last executing test programs:

2m7.207105104s ago: executing program 3 (id=10):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x10000}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}, @IFLA_IFALIASn={0x4}, @IFLA_IFALIASn={0x4}]}, 0x3c}, 0x1, 0x0, 0xffffffffffffffea, 0x20000040}, 0x0)

2m7.088384691s ago: executing program 3 (id=13):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x1, {0x0, 0x0, 0x0, 0x0, {0x0, 0x4}, {0xffff, 0xffff}, {0x0, 0x4}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x42b8e4e1, 0xfffffffa, 0x6}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000}, 0x2008000)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = epoll_create1(0x80000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)={0x20000006})
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000100)={0x20000014})
epoll_pwait(r2, &(0x7f00000001c0)=[{}, {}], 0x2, 0x204, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c0000001800dd8d000000000000000002000000000000060000000006001500"], 0x3c}}, 0x8000)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x8000)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000480)={0x40, 0x1, 0x2, 0x201, 0x0, 0x0, {0x2, 0x0, 0x1}, [@CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x4}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x5e2d6d5161ffdb78}}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x20049804}, 0x200000c4)
r6 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000001c00)=@raw={'raw\x00', 0x3c1, 0x3, 0x360, 0x0, 0x12, 0x60a, 0x0, 0x202, 0x290, 0x2e8, 0x2e8, 0x290, 0x2c0, 0x4, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth1_to_bond\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1c0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "6b3100000000000617ae5119b5135c2aee68cc3a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dfed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b500", 0x2}}, @common=@inet=@socket2={{0x28}, 0x48}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3c0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1218, &(0x7f00000005c0)="$eJzs3M9rHGUYB/AnsbZNan6otdqC+KIXvQxJDl70EiQF6YLSNkIrCFMz0SXjbsgsgRWxevLqX+FBBBG8CeJNL7n4HwjecvFYQXylu2lrululom4Jn89l3+V9v7PPwy4D7zIz+y9/+t7WZlNslr2YnpqK6e2IdCNFium45aN44aXvf3j60pWrF1ZbrbWLKZ1fvbz8Ykpp/plv3/zgi2e/65164+v5b07E3uJb+7+s/Lx3Zu/s/u+X3203qd2kTreXynSt2+2V1+oqbbSbrSKl1+uqbKrU7jTVzqH5zbq7vd1PZWdjbnZ7p2qaVHb6aavqp1439Xb6qXynbHdSURRpbja4f8duj9Y/v5Fzjsj54TgeOec8HxGn4pGYi/lYiMV4NB6Lx+N0PBFn4sl4Kr766cv+zQQAAAAAAAAAAAAAAAAAAADw77n7/v+ZmP3L+//PDlZNumoAAAAAAAAAAAAAAAAAAAA4Wi5duXphtdVau5jSyYj6k9313fXh63B+dTPaUUcVS7EQv0Xkz/KBGDwJ4PyrrbWlNLAYH9fXD/LXd9cfOpxfHjxOIHIezS8P8+lwfuZWicP8SizE6cH7kfzK2PzJeP65P31+EQvx49vRjTo2Bge5k/9wOaVXXmvdlT83WAcAAABHQZFuG7t/L4p7zQ/zI/8PjNnfL43Zn9/Mnjs20daJiKb//lZZ19WOwQM/OD7ZMn7NOf/Nmpkj+4u6d18nIuIfH3kqIh6MBkcGByeI6QmfoPhP3fnSJ10JAAAAAAAAAAAA9+P/uJxw0j0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAf7MCxAAAAAIAwf+s0OjYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCrAAAA//+EwM1v")
r7 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x143042, 0x26)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000200), 0xffffffffffffffff)
r10 = syz_genetlink_get_family_id$nbd(&(0x7f0000000500), r8)
sendmsg$NBD_CMD_RECONFIGURE(r8, &(0x7f0000001840)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001800)={&(0x7f0000000540)={0x48, r10, 0x220, 0x70bd26, 0x25dfdbfe, {}, [@NBD_ATTR_SOCKETS={0x1c, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r7}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r7}}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x5}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x9}]}, 0x48}, 0x1, 0x0, 0x0, 0x84}, 0x4c044)
sendmsg$NLBL_CALIPSO_C_ADD(r8, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x88100006}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r9, 0x4, 0x70bd2c, 0x25dfdbfd, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x8844}, 0x20048811)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000500000/0x2000)=nil, 0x2000, 0x17)
pwritev2(r7, &(0x7f0000000280)=[{&(0x7f0000000480)="18", 0x1}], 0x1, 0x7ff, 0x5, 0x0)

2m6.5894329s ago: executing program 3 (id=18):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_opts(r0, 0x0, 0x9, 0x0, &(0x7f0000001140))
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x3a)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x2, 0x80805, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
creat(&(0x7f0000000240)='./file1\x00', 0x0)
r1 = open(&(0x7f0000000280)='.\x00', 0x20000, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(r1, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
mbind(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4006, &(0x7f0000000080)=0xc, 0x6, 0x2)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r4)
sendmsg$NFC_CMD_LLC_SET_PARAMS(0xffffffffffffffff, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000001100)={0x2c, r5, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x45c}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0xc}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000001}, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x79, 0x11, 0xa8}, [@ldst={0x6, 0x3}], {0x95, 0x0, 0xc00}}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x94)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="5800000010000100"/20, @ANYRES32=0x0, @ANYBLOB="5d5b0000c748aa0b1c001a8018000a80140007002001000000000000000000000000000014003500776731"], 0x58}}, 0x0)

2m6.057614201s ago: executing program 3 (id=21):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x32, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0xcefc, 0x0, 0x0, 0x0, 0x662}, @alu={0x7, 0x0, 0x6, 0x4, 0x9, 0x30, 0x4}, @jmp={0x5, 0x0, 0x0, 0xa, 0x8, 0x6, 0x1}, @jmp={0x5, 0x1, 0x1e, 0x6, 0x3, 0xfffffffffffffffc, 0x8}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='syzkaller\x00', 0x8, 0x16, &(0x7f0000000240)=""/22, 0x40f00, 0x42, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0xa, 0x4}, 0x8, 0x10, &(0x7f00000002c0)={0x4, 0xf, 0x1, 0xfffffff9}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000300)=[0x1, 0xffffffffffffffff, 0x1], 0x0, 0x10, 0x3}, 0x94)
preadv2(r0, &(0x7f0000000640)=[{&(0x7f0000000440)=""/231, 0xe7}, {&(0x7f0000000000)=""/24, 0x18}, {&(0x7f0000000540)=""/241, 0xf1}], 0x3, 0x4, 0x2, 0x9) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) (async)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) (async)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0) (async)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0) (async)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x2125099, 0x0) (async)
mount$bind(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='devpts\x00', 0x1010401, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000026c0)={0x10, 0x4, &(0x7f0000000700)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)

2m6.008673604s ago: executing program 3 (id=24):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000380)={[{@acl}]}, 0x1, 0x561, &(0x7f0000000f80)="$eJzs3U1rG0cfAPD/ylbenycOhNCWUgw9NCWNHNt9SaGH9NyGBtp7KuyNCZajYMkhdgNNDs25hF5KA6X30nOPoV+gh36GQBsIJZj20IvLyivFL5ItJ7KtVL8frJnZXWl2NPsfz2gkFMDAGs3+FCJejoivk4jjEZHkx4YjPzi6et7yk1tT2ZbEysqnfyaN87J887majzuaZ16KiF++ijhT2FxubXFptlyppPN5fqw+d32strh09upceSadSa9NTE6ef2dy4v333u1ZXd+89Pe3nzwYynMn7iVxIY7lubX1eA6312ZGYzR/TYpxYcOJ4z0orJ8kbff+tOfXwc4M5XFejKwPOB5DedQD/31fRsQKMKCSHcf/b8XduRJgbzXHAc25fY/mwS+Mxx+uToA213949b2RONSYGx1ZTtbNjLL57kgPys/K+PmP+/eyLXr3PgTAtm7fiYhzw8Ob+78k7/+e3bkuztlYhv4P9s6DbPzzVrvxT6E1/ok245+jbWL3WWwf/4VHPSimo2z890Hb8W9r0WpkKM/9rzHmKyZXrlbSrG/7f0ScjuLBLL/Ves755YcrnY6tHf9lW1Z+cyyYX8ej4YPrHzNdrpefp85rPb4T8Urb8W/Sav+kTftnr8elLss4ld5/rdOx7eu/u1Z+iHijbfs/XdFKtl6fHGvcD2PNu2Kzv+6e+rVT+ftd/6z9j2xd/5Fk7XptbedlfH/onzRa68nrrat/dH//H0g+a6QP5Ptuluv1+fGIA8nHrf2F5v6Jp49t5pvnZ/U//frW/V+7+/9wRHzeZf3vnvzx1U7H+qH9p9u2f2t2u6H9d554+NEX33Uqv7v+7+1G6nS+p5v+r9sLfJ7XDgAAAAAAAPpNISKORVIotdKFQqm0+vmOk3GkUKnW6meuVBeuTUfju7IjUSw0V7qPr/k8xHi+YtjMT2zIT0bEiYj4ZuhwI1+aqlam97vyAAAAAAAAAAAAAAAAAAAA0CeOdvj+f+b3of2+OmDX+clvGFzbxn8vfukJ6Ev+/8PgEv8wuMQ/DC7xD4NL/MPgEv8wuMQ/DC7xDwAAAAAAAAAAAAAAAAAAAAAAAAAAAD116eLFbFtZfnJrKstP31hcmK3eODud1mZLcwtTpanq/PXSTLU6U0lLU9W57Z6vUq1eH5+IhZtj9bRWH6stLl2eqy5cq1++OleeSS+nxT2pFQAAAAAAAAAAAAAAAAAAALxYaotLs+VKJZ2XkHimxHB/XIZEjxP73TMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFP/BgAA//9q6zMB")
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r1, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000440)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x129c81, 0x0)
write$binfmt_aout(r3, &(0x7f00000001c0)=ANY=[], 0xff2e)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$TCSETS(r3, 0x40045431, &(0x7f00000000c0)={0x0, 0x5, 0x400007f, 0x4000006, 0x2, "42341f9b1000007e4f00"})
r4 = syz_open_pts(r3, 0x103100)
dup3(r4, r3, 0x0)
splice(r3, 0x0, r2, 0x0, 0x7ffff000, 0x0)

2m4.486636133s ago: executing program 3 (id=56):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10)
pipe(&(0x7f0000000500)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f00000005c0)='fd', 0x0, r1)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffdffffe, 0x2, @perf_bp={0x0, 0x8}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x1c161, 0x10000, 0x0, 0x6, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000180)=ANY=[@ANYBLOB="851000000400000095000000001f000018000000000000000000000000000000950000000000000085100000fcffffff95"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)

2m4.390139149s ago: executing program 32 (id=56):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10)
pipe(&(0x7f0000000500)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f00000005c0)='fd', 0x0, r1)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffdffffe, 0x2, @perf_bp={0x0, 0x8}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x1c161, 0x10000, 0x0, 0x6, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000180)=ANY=[@ANYBLOB="851000000400000095000000001f000018000000000000000000000000000000950000000000000085100000fcffffff95"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)

1m40.431178881s ago: executing program 0 (id=578):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0x6, 0x3, &(0x7f00000006c0)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1}, 0x80)
io_setup(0xbf3, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0x9}, 0x6000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r3)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = socket(0x1, 0x5, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1d459d, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x183, 0x6}, 0x110cc0, 0x91d, 0xf, 0x0, 0x6, 0x1, 0x8001, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000500)={0xe000200c})
epoll_ctl$EPOLL_CTL_MOD(r7, 0x3, r6, &(0x7f00000001c0)={0x80000002})
openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x410682, 0x24)
bind$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x1, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002d80)={r2, r1, 0x25, 0x8, @void}, 0x10)

1m40.191908155s ago: executing program 0 (id=587):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000ffffff7fffffffff180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000feffffff850000007100000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1m40.140999798s ago: executing program 0 (id=589):
r0 = socket$netlink(0x10, 0x3, 0x9)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000001000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000004c0), 0xfe, 0x269, &(0x7f0000000200)="$eJzs3b1rJGUcB/Df7EvWmBCiNja+gIhoIMRCEGy0UQhIEBFBhYiIlSRCTNqslY2FvUoqmyB2RkuxCTb3B+TuUuSaa8IVF+7grthjZnaPzWZDXvZljsznA7szz87ztrDfZyeQmQ2gtGYj4t2IqEbEXETUIyLprvBy/phtF7cmd5cjWq2P7yRZvbyc67SbiohmRLwdUesc29j5/ODe3gev/bRef/X3nc8mx/X+uh0e7H949NvSj38tvrlRab823d52v49hSvq8Vksinh3FYE+IpFb0DDifP6+nuX8uIl7J8l+PSjuyP69N/FePN37t327iaLzzBEah1aqn34HNFlA6lewcOKnMR0S+X6nMz+fn8DeqSXy7uvb93Der6ytfF71SAUOQNPO/e/ff/6fx91RP/m9X8/yfy1sjnikwEmn+P/lo+2a6f1QtejbAWLyQb9L8z325+XrIP5SO/EN5yT+Ul/zDFXDJ7Mo/lJf8Q3nJP1xh9c5Os+/hwfN/v/0fhJefIjBuM9mz738or578F3I9LlCM7vwDAOXSahR8ATJQmKLXHwAAAAAAAAAAAAAAAAAA4KStyd3lzmNcY/7/S8ThexFROz5+IztazX6POOKp7Pnpu0la7bEkbzaQL14asIMB/THkq6+XGherP3NruONf1LUXR9PvD8eLp97bbnMloplWXqjVTn7+k/bn70yn9v/MGQ3rX51vgGFJesrvfDre8Xs93C52/MW9iH/T9Weh3/pXieezbf/1Z7r7FsuX9N2DATsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgbB4FAAD//1eqcO0=")
r1 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0xc, &(0x7f0000000640)=0x7, 0x4)
sendmsg$netlink(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000003740)=ANY=[@ANYBLOB="240000001200010027bd1e00000500001043"], 0x24}], 0x1, 0x0, 0x0, 0x44005}, 0x4000800)
io_setup(0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r2 = inotify_init()
inotify_add_watch(r2, &(0x7f0000000200)='./file0\x00', 0x20000900)
setxattr$incfs_metadata(&(0x7f0000000f80)='./file0\x00', &(0x7f0000000fc0), 0x0, 0x0, 0x0)
getpeername(r0, &(0x7f0000000100)=@sco={0x1f, @none}, &(0x7f0000000040)=0x80)
socket$nl_netfilter(0x10, 0x3, 0xc)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000480)={0x7, &(0x7f0000000180)=[{0xb122, 0xc, 0x9, 0x96}, {0x1000, 0x7, 0x7, 0x23}, {0x9, 0x40, 0x3b, 0x4}, {0x7f, 0x9, 0x5}, {0x45d, 0x6, 0xc, 0x6}, {0x3, 0x3c, 0x0, 0x7fffffff}, {0x2, 0x8, 0x6, 0x3}]})
r3 = open(&(0x7f0000000000)='./file1\x00', 0x109042, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000500)}, {&(0x7f0000000540)=""/87, 0x57}], 0x2, &(0x7f0000000680)=[@cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x58}, 0x2040)
fcntl$addseals(r3, 0x409, 0x8e3652a1e0b94d91)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={{0x14, 0x3ea}, [], {0xe, 0x3e9, 0x1, 0x0, 0x0, {0x3}}}, 0x28}, 0x1, 0x0, 0x0, 0x44840}, 0x4000807)

1m40.098605391s ago: executing program 0 (id=591):
execveat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x100)
syz_clone3(&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x2}, 0xa0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x1, @perf_config_ext={0x5, 0x6}, 0x120, 0x10000, 0xbac, 0x1, 0x8, 0x20007, 0xb, 0x0, 0x0, 0x0, 0x1800000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mbind(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x1, 0x0, 0x1ff, 0x3) (async)
mbind(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x1, 0x0, 0x1ff, 0x3)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x207, &(0x7f0000000000), 0x1, 0x469, &(0x7f0000000100)="$eJzs3M9vFFUcAPDv7G5BfnZF/AGiomgk/mhpQeXgRRMTD5qY6AGPtRSCLNTQmghpbDEELyZKwt2YeDHxL/DkiagnE694NyTEcAE9rRl2dtlud8u2u91t3c8nGfpe9+2+73dm3s6bGaYBDKz96T9JxPaIuB4RwxGRq2+wpbKk7e7cmpv859bcZBLl8vt/J+nb4vatuclq0yT7ua1SKaQflLuURLFJvzPnL5yeKJWmzmX10dkzn4zOnL/w8qkzEyenTk6dHT969MjhsddeHX+lK3mmMd3e+/n0vj1vf3jl3cljVz769cdKvOXy1WuHFuXRHUMRMVdbJ42e625nfbejrpwU+hgIK7I5IgrZ3no9hiN/aWftteF464u+BgesqXK5XB5v/fJCGfgfS6LfEQD9UT3Qp+e/1aVHU4914eYblROgNO872VJ5pRAXszZDDee33bQ/Io4t/PttukTD9RQAgLXwczr/eanJ/K8Y8Uhdu53ZvaFiRDwYEbsi4qGI2B0RD0el7aMR8dgK+9/fUF86/8ndWF1m7Unnf69n97YWz/9qd8GK+ay2427+Q8mJU6WpQ9k6ORhDm9P6WNNPTyIW0p9/fN2q//r5X7qk/VfnglkcNwqbF7/n+MTsRMeJZ25ejNhbaJZ/EoV7WcSeiNi7yj5OvfDDvsW/yddK989/GV24z1T+LuL5yvZfiIb8q5Ll70+OPhClqUOj1b1iqd9+v/xeq/47yr8L0u2/ten+X8u/mNTfr51Z8hGb7tfH5T+/bHlOs9r9f1PywaLOP5uYnT03FrEpeWfp7+sucFfr1fZp/gcPNB//u+Lemng8ItKd+ImIeDIinspifzoinomIA8vk/8ubz368+vzXVpr//Iq2/8oL+dPXfmrVf3vb/0i1cjeodr7/2g2wk3UHAAAAG0UuIrZHkhuplXO5kZHK/5ffHVtzpemZ2RdPTH969njlGYFiDOWqV7qG666HjmXXhqv18aw+n9UPZ9eNr+a33K2PTE6Xjvc7eRhw21qM/9Rf+X5HB6w5z2vB4DL+YXCtfvz75oCN7j6jONerOIDecxSHwdVs/M/3IQ6g9xz/YXDVxv83bTSue9yr8eFNYONx/IfBZfzDQOrkuf51UYjvI5Zvk6yXUFdU+KqTtxd6EGHk1seK6mFhPB/RxzAK7f5Vizhfnu+4035/MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTHfwEAAP//qO7n/A==")
accept4$inet6(r0, &(0x7f0000000640)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000580)=0x1c, 0x0) (async)
accept4$inet6(r0, &(0x7f0000000640)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000580)=0x1c, 0x0)
r1 = socket(0x2b, 0x80801, 0x1)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0) (async)
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x7, 0x1, &(0x7f0000000280), &(0x7f0000048000)=0x1, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e24, 0x80ab, @empty, 0x1}, 0x1c)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='mountinfo\x00') (async)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='mountinfo\x00')
lseek(r2, 0x10001, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="200000001a000d0000000080fddbdf250a8080000000000034630908020008801f0a992192ae0c6da968df8f4d5e2e3af6840c3e683d0ad844c30d5b1336261c575b443b98f8331381896644f2dfc600c02268c857eae4672129d694f40b7ee6448c7da9ce34d628020d7b911afcd620295c8491ee5b63c744a9ac1ef988e01610bfc4ed844689430e1078d23438050d415c2d21ccc399ffd7da083aac9510000000002888c6bf674111bea3197e5321ec390128e22147c4ab8037c71e64d3024b95ad8af12beb23125054aa2df8b188d4142cae9cc0a04a47cabe17"], 0x20}}, 0x20000050)
syz_open_dev$mouse(&(0x7f0000000600), 0x3, 0x40)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeea, 0x8031, 0xffffffffffffffff, 0x85494000)
mremap(&(0x7f0000a01000/0x4000)=nil, 0x4000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) (async)
mremap(&(0x7f0000a01000/0x4000)=nil, 0x4000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f00009a1000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000fef000/0x4000)=nil)
mremap(&(0x7f0000678000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f000084c000/0x3000)=nil) (async)
mremap(&(0x7f0000678000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f000084c000/0x3000)=nil)
io_uring_setup(0x780, 0x0) (async)
io_uring_setup(0x780, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x200040, &(0x7f00000004c0)=ANY=[@ANYBLOB="64656275672c757466383d312c757466383d302c757466383d312c73686f72746e616d653d77696e39352c636865636b3d7374726963742c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c002bc08d8cca74e8ecafb48437094fe1a4a2383bd9d85bff653f3440fb21c877da1d1101fd722e01b9b5d22f08b5fc0ac7cbf33fb553a90ae4d01d71ddeeb089f517aeaaa271899287d5b8949b22b23c2807b7d81714b89e9682f6c3faa6107733a77a4cf985560ed64ec24e255dee3654aa2ba55be4bf3ae257adba34bed8e32e4122bb46aa57a75dab0288098e42f886f09b4a7e7dac3c3000"/252, @ANYRES64=0x0], 0x3, 0x263, &(0x7f0000000600)="$eJzs2s9rHGUYB/Bn05ZuWtJd8RctiC96UC9Lk7OHFokgBhQ1QhWkUzPRNeNuyCyBFTE56dU/wbN49CZIj15y8S/w4C2XHHsQRyaziUkstPgjW+Lnc0ge5p0v8868y8szy+6+/PWna6tlbzUbxUyrFTM3YjvutaIbM3FgO1564dZPz7x9673Xby4ttSdHF1JKV5798f3Pv3vu7ujyu99f+eFi7HQ/2N1b+HXnqZ2ru7+/83G/TP0yDYajlKU7w+Eou1PkaaVfrvVSerPIszJP/UGZbxwbXy2G6+vjlA1W5i6tb+RlmbLBOK3l4zQaptHGOGUfZf1B6vV6ae5S8E8sf3uvqmKvunA7qqqa/SYu3425X6ITrcdS6/EbrSdvt57ebl3dq6rOyejsdGbMv+tvrz9nwmRTX3wrpXZE8dXm8uZy878ebcfN1ehHEXlcj9n4LeqPyURTv/ra0uL1tK8bXxZbk/zW5vKFg0s0+fnoRPf++fkmnw7yFyOi/lvv7ofXX4hOPHH//MKJfHP9drz4/JF8Lzrx84cxjCJWos7G1mR+i1/Mp/TKG0sn8tf2zwMAOGt66VDdv52rXwqb/udcM947Nn6kP2ryR/rDzgP6wxP91fm4dn66905EOf5sLSuKfKN+wdsvDo/8X4vZo4/lYYqDr0L+u4nNHFuzv5zTjUfk0SnOThHxyVR2JE7Tn4v+wFPbpzIhAAAAAAAAAAAAHspp/Jxw2vcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA82v4IAAD//1jpvxo=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r4, &(0x7f0000000180)='./bus\x00', 0x0) (async)
mkdirat(r4, &(0x7f0000000180)='./bus\x00', 0x0)
renameat2(r4, &(0x7f0000000380)='./file0\x00', r4, &(0x7f0000000200)='./bus/file0\x00', 0x0)
socket$rxrpc(0x21, 0x2, 0xa)

1m39.786690679s ago: executing program 0 (id=598):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a00"], 0xb8}, 0x1, 0x0, 0x0, 0x4000015}, 0x2c000010)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, {0xfffffffffffffffd}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0xb8}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="b8000000140001000000000000004000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a0000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffff800800000000fbffffffffffffff00000000000000000000000000000000000000000000000200"/112], 0xb8}}, 0x2c000010)

