last executing test programs:

1.741467612s ago: executing program 4 (id=4928):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})

1.714504623s ago: executing program 2 (id=4930):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x7fffffff}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000300)=""/180}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x2, 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)
get_mempolicy(0x0, 0x0, 0x203, &(0x7f0000394000/0x3000)=nil, 0x3)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x2, 0x0, 0x7ffc9ffb}]})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x4, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x8, 0x800008, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioperm(0x1, 0x2, 0x6)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB="4000000010001fff0000eb00000000000000e8f1", @ANYRES32=0x0, @ANYBLOB="0004000000000000200012800b0001006272696467650000100002800a001400aaaaaaaaaa170000"], 0x40}}, 0x0)
r4 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000080), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, r4)
mount$9p_rdma(&(0x7f0000000240), &(0x7f0000000300)='./file0\x00', &(0x7f0000001400), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=rdma,port=0x0000000000000000,privport'])
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000000f2ff007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffeca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r5, 0x0, 0x200000000000006}, 0x18)

1.647690644s ago: executing program 0 (id=4931):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f0000000280)={[{@nouid32}]}, 0x1, 0x71c, &(0x7f0000000f40)="$eJzs3U1rXNUbAPDn3mb+yb+NJoKKLyAVxYqlkya2lK6sC9FNMVBwm4bkJsTc9MbMTG1CF+nKrYii4Ea/gxtXims/gF9BQbTURV1F7mQmfZtJpppkIPP7wZ15zr03ec6ZCeeBnGFOAAPrZPmQRjwfEdNJxFjrfBIRlWY0FHFp+747t2/OlUcSW1tX/kia95TtuO9nSiciYjMinouInyoRp9NH89bWN5Zn8zxba7Un6iurE7X1jTNLK7OL2WJ27eK5c1PnLpy/eHH/xvrG+x88Wz3/zuj30wszpyZ//S6JSzHaunb/OPbT9mtSKV/CB7x7EMn6KOl3B/hXhiLiWOv5mRiLY80IADjKtoYjtgCAAZOo/wAwYNr/B2iv7R3UOlg3v78dESOd8g+11sxGmuuQx+8kD6xMJBExfpgd5UjavBURV8dPPvr3lzyyZvu4zu5HBzlQP5bzz6VO80+6M/9Eh/lnpP3Zif+o+/x3L/+xLvPfdI853nuxUXTNfyvihaFO+ZOd/EmX/Fd7zP/D3fm/u13b+jbitY71J3kgV/fPh0wsLOXZ2e3HzjlONm5+uNv4j3fJv7nH+Fd7HP/oZy//vLlL/tdf2f3975S/rImf9pj/k8pbX3S7Vuaf7zL+vd7/b3rMf+GljzZ6vBUAAAAAAAAAAAAAAAAAAAAAAAAAAACOhDQiRiNJqztxmlar23t4Px3H07yo1U8vFI1r89HcK3s8Kmn7q5bHtttJ2Z5sfR9/uz31UPvNiHgqIj4f/n+zXZ0r8vl+Dx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWk48tP//X8Pb+/8DAEfcSL87AAAcOvUfAAaP+g8Ag0f9B4DBo/4DwOBR/wFg8Kj/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAByy6cuXy2Przu2bc2V7/vp6Y7m4fmY+qy1XVxpz1blibbW6WBSLeVadK1b2+n15UaxOTUXjxkQ9q9UnausbMytF41p9ZmlldjGbySqHMioAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeDyjzSNJqxGRNuM0rVYjnoiI8agkC0t5djYinoyIX4Yrw2V7st+dBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB9VlvfWJ7N82xNIBAIdoJ+z0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw+O5t+t3vngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAP6W/JRFRHqfGXh19+Or/krvDzeeI+PjrK1/emK3X1ybL83/unK9/1To/1Y/+AwB7adfpdh0HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE5q6xvLs3merR1g0O8xAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwf/4JAAD//68fzsc=")
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[{}], 0x8, 0xd, &(0x7f0000001f00), &(0x7f0000002080), 0x8, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001158000000000000800000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x18)
fsopen(&(0x7f0000000240)='configfs\x00', 0x1)

1.619556574s ago: executing program 4 (id=4934):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000500000000040000cd00000001"], 0x48)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000002"], 0x0, 0x26}, 0x28)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x10}}, @cred={{0x1c}}], 0xb8}, 0x10020)
close(r0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000005c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @cgroup_sockopt=0x16}, 0x94)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4b)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_virt_wifi\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8946, &(0x7f0000000080))

