last executing test programs:

2m40.362684378s ago: executing program 0 (id=1660):
r0 = socket$inet6(0xa, 0x3, 0xff)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r3=>0x0})
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000002c0)={@mcast2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @dev={0xfe, 0x80, '\x00', 0x25}, 0x1, 0x6, 0x0, 0x100, 0x4, 0x540000, r3})
write(r0, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f0000000100)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

2m40.362433438s ago: executing program 0 (id=1661):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x40}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=@newtfilter={0x8c, 0x2c, 0xd27, 0x30bd25, 0x25df9bfb, {0x0, 0x0, 0x0, r3, {0xd, 0xe}, {}, {0x7}}, [@filter_kind_options=@f_route={{0xa}, {0x54, 0x2, [@TCA_ROUTE4_ACT={0x50, 0x6, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0xa, 0x5, 0x20, 0x7, 0x8}, 0x39}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x3}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x8010}, 0x0)

2m40.314124832s ago: executing program 0 (id=1664):
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@link_local, @random="0000fc00", @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x16, 0x7c, 0x0, @dev={0xac, 0x14, 0x14, 0x30}}}}}}, 0x0)

2m40.297293834s ago: executing program 0 (id=1666):
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000000)='./file0\x00', 0x2000414, &(0x7f00000002c0)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2b9, &(0x7f0000000fc0)="$eJzs3E1rE3sUx/HTpm3SlDa5cLlwL1w96EY3QxtfgAZpQQwotSnqQpjaiYaMSZkJlYjYbMStr6O4dCeoL8BuxI17d0UQ3HQhjjiTaZM2rWmap7bfD5T5Z87/x5ymD5wEJpu3Xz4q5FwjZ5ZlOKYyLFKVLZHk71XNUO047K/HpF5VLk58//z/rTt3r6czmdl51bn0wqWUqk6dffv46atz78sTi6+n3kRlI3lv81vqy8Y/G/9u/lx4mHdHxdViqaymLpVKZXPJtnQ57xYM1Zu2ZbqW5ouu5TTUc3ZpZaWiZnF5Mr7iWK6rZrGiBaui5ZKWnYqaD8x8UQ3D0Mm4nG4jLezJrs/Pm+l9y16kox2h68abnXScdLV5Mbveg54AAMCAOXj+D2b9/ef/zGJwbGv+1/x+87/Ikef/D2O9fy6Pg2rDoz/M/6FE07OxjjWFrnKctBmv/f02Yv4HAAAAAAAAAAAAAAAAAAAAAOA42PK8hOd5ifAYfkVrN3iEj/vdJ7qjzZ//5T61iw6ru3EvJmK/WM2uZoNjUE/nJC+2WDItCfnh/z7UBOu5a5nZafUl5Z29VsuvrWYjEg3zoWSYH/JvQwvyZ/6aCfLamB+VeP31U5KQv5tfP9U0PyYXztflDUnIx/tSEluW/Wvv5J/NqF69kdmVH/f3AQAAAABwEhi6bc/rd7/ub4jJ3nqQP8T7A7teX4/If618RCUAAAAAADgyt/KkYNq25bSxiIrIEeIndRGRgWhj1+KKiAxAG71axEQkOKPtxL9ux1tKeS3sGRGRvj8th1j0+z8TAAAAgE7bGfoPEfr0vIsdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABw+rT6eWDh/j2lsHBAvO5ykZ5/gwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAA+RUAAP//ovscvw==")
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
r0 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x31486c, 0x0)
renameat2(r0, &(0x7f0000000500)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r0, &(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1)

2m40.181474033s ago: executing program 0 (id=1669):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x220c)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e22, 0x9, @loopback, 0x6}, 0x1c)
connect$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
r3 = dup(r2)
shutdown(r3, 0x1)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r7, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r8, &(0x7f0000000040)=[{&(0x7f0000000200)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff", 0x7d}], 0x1)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r8)

2m39.723863649s ago: executing program 0 (id=1678):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
bind$inet(r0, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f0000002300)=[{{&(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x31}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000080)="640f", 0x2}], 0x1}}], 0x1, 0x2000c000)
setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0xc, &(0x7f0000000040)=@ccm_128={{0x304}, "25ecf153229eb317", "1df37f4a59a2ee017fccac1d6b380090", "b83e87bc", "dad5a31319f28078"}, 0x28)

2m39.668085914s ago: executing program 32 (id=1678):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
bind$inet(r0, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f0000002300)=[{{&(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x31}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000080)="640f", 0x2}], 0x1}}], 0x1, 0x2000c000)
setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0xc, &(0x7f0000000040)=@ccm_128={{0x304}, "25ecf153229eb317", "1df37f4a59a2ee017fccac1d6b380090", "b83e87bc", "dad5a31319f28078"}, 0x28)

2m20.858427383s ago: executing program 2 (id=1999):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="00220f000000540b4550182195f54584b39e737579"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCGREPORT(r1, 0x400c4807, &(0x7f0000000040)={0x3, 0x100, 0x7})
ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40086607, 0x0)

2m20.26715929s ago: executing program 2 (id=2004):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x54, 0x9, 0x6, 0x801, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

2m20.133328691s ago: executing program 2 (id=2007):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r1, &(0x7f0000000480)={0xa, 0xfffe, 0x3, @mcast1, 0x5}, 0x1c)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r2 = dup2(r1, r1)
sendmmsg$unix(r2, &(0x7f0000008380), 0x400000000000174, 0x4008890)

2m19.621967461s ago: executing program 2 (id=2012):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./bus\x00', 0x400e, &(0x7f0000000280)={[{@i_version}, {@nobh}, {@data_err_ignore}, {@nolazytime}, {@init_itable_val={'init_itable', 0x3d, 0x4}}, {@acl}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x2000007, 0x12, 0xffffffffffffffff, 0x0)
pwrite64(r2, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)

2m18.677862207s ago: executing program 2 (id=2022):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x66, &(0x7f0000000180)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @local, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, '\x00\'$', 0x30, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @broadcast}, @mcast2, {[], @dest_unreach={0x1, 0x4, 0x0, 0x0, '\x00', {0xd, 0x6, '\x00', 0xf4e, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1}}}}}}}, 0x0)

2m17.728324082s ago: executing program 2 (id=2039):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
fsync(r0)

2m17.728025802s ago: executing program 33 (id=2039):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
fsync(r0)

6.089707074s ago: executing program 3 (id=3731):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x6, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=0x0, @ANYRES16=r2, @ANYBLOB="961f9815b5504f4ca7bdfc101528a080b0e7c0f676989af24d6aa377e6bc68dc543e2be449d500eb55539eb33ae83c74c328fc7d0d1a656fd2a8bc42899002426fa4564f675ff3edb9f94fc34bd393401f32da8ffb07abc4dec4f374cf2643944fa3279a2589b2a2f7166fb73d6515eeaf251f2ef0943ad2b6b25a300dd7d0ae873929c866141b2ce61548bad2523adabf7062608278eea5f493856c6bac202630edb9d555599b68a73f8760ef78563615031baf942d25", @ANYRESOCT, @ANYRESHEX=r3, @ANYRESOCT, @ANYRES64=r0, @ANYRESHEX=r0], 0x32600)
r4 = fsmount(r2, 0x0, 0x0)
r5 = openat$cgroup_subtree(r4, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)

4.651667289s ago: executing program 3 (id=3743):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x64)
setsockopt$CAN_RAW_JOIN_FILTERS(r0, 0x65, 0x6, &(0x7f0000000000)=0x1, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(0x0, r2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
syz_mount_image$msdos(&(0x7f0000000380), &(0x7f0000000040)='./file0\x00', 0x100c404, &(0x7f0000000800)=ANY=[@ANYBLOB='dots,fmask=00000000000000001000400,uid=', @ANYRESHEX=0x0, @ANYBLOB=',uid=', @ANYRESHEX=0xee00, @ANYRESDEC=r4], 0x1, 0x1f5, &(0x7f0000000600)="$eJzs3cFqE1EUANCbmCYTcdGdIAgjLnRV1C+oSAUxIFSy0J2gK7NqN6mb9jP8Bf/LD5CuspEncSadmKYxBDKj7Tmb3pn7Xt+7M2SSTW5SFL7f/RpZ1or2fuzHpBW70Y6ZswAArpNJSvEjFZreCwBQjzXe/3/WvCUAYMvevnv/+vlgcHCY51nE+dl4OB4Wf4v8y1eDgyf5b7vVrPPxeHjrIv80X/zsMM3vxO0y/6yYn1+kuxEx7Mbjh0V+mnvxZpD/Ob8XH7dcOwAAAAAAAAAAAAAAAAAAAAAANOV+5DNL+/vs7S3m+2W+OJrrD7TQv6cT9zrlYdUeKJ3WURQAAAAAAAAAAAAAAAAAAAD8Z45Pvnz+MBp9OqqCXkTMn+ksGXN10Cr/8VqDmw/asdn0flnmBou2yku03QL7y2/uOkF0/pW7s2mQ17BWf+XlTWkaLH8VzNpiXDm9GxGrV390uOnmJyml0bcHR8cnkVYOrp4RvVqfSAAAAAAAAAAAAAAAAAAAcHPNfev7kqyJDQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAA6rf/58Gl8+sDE4j4k78dfBsrZ3IGq0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA6+tXAAAA//85ziI4")
r5 = accept4$packet(0xffffffffffffffff, &(0x7f0000000180), &(0x7f0000000240)=0x14, 0x100000)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000300)={0x9, &(0x7f0000000280)=[{0x1, 0x83, 0x9, 0xfffffff3}, {0x4, 0x94, 0x2, 0x8}, {0x8000, 0x7, 0x8, 0x8}, {0x7, 0xf, 0x53, 0x2}, {0x1a, 0x14, 0x8, 0x10}, {0xb, 0xfb, 0x0, 0xd}, {0xa, 0x9, 0x1, 0xd0}, {0x2, 0x5, 0x1}, {0x93b, 0x4, 0xc1, 0xfffffffa}]}, 0x10)
utime(&(0x7f0000000080)='./file0\x00', 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000580)={0x28, r3, 0xc4fc9e906872338b, 0x20, 0x2000000, {{0x15}, {@val={0x8}, @val={0xc, 0x99, {0xfffffffc}}}}}, 0x28}}, 0x0)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010029bd7000fcdbdf2a2700000008000300", @ANYRES32=0x0, @ANYBLOB="0e0034006185d0574cdd43fc782d00000600360008000000060036000200000004005f000a00060008021100000000000a0034000101010101010000"], 0x58}, 0x1, 0x0, 0x0, 0x4044085}, 0x40)
r6 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r7=>0x0}, &(0x7f0000cab000)=0xc)
mount$9p_fd(0x0, &(0x7f00000015c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000017c0)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid={'dfltgid', 0x3d, r7}}], [{@permit_directio}, {@smackfshat={'smackfshat', 0x3d, '@[]['}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'orlov'}}, {@smackfshat={'smackfshat', 0x3d, 'nomblk_io_submit'}}], 0x6b}})
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r8, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xb}}, 0x8}, 0x1c)
r9 = fcntl$dupfd(r8, 0x0, r8)
stat(&(0x7f0000000cc0)='./file0\x00', &(0x7f0000001c80)={0x0, 0x0, 0x0, 0x0, <r10=>0x0, <r11=>0x0})
r12 = getegid()
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f00000016c0)=ANY=[@ANYRESDEC, @ANYRES32=r11, @ANYBLOB="feb6efdf", @ANYRES64, @ANYRES64, @ANYRES16, @ANYRES64, @ANYRES8, @ANYBLOB="0200", @ANYRES32=0x0, @ANYBLOB="0200", @ANYRES32=0xee00, @ANYBLOB="08000300", @ANYBLOB="7de0de6148d7d44c4d01eeff92df69b773e9c6727f8fbda7576c2a151378b664926695450adc68e74593", @ANYRESDEC=r10, @ANYBLOB="08000400", @ANYBLOB='\b\x00', @ANYRES32=0x0, @ANYRES8, @ANYRES32=r12, @ANYRESOCT, @ANYRES32=0xee00, @ANYBLOB="10000400000000002000000000000000", @ANYRESHEX], 0x94, 0x1)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000500)={[{@jqfmt_vfsv0}, {}, {@stripe={'stripe', 0x3d, 0x1ff}}, {@resgid}, {@orlov}, {@grpjquota, 0x2e}, {@bh}, {@errors_remount}, {@nomblk_io_submit}, {@delalloc}], [{@fsname={'fsname', 0x3d, 'errors=remount-ro'}}, {@euid_eq={'euid', 0x3d, r10}}, {@obj_user={'obj_user', 0x3d, ':}$\\/(['}}, {@euid_lt={'euid<', r10}}, {@smackfsroot={'smackfsroot', 0x3d, '&\x02@@^/\xcd}&='}}, {@dont_measure}], 0x2c}, 0x1, 0x4c0, &(0x7f0000000ac0)="$eJzs3M1vG0UbAPBnN3H63aR9+74v/YAaCqKikDRpgR44FARSL0hIcCjHkIaqNG1REyRaVTQgVI6IvwA4IiFx4sIJJISAEx9XuCOkCvXSwgEFrb2bbBLHdRwnafHvJ9mZ2Z3NzLO74x3v2A6ga1WzpyRia0T8EhH99ez8AtX6n1s3roz9eePKWBIzMy/+kdTK3bxxZawoWmy3Ja1nfrockb6bxN4G9U5eunx2dGJi/GKeH5o69/rQ5KXLj505N3p6/PT4+ZFjx44eGX7yiZHHOxJnFtfNPW9d2Lf7xMsfPD82E69892nW3q35+nIcdQMrrrMa1ZjJzS3tqz0/tOL/fmfZVkonvevYEJalJyKyw1Wp9f/+6Im5g9cfz70zm/l6nRoIrJrs2rRj0dKe/G86e/0C/o0SfRy6VHHFz97/Fo+1HH+st+tPZ8/jtfhv5Y/6mt6o3cYYqL9j71li++MrrH9rRJyc/uvD7BEN70MAAHTWl9n459FG4780/lcqtz2fQxmIiEMRsTMi/hMRuyLivxG1sv+PiHuWWX91QX7x+OfHTW0F1qJs/PdUPrc1f/yX5iWS2dy2WvyV5NUzE+OH831yMCobsvxwkzq+evbn95daVy2N/7JHVn8xFszb8XvvhvnbnBqdGl1ByPNcfztiT2+j+JPZmYBsD+yOiD1t/P9sn5155JN9WXr7lsXrbx9/Ex2YZ5r5OOLh+vGfjgXxF5J6TUvNTw5tjInxw0PFWbHY9z9ce6Gcr5TS8+Lf2FpMG9sNtoHs+G9ueP7n8RfdoJivnVx+Hdd+fW/J9zSLj38SJ6fLJfLzv/QqkJ3/fclLtXRfvuzN0ampi8MRffmCectH5rYt8kX5LP6DBxr3/50Rf3+Ub7c3IrKT+N6IuC8i9udtvz8iHoiIA03i//aZB19rvofaPP87IIv/VLPjHzGQlOfr20j0nP3mi6Xqb+3172gtdTBf0srrX6sNXMm+AwAAgLtFWpuDTtLBqNTTpZtTu2JzOnFhcupQNd44f6o+Vz0QlbS409Vfuh86nN8bLvIjC/JHImJH7ZNGm2r5wbELE9vWM3Agtsz2/+K1IE0HB+vrfit/6KWTN52BO8ey5tHK3w787PPONwZYU76vCd1L/4fupf9D99L/oXs16v9XI26tQ1OANeb6D92rxf7ft9rtANae6z90L/0futLir8QXP7TQzjf95xI7T6xo81VPzPQvWNL6TwY0S0wvf6ueVYo0yj/asWQiiYj2qoi0eZm+Fmpft0R62zLH29wty0jszxMbIqLVra4226uViOjo+QMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD3+ycAAP//rynbqw==")
newfstatat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, <r13=>0x0}, 0x100)
newfstatat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', &(0x7f0000001640)={0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}, 0x800)
setsockopt$EBT_SO_SET_ENTRIES(r9, 0x0, 0x80, &(0x7f0000000500)=@broute={'broute\x00', 0x20, 0x6, 0xa2c, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000002a80], 0x0, &(0x7f0000000180), &(0x7f0000002a80)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff02000000110000000100000068706e6963766630000000000000000000006272696467655f736c6176655f31000064766d7270310000000000000000000067656e65766530000000000000000000ffffffffffffffffffffff00aaaaaaaaaaaa00ffff00ff00e60100002e0200007602000068656c706572000000000000000000000000000000000000000000000000000028000000000000000100000073797a300000000000000000000000000000000000000000000000000000000000000000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004552524f520000000000000000000000000000000000000000000000000000002000000000000000ac7274d3678f2607929519de57d8737e4512bd253c81134356df67ef732300004552524f520000000000000000000000000000000000000000000000000000002000000000000000e5d658ca7403b6a57b79e55bf6e4321c4a481ed19319fee1f938f7549f5a0000110000001400000080f376657468315f766972745f776966690076657468305f766972745f776966690076657468315f766972745f776966690076657468315f746f5f62617461647600aaaaaaaa746c3280ffffffff0180c2000003ffff0000ff00ae0000002e0100005e0100006f776e65720000000000000000000000000000000000000000000000000000001800000000000000", @ANYRES32=r10, @ANYRES32=r13, @ANYRES32, @ANYRES32=r14, @ANYBLOB="06010000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3100000000000000000000000000000000000000000000000104000000ffffff7f00000000434c41535349465900000000000000000000000000000000000000000000000008000000000000005f0000000000000072656469726563740000000000000000000000000000000000000000000000000800000000000000fdffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000002000000fcffffff020000000500000002000000000376657468305f746f5f687372000000006970766c616e3000000000000000000064766d72703000000000000000000000766c616e310000000000000000000000aaaaaaaaaabb00000000000068f57b0d4a2effffffff00ff0601000006010000360100006970000000000000000000000000000000000000000000000000000000000000200000000000000000000000e0000002ffffff0000fffffe090600324e204e204e214e240000000069707673000000000000000000000000000000000000000000000000000000002800000000000000fc0100000000000000000000000000000000000000000000ff000000ff0000004e225e004e24041d415544495400000000000000000000000000000000000000000000000000000008000000000000000100000000000000090000004400000000056e696376663000000000000000000000626f6e64300000000000000000000000627269646765300000000000000000007465616d300000000000000000000000aaaaaaaaaabbffffff000000aaaaaaaaaa1500ffff00ff00ae000000fe000000760100006d61726b5f6d000000000000000000000000000000000000000000000000000018000000000000008b060000000000005a0000000000000000000000000000006c6f67000000000000000000000000000000000000000000000000000000000028000000000000000d6dce1e0aa0775b817cda288d64d094aa5b92caaba647923efa3fce1944ad0002000000000000006e666c6f670000000000000000000000000000000000000000000000000000005000000000000000060000000700000800000000b530b36aafea252d98d42eac7e1133e7b94cc889eae1980490a3568c29500b855f0e4a453c3589ae80d55d6a9c92790eb3bb443804df80f7123d2b4c69b4f7d50000000000000000000000000000000000000000000000000000000000000000000000000000000004000000fcffffff020000001100000065000000000676657468305f6d6163767461700000006e657464657673696d3000000000000076657468315f746f5f626f6e6400000076657468315f746f5f7465616d000000aaaaaaaaaabbffea00ff00ff00000000000000ffff00fffffe0000005e010000d60100006d61726b5f6d0000000000000000000000000000000000000000000000000000180000000000000009000000000000000500000000000000000000000000000068656c706572000000000000000000000000000000000000000000000000000028000000000000000100000073797a3100000000000000000000000000000000000000000000000000000000000000004155444954000000000000000000000000000000000000000000000000000000080000000000000000000000000000004e46515545554500"/1284]}, 0x8f8)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000400)=@nat={'nat\x00', 0x19, 0x4, 0xdd8, [0x200000000640, 0x0, 0x0, 0x2000000008b6, 0x2000000008e6], 0x0, &(0x7f0000000080), &(0x7f0000000640)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff010000001100000032000000900070696d3672656731000000000000000065727370616e3000000000000000000076657468315f746f5f626f6e6400000076657468315f746f5f626f6e64000000aaaaaaaaaaaa00ff00ffffffbbbbbbbbbbbbffffffffff00de0000001601000046020000766c616e0000000000000000000000000000000000000000000000000000000008000000000000000200040088e505026f776e65720000000000000000000000000000000000000000000000000000001800000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="06000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000ffffffffffff0000ffffffff000000005345434d41524b000000000000000000000000000000000000000000000000000801000000000000010000000900000073797374656d5f753a6f626a6563745f723a6c6f67726f746174655f7661725f6c69625f743a733000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff02000000050000000200000002006970365f7674693000000000000000007663616e300000000000000000000000627269646765300000000000000000006970766c616e31000000000000000000aaaaaaaaaa250000ff000000aaaaaaaaaaaa00ffff00ff0056080000be080000f60800007533320000000000000000000000000000000000000000000000000000000000c0070000000000000500000001000000050000000100000002000000000000000500000003000000d90700000000000009000000010000000b0000000100000009000000000000001ff80000030000000a000000020000005f19286300000000060000000500000001000080ff0000000500000000000000050000004aabffff0c00000000000080060000000400000001000000ff0300004000000004000000ff070000bb0400000800000000000000001000000080020004050000800000000300000001000000000000000700000001000000ffff000001000000d60600000100000000000100030000000100000003000000a90300000300000000800000030000000900000002000000060000000300000004000000050000000700000002000000050000000e00000009000000040000000900000009000000050000000900000005000000070000000300000000000000060000000200000005000000e8000000ffffffff0000000009020000470a0000010000000c00000002000000f20c0000030000000c0000000000000062000000000000007300000001000000090000000300000050000000010000000900000001000000040000000100000008000000ee36d109f77b0200000001000000000000000000e01903000000b30e00000000000708000000ffffff7f0001000002000000400000001b420000010000007f00000003000000040000000500000007000000000000007f00000082000000d200000003090000f7ffffff0300000007000000030000004200000003000000ffffff7f020000000300000000000000b2ad0000010000002b3d00000100000003000000000000000900000000000000820d000003000000001000000000000002000000edd0f27b0200000003000000ff010000090000000c00000009000000d0000000810000000400000000000000ffffff7fffffffff01000000ff01000023310000cd69000020001000020000000300000001000000070400000400000000000000ff0f000003000000050000000300000007000000010000000100000000000000020000000000000006000000010000000300000000000000a90000000000000002000000000000000200000000000000080000000600000001000000070000000080000004000000060000000300000050f600000000004000000000faffffff08000000040000000000000008000000080000000900000004000000030000000700000001000100000800000900000000000000306e0000030000000101000003000000d0d100000200000007000000020000000300000001000000050000000300000001080000030000000800000003000000826a0000000000000500000000000000010000000f0000000800000010000000ffff0000ffffff7fff0e0000fe0f0000060000000000000006000000080000000800000000f8ffff2e0000000b000000090000000500000005000000090000008f00000003000000070a000083b1747b0200000081000000000000000ff4ffff000000009cbf000001000000010000000100000000000100030000000200000002000000050000000200000005000000000000004000000000000000ff0f00000200000000020000ffffff7f0f00000073000000545300000300000081000000ff0f000001000080050000000900000005000000020000000700000004000000080000000200000000000000ff070000f1fffffff8ffffff03000000040000004000000001000000010000800000000006000000010000000000000002000000010000000100000002000000010000000200000003000000080000000200000081000000010000002ba40000020000000600000001000000040000000100000000040000bc0900000600000001000000d88f00000300000092e10000100000000300000008000000040000000900000000000000b4ffffffc1030000080000000c000000f9ffffff268700000700000001070000010000000000000002000000000000000a00000001000000ff01000000000000800000000100000009000000030000000200000003000000090000000000000009000000030000000e00000002000000760000000200000007000000060000000300000003000000050000001000000009000000ffffffff09000000040000000c0400000800000000002000f6ffffff02000000ff0100000100000009000000190a000002000000dcf000004d0000000705000048060000000000000700000003000000a1000000010000000100000001000000050000000100000008000000020000000200000002000000c2e8df6101000000ff030000020000000300000001000000e3b52e7d00000000fe00000002000000050000000900000003000000040000000e000000080000000200000002000000020000000700000000000000f124ff000800000005000000f7ffffff06000000060000000900000005000000030000000a040000ff07000002000000000000000300000007000000010000000000000003000000fdffffff0200000008000000010000001a0d0000020000000200000000000000ffffffff0100000006000000030000000100010002000000b68d77770400000001000000010000000000000007000000070000009d0400007db3000005000000080000007000000006000000040000000500000002000000f8ffffff01000000030000000c00000005000000400200000a0000000301000000000000000000000000000000000000000000000000000000000000000000000800000000000000fbffffff000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa0000fcffffff00000000736e61740000000000000000000000000000000000000000000000000000000010000000000000000180c20000000000100000000000000009000000000000000015626174616476300000000000000000006970766c616e300000000000000000006c6f000000000000000000000000000076657468305f766972745f7769666900aaaaaaaaaabbff00000000ff8d05ecdde724ffffff00ff00fe000000fe00000036010000697076730000000000000000000000000000000000000000000000000000000028000000000000006401010100000000000000000000000000000000ffffffffffffffffff0000004e2008024e2221026f776e65720000000000000000000000000000000000000000000000000000001800", @ANYRES32, @ANYRES32, @ANYRES32=r7, @ANYRES32=r14, @ANYBLOB="01040000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaabb0000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000003000000fcffffff010000000900000020000000001864766d727030000000000000000000007465616d5f736c6176655f300000000076657468305f746f5f7465616d0000007465616d5f736c6176655f3000000000aaaaaaaaaa1e0000ff0000ff000000000000ffffff00ff006e0000006e000000a6000000736e61740000000000000000000000000000000000000000000000000000000010000000000000000180c20000030000ffffffff00000000"]}, 0xe4c)