1m39.44143725s ago: executing program 0 (id=611):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r0, 0x8, 0x0, 0x300, 0x10, &(0x7f0000000200), 0x1}, 0x6d)

1m39.400692142s ago: executing program 33 (id=611):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r0, 0x8, 0x0, 0x300, 0x10, &(0x7f0000000200), 0x1}, 0x6d)

2.463876466s ago: executing program 1 (id=2315):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x1, 0xf0, 0x4}, 0xfe}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}, 0x4048081)
recvmsg$can_j1939(r1, &(0x7f00000004c0)={&(0x7f0000000240)=@caif=@rfm, 0x80, &(0x7f0000000bc0), 0x0, &(0x7f0000000c80)=""/218, 0xda}, 0x0)

1.801988255s ago: executing program 4 (id=2327):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000090ff00000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000feffffff850000007100000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.792543375s ago: executing program 4 (id=2331):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc010000190001000000000002000000e0000001000000000000000000000000ac1414bb00000000000000000003000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000440105007f000001000000000000000000000000000000003c"], 0x1fc}}, 0x0)

1.768120967s ago: executing program 6 (id=2332):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0xedc623580215bdcd, 0x12, r0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000010000000000001000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000116608ffff0000100018000000000000000000000000410a009500000000000000360a020000000001180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0xa, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x78)

1.7099474s ago: executing program 4 (id=2333):
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="9feb01001800000000000002180000001800000006000000020000000100000c02000000000000000000000d0000000000005f"], 0x0, 0x36}, 0x28)

1.70957014s ago: executing program 6 (id=2335):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a00"], 0xb8}, 0x1, 0x0, 0x0, 0x4000015}, 0x2c000010)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, {0xfffffffffffffffd}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0xb8}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="b8000000140001000000000000004000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a0000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000fbffffffffffffff00000000000000ff8000000000000000000000000000000200"/112], 0xb8}}, 0x2c000010)

1.672490362s ago: executing program 4 (id=2337):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x9400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, @perf_config_ext={0x9, 0x7}, 0x100, 0xa88, 0x8406, 0x5, 0x0, 0x3c, 0xffff, 0x0, 0x0, 0x0, 0x46}, 0x0, 0xffbfffffffffffff, 0xffffffffffffffff, 0x1)
ioperm(0x0, 0x7, 0x80006)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000700), 0x0)
open_by_handle_at(0xffffffffffffff9c, 0x0, 0x200a00)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
rt_sigtimedwait(&(0x7f00000001c0)={[0x100000000023fa]}, 0x0, 0x0, 0x8)
setpgid(0x0, 0xffffffffffffffff)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)

1.568755708s ago: executing program 6 (id=2341):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000840)=ANY=[@ANYBLOB="58010000100013070000000000000000fc020000000000000000000000000001fe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141417000000000000000000002000000004d533000000e000000100000000000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000220000000000000000000000000000000200000000000000000000005c001400636d616328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000003509fe8fd57fd44aa5074c50bc700e530c001c00", @ANYRES32=0x0, @ANYBLOB='\a'], 0x158}}, 0x0)

1.522656061s ago: executing program 1 (id=2342):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1, 0x7, 0x8, 0x8, 0x40}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040), &(0x7f0000000500), 0xce, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000340)={r0, &(0x7f00000006c0), 0x0}, 0x20)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)=@ipv6_newrule={0x1c, 0x20, 0x1, 0x2, 0x0, {0xa, 0x20, 0x80, 0x0, 0x62, 0x0, 0x0, 0x1, 0x1001a}}, 0x1c}}, 0x20)

1.522383471s ago: executing program 2 (id=2343):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$igmp(0x2, 0x3, 0x2)
socket(0x10, 0x3, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0xffe, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="6400000010000304000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c000200200000001f000000060001000000000008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0)

1.522061571s ago: executing program 5 (id=2344):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b83, 0x3, @perf_bp={0x0, 0x6}, 0x4, 0x9, 0xfff, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x80078b, &(0x7f00000000c0)={[{@usrjquota}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@delalloc}, {@nobh}, {@min_batch_time={'min_batch_time', 0x3d, 0xb656}}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x46f, &(0x7f0000000bc0)="$eJzs281rHGUYAPBnJh9t7UdirR+tVaNFCIpJk1btwYui4KGioId6jMm2hG4baaLYUmwqUi+CFPQsHgX/Am8iiHoSvOrFkxSK9tLqKTKzM+lmm02N2WRi9/eDzbzvzGTmeTJf77zvJoCuNZT9SCJ2RMQvETHQqC5dYagxuXHt/ORf185PJrGw8PofSb7e9WvnJ8tV02K6vdjmcBqRfpgUO1lq9uy5kxP1eu1MUR+dO/X26OzZc0+9e2riRO1E7fT4kSOHD409+8z40x3JM8vr+r73Z/bvffnNy69MHrv81g9fZfHvKJY359EpQ1nify7kWpc93umdVWxnUznprTAQVqUnIrLD1Zdf/wPREzcP3kC89EGlwQHrKns2bWm/eH4BuIMlUXUEQDXKB332/lt+NqjpsSlcfb7xApTlfaP4NJb0LvZn9LW833bSUEQcm//78+wT69QPAQDQ7OPJz46WPb5L239p3JdPf8t/7irGUAYj4u6I2B0R90TEnoi4NyJf9/6IeGCN8dza/kmvrHGTK8raf88VY1tL239l6y8Ge4razjz/vuT4dL12sPibDEfflqw+tsI+vnnx50/aLWtu/2WfbP9lW7CI40pvSwfd1MTcRN4o7YCrFyP29S6Xf7I4EpBExN6I2Le6Te8qC9NPfLm/3Uq3z38FHRhnWvgiS28+y38+WvIvJc3jk9O3jE+Obo167eBoeVbc6sefLr3Wbv9ryr8DrtYa06bj37rKYNI8Xju7+n1c+vWjtu80//H8T/uTN/Jx5v5i3nsTc3NnxiL6k6N5fcn88Zu/W9bL9bPzf/jA8tf/7uJ3svwfjIjsJH4oIh6OiEeK2B+NiMci4sAK+X//QvtlZf6RVnT8L0ZMLXv/Wzz/W47/6gs9J7/7ut3+/93xP5yXhos5+f3vNpYLJ7tdtAa4lr8dAAAA/F+k+Xfgk3RksZymIyON7/DvibvS+szs3JPHZ945PdX4rvxg9KVlT9dA0R9an67XxpL5YouN/tHxoq+47C89VPQbf9qzLa+PTM7UpyrOHbrd9jbXf+b3nqqjA9bZtmXnjvdveCBABVrH0dOl1QuvhpsB3Kn8vzZ0r9tc/+lGxQFsPM9/6F7LXf8XWurGAuDO5PkP3cv1D10q/bbqCIAKef5DV1rL//WvY2Hr5gijmsJmPSh5IaIspJsiHoV1KlR9ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiMfwIAAP//egbpHA==")

1.458824965s ago: executing program 6 (id=2345):
syz_clone(0x258ac591, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r0 = syz_clone(0x258ac591, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$peeksig(0x4209, r0, &(0x7f0000000080)={0x100000000000000, 0x0, 0x3}, &(0x7f0000000280)=[{}, {}, {}])
getpriority(0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@multicast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, '\x00', 0x10, 0x3a, 0xff, @local, @loopback, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x2d, 0x6, 0x999, 0x5932}}}}}}, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f0000000240)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xffffffffffffff6b, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xffffffffffffff6b, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48)

1.450411785s ago: executing program 1 (id=2346):
syz_mount_image$ext4(&(0x7f0000000640)='ext4\x00', &(0x7f0000000200)='./file2\x00', 0x200000, &(0x7f0000000000)={[{@dioread_lock}, {@noquota}, {@errors_remount}, {@grpquota}]}, 0xfc, 0x57c, &(0x7f0000005c40)="$eJzs3c9rHFUcAPDvbLJt+kOTQhH1IIEerNRumsQfFTzUo2ixoPe6JNNQsumW7KY0sWB7sBcvUgQRC6I3D949Fv+XghaKlIAHL5HZzKbbZDfdJJsm7X4+MO1782bz3tuZ9/Y7+3bZAPrWaPZPIeK1iPguiRhuKRuMvHB09bjlRzemsi2JlZXP/0kiyfc1j0/y/4/kmVcj4s9vIk4VNtZbW1yaLVcq6XyeH6vPXR2rLS6dvjxXnkln0isTk5Nn352c+OD993rW17cu/PvjZ/c+PvvtieUffn9w7E4S5+JoXtbajx242ZoZjdH8OSnGuXUHjvegsv0k2esGsC0D+TgvRjYHDMdAPurbWhl+lk0DdtnX2bAG+lRi/EOfasYBzXv7Ht0HPzcefrR6A7Sx/4Or743EUOPe6PBy8sSdUXa/O9KD+rM6/vj77p1si969DwHwVDdvRcSZwcGN81+Sz3/bd6aLY9bXkddf3GHVQBfuZfHP2+3in8Ja/BNt4p8jbcbudjzxNwrt4p/Cgx5U01EW/33YNv5dW7QaGchzLzVivmJy6XIlzea2lyPiZBQPZvlN1nO+LCzfX+lU2Br/ZVtWfzMWzNvxYPDgk4+ZLtfLO+p0i4e3Il5vG/8ma+c/aXP+s+fjQpd1vJLefaNT2dP7v7tWfol4s+35f7yilWy+PjnWuB7GmlfFRsm6dcFWe93/h7/liWb/11551/o/krSu19a2XsfPQ/+lncq2e/0fSL5opA/k+66X6/X58YgDyacb9088fmwz3zw+u/5Pnth8/mt3/R/KBnaX/b99/HbroUNb6//uyvo/vfn1v+78bz1x/5OvfupUf3fn/51G6mS+p5v5r9sG7uS5AwAAAAAAgP2mEBFHIymU1tKFQqm0+vmO43G4UKnW6qcuVReuTEfju7IjUSw0V7qHWz4PMZ5/HraZn1iXn4yIYxHx/cChRr40Va1M73XnAQAAAAAAAAAAAAAAAAAAYJ84EjHU7vv/mb8G9rp1wK7b5Ce/gRdc5/Gfl/Til56AfWnbr/9DvW0H8OyJ/6F/Gf/Qv4x/6F/GP/Qv4x/6l/EP/Wsr4//X87vYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgxXDh/PttWlh/dmMry09cWF2ar105Pp7XZ0tzCVGmqOn+1NFOtzlTS0lR17ml/r1KtXh2fiIXrY/W0Vh+rLS5dnKsuXKlfvDxXnkkvpsVn0isAAAAAAAAAAAAAAAAAAAB4vtQWl2bLlUo6LyHRSCQRsZVHDe6DNkv0PrHXMxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPZ/AAAA//9QvzSr")
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x50, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x1246, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7f, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffc00, 0x3, 0x2, 0xfffffffd, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r1, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='mountinfo\x00')
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x2}, &(0x7f0000000b80)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x84, &(0x7f0000000300)={0x0, @in={{0x2, 0x4e25, @empty}}, 0x2, 0x8af8}, 0x90)
r5 = syz_io_uring_setup(0xd0, &(0x7f0000000480)={0x0, 0x2cab, 0x10, 0x2, 0x34f}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000000)=<r7=>0x0)
socket$inet6(0xa, 0x2, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x2f, 0x5, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x1})
io_uring_enter(r5, 0x4ed9, 0x5a21, 0x8, 0x0, 0x0)
timer_settime(r3, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
ioctl$FS_IOC_GETFSSYSFSPATH(r0, 0x80811501, &(0x7f0000000340)={0x80})
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
pipe2(&(0x7f0000000580)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x0)
write$P9_RGETLOCK(r9, &(0x7f0000000040)=ANY=[], 0xffffff6a)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_config_ext={0x100000001, 0xdd5}, 0x0, 0x0, 0x10000, 0x2, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r4, 0x84, 0x1b, &(0x7f0000000400)={0x0, 0x67, "6782ef2cfc5d2041b06dfa77ae644cfdd6076b86aac9ed8078caeaf004020cd0e8550c1ac4d11872f46cff7b94f752f2ea071f2bb6840516c34e21578540d8ad9cd42ebc830e4845939480e6fc7212bbee42e5decd15747b6bbf37cb54e6367ffc4780fcc5b481"}, &(0x7f0000000280)=0x6f)
write$P9_RLERRORu(r8, &(0x7f0000000100)={0xe, 0x7, 0x1, {{0x1, '\xf7'}, 0x5861}}, 0xe)
write$cgroup_netprio_ifpriomap(r9, &(0x7f0000000080)=ANY=[@ANYBLOB="7663a939b4df0b05"], 0x8)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000b80)={[{@errors_remount}, {@nobh}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@dioread_lock}]}, 0x3, 0x439, &(0x7f0000002380)="$eJzs3MtvG0UYAPBv105LXyRU5dEHECiIikfSpKX0wAUEEgeQkOBQjiFJq1K3QU2QaFVBQKgcUSXuiCMSfwEnuCDghMQV7qhShXJp4WS09m5iO3aauE5c8O8nrTuzO9bM592xZ3a6CWBgjWYvScTuiPg9Iobr2eYCo/V/bi1dmf576cp0EtXqW38ltXI3l65MF0WL9+0qMuWI9LMkDrapd/7S5XNTlcrsxTw/vnD+/fH5S5efO3t+6szsmdkLkydPHj828cKJyed7EmcW180DH80d2v/aO9femD517d2fv02K+Fvi6JHRtQ4+Wa32uLr+2tOQTsp9bAgbUqp30xiq9f/hKMXKyRuOVz/ta+OATVWtVqsPdD68WAX+x5LodwuA/ih+6LP5b7Ft0dDjrnDjpfoEKIv7Vr7Vj5QjzcsMtcxve2k0Ik4t/vNVtsXm3IcAAGjyfTb+ebbd+C+NxvtC9+ZrKCMRcV9E7I2IExGxLyLuj6iVfTAiHtpg/a2LJKvHP+n1rgJbp2z892K+ttU8/itGfzFSynN7avEPJafPVmaP5p/JkRjanuUn1qjjh1d++6LTscbxX7Zl9Rdjwbwd18vbm98zM7UwdScxN7rxScSBcrv4k+WVgCQi9kfEgS7rOPv0N4c6Hbt9/GvowTpT9euIp+rnfzFa4i8ka69Pjt8Tldmj48VVsdovv159s1P9dxR/D2Tnf2fb6385/pGkcb12fuN1XP3j845zmm6v/23J2037PpxaWLg4EbEteb3e6JX9pYuTLeUmV8pn8R853L7/742VT+JgRGQX8cMR8UhEPJq3/bGIeDwiDq8R/08vP/Fe9/Fvriz+mQ2d/5XEtmjd0z5ROvfjd02Vjmwk/uz8H6+ljuR71vP9t552dXc1AwAAwH9PGhG7I0nHltNpOjZW/z/8+2JnWpmbX3jm9NwHF2bqzwiMxFBa3OkabrgfOpFP64v8ZEv+WH7f+MvSjlp+bHquMtPv4GHA7erQ/zN/lvrdOmDTdbeOlva8HcDW87wmDC79HwaX/g+Dq03/39GPdgBbr93v/8d9aAew9coNr/nfBAMGhPk/DC79HwaX/g8DaX5H3P4heQmJVYlI74pmSGxSot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xbwAAAP//1Xjmag==")
sendfile(r2, r2, &(0x7f0000000000)=0x2eb4, 0x2000007ff)

1.315310003s ago: executing program 6 (id=2347):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0xedc623580215bdcd, 0x12, r0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000010000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00004100000000116608ffff0000100018000000000000000000000000000a009500000000000000360a020000000001180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0xa, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x78)

1.241873877s ago: executing program 2 (id=2348):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
mknod(&(0x7f0000000000)='./file0\x00', 0x1000, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000004a00))
fstat(0xffffffffffffffff, &(0x7f0000000180))
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x21891d, &(0x7f0000000500)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800000}}, {@noblock_validity}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@resgid}, {@noinit_itable}, {@quota}, {@noauto_da_alloc}, {@sysvgroups}, {@resgid, 0x32}]}, 0x1, 0x4e8, &(0x7f0000000f40)="$eJzs3d9rW9cdAPDvla0sP5zZYXvIAsvCkmGHLZIdL4nZQ7bB2J4C27L3zLNlYyxbxpKT2ITNYX/AYIxtsKc99aXQP6BQ8ieUQqB9L21pKW3SPhTaRkVXUuI4ku0QWUqtzweOde659+p7joSO7rn3+CqAvnUmIs5GxKNqtXo+IoYb5ZlGis16qm338MGdmVpKolq9/kkSkdTLapuNbXnOY43dDkfEH38X8Zfk2bjl9Y3F6WKxsNpYzleWVvLl9Y0LC0vT84X5wvLk5MTlqStTl6bGO9LOoYi4+psP/v2PV3579Y2f3Xr3xkdjf00a5RFP2tFp9aZn09eiaTAiVvcjWI8Mpi0EAODboHmc/+OIOB/DMZAezQEAAAAHSfWXQ/FVElEFAAAADqxMOgc2yeQa8wCGIpPJ5epzeL8fRzPFUrny07nS2vJsfa7sSGQzcwvFwnhjrvBIZJPa8kSaf7J8cdvyZESciIh/DR9Jl3MzpeJsr09+AAAAQJ84tm38//lwffy/xZc9qxwAAADQOSM7rTzUvXoAAAAA+2fH8T8AAABwIBj/AwAAwIH2+2vXaqna/P3r2Zvra4ulmxdmC+XF3NLaTG6mtLqSmy+V5tN79i3t9nzFUmnl57G8djtfKZQr+fL6xo2l0tpy5cbCUz+BDQAAAHTRiR/deyeJiM1fHElT+I9/6BuDz7Px+/tXD6D7BnpdAaBnnuv7HzhQsr2uANBzyS7r207eebPzdQEAAPbH6A9aX/8f2PXcwGamS1UE9onzf9C/XP+H/uX6P/SvbAyEgTz0t91uAfri1/+r1eeqEAAA0HFDaUoyuYj0PMBQZDK5XMTxdEyQTeYWioXxiPhuRLw9nP1ObXki3TPZdc4wAAAAAAAAAAAAAAAAAAAAAAAAAFBXrSZRBQAAAA60iMyHSXo3/4jR4XND288PHEq+GE4fI+LW/67/5/Z0pbI6USv/9HF55b+N8ou9OIMBAAAAbNccpzfH8QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQSQ8f3Jlppm7G/fjXETHSKv5gHE4fD0c2Io5+lsTglv2SiBjoQPzNuxFxslX8pFatGGnUolX8Iz2Of6wD8aGf3av1P79q9fnLxJn0sfXn73LaQ7249v1f5nH/N9Aifq3s+B5jnLr/Wr5t/LsRpwZb9z/N+Emb/ufsHuP/+U8bG+3WVf8fMdry+yd5Kla+srSSL69vXFhYmp4vzBeWJycnLk9dmbo0NZ6fWygWGn9bxvjnD19/tFP7j7aJP7JL+8/tsf1f37/94Hv1bPbx7smT+GNnW7//J9vEzzTe/5808rX1o838Zj2/1elX3zq9U/tn27R/t/d/bI/tP/+Hv7+3x00BgC4or28sTheLhdW+zrzQq1E7LHopWvHSZWoHpMXa6/qS1OeZzN/24ZlrR+a9blcnMj3tlgAAgH3w7BgYAAAAAAAAAAAAAAAAAAAA6LZu3E4suy3mZvq3E3fPBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADonG8CAAD//+y20KM=")
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000840)=ANY=[@ANYBLOB="020000000000000002004e24e000000200000000000000000000000000000000000000000000000000000000000000110000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000200ffffac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ac1414aa00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x210)

1.076069177s ago: executing program 6 (id=2349):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x207, &(0x7f0000000000), 0x1, 0x469, &(0x7f0000000100)="$eJzs3M9vFFUcAPDv7G5BfnZF/AGiomgk/mhpQeXgRRMTD5qY6AGPtRSCLNTQmghpbDEELyZKwt2YeDHxL/DkiagnE694NyTEcAE9rRl2dtlud8u2u91t3c8nGfpe9+2+73dm3s6bGaYBDKz96T9JxPaIuB4RwxGRq2+wpbKk7e7cmpv859bcZBLl8vt/J+nb4vatuclq0yT7ua1SKaQflLuURLFJvzPnL5yeKJWmzmX10dkzn4zOnL/w8qkzEyenTk6dHT969MjhsddeHX+lK3mmMd3e+/n0vj1vf3jl3cljVz769cdKvOXy1WuHFuXRHUMRMVdbJ42e625nfbejrpwU+hgIK7I5IgrZ3no9hiN/aWftteF464u+BgesqXK5XB5v/fJCGfgfS6LfEQD9UT3Qp+e/1aVHU4914eYblROgNO872VJ5pRAXszZDDee33bQ/Io4t/PttukTD9RQAgLXwczr/eanJ/K8Y8Uhdu53ZvaFiRDwYEbsi4qGI2B0RD0el7aMR8dgK+9/fUF86/8ndWF1m7Unnf69n97YWz/9qd8GK+ay2427+Q8mJU6WpQ9k6ORhDm9P6WNNPTyIW0p9/fN2q//r5X7qk/VfnglkcNwqbF7/n+MTsRMeJZ25ejNhbaJZ/EoV7WcSeiNi7yj5OvfDDvsW/yddK989/GV24z1T+LuL5yvZfiIb8q5Ll70+OPhClqUOj1b1iqd9+v/xeq/47yr8L0u2/ten+X8u/mNTfr51Z8hGb7tfH5T+/bHlOs9r9f1PywaLOP5uYnT03FrEpeWfp7+sucFfr1fZp/gcPNB//u+Lemng8ItKd+ImIeDIinspifzoinomIA8vk/8ubz368+vzXVpr//Iq2/8oL+dPXfmrVf3vb/0i1cjeodr7/2g2wk3UHAAAAG0UuIrZHkhuplXO5kZHK/5ffHVtzpemZ2RdPTH969njlGYFiDOWqV7qG666HjmXXhqv18aw+n9UPZ9eNr+a33K2PTE6Xjvc7eRhw21qM/9Rf+X5HB6w5z2vB4DL+YXCtfvz75oCN7j6jONerOIDecxSHwdVs/M/3IQ6g9xz/YXDVxv83bTSue9yr8eFNYONx/IfBZfzDQOrkuf51UYjvI5Zvk6yXUFdU+KqTtxd6EGHk1seK6mFhPB/RxzAK7f5Vizhfnu+4035/MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTHfwEAAP//qO7n/A==")
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000002680)='.\x00', 0x84a2, &(0x7f00000008c0)=ANY=[], 0xc, 0x0, &(0x7f0000000000))
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0x8, 0x0, 0x0)
r1 = socket(0x11, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000005c0)={'gre0\x00'})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'macvlan0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="4400000010000104fcffffff8000000000000000", @ANYRES32=0x0, @ANYBLOB="0317000000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r5], 0x44}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)
bind$packet(r1, &(0x7f0000000180)={0x11, 0x5, r5, 0x1, 0x0, 0x6, @random="38bba34ea540"}, 0x14)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000240)=0x4e6f, 0x4)
sendmsg$netlink(r1, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="02011400012918000e3580009f0001140000ff840600ac141430e0000003808a8972bd0b72e4108296a3d206163944f8afc1bf505602da9168d6f9ce320068ff1f7e345a170d1423c2e18c8ed410c8aab9a20b514d2b583b90a86da4483488c0fdc6c2"], 0xdd12}], 0x1, 0x0, 0x0, 0x4000}, 0x1)
syz_emit_ethernet(0x3e, &(0x7f00000001c0)={@local, @random="df00004000", @void, {@ipv4={0x800, @tcp={{0x7, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @dev={0xac, 0x14, 0x14, 0x11}, {[@cipso={0x86, 0x6, 0x1}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_serviced\x00', 0x275a, 0x0)

