279][ T1468] EXT4-fs error (device loop5): ext4_ext_remove_space:2955: inode #15: comm syz.5.10769: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  711.508990][   T29] audit: type=1326 audit(1748750190.666:65814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1467 comm="syz.5.10769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  711.532679][   T29] audit: type=1326 audit(1748750190.666:65815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1467 comm="syz.5.10769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  711.556310][   T29] audit: type=1326 audit(1748750190.666:65816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1467 comm="syz.5.10769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  711.595160][   T29] audit: type=1326 audit(1748750190.756:65817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1491 comm="syz.3.10776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1122d8e969 code=0x7ffc0000
[  711.618873][   T29] audit: type=1326 audit(1748750190.756:65818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1491 comm="syz.3.10776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f1122d8e969 code=0x7ffc0000
[  711.661606][T32690] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  712.221435][ T1516] loop0: detected capacity change from 0 to 512
[  712.248167][ T1516] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  712.276299][ T1516] ext4 filesystem being mounted at /297/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  712.290600][ T1516] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.10784: corrupted inode contents
[  712.304609][ T1516] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.10784: mark_inode_dirty error
[  712.316600][ T1516] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.10784: corrupted inode contents
[  712.330846][ T1516] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.10784: mark_inode_dirty error
[  712.353724][ T1522] loop4: detected capacity change from 0 to 2048
[  712.535997][T29405] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  712.592709][ T1506] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  712.777997][ T1564] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10799'.
[  713.072408][ T1573] netlink: 32 bytes leftover after parsing attributes in process `syz.4.10800'.
[  713.081676][ T1573] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10800'.
[  713.095627][ T1573] loop4: detected capacity change from 0 to 512
[  713.105602][ T1573] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  713.117592][ T1573] EXT4-fs (loop4): 1 truncate cleaned up
[  713.128690][ T1573] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  713.142684][ T1573] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  713.433776][ T1599] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10811'.
[  713.545809][ T1608] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10816'.
[  713.601640][ T1614] netlink: 32 bytes leftover after parsing attributes in process `syz.4.10818'.
[  713.633922][ T1614] loop4: detected capacity change from 0 to 512
[  713.646577][ T1614] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  713.667046][ T1614] EXT4-fs (loop4): 1 truncate cleaned up
[  713.680242][ T1614] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  713.718311][ T1614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  713.915527][ T1640] loop0: detected capacity change from 0 to 2048
[  714.382252][ T1659] loop3: detected capacity change from 0 to 512
[  714.389529][ T1659] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  714.402097][ T1659] EXT4-fs (loop3): 1 truncate cleaned up
[  714.408238][ T1659] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  714.421369][ T1659] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  714.505918][ T1663] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  714.515702][ T1663] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  714.684150][ T1669] __nla_validate_parse: 3 callbacks suppressed
[  714.684185][ T1669] netlink: 32 bytes leftover after parsing attributes in process `syz.5.10834'.
[  714.699490][ T1669] netlink: 24 bytes leftover after parsing attributes in process `syz.5.10834'.
[  714.726337][ T1667] loop5: detected capacity change from 0 to 512
[  714.737346][ T1672] loop0: detected capacity change from 0 to 512
[  714.745618][ T1667] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  714.762316][ T1667] EXT4-fs (loop5): 1 truncate cleaned up
[  714.771595][ T1667] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  714.775990][ T1672] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  714.790991][ T1667] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  714.805712][ T1672] ext4 filesystem being mounted at /303/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  714.823116][ T1672] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.10836: corrupted inode contents
[  714.844210][ T1672] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.10836: mark_inode_dirty error
[  714.857137][ T1672] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.10836: corrupted inode contents
[  714.871103][ T1672] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.10836: mark_inode_dirty error
[  714.967990][T29405] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  715.164616][ T1689] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10840'.
[  715.540749][ T1693] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10842'.
[  715.560309][ T1698] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10841'.
[  715.726859][ T1684] loop4: detected capacity change from 0 to 1024
[  715.746631][ T1684] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  715.759568][ T1684] ext4 filesystem being mounted at /386/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  716.676465][   T29] kauditd_printk_skb: 317 callbacks suppressed
[  716.676483][   T29] audit: type=1326 audit(1748750195.837:66136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1682 comm="syz.4.10838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd77bacd2d0 code=0x7ffc0000
[  716.706530][   T29] audit: type=1326 audit(1748750195.837:66137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1682 comm="syz.4.10838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7fd77bacd6b7 code=0x7ffc0000
[  716.730090][   T29] audit: type=1326 audit(1748750195.837:66138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1682 comm="syz.4.10838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd77bacd2d0 code=0x7ffc0000
[  716.753998][   T29] audit: type=1326 audit(1748750195.837:66139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1682 comm="syz.4.10838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd77bace969 code=0x7ffc0000
[  716.777853][   T29] audit: type=1326 audit(1748750195.837:66140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1682 comm="syz.4.10838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd77bace969 code=0x7ffc0000
[  716.839448][   T29] audit: type=1326 audit(1748750195.977:66141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1682 comm="syz.4.10838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fd77bace969 code=0x7ffc0000
[  716.839485][   T29] audit: type=1326 audit(1748750195.997:66142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1682 comm="syz.4.10838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd77bace969 code=0x7ffc0000
[  716.839547][   T29] audit: type=1326 audit(1748750195.997:66143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1682 comm="syz.4.10838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd77bace969 code=0x7ffc0000
[  716.839617][   T29] audit: type=1326 audit(1748750195.997:66144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1682 comm="syz.4.10838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fd77bace969 code=0x7ffc0000
[  716.839688][   T29] audit: type=1326 audit(1748750195.997:66145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1682 comm="syz.4.10838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd77bace969 code=0x7ffc0000
[  716.854055][ T1684] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #15: block 8: comm syz.4.10838: lblock 8 mapped to illegal pblock 8 (length 1)
[  716.855304][ T1684] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 1 with error 117
[  716.855334][ T1684] EXT4-fs (loop4): This should not happen!! Data will be lost
[  716.855334][ T1684] 
[  716.899226][ T1684] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  716.899839][ T1684] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 475 with error 28
[  716.899868][ T1684] EXT4-fs (loop4): This should not happen!! Data will be lost
[  716.899868][ T1684] 
[  716.899897][ T1684] EXT4-fs (loop4): Total free blocks count 0
[  716.899991][ T1684] EXT4-fs (loop4): Free/Dirty block details
[  716.900006][ T1684] EXT4-fs (loop4): free_blocks=4293918720
[  716.900023][ T1684] EXT4-fs (loop4): dirty_blocks=480
[  716.900088][ T1684] EXT4-fs (loop4): Block reservation details
[  717.111377][T25607] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:49: lblock 1 mapped to illegal pblock 1 (length 7)
[  717.255688][ T1743] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10856'.