4.284270478s ago: executing program 3 (id=3745):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00'})
lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000002440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYBLOB="02000000", @ANYRES32=0x0, @ANYBLOB="040000000000800008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
lgetxattr(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)=@known='system.posix_acl_access\x00', &(0x7f0000000140)=""/246, 0xf6)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="50000000100003040000000000000000f2000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766c616e000000001800028006000100010000000c000200540a00001800000008000500", @ANYRES32=r2], 0x50}, 0x1, 0xba01}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x404c080)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0x14, 0x0, &(0x7f0000000080)="f6f4e9a10000502468da5eb1c6b2feff8833c000", 0x0, 0x86, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
write(r3, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24)
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000180), 0x0, &(0x7f0000000100)={[{@mpol={'mpol', 0x3d, {'bind', '=static', @void}}}]})

3.993500681s ago: executing program 3 (id=3749):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000a40)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@norecovery}, {@resuid}, {@quota}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000140), &(0x7f0000000440)=0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
stat(0x0, 0x0)
write(r3, &(0x7f00000009c0)="3bf58d7d45d32c", 0x7)
r4 = perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8, 0x0, @perf_config_ext={0x1, 0xa}, 0x1184c, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'ip_vti0\x00', <r5=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0x4, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5}, [@exit]}, &(0x7f00000000c0)='GPL\x00', 0xb, 0x65, &(0x7f00000001c0)=""/101, 0x41000, 0x23, '\x00', r5, @fallback=0x8, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0xe, 0x7, 0x80000001}, 0x10, 0x0, r2, 0x6, 0x0, &(0x7f00000002c0)=[{0x2, 0x2, 0x4, 0xa}, {0x3, 0x1, 0x3, 0xa}, {0x4, 0x3, 0x6, 0x8}, {0x1, 0x3, 0x2, 0x4}, {0x0, 0x1, 0x8, 0x7}, {0x5, 0x4, 0xa, 0xc}], 0x10, 0xffff34f0}, 0x94)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r4, &(0x7f0000000040)={0xa0000004})
sendfile(r3, r2, 0x0, 0x3ffff)

3.136144329s ago: executing program 3 (id=3757):
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r1, 0x0, r0, 0x0, 0x6, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x3ff)
fcntl$setstatus(r0, 0x4, 0x7c00)
dup3(r1, r0, 0x0)

2.720403893s ago: executing program 6 (id=3762):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x5)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000100000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f00000011c0)={0x0, r1}, 0x8)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001140)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x5}, 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001280)=@base={0x17, 0x4, 0x4, 0xff, 0x0, r2, 0x40000087, '\x00', 0x0, 0xffffffffffffffff, 0x4}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r4}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={<r5=>0xffffffffffffffff})
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000001100)=ANY=[@ANYRES64=r5], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x28, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_read_part_table(0x106a, &(0x7f0000000000)="$eJzsz7FJxVAUBuD/5ibxpnUB17C0EGwsFXexUcERnECwsbLWDdzCFbJAxECEt8B7r/i+6pyfHw4nHNTUtdOP5Py5vqQleUxyNySp45ik/Be/vq//luF1bicpNRf9Gi+fb/dbqSb91XyTYXkoP0u3ZuVyajsHu6ezus319n0/XwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAcfsNAAD//3OqEK8=")

2.564557895s ago: executing program 6 (id=3768):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x64)
setsockopt$CAN_RAW_JOIN_FILTERS(r0, 0x65, 0x6, &(0x7f0000000000)=0x1, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(0x0, r2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
syz_mount_image$msdos(&(0x7f0000000380), &(0x7f0000000040)='./file0\x00', 0x100c404, &(0x7f0000000800)=ANY=[@ANYBLOB='dots,fmask=00000000000000001000400,uid=', @ANYRESHEX=0x0, @ANYBLOB=',uid=', @ANYRESHEX=0xee00, @ANYRESDEC=r4], 0x1, 0x1f5, &(0x7f0000000600)="$eJzs3cFqE1EUANCbmCYTcdGdIAgjLnRV1C+oSAUxIFSy0J2gK7NqN6mb9jP8Bf/LD5CuspEncSadmKYxBDKj7Tmb3pn7Xt+7M2SSTW5SFL7f/RpZ1or2fuzHpBW70Y6ZswAArpNJSvEjFZreCwBQjzXe/3/WvCUAYMvevnv/+vlgcHCY51nE+dl4OB4Wf4v8y1eDgyf5b7vVrPPxeHjrIv80X/zsMM3vxO0y/6yYn1+kuxEx7Mbjh0V+mnvxZpD/Ob8XH7dcOwAAAAAAAAAAAAAAAAAAAAAANOV+5DNL+/vs7S3m+2W+OJrrD7TQv6cT9zrlYdUeKJ3WURQAAAAAAAAAAAAAAAAAAAD8Z45Pvnz+MBp9OqqCXkTMn+ksGXN10Cr/8VqDmw/asdn0flnmBou2yku03QL7y2/uOkF0/pW7s2mQ17BWf+XlTWkaLH8VzNpiXDm9GxGrV390uOnmJyml0bcHR8cnkVYOrp4RvVqfSAAAAAAAAAAAAAAAAAAAcHPNfev7kqyJDQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAA6rf/58Gl8+sDE4j4k78dfBsrZ3IGq0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA6+tXAAAA//85ziI4")
r5 = accept4$packet(0xffffffffffffffff, &(0x7f0000000180), &(0x7f0000000240)=0x14, 0x100000)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000300)={0x9, &(0x7f0000000280)=[{0x1, 0x83, 0x9, 0xfffffff3}, {0x4, 0x94, 0x2, 0x8}, {0x8000, 0x7, 0x8, 0x8}, {0x7, 0xf, 0x53, 0x2}, {0x1a, 0x14, 0x8, 0x10}, {0xb, 0xfb, 0x0, 0xd}, {0xa, 0x9, 0x1, 0xd0}, {0x2, 0x5, 0x1}, {0x93b, 0x4, 0xc1, 0xfffffffa}]}, 0x10)
utime(&(0x7f0000000080)='./file0\x00', 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000580)={0x28, r3, 0xc4fc9e906872338b, 0x20, 0x2000000, {{0x15}, {@val={0x8}, @val={0xc, 0x99, {0xfffffffc}}}}}, 0x28}}, 0x0)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010029bd7000fcdbdf2a2700000008000300", @ANYRES32=0x0, @ANYBLOB="0e0034006185d0574cdd43fc782d00000600360008000000060036000200000004005f000a00060008021100000000000a0034000101010101010000"], 0x58}, 0x1, 0x0, 0x0, 0x4044085}, 0x40)
r6 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r7=>0x0}, &(0x7f0000cab000)=0xc)
mount$9p_fd(0x0, &(0x7f00000015c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000017c0)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid={'dfltgid', 0x3d, r7}}], [{@permit_directio}, {@smackfshat={'smackfshat', 0x3d, '@[]['}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'orlov'}}, {@smackfshat={'smackfshat', 0x3d, 'nomblk_io_submit'}}], 0x6b}})
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r8, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xb}}, 0x8}, 0x1c)
r9 = fcntl$dupfd(r8, 0x0, r8)
stat(&(0x7f0000000cc0)='./file0\x00', &(0x7f0000001c80)={0x0, 0x0, 0x0, 0x0, <r10=>0x0, <r11=>0x0})
r12 = getegid()
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f00000016c0)=ANY=[@ANYRESDEC, @ANYRES32=r11, @ANYBLOB="feb6efdf", @ANYRES64, @ANYRES64, @ANYRES16, @ANYRES64, @ANYRES8, @ANYBLOB="0200", @ANYRES32=0x0, @ANYBLOB="0200", @ANYRES32=0xee00, @ANYBLOB="08000300", @ANYBLOB="7de0de6148d7d44c4d01eeff92df69b773e9c6727f8fbda7576c2a151378b664926695450adc68e74593", @ANYRESDEC=r10, @ANYBLOB="08000400", @ANYBLOB='\b\x00', @ANYRES32=0x0, @ANYRES8, @ANYRES32=r12, @ANYRESOCT, @ANYRES32=0xee00, @ANYBLOB="10000400000000002000000000000000", @ANYRESHEX], 0x94, 0x1)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000500)={[{@jqfmt_vfsv0}, {}, {@stripe={'stripe', 0x3d, 0x1ff}}, {@resgid}, {@orlov}, {@grpjquota, 0x2e}, {@bh}, {@errors_remount}, {@nomblk_io_submit}, {@delalloc}], [{@fsname={'fsname', 0x3d, 'errors=remount-ro'}}, {@euid_eq={'euid', 0x3d, r10}}, {@obj_user={'obj_user', 0x3d, ':}$\\/(['}}, {@euid_lt={'euid<', r10}}, {@smackfsroot={'smackfsroot', 0x3d, '&\x02@@^/\xcd}&='}}, {@dont_measure}], 0x2c}, 0x1, 0x4c0, &(0x7f0000000ac0)="$eJzs3M1vG0UbAPBnN3H63aR9+74v/YAaCqKikDRpgR44FARSL0hIcCjHkIaqNG1REyRaVTQgVI6IvwA4IiFx4sIJJISAEx9XuCOkCvXSwgEFrb2bbBLHdRwnafHvJ9mZ2Z3NzLO74x3v2A6ga1WzpyRia0T8EhH99ez8AtX6n1s3roz9eePKWBIzMy/+kdTK3bxxZawoWmy3Ja1nfrockb6bxN4G9U5eunx2dGJi/GKeH5o69/rQ5KXLj505N3p6/PT4+ZFjx44eGX7yiZHHOxJnFtfNPW9d2Lf7xMsfPD82E69892nW3q35+nIcdQMrrrMa1ZjJzS3tqz0/tOL/fmfZVkonvevYEJalJyKyw1Wp9f/+6Im5g9cfz70zm/l6nRoIrJrs2rRj0dKe/G86e/0C/o0SfRy6VHHFz97/Fo+1HH+st+tPZ8/jtfhv5Y/6mt6o3cYYqL9j71li++MrrH9rRJyc/uvD7BEN70MAAHTWl9n459FG4780/lcqtz2fQxmIiEMRsTMi/hMRuyLivxG1sv+PiHuWWX91QX7x+OfHTW0F1qJs/PdUPrc1f/yX5iWS2dy2WvyV5NUzE+OH831yMCobsvxwkzq+evbn95daVy2N/7JHVn8xFszb8XvvhvnbnBqdGl1ByPNcfztiT2+j+JPZmYBsD+yOiD1t/P9sn5155JN9WXr7lsXrbx9/Ex2YZ5r5OOLh+vGfjgXxF5J6TUvNTw5tjInxw0PFWbHY9z9ce6Gcr5TS8+Lf2FpMG9sNtoHs+G9ueP7n8RfdoJivnVx+Hdd+fW/J9zSLj38SJ6fLJfLzv/QqkJ3/fclLtXRfvuzN0ampi8MRffmCectH5rYt8kX5LP6DBxr3/50Rf3+Ub7c3IrKT+N6IuC8i9udtvz8iHoiIA03i//aZB19rvofaPP87IIv/VLPjHzGQlOfr20j0nP3mi6Xqb+3172gtdTBf0srrX6sNXMm+AwAAgLtFWpuDTtLBqNTTpZtTu2JzOnFhcupQNd44f6o+Vz0QlbS409Vfuh86nN8bLvIjC/JHImJH7ZNGm2r5wbELE9vWM3Agtsz2/+K1IE0HB+vrfit/6KWTN52BO8ey5tHK3w787PPONwZYU76vCd1L/4fupf9D99L/oXs16v9XI26tQ1OANeb6D92rxf7ft9rtANae6z90L/0futLir8QXP7TQzjf95xI7T6xo81VPzPQvWNL6TwY0S0wvf6ueVYo0yj/asWQiiYj2qoi0eZm+Fmpft0R62zLH29wty0jszxMbIqLVra4226uViOjo+QMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD3+ycAAP//rynbqw==")
newfstatat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, <r13=>0x0}, 0x100)
newfstatat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', &(0x7f0000001640)={0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}, 0x800)
setsockopt$EBT_SO_SET_ENTRIES(r9, 0x0, 0x80, &(0x7f0000000500)=@broute={'broute\x00', 0x20, 0x6, 0xa2c, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000002a80], 0x0, &(0x7f0000000180), &(0x7f0000002a80)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff02000000110000000100000068706e6963766630000000000000000000006272696467655f736c6176655f31000064766d7270310000000000000000000067656e65766530000000000000000000ffffffffffffffffffffff00aaaaaaaaaaaa00ffff00ff00e60100002e0200007602000068656c706572000000000000000000000000000000000000000000000000000028000000000000000100000073797a300000000000000000000000000000000000000000000000000000000000000000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004552524f520000000000000000000000000000000000000000000000000000002000000000000000ac7274d3678f2607929519de57d8737e4512bd253c81134356df67ef732300004552524f520000000000000000000000000000000000000000000000000000002000000000000000e5d658ca7403b6a57b79e55bf6e4321c4a481ed19319fee1f938f7549f5a0000110000001400000080f376657468315f766972745f776966690076657468305f766972745f776966690076657468315f766972745f776966690076657468315f746f5f62617461647600aaaaaaaa746c3280ffffffff0180c2000003ffff0000ff00ae0000002e0100005e0100006f776e65720000000000000000000000000000000000000000000000000000001800000000000000", @ANYRES32=r10, @ANYRES32=r13, @ANYRES32, @ANYRES32=r14, @ANYBLOB="06010000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3100000000000000000000000000000000000000000000000104000000ffffff7f00000000434c41535349465900000000000000000000000000000000000000000000000008000000000000005f0000000000000072656469726563740000000000000000000000000000000000000000000000000800000000000000fdffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000002000000fcffffff020000000500000002000000000376657468305f746f5f687372000000006970766c616e3000000000000000000064766d72703000000000000000000000766c616e310000000000000000000000aaaaaaaaaabb00000000000068f57b0d4a2effffffff00ff0601000006010000360100006970000000000000000000000000000000000000000000000000000000000000200000000000000000000000e0000002ffffff0000fffffe090600324e204e204e214e240000000069707673000000000000000000000000000000000000000000000000000000002800000000000000fc0100000000000000000000000000000000000000000000ff000000ff0000004e225e004e24041d415544495400000000000000000000000000000000000000000000000000000008000000000000000100000000000000090000004400000000056e696376663000000000000000000000626f6e64300000000000000000000000627269646765300000000000000000007465616d300000000000000000000000aaaaaaaaaabbffffff000000aaaaaaaaaa1500ffff00ff00ae000000fe000000760100006d61726b5f6d000000000000000000000000000000000000000000000000000018000000000000008b060000000000005a0000000000000000000000000000006c6f67000000000000000000000000000000000000000000000000000000000028000000000000000d6dce1e0aa0775b817cda288d64d094aa5b92caaba647923efa3fce1944ad0002000000000000006e666c6f670000000000000000000000000000000000000000000000000000005000000000000000060000000700000800000000b530b36aafea252d98d42eac7e1133e7b94cc889eae1980490a3568c29500b855f0e4a453c3589ae80d55d6a9c92790eb3bb443804df80f7123d2b4c69b4f7d50000000000000000000000000000000000000000000000000000000000000000000000000000000004000000fcffffff020000001100000065000000000676657468305f6d6163767461700000006e657464657673696d3000000000000076657468315f746f5f626f6e6400000076657468315f746f5f7465616d000000aaaaaaaaaabbffea00ff00ff00000000000000ffff00fffffe0000005e010000d60100006d61726b5f6d0000000000000000000000000000000000000000000000000000180000000000000009000000000000000500000000000000000000000000000068656c706572000000000000000000000000000000000000000000000000000028000000000000000100000073797a3100000000000000000000000000000000000000000000000000000000000000004155444954000000000000000000000000000000000000000000000000000000080000000000000000000000000000004e46515545554500"/1284]}, 0x8f8)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000400)=@nat={'nat\x00', 0x19, 0x4, 0xdd8, [0x200000000640, 0x0, 0x0, 0x2000000008b6, 0x2000000008e6], 0x0, &(0x7f0000000080), &(0x7f0000000640)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff010000001100000032000000900070696d3672656731000000000000000065727370616e3000000000000000000076657468315f746f5f626f6e6400000076657468315f746f5f626f6e64000000aaaaaaaaaaaa00ff00ffffffbbbbbbbbbbbbffffffffff00de0000001601000046020000766c616e0000000000000000000000000000000000000000000000000000000008000000000000000200040088e505026f776e65720000000000000000000000000000000000000000000000000000001800000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="06000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000ffffffffffff0000ffffffff000000005345434d41524b000000000000000000000000000000000000000000000000000801000000000000010000000900000073797374656d5f753a6f626a6563745f723a6c6f67726f746174655f7661725f6c69625f743a733000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff02000000050000000200000002006970365f7674693000000000000000007663616e300000000000000000000000627269646765300000000000000000006970766c616e31000000000000000000aaaaaaaaaa250000ff000000aaaaaaaaaaaa00ffff00ff0056080000be080000f60800007533320000000000000000000000000000000000000000000000000000000000c0070000000000000500000001000000050000000100000002000000000000000500000003000000d90700000000000009000000010000000b0000000100000009000000000000001ff80000030000000a000000020000005f19286300000000060000000500000001000080ff0000000500000000000000050000004aabffff0c00000000000080060000000400000001000000ff0300004000000004000000ff070000bb0400000800000000000000001000000080020004050000800000000300000001000000000000000700000001000000ffff000001000000d60600000100000000000100030000000100000003000000a90300000300000000800000030000000900000002000000060000000300000004000000050000000700000002000000050000000e00000009000000040000000900000009000000050000000900000005000000070000000300000000000000060000000200000005000000e8000000ffffffff0000000009020000470a0000010000000c00000002000000f20c0000030000000c0000000000000062000000000000007300000001000000090000000300000050000000010000000900000001000000040000000100000008000000ee36d109f77b0200000001000000000000000000e01903000000b30e00000000000708000000ffffff7f0001000002000000400000001b420000010000007f00000003000000040000000500000007000000000000007f00000082000000d200000003090000f7ffffff0300000007000000030000004200000003000000ffffff7f020000000300000000000000b2ad0000010000002b3d00000100000003000000000000000900000000000000820d000003000000001000000000000002000000edd0f27b0200000003000000ff010000090000000c00000009000000d0000000810000000400000000000000ffffff7fffffffff01000000ff01000023310000cd69000020001000020000000300000001000000070400000400000000000000ff0f000003000000050000000300000007000000010000000100000000000000020000000000000006000000010000000300000000000000a90000000000000002000000000000000200000000000000080000000600000001000000070000000080000004000000060000000300000050f600000000004000000000faffffff08000000040000000000000008000000080000000900000004000000030000000700000001000100000800000900000000000000306e0000030000000101000003000000d0d100000200000007000000020000000300000001000000050000000300000001080000030000000800000003000000826a0000000000000500000000000000010000000f0000000800000010000000ffff0000ffffff7fff0e0000fe0f0000060000000000000006000000080000000800000000f8ffff2e0000000b000000090000000500000005000000090000008f00000003000000070a000083b1747b0200000081000000000000000ff4ffff000000009cbf000001000000010000000100000000000100030000000200000002000000050000000200000005000000000000004000000000000000ff0f00000200000000020000ffffff7f0f00000073000000545300000300000081000000ff0f000001000080050000000900000005000000020000000700000004000000080000000200000000000000ff070000f1fffffff8ffffff03000000040000004000000001000000010000800000000006000000010000000000000002000000010000000100000002000000010000000200000003000000080000000200000081000000010000002ba40000020000000600000001000000040000000100000000040000bc0900000600000001000000d88f00000300000092e10000100000000300000008000000040000000900000000000000b4ffffffc1030000080000000c000000f9ffffff268700000700000001070000010000000000000002000000000000000a00000001000000ff01000000000000800000000100000009000000030000000200000003000000090000000000000009000000030000000e00000002000000760000000200000007000000060000000300000003000000050000001000000009000000ffffffff09000000040000000c0400000800000000002000f6ffffff02000000ff0100000100000009000000190a000002000000dcf000004d0000000705000048060000000000000700000003000000a1000000010000000100000001000000050000000100000008000000020000000200000002000000c2e8df6101000000ff030000020000000300000001000000e3b52e7d00000000fe00000002000000050000000900000003000000040000000e000000080000000200000002000000020000000700000000000000f124ff000800000005000000f7ffffff06000000060000000900000005000000030000000a040000ff07000002000000000000000300000007000000010000000000000003000000fdffffff0200000008000000010000001a0d0000020000000200000000000000ffffffff0100000006000000030000000100010002000000b68d77770400000001000000010000000000000007000000070000009d0400007db3000005000000080000007000000006000000040000000500000002000000f8ffffff01000000030000000c00000005000000400200000a0000000301000000000000000000000000000000000000000000000000000000000000000000000800000000000000fbffffff000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa0000fcffffff00000000736e61740000000000000000000000000000000000000000000000000000000010000000000000000180c20000000000100000000000000009000000000000000015626174616476300000000000000000006970766c616e300000000000000000006c6f000000000000000000000000000076657468305f766972745f7769666900aaaaaaaaaabbff00000000ff8d05ecdde724ffffff00ff00fe000000fe00000036010000697076730000000000000000000000000000000000000000000000000000000028000000000000006401010100000000000000000000000000000000ffffffffffffffffff0000004e2008024e2221026f776e65720000000000000000000000000000000000000000000000000000001800", @ANYRES32, @ANYRES32, @ANYRES32=r7, @ANYRES32=r14, @ANYBLOB="01040000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaabb0000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000003000000fcffffff010000000900000020000000001864766d727030000000000000000000007465616d5f736c6176655f300000000076657468305f746f5f7465616d0000007465616d5f736c6176655f3000000000aaaaaaaaaa1e0000ff0000ff000000000000ffffff00ff006e0000006e000000a6000000736e61740000000000000000000000000000000000000000000000000000000010000000000000000180c20000030000ffffffff00000000"]}, 0xe4c)