847.40731ms ago: executing program 5 (id=2350):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2, &(0x7f0000000340)={[{@jqfmt_vfsold}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@abort}, {@noload}, {@delalloc}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@bsdgroups}, {@init_itable_val={'init_itable', 0x3d, 0xfff}}]}, 0xfa, 0x477, &(0x7f0000001380)="$eJzs3M9vFFUcAPDvTH/w21bEHyBIFY3EHy0tP+TgRaMJB01M9IDxVNtCKgs1tCZCiFYPeDQk3o3/hfGkF6NeNPGqd0NCDBdQL2tmZwaWZbfd0m0X2M8nme57M6/73ndm3u6bebsbQM8ayf4kEVsj4o+IGMqztxYYyR+uX70w9c/VC1NJVKtv/53Uyl27emGqLFr+35Y8U60W+Q1N6r34XsRkpTJztsiPLZz+cGz+3PkXZ09Pnpw5OXNm4ujRQwf3DB6ZONyROLO4ru36ZG73zmPvXnpz6vil939O0sjjjoY4OmUk37tNPdPpyrpsW1066a/fsvfXm+lmZwLd1BcR2eEaqPX/oeiLTTe2DcXrn3e1ccCaqlar1SVelRerwH0siW63AOiO8o0+u/4tl3UaetwVrrySXwBlcV8vlnxLf6R5Yu9Aw/Xt1g7WPxIRxxf//TpbYo3uQwAA1Ps+G/+80Gz8l8YjeWIw+/NAMYcyHBEPRsT2iHgoInZExMMRtbKPRsRjK6y/cYbk9vFPevmOg2tDNv57uZjbunX8l5ZFhvuK3LZa/APJidnKzIFin+yPgQ0nZpOZ8SXq+OG1379sta1+/JctWf3lWLBox+X+hht005MLk6uJud6VzyJ29TeLP4lyGieJiJ0RsesO65h9rr/ltuXjX0Lrp21b9ZuIZ/PjvxgN8ZeSlvOT4y8dmTg8tjEqMwfGyrPidr/8dvGtVvWvKv4OyI7/5qbn/434h5ONEfPnzp+qzdfOr+jps64TF//8ouU1TRF/1r3aOf+PbSvO/8HkndqKwWLDx5MLC2fHIwaTN25fP3Hz2cp8WT6Lf/++5v1/e9zcE49HxO6I2BMRT2QXhUXbn4yIpyJi3xI74adXn/5gmfibHP/1mSvN4p9e7vhH/fFfeaLv1I/fLR//xohodfwP1VL7izXtvP6128DV7DsAAAC4V+SfgU/S0RvpNB0dzT/DvyM2p5W5+YXnT8x9dGY6n/cejoG0vNM1VHc/dLy4N1zmJxryB4v7xl/1barlR6fmKtPdDh563JYW/T/zV1+3WwesuQ7MowH3KP0fepf+D70p0f+hp+n/0Lua9f9PW5Ye/XZNGwOsK+//0Lva6P+L+UPrUQFwb/L+D71L/4ee1PK78emqvvK/7on/it8zvFvac/8nIr0rmnH/J/rb/jGLFSSqQ3n/z9ZsaFqm269MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfF/AAAA//8Qi+Nc")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) (async)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x4030582b, &(0x7f00000001c0)={0x1100, 0x2, 0x3, 0x401, 0x2000000})
r1 = socket(0x400000000010, 0x3, 0x0)
flock(0xffffffffffffffff, 0x1)
r2 = socket$rxrpc(0x21, 0x2, 0xa)
sendto$rxrpc(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r3, &(0x7f0000000100)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e20, 0x4, @mcast2, 0x7da3}}, 0x24) (async)
bind$rxrpc(r3, &(0x7f0000000100)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e20, 0x4, @mcast2, 0x7da3}}, 0x24)
r4 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0xd893, 0x100, 0x200014, 0x7f}, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000200)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000003c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd=r3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0) (async)
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r8, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
socket$kcm(0x21, 0x2, 0x2) (async)
r9 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r9, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[], 0x10b8}, 0x20008004) (async)
sendmsg$kcm(r9, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[], 0x10b8}, 0x20008004)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'syz_tun\x00', <r10=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r10, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)
syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000000)='./bus\x00', 0x2000c12, &(0x7f00000005c0)=ANY=[@ANYBLOB="757466382c73686f776173736f632c696f636861727365743d69736f383835392d322c636865636b3d72656c617865642c6f90657272696465726f636b7065726d2c686964652c73657373696f6e3d3078303030303030303030303030303033322c6e6f726f636b2c6d61703d61636f726e2c6d6f64653d3078303030303030303030303030623265622c636865636b3d72656c617865642c6d61703d6f66662c696f636861727365743d64656661756c742c6f76657272696465726f636b7065726d2c000e1599e85c01b48a5fe00f6f73e528640bab0dd075f8db9cfa4b10068d30202f66bd7d50365c52f2200033f3bf2752de5d9ad4"], 0x4, 0xa07, &(0x7f0000001f80)="$eJzs3UtsXOXZB/D/8SUxBiUB8vHxISCT8CUYcB3bKUkjFjSxJ4mpL5XtSERdEEqcKo1bWtJKgCoRpKqrolZq1UW7Q6zaDRKbsqnYtbt21UWlilX3qKt05erMjOPbjMc2jh3C7xeN51ye877Pub6Z8fF5wxfLwv4VYwsLtdcWxy/+fgcy5i52dvTT9z98r3y9ezN70pnniz8mPUkqSVeSR5PukdHpqYk2BV1PLif5JCmS7E39fUMup/hFHlga/yTF78p6W9qz0ZJpZ4Evtd0+/gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4G5UjIwODg4VezI2efHlSl1SWWNkdHqqyMLC2jmLy9R9XOv1u/i4bb1JUb7S07PY1fejB5dmP5KkciSP18cer3VInp68ff8jB154uKtjcflW2Xwuezde7I233r7+6vz83ButQxbeqa/D9uR2lzlfnRybmRqbOHO+WhmbmaqcPnly8PiFczOVc2Pj1ZlLM7PVicrIdPXM7NR0pW/kmcrQ6dMnKtWBS1MXJ8+PDoxXFyee+srw4ODJyksD36yemZ6Zmjz+0sDMyIWx8fGxyfO1mHJ2GXOqPBC/MTZbma2emahUrl6bnzuxKqfO1Ru7DBpqtyZl0HC7oOHB4eGhoeHhoXcbvWffnnDy+dPPnxoc7BpcJWsi7tBBy93lvta7eZuv4LB1HfX2P98dz1gmczEvp9L030hGM52pTLSY37DY/h89Xl233uXtf6OV71o2+7Hyx5E82RjtadH+t8hl5/7dyFt5O9fzauYzn7m8sesZ7ey/86lmMmOZyVTGMpEztSmVxpRKTudkTmYwr+RCDmUmlZzLWMZTzUwuZSazqdaOqJFMp5ozmc1UplNJX0byTCoZyumczolUUs1ALmUqFzOZ8xnNmVopV3Ottt1PrJPj7aChjQQNrxO0ujEvj/XNtf/Ve/V/gmzY9l/EYYsWGu3/nvahfSM7kRAAAACw7f7vL9l38KE//zMp8kTte/lzY+PVF3c7LQAAAGAb1W7Xe7x86y6Hnuipff4f3O20AAAAgG1U1P7GrkjSm0P1ocW/hPIlAAAAANwjar//fzLFoaUJPv8DAADAPaaz7TP22z6Fv+hffPxv5Ur9/Uojoj5W9J4bG68OjEyNvzCUY7WnDCR5Ym1pnUnRXfvzg2dzuB51uLf+3rtUYllnTxk1NPDCUJ7NkXrEkb6nyren+ppEDtcjn65HPr08sjMrIk+UkQBwrzuyTnu80fb/2fTXI/ofqzX5XY81aYMHtawAcLe43cfOfxpdmjVp/xsRT7Zq/7+6zuf/MuKhXD1Uv6VgIK/l9cznSvrTuOPgULNSF3sjqN+G0N/m24Dexi0LfzvVkf413wf03F7X5bFzGU5/028ElpVbLOZwoh7XeWf2AQDstCPrtsMba//723z+73VLIQDcVW73YL+JgXc2Ezz3xo3dXkcAYCWtNAAAAAAAAAAAAAAAAAAAAAAAAAAAAGy/DT3A/6/Hkvn5uWQLnQVseaBnMxmuP9CRHcp51wc6k+xW7S9m00uV+/hzVPqH+xqL/2v3t/w9N7DLFyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB2RJF0NpvekexNMpjk+M5ndefc3O0Etktlz5YWK27lVt7Mvm3PBwAAAAAAAAAAAAAAAAAAAAAAAAAAAADgS67x/P+O1N/vr09KV0dyNMnlJN/a7Ry3063dTuDOKNqHfK8euPT8/46kOwtFuuq7PUX3yOj01ERZVLG3nP/p+x++V77al722V4WygLKGFZ1LNGpYNqV75VIP1pbqHZ27cf1Hr/+gMnq2dmCenT03PjpxfvrrS4GPFB8lldRfixbz/cnRP/1y2eRGRwnFR+WaNre63nO1ekfX1vu/zZZuUe8GXJufGy5rmq2+PPvj7197c9msh3I4eaov6VtZ03fKV4uaDq/enisVnxU/K/blN7lc2//l1igWinIX7a+t/31Xr83PDbz2+vyV2zm9syKnAzmU5ErSs/GcDrU+NmtHXUd3WetgLaj8cbBNeetaVuJQi+36YO2Q6d3UOlTanF9ttns+6CozOtE0o1/98OEc2/SePtamxqaKz4p/FBfy9/x0Wf8fHeX+P5qmZ2eTImqRy46U5fNWnF4d9cjavhhePuOV1WW2PCu5A36eb+drt/d/x7Lrf2Nf7cz1aFmNzc+LZPPnxQf717QoS2ot0sFVLVLj6tNqmUaeB+tRLfL8nzxXL3MTV5Tn2rXYd+j8/23Rl3/npv5/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu1+RdDab3pEcTXIgyf5yvJIsrI65uYX6OnqLraS5bbaS8xdP0XJFi1u5lTezb6czAgAAAAAAAODOODv66fsfvle+ar+P78z/dzTmVJKuJAeKX3ePjE5PTbQpqDu5vPgr/Z7N5XC5/PHA0vgn5dijbRba3dsHAOAL7b8BAAD///69bw8=") (async)
syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000000)='./bus\x00', 0x2000c12, &(0x7f00000005c0)=ANY=[@ANYBLOB="757466382c73686f776173736f632c696f636861727365743d69736f383835392d322c636865636b3d72656c617865642c6f90657272696465726f636b7065726d2c686964652c73657373696f6e3d3078303030303030303030303030303033322c6e6f726f636b2c6d61703d61636f726e2c6d6f64653d3078303030303030303030303030623265622c636865636b3d72656c617865642c6d61703d6f66662c696f636861727365743d64656661756c742c6f76657272696465726f636b7065726d2c000e1599e85c01b48a5fe00f6f73e528640bab0dd075f8db9cfa4b10068d30202f66bd7d50365c52f2200033f3bf2752de5d9ad4"], 0x4, 0xa07, &(0x7f0000001f80)="$eJzs3UtsXOXZB/D/8SUxBiUB8vHxISCT8CUYcB3bKUkjFjSxJ4mpL5XtSERdEEqcKo1bWtJKgCoRpKqrolZq1UW7Q6zaDRKbsqnYtbt21UWlilX3qKt05erMjOPbjMc2jh3C7xeN51ye877Pub6Z8fF5wxfLwv4VYwsLtdcWxy/+fgcy5i52dvTT9z98r3y9ezN70pnniz8mPUkqSVeSR5PukdHpqYk2BV1PLif5JCmS7E39fUMup/hFHlga/yTF78p6W9qz0ZJpZ4Evtd0+/gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4G5UjIwODg4VezI2efHlSl1SWWNkdHqqyMLC2jmLy9R9XOv1u/i4bb1JUb7S07PY1fejB5dmP5KkciSP18cer3VInp68ff8jB154uKtjcflW2Xwuezde7I233r7+6vz83ButQxbeqa/D9uR2lzlfnRybmRqbOHO+WhmbmaqcPnly8PiFczOVc2Pj1ZlLM7PVicrIdPXM7NR0pW/kmcrQ6dMnKtWBS1MXJ8+PDoxXFyee+srw4ODJyksD36yemZ6Zmjz+0sDMyIWx8fGxyfO1mHJ2GXOqPBC/MTZbma2emahUrl6bnzuxKqfO1Ru7DBpqtyZl0HC7oOHB4eGhoeHhoXcbvWffnnDy+dPPnxoc7BpcJWsi7tBBy93lvta7eZuv4LB1HfX2P98dz1gmczEvp9L030hGM52pTLSY37DY/h89Xl233uXtf6OV71o2+7Hyx5E82RjtadH+t8hl5/7dyFt5O9fzauYzn7m8sesZ7ey/86lmMmOZyVTGMpEztSmVxpRKTudkTmYwr+RCDmUmlZzLWMZTzUwuZSazqdaOqJFMp5ozmc1UplNJX0byTCoZyumczolUUs1ALmUqFzOZ8xnNmVopV3Ottt1PrJPj7aChjQQNrxO0ujEvj/XNtf/Ve/V/gmzY9l/EYYsWGu3/nvahfSM7kRAAAACw7f7vL9l38KE//zMp8kTte/lzY+PVF3c7LQAAAGAb1W7Xe7x86y6Hnuipff4f3O20AAAAgG1U1P7GrkjSm0P1ocW/hPIlAAAAANwjar//fzLFoaUJPv8DAADAPaaz7TP22z6Fv+hffPxv5Ur9/Uojoj5W9J4bG68OjEyNvzCUY7WnDCR5Ym1pnUnRXfvzg2dzuB51uLf+3rtUYllnTxk1NPDCUJ7NkXrEkb6nyren+ppEDtcjn65HPr08sjMrIk+UkQBwrzuyTnu80fb/2fTXI/ofqzX5XY81aYMHtawAcLe43cfOfxpdmjVp/xsRT7Zq/7+6zuf/MuKhXD1Uv6VgIK/l9cznSvrTuOPgULNSF3sjqN+G0N/m24Dexi0LfzvVkf413wf03F7X5bFzGU5/028ElpVbLOZwoh7XeWf2AQDstCPrtsMba//723z+73VLIQDcVW73YL+JgXc2Ezz3xo3dXkcAYCWtNAAAAAAAAAAAAAAAAAAAAAAAAAAAAGy/DT3A/6/Hkvn5uWQLnQVseaBnMxmuP9CRHcp51wc6k+xW7S9m00uV+/hzVPqH+xqL/2v3t/w9N7DLFyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB2RJF0NpvekexNMpjk+M5ndefc3O0Etktlz5YWK27lVt7Mvm3PBwAAAAAAAAAAAAAAAAAAAAAAAAAAAADgS67x/P+O1N/vr09KV0dyNMnlJN/a7Ry3063dTuDOKNqHfK8euPT8/46kOwtFuuq7PUX3yOj01ERZVLG3nP/p+x++V77al722V4WygLKGFZ1LNGpYNqV75VIP1pbqHZ27cf1Hr/+gMnq2dmCenT03PjpxfvrrS4GPFB8lldRfixbz/cnRP/1y2eRGRwnFR+WaNre63nO1ekfX1vu/zZZuUe8GXJufGy5rmq2+PPvj7197c9msh3I4eaov6VtZ03fKV4uaDq/enisVnxU/K/blN7lc2//l1igWinIX7a+t/31Xr83PDbz2+vyV2zm9syKnAzmU5ErSs/GcDrU+NmtHXUd3WetgLaj8cbBNeetaVuJQi+36YO2Q6d3UOlTanF9ttns+6CozOtE0o1/98OEc2/SePtamxqaKz4p/FBfy9/x0Wf8fHeX+P5qmZ2eTImqRy46U5fNWnF4d9cjavhhePuOV1WW2PCu5A36eb+drt/d/x7Lrf2Nf7cz1aFmNzc+LZPPnxQf717QoS2ot0sFVLVLj6tNqmUaeB+tRLfL8nzxXL3MTV5Tn2rXYd+j8/23Rl3/npv5/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu1+RdDab3pEcTXIgyf5yvJIsrI65uYX6OnqLraS5bbaS8xdP0XJFi1u5lTezb6czAgAAAAAAAODOODv66fsfvle+ar+P78z/dzTmVJKuJAeKX3ePjE5PTbQpqDu5vPgr/Z7N5XC5/PHA0vgn5dijbRba3dsHAOAL7b8BAAD///69bw8=")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000002000000) (async)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000002000000)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5e2, &(0x7f0000000800)="$eJzs3c9vVNUeAPDvnf6gpbzXQl7ee7iQJsZAorS0gCHGBWwNafBH3Lix0oJIgYbWaNGEkuDGxLgxxsSVC/G/UCJbVrpy4cYVISFqWBodc6f3lk57pz+Gtrfhfj7J0HPPmcs5t9Nvz5nTc+4EUFmD6T+1iP0RMZ1E9Cfzi2WdkRUOLjzv4R8fnU0fSdTrr/2WRJLl5c9Psq992ck9EfHjD0ns61hZ78zctYvjU1OTV7Pj4dlL08Mzc9cOX7g0fn7y/OTl0RdGTxw/dvzEyJG2rut6Qd7pm+++3//J2JvffPVnMvLtL2NJnIyXsycuvY7NMhiDje9JsrKo78RmV1aSjuznZOlLnHSW2CA2JH/9uiLif9EfHfHoxeuPj18ptXHAlqonEXWgohLxDxWVjwPy9/bL3wfXShmVANvhwamFCYCV8d+5MDcYPY25gd0Pk1g6rZNERHszc832RMTdO2M3z90ZuxlbNA8HFJu/ERH/L4r/pBH/A9ETA434rzXFfzouOJN9TfNfbbP+5VPF4h+2z0L896wa/1EQ//+OiLeWxP/bbdY/+Cj5Tm9T/Pe2e0kAAAAAAABQWbdPRcTzRX//ry2u/4mC9T99EXFyE+ofXHa88u//tfubUA1Q4MGpiJcK1//W8tW/Ax1Z6l+N9QBdybkLU5NHsjUAh6JrV3o8skodhz/d92WrssFs/V/+SOu/m60FzNpxv3NX8zkT47Pjj3vdQMSDGxFPFa7/TRb7/6Sg/09/H0yvs459z94606ps7fgHtkr964iDhf3/o7tWJKvfn2O4MR4YzkcFKz394Wfftaq/3fh3iwl4fGn/v3v1+B9Ilt6vZ2bjdRyd66y3Kmt3/N+dvN645Ux3lvfB+Ozs1ZGI7uR0R5rblD+68TbDkyiPhzxe0vg/9Eyr+b97Lcf/vRExv+z/Tn5v3lOc++/ffb+2ao/xP5Qnjf+JDfX/G0+M3hr4vlX96+v/jzX6+kNZjvk/WPBFHqbdzfkF4dhZVLTd7QUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAJ0EtIvZEUhtaTNdqQ0MRfRHxn9hdm7oyM/vcuSvvXZ5Iyxqf/1/LP+m3f+E4yT//f2DJ8eiy46MRsTciPu/obRwPnb0yNVH2xQMAAAAAAAAAAAAAAAAAAMAO0ddi/3/qXkfZrQO2XGfZDQBKUxD/P5XRDmD76f+husQ/VJf4h+oS/1Bd4h+qS/xDdYl/qC7xDwAAAAAAT5S9B27/nETE/Iu9jUeqOyvrKrVlwFarld0AoDRu8QPVZekPVJf3+ECyRnlPy5PWOnM102cf42QAAAAAAAAAAAAAqJyD++3/h6qy/x+qy/5/qK58//+BktsBbD/v8YFYYyd/4f7/Nc8CAAAAAAAAAAAAADbTzNy1i+NTU5NXJd7YGc3YzkS9Xr+e/hTslPbs1MRf63tyvhR+R7R5ZSLf67e+s8r7nQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADT7JwAA//8SzSZK")

713.670238ms ago: executing program 2 (id=2351):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/zoneinfo\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x7)
ioprio_set$pid(0x3, 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x20000023896) (fail_nth: 8)
poll(0x0, 0x0, 0x9)

713.370858ms ago: executing program 2 (id=2352):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x80, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/zoneinfo\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000700)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x61}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xf}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r2, 0x18000000000002a0, 0x4f, 0x0, &(0x7f00000002c0)="d2ff03076003008cb89e08f086dd", 0x0, 0xd5b1, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x7)
ioprio_set$pid(0x3, 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x20000023896)
r3 = syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = syz_pidfd_open(r3, 0x0)
fsetxattr$trusted_overlay_upper(r4, &(0x7f00000000c0), 0x0, 0x0, 0x0)
fgetxattr(r4, &(0x7f0000000140)=@known='trusted.overlay.upper\x00', 0x0, 0xffffffffffffff85)
poll(0x0, 0x0, 0x9)

682.55669ms ago: executing program 4 (id=2353):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000600)=ANY=[@ANYBLOB="bf16000000000000b7070000010000004070000000000000500000000000e1ff95000000000000002ba76bb33123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee04000000670d25010000020000040000009fc404000000c788b277beee11bf9b0a4def23d410f6accd3641110bec4e90a6341965dac03d04683712a0b09edc9e9ef8f6e396ad200e011ea665c45a3449abe802f5ab3e89cf40b8580218ce740068720000074e3e8eea3fd8cf49827ca311f5b87e1ca8433a8acd715f5888b2007f0000000000000000010000000000fb00010000000000414027efc84293af6a22000000005335001db43a5c000000000000000024000000000000000000e75a89faff01210cce39bf405f1e846c1242000000000000cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617da7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf9938d6df8600a62e96b7cb8e52cbdc2ba9d580609e31c30891f7e5ff7fd6fce424c2200af6c3784a1975fa657de38a3a32a4fd67ce446ac5431d07db79240acaf091231b986e77d05d988d6edc71df48dca02113a38300c2bf2b5543ffc1669557b3819d8c396d2c2361629d1022f722ec23812770d72cd0010000007889b8c7044f563a1f68d4eff895fdbc463f747c08f40105869035000000000000000000000000000000000000000000000000080000003ddf4aa4b1c8baa0ae6feb6737c275dc2740f742b5425f1d581961471cdb0500000000000000d4123f955267fe4a75c114f874e086287547d4099aeec9f1538ee25a365ccf4a9b604e88e12ff25184d4e3c6f7f623559435b26b50fb7113000000f0bc440550ee91302f5a000000000000000000000000006d0000e67ccc00148ac4c43021cce9f24f4b2f9492c32e7af05c648978d9980ba49789906d923e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd0294bea179b0433f5c899119ec2c3f4523110c0acef5383b5a2720caeb68f1e9c05b05d89467ded84da093dea262e51811e2d7fa515722516bd5ef6c8c4966e5937562a5648a696ad3a042a7097ddefe0671f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb32881dfd15dc84e79d326337e21e041654f06bd7f000000000000000000000000000000282ffe0000000009350cfa3ab109ab4a7d95938c5334a0dd177f1a7389ee570d95e543a27546d3770740f354df6dd6b1bfe4104d2262f33f596d606ccce75a3c3d5f9ad94a7316b0c6ad14f1398a6b39b07121f636da418b34d48677cf8d2d99ee8ac50142bcdcc73dd73cc6ec46896ffb35ac82ac7a9309ea07396d2814dc630ad1a9913934849be25f7b81b59aaa9fa2e9d6ecafcfa1de81b2d3581ab1138537f98d2240b6c2bf40569da4e2bb77532ab9220347d78319617d17e14f7331486e86b2145980b95c88ae11b1c6b6ea6c2b2311d6ce6315cc451dd50ac746acd59d075b41f9a747894956b10453ccf6527d8f579256e9849bbaf6c7c84362209d3d2320101d57161c4cc9dda4d082e8ca23a09d39ed0ec7d4"], &(0x7f0000000140)='GPL\x00'}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000002c0)=r1, 0x4)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000003c0)="d800000018007b18e00212ba0d8105040a0a1100fe0f040b067c55a1bc0009001e0006990300000015000500fe800000000000000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b01602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad8ffd5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd601edef3d93452a92307f00000e97031e9f05e9f16e9cb5", 0xd2}, {&(0x7f00000004c0)="f80ec2e2badd", 0x6}], 0x2, 0x0, 0x0, 0x2663}, 0x0)