[  717.265979][ T1744] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10855'.
[  717.357305][ T1752] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  717.377865][ T1752] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  717.528332][ T1755] loop3: detected capacity change from 0 to 2048
[  717.580424][ T1755] Alternate GPT is invalid, using primary GPT.
[  717.586769][ T1755]  loop3: p1 p2 p3
[  718.176864][ T1779] netlink: 32 bytes leftover after parsing attributes in process `syz.3.10865'.
[  718.186008][ T1779] netlink: 24 bytes leftover after parsing attributes in process `syz.3.10865'.
[  718.260625][ T1770] loop3: detected capacity change from 0 to 512
[  718.294017][ T1770] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  718.344323][ T1770] EXT4-fs (loop3): 1 truncate cleaned up
[  718.363786][ T1770] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  718.444174][ T1791] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10869'.
[  718.477662][ T1770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  718.945347][ T1810] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  718.959904][ T1810] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  719.755819][ T1836] loop0: detected capacity change from 0 to 512
[  719.785627][ T1836] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  719.851048][ T1836] EXT4-fs (loop0): 1 truncate cleaned up
[  720.130384][ T1846] __nla_validate_parse: 1 callbacks suppressed
[  720.130403][ T1846] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10886'.
[  720.147445][ T1836] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  720.165226][ T1836] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  720.672061][ T1872] loop4: detected capacity change from 0 to 1024
[  720.699982][ T1872] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  720.749185][ T1872] ext4 filesystem being mounted at /396/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  720.763002][ T1889] loop5: detected capacity change from 0 to 512
[  720.788825][ T1889] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  720.808147][ T1872] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #15: block 8: comm syz.4.10896: lblock 8 mapped to illegal pblock 8 (length 1)
[  720.846400][ T1889] EXT4-fs (loop5): 1 truncate cleaned up
[  720.856807][ T1872] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 1 with error 117
[  720.869176][ T1872] EXT4-fs (loop4): This should not happen!! Data will be lost
[  720.869176][ T1872] 
[  720.891450][ T1889] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  720.931877][ T1894] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  720.954562][ T1894] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  720.990299][ T1872] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  721.022632][ T1872] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 475 with error 28
[  721.035182][ T1872] EXT4-fs (loop4): This should not happen!! Data will be lost
[  721.035182][ T1872] 
[  721.044878][ T1872] EXT4-fs (loop4): Total free blocks count 0
[  721.050943][ T1872] EXT4-fs (loop4): Free/Dirty block details
[  721.057124][ T1872] EXT4-fs (loop4): free_blocks=4293918720
[  721.062942][ T1872] EXT4-fs (loop4): dirty_blocks=480
[  721.068179][ T1872] EXT4-fs (loop4): Block reservation details
[  721.308891][ T1889] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  721.367767][T25600] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:42: lblock 1 mapped to illegal pblock 1 (length 7)
[  721.481890][ T1910] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  721.510724][ T1910] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  721.960028][   T29] kauditd_printk_skb: 255 callbacks suppressed
[  721.960047][   T29] audit: type=1326 audit(1748750201.128:66401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1920 comm="syz.0.10911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  722.001415][   T29] audit: type=1326 audit(1748750201.158:66402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1920 comm="syz.0.10911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  722.025080][   T29] audit: type=1326 audit(1748750201.158:66403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1920 comm="syz.0.10911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  722.048739][   T29] audit: type=1326 audit(1748750201.158:66404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1920 comm="syz.0.10911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  722.072519][   T29] audit: type=1326 audit(1748750201.158:66405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1920 comm="syz.0.10911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  722.096271][   T29] audit: type=1326 audit(1748750201.158:66406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1920 comm="syz.0.10911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  722.120169][   T29] audit: type=1326 audit(1748750201.158:66407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1920 comm="syz.0.10911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  722.144065][   T29] audit: type=1326 audit(1748750201.168:66408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1925 comm="syz.2.10912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  722.167686][   T29] audit: type=1326 audit(1748750201.168:66409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1925 comm="syz.2.10912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  722.191378][   T29] audit: type=1326 audit(1748750201.168:66410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1925 comm="syz.2.10912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  722.296206][ T1931] loop5: detected capacity change from 0 to 1024
[  722.302783][ T1938] loop0: detected capacity change from 0 to 2048
[  722.362463][ T1931] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  722.392088][ T1931] ext4 filesystem being mounted at /104/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  722.466118][ T1931] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #15: block 8: comm syz.5.10914: lblock 8 mapped to illegal pblock 8 (length 1)
[  722.485073][ T1931] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 1 with error 117
[  722.497449][ T1931] EXT4-fs (loop5): This should not happen!! Data will be lost
[  722.497449][ T1931] 
[  722.520160][ T1931] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  722.535172][ T1947] netlink: 32 bytes leftover after parsing attributes in process `syz.4.10916'.
[  722.536218][ T1931] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 475 with error 28
[  722.544357][ T1947] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10916'.
[  722.556746][ T1931] EXT4-fs (loop5): This should not happen!! Data will be lost
[  722.556746][ T1931] 
[  722.556768][ T1931] EXT4-fs (loop5): Total free blocks count 0
[  722.581724][ T1931] EXT4-fs (loop5): Free/Dirty block details
[  722.587687][ T1931] EXT4-fs (loop5): free_blocks=4293918720
[  722.593466][ T1931] EXT4-fs (loop5): dirty_blocks=480
[  722.598712][ T1931] EXT4-fs (loop5): Block reservation details
[  722.610323][ T1945] loop4: detected capacity change from 0 to 512
[  722.618007][ T1945] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  722.637702][ T1945] EXT4-fs (loop4): 1 truncate cleaned up
[  722.662375][ T1945] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  722.676897][T25604] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:46: lblock 1 mapped to illegal pblock 1 (length 7)
[  722.696999][ T1945] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  722.799366][ T1962] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10920'.
[  722.961439][ T1975] loop3: detected capacity change from 0 to 2048
[  723.474594][ T1990] loop0: detected capacity change from 0 to 1024
[  723.610580][ T1990] ext4 filesystem being mounted at /324/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  724.230513][ T1981] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #15: block 8: comm syz.0.10928: lblock 8 mapped to illegal pblock 8 (length 1)
[  724.268395][ T1981] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 1 with error 117
[  724.280769][ T1981] EXT4-fs (loop0): This should not happen!! Data will be lost
[  724.280769][ T1981] 
[  724.362366][ T1981] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  724.362625][ T1981] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 475 with error 28
[  724.362655][ T1981] EXT4-fs (loop0): This should not happen!! Data will be lost
[  724.362655][ T1981] 
[  724.362672][ T1981] EXT4-fs (loop0): Total free blocks count 0
[  724.362689][ T1981] EXT4-fs (loop0): Free/Dirty block details
[  724.362762][ T1981] EXT4-fs (loop0): free_blocks=4293918720
[  724.362775][ T1981] EXT4-fs (loop0): dirty_blocks=480
[  724.362787][ T1981] EXT4-fs (loop0): Block reservation details
[  724.362798][ T1981] EXT4-fs (loop0): i_reserved_data_blocks=30
[  724.544715][T20521] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:32: lblock 1 mapped to illegal pblock 1 (length 7)
[  724.721065][ T2029] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10940'.