2.414631727s ago: executing program 6 (id=3770):
r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
write$P9_RVERSION(r1, &(0x7f0000000000)={0x15, 0x65, 0xffff, 0x2, 0x8, '9P2000.u'}, 0x15)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x2a)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDFONTOP_SET(r4, 0x4b72, &(0x7f0000000080)={0x0, 0x3000000, 0x8, 0x1b, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afae3530db6dd493f28fd988721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9b647ba812f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f012139929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fd4e71929f918b98c4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"})

2.397852618s ago: executing program 6 (id=3771):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001300)={&(0x7f0000000380)=ANY=[], 0x0, 0x27, 0x0, 0x1, 0x2}, 0x28)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00'}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r5, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
syz_open_dev$loop(0x0, 0x7, 0x180862)
r6 = open_tree(0xffffffffffffff9c, 0x0, 0x89901)
syz_open_dev$sg(&(0x7f0000000340), 0x8, 0x24102)
mount_setattr(r6, 0x0, 0x0, &(0x7f0000001dc0)={0x0, 0x0, 0x80000}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a2d0000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYRES8=r0], 0x64}, 0x1, 0x0, 0x0, 0x20008001}, 0x60004810)
sendmsg$NFT_MSG_GETOBJ(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a03f5"], 0x34}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000300), 0x20100, 0x0)

2.101764672s ago: executing program 6 (id=3778):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000a40)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@norecovery}, {@resuid}, {@quota}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000140), &(0x7f0000000440)=0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
stat(0x0, 0x0)
write(r3, &(0x7f00000009c0)="3bf58d7d45d32c", 0x7)
r4 = perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8, 0x0, @perf_config_ext={0x1, 0xa}, 0x1184c, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'ip_vti0\x00', <r5=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0x4, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5}, [@exit]}, &(0x7f00000000c0)='GPL\x00', 0xb, 0x65, &(0x7f00000001c0)=""/101, 0x41000, 0x23, '\x00', r5, @fallback=0x8, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0xe, 0x7, 0x80000001}, 0x10, 0x0, r2, 0x6, 0x0, &(0x7f00000002c0)=[{0x2, 0x2, 0x4, 0xa}, {0x3, 0x1, 0x3, 0xa}, {0x4, 0x3, 0x6, 0x8}, {0x1, 0x3, 0x2, 0x4}, {0x0, 0x1, 0x8, 0x7}, {0x5, 0x4, 0xa, 0xc}], 0x10, 0xffff34f0}, 0x94)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r4, &(0x7f0000000040)={0xa0000004})
sendfile(r3, r2, 0x0, 0x3ffff)

1.181407275s ago: executing program 6 (id=3791):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r2, 0x0, r1, 0x0, 0x6, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f0000000100)=0x3ff)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000180)='sys_enter\x00', r3}, 0x18)
readahead(0xffffffffffffffff, 0xfffffffffffffff7, 0x9)
fcntl$setstatus(r1, 0x4, 0x7c00)
dup3(r2, r1, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

1.062942125s ago: executing program 1 (id=3793):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000850000000800000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4e, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TCFLSH(r1, 0x5410, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14)

1.00175106s ago: executing program 1 (id=3794):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x891)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
getsockopt$sock_buf(r3, 0x1, 0x1a, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r5, 0x6, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x3, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000200)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=0x0, @ANYRES16=r5, @ANYBLOB="961f9815b5504f4ca7bdfc101528a080b0e7c0f676989af24d6aa377e6bc68dc543e2be449d500eb55539eb33ae83c74c328fc7d0d1a656fd2a8bc42899002426fa4564f675ff3edb9f94fc34bd393401f32da8ffb07abc4dec4f374cf2643944fa3279a2589b2a2f7166fb73d6515eeaf251f2ef0943ad2b6b25a300dd7d0ae873929c866141b2ce61548bad2523adabf7062608278eea5f493856c6bac202630edb9d555599b68a73f8760ef78563615031baf942d258a20a305e2", @ANYRESOCT, @ANYRESHEX, @ANYRESOCT, @ANYRES64=r1, @ANYRESHEX=r1], 0x32600)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x14eeaa19, &(0x7f00000000c0))
fsmount(r5, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
ioctl$SNAPSHOT_PLATFORM_SUPPORT(0xffffffffffffffff, 0x330f, 0x6)

1.00097108s ago: executing program 5 (id=3795):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000180100000e186c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000070000008500000006000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x210000, &(0x7f0000000280)={[{@user_xattr}, {@noquota}, {@dioread_nolock}, {@jqfmt_vfsv1}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x70}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@stripe={'stripe', 0x3d, 0x20}}, {@bsdgroups}, {@max_batch_time={'max_batch_time', 0x3d, 0x3fe}}, {@user_xattr}, {@noinit_itable}]}, 0x3, 0x583, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvbHb7+32bQilvX15eCj1Yqd00iT8qeKhH0WJBPdclmYaSTbdkN6WJBduDvXiRIohYEO969+ChePHoX1HQQpES9OBlZTazybbZJJt0Y2L384Fpn2dmNs8888z34Zl9dpgABtaJ7J9CxPGI+CyJONyxrRj5xhNL+y0+vjmRLUk0m+/9lkSSr2vvn+T/H8wz/4mIHz+JOF1YXW59fmG6Uq2ms3l+pDFzbaQ+v3DmykxlKp1Kr46Nj597ZXzs9dde7VtdX7z4x5fv3n/r3KcnF7/47uGRu0mcj0P5ts56PINbnZkTzWZ+Tkpx/qkdR/tQ2G6S7PQBsCVDeZyXIuJ46XCpHfXA8+/jiGgCAyrZZPzv1V/Ac6I9Dmjf2/fpPvgf49GbSzdAq+tfXPpuJPa17o0OLCZP3Bll97vDfSg/K+P7X+/dzZbo3/cQABu6dTsizhaLq/u/JO//tu5sD/s8XYb+D/4+97Pxz0vdxj+F5fFPdBn/HOwSu1uxcfwXHvahmDVl4783uo5/lyethofy3L9aY75ScvlKNc36tn9HxKko7c3y683nnFt80FxrW+f4L1uy8ttjwfw4Hhb3PvmZyUqj8ix17vTodsR/u45/k+X2T7q0f3Y+PuixjGPpvf+vtW3j+m+v5jcRL3Rt/5UZrWT9+cmR1vUw0r4qVvv9zrGf1yq/e/1/+mEbqtpV1v4H1q//cNI5X1vffBlf7/szXWvbVq//Pcn7rfSefN2NSqMxOxqxJ3ln9fqxlc+28+39s/qfOrl+/9ft+t8fER/2WP87R7/939brv72y+k9uqv03n3jw9kdfrVV+b+3/cit1Kl/TS//X6wE+y7kDAAAAAACA3aYQEYciKZRjX54uFMrlpd93HI0DhWqt3jh9uTZ3dTJaz8oOR6nQnuk+3PF7iNH897Dt/NhT+fGIOBIRnw/tb+XLE7Xq5E5XHgAAAAAAAAAAAAAAAAAAAHaJg8vP/8cTz/9nfhna6aMDtl1x6f3fwADa8JX//XjTE7ArbRj/wHNL/MPgEv8wuMQ/DKTWFJ/4h8El/mFwiX8YXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAA+urihQvZ0lx8fHMiy09en5+brl0/M5nWp8szcxPlidrstfJUrTZVTcsTtZmN/l61Vrs2OhZzN0Yaab0xUp9fuDRTm7vauHRlpjKVXkq9ZxwAAAAAAAAAAAAAAAAAAABWq88vTFeq1XS2D4lStZoWIqKXnSP6VOgAJrJ2u1Xs7TxvTyKJlTXF3XJaJPqa2OmeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABW/BUAAP//2SsyHQ==")
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x1000)
r4 = syz_mount_image$ext4(&(0x7f00000007c0)='ext2\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f0000000180)={[{@journal_path={'journal_path', 0x3d, './file1'}}, {@nodioread_nolock}], [{@uid_gt={'uid>', r3}}, {@obj_role={'obj_role', 0x3d, '^(\'\x00'}}, {@obj_user={'obj_user', 0x3d, 'pcr'}}, {@pcr}]}, 0x4, 0x580, &(0x7f0000000940)="$eJzs3U1oXNUeAPD/vZPpZ95LH7wHT+miqFChdJL0Q6urdisWCl0IbjRMpqFkkimZiTYhi3RfxC5EpZu604VLxYULcePSrRvFtVBsUGi60JH5atJkkk5qkqm5vx/cmXvm3Mn/3HvyvzPncC8TQGYdazykEc9ExKUkYmhV3UC0K4+1tlteWig+WFooJlGvX/41iSQi7i8tFDvbJ+3nwxGxGBH/j4hv8xEn0vVxq3Pzk2PlcmmmXR6uTV0brs7Nn7w6NTZRmihNn375lbPnzpwdPTW6+m0P6qtL+a3t682fbr138/vX7tz67POji8UPxpI4H4PtutX7sW32dY5JPs6vqTqz7cH6K+l3A3giuXaeN1LpfzEUuXbWd1Mf2tWmATusvj+iDmRUIv8hozrfAxrj386ym98/7l5oDUAacZfbS6tmIPY3nw80xyaHfkseGZk0xptHdrOh7EmLNyJiZGBg/f9/0pobW+dxo+CVSamRbW0pO+GbC62OWt//abv/DzQf155/Bjtzp39T5/y3vO78txI/t8H571KPMf548+ePN4x/I+LZrvGTh/GTLvHTiHi7x/i33/jq3EZ19U8ijkf3+B3J5vPDw1eulksjrceuMb4+fvTVzfb/0AbxW3O2B5ofM92Of5dp7a6+/O6L5xY3if/i85v3f7fjfzAi3u8x/n/uf/r6RnV3byT3Gt8Cttr/SeTjTo/xXzp/7MceNwUAAAAAAAAAALYgbV7LlqSFh+tpWii07uH9bxxKy5Vq7cSVyuz0eOuatyORTztXWg21ykmjPNq+HrdTPrWmfDrXDpg72CwXipXyeJ/3HQAAAAAAAAAAAAAAAAAAAJ4Wh9fc//97rnn//9qfqwb2qo1/8hvY6+Q/ZNej+Z/0rR3A7vP5D5lVl/+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/AAAAAAAAAAAAAAAAAAAAAAAAAADsiEsXLzaW+oOlhWKjPD4wNztZeefkeKk6WZiaLRaKlZlrhYlKZaJcKhQrU4/7e0mlcm0kpmevD9dK1dpwdW7+ranK7HTnN0VL+R3fIwAAAAAAAAAAAAAAAAAAAPjnGWwuSVqIiLS5nqaFQsS/IuJIEsmVq+XSSET8OyJ+yOX3N8qj/W40AAAAAAAAAAAAAAAAAAAA7DHVufnJsXK5NJORlYGtbBwRi9vbjMZf3PK78u2+elqOoZUsrPT5xAQAAAAAAAAAAAAAAAAAABm0ctNvr+/4c2cbBAAAAAAAAAAAAAAAAAAAAJmU/pJERGM5PvTC4NrafclyrvkcEe/evvzh9bFabWa08fq9h6/XPmq/fqof7Qd61cnTTh4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK6pz85Nj5XJpZgdX+r2PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE/irwAAAP//TF/YDw==")
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, r4, 0x0)
r5 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x169)
fsetxattr$trusted_overlay_redirect(r5, &(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x8, 0x0)
pwritev(r5, &(0x7f0000000080)=[{&(0x7f0000000800)="59fdd4", 0xfdef}], 0x1, 0x8, 0x365)
socket(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000f00)=@delqdisc={0x38, 0x25, 0x100, 0x70bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xb, 0x7}, {0xfff3, 0x46e90b4a0aa5066a}, {0xfff1, 0x4}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x3, 0x4324}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x408a0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x20100, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000380), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000180)=@base={0x6, 0x4, 0x10, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x7}, 0x50)

896.850478ms ago: executing program 5 (id=3797):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x51}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
uname(0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x1f, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000008f000400000000000b00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000086000000bf090000000000005509010000000000950000000000000018180000", @ANYRES32=r5, @ANYBLOB="000000000000000025000100fcffffffb7080000000000007b9af8ff00000000b7080000fcffff7f7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70500000800000085000000a5000000bf91000000000000b702000003000000850000002a000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x7, 0x1000, &(0x7f0000000cc0)=""/4096, 0x41100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000a80)=@newsa={0x138, 0x10, 0x1, 0x70bd25, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, @in6=@empty}, {@in=@broadcast, 0x0, 0x33}, @in6=@mcast2, {0x3, 0x0, 0x7}, {}, {0x0, 0x2}, 0x0, 0x0, 0xa, 0x1, 0x0, 0x20}, [@algo_auth={0x48, 0x1, {{'sha256\x00'}}}]}, 0x138}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.swap.events\x00', 0x275a, 0x0)
fcntl$lock(r8, 0x26, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x8b6}, &(0x7f0000000000)=<r10=>0x0, &(0x7f0000000300)=<r11=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r10, r11, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r9, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
io_uring_enter(r9, 0x47f6, 0x0, 0x0, 0x0, 0x0)

801.359295ms ago: executing program 4 (id=3800):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f74"], 0xa8}}, 0x0)
r1 = socket$kcm(0x29, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99dbf231167013a4b2eaf6338a0b100c98a331dffc09"], &(0x7f0000000140)='GPL\x00'}, 0x48)
r3 = socket$kcm(0x2, 0x1, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r4, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000001900)={&(0x7f0000000000)=ANY=[@ANYBLOB="40000000051401002dbd7000fbdbdf25080001"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x40080)
sendmsg$inet(r4, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0, 0x31}, 0x20000811)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, &(0x7f0000000040)={r3, r2})
sendmsg$kcm(r1, &(0x7f0000002080)={0x0, 0x34000, &(0x7f0000002000)=[{&(0x7f0000000880)="1a", 0x100000}], 0x1}, 0x0)

731.968511ms ago: executing program 4 (id=3801):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$AUTOFS_IOC_FAIL(r1, 0x4c80, 0x7000000)

651.474058ms ago: executing program 4 (id=3802):
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@noblock_validity}, {}, {@dioread_lock}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@jqfmt_vfsv1}, {@dax}, {@noacl}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={r0, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x6, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r1=>0x0, 0x2d, &(0x7f0000000480)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0xb7, 0x8, 0x8, &(0x7f0000000580)}}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x1, 0x9, 0x8, 0x4, 0x5, 0x6})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r2}, 0x10)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x3, 0x0)

422.200866ms ago: executing program 4 (id=3803):
r0 = socket$kcm(0x29, 0xa, 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000000540)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, <r1=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f0000000f00)={r1, "86fef56fa86a4db7dc530d01088bd3ab"})
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x0, &(0x7f0000000240), 0x21, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x3f5980, 0x128)
syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x210080)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82)
r6 = dup(r5)
ioctl$USBDEVFS_CONTROL(r6, 0xc0185500, &(0x7f0000000080)={0x23, 0x3, 0x17, 0x2000, 0x0, 0x0, 0x0})

374.00387ms ago: executing program 5 (id=3804):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r3)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x3, 0x6361, 0x5, 0xfffffffd, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x20000804)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r6, {}, {0x2, 0xb}, {0xd, 0xd}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x4010004)
ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

341.262762ms ago: executing program 4 (id=3805):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r2, 0x0, r1, 0x0, 0x6, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f0000000100)=0x3ff)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000180)='sys_enter\x00', r3}, 0x18)
readahead(0xffffffffffffffff, 0xfffffffffffffff7, 0x9)
fcntl$setstatus(r1, 0x4, 0x7c00)
dup3(r2, r1, 0x0)
sendmsg$IPSET_CMD_PROTOCOL(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c000000010605"], 0x2c}, 0x1, 0x0, 0x0, 0x40001d0}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, 0x2}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
epoll_create1(0x80000)

323.448304ms ago: executing program 5 (id=3806):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000a40)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@norecovery}, {@resuid}, {@quota}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")

272.132558ms ago: executing program 5 (id=3807):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRESDEC=0x0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c094, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000980)={0xa, 0x2, 0x400, @loopback, 0xfffffffd}, 0x71)
setsockopt$inet6_tcp_int(r3, 0x6, 0x2000000000000022, &(0x7f0000000000)=0x1, 0x4)
shutdown(r3, 0x2)
sendto$inet6(r3, &(0x7f0000000740)="e9", 0x1, 0x20008045, &(0x7f00000001c0)={0xa, 0x2, 0x1000, @empty}, 0x1c)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="05000000040000009900"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="18020000000000000000000000000015850000001700000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000008850000000700000095"], &(0x7f00000002c0)='GPL\x00', 0x1e, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000b00)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095", @ANYRES8=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6, 0x0, 0x400007}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000c00)=ANY=[@ANYBLOB="58000000100039042abd7000eaffffff000003e4", @ANYRES32=0x0, @ANYBLOB="03000000c31006003800128008000100736974002c00028006000e000010000008000300ac1414bb08000200ac14142d08004b2882f34cac67661400010001003c86610e01ce26e850d7521d3c2128ac0f98f4062bdfe9934af4b4991f73bd67e0692aec0f22827a20dd6625b5927dda67c2fe1f4307502ed5bfa8b40972d0c5a9b383dcb347e3a820bc61851d184770b312fd4f7aba062f5a8ca48d4ad266fab690298b4ffbee076cd827bcae5e1fde7eb67f1df6eede181bad94708b8e3a00821542fa516bd84eef80a08224cf9180084115ccbcfee23997f28e972025d78f3ce7db2b85763d5c1ea151b0f974b5b186a5dd3c52d1e51e746b35198e1f6907c9f25b410876c574148d1d2357286ab8cf47c797b5d146b8437a31e3a309165589ac0829"], 0x58}, 0x1, 0x0, 0x0, 0x8000}, 0x4008040)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080006000000e8fe55a1180015000600142603600e120800110000000401a8001600050001", 0x37}, {&(0x7f0000000540)="0e5176a165b9dc815ca7d4c1a144dfd792335270df51c0356dbfadb633f46e07d078557969e7492dbee89248f923a23a3181c78a458079a26bd30f0734289b88506cfc7637761308225f0d51e508fb2cb0d51c9fc3f67ea10de974e1e10b31134a713cd18b63eb66bf9aee60f8903575ba4f30c1e983a2845a0955e052", 0x7d}], 0x2}, 0x200000e4)
r9 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="d800000010008104685fa3aa7143a0f8c81ded0b25000000e8fe09a11800150006001400000000120800030043000040a8002b", 0x33}], 0x1}, 0xc001)
write$cgroup_subtree(r9, &(0x7f0000000000)=ANY=[], 0xfe33)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000003c0)=0x11)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x2)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000340)=@o_path={&(0x7f0000000180)='./file0\x00', 0x0, 0x4008, r7}, 0x18)
sendmsg$netlink(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000100140001"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

148.294418ms ago: executing program 1 (id=3808):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000001c200000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000001f03000000000000e5000500000000002604fdffff02000015010000033800001d13fcff000000007a0af0ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf"], &(0x7f00000001c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x2}, 0x8, 0x10, &(0x7f00000000c0), 0x10}, 0x94)

94.374372ms ago: executing program 4 (id=3809):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000a40)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@norecovery}, {@resuid}, {@quota}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r1, &(0x7f00000009c0)="3bf58d7d45d32c", 0x7)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'ip_vti0\x00', <r2=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0x4, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5}, [@exit]}, &(0x7f00000000c0)='GPL\x00', 0xb, 0x65, &(0x7f00000001c0)=""/101, 0x41000, 0x23, '\x00', r2, @fallback=0x8, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0xe, 0x7, 0x80000001}, 0x10, 0x0, r0, 0x6, 0x0, &(0x7f00000002c0)=[{0x2, 0x2, 0x4, 0xa}, {0x3, 0x1, 0x3, 0xa}, {0x4, 0x3, 0x6, 0x8}, {0x1, 0x3, 0x2, 0x4}, {0x0, 0x1, 0x8, 0x7}, {0x5, 0x4, 0xa, 0xc}], 0x10, 0xffff34f0}, 0x94)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7fffeffd)

94.000242ms ago: executing program 1 (id=3810):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x4, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