625.454284ms ago: executing program 4 (id=2354):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x1, 0xf0, 0x4}, 0xfe}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000540)}], 0x1}, 0x4048081)
recvmsg$can_j1939(r1, &(0x7f00000004c0)={&(0x7f0000000240)=@caif=@rfm, 0x80, &(0x7f0000000bc0), 0x0, &(0x7f0000000c80)=""/218, 0xda}, 0x0)

373.946008ms ago: executing program 1 (id=2355):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f00000000c0), 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020001, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDFONTOP_SET(r1, 0x4b72, 0x0)

347.70244ms ago: executing program 5 (id=2356):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000b0ff00000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000feffffff850000007100000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

283.198123ms ago: executing program 5 (id=2357):
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffa, 0x1, @perf_config_ext={0x3fffffffc, 0xffffffffffffffff}, 0x102802, 0x0, 0x0, 0x3, 0xfff, 0x8001, 0x7fff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x1e, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xbfffffff}, 0x94)

271.042754ms ago: executing program 1 (id=2358):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0) (async)
r2 = socket(0x10, 0x803, 0x0)
bind$netlink(r2, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(r2, &(0x7f0000000600)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r3, 0x1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x6}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x404c084}, 0x0)
r4 = socket(0x1, 0x803, 0x0) (async)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil) (async)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x44, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x528, 0x0, @perf_bp={0x0, 0x1}, 0x419, 0x40000000, 0x0, 0x8, 0x103fb, 0x1ff, 0x1ff, 0x0, 0x0, 0x0, 0x400000000000007}, 0x0, 0x1, 0xffffffffffffffff, 0xb)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2, 0x59032, 0xffffffffffffffff, 0x0)
brk(0x200000ffc000) (async)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) (async)
munmap(&(0x7f0000a88000/0x1000)=nil, 0x1000)
munmap(&(0x7f000060f000/0x4000)=nil, 0x4000) (async)
mremap(&(0x7f00007b2000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil) (async)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) (async)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
syz_clone3(&(0x7f0000000240)={0x200a00000, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r5}}, 0x58) (async)
r6 = socket(0x1, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x74, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90646}, [@IFLA_LINKINFO={0x44, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x34, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0x1f, 0x1f}}, @IFLA_VLAN_ID={0x6, 0x1, 0x1}, @IFLA_VLAN_EGRESS_QOS={0x1c, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x5}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xc5, 0x8}}]}]}}}, @IFLA_LINK={0x8, 0x5, r7}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x74}, 0x1, 0x0, 0x0, 0x600}, 0x0)

149.977071ms ago: executing program 2 (id=2359):
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000006000000020000000100000c02000000000000000000000d0000000000005f"], 0x0, 0x36}, 0x28)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_ZERO(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="8c000000", @ANYRES16=r1, @ANYBLOB="010029bd7000fedbdf25100000000800050011bb0000540001"], 0x8c}, 0x1, 0x0, 0x0, 0x4014}, 0xc004)
syz_emit_ethernet(0x1e, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @remote, @void, {@can={0xc, {{0x2, 0x0, 0x1}, 0x7, 0x0, 0x0, 0x0, "3255db15816bc194"}}}}, &(0x7f0000000040)={0x0, 0x1, [0x7d8, 0xe54, 0x472, 0x8f6]})

149.840971ms ago: executing program 5 (id=2360):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0xedc623580215bdcd, 0x12, r0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000010000000000001000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000116608ffff0000100018000000000000000000000000000a209500000000000000360a020000000001180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0xa, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x78)

149.646471ms ago: executing program 1 (id=2361):
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000100), 0x4001, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r0, 0xc0189378, &(0x7f0000000180)={{0x1, 0x1, 0x18, r1, {r2}}, './file1\x00'})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000380)={[{@acl}]}, 0x1, 0x561, &(0x7f0000000f80)="$eJzs3U1rG0cfAPD/ylbenycOhNCWUgw9NCWNHNt9SaGH9NyGBtp7KuyNCZajYMkhdgNNDs25hF5KA6X30nOPoV+gh36GQBsIJZj20IvLyivFL5ItJ7KtVL8frJnZXWl2NPsfz2gkFMDAGs3+FCJejoivk4jjEZHkx4YjPzi6et7yk1tT2ZbEysqnfyaN87J887majzuaZ16KiF++ijhT2FxubXFptlyppPN5fqw+d32strh09upceSadSa9NTE6ef2dy4v333u1ZXd+89Pe3nzwYynMn7iVxIY7lubX1eA6312ZGYzR/TYpxYcOJ4z0orJ8kbff+tOfXwc4M5XFejKwPOB5DedQD/31fRsQKMKCSHcf/b8XduRJgbzXHAc25fY/mwS+Mxx+uToA213949b2RONSYGx1ZTtbNjLL57kgPys/K+PmP+/eyLXr3PgTAtm7fiYhzw8Ob+78k7/+e3bkuztlYhv4P9s6DbPzzVrvxT6E1/ok245+jbWL3WWwf/4VHPSimo2z890Hb8W9r0WpkKM/9rzHmKyZXrlbSrG/7f0ScjuLBLL/Ves755YcrnY6tHf9lW1Z+cyyYX8ej4YPrHzNdrpefp85rPb4T8Urb8W/Sav+kTftnr8elLss4ld5/rdOx7eu/u1Z+iHijbfs/XdFKtl6fHGvcD2PNu2Kzv+6e+rVT+ftd/6z9j2xd/5Fk7XptbedlfH/onzRa68nrrat/dH//H0g+a6QP5Ptuluv1+fGIA8nHrf2F5v6Jp49t5pvnZ/U//frW/V+7+/9wRHzeZf3vnvzx1U7H+qH9p9u2f2t2u6H9d554+NEX33Uqv7v+7+1G6nS+p5v+r9sLfJ7XDgAAAAAAAPpNISKORVIotdKFQqm0+vmOk3GkUKnW6meuVBeuTUfju7IjUSw0V7qPr/k8xHi+YtjMT2zIT0bEiYj4ZuhwI1+aqlam97vyAAAAAAAAAAAAAAAAAAAA0CeOdvj+f+b3of2+OmDX+clvGFzbxn8vfukJ6Ev+/8PgEv8wuMQ/DC7xD4NL/MPgEv8wuMQ/DC7xDwAAAAAAAAAAAAAAAAAAAAAAAAAAAD116eLFbFtZfnJrKstP31hcmK3eODud1mZLcwtTpanq/PXSTLU6U0lLU9W57Z6vUq1eH5+IhZtj9bRWH6stLl2eqy5cq1++OleeSS+nxT2pFQAAAAAAAAAAAAAAAAAAALxYaotLs+VKJZ2XkHimxHB/XIZEjxP73TMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFP/BgAA//9q6zMB")
open(0x0, 0x64842, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffdffffe, 0x2, @perf_bp={0x0, 0x8}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffefffffffffff, 0xffffffffffffffff, 0x1)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet(r3, &(0x7f0000002f80)=[{{&(0x7f0000000080)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000000300)={0x2, 0x4e23, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_retopts={{0x18, 0x0, 0x7, {[@cipso={0x86, 0x6, 0x3}]}}}], 0x18}}], 0x2, 0x20000044)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, 0x0, 0x0)
pipe(&(0x7f0000000440)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x129c81, 0x0)
write$binfmt_aout(r6, &(0x7f00000001c0)=ANY=[], 0xff2e)
ioctl$TCSETS2(r6, 0x402c542b, &(0x7f0000000040)={0xfff, 0x9, 0x0, 0x89d, 0x64, "4415c2cb4653530680eb7810ba3100168c0826", 0x800, 0x43})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$TCSETS(r6, 0x40045431, &(0x7f00000000c0)={0x0, 0x5, 0x400007f, 0x4000006, 0x2, "42341f9b1000007e4f00"})
r7 = syz_open_pts(r6, 0x103100)
dup3(r7, r6, 0x0)
splice(r6, 0x0, r5, 0x0, 0x7ffff000, 0x0)

20.997799ms ago: executing program 2 (id=2362):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0xedc623580215bdcd, 0x12, r0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000010000000000000000010851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000116608ffff0000100018000000004000000000000000000a009500000000000000360a020000000001180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0xa, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x78)

0s ago: executing program 5 (id=2363):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x9400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, @perf_config_ext={0x9, 0x7}, 0x100, 0xa88, 0x8406, 0x5, 0x0, 0x3c, 0xffff, 0x0, 0x0, 0x0, 0x46}, 0x0, 0xffbfffffffffffff, 0xffffffffffffffff, 0x1)
ioperm(0x0, 0x7, 0x80006)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000700), 0x0)
open_by_handle_at(0xffffffffffffff9c, 0x0, 0x200a00)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
rt_sigtimedwait(&(0x7f00000001c0)={[0x100000000023fa]}, 0x0, 0x0, 0x8)
setpgid(0x0, 0xffffffffffffffff)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)

kernel console output (not intermixed with test programs):