[  725.992690][ T2054] netlink: 32 bytes leftover after parsing attributes in process `syz.5.10949'.
[  726.001891][ T2054] netlink: 24 bytes leftover after parsing attributes in process `syz.5.10949'.
[  726.018470][ T2054] loop5: detected capacity change from 0 to 512
[  726.025567][ T2054] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  726.038634][ T2054] EXT4-fs (loop5): 1 truncate cleaned up
[  726.175436][ T2069] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10953'.
[  726.366174][ T2077] loop0: detected capacity change from 0 to 2048
[  726.440537][ T4902] Alternate GPT is invalid, using primary GPT.
[  726.446915][ T4902]  loop0: p1 p2 p3
[  726.483191][ T2077] Alternate GPT is invalid, using primary GPT.
[  726.489667][ T2077]  loop0: p1 p2 p3
[  726.497139][ T2084] loop4: detected capacity change from 0 to 2048
[  726.564313][ T2090] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  726.616330][ T2090] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  727.721853][   T29] kauditd_printk_skb: 271 callbacks suppressed
[  727.721872][   T29] audit: type=1326 audit(1748750206.888:66682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2113 comm="syz.4.10969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd77bace969 code=0x7ffc0000
[  727.773913][   T29] audit: type=1326 audit(1748750206.888:66683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2111 comm="syz.5.10968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  727.797732][   T29] audit: type=1326 audit(1748750206.888:66684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2111 comm="syz.5.10968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  727.821428][   T29] audit: type=1326 audit(1748750206.888:66685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2111 comm="syz.5.10968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  727.845152][   T29] audit: type=1326 audit(1748750206.888:66686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2111 comm="syz.5.10968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  727.868850][   T29] audit: type=1326 audit(1748750206.918:66687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2113 comm="syz.4.10969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd77bace969 code=0x7ffc0000
[  727.892806][   T29] audit: type=1326 audit(1748750206.918:66688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2113 comm="syz.4.10969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd77bace969 code=0x7ffc0000
[  727.916482][   T29] audit: type=1326 audit(1748750206.918:66689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2113 comm="syz.4.10969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd77bace969 code=0x7ffc0000
[  727.940146][   T29] audit: type=1326 audit(1748750206.918:66690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2113 comm="syz.4.10969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd77bace969 code=0x7ffc0000
[  727.964604][   T29] audit: type=1326 audit(1748750206.918:66691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2113 comm="syz.4.10969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7fd77bace969 code=0x7ffc0000
[  728.836775][ T2138] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  728.908246][ T2138] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  729.177735][ T2131] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  729.275466][ T2156] FAULT_INJECTION: forcing a failure.
[  729.275466][ T2156] name failslab, interval 1, probability 0, space 0, times 0
[  729.288209][ T2156] CPU: 0 UID: 0 PID: 2156 Comm: syz.0.10981 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  729.288238][ T2156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  729.288253][ T2156] Call Trace:
[  729.288261][ T2156]  <TASK>
[  729.288270][ T2156]  __dump_stack+0x1d/0x30
[  729.288295][ T2156]  dump_stack_lvl+0xe8/0x140
[  729.288315][ T2156]  dump_stack+0x15/0x1b
[  729.288333][ T2156]  should_fail_ex+0x265/0x280
[  729.288369][ T2156]  should_failslab+0x8c/0xb0
[  729.288392][ T2156]  kmem_cache_alloc_noprof+0x50/0x310
[  729.288421][ T2156]  ? mas_alloc_nodes+0x265/0x520
[  729.288452][ T2156]  mas_alloc_nodes+0x265/0x520
[  729.288483][ T2156]  mas_preallocate+0x456/0x680
[  729.288514][ T2156]  __split_vma+0x239/0x610
[  729.288546][ T2156]  vma_modify+0x107/0x210
[  729.288570][ T2156]  vma_modify_policy+0x101/0x130
[  729.288600][ T2156]  mbind_range+0x1b8/0x440
[  729.288635][ T2156]  ? mas_find+0x4ea/0x610
[  729.288663][ T2156]  __se_sys_mbind+0x648/0xac0
[  729.288701][ T2156]  __x64_sys_mbind+0x78/0x90
[  729.288730][ T2156]  x64_sys_call+0x14af/0x2fb0
[  729.288753][ T2156]  do_syscall_64+0xd2/0x200
[  729.288781][ T2156]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  729.288816][ T2156]  ? clear_bhb_loop+0x40/0x90
[  729.288839][ T2156]  ? clear_bhb_loop+0x40/0x90
[  729.288863][ T2156]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  729.288886][ T2156] RIP: 0033:0x7f9c51fee969
[  729.288903][ T2156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  729.288923][ T2156] RSP: 002b:00007f9c50657038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  729.288943][ T2156] RAX: ffffffffffffffda RBX: 00007f9c52215fa0 RCX: 00007f9c51fee969
[  729.288957][ T2156] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000200000001000
[  729.288973][ T2156] RBP: 00007f9c50657090 R08: 0000000000000000 R09: 0000000000000000
[  729.288987][ T2156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  729.289000][ T2156] R13: 0000000000000000 R14: 00007f9c52215fa0 R15: 00007ffd43a42af8
[  729.289020][ T2156]  </TASK>
[  729.583882][ T2163] loop0: detected capacity change from 0 to 512
[  730.042562][ T2163] EXT4-fs mount: 4 callbacks suppressed
[  730.042584][ T2163] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  730.137832][ T2163] ext4 filesystem being mounted at /332/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  730.151754][ T2182] loop4: detected capacity change from 0 to 2048
[  730.187732][ T2163] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.10983: corrupted inode contents
[  730.244409][ T2163] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.10983: mark_inode_dirty error
[  730.322267][ T2186] loop3: detected capacity change from 0 to 512
[  730.472026][ T2163] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.10983: corrupted inode contents
[  730.492683][ T2186] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.10984: casefold flag without casefold feature
[  730.505827][ T2186] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.10984: couldn't read orphan inode 15 (err -117)
[  730.518473][ T2186] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  730.645909][ T2163] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.10983: mark_inode_dirty error
[  730.786789][ T2194] netlink: 32 bytes leftover after parsing attributes in process `syz.5.10991'.
[  730.795947][ T2194] netlink: 24 bytes leftover after parsing attributes in process `syz.5.10991'.