85.073493ms ago: executing program 1 (id=3811):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000180100000e186c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000070000008500000006000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x210000, &(0x7f0000000280)={[{@user_xattr}, {@noquota}, {@dioread_nolock}, {@jqfmt_vfsv1}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x70}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@stripe={'stripe', 0x3d, 0x20}}, {@bsdgroups}, {@max_batch_time={'max_batch_time', 0x3d, 0x3fe}}, {@user_xattr}, {@noinit_itable}]}, 0x3, 0x583, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvbHb7+32bQilvX15eCj1Yqd00iT8qeKhH0WJBPdclmYaSTbdkN6WJBduDvXiRIohYEO969+ChePHoX1HQQpES9OBlZTazybbZJJt0Y2L384Fpn2dmNs8888z34Zl9dpgABtaJ7J9CxPGI+CyJONyxrRj5xhNL+y0+vjmRLUk0m+/9lkSSr2vvn+T/H8wz/4mIHz+JOF1YXW59fmG6Uq2ms3l+pDFzbaQ+v3DmykxlKp1Kr46Nj597ZXzs9dde7VtdX7z4x5fv3n/r3KcnF7/47uGRu0mcj0P5ts56PINbnZkTzWZ+Tkpx/qkdR/tQ2G6S7PQBsCVDeZyXIuJ46XCpHfXA8+/jiGgCAyrZZPzv1V/Ac6I9Dmjf2/fpPvgf49GbSzdAq+tfXPpuJPa17o0OLCZP3Bll97vDfSg/K+P7X+/dzZbo3/cQABu6dTsizhaLq/u/JO//tu5sD/s8XYb+D/4+97Pxz0vdxj+F5fFPdBn/HOwSu1uxcfwXHvahmDVl4783uo5/lyethofy3L9aY75ScvlKNc36tn9HxKko7c3y683nnFt80FxrW+f4L1uy8ttjwfw4Hhb3PvmZyUqj8ix17vTodsR/u45/k+X2T7q0f3Y+PuixjGPpvf+vtW3j+m+v5jcRL3Rt/5UZrWT9+cmR1vUw0r4qVvv9zrGf1yq/e/1/+mEbqtpV1v4H1q//cNI5X1vffBlf7/szXWvbVq//Pcn7rfSefN2NSqMxOxqxJ3ln9fqxlc+28+39s/qfOrl+/9ft+t8fER/2WP87R7/939brv72y+k9uqv03n3jw9kdfrVV+b+3/cit1Kl/TS//X6wE+y7kDAAAAAACA3aYQEYciKZRjX54uFMrlpd93HI0DhWqt3jh9uTZ3dTJaz8oOR6nQnuk+3PF7iNH897Dt/NhT+fGIOBIRnw/tb+XLE7Xq5E5XHgAAAAAAAAAAAAAAAAAAAHaJg8vP/8cTz/9nfhna6aMDtl1x6f3fwADa8JX//XjTE7ArbRj/wHNL/MPgEv8wuMQ/DKTWFJ/4h8El/mFwiX8YXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAA+urihQvZ0lx8fHMiy09en5+brl0/M5nWp8szcxPlidrstfJUrTZVTcsTtZmN/l61Vrs2OhZzN0Yaab0xUp9fuDRTm7vauHRlpjKVXkq9ZxwAAAAAAAAAAAAAAAAAAABWq88vTFeq1XS2D4lStZoWIqKXnSP6VOgAJrJ2u1Xs7TxvTyKJlTXF3XJaJPqa2OmeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABW/BUAAP//2SsyHQ==")
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x1000)
r4 = syz_mount_image$ext4(&(0x7f00000007c0)='ext2\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f0000000180)={[{@journal_path={'journal_path', 0x3d, './file1'}}, {@nodioread_nolock}], [{@uid_gt={'uid>', r3}}, {@obj_role={'obj_role', 0x3d, '^(\'\x00'}}, {@obj_user={'obj_user', 0x3d, 'pcr'}}, {@pcr}]}, 0x4, 0x580, &(0x7f0000000940)="$eJzs3U1oXNUeAPD/vZPpZ95LH7wHT+miqFChdJL0Q6urdisWCl0IbjRMpqFkkimZiTYhi3RfxC5EpZu604VLxYULcePSrRvFtVBsUGi60JH5atJkkk5qkqm5vx/cmXvm3Mn/3HvyvzPncC8TQGYdazykEc9ExKUkYmhV3UC0K4+1tlteWig+WFooJlGvX/41iSQi7i8tFDvbJ+3nwxGxGBH/j4hv8xEn0vVxq3Pzk2PlcmmmXR6uTV0brs7Nn7w6NTZRmihNn375lbPnzpwdPTW6+m0P6qtL+a3t682fbr138/vX7tz67POji8UPxpI4H4PtutX7sW32dY5JPs6vqTqz7cH6K+l3A3giuXaeN1LpfzEUuXbWd1Mf2tWmATusvj+iDmRUIv8hozrfAxrj386ym98/7l5oDUAacZfbS6tmIPY3nw80xyaHfkseGZk0xptHdrOh7EmLNyJiZGBg/f9/0pobW+dxo+CVSamRbW0pO+GbC62OWt//abv/DzQf155/Bjtzp39T5/y3vO78txI/t8H571KPMf548+ePN4x/I+LZrvGTh/GTLvHTiHi7x/i33/jq3EZ19U8ijkf3+B3J5vPDw1eulksjrceuMb4+fvTVzfb/0AbxW3O2B5ofM92Of5dp7a6+/O6L5xY3if/i85v3f7fjfzAi3u8x/n/uf/r6RnV3byT3Gt8Cttr/SeTjTo/xXzp/7MceNwUAAAAAAAAAALYgbV7LlqSFh+tpWii07uH9bxxKy5Vq7cSVyuz0eOuatyORTztXWg21ykmjPNq+HrdTPrWmfDrXDpg72CwXipXyeJ/3HQAAAAAAAAAAAAAAAAAAAJ4Wh9fc//97rnn//9qfqwb2qo1/8hvY6+Q/ZNej+Z/0rR3A7vP5D5lVl/+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/AAAAAAAAAAAAAAAAAAAAAAAAAADsiEsXLzaW+oOlhWKjPD4wNztZeefkeKk6WZiaLRaKlZlrhYlKZaJcKhQrU4/7e0mlcm0kpmevD9dK1dpwdW7+ranK7HTnN0VL+R3fIwAAAAAAAAAAAAAAAAAAAPjnGWwuSVqIiLS5nqaFQsS/IuJIEsmVq+XSSET8OyJ+yOX3N8qj/W40AAAAAAAAAAAAAAAAAAAA7DHVufnJsXK5NJORlYGtbBwRi9vbjMZf3PK78u2+elqOoZUsrPT5xAQAAAAAAAAAAAAAAAAAABm0ctNvr+/4c2cbBAAAAAAAAAAAAAAAAAAAAJmU/pJERGM5PvTC4NrafclyrvkcEe/evvzh9bFabWa08fq9h6/XPmq/fqof7Qd61cnTTh4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK6pz85Nj5XJpZgdX+r2PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE/irwAAAP//TF/YDw==")
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, r4, 0x0)
r5 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x169)
fsetxattr$trusted_overlay_redirect(r5, &(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x8, 0x0)
pwritev(r5, &(0x7f0000000080)=[{&(0x7f0000000800)="59fdd4", 0xfdef}], 0x1, 0x8, 0x365)
r6 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r6, 0x89f1, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, @dev, @dev={0xfe, 0x80, '\x00', 0x37}, 0x0, 0x0, 0x0, 0x3}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r6, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, 0x0, 0x0, 0x0, 0x4007}})
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000f00)=@delqdisc={0x38, 0x25, 0x100, 0x70bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0xb, 0x7}, {0xfff3, 0x46e90b4a0aa5066a}, {0xfff1, 0x4}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x3, 0x4324}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x408a0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000140), 0x77, 0x1501)
r9 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x20100, 0x0)
sendmsg$DEVLINK_CMD_TRAP_SET(r9, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000003c0)={&(0x7f00000006c0)={0x220, 0x0, 0x711, 0x70bd2c, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x40}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}]}, 0x220}, 0x1, 0x0, 0x0, 0x20000000}, 0x8050)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000180)=@base={0x6, 0x4, 0x10, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x7}, 0x50)

59.800235ms ago: executing program 3 (id=3812):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001300)={&(0x7f0000000380)=ANY=[], 0x0, 0x27, 0x0, 0x1, 0x2}, 0x28)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00'}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r5, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
syz_open_dev$loop(0x0, 0x7, 0x180862)
r6 = open_tree(0xffffffffffffff9c, 0x0, 0x89901)
syz_open_dev$sg(&(0x7f0000000340), 0x8, 0x24102)
mount_setattr(r6, 0x0, 0x0, &(0x7f0000001dc0)={0x0, 0x0, 0x80000}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a2d0000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYRES8=r0], 0x64}, 0x1, 0x0, 0x0, 0x20008001}, 0x60004810)
sendmsg$NFT_MSG_GETOBJ(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a03f5"], 0x34}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000300), 0x20100, 0x0)

12.987448ms ago: executing program 1 (id=3813):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x5)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000002001000001"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x28, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000180)='u', 0x1}], 0x1)
r3 = accept4$unix(r0, 0x0, 0x0, 0x0)
recvmsg(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000003c0)=""/74, 0x4a}], 0x2d}, 0x10000)

0s ago: executing program 5 (id=3814):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000a40)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@norecovery}, {@resuid}, {@quota}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")

kernel console output (not intermixed with test programs):