 shmem_file_write_iter+0xc5/0xf0
[  114.587224][ T7842]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  114.587255][ T7842]  vfs_write+0x5a6/0x9f0
[  114.587346][ T7842]  ksys_write+0xdc/0x1a0
[  114.587370][ T7842]  __x64_sys_write+0x40/0x50
[  114.587468][ T7842]  x64_sys_call+0x2847/0x3000
[  114.587508][ T7842]  do_syscall_64+0xc0/0x2a0
[  114.587546][ T7842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.587637][ T7842] RIP: 0033:0x7fe3c84db58e
[  114.587658][ T7842] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  114.587678][ T7842] RSP: 002b:00007fe3c6f76da8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  114.587698][ T7842] RAX: ffffffffffffffda RBX: 00007fe3c6f776c0 RCX: 00007fe3c84db58e
[  114.587781][ T7842] RDX: 0000000000040000 RSI: 00007fe3beb57000 RDI: 0000000000000005
[  114.587797][ T7842] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  114.587812][ T7842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[  114.587828][ T7842] R13: 00007fe3c6f76ee0 R14: 00007fe3c6f76ea0 R15: 00007fe3beb57000
[  114.587906][ T7842]  </TASK>
[  114.803450][ T7846] netlink: 'syz.5.1419': attribute type 5 has an invalid length.
[  115.142880][   T29] kauditd_printk_skb: 70 callbacks suppressed
[  115.142920][   T29] audit: type=1400 audit(1769318311.148:8011): avc:  denied  { getattr } for  pid=7851 comm="syz.5.1423" name="[io_uring]" dev="anon_inodefs" ino=19818 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  115.251955][ T7855] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  115.322087][ T7855] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.329786][ T7855] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.538500][   T29] audit: type=1400 audit(1769318311.478:8012): avc:  denied  { create } for  pid=7861 comm="syz.2.1427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  115.605299][ T7869] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1429'.
[  115.665038][ T7874] loop6: detected capacity change from 0 to 512
[  115.695159][ T7874] EXT4-fs: Ignoring removed nobh option
[  115.702219][ T7874] EXT4-fs (loop6): bad geometry: first data block 99980 is beyond end of filesystem (256)
[  115.728305][ T7848] loop1: detected capacity change from 0 to 512
[  115.839869][ T7897] __nla_validate_parse: 1 callbacks suppressed
[  115.839889][ T7897] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1440'.
[  115.953517][ T7905] loop4: detected capacity change from 0 to 512
[  116.003412][ T7905] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  116.012310][ T7905] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  116.023816][ T7905] EXT4-fs (loop4): 1 truncate cleaned up
[  116.052989][ T7905] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.083636][ T7917] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1446'.
[  116.154378][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.304455][ T7936] FAULT_INJECTION: forcing a failure.
[  116.304455][ T7936] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  116.317815][ T7936] CPU: 1 UID: 0 PID: 7936 Comm: syz.5.1452 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  116.317869][ T7936] Tainted: [W]=WARN
[  116.317879][ T7936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  116.317896][ T7936] Call Trace:
[  116.317902][ T7936]  <TASK>
[  116.317910][ T7936]  __dump_stack+0x1d/0x30
[  116.317936][ T7936]  dump_stack_lvl+0x95/0xd0
[  116.317958][ T7936]  dump_stack+0x15/0x1b
[  116.317995][ T7936]  should_fail_ex+0x263/0x280
[  116.318023][ T7936]  should_fail+0xb/0x20
[  116.318045][ T7936]  should_fail_usercopy+0x1a/0x20
[  116.318117][ T7936]  _copy_to_user+0x20/0xa0
[  116.318189][ T7936]  simple_read_from_buffer+0xb5/0x130
[  116.318258][ T7936]  proc_fail_nth_read+0x10e/0x150
[  116.318296][ T7936]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  116.318375][ T7936]  vfs_read+0x1ab/0x7f0
[  116.318449][ T7936]  ? l2cap_sock_setsockopt+0x1237/0x1270
[  116.318476][ T7936]  ? __rcu_read_unlock+0x4e/0x70
[  116.318501][ T7936]  ? __fget_files+0x184/0x1c0
[  116.318529][ T7936]  ? fdget_pos+0x26/0x1d0
[  116.318557][ T7936]  ? mutex_lock+0x57/0x90
[  116.318614][ T7936]  ksys_read+0xdc/0x1a0
[  116.318649][ T7936]  __x64_sys_read+0x40/0x50
[  116.318731][ T7936]  x64_sys_call+0x2889/0x3000
[  116.318776][ T7936]  do_syscall_64+0xc0/0x2a0
[  116.318836][ T7936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.318865][ T7936] RIP: 0033:0x7fdfdd01b58e
[  116.318887][ T7936] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  116.318982][ T7936] RSP: 002b:00007fdfdbab6fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  116.319009][ T7936] RAX: ffffffffffffffda RBX: 00007fdfdbab76c0 RCX: 00007fdfdd01b58e
[  116.319027][ T7936] RDX: 000000000000000f RSI: 00007fdfdbab70a0 RDI: 0000000000000003
[  116.319048][ T7936] RBP: 00007fdfdbab7090 R08: 0000000000000000 R09: 0000000000000000
[  116.319065][ T7936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  116.319100][ T7936] R13: 00007fdfdd2d6038 R14: 00007fdfdd2d5fa0 R15: 00007ffcbd71c628
[  116.319121][ T7936]  </TASK>
[  116.545403][ T7941] sctp: [Deprecated]: syz.4.1450 (pid 7941) Use of struct sctp_assoc_value in delayed_ack socket option.
[  116.545403][ T7941] Use struct sctp_sack_info instead
[  116.771844][ T7970] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1463'.
[  116.857690][ T7982] loop5: detected capacity change from 0 to 1024
[  116.873103][ T7982] EXT4-fs: inline encryption not supported
[  116.917321][ T7982] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  116.983004][ T3665] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.007327][ T8005] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1480'.
[  117.268395][   T29] audit: type=1326 audit(1769318313.278:8013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8047 comm="syz.6.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3c851acb9 code=0x7ffc0000
[  117.293669][   T29] audit: type=1326 audit(1769318313.308:8014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8047 comm="syz.6.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7fe3c851acb9 code=0x7ffc0000
[  117.399597][ T8062] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.1487: invalid indirect mapped block 256 (level 2)
[  117.453399][ T8062] EXT4-fs (loop5): 2 truncates cleaned up
[  117.459611][ T8062] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.605013][ T8071] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1489'.
[  117.614180][ T8071] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1489'.
[  117.661487][ T8071] gretap0: entered promiscuous mode
[  117.678939][ T8089] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1491'.
[  117.702970][ T3665] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.715415][ T8071] gretap0: left promiscuous mode
[  117.761068][ T8092] netlink: 'syz.4.1493': attribute type 3 has an invalid length.
[  117.774009][ T8094] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  117.807569][ T8094] EXT4-fs (loop5): 1 truncate cleaned up
[  117.814623][ T8094] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.880669][ T8099] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1495'.
[  118.385906][   T29] audit: type=1326 audit(1769318314.398:8015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8121 comm="syz.6.1503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fe3c851acb9 code=0x7ffc0000
[  118.462367][ T8123] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1503'.
[  118.488750][ T8127] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1505'.
[  118.561273][   T29] audit: type=1326 audit(1769318314.428:8016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8121 comm="syz.6.1503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fe3c851acb9 code=0x7ffc0000
[  118.585545][   T29] audit: type=1326 audit(1769318314.428:8017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8121 comm="syz.6.1503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fe3c851acb9 code=0x7ffc0000
[  118.609142][   T29] audit: type=1326 audit(1769318314.428:8018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8121 comm="syz.6.1503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fe3c851acb9 code=0x7ffc0000
[  118.633314][   T29] audit: type=1326 audit(1769318314.428:8019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8121 comm="syz.6.1503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fe3c851acb9 code=0x7ffc0000
[  118.656835][   T29] audit: type=1326 audit(1769318314.428:8020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8121 comm="syz.6.1503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fe3c851acb9 code=0x7ffc0000
[  118.697625][ T8133] set_capacity_and_notify: 2 callbacks suppressed
[  118.697691][ T8133] loop4: detected capacity change from 0 to 1024
[  118.723699][ T8131] x_tables: ip_tables: REJECT.0 target: invalid size 8 (kernel) != (user) 0
[  118.746545][ T3665] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.812873][ T8133] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  118.824794][ T8137] lo: Caught tx_queue_len zero misconfig
[  118.889662][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.927006][ T8151] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8151 comm=syz.1.1516
[  118.973867][ T8159] loop5: detected capacity change from 0 to 512
[  118.980213][ T8157] loop4: detected capacity change from 0 to 512
[  119.016455][ T8160] loop6: detected capacity change from 0 to 164
[  119.050086][ T8160] rock: directory entry would overflow storage
[  119.056335][ T8160] rock: sig=0x4543, size=28, remaining=18
[  119.095914][ T8159] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  119.118915][ T8154] wireguard0: entered promiscuous mode
[  119.125159][ T8154] wireguard0: entered allmulticast mode
[  119.446597][ T8166] loop1: detected capacity change from 0 to 512
[  119.486324][ T8166] EXT4-fs: Ignoring removed nobh option
[  119.503802][ T8159] EXT4-fs (loop5): 1 truncate cleaned up
[  119.531383][ T8166] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  119.542294][ T8159] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.561126][ T8166] EXT4-fs (loop1): 1 truncate cleaned up
[  119.572917][ T8166] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.854107][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.977989][ T8178] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=7 sclass=netlink_route_socket pid=8178 comm=syz.6.1524
[  120.246315][   T29] kauditd_printk_skb: 62 callbacks suppressed
[  120.246331][   T29] audit: type=1400 audit(1769318316.258:8083): avc:  denied  { read } for  pid=8188 comm="syz.6.1527" laddr=::ffff:0.0.0.0 lport=20001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  120.297760][ T8199] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=8199 comm=syz.6.1527
[  120.433642][ T3665] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.478285][ T8206] loop1: detected capacity change from 0 to 512
[  120.494294][ T8206] EXT4-fs warning (device loop1): ext4_init_metadata_csum:4637: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  120.510969][ T8206] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
[  120.550681][ T3307] udevd[3307]: incorrect jbd checksum on /dev/loop1
[  120.591437][ T8210] loop4: detected capacity change from 0 to 512
[  120.602075][ T8210] EXT4-fs: Ignoring removed nobh option
[  120.615810][ T8210] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  120.628348][ T8210] EXT4-fs (loop4): 1 truncate cleaned up
[  120.663563][ T8210] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  120.686012][ T8213] loop5: detected capacity change from 0 to 1024
[  120.715438][ T8213] EXT4-fs: inline encryption not supported
[  120.737801][ T8213] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  120.753548][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.780896][ T8213] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 2: comm syz.5.1534: lblock 2 mapped to illegal pblock 2 (length 1)
[  120.815059][ T8213] EXT4-fs (loop5): Remounting filesystem read-only
[  120.821675][ T8213] Quota error (device loop5): qtree_write_dquot: dquota write failed
[  120.868539][ T8213] Quota error (device loop5): v2_write_file_info: Can't write info structure
[  120.883700][ T8213] EXT4-fs (loop5): 1 orphan inode deleted
[  120.889887][ T8213] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.954837][ T3665] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.055978][ T8227] bond4: entered allmulticast mode
[  121.066268][ T8227] 8021q: adding VLAN 0 to HW filter on device bond4
[  121.091075][ T8238] loop4: detected capacity change from 0 to 512
[  121.103562][ T8238] EXT4-fs: Ignoring removed nobh option
[  121.120235][ T8238] EXT4-fs (loop4): blocks per group (11) and clusters per group (8192) inconsistent
[  121.158294][ T8246] loop5: detected capacity change from 0 to 128
[  121.189961][ T8248] __nla_validate_parse: 2 callbacks suppressed
[  121.189975][ T8248] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1548'.
[  121.205493][ T8248] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1548'.
[  121.249858][ T8245] syz.5.1547: attempt to access beyond end of device
[  121.249858][ T8245] loop5: rw=2049, sector=138, nr_sectors = 112 limit=128
[  121.433795][ T8263] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1554'.
[  121.474360][ T8263] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1554'.
[  121.544817][ T8274] EXT4-fs: Ignoring removed nobh option
[  121.590290][ T8285] xt_CT: You must specify a L4 protocol and not use inversions on it
[  121.612198][ T8274] EXT4-fs (loop5): blocks per group (35) and clusters per group (8192) inconsistent
[  122.194043][ T8304] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1564'.
[  122.342619][   T29] audit: type=1400 audit(1769318318.348:8084): avc:  denied  { ioctl } for  pid=8315 comm="syz.5.1570" path="socket:[21119]" dev="sockfs" ino=21119 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  122.386581][ T8308] syz.1.1566: attempt to access beyond end of device
[  122.386581][ T8308] loop1: rw=8390657, sector=138, nr_sectors = 2 limit=128
[  122.401319][ T8308] Buffer I/O error on dev loop1, logical block 69, lost async page write
[  122.909448][ T8368] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1587'.
[  122.932233][ T8374] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1589'.
[  122.944437][ T8372] EXT4-fs: Ignoring removed nobh option
[  122.955673][ T8372] EXT4-fs (loop1): unsupported inode size: 16384
[  122.962075][ T8372] EXT4-fs (loop1): blocksize: 1024
[  122.984435][ T8376] EXT4-fs: Ignoring removed oldalloc option
[  123.005849][ T8376] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  123.041409][   T29] audit: type=1326 audit(1769318319.048:8085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8379 comm="syz.4.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f9b9acb9 code=0x7ffc0000
[  123.087599][   T29] audit: type=1326 audit(1769318319.088:8086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8379 comm="syz.4.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7f43f9b9acb9 code=0x7ffc0000
[  123.111823][   T29] audit: type=1326 audit(1769318319.088:8087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8379 comm="syz.4.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f9b9acb9 code=0x7ffc0000
[  123.136039][   T29] audit: type=1326 audit(1769318319.088:8088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8379 comm="syz.4.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f9b9acb9 code=0x7ffc0000
[  123.159516][   T29] audit: type=1326 audit(1769318319.088:8089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8379 comm="syz.4.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f43f9b9acb9 code=0x7ffc0000
[  123.183631][   T29] audit: type=1326 audit(1769318319.088:8090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8379 comm="syz.4.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f9b9acb9 code=0x7ffc0000
[  123.236888][ T8376] EXT4-fs (loop5): 1 truncate cleaned up
[  123.251728][ T8376] delete_channel: no stack
[  123.305526][ T8393] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  123.533204][ T8426] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1600'.
[  123.666998][ T8435] FAT-fs (loop5): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  123.746619][ T8396] cgroup: fork rejected by pids controller in /syz6
[  123.861743][ T8457] set_capacity_and_notify: 7 callbacks suppressed
[  123.861762][ T8457] loop1: detected capacity change from 0 to 512
[  124.196904][ T8484] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1613'.
[  124.229158][ T8486] loop5: detected capacity change from 0 to 512
[  124.255840][ T8486] EXT4-fs: Mount option(s) incompatible with ext2
[  124.524992][ T8514] FAULT_INJECTION: forcing a failure.
[  124.524992][ T8514] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  124.538984][ T8514] CPU: 1 UID: 0 PID: 8514 Comm: syz.5.1624 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  124.539021][ T8514] Tainted: [W]=WARN
[  124.539036][ T8514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  124.539052][ T8514] Call Trace:
[  124.539061][ T8514]  <TASK>
[  124.539070][ T8514]  __dump_stack+0x1d/0x30
[  124.539095][ T8514]  dump_stack_lvl+0x95/0xd0
[  124.539188][ T8514]  dump_stack+0x15/0x1b
[  124.539253][ T8514]  should_fail_ex+0x263/0x280
[  124.539279][ T8514]  should_fail+0xb/0x20
[  124.539301][ T8514]  should_fail_usercopy+0x1a/0x20
[  124.539327][ T8514]  _copy_to_user+0x20/0xa0
[  124.539353][ T8514]  simple_read_from_buffer+0xb5/0x130
[  124.539395][ T8514]  proc_fail_nth_read+0x10e/0x150
[  124.539431][ T8514]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  124.539463][ T8514]  vfs_read+0x1ab/0x7f0
[  124.539551][ T8514]  ? l2cap_sock_setsockopt+0x1237/0x1270
[  124.539576][ T8514]  ? __rcu_read_unlock+0x4e/0x70
[  124.539595][ T8514]  ? __fget_files+0x184/0x1c0
[  124.539616][ T8514]  ? mutex_lock+0x57/0x90
[  124.539638][ T8514]  ksys_read+0xdc/0x1a0
[  124.539737][ T8514]  __x64_sys_read+0x40/0x50
[  124.539856][ T8514]  x64_sys_call+0x2889/0x3000
[  124.539889][ T8514]  do_syscall_64+0xc0/0x2a0
[  124.539927][ T8514]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.539956][ T8514] RIP: 0033:0x7fdfdd01b58e
[  124.540003][ T8514] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  124.540022][ T8514] RSP: 002b:00007fdfdbab6fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  124.540051][ T8514] RAX: ffffffffffffffda RBX: 00007fdfdbab76c0 RCX: 00007fdfdd01b58e
[  124.540070][ T8514] RDX: 000000000000000f RSI: 00007fdfdbab70a0 RDI: 0000000000000003
[  124.540087][ T8514] RBP: 00007fdfdbab7090 R08: 0000000000000000 R09: 0000000000000000
[  124.540104][ T8514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  124.540167][ T8514] R13: 00007fdfdd2d6038 R14: 00007fdfdd2d5fa0 R15: 00007ffcbd71c628
[  124.540189][ T8514]  </TASK>
[  124.832486][ T8526] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1629'.
[  124.860177][ T8533] loop1: detected capacity change from 0 to 512
[  125.044739][ T8555] loop6: detected capacity change from 0 to 1024
[  125.093963][ T8555] ext4 filesystem being mounted at /205/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.194990][ T8555] EXT4-fs error (device loop6): ext4_map_blocks:825: inode #15: comm syz.6.1638: lblock 0 mapped to illegal pblock 0 (length 1)
[  125.229592][ T8555] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  125.242890][ T8555] EXT4-fs (loop6): This should not happen!! Data will be lost
[  125.242890][ T8555] 
[  125.274111][ T8577] EXT4-fs error (device loop6): ext4_map_blocks:783: inode #15: comm syz.6.1638: lblock 0 mapped to illegal pblock 0 (length 1)
[  126.140935][   T29] kauditd_printk_skb: 9 callbacks suppressed
[  126.140952][   T29] audit: type=1400 audit(1769318322.148:8100): avc:  denied  { accept } for  pid=8587 comm="syz.2.1651" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  126.143662][ T8582] vlan0: entered promiscuous mode
[  126.192039][ T8592] netlink: 'syz.5.1652': attribute type 10 has an invalid length.
[  126.209445][ T8594] __nla_validate_parse: 4 callbacks suppressed
[  126.209533][ T8594] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1654'.
[  126.264843][ T8592] loop5: detected capacity change from 0 to 8192
[  126.311451][   T29] audit: type=1400 audit(1769318322.318:8101): avc:  denied  { ioctl } for  pid=8602 comm="syz.1.1657" path="/dev/uhid" dev="devtmpfs" ino=253 ioctlcmd=0x940d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  126.403261][   T29] audit: type=1326 audit(1769318322.418:8102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8612 comm="syz.4.1661" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f43f9b9acb9 code=0x0
[  126.448066][ T8617] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1663'.
[  126.468367][ T8619] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1665'.
[  126.489001][ T8621] bond5: option primary_reselect: invalid value (4)
[  126.504321][ T8619] loop6: detected capacity change from 0 to 128
[  126.524180][ T8621] bond5 (unregistering): Released all slaves
[  126.571117][ T8630] netlink: 6 bytes leftover after parsing attributes in process `syz.2.1666'.
[  126.580866][ T8630] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  126.614261][ T8619] loop6: detected capacity change from 0 to 2048
[  126.665900][ T3307] Alternate GPT is invalid, using primary GPT.
[  126.672352][ T3307]  loop6: p1 p2 p3
[  126.676220][ T3307] loop6: partition table partially beyond EOD, truncated
[  126.687175][ T8640] team_slave_0: Caught tx_queue_len zero misconfig
[  126.703937][ T8640] netlink: 65039 bytes leftover after parsing attributes in process `syz.5.1669'.
[  126.713457][ T8633] netlink: 65039 bytes leftover after parsing attributes in process `syz.5.1669'.
[  126.738161][ T8619] Alternate GPT is invalid, using primary GPT.
[  126.744528][ T8619]  loop6: p1 p2 p3
[  126.748274][ T8619] loop6: partition table partially beyond EOD, truncated
[  126.826815][ T8650] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1676'.
[  126.928522][ T8653] loop6: detected capacity change from 0 to 512
[  126.937602][ T8653] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  126.964306][ T8653] EXT4-fs (loop6): 1 truncate cleaned up
[  127.362646][   T29] audit: type=1400 audit(1769318323.328:8103): avc:  denied  { kexec_image_load } for  pid=8665 comm="syz.2.1682" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  127.447584][ T8674] loop4: detected capacity change from 0 to 512
[  127.533987][ T8674] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002]
[  127.545657][ T8674] System zones: 0-2, 18-18, 34-35
[  127.556551][ T8674] ext4 filesystem being mounted at /360/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.588262][ T8674] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1684'.
[  127.597245][ T8674] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1684'.
[  127.606993][ T8674] netlink: 484 bytes leftover after parsing attributes in process `syz.4.1684'.
[  127.678233][ T8681] 8021q: adding VLAN 0 to HW filter on device bond0
[  127.727249][ T8681] loop5: detected capacity change from 0 to 512
[  127.739067][ T8681] EXT4-fs (loop5): invalid inodes per group: 4294967295
[  127.739067][ T8681] 
[  127.866235][ T8696] netlink: 'syz.6.1694': attribute type 7 has an invalid length.
[  127.874771][ T8696] netlink: 'syz.6.1694': attribute type 8 has an invalid length.
[  127.894291][ T8699] pimreg: entered allmulticast mode
[  127.911721][ T8699] pimreg: left allmulticast mode
[  127.955868][ T8708] EXT4-fs: Ignoring removed nobh option
[  127.968925][ T8708] EXT4-fs (loop4): #blocks per group too big: 65535
[  128.002777][ T8703] ext4 filesystem being mounted at /337/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.048779][ T8714] bond6: option lacp_rate: invalid value (32)
[  128.099682][   T29] audit: type=1400 audit(1769318324.078:8104): avc:  denied  { append } for  pid=8701 comm="syz.1.1696" name="file2" dev="loop1" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  128.127400][ T8723] netlink: 'syz.4.1700': attribute type 1 has an invalid length.
[  128.138287][ T8714] bond6 (unregistering): Released all slaves
[  128.397290][ T8744] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4215: comm syz.1.1708: Allocating blocks 481-513 which overlap fs metadata
[  128.411594][ T8749] FAT-fs (loop4): bogus sectors per cluster 7
[  128.418592][ T8749] FAT-fs (loop4): Can't find a valid FAT filesystem
[  128.441153][ T8745] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4215: comm syz.1.1708: Allocating blocks 497-513 which overlap fs metadata
[  128.489557][ T8745] EXT4-fs (loop1): pa ffff888107b4cc40: logic 0, phys. 465, len 3
[  128.497520][ T8745] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 1
[  128.515225][   T29] audit: type=1400 audit(1769318324.528:8105): avc:  denied  { write } for  pid=8750 comm="syz.6.1709" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  128.587092][ T8761] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  128.628695][ T8767] netlink: 'syz.4.1716': attribute type 3 has an invalid length.
[  128.905729][ T8793] set_capacity_and_notify: 8 callbacks suppressed
[  128.905746][ T8793] loop4: detected capacity change from 0 to 512
[  128.923492][ T8798] netlink: 'syz.5.1726': attribute type 12 has an invalid length.
[  128.969697][ T8793] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1725: invalid indirect mapped block 256 (level 2)
[  129.003737][ T8793] EXT4-fs (loop4): 2 truncates cleaned up
[  129.027394][ T8809] loop5: detected capacity change from 0 to 1024
[  129.034333][ T8809] EXT4-fs: inline encryption not supported
[  129.061077][ T8810] loop1: detected capacity change from 0 to 512
[  129.968347][ T8834] loop4: detected capacity change from 0 to 512
[  130.154157][ T8834] ext4 filesystem being mounted at /372/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.172599][   T29] audit: type=1400 audit(1769318326.188:8106): avc:  denied  { setopt } for  pid=8846 comm="syz.1.1742" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  130.741008][ T8888] random: crng reseeded on system resumption
[  131.032629][   T29] audit: type=1400 audit(1769318327.008:8107): avc:  denied  { bind } for  pid=8885 comm="syz.1.1755" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  131.093849][   T29] audit: type=1326 audit(1769318327.078:8108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8885 comm="syz.1.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc208a0acb9 code=0x7ffc0000
[  131.117967][   T29] audit: type=1326 audit(1769318327.078:8109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8885 comm="syz.1.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc208a0acb9 code=0x7ffc0000
[  131.244020][   T29] kauditd_printk_skb: 37 callbacks suppressed
[  131.244038][   T29] audit: type=1326 audit(1769318327.128:8147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8885 comm="syz.1.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc2089cb58e code=0x7ffc0000
[  131.274492][   T29] audit: type=1326 audit(1769318327.128:8148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8885 comm="syz.1.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc2089cb58e code=0x7ffc0000
[  131.298037][   T29] audit: type=1326 audit(1769318327.128:8149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8885 comm="syz.1.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc2089cb58e code=0x7ffc0000
[  131.322138][   T29] audit: type=1326 audit(1769318327.128:8150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8885 comm="syz.1.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc2089cb58e code=0x7ffc0000
[  131.346309][   T29] audit: type=1326 audit(1769318327.128:8151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8885 comm="syz.1.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc2089cb58e code=0x7ffc0000
[  131.369746][   T29] audit: type=1326 audit(1769318327.128:8152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8885 comm="syz.1.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc2089cb58e code=0x7ffc0000
[  131.393895][   T29] audit: type=1326 audit(1769318327.128:8153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8885 comm="syz.1.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc2089cb58e code=0x7ffc0000
[  131.417360][   T29] audit: type=1326 audit(1769318327.138:8154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8885 comm="syz.1.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc2089cb58e code=0x7ffc0000
[  131.441460][   T29] audit: type=1326 audit(1769318327.138:8155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8885 comm="syz.1.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc2089cb58e code=0x7ffc0000