[  730.859191][ T2193] loop5: detected capacity change from 0 to 512
[  730.884211][ T2193] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  730.982828][ T2193] EXT4-fs (loop5): 1 truncate cleaned up
[  731.001366][ T2193] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  731.052831][ T2193] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  731.089726][ T2200] netlink: 32 bytes leftover after parsing attributes in process `syz.2.10993'.
[  731.098885][ T2200] netlink: 24 bytes leftover after parsing attributes in process `syz.2.10993'.
[  731.167146][T29405] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  731.629961][ T2204] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  731.685098][T29812] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  732.190639][ T2231] loop5: detected capacity change from 0 to 1024
[  732.212647][ T2231] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  732.236081][ T2234] loop4: detected capacity change from 0 to 2048
[  732.249281][ T2231] ext4 filesystem being mounted at /127/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  732.400218][T25607] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:49: lblock 1 mapped to illegal pblock 1 (length 8)
[  732.417771][T25607] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 8 with error 117
[  732.430237][T25607] EXT4-fs (loop5): This should not happen!! Data will be lost
[  732.430237][T25607] 
[  732.448772][T32690] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  732.546945][ T2248] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  732.565126][ T2248] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  732.685816][ T2253] loop0: detected capacity change from 0 to 2048
[  732.761145][   T29] kauditd_printk_skb: 172 callbacks suppressed
[  732.761162][   T29] audit: type=1326 audit(1748750211.929:66864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2250 comm="syz.0.11009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  732.811865][   T29] audit: type=1326 audit(1748750211.949:66865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2250 comm="syz.0.11009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  732.835672][   T29] audit: type=1326 audit(1748750211.949:66866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2250 comm="syz.0.11009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=450 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  732.859364][   T29] audit: type=1326 audit(1748750211.949:66867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2250 comm="syz.0.11009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  732.884955][ T2256] FAULT_INJECTION: forcing a failure.
[  732.884955][ T2256] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  732.898184][ T2256] CPU: 1 UID: 0 PID: 2256 Comm: syz.0.11010 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  732.898221][ T2256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  732.898239][ T2256] Call Trace:
[  732.898248][ T2256]  <TASK>
[  732.898259][ T2256]  __dump_stack+0x1d/0x30
[  732.898294][ T2256]  dump_stack_lvl+0xe8/0x140
[  732.898371][ T2256]  dump_stack+0x15/0x1b
[  732.898389][ T2256]  should_fail_ex+0x265/0x280
[  732.898428][ T2256]  should_fail+0xb/0x20
[  732.898468][ T2256]  should_fail_usercopy+0x1a/0x20
[  732.898534][ T2256]  strncpy_from_user+0x25/0x230
[  732.898646][ T2256]  ? kmem_cache_alloc_noprof+0x186/0x310
[  732.898682][ T2256]  ? getname_flags+0x80/0x3b0
[  732.898716][ T2256]  getname_flags+0xae/0x3b0
[  732.898785][ T2256]  __se_sys_newstat+0x4b/0x280
[  732.898875][ T2256]  ? __bpf_trace_sys_enter+0x10/0x30
[  732.898898][ T2256]  ? trace_sys_enter+0xd0/0x110
[  732.898928][ T2256]  __x64_sys_newstat+0x31/0x40
[  732.899026][ T2256]  x64_sys_call+0x781/0x2fb0
[  732.899056][ T2256]  do_syscall_64+0xd2/0x200
[  732.899087][ T2256]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  732.899122][ T2256]  ? clear_bhb_loop+0x40/0x90
[  732.899186][ T2256]  ? clear_bhb_loop+0x40/0x90
[  732.899217][ T2256]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  732.899270][ T2256] RIP: 0033:0x7f9c51fee969
[  732.899285][ T2256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  732.899310][ T2256] RSP: 002b:00007f9c50657038 EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  732.899386][ T2256] RAX: ffffffffffffffda RBX: 00007f9c52215fa0 RCX: 00007f9c51fee969
[  732.899404][ T2256] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  732.899421][ T2256] RBP: 00007f9c50657090 R08: 0000000000000000 R09: 0000000000000000
[  732.899433][ T2256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  732.899446][ T2256] R13: 0000000000000000 R14: 00007f9c52215fa0 R15: 00007ffd43a42af8
[  732.899465][ T2256]  </TASK>
[  733.154026][   T29] audit: type=1326 audit(1748750212.309:66868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2257 comm="syz.3.11011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1122d8e969 code=0x7ffc0000
[  733.178073][   T29] audit: type=1326 audit(1748750212.309:66869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2257 comm="syz.3.11011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1122d8e969 code=0x7ffc0000
[  733.202739][   T29] audit: type=1326 audit(1748750212.339:66870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2257 comm="syz.3.11011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7f1122d8e969 code=0x7ffc0000
[  733.230054][   T29] audit: type=1326 audit(1748750212.389:66871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2258 comm="syz.0.11013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  733.253716][   T29] audit: type=1326 audit(1748750212.389:66872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2258 comm="syz.0.11013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  733.283189][   T29] audit: type=1326 audit(1748750212.389:66873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2258 comm="syz.0.11013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c51fee969 code=0x7ffc0000
[  733.328930][ T2267] loop0: detected capacity change from 0 to 1024
[  733.398302][ T2267] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  733.410701][ T2267] ext4 filesystem being mounted at /336/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  733.520369][ T2260] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #15: block 8: comm syz.0.11013: lblock 8 mapped to illegal pblock 8 (length 1)
[  733.559861][ T2260] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 1 with error 117
[  733.572253][ T2260] EXT4-fs (loop0): This should not happen!! Data will be lost
[  733.572253][ T2260] 
[  733.593077][ T2282] netlink: 24 bytes leftover after parsing attributes in process `syz.5.11017'.