][T14292] can0 (unregistered): slcan off ttyS3.
[  255.882198][T14303] loop4: detected capacity change from 0 to 1024
[  255.894402][T14305] loop6: detected capacity change from 0 to 1024
[  255.908874][T14305] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.910994][T14303] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.950859][T12158] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.987811][T14311] loop4: detected capacity change from 0 to 1024
[  256.047229][T14311] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.097759][T12158] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.194622][T14316] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=14316 comm=syz.4.3325
[  256.198458][   T29] kauditd_printk_skb: 69 callbacks suppressed
[  256.198473][   T29] audit: type=1400 audit(1756466515.476:14124): avc:  denied  { create } for  pid=14317 comm="syz.1.3326" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  256.260065][T14305] EXT4-fs error (device loop6): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  256.304023][ T9986] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.330480][   T29] audit: type=1326 audit(1756466515.606:14125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14324 comm="syz.1.3330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb7d2ebe9 code=0x7ffc0000
[  256.354624][T14325] FAULT_INJECTION: forcing a failure.
[  256.354624][T14325] name failslab, interval 1, probability 0, space 0, times 0
[  256.367295][T14325] CPU: 1 UID: 0 PID: 14325 Comm: syz.1.3330 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  256.367323][T14325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  256.367363][T14325] Call Trace:
[  256.367371][T14325]  <TASK>
[  256.367380][T14325]  __dump_stack+0x1d/0x30
[  256.367405][T14325]  dump_stack_lvl+0xe8/0x140
[  256.367426][T14325]  dump_stack+0x15/0x1b
[  256.367445][T14325]  should_fail_ex+0x265/0x280
[  256.367518][T14325]  should_failslab+0x8c/0xb0
[  256.367543][T14325]  kmem_cache_alloc_node_noprof+0x57/0x320
[  256.367647][T14325]  ? __alloc_skb+0x101/0x320
[  256.367664][T14325]  __alloc_skb+0x101/0x320
[  256.367678][T14325]  ? audit_log_start+0x365/0x6c0
[  256.367770][T14325]  audit_log_start+0x380/0x6c0
[  256.367807][T14325]  audit_seccomp+0x48/0x100
[  256.367840][T14325]  ? __seccomp_filter+0x68c/0x10d0
[  256.367893][T14325]  __seccomp_filter+0x69d/0x10d0
[  256.367918][T14325]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  256.367944][T14325]  ? vfs_write+0x7e8/0x960
[  256.367964][T14325]  ? __rcu_read_unlock+0x4f/0x70
[  256.368052][T14325]  ? __fget_files+0x184/0x1c0
[  256.368151][T14325]  __secure_computing+0x82/0x150
[  256.368173][T14325]  syscall_trace_enter+0xcf/0x1e0
[  256.368247][T14325]  do_syscall_64+0xac/0x200
[  256.368278][T14325]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  256.368298][T14325]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  256.368392][T14325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.368416][T14325] RIP: 0033:0x7f4fb7d2ebe9
[  256.368433][T14325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.368453][T14325] RSP: 002b:00007f4fb6797038 EFLAGS: 00000246 ORIG_RAX: 0000000000000072
[  256.368477][T14325] RAX: ffffffffffffffda RBX: 00007f4fb7f55fa0 RCX: 00007f4fb7d2ebe9
[  256.368543][T14325] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  256.368557][T14325] RBP: 00007f4fb6797090 R08: 0000000000000000 R09: 0000000000000000
[  256.368571][T14325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  256.368585][T14325] R13: 00007f4fb7f56038 R14: 00007f4fb7f55fa0 R15: 00007ffe5f874448
[  256.368611][T14325]  </TASK>
[  256.368619][T14325] audit: audit_lost=3 audit_rate_limit=0 audit_backlog_limit=64
[  256.446005][   T29] audit: type=1326 audit(1756466515.636:14126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14324 comm="syz.1.3330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4fb7d2d550 code=0x7ffc0000
[  256.447254][T14325] audit: out of memory in audit_log_start
[  256.452449][   T29] audit: type=1326 audit(1756466515.636:14127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14324 comm="syz.1.3330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f4fb7d2d69f code=0x7ffc0000
[  256.550363][T14330] loop6: detected capacity change from 0 to 512
[  256.562851][   T29] audit: type=1326 audit(1756466515.756:14128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14324 comm="syz.1.3330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f4fb7d2d5fc code=0x7ffc0000
[  256.676485][   T29] audit: type=1326 audit(1756466515.756:14129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14324 comm="syz.1.3330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f4fb7d2d69f code=0x7ffc0000
[  256.700113][   T29] audit: type=1326 audit(1756466515.756:14130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14324 comm="syz.1.3330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f4fb7d2d84a code=0x7ffc0000
[  256.723829][   T29] audit: type=1326 audit(1756466515.756:14131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14324 comm="syz.1.3330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb7d2ebe9 code=0x7ffc0000
[  256.750349][T14330] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  256.767669][T14330] EXT4-fs (loop6): orphan cleanup on readonly fs
[  256.771697][T14336] loop3: detected capacity change from 0 to 256
[  256.782288][T14336] msdos: Bad value for 'uid'
[  256.785235][T14330] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.3329: corrupted inode contents
[  256.787060][T14336] msdos: Bad value for 'uid'
[  256.807425][T14336] 9pnet_fd: Insufficient options for proto=fd
[  256.814036][T14330] EXT4-fs (loop6): Remounting filesystem read-only
[  256.824049][T14330] EXT4-fs (loop6): 1 truncate cleaned up
[  256.832585][T14336] loop3: detected capacity change from 0 to 512
[  256.834098][   T57] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  256.849681][   T57] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  256.858096][T14333] __nla_validate_parse: 6 callbacks suppressed
[  256.858212][T14333] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3331'.
[  256.860248][   T57] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  256.872063][T14336] EXT4-fs: Ignoring removed orlov option
[  256.891868][T14330] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  256.905083][T14330] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.914602][T14337] C: renamed from team_slave_0 (while UP)
[  256.921453][T14336] EXT4-fs: Ignoring removed nomblk_io_submit option
[  256.928436][T14336] ext4: Unknown parameter 'fsname'
[  256.931203][T14337] netlink: 'syz.1.3331': attribute type 1 has an invalid length.
[  256.944303][T14337] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  256.972308][T14333] can0: slcan on ttyS3.
[  257.013771][T14341] loop3: detected capacity change from 0 to 1024
[  257.016032][T14333] can0 (unregistered): slcan off ttyS3.
[  257.029271][T14341] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.032882][T14333] netlink: 'syz.1.3331': attribute type 1 has an invalid length.
[  257.049330][T14333] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3331'.
[  257.124062][T14347] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  257.134509][T14347] syzkaller0: entered promiscuous mode
[  257.140191][T14347] syzkaller0: entered allmulticast mode
[  257.150922][T14346] tipc: Resetting bearer <eth:syzkaller0>
[  257.166731][T14346] tipc: Disabling bearer <eth:syzkaller0>
[  257.249300][T14355] loop6: detected capacity change from 0 to 2048
[  257.259249][T13156] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.276379][T14357] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3340'.
[  257.299745][T14355] Alternate GPT is invalid, using primary GPT.
[  257.306174][T14355]  loop6: p2 p3 p7
[  257.308893][T14359] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3341'.
[  257.338020][T14355] netlink: 'syz.6.3339': attribute type 7 has an invalid length.
[  257.345869][T14355] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3339'.
[  257.394125][T14368] netlink: 'syz.6.3344': attribute type 10 has an invalid length.
[  257.424563][T14373] loop6: detected capacity change from 0 to 1024
[  257.437768][T14373] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.464219][T14373] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  257.500860][   T57] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  257.513276][   T57] EXT4-fs (loop6): This should not happen!! Data will be lost
[  257.513276][   T57] 
[  257.523247][   T57] EXT4-fs (loop6): Total free blocks count 0
[  257.529278][   T57] EXT4-fs (loop6): Free/Dirty block details
[  257.535179][   T57] EXT4-fs (loop6): free_blocks=20480
[  257.540654][   T57] EXT4-fs (loop6): dirty_blocks=64
[  257.545875][   T57] EXT4-fs (loop6): Block reservation details
[  257.551961][   T57] EXT4-fs (loop6): i_reserved_data_blocks=4
[  257.560840][ T9986] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.732662][T14388] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  257.741056][T14388] syzkaller0: entered promiscuous mode
[  257.746630][T14388] syzkaller0: entered allmulticast mode
[  257.756501][T14387] tipc: Resetting bearer <eth:syzkaller0>
[  257.764692][T14387] tipc: Disabling bearer <eth:syzkaller0>
[  257.904305][T14392] netlink: 276 bytes leftover after parsing attributes in process `syz.3.3350'.
[  257.973731][T14398] loop3: detected capacity change from 0 to 512
[  257.989490][T14398] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  258.002329][T14398] ext4 filesystem being mounted at /58/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  258.033541][T14404] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3354'.
[  258.046512][T14404] loop6: detected capacity change from 0 to 512
[  258.053692][T14404] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  258.063098][T14404] EXT4-fs (loop6): 1 truncate cleaned up
[  258.069487][T14404] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.122195][T13156] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  258.140659][ T9986] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.144516][T14409] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  258.163262][T14409] syzkaller0: entered promiscuous mode
[  258.167728][T14411] loop6: detected capacity change from 0 to 256
[  258.168847][T14409] syzkaller0: entered allmulticast mode
[  258.175666][T14411] msdos: Bad value for 'uid'
[  258.185444][T14411] msdos: Bad value for 'uid'
[  258.190972][T14409] tipc: Resetting bearer <eth:syzkaller0>
[  258.198431][T14408] tipc: Resetting bearer <eth:syzkaller0>
[  258.203839][T14411] 9pnet_fd: Insufficient options for proto=fd
[  258.217218][T14408] tipc: Disabling bearer <eth:syzkaller0>
[  258.235787][T14413] loop4: detected capacity change from 0 to 256
[  258.244826][T14413] msdos: Bad value for 'uid'
[  258.244879][T14415] tipc: Started in network mode
[  258.249629][T14413] msdos: Bad value for 'uid'
[  258.251575][T14413] FAULT_INJECTION: forcing a failure.
[  258.251575][T14413] name failslab, interval 1, probability 0, space 0, times 0
[  258.254595][T14415] tipc: Node identity 86b98b250e63, cluster identity 4711
[  258.259187][T14413] CPU: 1 UID: 0 PID: 14413 Comm: syz.4.3358 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  258.259223][T14413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  258.259234][T14413] Call Trace:
[  258.259241][T14413]  <TASK>
[  258.259250][T14413]  __dump_stack+0x1d/0x30
[  258.259273][T14413]  dump_stack_lvl+0xe8/0x140
[  258.259292][T14413]  dump_stack+0x15/0x1b
[  258.259309][T14413]  should_fail_ex+0x265/0x280
[  258.259402][T14413]  ? audit_log_d_path+0x8d/0x150
[  258.259431][T14413]  should_failslab+0x8c/0xb0
[  258.259454][T14413]  __kmalloc_cache_noprof+0x4c/0x320
[  258.259506][T14413]  audit_log_d_path+0x8d/0x150
[  258.259533][T14413]  audit_log_d_path_exe+0x42/0x70
[  258.259600][T14413]  audit_log_task+0x1e9/0x250
[  258.259627][T14413]  audit_seccomp+0x61/0x100
[  258.259648][T14413]  ? __seccomp_filter+0x68c/0x10d0
[  258.259734][T14413]  __seccomp_filter+0x69d/0x10d0
[  258.259756][T14413]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  258.259821][T14413]  ? vfs_write+0x7e8/0x960
[  258.259842][T14413]  ? __rcu_read_unlock+0x4f/0x70
[  258.259862][T14413]  ? __fget_files+0x184/0x1c0
[  258.259887][T14413]  __secure_computing+0x82/0x150
[  258.259984][T14413]  syscall_trace_enter+0xcf/0x1e0
[  258.260066][T14413]  do_syscall_64+0xac/0x200
[  258.260092][T14413]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  258.260197][T14413]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  258.260221][T14413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.260243][T14413] RIP: 0033:0x7f0c75a7ebe9
[  258.260259][T14413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.260279][T14413] RSP: 002b:00007f0c744e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000106
[  258.260299][T14413] RAX: ffffffffffffffda RBX: 00007f0c75ca5fa0 RCX: 00007f0c75a7ebe9
[  258.260345][T14413] RDX: 0000200000001640 RSI: 00002000000003c0 RDI: ffffffffffffff9c
[  258.260358][T14413] RBP: 00007f0c744e7090 R08: 0000000000000000 R09: 0000000000000000
[  258.260370][T14413] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001
[  258.260383][T14413] R13: 00007f0c75ca6038 R14: 00007f0c75ca5fa0 R15: 00007fff05fb3088
[  258.260400][T14413]  </TASK>
[  258.318982][T14419] loop6: detected capacity change from 0 to 256
[  258.323612][T14415] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  258.329376][T14419] msdos: Unknown parameter ''
[  258.378603][T14418] loop4: detected capacity change from 0 to 8192
[  258.383594][T14420] syzkaller0: entered promiscuous mode
[  258.527239][T14420] syzkaller0: entered allmulticast mode
[  258.538372][T14414] tipc: Resetting bearer <eth:syzkaller0>
[  258.546643][T14418]  loop4: p1 p2[DM] p4
[  258.547990][T14414] tipc: Disabling bearer <eth:syzkaller0>
[  258.550819][T14418] loop4: p1 size 196608 extends beyond EOD, truncated
[  258.565409][T14431] netlink: 'syz.6.3364': attribute type 10 has an invalid length.
[  258.568379][T14418] loop4: p2 start 4292936063 is beyond EOD, truncated
[  258.580251][T14418] loop4: p4 size 50331648 extends beyond EOD, truncated
[  258.581035][T14425] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3363'.
[  258.629544][T14433] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  258.637661][T14433] syzkaller0: entered promiscuous mode
[  258.643146][T14433] syzkaller0: entered allmulticast mode
[  258.653359][T14436] netlink: 'syz.3.3363': attribute type 1 has an invalid length.
[  258.662730][T14436] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  258.688021][T14433] tipc: Resetting bearer <eth:syzkaller0>
[  258.693109][T14425] netlink: 'syz.3.3363': attribute type 1 has an invalid length.
[  258.702159][T14425] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3363'.
[  258.715760][T14432] tipc: Resetting bearer <eth:syzkaller0>
[  258.727313][T14432] tipc: Disabling bearer <eth:syzkaller0>
[  258.881678][T14453] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=14453 comm=syz.6.3371
[  258.930343][T14455] loop3: detected capacity change from 0 to 512
[  258.947926][T14455] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  258.966235][T14455] EXT4-fs (loop3): orphan cleanup on readonly fs
[  258.985653][T14455] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.3372: corrupted inode contents
[  259.007973][T14455] EXT4-fs (loop3): Remounting filesystem read-only
[  259.014629][T14455] EXT4-fs (loop3): 1 truncate cleaned up
[  259.020595][  T387] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  259.031146][  T387] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  259.044736][  T387] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  259.059091][T14460] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.071209][T14455] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  259.085513][T14455] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.108564][T14460] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.160187][T14460] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.219341][T14460] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.287417][ T9518] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  259.315997][ T9518] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  259.324402][ T9518] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  259.332787][ T9518] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  259.584390][T14465] netlink: 'syz.5.3375': attribute type 10 has an invalid length.
[  259.607312][T14471] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  259.627465][T14471] syzkaller0: entered promiscuous mode
[  259.633001][T14471] syzkaller0: entered allmulticast mode
[  259.642951][T14471] tipc: Resetting bearer <eth:syzkaller0>
[  259.651486][T14470] tipc: Resetting bearer <eth:syzkaller0>
[  259.663659][T14470] tipc: Disabling bearer <eth:syzkaller0>
[  259.685009][T14478] syzkaller0: entered promiscuous mode
[  259.690639][T14478] syzkaller0: entered allmulticast mode
[  259.711374][T14480] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  259.718926][T14480] syzkaller0: entered promiscuous mode
[  259.724558][T14480] syzkaller0: entered allmulticast mode
[  259.735563][T14480] tipc: Resetting bearer <eth:syzkaller0>
[  259.743066][T14479] tipc: Resetting bearer <eth:syzkaller0>
[  259.750648][T14479] tipc: Disabling bearer <eth:syzkaller0>
[  259.792449][T14482] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3380'.
[  260.238467][T14496] netlink: 'syz.6.3384': attribute type 1 has an invalid length.
[  260.308225][T14496] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  260.336399][T14494] can0: slcan on ttyS3.
[  260.422508][T14494] netlink: 'syz.6.3384': attribute type 1 has an invalid length.
[  260.430649][T14497] can0 (unregistered): slcan off ttyS3.
[  260.631777][T14503] netlink: 'syz.6.3387': attribute type 10 has an invalid length.
[  260.657964][T14507] netlink: 'syz.6.3388': attribute type 11 has an invalid length.
[  260.701206][T14510] loop6: detected capacity change from 0 to 1024
[  260.767869][T14510] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  260.804748][T14517] syzkaller0: entered promiscuous mode
[  260.810508][T14517] syzkaller0: entered allmulticast mode
[  260.829982][ T9986] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.927974][T14527] netlink: 'syz.6.3392': attribute type 10 has an invalid length.
[  260.960448][T14527] tmpfs: Bad value for 'mpol'
[  260.999336][T14518] loop5: detected capacity change from 0 to 512
[  261.026903][T14518] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  261.051949][T14518] EXT4-fs (loop5): orphan cleanup on readonly fs
[  261.079020][T14518] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.3390: corrupted inode contents
[  261.111645][T14518] EXT4-fs (loop5): Remounting filesystem read-only
[  261.134624][T14518] EXT4-fs (loop5): 1 truncate cleaned up
[  261.551161][   T51] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  261.561806][   T51] __quota_error: 386 callbacks suppressed
[  261.561823][   T51] Quota error (device loop5): write_blk: dquota write failed
[  261.574974][   T51] Quota error (device loop5): remove_free_dqentry: Can't write block (5) with free entries
[  261.585033][   T51] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  261.595583][   T51] Quota error (device loop5): write_blk: dquota write failed
[  261.602985][   T51] Quota error (device loop5): free_dqentry: Can't move quota data block (5) to free list
[  261.644560][   T51] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  261.654865][   T51] Quota error (device loop5): v2_write_file_info: Can't write info structure
[  261.665317][   T51] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  261.690147][T14518] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  261.706725][T14518] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.739823][T14535] netlink: 'syz.4.3395': attribute type 1 has an invalid length.
[  261.748837][T14535] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  261.778163][T14535] can0: slcan on ttyS3.
[  261.819722][T14543] FAULT_INJECTION: forcing a failure.
[  261.819722][T14543] name failslab, interval 1, probability 0, space 0, times 0
[  261.832602][T14543] CPU: 0 UID: 0 PID: 14543 Comm: syz.3.3398 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  261.832631][T14543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  261.832644][T14543] Call Trace:
[  261.832653][T14543]  <TASK>
[  261.832662][T14543]  __dump_stack+0x1d/0x30
[  261.832687][T14543]  dump_stack_lvl+0xe8/0x140
[  261.832708][T14543]  dump_stack+0x15/0x1b
[  261.832842][T14543]  should_fail_ex+0x265/0x280
[  261.832863][T14543]  should_failslab+0x8c/0xb0
[  261.832886][T14543]  __kmalloc_noprof+0xa5/0x3e0
[  261.832911][T14543]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[  261.832999][T14543]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[  261.833027][T14543]  genl_family_rcv_msg_doit+0x48/0x1b0
[  261.833171][T14543]  ? selinux_capable+0x31/0x40
[  261.833195][T14543]  ? security_capable+0x83/0x90
[  261.833217][T14543]  ? ns_capable+0x7d/0xb0
[  261.833236][T14543]  genl_rcv_msg+0x422/0x460
[  261.833340][T14543]  ? __pfx_ila_xlat_nl_cmd_flush+0x10/0x10
[  261.833447][T14543]  netlink_rcv_skb+0x123/0x220
[  261.833469][T14543]  ? __pfx_genl_rcv_msg+0x10/0x10
[  261.833516][T14543]  genl_rcv+0x28/0x40
[  261.833543][T14543]  netlink_unicast+0x5bd/0x690
[  261.833586][T14543]  netlink_sendmsg+0x58b/0x6b0
[  261.833634][T14543]  ? __pfx_netlink_sendmsg+0x10/0x10
[  261.833659][T14543]  __sock_sendmsg+0x145/0x180
[  261.833690][T14543]  ____sys_sendmsg+0x31e/0x4e0
[  261.833718][T14543]  ___sys_sendmsg+0x17b/0x1d0
[  261.833793][T14543]  __x64_sys_sendmsg+0xd4/0x160
[  261.833819][T14543]  x64_sys_call+0x191e/0x2ff0
[  261.833838][T14543]  do_syscall_64+0xd2/0x200
[  261.833862][T14543]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  261.833909][T14543]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  261.833988][T14543]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.834011][T14543] RIP: 0033:0x7f1c0120ebe9
[  261.834030][T14543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.834050][T14543] RSP: 002b:00007f1bffc6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  261.834073][T14543] RAX: ffffffffffffffda RBX: 00007f1c01435fa0 RCX: 00007f1c0120ebe9
[  261.834088][T14543] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[  261.834169][T14543] RBP: 00007f1bffc6f090 R08: 0000000000000000 R09: 0000000000000000
[  261.834182][T14543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.834196][T14543] R13: 00007f1c01436038 R14: 00007f1c01435fa0 R15: 00007ffd9bfd5548
[  261.834216][T14543]  </TASK>
[  262.082185][T14535] can0 (unregistered): slcan off ttyS3.
[  262.083396][T14544] __nla_validate_parse: 7 callbacks suppressed
[  262.083411][T14544] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3395'.
[  262.145268][T14550] loop5: detected capacity change from 0 to 1024
[  262.157941][T14550] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  262.184815][ T9023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.211006][T14556] loop5: detected capacity change from 0 to 512
[  262.229560][T14556] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.242776][T14558] loop3: detected capacity change from 0 to 512
[  262.252839][T14556] ext4 filesystem being mounted at /313/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  262.263552][T14560] loop4: detected capacity change from 0 to 512
[  262.274885][T14558] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  262.284064][T14560] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  262.292195][T14558] EXT4-fs (loop3): orphan cleanup on readonly fs
[  262.298736][T14560] EXT4-fs (loop4): orphan cleanup on readonly fs
[  262.307413][T14558] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.3399: corrupted inode contents
[  262.321922][T14560] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.3401: corrupted inode contents
[  262.335556][T14558] EXT4-fs (loop3): Remounting filesystem read-only
[  262.335729][T14560] EXT4-fs (loop4): Remounting filesystem read-only
[  262.356113][T14558] EXT4-fs (loop3): 1 truncate cleaned up
[  262.362109][   T57] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  262.372683][   T57] Quota error (device loop3): write_blk: dquota write failed
[  262.380187][   T57] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries
[  262.390209][   T57] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  262.400759][   T57] Quota error (device loop3): write_blk: dquota write failed
[  262.408287][   T57] Quota error (device loop3): free_dqentry: Can't move quota data block (5) to free list
[  262.426138][T14560] EXT4-fs (loop4): 1 truncate cleaned up
[  262.434292][   T57] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  262.446295][   T57] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  262.456944][   T57] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  262.469620][   T57] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  262.480551][T14558] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  262.480579][T14560] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  262.481271][T14560] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.493479][ T9023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.524336][T14558] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.651432][T14571] loop6: detected capacity change from 0 to 256
[  262.658625][T14571] msdos: Bad value for 'uid'
[  262.663250][T14571] msdos: Bad value for 'uid'
[  262.671756][T14572] SELinux: syz.5.3403 (14572) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  262.672147][T14571] 9pnet_fd: Insufficient options for proto=fd
[  262.701519][T14571] loop6: detected capacity change from 0 to 512
[  262.708588][T14571] EXT4-fs: Ignoring removed orlov option
[  262.714323][T14571] EXT4-fs: Ignoring removed nomblk_io_submit option
[  262.721165][T14571] ext4: Unknown parameter 'fsname'
[  262.751724][T14575] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  262.762860][T14575] netlink: 48 bytes leftover after parsing attributes in process `syz.6.3406'.
[  263.035481][T14584] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=14584 comm=syz.3.3408
[  263.057273][T14583] loop4: detected capacity change from 0 to 1024
[  263.078521][T14583] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  263.118820][T14583] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  263.121992][T14588] loop3: detected capacity change from 0 to 256
[  263.168969][T14588] msdos: Bad value for 'uid'
[  263.173630][T14588] msdos: Bad value for 'uid'
[  263.201188][T14588] 9pnet_fd: Insufficient options for proto=fd
[  263.207737][  T387] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  263.220095][  T387] EXT4-fs (loop4): This should not happen!! Data will be lost
[  263.220095][  T387] 
[  263.223651][T14588] loop3: detected capacity change from 0 to 512
[  263.229942][  T387] EXT4-fs (loop4): Total free blocks count 0
[  263.229962][  T387] EXT4-fs (loop4): Free/Dirty block details
[  263.248419][  T387] EXT4-fs (loop4): free_blocks=20480
[  263.249783][T14588] EXT4-fs: Ignoring removed orlov option
[  263.253842][  T387] EXT4-fs (loop4): dirty_blocks=64
[  263.253858][  T387] EXT4-fs (loop4): Block reservation details
[  263.253870][  T387] EXT4-fs (loop4): i_reserved_data_blocks=4
[  263.270598][T14588] EXT4-fs: Ignoring removed nomblk_io_submit option
[  263.316038][T14588] ext4: Unknown parameter 'fsname'
[  263.359961][T12158] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.386162][T14590] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3412'.
[  263.426530][T14592] loop4: detected capacity change from 0 to 256
[  263.444770][T14593] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  263.465345][T14592] msdos: Bad value for 'uid'
[  263.470005][T14592] msdos: Bad value for 'uid'
[  263.500830][T14590] can0: slcan on ttyS3.
[  263.509139][T14592] 9pnet_fd: Insufficient options for proto=fd
[  263.566133][T14590] can0 (unregistered): slcan off ttyS3.
[  263.582480][T14590] can0: slcan on ttyS3.
[  263.611823][T14590] validate_nla: 2 callbacks suppressed
[  263.611841][T14590] netlink: 'syz.3.3412': attribute type 1 has an invalid length.
[  263.625217][T14590] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3412'.
[  263.679964][T14597] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3414'.
[  263.706387][T14589] can0 (unregistered): slcan off ttyS3.
[  263.872536][T14617] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3421'.
[  263.881799][T14617] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3421'.
[  263.906493][T14614] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3420'.
[  263.981069][T14621] program syz.3.3420 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  264.050249][T14623] FAULT_INJECTION: forcing a failure.
[  264.050249][T14623] name failslab, interval 1, probability 0, space 0, times 0