[  131.465513][   T29] audit: type=1326 audit(1769318327.138:8156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8885 comm="syz.1.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc2089cb58e code=0x7ffc0000
[  131.901560][ T8936] loop1: detected capacity change from 0 to 1764
[  132.014114][ T8943] __nla_validate_parse: 13 callbacks suppressed
[  132.014130][ T8943] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1774'.
[  132.161020][ T8949] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1766'.
[  132.467501][ T8963] loop5: detected capacity change from 0 to 512
[  132.484013][ T8963] EXT4-fs: Ignoring removed nobh option
[  132.506591][ T8963] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  132.863454][ T8963] EXT4-fs (loop5): 1 truncate cleaned up
[  132.869645][ T8963] EXT4-fs mount: 19 callbacks suppressed
[  132.869664][ T8963] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.013704][ T3665] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.399034][ T8823] Set syz1 is full, maxelem 65536 reached
[  136.417766][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.463643][ T9001] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1797'.
[  136.485391][   T29] kauditd_printk_skb: 62 callbacks suppressed
[  136.485408][   T29] audit: type=1400 audit(1769318332.498:8219): avc:  denied  { map } for  pid=9000 comm="syz.4.1797" path="/dev/loop7" dev="devtmpfs" ino=107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  136.521982][ T9005] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1799'.
[  136.575480][ T9010] netlink: 596 bytes leftover after parsing attributes in process `syz.6.1801'.
[  136.646813][ T9017] pimreg: entered allmulticast mode
[  136.665685][ T9025] loop5: detected capacity change from 0 to 512
[  136.676138][ T9025] EXT4-fs: Ignoring removed nobh option
[  136.683669][ T9025] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  136.694518][ T9017] pimreg: left allmulticast mode
[  136.719647][ T9025] EXT4-fs (loop5): 1 truncate cleaned up
[  136.724493][ T9029] loop6: detected capacity change from 0 to 512
[  136.728122][ T9025] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.734750][ T9029] EXT4-fs: Ignoring removed nobh option
[  136.750943][ T9025] FAULT_INJECTION: forcing a failure.
[  136.750943][ T9025] name failslab, interval 1, probability 0, space 0, times 0
[  136.764509][ T9025] CPU: 1 UID: 0 PID: 9025 Comm: syz.5.1807 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  136.764606][ T9025] Tainted: [W]=WARN
[  136.764613][ T9025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  136.764625][ T9025] Call Trace:
[  136.764631][ T9025]  <TASK>
[  136.764638][ T9025]  __dump_stack+0x1d/0x30
[  136.764665][ T9025]  dump_stack_lvl+0x95/0xd0
[  136.764693][ T9025]  dump_stack+0x15/0x1b
[  136.764807][ T9025]  should_fail_ex+0x263/0x280
[  136.764841][ T9025]  should_failslab+0x8c/0xb0
[  136.764868][ T9025]  __kvmalloc_node_noprof+0x148/0x680
[  136.764894][ T9025]  ? traverse+0xa2/0x3a0
[  136.764974][ T9025]  ? css_rstat_updated+0xbb/0x280
[  136.765009][ T9025]  traverse+0xa2/0x3a0
[  136.765114][ T9025]  seq_read_iter+0x85f/0x940
[  136.765223][ T9025]  ? _raw_spin_unlock+0x9/0x30
[  136.765353][ T9025]  ? alloc_pages_bulk_noprof+0x37d/0x520
[  136.765389][ T9025]  copy_splice_read+0x471/0x6c0
[  136.765435][ T9025]  ? __pfx_copy_splice_read+0x10/0x10
[  136.765467][ T9025]  splice_direct_to_actor+0x26e/0x670
[  136.765534][ T9025]  ? __pfx_direct_splice_actor+0x10/0x10
[  136.765563][ T9025]  do_splice_direct+0x119/0x1a0
[  136.765609][ T9025]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  136.765634][ T9025]  do_sendfile+0x380/0x650
[  136.765666][ T9025]  __x64_sys_sendfile64+0xb8/0x150
[  136.765700][ T9025]  x64_sys_call+0x2db1/0x3000
[  136.765818][ T9025]  do_syscall_64+0xc0/0x2a0
[  136.765902][ T9025]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.765929][ T9025] RIP: 0033:0x7fdfdd05acb9
[  136.765946][ T9025] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  136.765968][ T9025] RSP: 002b:00007fdfdbab7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  136.765988][ T9025] RAX: ffffffffffffffda RBX: 00007fdfdd2d5fa0 RCX: 00007fdfdd05acb9
[  136.766005][ T9025] RDX: 0000200000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  136.766102][ T9025] RBP: 00007fdfdbab7090 R08: 0000000000000000 R09: 0000000000000000
[  136.766120][ T9025] R10: 00000002000007ff R11: 0000000000000246 R12: 0000000000000001
[  136.766138][ T9025] R13: 00007fdfdd2d6038 R14: 00007fdfdd2d5fa0 R15: 00007ffcbd71c628
[  136.766164][ T9025]  </TASK>
[  136.766715][ T9029] EXT4-fs (loop6): #clusters per group too big: 65535
[  136.792482][ T9015] loop1: detected capacity change from 0 to 1024
[  136.902664][   T29] audit: type=1326 audit(1769318332.908:8220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9016 comm="syz.2.1805" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd6b728acb9 code=0x0
[  136.906505][ T9015] EXT4-fs: inline encryption not supported
[  136.916387][ T3665] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.047950][ T9015] EXT4-fs: Ignoring removed mblk_io_submit option
[  137.054521][ T9015] EXT4-fs: inline encryption not supported
[  137.060461][ T9015] EXT4-fs: Ignoring removed nobh option
[  137.066936][ T9015] EXT4-fs: Ignoring removed bh option
[  137.110233][ T9015] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.155285][ T9015] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1803'.
[  137.267277][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.321304][ T9043] vlan2: entered promiscuous mode
[  137.362313][ T9049] netlink: 'syz.1.1814': attribute type 2 has an invalid length.
[  137.370869][ T9049] netlink: 'syz.1.1814': attribute type 1 has an invalid length.
[  137.436523][ T9052] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1816'.
[  137.490005][ T9050] loop1: detected capacity change from 0 to 8192
[  137.508023][   T29] audit: type=1400 audit(1769318333.518:8221): avc:  denied  { listen } for  pid=9059 comm="syz.6.1818" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  137.528492][   T29] audit: type=1400 audit(1769318333.518:8222): avc:  denied  { accept } for  pid=9059 comm="syz.6.1818" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  137.573845][ T3307]  loop1: p1 p2 p3 p4
[  137.579774][ T3307] loop1: p3 start 117772289 is beyond EOD, truncated
[  137.587286][ T3307] loop1: p4 size 262144 extends beyond EOD, truncated
[  137.596044][ T9064] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  137.627145][ T9069] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1824'.
[  137.643617][ T9069] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1824'.
[  137.652691][ T9069] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1824'.
[  137.683421][ T9050]  loop1: p1 p2 p3 p4
[  137.688940][ T9050] loop1: p3 start 117772289 is beyond EOD, truncated
[  137.695801][ T9050] loop1: p4 size 262144 extends beyond EOD, truncated
[  137.865869][ T9090] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1831'.
[  137.876232][ T9091] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1832'.
[  137.898071][ T9093] pimreg: entered allmulticast mode
[  137.906755][   T29] audit: type=1400 audit(1769318333.918:8223): avc:  denied  { write } for  pid=9088 comm="syz.4.1831" name="ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  137.934301][ T9093] pimreg: left allmulticast mode
[  138.001721][ T9093] loop6: detected capacity change from 0 to 512
[  138.022247][   T29] audit: type=1326 audit(1769318334.028:8224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9092 comm="syz.6.1833" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe3c851acb9 code=0x0
[  138.055339][ T9097] netlink: 'syz.5.1835': attribute type 10 has an invalid length.
[  138.063570][ T9097] geneve1: entered promiscuous mode
[  138.071028][ T9097] bond0: (slave geneve1): Enslaving as an active interface with an up link
[  138.080824][ T7886] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  138.092321][ T9102] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1837'.
[  138.094864][ T7886] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  138.124298][ T9097] netlink: 156 bytes leftover after parsing attributes in process `syz.5.1835'.
[  138.138391][ T7886] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  138.156236][ T7886] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  138.204098][ T9112] ref_ctr increment failed for inode: 0x622 offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff888119a88d80
[  138.401349][ T9125] loop1: detected capacity change from 0 to 512
[  138.434682][ T9125] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  138.464163][ T9125] EXT4-fs (loop1): 1 truncate cleaned up
[  138.478596][ T9125] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.498636][ T9139] loop4: detected capacity change from 0 to 512
[  138.510983][ T9139] EXT4-fs: Ignoring removed nobh option
[  138.521674][ T9139] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  138.544084][ T9139] EXT4-fs (loop4): 1 truncate cleaned up
[  138.550602][ T9139] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.575155][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.604933][ T9139] FAULT_INJECTION: forcing a failure.
[  138.604933][ T9139] name failslab, interval 1, probability 0, space 0, times 0
[  138.604969][ T9139] CPU: 1 UID: 0 PID: 9139 Comm: syz.4.1849 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  138.605031][ T9139] Tainted: [W]=WARN
[  138.605040][ T9139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  138.605056][ T9139] Call Trace:
[  138.605064][ T9139]  <TASK>
[  138.605075][ T9139]  __dump_stack+0x1d/0x30
[  138.605107][ T9139]  dump_stack_lvl+0x95/0xd0
[  138.605136][ T9139]  dump_stack+0x15/0x1b
[  138.605207][ T9139]  should_fail_ex+0x263/0x280
[  138.605266][ T9139]  ? __pfx_cgroup_show_path+0x10/0x10
[  138.605350][ T9139]  should_failslab+0x8c/0xb0
[  138.605378][ T9139]  __kmalloc_cache_noprof+0x64/0x4a0
[  138.605407][ T9139]  ? cgroup_show_path+0x6a/0x2b0
[  138.605538][ T9139]  ? __pfx_cgroup_show_path+0x10/0x10
[  138.605580][ T9139]  cgroup_show_path+0x6a/0x2b0
[  138.605619][ T9139]  ? kernfs_sop_show_path+0xa4/0xf0
[  138.605709][ T9139]  ? __pfx_cgroup_show_path+0x10/0x10
[  138.605808][ T9139]  kernfs_sop_show_path+0xb6/0xf0
[  138.605838][ T9139]  ? __pfx_kernfs_sop_show_path+0x10/0x10
[  138.605866][ T9139]  show_path+0x5a/0x80
[  138.605893][ T9139]  show_mountinfo+0xe5/0x610
[  138.606006][ T9139]  m_show+0x3e/0x50
[  138.606038][ T9139]  traverse+0x149/0x3a0
[  138.606070][ T9139]  seq_read_iter+0x85f/0x940
[  138.606205][ T9139]  ? _raw_spin_unlock+0x9/0x30
[  138.606236][ T9139]  ? alloc_pages_bulk_noprof+0x37d/0x520
[  138.606266][ T9139]  copy_splice_read+0x471/0x6c0
[  138.606364][ T9139]  ? __pfx_copy_splice_read+0x10/0x10
[  138.606398][ T9139]  splice_direct_to_actor+0x26e/0x670
[  138.606437][ T9139]  ? __pfx_direct_splice_actor+0x10/0x10
[  138.606538][ T9139]  do_splice_direct+0x119/0x1a0
[  138.606576][ T9139]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  138.606623][ T9139]  do_sendfile+0x380/0x650
[  138.606661][ T9139]  __x64_sys_sendfile64+0xb8/0x150
[  138.606775][ T9139]  x64_sys_call+0x2db1/0x3000
[  138.606814][ T9139]  do_syscall_64+0xc0/0x2a0
[  138.606908][ T9139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.606930][ T9139] RIP: 0033:0x7f43f9b9acb9
[  138.606949][ T9139] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  138.607018][ T9139] RSP: 002b:00007f43f85f7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  138.607045][ T9139] RAX: ffffffffffffffda RBX: 00007f43f9e15fa0 RCX: 00007f43f9b9acb9
[  138.607062][ T9139] RDX: 0000200000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  138.607080][ T9139] RBP: 00007f43f85f7090 R08: 0000000000000000 R09: 0000000000000000
[  138.607096][ T9139] R10: 00000002000007ff R11: 0000000000000246 R12: 0000000000000001
[  138.607121][ T9139] R13: 00007f43f9e16038 R14: 00007f43f9e15fa0 R15: 00007ffe4dcbeec8
[  138.607239][ T9139]  </TASK>
[  138.639225][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.366305][ T9180] loop6: detected capacity change from 0 to 512
[  139.380523][ T9184] loop4: detected capacity change from 0 to 512
[  139.380773][ T9184] EXT4-fs: Ignoring removed nobh option
[  139.381225][ T9184] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  139.394276][ T9184] EXT4-fs (loop4): 1 truncate cleaned up
[  139.394726][ T9184] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.395746][ T9184] FAULT_INJECTION: forcing a failure.
[  139.395746][ T9184] name failslab, interval 1, probability 0, space 0, times 0
[  139.395784][ T9184] CPU: 0 UID: 0 PID: 9184 Comm: syz.4.1866 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  139.395818][ T9184] Tainted: [W]=WARN
[  139.395828][ T9184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  139.395862][ T9184] Call Trace:
[  139.395872][ T9184]  <TASK>
[  139.395881][ T9184]  __dump_stack+0x1d/0x30
[  139.395912][ T9184]  dump_stack_lvl+0x95/0xd0
[  139.395941][ T9184]  dump_stack+0x15/0x1b
[  139.395976][ T9184]  should_fail_ex+0x263/0x280
[  139.396054][ T9184]  ? __pfx_cgroup_show_path+0x10/0x10
[  139.396102][ T9184]  should_failslab+0x8c/0xb0
[  139.396131][ T9184]  __kmalloc_cache_noprof+0x64/0x4a0
[  139.396163][ T9184]  ? cgroup_show_path+0x6a/0x2b0
[  139.396247][ T9184]  ? __pfx_cgroup_show_path+0x10/0x10
[  139.396290][ T9184]  cgroup_show_path+0x6a/0x2b0
[  139.396330][ T9184]  ? kernfs_sop_show_path+0xa4/0xf0
[  139.396391][ T9184]  ? __pfx_cgroup_show_path+0x10/0x10
[  139.396432][ T9184]  kernfs_sop_show_path+0xb6/0xf0
[  139.396461][ T9184]  ? __pfx_kernfs_sop_show_path+0x10/0x10
[  139.396495][ T9184]  show_path+0x5a/0x80
[  139.396523][ T9184]  show_mountinfo+0xe5/0x610
[  139.396571][ T9184]  m_show+0x3e/0x50
[  139.396608][ T9184]  traverse+0x149/0x3a0
[  139.396649][ T9184]  seq_read_iter+0x85f/0x940
[  139.396785][ T9184]  ? _raw_spin_unlock+0x9/0x30
[  139.396831][ T9184]  ? alloc_pages_bulk_noprof+0x37d/0x520
[  139.396861][ T9184]  copy_splice_read+0x471/0x6c0
[  139.396915][ T9184]  ? __pfx_copy_splice_read+0x10/0x10
[  139.397002][ T9184]  splice_direct_to_actor+0x26e/0x670
[  139.397054][ T9184]  ? __pfx_direct_splice_actor+0x10/0x10
[  139.397087][ T9184]  do_splice_direct+0x119/0x1a0
[  139.397124][ T9184]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  139.397167][ T9184]  do_sendfile+0x380/0x650
[  139.397225][ T9184]  __x64_sys_sendfile64+0xb8/0x150
[  139.397259][ T9184]  x64_sys_call+0x2db1/0x3000
[  139.397289][ T9184]  do_syscall_64+0xc0/0x2a0
[  139.397400][ T9184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.397424][ T9184] RIP: 0033:0x7f43f9b9acb9
[  139.397444][ T9184] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  139.397468][ T9184] RSP: 002b:00007f43f85f7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  139.397536][ T9184] RAX: ffffffffffffffda RBX: 00007f43f9e15fa0 RCX: 00007f43f9b9acb9
[  139.397554][ T9184] RDX: 0000200000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  139.397567][ T9184] RBP: 00007f43f85f7090 R08: 0000000000000000 R09: 0000000000000000
[  139.397581][ T9184] R10: 00000002000007ff R11: 0000000000000246 R12: 0000000000000001
[  139.397598][ T9184] R13: 00007f43f9e16038 R14: 00007f43f9e15fa0 R15: 00007ffe4dcbeec8
[  139.397665][ T9184]  </TASK>
[  139.402336][ T9180] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  139.421359][ T9180] EXT4-fs (loop6): orphan cleanup on readonly fs
[  139.765687][   T29] audit: type=1400 audit(1769318335.718:8225): avc:  denied  { listen } for  pid=9193 comm="syz.1.1873" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  139.805354][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.824576][ T9180] EXT4-fs warning (device loop6): ext4_enable_quotas:7221: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  139.916756][ T9180] EXT4-fs (loop6): Cannot turn on quotas: error -22
[  139.933048][ T9180] EXT4-fs error (device loop6): ext4_ext_check_inode:523: inode #13: comm syz.6.1867: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  139.952108][ T9180] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.1867: couldn't read orphan inode 13 (err -117)
[  140.349870][ T9180] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  140.402157][ T9180] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1867'.
[  140.428569][   T29] audit: type=1400 audit(1769318336.438:8226): avc:  denied  { read } for  pid=9179 comm="syz.6.1867" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  140.547604][ T9225] loop1: detected capacity change from 0 to 128
[  140.560215][ T9225] FAT-fs (loop1): Directory bread(block 162) failed
[  140.567327][ T9225] FAT-fs (loop1): Directory bread(block 163) failed
[  140.578809][ T9225] FAT-fs (loop1): Directory bread(block 164) failed
[  140.591906][ T9225] FAT-fs (loop1): Directory bread(block 165) failed
[  140.598759][ T9225] FAT-fs (loop1): Directory bread(block 166) failed
[  140.606153][ T9225] FAT-fs (loop1): Directory bread(block 167) failed
[  140.618871][ T9225] FAT-fs (loop1): Directory bread(block 168) failed
[  140.626400][ T9225] FAT-fs (loop1): Directory bread(block 169) failed
[  140.633674][ T9225] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  140.645953][ T5364] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.705588][ T9234] random: crng reseeded on system resumption
[  140.796085][ T9225] FAT-fs (loop1): Directory bread(block 162) failed
[  140.839048][ T9225] FAT-fs (loop1): Directory bread(block 163) failed
[  140.861909][ T9225] syz.1.1883: attempt to access beyond end of device
[  140.861909][ T9225] loop1: rw=8388611, sector=226, nr_sectors = 6 limit=128
[  140.953796][   T29] audit: type=1326 audit(1769318336.918:8227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9261 comm="syz.6.1901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3c851acb9 code=0x7ffc0000
[  140.968068][ T9225] syz.1.1883: attempt to access beyond end of device
[  140.968068][ T9225] loop1: rw=8390659, sector=232, nr_sectors = 2 limit=128
[  140.978997][   T29] audit: type=1326 audit(1769318336.918:8228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9261 comm="syz.6.1901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3c851acb9 code=0x7ffc0000
[  141.029661][ T9274] EXT4-fs: Ignoring removed nobh option
[  141.050516][ T9249] syz.1.1883: attempt to access beyond end of device
[  141.050516][ T9249] loop1: rw=8388611, sector=234, nr_sectors = 6 limit=128
[  141.078068][ T9274] EXT4-fs (loop4): inodes count not valid: 32 vs 23
[  141.095838][ T9249] syz.1.1883: attempt to access beyond end of device
[  141.095838][ T9249] loop1: rw=8390659, sector=240, nr_sectors = 2 limit=128
[  141.215041][ T9268] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  141.262048][ T9288] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  141.280399][ T9288] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  141.321026][ T9288] bond0 (unregistering): Released all slaves
[  141.334497][ T9305] vlan2: entered promiscuous mode
[  141.344592][ T9268] EXT4-fs (loop5): orphan cleanup on readonly fs
[  141.389631][ T9268] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4215: comm syz.5.1900: Allocating blocks 41-42 which overlap fs metadata
[  141.454269][ T9268] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4215: comm syz.5.1900: Allocating blocks 41-42 which overlap fs metadata
[  141.482497][ T9268] EXT4-fs error (device loop5): ext4_acquire_dquot:6986: comm syz.5.1900: Failed to acquire dquot type 1
[  141.521933][   T29] kauditd_printk_skb: 30 callbacks suppressed
[  141.521950][   T29] audit: type=1400 audit(1769318337.528:8255): avc:  denied  { setopt } for  pid=9322 comm="syz.2.1919" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  141.548420][ T9268] EXT4-fs error (device loop5): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  141.564210][ T9316]  loop1: p2 p3 p4 < >
[  141.564225][ T9316] loop1: partition table partially beyond EOD, truncated
[  141.564299][ T9316] loop1: p2 size 590592 extends beyond EOD, truncated
[  141.564718][ T9316] loop1: p3 start 4294967295 is beyond EOD, truncated
[  141.564741][ T9316] loop1: p4 start 117440516 is beyond EOD, truncated
[  141.658896][ T9268] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #12: comm syz.5.1900: corrupted inode contents
[  141.702187][ T9333] set_capacity_and_notify: 4 callbacks suppressed
[  141.702215][ T9333] loop4: detected capacity change from 0 to 512
[  141.718077][   T29] audit: type=1400 audit(1769318337.728:8256): avc:  denied  { cpu } for  pid=9326 comm="syz.6.1920" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  141.722338][ T9268] EXT4-fs error (device loop5): ext4_dirty_inode:6502: inode #12: comm syz.5.1900: mark_inode_dirty error
[  141.740021][ T3307] udevd[3307]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  141.742971][ T9333] EXT4-fs: Ignoring removed nobh option
[  141.743274][ T9333] EXT4-fs (loop4): inodes count not valid: 32 vs 31
[  141.778402][ T9330] loop6: detected capacity change from 0 to 512
[  141.778808][ T9330] EXT4-fs: Ignoring removed nobh option
[  141.778887][ T9330] ext4: Unknown parameter 'obj_role'
[  141.794882][   T29] audit: type=1400 audit(1769318337.808:8257): avc:  denied  { bind } for  pid=9334 comm="syz.1.1922" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  141.886631][ T9268] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #12: comm syz.5.1900: corrupted inode contents
[  141.905902][ T9268] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #12: comm syz.5.1900: mark_inode_dirty error
[  141.934079][ T9268] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #12: comm syz.5.1900: corrupted inode contents
[  141.950776][ T9268] EXT4-fs error (device loop5) in ext4_orphan_del:303: Corrupt filesystem
[  141.972827][ T9268] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #12: comm syz.5.1900: corrupted inode contents
[  141.994089][ T9268] EXT4-fs error (device loop5): ext4_truncate:4635: inode #12: comm syz.5.1900: mark_inode_dirty error
[  142.008987][ T9268] EXT4-fs error (device loop5) in ext4_process_orphan:345: Corrupt filesystem
[  142.034931][ T9268] EXT4-fs (loop5): 1 truncate cleaned up
[  142.048939][ T9345] loop4: detected capacity change from 0 to 128
[  142.062271][ T9268] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  142.079231][ T9345] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  142.097204][ T9345] ext4 filesystem being mounted at /398/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  142.113586][ T9268] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.168695][ T9357] __nla_validate_parse: 6 callbacks suppressed
[  142.168709][ T9357] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1928'.
[  142.190826][ T3320] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  142.218690][ T9357] program syz.6.1928 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  142.288372][ T9363] vlan2: entered promiscuous mode
[  142.420427][ T9392] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1941'.
[  142.539651][ T9407] bond6: option primary_reselect: invalid value (4)
[  142.558035][ T9413] loop4: detected capacity change from 0 to 1024
[  142.567369][ T9407] bond6 (unregistering): Released all slaves
[  142.576049][ T9413] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  142.591893][ T9413] ext4 filesystem being mounted at /402/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.637612][ T9413] EXT4-fs error (device loop4): ext4_map_blocks:825: inode #15: block 3: comm syz.4.1950: lblock 3 mapped to illegal pblock 3 (length 3)
[  142.654114][ T9413] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  142.654756][ T9420] loop6: detected capacity change from 0 to 512
[  142.667251][ T9413] EXT4-fs (loop4): This should not happen!! Data will be lost
[  142.667251][ T9413] 
[  142.669167][ T9413] EXT4-fs error (device loop4): ext4_map_blocks:825: inode #15: block 8: comm syz.4.1950: lblock 8 mapped to illegal pblock 8 (length 8)
[  142.669386][ T9413] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  142.669417][ T9413] EXT4-fs (loop4): This should not happen!! Data will be lost
[  142.669417][ T9413] 
[  142.680165][ T9413] EXT4-fs error (device loop4): ext4_map_blocks:825: inode #15: comm syz.4.1950: lblock 0 mapped to illegal pblock 0 (length 3)
[  142.680388][ T9413] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 117
[  142.680478][ T9413] EXT4-fs (loop4): This should not happen!! Data will be lost
[  142.680478][ T9413] 
[  142.740137][ T9423] vlan0: entered promiscuous mode
[  142.802785][ T6110] EXT4-fs error (device loop4): ext4_map_blocks:825: inode #15: block 7: comm kworker/u8:12: lblock 7 mapped to illegal pblock 7 (length 1)
[  142.821007][ T9420] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  142.824861][ T6110] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 7 with max blocks 1 with error 117
[  142.843565][ T6110] EXT4-fs (loop4): This should not happen!! Data will be lost
[  142.843565][ T6110] 
[  142.858078][ T9430] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1955'.
[  142.877113][ T9432] netlink: 129384 bytes leftover after parsing attributes in process `syz.5.1956'.
[  142.898036][ T9420] EXT4-fs (loop6): orphan cleanup on readonly fs
[  142.932750][ T6110] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:12: bg 0: block 112: padding at end of block bitmap is not set
[  142.958187][ T9440] loop5: detected capacity change from 0 to 512
[  142.965203][ T6110] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 384 with error 28
[  142.977120][ T9420] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4215: comm syz.6.1949: Allocating blocks 41-42 which overlap fs metadata
[  143.001614][ T9440] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  143.033442][ T9420] Quota error (device loop6): write_blk: dquota write failed
[  143.041822][ T9420] Quota error (device loop6): find_free_dqentry: Can't write quota data block 5
[  143.076034][ T9420] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4215: comm syz.6.1949: Allocating blocks 41-42 which overlap fs metadata
[  143.099765][ T9449] tipc: Can't bind to reserved service type 1
[  143.111064][ T9449] loop1: detected capacity change from 0 to 512
[  143.128527][ T9420] Quota error (device loop6): write_blk: dquota write failed
[  143.144663][ T9420] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  143.154897][ T9440] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #17: comm syz.5.1959: inode has both inline data and extents flags
[  143.164414][ T9440] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.1959: couldn't read orphan inode 17 (err -117)
[  143.179541][ T9420] EXT4-fs error (device loop6): ext4_acquire_dquot:6986: comm syz.6.1949: Failed to acquire dquot type 1
[  143.182087][ T9449] EXT4-fs: Ignoring removed nobh option
[  143.187395][ T9449] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  143.203294][ T9449] EXT4-fs (loop1): 1 truncate cleaned up
[  143.233889][ T9440] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.251549][ T9449] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.265333][ T9420] EXT4-fs error (device loop6): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  143.298657][ T9420] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.1949: corrupted inode contents
[  143.322510][ T9459] loop4: detected capacity change from 0 to 512
[  143.322981][ T9459] EXT4-fs: Ignoring removed nobh option
[  143.336981][ T9459] EXT4-fs (loop4): inodes count not valid: 32 vs 92
[  143.349771][ T9440] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1959: bg 0: block 65: padding at end of block bitmap is not set
[  143.355761][ T9420] EXT4-fs error (device loop6): ext4_dirty_inode:6502: inode #12: comm syz.6.1949: mark_inode_dirty error
[  143.364557][ T9440] Quota error (device loop5): write_blk: dquota write failed
[  143.364593][ T9440] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  143.364628][ T9440] EXT4-fs error (device loop5): ext4_acquire_dquot:6986: comm syz.5.1959: Failed to acquire dquot type 0
[  143.365761][ T9440] Quota error (device loop5): do_check_range: Getting block 144 out of range 0-5
[  143.417623][ T9461] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1968'.
[  143.428617][ T9420] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.1949: corrupted inode contents
[  143.443627][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.470290][ T9420] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #12: comm syz.6.1949: mark_inode_dirty error