[  733.622100][ T2260] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  733.637294][ T2260] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 475 with error 28
[  733.649779][ T2260] EXT4-fs (loop0): This should not happen!! Data will be lost
[  733.649779][ T2260] 
[  733.659525][ T2260] EXT4-fs (loop0): Total free blocks count 0
[  733.665538][ T2260] EXT4-fs (loop0): Free/Dirty block details
[  733.671524][ T2260] EXT4-fs (loop0): free_blocks=4293918720
[  733.677293][ T2260] EXT4-fs (loop0): dirty_blocks=480
[  733.682503][ T2260] EXT4-fs (loop0): Block reservation details
[  733.727928][ T2284] loop5: detected capacity change from 0 to 512
[  733.772691][T25599] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:41: lblock 1 mapped to illegal pblock 1 (length 7)
[  733.801560][ T2284] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  733.815675][ T2284] ext4 filesystem being mounted at /132/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  733.832089][ T2284] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #2: comm syz.5.11018: corrupted inode contents
[  733.844444][ T2284] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #2: comm syz.5.11018: mark_inode_dirty error
[  733.864796][ T2284] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #2: comm syz.5.11018: corrupted inode contents
[  733.880352][ T2284] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.11018: mark_inode_dirty error
[  734.003662][T32690] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  734.190245][ T2307] loop5: detected capacity change from 0 to 1024
[  734.239795][ T2307] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  734.267279][ T2307] ext4 filesystem being mounted at /133/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  734.303165][ T2302] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #15: block 8: comm syz.5.11024: lblock 8 mapped to illegal pblock 8 (length 1)
[  734.319189][ T2302] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 1 with error 117
[  734.331666][ T2302] EXT4-fs (loop5): This should not happen!! Data will be lost
[  734.331666][ T2302] 
[  734.350198][ T2323] loop0: detected capacity change from 0 to 2048
[  734.382704][ T2302] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  734.427786][ T2302] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 475 with error 28
[  734.440430][ T2302] EXT4-fs (loop5): This should not happen!! Data will be lost
[  734.440430][ T2302] 
[  734.450135][ T2302] EXT4-fs (loop5): Total free blocks count 0
[  734.456129][ T2302] EXT4-fs (loop5): Free/Dirty block details
[  734.462060][ T2302] EXT4-fs (loop5): free_blocks=4293918720
[  734.467890][ T2302] EXT4-fs (loop5): dirty_blocks=480
[  734.473379][ T2302] EXT4-fs (loop5): Block reservation details
[  734.510423][T25599] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:41: lblock 1 mapped to illegal pblock 1 (length 7)
[  734.542516][ T2329] loop4: detected capacity change from 0 to 2048
[  734.960428][ T2334] FAULT_INJECTION: forcing a failure.
[  734.960428][ T2334] name failslab, interval 1, probability 0, space 0, times 0
[  734.973092][ T2334] CPU: 0 UID: 0 PID: 2334 Comm: syz.0.11033 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  734.973178][ T2334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  734.973195][ T2334] Call Trace:
[  734.973204][ T2334]  <TASK>
[  734.973215][ T2334]  __dump_stack+0x1d/0x30
[  734.973244][ T2334]  dump_stack_lvl+0xe8/0x140
[  734.973270][ T2334]  dump_stack+0x15/0x1b
[  734.973292][ T2334]  should_fail_ex+0x265/0x280
[  734.973325][ T2334]  ? __se_sys_memfd_create+0x1cc/0x590
[  734.973381][ T2334]  should_failslab+0x8c/0xb0
[  734.973457][ T2334]  __kmalloc_cache_noprof+0x4c/0x320
[  734.973491][ T2334]  ? fput+0x8f/0xc0
[  734.973517][ T2334]  __se_sys_memfd_create+0x1cc/0x590
[  734.973621][ T2334]  __x64_sys_memfd_create+0x31/0x40
[  734.973666][ T2334]  x64_sys_call+0x122f/0x2fb0
[  734.973690][ T2334]  do_syscall_64+0xd2/0x200
[  734.973750][ T2334]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  734.973819][ T2334]  ? clear_bhb_loop+0x40/0x90
[  734.973848][ T2334]  ? clear_bhb_loop+0x40/0x90
[  734.973877][ T2334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  734.973903][ T2334] RIP: 0033:0x7f9c51fee969
[  734.973959][ T2334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  734.973983][ T2334] RSP: 002b:00007f9c50656e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  734.974007][ T2334] RAX: ffffffffffffffda RBX: 0000000000000457 RCX: 00007f9c51fee969
[  734.974023][ T2334] RDX: 00007f9c50656ef0 RSI: 0000000000000000 RDI: 00007f9c52071444
[  734.974040][ T2334] RBP: 0000200000000300 R08: 00007f9c50656bb7 R09: 00007f9c50656e40
[  734.974131][ T2334] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0
[  734.974146][ T2334] R13: 00007f9c50656ef0 R14: 00007f9c50656eb0 R15: 0000200000000780
[  734.974171][ T2334]  </TASK>
[  735.266525][ T2342] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11034'.
[  736.019786][ T2384] loop5: detected capacity change from 0 to 512
[  736.152408][ T2384] EXT4-fs error (device loop5): ext4_xattr_inode_iget:433: comm syz.5.11049: Parent and EA inode have the same ino 15
[  736.178811][ T2384] EXT4-fs (loop5): 1 orphan inode deleted
[  736.185027][ T2394] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11051'.
[  736.288486][ T2384] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  736.368120][T32690] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  736.406007][ T2406] loop4: detected capacity change from 0 to 2048
[  736.494787][ T2418] FAULT_INJECTION: forcing a failure.
[  736.494787][ T2418] name failslab, interval 1, probability 0, space 0, times 0
[  736.507602][ T2418] CPU: 0 UID: 0 PID: 2418 Comm: syz.5.11059 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  736.507674][ T2418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  736.507691][ T2418] Call Trace:
[  736.507700][ T2418]  <TASK>
[  736.507710][ T2418]  __dump_stack+0x1d/0x30
[  736.507738][ T2418]  dump_stack_lvl+0xe8/0x140
[  736.507776][ T2418]  dump_stack+0x15/0x1b
[  736.507793][ T2418]  should_fail_ex+0x265/0x280
[  736.507826][ T2418]  should_failslab+0x8c/0xb0
[  736.507853][ T2418]  __kmalloc_noprof+0xa5/0x3e0
[  736.508016][ T2418]  ? alloc_pipe_info+0x1c9/0x350
[  736.508045][ T2418]  alloc_pipe_info+0x1c9/0x350
[  736.508129][ T2418]  splice_direct_to_actor+0x592/0x680
[  736.508175][ T2418]  ? kstrtouint_from_user+0x9f/0xf0
[  736.508212][ T2418]  ? __pfx_direct_splice_actor+0x10/0x10
[  736.508251][ T2418]  ? __rcu_read_unlock+0x4f/0x70
[  736.508276][ T2418]  ? get_pid_task+0x96/0xd0
[  736.508321][ T2418]  ? avc_policy_seqno+0x15/0x30
[  736.508350][ T2418]  ? selinux_file_permission+0x1e4/0x320
[  736.508436][ T2418]  do_splice_direct+0xda/0x150
[  736.508468][ T2418]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  736.508626][ T2418]  do_sendfile+0x380/0x650
[  736.508718][ T2418]  __x64_sys_sendfile64+0x105/0x150
[  736.508753][ T2418]  x64_sys_call+0xb39/0x2fb0
[  736.508782][ T2418]  do_syscall_64+0xd2/0x200
[  736.508810][ T2418]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  736.508886][ T2418]  ? clear_bhb_loop+0x40/0x90
[  736.508908][ T2418]  ? clear_bhb_loop+0x40/0x90
[  736.508932][ T2418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  736.508959][ T2418] RIP: 0033:0x7f2d679ee969
[  736.508974][ T2418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  736.509035][ T2418] RSP: 002b:00007f2d66057038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  736.509055][ T2418] RAX: ffffffffffffffda RBX: 00007f2d67c15fa0 RCX: 00007f2d679ee969
[  736.509069][ T2418] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004
[  736.509085][ T2418] RBP: 00007f2d66057090 R08: 0000000000000000 R09: 0000000000000000
[  736.509101][ T2418] R10: 0001000000201005 R11: 0000000000000246 R12: 0000000000000001
[  736.509118][ T2418] R13: 0000000000000000 R14: 00007f2d67c15fa0 R15: 00007ffd16889678
[  736.509189][ T2418]  </TASK>
[  736.838380][ T2432] loop3: detected capacity change from 0 to 2048
[  736.956414][ T2439] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11068'.