[  264.062920][T14623] CPU: 1 UID: 0 PID: 14623 Comm: syz.3.3423 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  264.062945][T14623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  264.062956][T14623] Call Trace:
[  264.063010][T14623]  <TASK>
[  264.063017][T14623]  __dump_stack+0x1d/0x30
[  264.063036][T14623]  dump_stack_lvl+0xe8/0x140
[  264.063051][T14623]  dump_stack+0x15/0x1b
[  264.063085][T14623]  should_fail_ex+0x265/0x280
[  264.063100][T14623]  should_failslab+0x8c/0xb0
[  264.063117][T14623]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  264.063144][T14623]  ? avc_policy_seqno+0x15/0x30
[  264.063207][T14623]  ? security_context_to_sid_core+0x69/0x3b0
[  264.063292][T14623]  kmemdup_nul+0x36/0xc0
[  264.063317][T14623]  security_context_to_sid_core+0x69/0x3b0
[  264.063332][T14623]  ? avc_has_perm_noaudit+0x1b1/0x200
[  264.063350][T14623]  security_context_to_sid+0x2e/0x40
[  264.063428][T14623]  selinux_inode_setxattr+0x4af/0x6e0
[  264.063459][T14623]  security_inode_setxattr+0x13a/0x1b0
[  264.063530][T14623]  __vfs_setxattr_locked+0x83/0x1d0
[  264.063551][T14623]  vfs_setxattr+0x132/0x270
[  264.063572][T14623]  filename_setxattr+0x1ad/0x400
[  264.063616][T14623]  path_setxattrat+0x2c9/0x310
[  264.063648][T14623]  __x64_sys_lsetxattr+0x71/0x90
[  264.063667][T14623]  x64_sys_call+0x2877/0x2ff0
[  264.063785][T14623]  do_syscall_64+0xd2/0x200
[  264.063829][T14623]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  264.063878][T14623]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  264.063894][T14623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.063931][T14623] RIP: 0033:0x7f1c0120ebe9
[  264.063942][T14623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.063955][T14623] RSP: 002b:00007f1bffc6f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  264.063969][T14623] RAX: ffffffffffffffda RBX: 00007f1c01435fa0 RCX: 00007f1c0120ebe9
[  264.063978][T14623] RDX: 0000200000001240 RSI: 0000200000001280 RDI: 00002000000012c0
[  264.064047][T14623] RBP: 00007f1bffc6f090 R08: 0000000000000000 R09: 0000000000000000
[  264.064055][T14623] R10: 0000000000000015 R11: 0000000000000246 R12: 0000000000000001
[  264.064064][T14623] R13: 00007f1c01436038 R14: 00007f1c01435fa0 R15: 00007ffd9bfd5548
[  264.064075][T14623]  </TASK>
[  264.412520][T14631] loop4: detected capacity change from 0 to 1024
[  264.420404][T14631] EXT4-fs: Ignoring removed orlov option
[  264.428193][T14631] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.518231][T12158] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.599793][T14640] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3428'.
[  264.775037][T14638] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=886 sclass=netlink_route_socket pid=14638 comm=syz.4.3427
[  264.845807][T14646] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3430'.
[  264.877697][T14648] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  264.884887][T14648] syzkaller0: entered promiscuous mode
[  264.890443][T14648] syzkaller0: entered allmulticast mode
[  264.901405][T14648] tipc: Resetting bearer <eth:syzkaller0>
[  264.908299][T14647] tipc: Resetting bearer <eth:syzkaller0>
[  264.928294][T14647] tipc: Disabling bearer <eth:syzkaller0>
[  264.938128][T14646] netlink: 'syz.6.3430': attribute type 1 has an invalid length.
[  264.956247][T14646] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  264.974704][T14649] can0: slcan on ttyS3.
[  265.010023][T14651] loop4: detected capacity change from 0 to 512
[  265.026843][T14651] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  265.035392][T14651] EXT4-fs (loop4): orphan cleanup on readonly fs
[  265.044571][T14646] netlink: 'syz.6.3430': attribute type 1 has an invalid length.
[  265.052890][T14651] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  265.067885][T14649] can0 (unregistered): slcan off ttyS3.
[  265.068534][T14651] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  265.080758][T14651] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3432: bg 0: block 40: padding at end of block bitmap is not set
[  265.095373][T14651] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  265.104271][T14651] EXT4-fs (loop4): 1 truncate cleaned up
[  265.110350][T14651] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  265.132802][T12158] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.170178][T14655] loop4: detected capacity change from 0 to 1024
[  265.193635][T14662] loop3: detected capacity change from 0 to 512
[  265.202881][T14655] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.227183][T14662] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.3436: iget: bad extended attribute block 1
[  265.244436][T14662] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.3436: couldn't read orphan inode 15 (err -117)
[  265.275397][T14655] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  265.276520][T14662] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.313655][T14668] netlink: 'syz.1.3438': attribute type 10 has an invalid length.
[  265.327150][T14666] netlink: 'syz.6.3437': attribute type 1 has an invalid length.
[  265.337220][ T8668] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  265.349703][ T8668] EXT4-fs (loop4): This should not happen!! Data will be lost
[  265.349703][ T8668] 
[  265.349892][T14666] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  265.359651][ T8668] EXT4-fs (loop4): Total free blocks count 0
[  265.376257][T14668] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.380951][ T8668] EXT4-fs (loop4): Free/Dirty block details
[  265.388072][T14668] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.391789][T14668] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.393978][ T8668] EXT4-fs (loop4): free_blocks=20480
[  265.401040][T14668] bridge0: port 2(bridge_slave_1) entered forwarding state
[  265.401187][T14668] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.408134][ T8668] EXT4-fs (loop4): dirty_blocks=64
[  265.413487][T14668] bridge0: port 1(bridge_slave_0) entered forwarding state
[  265.420699][ T8668] EXT4-fs (loop4): Block reservation details
[  265.446181][ T8668] EXT4-fs (loop4): i_reserved_data_blocks=4
[  265.455005][T12158] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.467369][T14668] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  265.478299][T14671] can0: slcan on ttyS3.
[  265.478393][T14672] bridge_slave_1: left allmulticast mode
[  265.488461][T14672] bridge_slave_1: left promiscuous mode
[  265.494220][T14672] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.502542][T14672] bridge_slave_0: left allmulticast mode
[  265.508411][T14672] bridge_slave_0: left promiscuous mode
[  265.514131][T14672] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.529826][T14662] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[  265.545407][T14671] netlink: 'syz.6.3437': attribute type 1 has an invalid length.
[  265.564580][T14668] tmpfs: Bad value for 'mpol'
[  265.570656][T13156] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.582237][T14672] bond0: (slave bridge0): Releasing backup interface
[  265.676046][T14666] can0 (unregistered): slcan off ttyS3.
[  265.696578][T14679] SELinux: syz.3.3440 (14679) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  265.899790][T14692] loop6: detected capacity change from 0 to 512
[  265.926175][T14692] EXT4-fs: Mount option(s) incompatible with ext3
[  266.405575][T14698] loop4: detected capacity change from 0 to 1024
[  266.417479][T14698] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.442472][T14698] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  266.470552][   T51] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  266.482914][   T51] EXT4-fs (loop4): This should not happen!! Data will be lost
[  266.482914][   T51] 
[  266.492928][   T51] EXT4-fs (loop4): Total free blocks count 0
[  266.498916][   T51] EXT4-fs (loop4): Free/Dirty block details
[  266.504800][   T51] EXT4-fs (loop4): free_blocks=20480
[  266.510152][   T51] EXT4-fs (loop4): dirty_blocks=64
[  266.515389][   T51] EXT4-fs (loop4): Block reservation details
[  266.521431][   T51] EXT4-fs (loop4): i_reserved_data_blocks=4
[  266.528396][T12158] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.595184][T14708] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  266.602906][T14708] syzkaller0: entered promiscuous mode
[  266.608543][T14708] syzkaller0: entered allmulticast mode
[  266.615756][T14704] netlink: 'syz.4.3448': attribute type 1 has an invalid length.
[  266.625132][T14704] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  266.626971][   T29] kauditd_printk_skb: 259 callbacks suppressed
[  266.627006][   T29] audit: type=1326 audit(1756466525.896:14756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14709 comm="syz.6.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b778bebe9 code=0x7ffc0000
[  266.643294][T14708] tipc: Resetting bearer <eth:syzkaller0>
[  266.671748][T14710] loop6: detected capacity change from 0 to 256
[  266.681119][T14711] can0: slcan on ttyS3.
[  266.683450][   T29] audit: type=1326 audit(1756466525.926:14757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14709 comm="syz.6.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b778bebe9 code=0x7ffc0000
[  266.690186][T14710] msdos: Bad value for 'uid'
[  266.711155][   T29] audit: type=1326 audit(1756466525.926:14758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14709 comm="syz.6.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f0b778bebe9 code=0x7ffc0000
[  266.715849][T14710] msdos: Bad value for 'uid'
[  266.739505][   T29] audit: type=1326 audit(1756466525.926:14759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14709 comm="syz.6.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0b778bec23 code=0x7ffc0000
[  266.761309][T14710] 9pnet_fd: Insufficient options for proto=fd
[  266.767560][   T29] audit: type=1326 audit(1756466525.926:14760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14709 comm="syz.6.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f0b778bd69f code=0x7ffc0000
[  266.797146][   T29] audit: type=1326 audit(1756466525.926:14761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14709 comm="syz.6.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f0b778bec77 code=0x7ffc0000
[  266.797382][T14710] loop6: detected capacity change from 0 to 512
[  266.820990][   T29] audit: type=1326 audit(1756466525.946:14762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14709 comm="syz.6.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0b778bd550 code=0x7ffc0000
[  266.828095][T14711] netlink: 'syz.4.3448': attribute type 1 has an invalid length.
[  266.851099][   T29] audit: type=1326 audit(1756466525.946:14763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14709 comm="syz.6.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0b778be7eb code=0x7ffc0000
[  266.863867][T14710] EXT4-fs: Ignoring removed orlov option
[  266.884480][   T29] audit: type=1326 audit(1756466525.966:14764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14709 comm="syz.6.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f0b778bd84a code=0x7ffc0000
[  266.888266][T14707] tipc: Resetting bearer <eth:syzkaller0>
[  266.911657][   T29] audit: type=1326 audit(1756466525.966:14765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14709 comm="syz.6.3451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f0b778bd84a code=0x7ffc0000
[  266.916157][T14710] EXT4-fs: Ignoring removed nomblk_io_submit option
[  266.947836][T14710] ext4: Unknown parameter 'fsname'
[  266.953798][T14707] tipc: Disabling bearer <eth:syzkaller0>
[  267.046416][T14704] can0 (unregistered): slcan off ttyS3.
[  267.138332][T14724] loop6: detected capacity change from 0 to 512
[  267.156856][T14724] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  267.165052][T14724] EXT4-fs (loop6): orphan cleanup on readonly fs
[  267.173501][T14724] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.3455: corrupted inode contents
[  267.185874][T14724] EXT4-fs (loop6): Remounting filesystem read-only
[  267.193816][T14724] EXT4-fs (loop6): 1 truncate cleaned up
[  267.203799][   T37] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  267.214557][   T37] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  267.225465][   T37] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  267.237374][T14724] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  267.250667][T14724] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.324739][T14734] __nla_validate_parse: 7 callbacks suppressed
[  267.324754][T14734] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3459'.
[  267.340103][T14734] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3459'.
[  267.349218][T14734] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3459'.
[  267.775240][T14739] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3461'.
[  267.874354][T14741] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3462'.
[  267.926359][T14742] netlink: 'syz.6.3462': attribute type 1 has an invalid length.
[  267.935179][T14742] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  267.957337][T14741] can0: slcan on ttyS3.
[  267.973068][T14744] loop4: detected capacity change from 0 to 8192
[  267.996104][T14741] can0 (unregistered): slcan off ttyS3.
[  268.004840][T14741] can0: slcan on ttyS3.
[  268.006177][T14744]  loop4: p1 p2[DM] p4
[  268.012632][T14741] netlink: 'syz.6.3462': attribute type 1 has an invalid length.
[  268.013459][T14744] loop4: p1 size 196608 extends beyond EOD, 
[  268.021215][T14741] netlink: 224 bytes leftover after parsing attributes in process `syz.6.3462'.
[  268.036661][T14744] truncated
[  268.040195][T14744] loop4: p2 start 4292936063 is beyond EOD, truncated
[  268.047119][T14744] loop4: p4 size 50331648 extends beyond EOD, truncated
[  268.076013][T14740] can0 (unregistered): slcan off ttyS3.
[  268.082895][T14746] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  268.091602][T14746] syzkaller0: entered promiscuous mode
[  268.097276][T14746] syzkaller0: entered allmulticast mode
[  268.106731][T14746] tipc: Resetting bearer <eth:syzkaller0>
[  268.113507][T14745] tipc: Resetting bearer <eth:syzkaller0>
[  268.120699][T14745] tipc: Disabling bearer <eth:syzkaller0>
[  268.168191][T14750] loop4: detected capacity change from 0 to 128
[  268.175068][T14750] FAT-fs (loop4): bogus number of reserved sectors
[  268.181749][T14750] FAT-fs (loop4): This looks like a DOS 1.x volume, but isn't a recognized floppy size (128 sectors)
[  268.192718][T14750] FAT-fs (loop4): Can't find a valid FAT filesystem
[  268.237604][T14753] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3467'.
[  268.335373][T14766] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3472'.
[  268.397076][T14766] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  268.413221][T14768] loop5: detected capacity change from 0 to 8192
[  268.424722][T14766] can0: slcan on ttyS3.
[  268.456071][T14766] can0 (unregistered): slcan off ttyS3.
[  268.466251][T14768]  loop5: p1 p2[DM] p4
[  268.467108][T14766] can0: slcan on ttyS3.
[  268.470422][T14768] loop5: p1 size 196608 extends beyond EOD, truncated
[  268.481888][T14766] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3472'.
[  268.492376][T14768] loop5: p2 start 4292936063 is beyond EOD, truncated
[  268.499239][T14768] loop5: p4 size 50331648 extends beyond EOD, truncated
[  268.546182][T14765] can0 (unregistered): slcan off ttyS3.
[  268.651823][T14775] syzkaller0: entered promiscuous mode
[  268.657401][T14775] syzkaller0: entered allmulticast mode
[  268.782213][T14778] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3477'.
[  268.833692][T14778] validate_nla: 2 callbacks suppressed
[  268.833709][T14778] netlink: 'syz.6.3477': attribute type 1 has an invalid length.
[  268.849043][T14778] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  268.870958][T14778] can0: slcan on ttyS3.
[  268.916053][T14778] can0 (unregistered): slcan off ttyS3.
[  268.934690][T14778] netlink: 'syz.6.3477': attribute type 1 has an invalid length.
[  268.974449][T14783] FAULT_INJECTION: forcing a failure.
[  268.974449][T14783] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  268.987863][T14783] CPU: 0 UID: 0 PID: 14783 Comm: syz.6.3479 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  268.987895][T14783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  268.987907][T14783] Call Trace:
[  268.987914][T14783]  <TASK>
[  268.987924][T14783]  __dump_stack+0x1d/0x30
[  268.987992][T14783]  dump_stack_lvl+0xe8/0x140
[  268.988012][T14783]  dump_stack+0x15/0x1b
[  268.988032][T14783]  should_fail_ex+0x265/0x280
[  268.988056][T14783]  should_fail+0xb/0x20
[  268.988104][T14783]  should_fail_usercopy+0x1a/0x20
[  268.988130][T14783]  _copy_from_user+0x1c/0xb0
[  268.988162][T14783]  __se_sys_mount+0x10d/0x2e0
[  268.988260][T14783]  ? fput+0x8f/0xc0
[  268.988287][T14783]  ? ksys_write+0x192/0x1a0
[  268.988307][T14783]  __x64_sys_mount+0x67/0x80
[  268.988328][T14783]  x64_sys_call+0x2b4d/0x2ff0
[  268.988419][T14783]  do_syscall_64+0xd2/0x200
[  268.988489][T14783]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  268.988521][T14783]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  268.988613][T14783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.988636][T14783] RIP: 0033:0x7f0b778bebe9
[  268.988654][T14783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.988724][T14783] RSP: 002b:00007f0b76327038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  268.988745][T14783] RAX: ffffffffffffffda RBX: 00007f0b77ae5fa0 RCX: 00007f0b778bebe9
[  268.988791][T14783] RDX: 0000200000001440 RSI: 0000200000001400 RDI: 0000000000000000
[  268.988805][T14783] RBP: 00007f0b76327090 R08: 0000200000000080 R09: 0000000000000000
[  268.988818][T14783] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001
[  268.988910][T14783] R13: 00007f0b77ae6038 R14: 00007f0b77ae5fa0 R15: 00007ffea010f588
[  268.988929][T14783]  </TASK>
[  269.186034][T14783] 9pnet: Could not find request transport: ���
[  269.341463][T14798] loop4: detected capacity change from 0 to 512
[  269.358360][T14798] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  269.384576][T14798] EXT4-fs (loop4): orphan cleanup on readonly fs
[  269.426245][T14805] random: crng reseeded on system resumption
[  269.454959][T14798] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.3481: corrupted inode contents
[  269.524324][T14798] EXT4-fs (loop4): Remounting filesystem read-only
[  269.572312][T14798] EXT4-fs (loop4): 1 truncate cleaned up
[  269.796462][   T51] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  269.807224][   T51] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  269.842324][   T51] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  269.893060][T14813] syzkaller0: entered promiscuous mode
[  269.898703][T14813] syzkaller0: entered allmulticast mode
[  269.909555][T14798] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  269.976418][T14798] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.992251][T14815] loop5: detected capacity change from 0 to 512
[  270.013969][T14815] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  270.035685][T14815] ext4 filesystem being mounted at /325/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  270.189695][T14824] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=14824 comm=syz.4.3492
[  270.209321][ T9023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.224284][T14830] loop6: detected capacity change from 0 to 1024
[  270.252002][T14830] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  270.284551][T14830] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  270.328660][T14849] FAULT_INJECTION: forcing a failure.
[  270.328660][T14849] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  270.342262][T14849] CPU: 0 UID: 0 PID: 14849 Comm: syz.4.3502 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  270.342377][T14849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  270.342392][T14849] Call Trace:
[  270.342399][T14849]  <TASK>
[  270.342407][T14849]  __dump_stack+0x1d/0x30
[  270.342567][T14849]  dump_stack_lvl+0xe8/0x140
[  270.342590][T14849]  dump_stack+0x15/0x1b
[  270.342610][T14849]  should_fail_ex+0x265/0x280
[  270.342635][T14849]  should_fail+0xb/0x20
[  270.342723][T14849]  should_fail_usercopy+0x1a/0x20
[  270.342744][T14849]  _copy_from_user+0x1c/0xb0
[  270.342771][T14849]  ___sys_sendmsg+0xc1/0x1d0
[  270.342818][T14849]  __x64_sys_sendmsg+0xd4/0x160
[  270.342843][T14849]  x64_sys_call+0x191e/0x2ff0
[  270.342863][T14849]  do_syscall_64+0xd2/0x200
[  270.342888][T14849]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  270.342910][T14849]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  270.342951][T14849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.342970][T14849] RIP: 0033:0x7f0c75a7ebe9
[  270.342985][T14849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  270.343050][T14849] RSP: 002b:00007f0c744e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  270.343069][T14849] RAX: ffffffffffffffda RBX: 00007f0c75ca5fa0 RCX: 00007f0c75a7ebe9
[  270.343080][T14849] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000005
[  270.343167][T14849] RBP: 00007f0c744e7090 R08: 0000000000000000 R09: 0000000000000000
[  270.343179][T14849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  270.343190][T14849] R13: 00007f0c75ca6038 R14: 00007f0c75ca5fa0 R15: 00007fff05fb3088
[  270.343210][T14849]  </TASK>
[  270.570197][T14855] loop4: detected capacity change from 0 to 1024
[  270.577961][ T9518] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  270.590487][ T9518] EXT4-fs (loop6): This should not happen!! Data will be lost
[  270.590487][ T9518] 
[  270.600337][ T9518] EXT4-fs (loop6): Total free blocks count 0
[  270.606531][ T9518] EXT4-fs (loop6): Free/Dirty block details
[  270.612828][ T9518] EXT4-fs (loop6): free_blocks=20480
[  270.618203][ T9518] EXT4-fs (loop6): dirty_blocks=64
[  270.623425][ T9518] EXT4-fs (loop6): Block reservation details
[  270.629630][ T9518] EXT4-fs (loop6): i_reserved_data_blocks=4
[  270.641246][ T9986] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.659868][T14855] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  270.688345][T14861] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  270.726736][T14861] syzkaller0: entered promiscuous mode
[  270.732334][T14861] syzkaller0: entered allmulticast mode
[  270.780782][T14864] tipc: Resetting bearer <eth:syzkaller0>
[  270.803765][T14860] tipc: Resetting bearer <eth:syzkaller0>
[  270.814827][T14860] tipc: Disabling bearer <eth:syzkaller0>
[  271.085636][T14872] loop6: detected capacity change from 0 to 512
[  271.105286][T12158] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.177928][T14872] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  271.193158][T14872] ext4 filesystem being mounted at /309/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  271.255840][T14876] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=14876 comm=syz.1.3509
[  271.281998][T14883] loop4: detected capacity change from 0 to 128
[  271.318461][T14878] FAULT_INJECTION: forcing a failure.
[  271.318461][T14878] name failslab, interval 1, probability 0, space 0, times 0
[  271.331317][T14878] CPU: 1 UID: 0 PID: 14878 Comm: syz.4.3508 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  271.331347][T14878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  271.331360][T14878] Call Trace:
[  271.331366][T14878]  <TASK>
[  271.331374][T14878]  __dump_stack+0x1d/0x30
[  271.331409][T14878]  dump_stack_lvl+0xe8/0x140
[  271.331451][T14878]  dump_stack+0x15/0x1b
[  271.331467][T14878]  should_fail_ex+0x265/0x280
[  271.331487][T14878]  should_failslab+0x8c/0xb0
[  271.331510][T14878]  kmem_cache_alloc_noprof+0x50/0x310
[  271.331601][T14878]  ? fat_parse_long+0x5d/0x430
[  271.331633][T14878]  fat_parse_long+0x5d/0x430
[  271.331668][T14878]  __fat_readdir+0x477/0xd80
[  271.331743][T14878]  ? kstrtouint_from_user+0x9f/0xf0
[  271.331849][T14878]  fat_readdir+0x2f/0x40
[  271.331878][T14878]  iterate_dir+0x114/0x330
[  271.331899][T14878]  ? mutex_lock+0xd/0x30
[  271.331924][T14878]  __se_sys_getdents64+0x88/0x1b0
[  271.331955][T14878]  ? __pfx_filldir64+0x10/0x10
[  271.331976][T14878]  __x64_sys_getdents64+0x43/0x50
[  271.332069][T14878]  x64_sys_call+0x2d9f/0x2ff0
[  271.332091][T14878]  do_syscall_64+0xd2/0x200
[  271.332121][T14878]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  271.332142][T14878]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  271.332203][T14878]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.332228][T14878] RIP: 0033:0x7f0c75a7ebe9
[  271.332247][T14878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.332266][T14878] RSP: 002b:00007f0c744e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[  271.332289][T14878] RAX: ffffffffffffffda RBX: 00007f0c75ca5fa0 RCX: 00007f0c75a7ebe9
[  271.332305][T14878] RDX: 000000000000fed6 RSI: 0000200000000680 RDI: 0000000000000006
[  271.332319][T14878] RBP: 00007f0c744e7090 R08: 0000000000000000 R09: 0000000000000000
[  271.332332][T14878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.332393][T14878] R13: 00007f0c75ca6038 R14: 00007f0c75ca5fa0 R15: 00007fff05fb3088
[  271.332413][T14878]  </TASK>
[  271.609744][ T9986] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.643095][T14902] netlink: 'syz.1.3514': attribute type 1 has an invalid length.
[  271.644449][T14901] loop6: detected capacity change from 0 to 1024
[  271.662020][T14902] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  271.682903][T14901] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  271.694613][T14892] can0: slcan on ttyS3.
[  271.700721][T14905] loop4: detected capacity change from 0 to 1024
[  271.716406][T14905] EXT4-fs: Ignoring removed bh option
[  271.723724][T14901] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  271.743881][T14896] loop5: detected capacity change from 0 to 512
[  271.746037][T14905] EXT4-fs: Ignoring removed nobh option
[  271.755845][T14905] EXT4-fs: Ignoring removed bh option
[  271.781197][T14905] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  271.794368][   T37] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  271.806823][   T37] EXT4-fs (loop6): This should not happen!! Data will be lost
[  271.806823][   T37] 
[  271.816826][   T37] EXT4-fs (loop6): Total free blocks count 0
[  271.822989][   T37] EXT4-fs (loop6): Free/Dirty block details
[  271.828933][   T37] EXT4-fs (loop6): free_blocks=20480
[  271.834402][   T37] EXT4-fs (loop6): dirty_blocks=64
[  271.839622][   T37] EXT4-fs (loop6): Block reservation details
[  271.845637][   T37] EXT4-fs (loop6): i_reserved_data_blocks=4
[  271.855802][T14913] netlink: 'syz.1.3514': attribute type 1 has an invalid length.
[  271.859844][ T9986] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.864857][T14896] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  271.872947][T14892] can0 (unregistered): slcan off ttyS3.
[  271.880952][T14896] EXT4-fs (loop5): orphan cleanup on readonly fs
[  271.890107][T14897] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.3516: Allocating blocks 385-513 which overlap fs metadata
[  271.899779][T14896] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.3517: corrupted inode contents
[  271.909348][T14902] can0: slcan on ttyS3.
[  271.919103][T14896] EXT4-fs (loop5): Remounting filesystem read-only
[  271.929917][T14896] EXT4-fs (loop5): 1 truncate cleaned up
[  271.934481][T14897] EXT4-fs (loop4): pa ffff88810726fd90: logic 16, phys. 129, len 24
[  271.943717][T14897] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  271.956302][ T3468] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  271.967032][ T3468] __quota_error: 131 callbacks suppressed
[  271.967046][ T3468] Quota error (device loop5): write_blk: dquota write failed
[  271.980459][ T3468] Quota error (device loop5): remove_free_dqentry: Can't write block (5) with free entries
[  271.990522][ T3468] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  272.001055][ T3468] Quota error (device loop5): write_blk: dquota write failed
[  272.008461][ T3468] Quota error (device loop5): free_dqentry: Can't move quota data block (5) to free list
[  272.018925][ T3468] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  272.029148][ T3468] Quota error (device loop5): v2_write_file_info: Can't write info structure
[  272.038272][T14891] can0 (unregistered): slcan off ttyS3.
[  272.044210][ T3468] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  272.054922][T14896] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  272.070595][T12158] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.080838][T14896] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.201933][T14931] loop6: detected capacity change from 0 to 512
[  272.218351][T14931] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  272.231136][T14931] ext4 filesystem being mounted at /315/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  272.242431][T14919] loop4: detected capacity change from 0 to 512