[  143.510118][ T3665] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.553992][ T3418] IPVS: starting estimator thread 0...
[  143.562167][ T9470] vlan2: entered promiscuous mode
[  143.578089][ T9420] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.1949: corrupted inode contents
[  143.620430][ T9467] loop1: detected capacity change from 0 to 128
[  143.649909][ T9420] EXT4-fs error (device loop6) in ext4_orphan_del:303: Corrupt filesystem
[  143.674241][ T9473] IPVS: using max 2256 ests per chain, 112800 per kthread
[  143.681665][ T9467] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  143.723349][ T9420] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.1949: corrupted inode contents
[  143.731657][ T9467] ext4 filesystem being mounted at /395/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  143.771643][ T9420] EXT4-fs error (device loop6): ext4_truncate:4635: inode #12: comm syz.6.1949: mark_inode_dirty error
[  143.805132][ T9420] EXT4-fs error (device loop6) in ext4_process_orphan:345: Corrupt filesystem
[  143.837857][ T9420] EXT4-fs (loop6): 1 truncate cleaned up
[  143.868496][ T9420] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  143.907940][ T9495] 9p: Bad value for 'wfdno'
[  143.917912][ T9497] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1981'.
[  143.939519][ T9420] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.966014][ T3314] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  143.988309][ T9502] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=874 sclass=netlink_route_socket pid=9502 comm=syz.2.1983
[  144.005709][ T9501] netlink: 'syz.5.1979': attribute type 1 has an invalid length.
[  144.061533][ T9501] 8021q: adding VLAN 0 to HW filter on device bond7
[  144.069677][ T9501] bond6: (slave bond7): making interface the new active one
[  144.078419][ T9501] bond6: (slave bond7): Enslaving as an active interface with an up link
[  144.163343][ T9501] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1979'.
[  144.184238][ T9509] bond6: (slave gretap1): Enslaving as a backup interface with an up link
[  144.194478][ T9501] 8021q: adding VLAN 0 to HW filter on device bond6
[  144.237910][ T9519] vlan2: entered promiscuous mode
[  144.324345][ T9534] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1995'.
[  144.333481][ T9534] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1995'.
[  144.352907][ T9534] vlan0: entered promiscuous mode
[  144.380361][ T9538] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1996'.
[  144.491827][ T9542] loop1: detected capacity change from 0 to 512
[  144.507388][ T9542] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  144.534591][ T9542] EXT4-fs (loop1): orphan cleanup on readonly fs
[  144.558748][ T9542] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4215: comm syz.1.1998: Allocating blocks 41-42 which overlap fs metadata
[  144.576644][ T9542] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4215: comm syz.1.1998: Allocating blocks 41-42 which overlap fs metadata
[  144.614694][ T9542] EXT4-fs error (device loop1): ext4_acquire_dquot:6986: comm syz.1.1998: Failed to acquire dquot type 1
[  144.632361][ T9542] EXT4-fs error (device loop1): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  144.669241][ T9542] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.1998: corrupted inode contents
[  144.704291][ T9542] EXT4-fs error (device loop1): ext4_dirty_inode:6502: inode #12: comm syz.1.1998: mark_inode_dirty error
[  144.726591][ T9542] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.1998: corrupted inode contents
[  144.751722][ T9569] EXT4-fs: Ignoring removed nobh option
[  144.760099][ T9542] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #12: comm syz.1.1998: mark_inode_dirty error
[  144.775053][ T9542] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.1998: corrupted inode contents
[  144.808171][ T9566] vlan2: entered promiscuous mode
[  144.814140][ T9569] EXT4-fs (loop5): orphan cleanup on readonly fs
[  144.822028][ T9569] EXT4-fs warning (device loop5): ext4_xattr_inode_get:546: inode #11: comm syz.5.2008: ea_inode file size=4 entry size=6
[  144.836834][ T9569] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  144.851320][ T9569] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #15: comm syz.5.2008: corrupted inode contents
[  144.864243][ T9542] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[  144.873947][ T9569] EXT4-fs error (device loop5): ext4_dirty_inode:6502: inode #15: comm syz.5.2008: mark_inode_dirty error
[  144.892308][ T9542] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.1998: corrupted inode contents
[  144.926622][ T9569] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #15: comm syz.5.2008: corrupted inode contents
[  144.972744][ T9569] EXT4-fs error (device loop5): ext4_xattr_delete_inode:3001: inode #15: comm syz.5.2008: mark_inode_dirty error
[  144.986656][ T9542] EXT4-fs error (device loop1): ext4_truncate:4635: inode #12: comm syz.1.1998: mark_inode_dirty error
[  145.007388][ T9569] EXT4-fs error (device loop5): ext4_xattr_delete_inode:3004: inode #15: comm syz.5.2008: mark inode dirty (error -117)
[  145.021128][ T9569] EXT4-fs warning (device loop5): ext4_evict_inode:273: xattr delete (err -117)
[  145.031351][ T9542] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem
[  145.064038][ T9569] EXT4-fs (loop5): 1 orphan inode deleted
[  145.064628][ T9569] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  145.128778][ T3665] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.150062][ T9542] EXT4-fs (loop1): 1 truncate cleaned up
[  145.187065][ T9542] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  145.252405][ T9542] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.359230][ T9602] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.491596][ T9608] lo speed is unknown, defaulting to 1000
[  145.510485][ T5364] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.533197][ T9608] lo speed is unknown, defaulting to 1000
[  145.561772][ T9608] lo speed is unknown, defaulting to 1000
[  145.575834][ T9608] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  145.622459][ T9608] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  145.660328][ T6110] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  145.669883][ T6110] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  145.706355][ T6110] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  145.726648][ T6110] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  145.746982][ T9608] lo speed is unknown, defaulting to 1000
[  145.759812][ T9608] lo speed is unknown, defaulting to 1000
[  145.784022][ T9627] ipvlan0: entered promiscuous mode
[  145.808590][ T9608] lo speed is unknown, defaulting to 1000
[  145.849047][ T9608] lo speed is unknown, defaulting to 1000
[  145.892036][ T9608] lo speed is unknown, defaulting to 1000
[  145.929913][ T9631] EXT4-fs: Ignoring removed nobh option
[  145.956542][ T9631] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  146.000649][ T9631] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  146.083154][ T9631] EXT4-fs (loop1): 1 truncate cleaned up
[  146.105551][ T9631] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.218553][ T9636] netlink: 'syz.4.2030': attribute type 7 has an invalid length.
[  146.265959][ T9636] netlink: 'syz.4.2030': attribute type 7 has an invalid length.
[  146.273800][   T31] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  146.294629][   T31] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  146.320074][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.322673][   T31] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  146.383338][   T31] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  146.463666][ T9646] lo speed is unknown, defaulting to 1000
[  146.512110][ T9654] EXT4-fs: Ignoring removed nobh option
[  146.552386][ T9647] lo speed is unknown, defaulting to 1000
[  146.579585][ T9654] EXT4-fs (loop5): orphan cleanup on readonly fs
[  146.632926][ T9654] EXT4-fs warning (device loop5): ext4_xattr_inode_get:546: inode #11: comm syz.5.2034: ea_inode file size=4 entry size=6
[  146.738141][ T9654] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  146.769041][ T9654] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #15: comm syz.5.2034: corrupted inode contents
[  146.816468][ T9654] EXT4-fs error (device loop5): ext4_dirty_inode:6502: inode #15: comm syz.5.2034: mark_inode_dirty error
[  146.857902][ T9654] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #15: comm syz.5.2034: corrupted inode contents
[  146.953336][ T9654] EXT4-fs error (device loop5): ext4_xattr_delete_inode:3001: inode #15: comm syz.5.2034: mark_inode_dirty error
[  146.994609][ T9654] EXT4-fs error (device loop5): ext4_xattr_delete_inode:3004: inode #15: comm syz.5.2034: mark inode dirty (error -117)
[  147.024910][ T9654] EXT4-fs warning (device loop5): ext4_evict_inode:273: xattr delete (err -117)
[  147.035284][ T9654] EXT4-fs (loop5): 1 orphan inode deleted
[  147.041645][ T9654] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  147.158645][ T3665] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.171449][ T9674] vlan2: entered promiscuous mode
[  147.639802][ T9698] __nla_validate_parse: 14 callbacks suppressed
[  147.639823][ T9698] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2052'.
[  147.671064][   T29] kauditd_printk_skb: 66 callbacks suppressed
[  147.671178][   T29] audit: type=1400 audit(1769318343.678:8320): avc:  denied  { compute_member } for  pid=9699 comm="syz.4.2053" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  147.741092][ T9700] dvmrp1: tun_chr_ioctl cmd 1074025677
[  147.768366][ T9700] dvmrp1: linktype set to 774
[  147.810945][ T9707] set_capacity_and_notify: 5 callbacks suppressed
[  147.810961][ T9707] loop6: detected capacity change from 0 to 1024
[  147.915157][ T9700] loop4: detected capacity change from 0 to 512
[  147.961940][ T9700] EXT4-fs: Ignoring removed nobh option
[  147.973772][ T9700] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  148.014155][ T9707] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.032983][ T9700] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  148.138269][ T9700] EXT4-fs (loop4): 1 truncate cleaned up
[  148.167116][ T9700] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.237333][ T9720] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2061'.
[  148.263074][ T5364] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.286316][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.324045][ T9724] loop6: detected capacity change from 0 to 512
[  148.334166][ T9724] EXT4-fs: Ignoring removed nobh option
[  148.354173][ T9724] EXT4-fs (loop6): orphan cleanup on readonly fs
[  148.364141][ T9724] EXT4-fs warning (device loop6): ext4_xattr_inode_get:546: inode #11: comm syz.6.2063: ea_inode file size=4 entry size=6
[  148.401743][ T9724] EXT4-fs warning (device loop6): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  148.433711][ T9729] netlink: 'syz.2.2066': attribute type 1 has an invalid length.
[  148.461390][ T9724] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #15: comm syz.6.2063: corrupted inode contents
[  148.494131][ T9729] workqueue: Failed to create a rescuer kthread for wq "bond12": -EINTR
[  148.583252][ T9724] EXT4-fs error (device loop6): ext4_dirty_inode:6502: inode #15: comm syz.6.2063: mark_inode_dirty error
[  149.055457][ T9724] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #15: comm syz.6.2063: corrupted inode contents
[  149.069886][ T9724] EXT4-fs error (device loop6): ext4_xattr_delete_inode:3001: inode #15: comm syz.6.2063: mark_inode_dirty error
[  149.086766][   T29] audit: type=1400 audit(1769318345.098:8321): avc:  denied  { write } for  pid=9748 comm="syz.1.2072" path="socket:[25217]" dev="sockfs" ino=25217 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  149.215802][ T9724] EXT4-fs error (device loop6): ext4_xattr_delete_inode:3004: inode #15: comm syz.6.2063: mark inode dirty (error -117)
[  149.348399][ T9724] EXT4-fs warning (device loop6): ext4_evict_inode:273: xattr delete (err -117)
[  149.441936][ T9724] EXT4-fs (loop6): 1 orphan inode deleted
[  149.474280][ T9724] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  149.633547][ T5364] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.728956][ T9767] bond4: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-alb(6)
[  149.765848][ T9765] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2078'.
[  149.790029][ T9767] bond4 (unregistering): Released all slaves
[  149.867903][ T9779] loop6: detected capacity change from 0 to 512
[  149.874578][   T29] audit: type=1400 audit(1769318345.878:8322): avc:  denied  { getopt } for  pid=9777 comm="syz.6.2083" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  149.955952][ T9784] loop4: detected capacity change from 0 to 512
[  149.973222][ T9784] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  150.053947][ T9794] vlan0: entered promiscuous mode
[  150.065403][ T9800] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2089'.
[  150.216189][ T9793] geneve2: entered promiscuous mode
[  150.221470][ T9793] geneve2: entered allmulticast mode
[  150.238568][ T9789] loop6: detected capacity change from 0 to 512
[  151.020555][ T9789] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  151.026856][ T9837] netlink: 'syz.1.2103': attribute type 1 has an invalid length.
[  151.061738][ T9840] loop4: detected capacity change from 0 to 512
[  151.085005][ T9837] 8021q: adding VLAN 0 to HW filter on device bond4
[  151.087765][ T9840] EXT4-fs: Ignoring removed nobh option
[  151.098577][ T9837] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2103'.
[  151.112345][ T9837] macvlan2: entered promiscuous mode
[  151.117822][ T9837] macvlan2: entered allmulticast mode
[  151.139746][ T9837] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2103'.
[  151.145375][ T9840] EXT4-fs (loop4): orphan cleanup on readonly fs
[  151.150029][ T9837] netlink: 'syz.1.2103': attribute type 4 has an invalid length.
[  151.163695][ T9837] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2103'.
[  151.195462][ T9789] EXT4-fs (loop6): orphan cleanup on readonly fs
[  151.217880][ T9789] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4215: comm syz.6.2085: Allocating blocks 41-42 which overlap fs metadata
[  151.234032][ T9840] EXT4-fs warning (device loop4): ext4_xattr_inode_get:546: inode #11: comm syz.4.2104: ea_inode file size=4 entry size=6
[  151.234159][ T9840] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #15: comm syz.4.2104: corrupted inode contents
[  151.235791][ T9840] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #15: comm syz.4.2104: mark_inode_dirty error
[  151.235964][ T9840] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #15: comm syz.4.2104: corrupted inode contents
[  151.236128][ T9840] EXT4-fs error (device loop4): ext4_xattr_delete_inode:3001: inode #15: comm syz.4.2104: mark_inode_dirty error
[  151.236254][ T9840] EXT4-fs error (device loop4): ext4_xattr_delete_inode:3004: inode #15: comm syz.4.2104: mark inode dirty (error -117)
[  151.236445][ T9840] EXT4-fs warning (device loop4): ext4_evict_inode:273: xattr delete (err -117)
[  151.236560][ T9840] EXT4-fs (loop4): 1 orphan inode deleted
[  151.237057][ T9840] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  151.239565][ T9853] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2106'.
[  151.239701][ T9853] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9853 comm=syz.2.2106
[  151.240086][ T9853] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2106'.
[  151.452315][ T9789] Quota error (device loop6): write_blk: dquota write failed
[  151.460884][ T9789] Quota error (device loop6): find_free_dqentry: Can't write quota data block 5
[  151.484873][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.503376][ T9789] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4215: comm syz.6.2085: Allocating blocks 41-42 which overlap fs metadata
[  151.534676][ T9789] Quota error (device loop6): write_blk: dquota write failed
[  151.553701][ T9789] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  151.565362][ T9789] EXT4-fs error (device loop6): ext4_acquire_dquot:6986: comm syz.6.2085: Failed to acquire dquot type 1
[  151.593218][ T9789] EXT4-fs error (device loop6): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  151.611667][ T9866] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2112'.
[  151.631247][ T9789] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.2085: corrupted inode contents
[  151.703283][ T9789] EXT4-fs error (device loop6): ext4_dirty_inode:6502: inode #12: comm syz.6.2085: mark_inode_dirty error
[  151.732066][ T9789] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.2085: corrupted inode contents
[  151.872924][ T9789] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #12: comm syz.6.2085: mark_inode_dirty error
[  151.905350][ T9874] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 2, id = 0
[  151.918319][ T9789] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.2085: corrupted inode contents
[  151.996565][ T9789] EXT4-fs error (device loop6) in ext4_orphan_del:303: Corrupt filesystem
[  152.065103][ T9789] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.2085: corrupted inode contents
[  152.300235][ T9789] EXT4-fs error (device loop6): ext4_truncate:4635: inode #12: comm syz.6.2085: mark_inode_dirty error
[  152.304210][ T9876] vlan2: entered promiscuous mode
[  152.544006][ T9789] EXT4-fs error (device loop6) in ext4_process_orphan:345: Corrupt filesystem
[  152.571337][ T9789] EXT4-fs (loop6): 1 truncate cleaned up
[  152.599088][   T29] audit: type=1400 audit(1769318348.608:8323): avc:  denied  { lock } for  pid=9877 comm="syz.2.2116" path="socket:[26109]" dev="sockfs" ino=26109 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  152.654863][ T9789] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  152.742237][ T9897] loop1: detected capacity change from 0 to 512
[  152.754091][ T9897] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  152.763826][ T9900] FAULT_INJECTION: forcing a failure.
[  152.763826][ T9900] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  152.776991][ T9900] CPU: 0 UID: 0 PID: 9900 Comm: syz.5.2123 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  152.777046][ T9900] Tainted: [W]=WARN
[  152.777132][ T9900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  152.777148][ T9900] Call Trace:
[  152.777157][ T9900]  <TASK>
[  152.777167][ T9900]  __dump_stack+0x1d/0x30
[  152.777253][ T9900]  dump_stack_lvl+0x95/0xd0
[  152.777278][ T9900]  dump_stack+0x15/0x1b
[  152.777350][ T9900]  should_fail_ex+0x263/0x280
[  152.777373][ T9900]  should_fail+0xb/0x20
[  152.777396][ T9900]  should_fail_usercopy+0x1a/0x20
[  152.777424][ T9900]  _copy_to_user+0x20/0xa0
[  152.777569][ T9900]  btf_new_fd+0x3fa/0x790
[  152.777594][ T9900]  bpf_btf_load+0x112/0x130
[  152.777621][ T9900]  __sys_bpf+0x357/0x7b0
[  152.777657][ T9900]  __x64_sys_bpf+0x41/0x50
[  152.777759][ T9900]  x64_sys_call+0x28e1/0x3000
[  152.777785][ T9900]  do_syscall_64+0xc0/0x2a0
[  152.777886][ T9900]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.777915][ T9900] RIP: 0033:0x7fdfdd05acb9
[  152.777934][ T9900] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  152.777999][ T9900] RSP: 002b:00007fdfdbab7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  152.778023][ T9900] RAX: ffffffffffffffda RBX: 00007fdfdd2d5fa0 RCX: 00007fdfdd05acb9
[  152.778098][ T9900] RDX: 0000000000000028 RSI: 0000200000000300 RDI: 0000000000000012
[  152.778110][ T9900] RBP: 00007fdfdbab7090 R08: 0000000000000000 R09: 0000000000000000
[  152.778123][ T9900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  152.778138][ T9900] R13: 00007fdfdd2d6038 R14: 00007fdfdd2d5fa0 R15: 00007ffcbd71c628
[  152.778166][ T9900]  </TASK>
[  152.781784][ T9789] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.229487][ T9897] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  153.253438][ T9897] ext4 filesystem being mounted at /431/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  153.275821][ T9920] netlink: 104 bytes leftover after parsing attributes in process `syz.6.2131'.
[  153.289719][ T9918] loop4: detected capacity change from 0 to 1024
[  153.313359][   T29] audit: type=1400 audit(1769318349.318:8324): avc:  denied  { link } for  pid=9896 comm="syz.1.2122" name="file0" dev="loop1" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  153.336975][ T9897] Quota error (device loop1): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  153.358444][ T9918] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  153.361607][ T9897] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  153.376351][ T9924] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2122'.
[  153.390889][ T9897] EXT4-fs error (device loop1): ext4_acquire_dquot:6986: comm syz.1.2122: Failed to acquire dquot type 0
[  153.546977][ T9906] loop5: detected capacity change from 0 to 512
[  153.549775][ T9929] loop6: detected capacity change from 0 to 1024
[  153.582459][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  153.597611][ T9929] EXT4-fs (loop6): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  153.616147][ T9929] ext4 filesystem being mounted at /295/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  153.642167][ T9929] EXT4-fs error (device loop6): ext4_map_blocks:825: inode #15: comm syz.6.2133: lblock 0 mapped to illegal pblock 0 (length 1)
[  153.658064][ T9929] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  153.670509][ T9929] EXT4-fs (loop6): This should not happen!! Data will be lost
[  153.670509][ T9929] 
[  153.694639][ T5364] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  153.769232][ T9936] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2136'.
[  153.809726][ T9936] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2136'.
[  153.903735][ T9940] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2137'.
[  153.982458][ T9947] loop1: detected capacity change from 0 to 512
[  153.989534][ T9947] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  154.026400][ T9947] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  154.521985][ T9947] EXT4-fs (loop1): 1 truncate cleaned up
[  154.533106][ T9947] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.712759][ T9956] loop5: detected capacity change from 0 to 7
[  154.753350][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.873304][ T9956] Invalid logical block size (6)
[  154.913345][ T9958] loop5: detected capacity change from 7 to 0
[  155.210594][   T29] audit: type=1326 audit(1769318351.218:8325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9980 comm="syz.4.2149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f9b9acb9 code=0x7ffc0000
[  155.290669][   T29] audit: type=1326 audit(1769318351.248:8326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9980 comm="syz.4.2149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f9b9acb9 code=0x7ffc0000
[  155.314932][   T29] audit: type=1326 audit(1769318351.248:8327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9980 comm="syz.4.2149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f9b9acb9 code=0x7ffc0000
[  155.339083][   T29] audit: type=1326 audit(1769318351.248:8328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9980 comm="syz.4.2149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f43f9b9acb9 code=0x7ffc0000
[  155.363154][   T29] audit: type=1326 audit(1769318351.248:8329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9980 comm="syz.4.2149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f9b9acb9 code=0x7ffc0000
[  155.387391][   T29] audit: type=1326 audit(1769318351.248:8330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9980 comm="syz.4.2149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f9b9acb9 code=0x7ffc0000
[  155.411499][   T29] audit: type=1326 audit(1769318351.248:8331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9980 comm="syz.4.2149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43f9b9acb9 code=0x7ffc0000
[  155.472095][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.544233][ T9978] loop6: detected capacity change from 0 to 8192
[  155.553677][ T9978] FAT-fs (loop6): bogus logical sector size 0
[  155.559880][ T9978] FAT-fs (loop6): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  155.569324][ T9978] FAT-fs (loop6): Can't find a valid FAT filesystem
[  155.581061][ T9996] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2155'.
[  155.644015][T10002] loop4: detected capacity change from 0 to 128
[  155.735252][T10014] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2162'.
[  156.498993][T10027] FAULT_INJECTION: forcing a failure.
[  156.498993][T10027] name failslab, interval 1, probability 0, space 0, times 0
[  156.511755][T10027] CPU: 0 UID: 0 PID: 10027 Comm: syz.1.2167 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  156.511803][T10027] Tainted: [W]=WARN
[  156.511810][T10027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  156.511902][T10027] Call Trace:
[  156.511910][T10027]  <TASK>
[  156.511918][T10027]  __dump_stack+0x1d/0x30
[  156.511946][T10027]  dump_stack_lvl+0x95/0xd0
[  156.512035][T10027]  dump_stack+0x15/0x1b
[  156.512056][T10027]  should_fail_ex+0x263/0x280
[  156.512080][T10027]  should_failslab+0x8c/0xb0
[  156.512104][T10027]  __kmalloc_cache_noprof+0x64/0x4a0
[  156.512140][T10027]  ? alloc_pipe_info+0xad/0x340
[  156.512159][T10027]  alloc_pipe_info+0xad/0x340
[  156.512259][T10027]  splice_direct_to_actor+0x591/0x670
[  156.512300][T10027]  ? kstrtouint_from_user+0xa8/0xf0
[  156.512324][T10027]  ? __pfx_direct_splice_actor+0x10/0x10
[  156.512365][T10027]  ? __rcu_read_unlock+0x4e/0x70
[  156.512383][T10027]  ? get_pid_task+0x96/0xd0
[  156.512409][T10027]  ? avc_policy_seqno+0x15/0x30
[  156.512514][T10027]  ? selinux_file_permission+0x1e1/0x320
[  156.512557][T10027]  do_splice_direct+0x119/0x1a0
[  156.512600][T10027]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  156.512667][T10027]  do_sendfile+0x380/0x650
[  156.512703][T10027]  __x64_sys_sendfile64+0x105/0x150
[  156.512769][T10027]  x64_sys_call+0x2db1/0x3000
[  156.512819][T10027]  do_syscall_64+0xc0/0x2a0
[  156.512898][T10027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.512926][T10027] RIP: 0033:0x7fc208a0acb9
[  156.513017][T10027] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  156.513042][T10027] RSP: 002b:00007fc207467028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  156.513067][T10027] RAX: ffffffffffffffda RBX: 00007fc208c85fa0 RCX: 00007fc208a0acb9
[  156.513122][T10027] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  156.513145][T10027] RBP: 00007fc207467090 R08: 0000000000000000 R09: 0000000000000000
[  156.513162][T10027] R10: 0000020000023896 R11: 0000000000000246 R12: 0000000000000001
[  156.513175][T10027] R13: 00007fc208c86038 R14: 00007fc208c85fa0 R15: 00007fff14dbf918
[  156.513194][T10027]  </TASK>
[  156.785889][T10035] loop4: detected capacity change from 0 to 512
[  156.813788][T10035] EXT4-fs: Ignoring removed nobh option
[  156.821557][T10039] loop5: detected capacity change from 0 to 128
[  156.857172][T10035] EXT4-fs (loop4): orphan cleanup on readonly fs
[  156.873489][T10035] EXT4-fs warning (device loop4): ext4_xattr_inode_get:546: inode #11: comm syz.4.2171: ea_inode file size=4 entry size=6
[  156.902747][T10035] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  156.917614][T10035] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #15: comm syz.4.2171: corrupted inode contents
[  156.940623][T10042] iso9660: Unknown parameter '0x0000000000000000'
[  156.953412][T10035] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #15: comm syz.4.2171: mark_inode_dirty error
[  156.990524][T10035] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #15: comm syz.4.2171: corrupted inode contents
[  157.008488][T10035] EXT4-fs error (device loop4): ext4_xattr_delete_inode:3001: inode #15: comm syz.4.2171: mark_inode_dirty error
[  157.037168][T10035] EXT4-fs error (device loop4): ext4_xattr_delete_inode:3004: inode #15: comm syz.4.2171: mark inode dirty (error -117)
[  157.056669][T10053] vlan0: entered promiscuous mode
[  157.075876][T10035] EXT4-fs warning (device loop4): ext4_evict_inode:273: xattr delete (err -117)
[  157.086799][T10035] EXT4-fs (loop4): 1 orphan inode deleted
[  157.094078][T10035] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  157.144017][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.175360][T10065] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2183'.
[  157.276163][T10051] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  157.303300][T10051] EXT4-fs (loop6): orphan cleanup on readonly fs