[  737.757222][ T2470] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  737.779420][ T2470] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  737.823531][ T2466] loop4: detected capacity change from 0 to 8192
[  737.995410][ T2478] FAULT_INJECTION: forcing a failure.
[  737.995410][ T2478] name failslab, interval 1, probability 0, space 0, times 0
[  738.008747][ T2478] CPU: 1 UID: 0 PID: 2478 Comm: syz.0.11078 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  738.008786][ T2478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  738.008857][ T2478] Call Trace:
[  738.008864][ T2478]  <TASK>
[  738.008872][ T2478]  __dump_stack+0x1d/0x30
[  738.008894][ T2478]  dump_stack_lvl+0xe8/0x140
[  738.008916][ T2478]  dump_stack+0x15/0x1b
[  738.009006][ T2478]  should_fail_ex+0x265/0x280
[  738.009049][ T2478]  should_failslab+0x8c/0xb0
[  738.009077][ T2478]  kmem_cache_alloc_node_noprof+0x57/0x320
[  738.009115][ T2478]  ? __alloc_skb+0x101/0x320
[  738.009206][ T2478]  __alloc_skb+0x101/0x320
[  738.009231][ T2478]  netlink_alloc_large_skb+0xba/0xf0
[  738.009265][ T2478]  netlink_sendmsg+0x3cf/0x6b0
[  738.009350][ T2478]  ? __pfx_netlink_sendmsg+0x10/0x10
[  738.009380][ T2478]  __sock_sendmsg+0x142/0x180
[  738.009414][ T2478]  ____sys_sendmsg+0x31e/0x4e0
[  738.009599][ T2478]  ___sys_sendmsg+0x17b/0x1d0
[  738.009653][ T2478]  __x64_sys_sendmsg+0xd4/0x160
[  738.009700][ T2478]  x64_sys_call+0x2999/0x2fb0
[  738.009725][ T2478]  do_syscall_64+0xd2/0x200
[  738.009796][ T2478]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  738.009819][ T2478]  ? clear_bhb_loop+0x40/0x90
[  738.009846][ T2478]  ? clear_bhb_loop+0x40/0x90
[  738.009876][ T2478]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  738.009936][ T2478] RIP: 0033:0x7f9c51fee969
[  738.009951][ T2478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  738.009970][ T2478] RSP: 002b:00007f9c50657038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  738.010029][ T2478] RAX: ffffffffffffffda RBX: 00007f9c52215fa0 RCX: 00007f9c51fee969
[  738.010046][ T2478] RDX: 0000000000004000 RSI: 0000200000000080 RDI: 000000000000000d
[  738.010189][ T2478] RBP: 00007f9c50657090 R08: 0000000000000000 R09: 0000000000000000
[  738.010206][ T2478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  738.010221][ T2478] R13: 0000000000000000 R14: 00007f9c52215fa0 R15: 00007ffd43a42af8
[  738.010243][ T2478]  </TASK>
[  738.079412][   T29] kauditd_printk_skb: 365 callbacks suppressed
[  738.079432][   T29] audit: type=1326 audit(1748750217.240:67239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2479 comm="syz.2.11080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  738.283695][   T29] audit: type=1326 audit(1748750217.360:67240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2479 comm="syz.2.11080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  738.307488][   T29] audit: type=1326 audit(1748750217.380:67241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2479 comm="syz.2.11080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  738.331107][   T29] audit: type=1326 audit(1748750217.380:67242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2479 comm="syz.2.11080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  738.354812][   T29] audit: type=1326 audit(1748750217.380:67243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2479 comm="syz.2.11080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  738.371660][ T2466]  loop4: p4 < >
[  738.393450][   T29] audit: type=1326 audit(1748750217.550:67244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2479 comm="syz.2.11080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  738.417239][   T29] audit: type=1326 audit(1748750217.550:67245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2479 comm="syz.2.11080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  738.440979][   T29] audit: type=1326 audit(1748750217.550:67246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2479 comm="syz.2.11080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  738.464727][   T29] audit: type=1326 audit(1748750217.550:67247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2479 comm="syz.2.11080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  738.488472][   T29] audit: type=1326 audit(1748750217.550:67248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2479 comm="syz.2.11080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7502efe969 code=0x7ffc0000
[  738.702622][ T2499] loop3: detected capacity change from 0 to 2048
[  738.735741][ T2504] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  738.742643][ T2504] IPVS: set_ctl: invalid protocol: 8483 0.0.0.0:0
[  738.749420][ T2504] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  739.379129][ T2512] tmpfs: Cannot disable swap on remount
[  739.385564][ T2512] netlink: 16 bytes leftover after parsing attributes in process `syz.2.11090'.
[  739.508775][ T2518] netlink: 32 bytes leftover after parsing attributes in process `syz.3.11093'.
[  739.518050][ T2518] netlink: 24 bytes leftover after parsing attributes in process `syz.3.11093'.
[  739.532487][ T2518] loop3: detected capacity change from 0 to 512
[  739.597127][ T2518] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  739.632948][ T2518] EXT4-fs (loop3): 1 truncate cleaned up
[  739.662914][ T2518] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  739.717316][ T2518] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  739.844623][ T2535] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  739.871211][ T2535] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  740.167804][ T2555] FAULT_INJECTION: forcing a failure.