[  272.256915][T14919] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  272.265133][T14919] EXT4-fs (loop4): orphan cleanup on readonly fs
[  272.273536][T14919] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.3521: corrupted inode contents
[  272.288884][T14919] EXT4-fs (loop4): Remounting filesystem read-only
[  272.295507][T14919] EXT4-fs (loop4): 1 truncate cleaned up
[  272.302237][ T3468] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  272.312814][ T3468] Quota error (device loop4): write_blk: dquota write failed
[  272.320237][ T3468] Quota error (device loop4): remove_free_dqentry: Can't write block (5) with free entries
[  272.330400][ T3468] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  272.340986][ T3468] Quota error (device loop4): write_blk: dquota write failed
[  272.348570][ T3468] Quota error (device loop4): free_dqentry: Can't move quota data block (5) to free list
[  272.358722][ T3468] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  272.370322][ T9986] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.373358][T14919] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  272.392561][T14919] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.471255][T14940] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  272.478547][T14940] syzkaller0: entered promiscuous mode
[  272.484065][T14940] syzkaller0: entered allmulticast mode
[  272.493371][T14940] tipc: Resetting bearer <eth:syzkaller0>
[  272.500071][T14939] tipc: Resetting bearer <eth:syzkaller0>
[  272.506974][T14939] tipc: Disabling bearer <eth:syzkaller0>
[  272.653066][T14946] loop5: detected capacity change from 0 to 1024
[  272.708608][T14946] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  272.781866][ T3468] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  272.794827][ T3468] EXT4-fs (loop5): This should not happen!! Data will be lost
[  272.794827][ T3468] 
[  272.804742][ T3468] EXT4-fs (loop5): Total free blocks count 0
[  272.810768][ T3468] EXT4-fs (loop5): Free/Dirty block details
[  272.816713][ T3468] EXT4-fs (loop5): free_blocks=20480
[  272.822135][ T3468] EXT4-fs (loop5): dirty_blocks=64
[  272.827308][ T3468] EXT4-fs (loop5): Block reservation details
[  272.833307][ T3468] EXT4-fs (loop5): i_reserved_data_blocks=4
[  273.032495][T14962] __nla_validate_parse: 7 callbacks suppressed
[  273.032512][T14962] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3537'.
[  273.083702][T14963] netlink: 'syz.5.3537': attribute type 1 has an invalid length.
[  273.091714][T14963] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  273.136756][T14963] can0: slcan on ttyS3.
[  273.236904][T14963] can0 (unregistered): slcan off ttyS3.
[  273.456846][T14970] syzkaller0: entered promiscuous mode
[  273.462469][T14970] syzkaller0: entered allmulticast mode
[  273.636546][T14967] loop4: detected capacity change from 0 to 8192
[  273.720928][T14975] loop5: detected capacity change from 0 to 1024
[  273.762906][T14975] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  273.780202][T14967]  loop4: p1 p2[DM] p4
[  273.784417][T14967] loop4: p1 size 196608 extends beyond EOD, truncated
[  273.947757][T14967] loop4: p2 start 4292936063 is beyond EOD, truncated
[  273.954936][T14967] loop4: p4 size 50331648 extends beyond EOD, truncated
[  274.041387][T14985] netlink: 'syz.1.3542': attribute type 10 has an invalid length.
[  274.094168][T14982] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3542'.
[  274.138810][ T3468] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  274.151170][ T3468] EXT4-fs (loop5): This should not happen!! Data will be lost
[  274.151170][ T3468] 
[  274.161181][ T3468] EXT4-fs (loop5): Total free blocks count 0
[  274.167361][ T3468] EXT4-fs (loop5): Free/Dirty block details
[  274.173268][ T3468] EXT4-fs (loop5): free_blocks=20480
[  274.178711][ T3468] EXT4-fs (loop5): dirty_blocks=64
[  274.183830][ T3468] EXT4-fs (loop5): Block reservation details
[  274.189859][ T3468] EXT4-fs (loop5): i_reserved_data_blocks=4
[  274.211023][T14985] tmpfs: Bad value for 'mpol'
[  274.235244][T14987] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  274.242780][T14987] syzkaller0: entered promiscuous mode
[  274.248329][T14987] syzkaller0: entered allmulticast mode
[  274.274350][T14987] tipc: Resetting bearer <eth:syzkaller0>
[  274.286446][T14986] tipc: Resetting bearer <eth:syzkaller0>
[  274.297664][T14986] tipc: Disabling bearer <eth:syzkaller0>
[  274.399401][T14998] loop4: detected capacity change from 0 to 8192
[  274.431009][T15003] loop3: detected capacity change from 0 to 256
[  274.438187][T15003] msdos: Bad value for 'uid'
[  274.442824][T15003] msdos: Bad value for 'uid'
[  274.448840][T14998]  loop4: p1 p2[DM] p4
[  274.450684][T15003] 9pnet_fd: Insufficient options for proto=fd
[  274.459292][T14998] loop4: p1 size 196608 extends beyond EOD, truncated
[  274.476722][T15001] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3550'.
[  274.488606][T14998] loop4: p2 start 4292936063 is beyond EOD, truncated
[  274.495513][T14998] loop4: p4 size 50331648 extends beyond EOD, truncated
[  274.552231][T15009] loop3: detected capacity change from 0 to 1024
[  274.583164][T15009] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  274.584740][T15007] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3551'.
[  274.623709][T15015] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15015 comm=syz.1.3555
[  274.639005][   T57] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  274.651547][   T57] EXT4-fs (loop3): This should not happen!! Data will be lost
[  274.651547][   T57] 
[  274.654713][T15022] netlink: 76 bytes leftover after parsing attributes in process `syz.1.3558'.
[  274.661595][   T57] EXT4-fs (loop3): Total free blocks count 0
[  274.676840][   T57] EXT4-fs (loop3): Free/Dirty block details
[  274.682834][   T57] EXT4-fs (loop3): free_blocks=20480
[  274.688179][   T57] EXT4-fs (loop3): dirty_blocks=64
[  274.692365][T15025] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  274.693390][   T57] EXT4-fs (loop3): Block reservation details
[  274.693407][   T57] EXT4-fs (loop3): i_reserved_data_blocks=4
[  274.713238][T15025] syzkaller0: entered promiscuous mode
[  274.718849][T15025] syzkaller0: entered allmulticast mode
[  274.729871][T15025] tipc: Resetting bearer <eth:syzkaller0>
[  274.737848][T15024] tipc: Resetting bearer <eth:syzkaller0>
[  274.737855][T15027] FAULT_INJECTION: forcing a failure.
[  274.737855][T15027] name failslab, interval 1, probability 0, space 0, times 0
[  274.756494][T15027] CPU: 0 UID: 0 PID: 15027 Comm: syz.3.3557 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  274.756518][T15027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  274.756527][T15027] Call Trace:
[  274.756531][T15027]  <TASK>
[  274.756536][T15027]  __dump_stack+0x1d/0x30
[  274.756548][T15027]  dump_stack_lvl+0xe8/0x140
[  274.756575][T15027]  dump_stack+0x15/0x1b
[  274.756583][T15027]  should_fail_ex+0x265/0x280
[  274.756594][T15027]  should_failslab+0x8c/0xb0
[  274.756606][T15027]  kmem_cache_alloc_noprof+0x50/0x310
[  274.756674][T15027]  ? getname_flags+0x80/0x3b0
[  274.756710][T15027]  getname_flags+0x80/0x3b0
[  274.756730][T15027]  __se_sys_mq_unlink+0x6b/0x260
[  274.756741][T15027]  __x64_sys_mq_unlink+0x1f/0x30
[  274.756751][T15027]  x64_sys_call+0x28ae/0x2ff0
[  274.756774][T15027]  do_syscall_64+0xd2/0x200
[  274.756787][T15027]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  274.756850][T15027]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  274.756862][T15027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.756872][T15027] RIP: 0033:0x7f1c0120ebe9
[  274.756881][T15027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  274.756891][T15027] RSP: 002b:00007f1bffc6f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f1
[  274.756902][T15027] RAX: ffffffffffffffda RBX: 00007f1c01435fa0 RCX: 00007f1c0120ebe9
[  274.757029][T15027] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  274.757035][T15027] RBP: 00007f1bffc6f090 R08: 0000000000000000 R09: 0000000000000000
[  274.757041][T15027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  274.757047][T15027] R13: 00007f1c01436038 R14: 00007f1c01435fa0 R15: 00007ffd9bfd5548
[  274.757056][T15027]  </TASK>
[  274.758367][T15024] tipc: Disabling bearer <eth:syzkaller0>
[  274.778725][T15028] loop6: detected capacity change from 0 to 512
[  274.950557][T15032] syzkaller0: entered promiscuous mode
[  274.956289][T15032] syzkaller0: entered allmulticast mode
[  274.957743][T15028] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  274.970102][T15028] EXT4-fs (loop6): orphan cleanup on readonly fs
[  274.977861][T15028] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.3556: corrupted inode contents
[  274.990070][T15028] EXT4-fs (loop6): Remounting filesystem read-only
[  274.996783][T15028] EXT4-fs (loop6): 1 truncate cleaned up
[  275.002786][ T3468] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  275.013619][ T3468] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  275.024156][ T3468] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  275.149208][T15053] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3566'.
[  275.158169][T15053] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3566'.
[  275.158736][T15052] loop3: detected capacity change from 0 to 256
[  275.174201][T15052] msdos: Bad value for 'uid'
[  275.178942][T15052] msdos: Bad value for 'uid'
[  275.594079][T15052] 9pnet_fd: Insufficient options for proto=fd
[  275.638522][T15062] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3570'.
[  275.640978][T15057] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15057 comm=syz.4.3568
[  275.688862][T15062] netlink: 'syz.6.3570': attribute type 1 has an invalid length.
[  275.697790][T15062] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  275.715013][T15062] can0: slcan on ttyS3.
[  275.756064][T15062] can0 (unregistered): slcan off ttyS3.
[  275.766428][T15062] can0: slcan on ttyS3.
[  275.780221][T15062] netlink: 'syz.6.3570': attribute type 1 has an invalid length.
[  275.788185][T15062] netlink: 224 bytes leftover after parsing attributes in process `syz.6.3570'.
[  275.802414][T15069] netlink: 'syz.4.3572': attribute type 10 has an invalid length.
[  275.836462][T15061] can0 (unregistered): slcan off ttyS3.
[  275.865725][T15076] loop4: detected capacity change from 0 to 1024
[  275.952788][T15076] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  275.991260][   T57] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  276.003858][   T57] EXT4-fs (loop4): This should not happen!! Data will be lost
[  276.003858][   T57] 
[  276.013819][   T57] EXT4-fs (loop4): Total free blocks count 0
[  276.019899][   T57] EXT4-fs (loop4): Free/Dirty block details
[  276.025912][   T57] EXT4-fs (loop4): free_blocks=20480
[  276.031357][   T57] EXT4-fs (loop4): dirty_blocks=64
[  276.036607][   T57] EXT4-fs (loop4): Block reservation details
[  276.042719][   T57] EXT4-fs (loop4): i_reserved_data_blocks=4
[  276.053214][T15078] loop5: detected capacity change from 0 to 512
[  276.060984][T15086] loop6: detected capacity change from 0 to 8192
[  276.077489][T15078] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  276.095792][T15078] EXT4-fs (loop5): orphan cleanup on readonly fs
[  276.118478][T15086]  loop6: p1 p2[DM] p4
[  276.126981][T15078] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.3575: corrupted inode contents
[  276.140445][T15086] loop6: p1 size 196608 extends beyond EOD, truncated
[  276.159687][T15086] loop6: p2 start 4292936063 is beyond EOD, truncated
[  276.166656][T15086] loop6: p4 size 50331648 extends beyond EOD, truncated
[  276.176001][T15078] EXT4-fs (loop5): Remounting filesystem read-only
[  276.182993][T15078] EXT4-fs (loop5): 1 truncate cleaned up
[  276.189170][ T3468] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  276.199986][ T3468] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  276.238259][T15095] loop4: detected capacity change from 0 to 256
[  276.245118][T15095] msdos: Bad value for 'uid'
[  276.249833][T15095] msdos: Bad value for 'uid'
[  276.252596][ T3468] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  276.297649][T15095] 9pnet_fd: Insufficient options for proto=fd
[  276.361983][T15098] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15098 comm=syz.6.3581
[  276.417431][T15104] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3584'.
[  276.467859][T15104] netlink: 'syz.1.3584': attribute type 1 has an invalid length.
[  276.491654][T15104] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  276.510713][T15104] can0: slcan on ttyS3.
[  276.539127][T15100] loop4: detected capacity change from 0 to 512
[  276.547004][T15100] EXT4-fs (loop4): unsupported inode size: 0
[  276.553103][T15100] EXT4-fs (loop4): blocksize: 1024
[  276.556144][T15104] can0 (unregistered): slcan off ttyS3.
[  276.566880][T15104] netlink: 'syz.1.3584': attribute type 1 has an invalid length.
[  276.604643][T15109] loop4: detected capacity change from 0 to 512
[  276.642792][T15109] ext4 filesystem being mounted at /167/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  276.786925][T15120] netlink: 'syz.5.3588': attribute type 1 has an invalid length.
[  276.794743][T15120] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  276.855594][T15122] can0: slcan on ttyS3.
[  276.926082][T15119] can0 (unregistered): slcan off ttyS3.
[  276.937849][T15120] can0: slcan on ttyS3.
[  276.958848][T15119] netlink: 'syz.5.3588': attribute type 1 has an invalid length.
[  277.036045][T15118] can0 (unregistered): slcan off ttyS3.
[  277.157664][T15125] loop5: detected capacity change from 0 to 1024
[  277.198895][T15129] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  277.207659][T15125] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  277.215836][T15132] random: crng reseeded on system resumption
[  277.223783][T15129] syzkaller0: entered promiscuous mode
[  277.234239][T15129] syzkaller0: entered allmulticast mode
[  277.262370][T15129] tipc: Resetting bearer <eth:syzkaller0>
[  277.286831][T15126] tipc: Resetting bearer <eth:syzkaller0>
[  277.304989][ T9518] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  277.317556][ T9518] EXT4-fs (loop5): This should not happen!! Data will be lost
[  277.317556][ T9518] 
[  277.327648][ T9518] EXT4-fs (loop5): Total free blocks count 0
[  277.333669][ T9518] EXT4-fs (loop5): Free/Dirty block details
[  277.339678][ T9518] EXT4-fs (loop5): free_blocks=20480
[  277.345043][ T9518] EXT4-fs (loop5): dirty_blocks=64
[  277.350190][ T9518] EXT4-fs (loop5): Block reservation details
[  277.356286][ T9518] EXT4-fs (loop5): i_reserved_data_blocks=4
[  277.382622][T15126] tipc: Disabling bearer <eth:syzkaller0>
[  277.527540][   T29] kauditd_printk_skb: 332 callbacks suppressed
[  277.527557][   T29] audit: type=1326 audit(1756466536.806:15203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15135 comm="syz.1.3593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb7d2ebe9 code=0x7ffc0000
[  277.557529][   T29] audit: type=1326 audit(1756466536.806:15204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15135 comm="syz.1.3593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb7d2ebe9 code=0x7ffc0000
[  277.698807][T15143] loop5: detected capacity change from 0 to 512
[  277.706723][   T29] audit: type=1326 audit(1756466536.866:15205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15135 comm="syz.1.3593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f4fb7d2ebe9 code=0x7ffc0000
[  277.711850][T15138] loop6: detected capacity change from 0 to 8192
[  277.730676][   T29] audit: type=1326 audit(1756466536.866:15206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15135 comm="syz.1.3593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4fb7d2ec23 code=0x7ffc0000
[  277.761165][   T29] audit: type=1326 audit(1756466536.866:15207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15135 comm="syz.1.3593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f4fb7d2d69f code=0x7ffc0000
[  277.784743][   T29] audit: type=1326 audit(1756466536.866:15208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15135 comm="syz.1.3593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f4fb7d2ec77 code=0x7ffc0000
[  277.812237][   T29] audit: type=1326 audit(1756466536.866:15209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15135 comm="syz.1.3593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4fb7d2d550 code=0x7ffc0000
[  277.836359][   T29] audit: type=1326 audit(1756466536.866:15210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15135 comm="syz.1.3593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f4fb7d2d84a code=0x7ffc0000
[  277.860284][   T29] audit: type=1326 audit(1756466536.866:15211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15135 comm="syz.1.3593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb7d2ebe9 code=0x7ffc0000
[  277.884163][   T29] audit: type=1326 audit(1756466536.866:15212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15135 comm="syz.1.3593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7f4fb7d2ebe9 code=0x7ffc0000
[  277.908964][T15143] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.3592: iget: bad extended attribute block 1
[  277.924640][T15143] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.3592: couldn't read orphan inode 15 (err -117)
[  277.987411][T15138]  loop6: p1 p2[DM] p4
[  277.991811][T15138] loop6: p1 size 196608 extends beyond EOD, truncated
[  278.001141][T15138] loop6: p2 start 4292936063 is beyond EOD, truncated
[  278.008046][T15138] loop6: p4 size 50331648 extends beyond EOD, truncated
[  278.054323][T15149] __nla_validate_parse: 5 callbacks suppressed
[  278.054407][T15149] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3597'.
[  278.105624][T15152] netlink: 'syz.5.3597': attribute type 1 has an invalid length.
[  278.113489][T15152] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  278.131133][T15153] loop3: detected capacity change from 0 to 512
[  278.148200][T15152] netlink: 'syz.5.3597': attribute type 1 has an invalid length.
[  278.156148][T15152] netlink: 224 bytes leftover after parsing attributes in process `syz.5.3597'.
[  278.165506][T15151] loop6: detected capacity change from 0 to 8192
[  278.173210][T15153] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  278.188182][T15153] EXT4-fs (loop3): mount failed
[  278.218369][T15151]  loop6: p2 p3 p4
[  278.222165][T15151] loop6: p2 start 151000334 is beyond EOD, truncated
[  278.228900][T15151] loop6: p3 start 331777 is beyond EOD, truncated
[  278.235511][T15151] loop6: p4 size 263168 extends beyond EOD, truncated
[  278.263358][T15158] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3599'.
[  278.315181][T15163] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  278.340332][T15158] can0: slcan on ttyS3.
[  278.386211][T15158] can0 (unregistered): slcan off ttyS3.
[  278.400156][T15163] can0: slcan on ttyS3.
[  278.419451][T15158] netlink: 224 bytes leftover after parsing attributes in process `syz.5.3599'.
[  278.486567][T15157] can0 (unregistered): slcan off ttyS3.
[  278.894147][T15190] sit0: entered promiscuous mode
[  278.905133][T15190] netlink: 1 bytes leftover after parsing attributes in process `syz.4.3608'.
[  278.997399][T15192] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3609'.
[  279.049521][T15193] validate_nla: 4 callbacks suppressed
[  279.049560][T15193] netlink: 'syz.4.3609': attribute type 1 has an invalid length.
[  279.065707][T15193] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  279.091462][T15192] netlink: 'syz.4.3609': attribute type 1 has an invalid length.
[  279.099341][T15192] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3609'.
[  279.329244][T15195] SELinux: failed to load policy
[  279.386046][T15203] loop4: detected capacity change from 0 to 256
[  279.393115][T15203] msdos: Bad value for 'uid'
[  279.397801][T15203] msdos: Bad value for 'uid'
[  279.409490][T15203] 9pnet_fd: Insufficient options for proto=fd
[  279.430969][T15203] loop4: detected capacity change from 0 to 512
[  279.446895][T15203] EXT4-fs: Ignoring removed orlov option
[  279.462911][T15203] EXT4-fs: Ignoring removed nomblk_io_submit option
[  279.489015][T15203] ext4: Unknown parameter 'fsname'
[  279.531703][T15209] netlink: 'syz.6.3617': attribute type 10 has an invalid length.
[  279.590153][T15219] loop6: detected capacity change from 0 to 2048
[  279.620259][T15214] loop9: detected capacity change from 0 to 7
[  279.626860][T15214] Buffer I/O error on dev loop9, logical block 0, async page read
[  279.634775][T15214] Buffer I/O error on dev loop9, logical block 0, async page read
[  279.642727][T15214]  loop9: unable to read partition table
[  279.644785][T15219] EXT4-fs (loop6): cluster size (2048) smaller than block size (4096)
[  279.649381][T15214] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  279.649381][T15214] 
) failed (rc=-5)
[  279.802529][T15228] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3619'.
[  279.827512][T15222] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3622'.
[  279.899690][T15229] netlink: 'syz.4.3622': attribute type 1 has an invalid length.
[  279.910433][T15229] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  279.931633][T15229] netlink: 'syz.4.3622': attribute type 1 has an invalid length.
[  279.939500][T15229] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3622'.
[  280.296334][T15243] loop6: detected capacity change from 0 to 1024
[  280.303204][T15243] EXT4-fs: Ignoring removed orlov option
[  280.355996][T15243] EXT4-fs: dax option not supported
[  280.486983][T15253] random: crng reseeded on system resumption
[  280.588769][T15255] loop6: detected capacity change from 0 to 512
[  280.628636][T15255] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.3630: iget: bad extended attribute block 1
[  280.659209][T15248] loop3: detected capacity change from 0 to 512
[  280.669848][T15255] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.3630: couldn't read orphan inode 15 (err -117)
[  280.687611][T15248] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  280.697730][T15248] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[  280.778917][T15259] loop6: detected capacity change from 0 to 764
[  280.888966][T15266] netlink: 'syz.3.3632': attribute type 10 has an invalid length.
[  280.917040][T15266] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.918159][T15217] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=886 sclass=netlink_route_socket pid=15217 comm=syz.1.3620
[  280.924511][T15266] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.992359][T15273] loop4: detected capacity change from 0 to 256
[  281.006900][T15273] msdos: Bad value for 'uid'
[  281.011542][T15273] msdos: Bad value for 'uid'
[  281.020519][T15275] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  281.023093][T15273] 9pnet_fd: Insufficient options for proto=fd
[  281.036751][T15275] syzkaller0: entered promiscuous mode
[  281.042313][T15275] syzkaller0: entered allmulticast mode
[  281.077852][T15277] loop4: detected capacity change from 0 to 512
[  281.084838][T15274] tipc: Resetting bearer <eth:syzkaller0>
[  281.098788][T15277] EXT4-fs: Ignoring removed orlov option
[  281.104617][T15277] EXT4-fs: Ignoring removed nomblk_io_submit option
[  281.115261][T15274] tipc: Disabling bearer <eth:syzkaller0>
[  281.121437][T15277] ext4: Unknown parameter 'fsname'
[  281.171811][T15283] 9pnet_fd: Insufficient options for proto=fd
[  281.221711][T15291] loop6: detected capacity change from 0 to 512
[  281.223541][T15289] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  281.243344][T15291] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.3642: iget: bad extended attribute block 1
[  281.244996][T15289] syzkaller0: entered promiscuous mode
[  281.261434][T15289] syzkaller0: entered allmulticast mode
[  281.287979][T15288] tipc: Resetting bearer <eth:syzkaller0>
[  281.294047][T15297] loop4: detected capacity change from 0 to 512
[  281.300402][T15291] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.3642: couldn't read orphan inode 15 (err -117)
[  281.313465][T15288] tipc: Disabling bearer <eth:syzkaller0>
[  281.330850][T15297] ext4 filesystem being mounted at /177/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  281.348870][T15301] netlink: 'syz.5.3645': attribute type 10 has an invalid length.
[  281.377708][T15312] FAULT_INJECTION: forcing a failure.
[  281.377708][T15312] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  281.390957][T15312] CPU: 0 UID: 0 PID: 15312 Comm: syz.1.3648 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  281.390987][T15312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  281.391072][T15312] Call Trace:
[  281.391082][T15312]  <TASK>
[  281.391111][T15312]  __dump_stack+0x1d/0x30
[  281.391135][T15312]  dump_stack_lvl+0xe8/0x140
[  281.391156][T15312]  dump_stack+0x15/0x1b
[  281.391171][T15312]  should_fail_ex+0x265/0x280
[  281.391196][T15312]  should_fail+0xb/0x20
[  281.391217][T15312]  should_fail_usercopy+0x1a/0x20
[  281.391257][T15312]  _copy_from_user+0x1c/0xb0
[  281.391281][T15312]  sctp_setsockopt+0x154/0xe30
[  281.391309][T15312]  sock_common_setsockopt+0x66/0x80
[  281.391391][T15312]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  281.391426][T15312]  __sys_setsockopt+0x184/0x200
[  281.391451][T15312]  __x64_sys_setsockopt+0x64/0x80
[  281.391475][T15312]  x64_sys_call+0x20ec/0x2ff0
[  281.391559][T15312]  do_syscall_64+0xd2/0x200
[  281.391589][T15312]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  281.391618][T15312]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  281.391643][T15312]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.391675][T15312] RIP: 0033:0x7f4fb7d2ebe9
[  281.391700][T15312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  281.391722][T15312] RSP: 002b:00007f4fb6797038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  281.391746][T15312] RAX: ffffffffffffffda RBX: 00007f4fb7f55fa0 RCX: 00007f4fb7d2ebe9
[  281.391762][T15312] RDX: 0000000000000006 RSI: 0000000000000084 RDI: 0000000000000003
[  281.391774][T15312] RBP: 00007f4fb6797090 R08: 0000000000000084 R09: 0000000000000000
[  281.391786][T15312] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  281.391875][T15312] R13: 00007f4fb7f56038 R14: 00007f4fb7f55fa0 R15: 00007ffe5f874448
[  281.391892][T15312]  </TASK>
[  281.582871][T15314] SELinux:  Context � is not valid (left unmapped).
[  281.721466][T15324] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  281.735606][T15324] syzkaller0: entered promiscuous mode
[  281.741233][T15324] syzkaller0: entered allmulticast mode
[  281.754554][T15323] tipc: Resetting bearer <eth:syzkaller0>
[  281.783404][T15323] tipc: Disabling bearer <eth:syzkaller0>
[  282.037538][T15330] loop5: detected capacity change from 0 to 1024
[  282.078535][T15332] loop4: detected capacity change from 0 to 1024
[  282.354780][T15332] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  282.384910][T15343] netlink: 'syz.3.3658': attribute type 1 has an invalid length.
[  282.396425][T15343] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  282.419179][T15342] random: crng reseeded on system resumption
[  282.441978][T15345] can0: slcan on ttyS3.
[  282.517184][T15345] netlink: 'syz.3.3658': attribute type 1 has an invalid length.
[  282.675319][   T57] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  282.687758][   T57] EXT4-fs (loop4): This should not happen!! Data will be lost
[  282.687758][   T57] 
[  282.695410][T15347] syzkaller0: entered promiscuous mode
[  282.697745][   T57] EXT4-fs (loop4): Total free blocks count 0
[  282.702963][T15347] syzkaller0: entered allmulticast mode
[  282.709055][   T57] EXT4-fs (loop4): Free/Dirty block details
[  282.720534][   T57] EXT4-fs (loop4): free_blocks=20480
[  282.725843][   T57] EXT4-fs (loop4): dirty_blocks=64
[  282.731071][   T57] EXT4-fs (loop4): Block reservation details
[  282.737265][   T57] EXT4-fs (loop4): i_reserved_data_blocks=4
[  282.748459][T15330] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  282.774950][   T29] kauditd_printk_skb: 440 callbacks suppressed
[  282.774985][   T29] audit: type=1400 audit(1756466542.046:15652): avc:  denied  { connect } for  pid=15349 comm="syz.4.3660" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  282.802580][   T51] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  282.815488][   T51] EXT4-fs (loop5): This should not happen!! Data will be lost
[  282.815488][   T51] 
[  282.825268][   T51] EXT4-fs (loop5): Total free blocks count 0
[  282.831518][   T51] EXT4-fs (loop5): Free/Dirty block details
[  282.834024][T15351] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  282.834024][T15351] The task syz.4.3660 (15351) triggered the difference, watch for misbehavior.
[  282.837470][   T51] EXT4-fs (loop5): free_blocks=20480
[  282.837490][   T51] EXT4-fs (loop5): dirty_blocks=64
[  282.865825][   T51] EXT4-fs (loop5): Block reservation details
[  282.871819][   T51] EXT4-fs (loop5): i_reserved_data_blocks=4