[  157.319664][   T23] IPVS: starting estimator thread 0...
[  157.329882][T10051] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4215: comm syz.6.2179: Allocating blocks 41-42 which overlap fs metadata
[  157.374744][T10051] EXT4-fs error (device loop6): ext4_acquire_dquot:6986: comm syz.6.2179: Failed to acquire dquot type 1
[  157.402072][T10051] EXT4-fs error (device loop6): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  157.421842][T10051] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.2179: corrupted inode contents
[  157.423811][T10079] IPVS: using max 2208 ests per chain, 110400 per kthread
[  157.457997][T10085] 9pnet_fd: Insufficient options for proto=fd
[  157.478678][T10051] EXT4-fs error (device loop6): ext4_dirty_inode:6502: inode #12: comm syz.6.2179: mark_inode_dirty error
[  157.492793][T10051] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.2179: corrupted inode contents
[  157.520540][T10051] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #12: comm syz.6.2179: mark_inode_dirty error
[  157.539089][T10086] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2187'.
[  157.550734][T10088] bpf: Bad value for 'uid'
[  157.556859][T10051] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.2179: corrupted inode contents
[  157.578303][T10051] EXT4-fs error (device loop6) in ext4_orphan_del:303: Corrupt filesystem
[  157.597784][T10051] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.2179: corrupted inode contents
[  157.642086][T10051] EXT4-fs error (device loop6): ext4_truncate:4635: inode #12: comm syz.6.2179: mark_inode_dirty error
[  157.670484][T10051] EXT4-fs error (device loop6) in ext4_process_orphan:345: Corrupt filesystem
[  157.707061][T10051] EXT4-fs (loop6): 1 truncate cleaned up
[  157.822375][T10051] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  158.047913][T10051] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.662081][T10125] set_capacity_and_notify: 2 callbacks suppressed
[  158.662103][T10125] loop1: detected capacity change from 0 to 512
[  158.696907][T10129] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2205'.
[  158.714159][T10125] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  158.753095][T10125] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  158.767129][T10125] EXT4-fs (loop1): 1 truncate cleaned up
[  158.773738][T10125] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.902203][T10145] loop6: detected capacity change from 0 to 128
[  158.918888][ T3418] IPVS: starting estimator thread 0...
[  158.959010][T10147] loop4: detected capacity change from 0 to 1764
[  159.070729][T10148] IPVS: using max 2208 ests per chain, 110400 per kthread
[  159.103638][T10156] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2215'.
[  159.294735][   T29] kauditd_printk_skb: 63 callbacks suppressed
[  159.294750][   T29] audit: type=1400 audit(1769318355.308:8392): avc:  denied  { ioctl } for  pid=10161 comm="syz.4.2218" path="socket:[26991]" dev="sockfs" ino=26991 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  159.451572][   T29] audit: type=1400 audit(1769318355.388:8393): avc:  denied  { connect } for  pid=10161 comm="syz.4.2218" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  159.472053][   T29] audit: type=1400 audit(1769318355.388:8394): avc:  denied  { setopt } for  pid=10161 comm="syz.4.2218" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  159.529035][T10169] atomic_op ffff8881136a2128 conn xmit_atomic 0000000000000000
[  159.537741][T10169] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2220'.
[  159.550934][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.574482][T10171] FAULT_INJECTION: forcing a failure.
[  159.574482][T10171] name failslab, interval 1, probability 0, space 0, times 0
[  159.587848][T10171] CPU: 0 UID: 0 PID: 10171 Comm: syz.5.2221 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  159.587890][T10171] Tainted: [W]=WARN
[  159.587899][T10171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  159.587916][T10171] Call Trace:
[  159.587925][T10171]  <TASK>
[  159.587934][T10171]  __dump_stack+0x1d/0x30
[  159.588001][T10171]  dump_stack_lvl+0x95/0xd0
[  159.588029][T10171]  dump_stack+0x15/0x1b
[  159.588056][T10171]  should_fail_ex+0x263/0x280
[  159.588158][T10171]  should_failslab+0x8c/0xb0
[  159.588185][T10171]  __kmalloc_noprof+0xb8/0x580
[  159.588213][T10171]  ? copy_splice_read+0xc2/0x6c0
[  159.588328][T10171]  copy_splice_read+0xc2/0x6c0
[  159.588376][T10171]  ? __pfx_copy_splice_read+0x10/0x10
[  159.588417][T10171]  splice_direct_to_actor+0x26e/0x670
[  159.588461][T10171]  ? __pfx_direct_splice_actor+0x10/0x10
[  159.588520][T10171]  do_splice_direct+0x119/0x1a0
[  159.588561][T10171]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  159.588592][T10171]  do_sendfile+0x380/0x650
[  159.588693][T10171]  __x64_sys_sendfile64+0x105/0x150
[  159.588755][T10171]  x64_sys_call+0x2db1/0x3000
[  159.588786][T10171]  do_syscall_64+0xc0/0x2a0
[  159.588875][T10171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.588901][T10171] RIP: 0033:0x7fdfdd05acb9
[  159.588917][T10171] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  159.588936][T10171] RSP: 002b:00007fdfdbab7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  159.588956][T10171] RAX: ffffffffffffffda RBX: 00007fdfdd2d5fa0 RCX: 00007fdfdd05acb9
[  159.589019][T10171] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  159.589035][T10171] RBP: 00007fdfdbab7090 R08: 0000000000000000 R09: 0000000000000000
[  159.589129][T10171] R10: 0000020000023896 R11: 0000000000000246 R12: 0000000000000001
[  159.589142][T10171] R13: 00007fdfdd2d6038 R14: 00007fdfdd2d5fa0 R15: 00007ffcbd71c628
[  159.589162][T10171]  </TASK>
[  159.861692][T10177] lo speed is unknown, defaulting to 1000
[  159.915496][T10192] loop4: detected capacity change from 0 to 512
[  159.932076][T10192] EXT4-fs: Ignoring removed nobh option
[  159.943922][T10198] netlink: 104 bytes leftover after parsing attributes in process `syz.6.2231'.
[  159.974324][T10192] EXT4-fs (loop4): orphan cleanup on readonly fs
[  159.981240][T10192] EXT4-fs warning (device loop4): ext4_xattr_inode_get:546: inode #11: comm syz.4.2229: ea_inode file size=4 entry size=6
[  160.003149][T10192] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  160.043117][T10192] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #15: comm syz.4.2229: corrupted inode contents
[  160.062808][T10192] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #15: comm syz.4.2229: mark_inode_dirty error
[  160.096375][T10192] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #15: comm syz.4.2229: corrupted inode contents
[  160.114471][T10192] EXT4-fs error (device loop4): ext4_xattr_delete_inode:3001: inode #15: comm syz.4.2229: mark_inode_dirty error
[  160.135764][T10192] EXT4-fs error (device loop4): ext4_xattr_delete_inode:3004: inode #15: comm syz.4.2229: mark inode dirty (error -117)
[  160.153128][T10192] EXT4-fs warning (device loop4): ext4_evict_inode:273: xattr delete (err -117)
[  160.162291][T10192] EXT4-fs (loop4): 1 orphan inode deleted
[  160.185875][T10213] loop1: detected capacity change from 0 to 1024
[  160.193056][T10192] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  160.211573][T10212] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2235'.
[  160.239956][T10213] ext4 filesystem being mounted at /450/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  160.270843][T10213] EXT4-fs error (device loop1): ext4_map_blocks:825: inode #15: block 3: comm syz.1.2234: lblock 3 mapped to illegal pblock 3 (length 3)
[  160.302349][T10194] loop5: detected capacity change from 0 to 512
[  160.342936][T10225] EXT4-fs error (device loop1): ext4_map_blocks:825: inode #15: comm syz.1.2234: lblock 0 mapped to illegal pblock 0 (length 3)
[  160.359738][T10227] loop6: detected capacity change from 0 to 1024
[  160.368183][T10213] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  160.381336][T10213] EXT4-fs (loop1): This should not happen!! Data will be lost
[  160.381336][T10213] 
[  160.413925][T10194] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  160.435414][T10227] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2239'.
[  160.448630][T10194] EXT4-fs (loop5): orphan cleanup on readonly fs
[  160.451079][ T7886] EXT4-fs error (device loop1): ext4_map_blocks:825: inode #15: block 8: comm kworker/u8:14: lblock 8 mapped to illegal pblock 8 (length 8)
[  160.471328][ T7886] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  160.484385][ T7886] EXT4-fs (loop1): This should not happen!! Data will be lost
[  160.484385][ T7886] 
[  160.485992][T10194] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4215: comm syz.5.2230: Allocating blocks 41-42 which overlap fs metadata
[  160.536908][T10194] Quota error (device loop5): write_blk: dquota write failed
[  160.545891][T10194] Quota error (device loop5): find_free_dqentry: Can't write quota data block 5
[  160.564826][T10239] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2244'.
[  160.564849][T10239] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2244'.
[  160.590727][T10194] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4215: comm syz.5.2230: Allocating blocks 41-42 which overlap fs metadata
[  160.626557][T10194] Quota error (device loop5): write_blk: dquota write failed
[  160.650970][T10194] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  160.664765][T10194] EXT4-fs error (device loop5): ext4_acquire_dquot:6986: comm syz.5.2230: Failed to acquire dquot type 1
[  160.704491][T10194] EXT4-fs error (device loop5): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  160.733747][T10194] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #12: comm syz.5.2230: corrupted inode contents
[  160.766332][T10194] EXT4-fs error (device loop5): ext4_dirty_inode:6502: inode #12: comm syz.5.2230: mark_inode_dirty error
[  160.781330][T10194] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #12: comm syz.5.2230: corrupted inode contents
[  160.817959][T10257] loop6: detected capacity change from 0 to 512
[  160.841600][T10194] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #12: comm syz.5.2230: mark_inode_dirty error
[  160.863307][T10257] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  160.885838][T10194] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #12: comm syz.5.2230: corrupted inode contents
[  160.887545][T10257] EXT4-fs warning (device loop6): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  160.912351][T10194] EXT4-fs error (device loop5) in ext4_orphan_del:303: Corrupt filesystem
[  160.931301][T10194] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #12: comm syz.5.2230: corrupted inode contents
[  160.962942][T10194] EXT4-fs error (device loop5): ext4_truncate:4635: inode #12: comm syz.5.2230: mark_inode_dirty error
[  160.978805][T10257] EXT4-fs (loop6): 1 truncate cleaned up
[  160.994797][T10194] EXT4-fs error (device loop5) in ext4_process_orphan:345: Corrupt filesystem
[  161.029368][T10194] EXT4-fs (loop5): 1 truncate cleaned up
[  161.090149][T10276] FAULT_INJECTION: forcing a failure.
[  161.090149][T10276] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  161.104221][T10276] CPU: 0 UID: 0 PID: 10276 Comm: syz.1.2255 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  161.104258][T10276] Tainted: [W]=WARN
[  161.104267][T10276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  161.104283][T10276] Call Trace:
[  161.104292][T10276]  <TASK>
[  161.104303][T10276]  __dump_stack+0x1d/0x30
[  161.104328][T10276]  dump_stack_lvl+0x95/0xd0
[  161.104383][T10276]  dump_stack+0x15/0x1b
[  161.104406][T10276]  should_fail_ex+0x263/0x280
[  161.104426][T10276]  should_fail_alloc_page+0xf2/0x100
[  161.104465][T10276]  alloc_pages_bulk_noprof+0x101/0x520
[  161.104497][T10276]  copy_splice_read+0xf3/0x6c0
[  161.104597][T10276]  ? __pfx_copy_splice_read+0x10/0x10
[  161.104634][T10276]  splice_direct_to_actor+0x26e/0x670
[  161.104685][T10276]  ? __pfx_direct_splice_actor+0x10/0x10
[  161.104714][T10276]  do_splice_direct+0x119/0x1a0
[  161.104800][T10276]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  161.104825][T10276]  do_sendfile+0x380/0x650
[  161.104859][T10276]  __x64_sys_sendfile64+0x105/0x150
[  161.104905][T10276]  x64_sys_call+0x2db1/0x3000
[  161.105068][T10276]  do_syscall_64+0xc0/0x2a0
[  161.105098][T10276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.105119][T10276] RIP: 0033:0x7fc208a0acb9
[  161.105142][T10276] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  161.105166][T10276] RSP: 002b:00007fc207467028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  161.105191][T10276] RAX: ffffffffffffffda RBX: 00007fc208c85fa0 RCX: 00007fc208a0acb9
[  161.105210][T10276] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  161.105227][T10276] RBP: 00007fc207467090 R08: 0000000000000000 R09: 0000000000000000
[  161.105242][T10276] R10: 0000020000023896 R11: 0000000000000246 R12: 0000000000000001
[  161.105378][T10276] R13: 00007fc208c86038 R14: 00007fc208c85fa0 R15: 00007fff14dbf918
[  161.105399][T10276]  </TASK>
[  161.829687][T10302] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2264'.
[  161.850044][T10304] loop1: detected capacity change from 0 to 512
[  161.872148][T10302] macsec1: entered allmulticast mode
[  161.877729][T10302] geneve0: entered allmulticast mode
[  161.884820][T10302] geneve0: left allmulticast mode
[  161.905240][T10304] EXT4-fs: Ignoring removed nobh option
[  161.926424][T10304] EXT4-fs (loop1): orphan cleanup on readonly fs
[  161.951652][T10304] EXT4-fs warning (device loop1): ext4_xattr_inode_get:546: inode #11: comm syz.1.2265: ea_inode file size=4 entry size=6
[  161.970879][T10306] loop5: detected capacity change from 0 to 1024
[  162.073252][T10304] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  162.129709][T10304] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #15: comm syz.1.2265: corrupted inode contents
[  162.221875][T10304] EXT4-fs error (device loop1): ext4_dirty_inode:6502: inode #15: comm syz.1.2265: mark_inode_dirty error
[  162.291974][T10304] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #15: comm syz.1.2265: corrupted inode contents
[  162.372451][T10304] EXT4-fs error (device loop1): ext4_xattr_delete_inode:3001: inode #15: comm syz.1.2265: mark_inode_dirty error
[  162.438619][T10304] EXT4-fs error (device loop1): ext4_xattr_delete_inode:3004: inode #15: comm syz.1.2265: mark inode dirty (error -117)
[  162.523099][T10304] EXT4-fs warning (device loop1): ext4_evict_inode:273: xattr delete (err -117)
[  162.568417][T10304] EXT4-fs (loop1): 1 orphan inode deleted
[  162.914416][T10316] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  162.949771][T10321] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2268'.
[  162.960505][T10316] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  162.974393][T10316] EXT4-fs (loop4): invalid journal inode
[  162.980079][T10316] EXT4-fs (loop4): can't get journal size
[  163.027975][T10316] EXT4-fs error (device loop4): ext4_protect_reserved_inode:182: inode #2: comm syz.4.2260: blocks 48-48 from inode overlap system zone
[  163.042440][T10323] EXT4-fs: Ignoring removed nobh option
[  163.053553][T10323] EXT4-fs: Ignoring removed nobh option
[  163.062005][T10323] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  163.109128][T10332] EXT4-fs (loop5): stripe (4) is not aligned with cluster size (4096), stripe is disabled
[  163.121936][T10316] EXT4-fs (loop4): failed to initialize system zone (-117)
[  163.148574][T10323] EXT4-fs warning (device loop6): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  163.167246][T10316] EXT4-fs (loop4): mount failed
[  163.172328][T10323] EXT4-fs (loop6): 1 truncate cleaned up
[  163.200754][T10332] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 2: comm syz.5.2273: lblock 2 mapped to illegal pblock 2 (length 1)
[  163.223306][T10323] EXT4-fs mount: 13 callbacks suppressed
[  163.223321][T10323] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.256524][T10332] Quota error (device loop5): qtree_write_dquot: dquota write failed
[  163.285554][T10332] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 48: comm syz.5.2273: lblock 0 mapped to illegal pblock 48 (length 1)
[  163.291229][T10342] dvmrp1: tun_chr_ioctl cmd 1074025677
[  163.306056][T10342] dvmrp1: linktype set to 774
[  163.306270][T10332] Quota error (device loop5): v2_write_file_info: Can't write info structure
[  163.320286][T10332] EXT4-fs error (device loop5): ext4_acquire_dquot:6986: comm syz.5.2273: Failed to acquire dquot type 0
[  163.341119][T10332] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6298: Corrupt filesystem
[  163.351427][ T5364] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.362463][T10332] EXT4-fs error (device loop5): ext4_evict_inode:253: inode #11: comm syz.5.2273: mark_inode_dirty error
[  163.381876][T10332] EXT4-fs warning (device loop5): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  163.403608][T10332] EXT4-fs (loop5): 1 orphan inode deleted
[  163.409901][T10332] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.422856][ T3468] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:8: lblock 1 mapped to illegal pblock 1 (length 1)
[  163.445079][ T3468] Quota error (device loop5): remove_tree: Can't read quota data block 1
[  163.453618][ T3468] EXT4-fs error (device loop5): ext4_release_dquot:7022: comm kworker/u8:8: Failed to release dquot type 0
[  163.488926][T10349] veth1_to_bond: entered allmulticast mode
[  163.515051][T10349] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10349 comm=syz.6.2279
[  163.563743][ T3307]  loop6: p4 < >
[  163.569520][T10349]  loop6: p4 < >
[  163.587328][ T3001]  loop6: p4 < >
[  163.715601][ T3001]  loop6: p4 < >
[  163.742987][ T3307] udevd[3307]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory
[  163.763148][ T3307] udevd[3307]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory
[  163.790617][ T3307] udevd[3307]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory
[  163.849813][ T3307] udevd[3307]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory
[  163.866606][T10366] set_capacity_and_notify: 4 callbacks suppressed
[  163.866622][T10366] loop4: detected capacity change from 0 to 512
[  163.897123][T10347] veth1_to_bond: left allmulticast mode
[  164.016875][ T3665] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.019930][T10366] EXT4-fs: Ignoring removed orlov option
[  164.032780][T10366] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  164.041257][T10366] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal
[  164.058169][ T3665] EXT4-fs error (device loop5): __ext4_get_inode_loc:4830: comm syz-executor: Invalid inode table block 1 in block_group 0
[  164.075494][T10380] loop6: detected capacity change from 0 to 1024
[  164.084936][ T3665] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6298: Corrupt filesystem
[  164.094546][ T3665] EXT4-fs error (device loop5): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error
[  164.790969][T10380] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.269490][ T5364] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.583600][T10425] loop5: detected capacity change from 0 to 128
[  165.591291][T10426] __nla_validate_parse: 2 callbacks suppressed
[  165.591311][T10426] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2304'.
[  165.665826][T10432] sctp: [Deprecated]: syz.6.2306 (pid 10432) Use of int in max_burst socket option.
[  165.665826][T10432] Use struct sctp_assoc_value instead
[  165.685470][T10434] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2308'.
[  165.733144][T10432] loop6: detected capacity change from 0 to 1024
[  165.760591][T10432] EXT4-fs: Ignoring removed orlov option
[  165.770011][T10443] loop4: detected capacity change from 0 to 512
[  165.795318][T10432] EXT4-fs (loop6): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  165.805925][   T29] audit: type=1326 audit(1769318361.798:8395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10441 comm="syz.5.2312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfdd05acb9 code=0x7ffc0000
[  165.805965][   T29] audit: type=1326 audit(1769318361.798:8396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10441 comm="syz.5.2312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdfdd05acb9 code=0x7ffc0000
[  165.836211][T10443] EXT4-fs: Ignoring removed nobh option
[  165.854683][   T29] audit: type=1326 audit(1769318361.798:8397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10441 comm="syz.5.2312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfdd05acb9 code=0x7ffc0000
[  165.875339][T10443] EXT4-fs: Invalid want_extra_isize 92
[  165.884679][   T29] audit: type=1326 audit(1769318361.798:8398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10441 comm="syz.5.2312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7fdfdd05acb9 code=0x7ffc0000
[  165.893974][T10445] vlan3: entered promiscuous mode
[  165.914398][   T29] audit: type=1326 audit(1769318361.798:8399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10441 comm="syz.5.2312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfdd05acb9 code=0x7ffc0000
[  165.943348][   T29] audit: type=1326 audit(1769318361.798:8400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10441 comm="syz.5.2312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfdd05acb9 code=0x7ffc0000
[  165.967107][   T29] audit: type=1326 audit(1769318361.798:8401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10441 comm="syz.5.2312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fdfdd05acb9 code=0x7ffc0000
[  165.991406][   T29] audit: type=1326 audit(1769318361.798:8402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10441 comm="syz.5.2312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfdd05acb9 code=0x7ffc0000
[  166.015623][   T29] audit: type=1326 audit(1769318361.798:8403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10441 comm="syz.5.2312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfdd05acb9 code=0x7ffc0000
[  166.019935][T10432] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.039278][   T29] audit: type=1326 audit(1769318361.798:8404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10441 comm="syz.5.2312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdfdd05acb9 code=0x7ffc0000
[  166.307817][ T5364] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.360730][T10470] netlink: 'syz.4.2322': attribute type 11 has an invalid length.
[  166.388355][T10478] loop5: detected capacity change from 0 to 256
[  166.559320][T10501] netlink: 104 bytes leftover after parsing attributes in process `syz.6.2335'.
[  166.734469][T10518] loop5: detected capacity change from 0 to 512
[  166.745645][T10518] EXT4-fs: Ignoring removed nobh option
[  166.772047][T10522] vlan3: entered promiscuous mode
[  166.796633][T10518] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  166.813810][T10518] EXT4-fs (loop5): orphan cleanup on readonly fs
[  166.821578][T10518] EXT4-fs warning (device loop5): ext4_xattr_inode_get:546: inode #11: comm syz.5.2344: ea_inode file size=4 entry size=6
[  166.875386][T10532] loop1: detected capacity change from 0 to 1024
[  166.881957][T10518] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  166.937327][T10532] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.955778][T10518] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #15: comm syz.5.2344: corrupted inode contents
[  167.021023][T10518] EXT4-fs error (device loop5): ext4_dirty_inode:6502: inode #15: comm syz.5.2344: mark_inode_dirty error
[  167.039917][T10518] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #15: comm syz.5.2344: corrupted inode contents
[  167.052088][T10518] EXT4-fs error (device loop5): ext4_xattr_delete_inode:3001: inode #15: comm syz.5.2344: mark_inode_dirty error
[  167.082391][T10518] EXT4-fs error (device loop5): ext4_xattr_delete_inode:3004: inode #15: comm syz.5.2344: mark inode dirty (error -117)
[  167.153576][T10518] EXT4-fs warning (device loop5): ext4_evict_inode:273: xattr delete (err -117)
[  167.180217][T10541] loop6: detected capacity change from 0 to 512
[  167.187667][T10518] EXT4-fs (loop5): 1 orphan inode deleted
[  167.204064][T10518] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  167.374780][ T3665] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.456719][T10544] loop5: detected capacity change from 0 to 512
[  167.465292][T10541] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  167.522878][T10544] EXT4-fs error (device loop5): ext4_iget_extra_inode:5073: inode #15: comm syz.5.2350: corrupted in-inode xattr: e_value size too large
[  167.551032][T10541] EXT4-fs (loop6): orphan cleanup on readonly fs
[  167.564257][T10541] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:517: comm syz.6.2349: Block bitmap for bg 0 marked uninitialized
[  167.592704][T10541] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6689: Corrupt filesystem
[  167.623622][T10544] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.2350: couldn't read orphan inode 15 (err -117)
[  167.643794][T10544] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.769400][T10541] EXT4-fs (loop6): 1 orphan inode deleted
[  167.825692][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.853219][T10541] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  167.883799][ T3665] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.948261][T10541] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  167.983361][T10569] bond1: option mode: unable to set because the bond device is up
[  168.010896][T10541] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  168.061028][T10541] macsec1: entered promiscuous mode
[  168.066380][T10541] macvlan0: entered promiscuous mode
[  168.071925][T10541] macsec1: entered allmulticast mode
[  168.077310][T10541] macvlan0: entered allmulticast mode
[  168.083436][T10541] veth1_vlan: entered allmulticast mode
[  168.096844][T10578] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2359'.
[  168.126017][T10578] netlink: 80 bytes leftover after parsing attributes in process `syz.2.2359'.
[  168.139839][T10581] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:517: comm syz.6.2349: Block bitmap for bg 0 marked uninitialized
[  168.164152][T10541] macvlan0: left allmulticast mode
[  168.169381][T10541] veth1_vlan: left allmulticast mode
[  168.174770][T10541] macvlan0: left promiscuous mode
[  168.181151][T10580] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.248959][ T6110] ==================================================================
[  168.257114][ T6110] BUG: KCSAN: data-race in n_tty_receive_char_flow_ctrl / tty_set_termios
[  168.265764][ T6110] 
[  168.268114][ T6110] write to 0xffff88810d6add08 of 44 bytes by task 10580 on cpu 0:
[  168.275949][ T6110]  tty_set_termios+0xc0/0x910
[  168.280711][ T6110]  set_termios+0x373/0x4f0
[  168.285168][ T6110]  tty_mode_ioctl+0x37f/0x5b0
[  168.289896][ T6110]  n_tty_ioctl_helper+0x91/0x210
[  168.294878][ T6110]  n_tty_ioctl+0x101/0x230
[  168.299321][ T6110]  tty_ioctl+0x83e/0xb80
[  168.303586][ T6110]  __se_sys_ioctl+0xce/0x140
[  168.308223][ T6110]  __x64_sys_ioctl+0x43/0x50
[  168.312850][ T6110]  x64_sys_call+0x14b0/0x3000
[  168.317561][ T6110]  do_syscall_64+0xc0/0x2a0
[  168.322088][ T6110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.328009][ T6110] 
[  168.330350][ T6110] read to 0xffff88810d6add21 of 1 bytes by task 6110 on cpu 1:
[  168.337906][ T6110]  n_tty_receive_char_flow_ctrl+0x23/0x1d0
[  168.343745][ T6110]  n_tty_lookahead_flow_ctrl+0xed/0x130
[  168.349339][ T6110]  tty_port_default_lookahead_buf+0x91/0xc0
[  168.355274][ T6110]  flush_to_ldisc+0x288/0x340
[  168.360009][ T6110]  process_scheduled_works+0x4cd/0x9d0
[  168.365490][ T6110]  worker_thread+0x581/0x770
[  168.370103][ T6110]  kthread+0x488/0x510
[  168.374230][ T6110]  ret_from_fork+0x148/0x280
[  168.378849][ T6110]  ret_from_fork_asm+0x1a/0x30
[  168.383640][ T6110] 
[  168.385999][ T6110] value changed: 0x11 -> 0x80
[  168.390680][ T6110] 
[  168.393013][ T6110] Reported by Kernel Concurrency Sanitizer on:
[  168.399181][ T6110] CPU: 1 UID: 0 PID: 6110 Comm: kworker/u8:12 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  168.410787][ T6110] Tainted: [W]=WARN
[  168.414601][ T6110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  168.424675][ T6110] Workqueue: events_unbound flush_to_ldisc
[  168.430504][ T6110] ==================================================================
[  168.506610][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.580179][ T5364] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.