[  740.167804][ T2555] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  740.180980][ T2555] CPU: 1 UID: 0 PID: 2555 Comm: syz.2.11106 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  740.181041][ T2555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  740.181058][ T2555] Call Trace:
[  740.181066][ T2555]  <TASK>
[  740.181076][ T2555]  __dump_stack+0x1d/0x30
[  740.181103][ T2555]  dump_stack_lvl+0xe8/0x140
[  740.181124][ T2555]  dump_stack+0x15/0x1b
[  740.181211][ T2555]  should_fail_ex+0x265/0x280
[  740.181248][ T2555]  should_fail+0xb/0x20
[  740.181286][ T2555]  should_fail_usercopy+0x1a/0x20
[  740.181307][ T2555]  strncpy_from_user+0x25/0x230
[  740.181394][ T2555]  strncpy_from_user_nofault+0x68/0xf0
[  740.181424][ T2555]  bpf_probe_read_compat_str+0xb4/0x130
[  740.181469][ T2555]  bpf_prog_597e1462992804d8+0x46/0x4c
[  740.181486][ T2555]  bpf_trace_run2+0x104/0x1c0
[  740.181548][ T2555]  ? __rcu_read_unlock+0x4f/0x70
[  740.181575][ T2555]  ? unix_destroy_fpl+0x4d/0x140
[  740.181608][ T2555]  ? unix_destroy_fpl+0x4d/0x140
[  740.181652][ T2555]  __traceiter_kfree+0x2e/0x50
[  740.181675][ T2555]  ? unix_destroy_fpl+0x4d/0x140
[  740.181705][ T2555]  kfree+0x27b/0x320
[  740.181735][ T2555]  ? unix_del_edges+0x414/0x430
[  740.181767][ T2555]  unix_destroy_fpl+0x4d/0x140
[  740.181825][ T2555]  __unix_dgram_recvmsg+0x644/0x840
[  740.181926][ T2555]  unix_dgram_recvmsg+0x81/0x90
[  740.181951][ T2555]  ? __pfx_unix_dgram_recvmsg+0x10/0x10
[  740.181979][ T2555]  sock_recvmsg+0x139/0x170
[  740.182031][ T2555]  ____sys_recvmsg+0xf5/0x280
[  740.182074][ T2555]  ___sys_recvmsg+0x11f/0x370
[  740.182171][ T2555]  __x64_sys_recvmsg+0xd1/0x160
[  740.182212][ T2555]  x64_sys_call+0xf19/0x2fb0
[  740.182240][ T2555]  do_syscall_64+0xd2/0x200
[  740.182325][ T2555]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  740.182359][ T2555]  ? clear_bhb_loop+0x40/0x90
[  740.182444][ T2555]  ? clear_bhb_loop+0x40/0x90
[  740.182466][ T2555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  740.182554][ T2555] RIP: 0033:0x7f7502efe969
[  740.182569][ T2555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  740.182589][ T2555] RSP: 002b:00007f7501567038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  740.182624][ T2555] RAX: ffffffffffffffda RBX: 00007f7503125fa0 RCX: 00007f7502efe969
[  740.182684][ T2555] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  740.182700][ T2555] RBP: 00007f7501567090 R08: 0000000000000000 R09: 0000000000000000
[  740.182716][ T2555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  740.182731][ T2555] R13: 0000000000000000 R14: 00007f7503125fa0 R15: 00007fff98b94d48
[  740.182755][ T2555]  </TASK>
[  740.620238][ T2573] netlink: 20 bytes leftover after parsing attributes in process `syz.0.11113'.
[  740.639097][ T2573] netlink: 20 bytes leftover after parsing attributes in process `syz.0.11113'.
[  740.685158][ T2578] loop5: detected capacity change from 0 to 512
[  740.701332][ T2578] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  740.733588][ T2578] EXT4-fs (loop5): 1 truncate cleaned up
[  740.739717][ T2578] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  740.756768][ T2578] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  740.889314][ T2589] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  740.947835][ T2589] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  741.064057][ T2590] loop0: detected capacity change from 0 to 2048
[  741.381261][ T2597] loop0: detected capacity change from 0 to 512
[  741.417017][ T2597] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  741.436133][ T2597] ext4 filesystem being mounted at /359/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  741.461555][ T2597] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.11121: corrupted inode contents
[  741.493544][ T2597] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.11121: mark_inode_dirty error
[  741.531108][ T2597] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.11121: corrupted inode contents
[  741.612172][ T2597] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.11121: mark_inode_dirty error
[  741.681076][T29405] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  741.792872][ T2620] loop5: detected capacity change from 0 to 512
[  741.833343][ T2620] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  741.858827][ T2620] EXT4-fs (loop5): 1 truncate cleaned up
[  741.871662][ T2620] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  741.897428][ T2620] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  742.032262][ T2627] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11132'.
[  742.124913][ T2629] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  742.517926][ T2649] FAULT_INJECTION: forcing a failure.
[  742.517926][ T2649] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  742.531187][ T2649] CPU: 1 UID: 0 PID: 2649 Comm: syz.4.11138 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  742.531222][ T2649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  742.531294][ T2649] Call Trace:
[  742.531373][ T2649]  <TASK>
[  742.531383][ T2649]  __dump_stack+0x1d/0x30
[  742.531411][ T2649]  dump_stack_lvl+0xe8/0x140
[  742.531436][ T2649]  dump_stack+0x15/0x1b
[  742.531474][ T2649]  should_fail_ex+0x265/0x280
[  742.531508][ T2649]  should_fail+0xb/0x20
[  742.531548][ T2649]  should_fail_usercopy+0x1a/0x20
[  742.531574][ T2649]  _copy_from_user+0x1c/0xb0
[  742.531603][ T2649]  sctp_setsockopt+0x154/0xe30
[  742.531649][ T2649]  sock_common_setsockopt+0x66/0x80
[  742.531735][ T2649]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  742.531822][ T2649]  __sys_setsockopt+0x184/0x200
[  742.531878][ T2649]  __x64_sys_setsockopt+0x64/0x80
[  742.532005][ T2649]  x64_sys_call+0x2bd5/0x2fb0
[  742.532038][ T2649]  do_syscall_64+0xd2/0x200
[  742.532075][ T2649]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  742.532112][ T2649]  ? clear_bhb_loop+0x40/0x90
[  742.532173][ T2649]  ? clear_bhb_loop+0x40/0x90
[  742.532203][ T2649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  742.532232][ T2649] RIP: 0033:0x7fd77bace969
[  742.532300][ T2649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  742.532325][ T2649] RSP: 002b:00007fd77a137038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  742.532408][ T2649] RAX: ffffffffffffffda RBX: 00007fd77bcf5fa0 RCX: 00007fd77bace969
[  742.532425][ T2649] RDX: 0000000000000014 RSI: 0000000000000084 RDI: 0000000000000003
[  742.532514][ T2649] RBP: 00007fd77a137090 R08: 0000000000000008 R09: 0000000000000000
[  742.532527][ T2649] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  742.532539][ T2649] R13: 0000000000000000 R14: 00007fd77bcf5fa0 R15: 00007fff08399dc8
[  742.532589][ T2649]  </TASK>
[  742.891904][ T2657] loop4: detected capacity change from 0 to 1024
[  742.917834][ T2657] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  742.937958][ T2657] ext4 filesystem being mounted at /439/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  742.988917][ T2657] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #15: block 8: comm syz.4.11142: lblock 8 mapped to illegal pblock 8 (length 1)
[  743.076919][ T2657] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 1 with error 117
[  743.089391][ T2657] EXT4-fs (loop4): This should not happen!! Data will be lost