[  282.889890][T15353] loop5: detected capacity change from 0 to 1024
[  282.916557][T15353] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  282.926099][T15343] can0 (unregistered): slcan off ttyS3.
[  283.024522][   T37] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  283.037167][   T37] EXT4-fs (loop5): This should not happen!! Data will be lost
[  283.037167][   T37] 
[  283.047055][   T37] EXT4-fs (loop5): Total free blocks count 0
[  283.053280][   T37] EXT4-fs (loop5): Free/Dirty block details
[  283.059347][   T37] EXT4-fs (loop5): free_blocks=20480
[  283.064869][   T37] EXT4-fs (loop5): dirty_blocks=64
[  283.070043][   T37] EXT4-fs (loop5): Block reservation details
[  283.076093][   T37] EXT4-fs (loop5): i_reserved_data_blocks=4
[  283.102431][T15363] loop6: detected capacity change from 0 to 512
[  283.110896][T15365] __nla_validate_parse: 2 callbacks suppressed
[  283.110914][T15365] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3667'.
[  283.132000][T15363] ext4 filesystem being mounted at /344/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  283.163844][T15375] netlink: 'syz.3.3667': attribute type 1 has an invalid length.
[  283.174464][T15375] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  283.201858][T15365] can0: slcan on ttyS3.
[  283.246147][T15365] can0 (unregistered): slcan off ttyS3.
[  283.254186][T15381] can0: slcan on ttyS3.
[  283.259910][T15365] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3667'.
[  283.265257][T15381] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3672'.
[  283.330954][T15385] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  283.396085][T15385] can0 (unregistered): slcan off ttyS3.
[  283.407712][T15381] can0: slcan on ttyS3.
[  283.414675][T15381] netlink: 224 bytes leftover after parsing attributes in process `syz.6.3672'.
[  283.475829][T15387] random: crng reseeded on system resumption
[  283.556140][T15380] can0 (unregistered): slcan off ttyS3.
[  283.735735][T15389] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3675'.
[  283.820873][T15389] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  283.843584][T15389] can0: slcan on ttyS3.
[  283.882179][T15395] loop4: detected capacity change from 0 to 512
[  283.897592][T15395] ext4 filesystem being mounted at /182/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  283.908075][T15389] can0 (unregistered): slcan off ttyS3.
[  283.910721][T15398] netlink: 224 bytes leftover after parsing attributes in process `syz.6.3675'.
[  283.970154][   T29] audit: type=1326 audit(1756466543.246:15653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15402 comm="syz.1.3680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb7d2ebe9 code=0x7ffc0000
[  283.994521][   T29] audit: type=1326 audit(1756466543.246:15654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15401 comm="syz.6.3679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b778bebe9 code=0x7ffc0000
[  284.018479][   T29] audit: type=1326 audit(1756466543.246:15655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15402 comm="syz.1.3680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb7d2ebe9 code=0x7ffc0000
[  284.042122][   T29] audit: type=1326 audit(1756466543.246:15656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15402 comm="syz.1.3680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f4fb7d2ebe9 code=0x7ffc0000
[  284.066249][   T29] audit: type=1326 audit(1756466543.246:15657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15402 comm="syz.1.3680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4fb7d2ec23 code=0x7ffc0000
[  284.089855][   T29] audit: type=1326 audit(1756466543.246:15658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15401 comm="syz.6.3679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f0b778bebe9 code=0x7ffc0000
[  284.113465][   T29] audit: type=1326 audit(1756466543.246:15659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15401 comm="syz.6.3679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b778bebe9 code=0x7ffc0000
[  284.137123][   T29] audit: type=1326 audit(1756466543.246:15660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15402 comm="syz.1.3680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f4fb7d2d69f code=0x7ffc0000
[  284.160688][   T29] audit: type=1326 audit(1756466543.246:15661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15401 comm="syz.6.3679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b778bebe9 code=0x7ffc0000
[  284.587376][T15420] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3684'.
[  284.651765][T15432] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3690'.
[  284.703329][T15435] validate_nla: 5 callbacks suppressed
[  284.703348][T15435] netlink: 'syz.1.3690': attribute type 1 has an invalid length.
[  284.705039][T15434] loop5: detected capacity change from 0 to 256
[  284.717560][T15435] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  284.756098][T15434] msdos: Bad value for 'uid'
[  284.758870][T15432] can0: slcan on ttyS3.
[  284.760898][T15434] msdos: Bad value for 'uid'
[  284.780869][T15434] 9pnet_fd: Insufficient options for proto=fd
[  284.816162][T15432] can0 (unregistered): slcan off ttyS3.
[  284.823851][T15432] netlink: 'syz.1.3690': attribute type 1 has an invalid length.
[  284.831672][T15432] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3690'.
[  285.008636][T15446] loop6: detected capacity change from 0 to 512
[  285.028025][T15446] ext4 filesystem being mounted at /350/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  285.056344][T15452] random: crng reseeded on system resumption
[  285.092346][T15442] netlink: 'syz.1.3694': attribute type 10 has an invalid length.
[  285.193561][T15458] loop6: detected capacity change from 0 to 256
[  285.201533][T15457] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3697'.
[  285.221066][T15458] msdos: Bad value for 'uid'
[  285.225781][T15458] msdos: Bad value for 'uid'
[  285.256915][T15458] 9pnet_fd: Insufficient options for proto=fd
[  285.257666][T15460] netlink: 'syz.1.3697': attribute type 1 has an invalid length.
[  285.274524][T15461] loop4: detected capacity change from 0 to 256
[  285.291877][T15460] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  285.297832][T15458] loop6: detected capacity change from 0 to 512
[  285.325298][T15457] can0: slcan on ttyS3.
[  285.334639][T15458] EXT4-fs: Ignoring removed orlov option
[  285.350946][T15458] EXT4-fs: Ignoring removed nomblk_io_submit option
[  285.370327][T15458] ext4: Unknown parameter 'fsname'
[  285.386147][T15457] can0 (unregistered): slcan off ttyS3.
[  285.394257][T15463] loop4: detected capacity change from 0 to 512
[  285.412069][T15460] can0: slcan on ttyS3.
[  285.420217][T15463] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  285.433196][T15465] loop6: detected capacity change from 0 to 1024
[  285.446091][T15457] netlink: 'syz.1.3697': attribute type 1 has an invalid length.
[  285.455917][T15465] EXT4-fs: Ignoring removed orlov option
[  285.462450][T15465] EXT4-fs: dax option not supported
[  285.476582][T15463] EXT4-fs (loop4): 1 truncate cleaned up
[  285.507416][T15455] can0 (unregistered): slcan off ttyS3.
[  285.620924][T15477] loop3: detected capacity change from 0 to 512
[  285.792437][T15485] loop3: detected capacity change from 0 to 512
[  285.821065][T15485] ext4 filesystem being mounted at /112/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  285.966470][T13156] EXT4-fs unmount: 38 callbacks suppressed
[  285.966547][T13156] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.042363][T15492] loop3: detected capacity change from 0 to 256
[  286.058449][T15492] msdos: Bad value for 'uid'
[  286.063102][T15492] msdos: Bad value for 'uid'
[  286.090904][T15492] 9pnet_fd: Insufficient options for proto=fd
[  286.458059][T12158] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.567518][T15515] netlink: 'syz.4.3714': attribute type 1 has an invalid length.
[  286.576563][T15515] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  286.595880][T15515] can0: slcan on ttyS3.
[  286.646098][T15515] can0 (unregistered): slcan off ttyS3.
[  286.657771][T15526] can0: slcan on ttyS3.
[  286.664499][T15515] netlink: 'syz.4.3714': attribute type 1 has an invalid length.
[  286.694686][T15529] loop6: detected capacity change from 0 to 512
[  286.717866][T15529] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  286.730805][T15514] can0 (unregistered): slcan off ttyS3.
[  286.731231][T15529] ext4 filesystem being mounted at /354/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  286.763193][T15532] loop3: detected capacity change from 0 to 512
[  286.788390][T15532] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  286.810611][T15532] EXT4-fs (loop3): orphan cleanup on readonly fs
[  286.819475][T15532] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.3718: corrupted inode contents
[  286.832530][T15532] EXT4-fs (loop3): Remounting filesystem read-only
[  286.839263][T15532] EXT4-fs (loop3): 1 truncate cleaned up
[  286.847894][ T8668] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  286.858860][ T8668] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  286.864720][T15542] loop4: detected capacity change from 0 to 512
[  286.876406][T15542] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  286.888115][ T8668] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  286.899488][T15542] EXT4-fs (loop4): 1 truncate cleaned up
[  286.908779][ T9986] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.909174][T15532] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  286.930804][T15542] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  286.958542][T12158] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.976818][T15532] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.729764][T15570] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=886 sclass=netlink_route_socket pid=15570 comm=syz.5.3730
[  288.114684][T15584] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=886 sclass=netlink_route_socket pid=15584 comm=syz.4.3732
[  288.142286][T15585] __nla_validate_parse: 8 callbacks suppressed
[  288.142306][T15585] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3736'.
[  288.490006][T15598] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3738'.
[  288.750582][T15601] loop5: detected capacity change from 0 to 512
[  288.848578][T15601] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.3741: iget: bad extended attribute block 1
[  288.893596][T15601] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.3741: couldn't read orphan inode 15 (err -117)
[  288.916722][T15601] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  288.939390][   T29] kauditd_printk_skb: 507 callbacks suppressed
[  288.939406][   T29] audit: type=1326 audit(1756466548.216:16163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15603 comm="syz.3.3743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c0120ebe9 code=0x7ffc0000
[  288.969379][   T29] audit: type=1326 audit(1756466548.216:16164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15603 comm="syz.3.3743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c0120ebe9 code=0x7ffc0000
[  288.992996][   T29] audit: type=1326 audit(1756466548.216:16165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15603 comm="syz.3.3743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f1c0120ebe9 code=0x7ffc0000
[  289.016725][   T29] audit: type=1326 audit(1756466548.216:16166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15603 comm="syz.3.3743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1c0120ec23 code=0x7ffc0000
[  289.040194][   T29] audit: type=1326 audit(1756466548.216:16167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15603 comm="syz.3.3743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f1c0120d69f code=0x7ffc0000
[  289.040372][T15605] loop3: detected capacity change from 0 to 256
[  289.078260][T15605] msdos: Bad value for 'uid'
[  289.083028][T15605] msdos: Bad value for 'uid'
[  289.088837][   T29] audit: type=1326 audit(1756466548.296:16168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15603 comm="syz.3.3743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f1c0120ec77 code=0x7ffc0000
[  289.112726][   T29] audit: type=1326 audit(1756466548.316:16169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15603 comm="syz.3.3743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1c0120d550 code=0x7ffc0000
[  289.116229][T15606] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3742'.
[  289.136738][   T29] audit: type=1326 audit(1756466548.316:16170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15603 comm="syz.3.3743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c0120e7eb code=0x7ffc0000
[  289.160030][T15605] 9pnet_fd: Insufficient options for proto=fd
[  289.169207][   T29] audit: type=1326 audit(1756466548.356:16171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15603 comm="syz.3.3743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f1c0120d84a code=0x7ffc0000
[  289.198868][   T29] audit: type=1326 audit(1756466548.356:16172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15603 comm="syz.3.3743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f1c0120d84a code=0x7ffc0000
[  289.199257][T15605] loop3: detected capacity change from 0 to 512
[  289.230908][T15605] EXT4-fs: Ignoring removed orlov option
[  289.236777][T15605] EXT4-fs: Ignoring removed nomblk_io_submit option
[  289.243620][T15605] ext4: Unknown parameter 'fsname'
[  289.257967][ T9023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.271303][T15609] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3742'.
[  289.368292][T15621] netlink: 'syz.3.3745': attribute type 10 has an invalid length.
[  289.383362][T15613] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3745'.
[  289.393231][T15613] bridge_slave_1: left allmulticast mode
[  289.398963][T15613] bridge_slave_1: left promiscuous mode
[  289.404727][T15613] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.417064][T15613] bridge_slave_0: left allmulticast mode
[  289.422753][T15613] bridge_slave_0: left promiscuous mode
[  289.428568][T15613] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.437332][T15621] tmpfs: Bad value for 'mpol'
[  289.444000][T15613] bond0: (slave bridge0): Releasing backup interface
[  289.469152][T15624] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3748'.
[  289.520685][T15625] netlink: 'syz.5.3748': attribute type 1 has an invalid length.
[  289.528560][T15625] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  289.580053][T15626] can0: slcan on ttyS3.
[  289.601013][T15628] loop3: detected capacity change from 0 to 512
[  289.637812][T15628] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  289.647331][T15624] netlink: 'syz.5.3748': attribute type 1 has an invalid length.
[  289.655588][T15624] netlink: 224 bytes leftover after parsing attributes in process `syz.5.3748'.
[  289.666059][T15625] can0 (unregistered): slcan off ttyS3.
[  289.671940][T15628] EXT4-fs (loop3): 1 truncate cleaned up
[  289.700114][T15628] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  289.776577][T15631] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=886 sclass=netlink_route_socket pid=15631 comm=syz.4.3746
[  290.019527][T15645] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3751'.
[  290.071259][T15644] syzkaller0: entered promiscuous mode
[  290.076961][T15644] syzkaller0: entered allmulticast mode
[  290.317429][T15654] netlink: 'syz.4.3755': attribute type 10 has an invalid length.
[  290.347834][T15651] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3755'.
[  290.383420][T15651] tmpfs: Bad value for 'mpol'
[  290.434398][T13156] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.449731][T15656] loop4: detected capacity change from 0 to 256
[  290.466788][T15656] msdos: Bad value for 'uid'
[  290.471513][T15656] msdos: Bad value for 'uid'
[  290.493535][T15656] 9pnet_fd: Insufficient options for proto=fd
[  290.516035][T15656] loop4: detected capacity change from 0 to 512
[  290.530107][T15656] EXT4-fs: Ignoring removed orlov option
[  290.542136][T15656] EXT4-fs: Ignoring removed nomblk_io_submit option
[  290.558019][T15656] ext4: Unknown parameter 'fsname'
[  290.614008][T15662] loop4: detected capacity change from 0 to 256
[  290.627435][T15662] msdos: Bad value for 'uid'
[  290.632126][T15662] msdos: Bad value for 'uid'
[  290.654650][T15662] 9pnet_fd: Insufficient options for proto=fd
[  290.805403][T15668] netlink: 'syz.4.3760': attribute type 10 has an invalid length.
[  290.864905][T15676] loop4: detected capacity change from 0 to 512
[  290.873642][T15676] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  290.890882][T15676] EXT4-fs (loop4): 1 truncate cleaned up
[  290.897367][T15676] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  290.922067][T12158] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.938741][T15674] loop6: detected capacity change from 0 to 8192
[  290.966203][T15674]  loop6: p1 p2[DM] p4
[  290.970473][T15674] loop6: p1 size 196608 extends beyond EOD, truncated
[  290.979088][T15674] loop6: p2 start 4292936063 is beyond EOD, truncated
[  290.985905][T15674] loop6: p4 size 50331648 extends beyond EOD, truncated
[  291.026446][T15682] syzkaller0: entered promiscuous mode
[  291.031331][T15689] loop6: detected capacity change from 0 to 256
[  291.032032][T15682] syzkaller0: entered allmulticast mode
[  291.039007][T15689] msdos: Bad value for 'uid'
[  291.048463][T15687] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3769'.
[  291.048697][T15689] msdos: Bad value for 'uid'
[  291.069826][T15685] syzkaller0: entered promiscuous mode
[  291.075357][T15685] syzkaller0: entered allmulticast mode
[  291.076673][T15689] 9pnet_fd: Insufficient options for proto=fd
[  291.092973][T15689] loop6: detected capacity change from 0 to 512
[  291.100057][T15689] EXT4-fs: Ignoring removed orlov option
[  291.105774][T15689] EXT4-fs: Ignoring removed nomblk_io_submit option
[  291.112562][T15689] ext4: Unknown parameter 'fsname'
[  291.117770][T15690] netlink: 'syz.5.3769': attribute type 1 has an invalid length.
[  291.125528][T15690] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  291.146859][T15687] can0: slcan on ttyS3.
[  291.216200][T15687] can0 (unregistered): slcan off ttyS3.
[  291.227478][T15690] can0: slcan on ttyS3.
[  291.248764][T15687] netlink: 'syz.5.3769': attribute type 1 has an invalid length.
[  291.280665][T15705] SELinux:  Context @ is not valid (left unmapped).
[  291.388684][T15686] can0 (unregistered): slcan off ttyS3.
[  291.487081][T15713] loop6: detected capacity change from 0 to 512
[  291.494377][T15713] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  291.540656][T15713] EXT4-fs (loop6): 1 truncate cleaned up
[  291.547559][T15713] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  291.843398][T15711] netlink: 'syz.5.3777': attribute type 1 has an invalid length.
[  291.851182][T15711] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  291.871208][T15711] can0: slcan on ttyS3.
[  291.916209][T15711] can0 (unregistered): slcan off ttyS3.
[  291.924747][T15711] netlink: 'syz.5.3777': attribute type 1 has an invalid length.
[  291.964446][T15717] loop5: detected capacity change from 0 to 512
[  291.980167][T15717] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  291.993202][T15717] ext4 filesystem being mounted at /381/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  292.054420][ T9023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.099600][T15723] loop5: detected capacity change from 0 to 512
[  292.111859][T15723] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  292.129411][T15723] EXT4-fs (loop5): 1 truncate cleaned up
[  292.135285][T15723] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  292.178137][ T9023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.205475][T15726] syzkaller0: entered promiscuous mode
[  292.211311][T15726] syzkaller0: entered allmulticast mode
[  292.293976][T15728] netlink: 'syz.1.3784': attribute type 10 has an invalid length.
[  292.369838][T15742] loop5: detected capacity change from 0 to 512
[  292.388645][ T9986] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.399918][T15742] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  292.419677][T15742] ext4 filesystem being mounted at /387/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  292.435562][T15752] netlink: 'syz.4.3790': attribute type 1 has an invalid length.
[  292.446181][T15752] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  292.464554][T15746] can0: slcan on ttyS3.
[  292.503821][ T9023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.516192][T15746] can0 (unregistered): slcan off ttyS3.
[  292.529219][T15752] can0: slcan on ttyS3.
[  292.537545][T15746] netlink: 'syz.4.3790': attribute type 1 has an invalid length.
[  292.578943][T15767] loop5: detected capacity change from 0 to 1024
[  292.599332][T15767] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  292.612094][T15745] can0 (unregistered): slcan off ttyS3.
[  292.634383][T15767] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  292.670891][ T9518] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  292.683368][ T9518] EXT4-fs (loop5): This should not happen!! Data will be lost
[  292.683368][ T9518] 
[  292.693256][ T9518] EXT4-fs (loop5): Total free blocks count 0
[  292.699497][ T9518] EXT4-fs (loop5): Free/Dirty block details
[  292.705424][ T9518] EXT4-fs (loop5): free_blocks=20480
[  292.710787][ T9518] EXT4-fs (loop5): dirty_blocks=64
[  292.716003][ T9518] EXT4-fs (loop5): Block reservation details
[  292.722395][ T9518] EXT4-fs (loop5): i_reserved_data_blocks=4
[  292.735405][ T9023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.964243][T15787] loop4: detected capacity change from 0 to 1024
[  292.995267][T15787] EXT4-fs: Ignoring removed orlov option
[  293.022345][T15787] EXT4-fs: dax option not supported
[  293.138959][T15789] loop4: detected capacity change from 0 to 512
[  293.157628][T15789] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.171621][T15789] ext4 filesystem being mounted at /214/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  293.227143][T12158] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.251527][T15797] loop5: detected capacity change from 0 to 512
[  293.258315][T15797] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  293.269401][T15797] EXT4-fs (loop5): 1 truncate cleaned up
[  293.275213][T15797] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.296190][ T9023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.314665][T15801] __nla_validate_parse: 19 callbacks suppressed
[  293.314677][T15801] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3807'.
[  293.357691][T15801] netlink: 'syz.5.3807': attribute type 1 has an invalid length.
[  293.365477][T15801] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  293.387803][T15801] can0: slcan on ttyS3.
[  293.404872][T15803] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3805'.
[  293.436941][T15801] can0 (unregistered): slcan off ttyS3.
[  293.438519][T15808] loop4: detected capacity change from 0 to 512
[  293.445826][T15801] can0: slcan on ttyS3.
[  293.451990][T15808] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  293.458573][T15801] netlink: 224 bytes leftover after parsing attributes in process `syz.5.3807'.
[  293.475322][T15808] EXT4-fs (loop4): 1 truncate cleaned up
[  293.482010][T15808] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.526176][T15800] can0 (unregistered): slcan off ttyS3.
[  293.577945][T15819] loop5: detected capacity change from 0 to 512
[  293.585790][T15819] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  293.602062][T15819] EXT4-fs (loop5): 1 truncate cleaned up
[  293.616483][T15819] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.664052][T15808] ==================================================================
[  293.672190][T15808] BUG: KCSAN: data-race in filemap_write_and_wait_range / xas_set_mark
[  293.680655][T15808] 
[  293.683086][T15808] write to 0xffff88811a06fb04 of 4 bytes by task 15815 on cpu 1:
[  293.690903][T15808]  xas_set_mark+0x12b/0x140
[  293.695444][T15808]  __folio_start_writeback+0x1dd/0x440
[  293.700946][T15808]  ext4_bio_write_folio+0x5ad/0x9f0
[  293.706192][T15808]  mpage_process_page_bufs+0x4a1/0x620
[  293.708820][T15814] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3812'.
[  293.711757][T15808]  mpage_prepare_extent_to_map+0x786/0xc00
[  293.711786][T15808]  ext4_do_writepages+0xa05/0x2750
[  293.731733][T15808]  ext4_writepages+0x176/0x300
[  293.736511][T15808]  do_writepages+0x1c3/0x310
[  293.741124][T15808]  file_write_and_wait_range+0x156/0x2c0
[  293.746896][T15808]  generic_buffers_fsync_noflush+0x45/0x120
[  293.752817][T15808]  ext4_sync_file+0x1ab/0x690
[  293.757869][T15808]  vfs_fsync_range+0x10d/0x130
[  293.762727][T15808]  ext4_buffered_write_iter+0x34f/0x3c0
[  293.768350][T15808]  ext4_file_write_iter+0xdbf/0xf00
[  293.773747][T15808]  iter_file_splice_write+0x663/0xa60
[  293.779204][T15808]  direct_splice_actor+0x153/0x2a0
[  293.784320][T15808]  splice_direct_to_actor+0x30f/0x680
[  293.789718][T15808]  do_splice_direct+0xda/0x150
[  293.794499][T15808]  do_sendfile+0x380/0x650
[  293.798935][T15808]  __x64_sys_sendfile64+0x105/0x150
[  293.804137][T15808]  x64_sys_call+0x2bb0/0x2ff0
[  293.808823][T15808]  do_syscall_64+0xd2/0x200
[  293.813943][T15808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.819837][T15808] 
[  293.822158][T15808] read to 0xffff88811a06fb04 of 4 bytes by task 15808 on cpu 0:
[  293.829795][T15808]  filemap_write_and_wait_range+0xfc/0x340
[  293.835697][T15808]  filemap_invalidate_pages+0xa4/0x1a0
[  293.841331][T15808]  kiocb_invalidate_pages+0x6e/0x80
[  293.846617][T15808]  __iomap_dio_rw+0x5d4/0x1250
[  293.851478][T15808]  iomap_dio_rw+0x40/0x90
[  293.855810][T15808]  ext4_file_write_iter+0xad9/0xf00
[  293.861279][T15808]  iter_file_splice_write+0x663/0xa60
[  293.866651][T15808]  direct_splice_actor+0x153/0x2a0
[  293.871851][T15808]  splice_direct_to_actor+0x30f/0x680
[  293.877221][T15808]  do_splice_direct+0xda/0x150
[  293.881987][T15808]  do_sendfile+0x380/0x650
[  293.886410][T15808]  __x64_sys_sendfile64+0x105/0x150
[  293.891613][T15808]  x64_sys_call+0x2bb0/0x2ff0
[  293.896382][T15808]  do_syscall_64+0xd2/0x200
[  293.900894][T15808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.906874][T15808] 
[  293.909390][T15808] value changed: 0x0a000021 -> 0x04000021
[  293.915105][T15808] 
[  293.917428][T15808] Reported by Kernel Concurrency Sanitizer on:
[  293.923573][T15808] CPU: 0 UID: 0 PID: 15808 Comm: syz.4.3809 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  293.933465][T15808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  293.943548][T15808] ==================================================================
[  293.955318][ T9023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.986173][   T29] kauditd_printk_skb: 521 callbacks suppressed
[  293.986191][   T29] audit: type=1326 audit(1756466553.266:16694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15813 comm="syz.3.3812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1c01205ba7 code=0x7ffc0000
[  294.021686][   T29] audit: type=1326 audit(1756466553.296:16695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15813 comm="syz.3.3812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1c011aade9 code=0x7ffc0000
[  294.045431][   T29] audit: type=1326 audit(1756466553.296:16696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15813 comm="syz.3.3812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1c01205ba7 code=0x7ffc0000
[  294.069097][   T29] audit: type=1326 audit(1756466553.296:16697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15813 comm="syz.3.3812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1c011aade9 code=0x7ffc0000
[  294.092789][   T29] audit: type=1326 audit(1756466553.296:16698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15813 comm="syz.3.3812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c0120ebe9 code=0x7ffc0000
[  294.116598][   T29] audit: type=1326 audit(1756466553.296:16699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15813 comm="syz.3.3812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c0120ebe9 code=0x7ffc0000
[  294.140722][   T29] audit: type=1326 audit(1756466553.416:16700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15813 comm="syz.3.3812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1c01205ba7 code=0x7ffc0000
[  294.164614][   T29] audit: type=1326 audit(1756466553.416:16701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15813 comm="syz.3.3812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1c011aade9 code=0x7ffc0000
[  294.188211][   T29] audit: type=1326 audit(1756466553.416:16702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15813 comm="syz.3.3812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c0120ebe9 code=0x7ffc0000
[  294.285749][T12158] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.