[  743.089391][ T2657] 
[  743.151005][ T2657] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  743.166016][ T2657] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 475 with error 28
[  743.178641][ T2657] EXT4-fs (loop4): This should not happen!! Data will be lost
[  743.178641][ T2657] 
[  743.188399][ T2657] EXT4-fs (loop4): Total free blocks count 0
[  743.194464][ T2657] EXT4-fs (loop4): Free/Dirty block details
[  743.200430][ T2657] EXT4-fs (loop4): free_blocks=4293918720
[  743.206243][ T2657] EXT4-fs (loop4): dirty_blocks=480
[  743.211469][ T2657] EXT4-fs (loop4): Block reservation details
[  743.367139][   T29] kauditd_printk_skb: 359 callbacks suppressed
[  743.367156][   T29] audit: type=1326 audit(1748750222.530:67608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2656 comm="syz.4.11142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd77bace969 code=0x7ffc0000
[  743.397169][   T29] audit: type=1326 audit(1748750222.530:67609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2656 comm="syz.4.11142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd77bace969 code=0x7ffc0000
[  743.500413][T20521] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:32: lblock 1 mapped to illegal pblock 1 (length 7)
[  743.853573][   T29] audit: type=1326 audit(1748750223.010:67610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2665 comm="syz.5.11144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  743.949909][   T29] audit: type=1326 audit(1748750223.090:67611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2665 comm="syz.5.11144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  744.370570][ T2688] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  744.525711][   T29] audit: type=1326 audit(1748750223.681:67612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2701 comm="syz.5.11153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  744.549554][   T29] audit: type=1326 audit(1748750223.681:67613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2701 comm="syz.5.11153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  744.573226][   T29] audit: type=1326 audit(1748750223.681:67614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2701 comm="syz.5.11153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  744.672766][   T29] audit: type=1326 audit(1748750223.681:67615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2701 comm="syz.5.11153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  744.696645][   T29] audit: type=1326 audit(1748750223.831:67616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2701 comm="syz.5.11153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  744.720386][   T29] audit: type=1326 audit(1748750223.831:67617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2701 comm="syz.5.11153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d679ee969 code=0x7ffc0000
[  744.749525][ T2706] loop3: detected capacity change from 0 to 512
[  744.795616][ T2702] loop5: detected capacity change from 0 to 1024
[  744.795742][ T2710] ==================================================================
[  744.810115][ T2710] BUG: KCSAN: data-race in _prb_read_valid / prb_reserve
[  744.817207][ T2710] 
[  744.819541][ T2710] write to 0xffffffff868cf9a8 of 88 bytes by task 2702 on cpu 0:
[  744.827270][ T2710]  prb_reserve+0x696/0xaf0
[  744.831774][ T2710]  vprintk_store+0x56d/0x860
[  744.836386][ T2710]  vprintk_emit+0x178/0x650
[  744.840917][ T2710]  vprintk_default+0x26/0x30
[  744.845521][ T2710]  vprintk+0x1d/0x30
[  744.849436][ T2710]  _printk+0x79/0xa0
[  744.853351][ T2710]  set_capacity_and_notify+0x14c/0x1f0
[  744.858822][ T2710]  loop_set_size+0x2e/0x70
[  744.863248][ T2710]  loop_configure+0x8d3/0xa50
[  744.867935][ T2710]  lo_ioctl+0x559/0x15d0
[  744.872199][ T2710]  blkdev_ioctl+0x352/0x440
[  744.876738][ T2710]  __se_sys_ioctl+0xce/0x140
[  744.881374][ T2710]  __x64_sys_ioctl+0x43/0x50
[  744.885983][ T2710]  x64_sys_call+0x19a8/0x2fb0
[  744.890673][ T2710]  do_syscall_64+0xd2/0x200
[  744.895196][ T2710]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  744.901102][ T2710] 
[  744.903429][ T2710] read to 0xffffffff868cf9a8 of 8 bytes by task 2710 on cpu 1:
[  744.910981][ T2710]  _prb_read_valid+0x1c4/0x920
[  744.915769][ T2710]  prb_read_valid+0x3c/0x60
[  744.920299][ T2710]  console_unlock+0x164/0x330
[  744.924984][ T2710]  do_con_write+0x25c3/0x2630
[  744.929695][ T2710]  con_write+0x24/0x40
[  744.933778][ T2710]  n_tty_write+0x7db/0xb10
[  744.938207][ T2710]  file_tty_write+0x38c/0x670
[  744.942912][ T2710]  tty_write+0x25/0x30
[  744.946998][ T2710]  vfs_write+0x49d/0x8e0
[  744.951247][ T2710]  ksys_write+0xda/0x1a0
[  744.955499][ T2710]  __x64_sys_write+0x40/0x50
[  744.960100][ T2710]  x64_sys_call+0x2cdd/0x2fb0
[  744.964787][ T2710]  do_syscall_64+0xd2/0x200
[  744.969311][ T2710]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  744.975219][ T2710] 
[  744.977547][ T2710] value changed: 0x00000000000029df -> 0x00000000000049df
[  744.984661][ T2710] 
[  744.986988][ T2710] Reported by Kernel Concurrency Sanitizer on:
[  744.993148][ T2710] CPU: 1 UID: 0 PID: 2710 Comm: syz.2.11158 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  745.005313][ T2710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  745.015382][ T2710] ==================================================================
[  745.117975][ T2706] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  745.129190][ T2702] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  745.154601][ T2706] ext4 filesystem being mounted at /302/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  745.166081][ T2702] ext4 filesystem being mounted at /158/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  745.171078][ T2706] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.11155: corrupted inode contents
[  745.190072][ T2706] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #2: comm syz.3.11155: mark_inode_dirty error
[  745.201964][ T2706] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.11155: corrupted inode contents
[  745.218405][ T2706] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.11155: mark_inode_dirty error
[  745.233742][ T2702] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #15: block 8: comm syz.5.11153: lblock 8 mapped to illegal pblock 8 (length 1)
[  745.284953][ T2702] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 1 with error 117
[  745.297438][ T2702] EXT4-fs (loop5): This should not happen!! Data will be lost
[  745.297438][ T2702] 
[  745.354148][ T2702] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  745.355272][T29812] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  745.390939][ T2702] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 475 with error 28
[  745.403848][ T2702] EXT4-fs (loop5): This should not happen!! Data will be lost
[  745.403848][ T2702] 
[  745.413645][ T2702] EXT4-fs (loop5): Total free blocks count 0
[  745.419697][ T2702] EXT4-fs (loop5): Free/Dirty block details
[  745.425612][ T2702] EXT4-fs (loop5): free_blocks=4293918720
[  745.431422][ T2702] EXT4-fs (loop5): dirty_blocks=480
[  745.436668][ T2702] EXT4-fs (loop5): Block reservation details
[  745.477456][T25599] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:41: lblock 1 mapped to illegal pblock 1 (length 7)