1.378384668s ago: executing program 4 (id=4935):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
ioctl$USBDEVFS_REAPURB(r0, 0x4008550c, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x210e, 0xc0002, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b80, 0x2, @perf_bp={0x0, 0xe}, 0x14105, 0x32, 0xfffffbff, 0x9, 0x2, 0x0, 0xfffa, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0xb)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_read_part_table(0x60d, &(0x7f0000002200)="$eJzs3D9olHcYB/DvJbmcUTAdnFxqHDoJRXE0Q5XkqlgIp1IIDvYfIs0UIXDSw5Q4tBkUM0jHLlK4DhonYwYnRaFzEQeLkMGlYBepHXLl7l6SOyjF0oRS/HyGe353PDzf94F3/V34XxtIuTi1Kp3y/qd/298a3TzP50xzYvJ4q9VqnU5KOZtyxsq7l5MMpX9q9icZ7plz8/udq9/+9mG5+fTUq/fOPVgc2JhZyTtJdvU2Z+SvHqXyzzZlO9wafzi6cGW2erX9pdpYW/84uf1yorZycnFp+UT52Oft3y8nj4r+7osxkoup51K+zCdDbxz19eax1Jc/386vj194Um2sfdd8fnB9b3Xw7vkjr/etXrt/KJlrR0yl87JvGv6Xi/fkL/Tkz41dn15qHD1wZ8+Nw/V7j2svBn9vdRWR5a3JBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABge9xqf1yZrV6tj194Um2sffPzTx/dfjlRWzm5uLR8YvjYs6LvUVGHinox9VxKOclMZvJFZt88crrUmz/+cHRhI/+Pncnzg+t7q82754+8nly9dv9Qp6uUqXYZ2IqN+/XnN9bmxq5PLzWOHriz58bh+r3HtReD3b6ZSj7rrJuksvWPAQAAAAAAAAAAAAAAAAAAwFtuYvL4vqkPaqeTUs7uSPLrV51b9q3KyI/p3Lzv2l/UZ5Vkd5KbO7r/BdB8eurV8LkHi78Ul+LnU8l8kl0/rJxJ3t3IudwfW96czH/pzwAAAP//gTiR5w==")
creat(&(0x7f0000000200)='./bus\x00', 0x10)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x0)
preadv2(r2, &(0x7f0000000240)=[{&(0x7f0000001200)=""/4096, 0x1000}, {0x0}], 0x2, 0x0, 0x0, 0x1b)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000040)={0x1b, 0x0, 0x0, 0x4b, 0x0, 0x1, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x5}, 0x50)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000440))
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000000)={0x38, 0x0, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_DEVKEY={0x18, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}]}]}, 0x38}}, 0x0)
r6 = socket$inet6(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000190001000000000000000000021800000000fd000000ed0008000100ac1414003400080004"], 0x2c}}, 0x0)
sendto$inet6(r6, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000280)={0x0, 0x21, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xffffffffffffffff, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0xfffffffb, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r8 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x2000)
ioctl$SG_GET_VERSION_NUM(r8, 0x2284, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x20, &(0x7f00000000c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xb79e}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000001c0)='syzkaller\x00', 0x101, 0x0, 0x0, 0x41000, 0x12, '\x00', r5, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x6, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x5, 0x1, 0x5, 0x5}, 0x10, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000300)=[{0x1, 0x5, 0xd, 0x1}, {0x2, 0x3, 0x7, 0x6}, {0x0, 0x4, 0xb, 0x4}, {0x5, 0x2, 0x9, 0x6}, {0x5, 0x4, 0x6, 0x8}, {0x3, 0x2, 0x6, 0x9}]}, 0x94)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x40000)

1.359211838s ago: executing program 1 (id=4936):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000006000000000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
write$selinux_access(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a7570647077645f657865635f742073797374656d5f753a73797374656d5f723afaffffffffffffff3a73302030"], 0x56)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_io_uring_setup(0x18d6, &(0x7f0000000040)={0x0, 0x3, 0x0, 0x0, 0xad}, &(0x7f0000000440), &(0x7f0000ffe000))
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r4, 0x2, &(0x7f0000000180), 0xfe)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000002c0)={'ip6tnl0\x00', &(0x7f0000000240)={'syztnl1\x00', 0x0, 0x4, 0x7, 0x2, 0xab3, 0x53, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private2, 0x8, 0x0, 0x1, 0x3}})

1.332567299s ago: executing program 3 (id=4937):
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
r0 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="070000000400000020"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r3 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80)
sendfile(r3, r3, 0x0, 0x1000000201005)

1.319541529s ago: executing program 0 (id=4938):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
futex(&(0x7f000000cffc)=0x100000000000004, 0x0, 0x4, &(0x7f0000edfff0)={0x0, 0x989680}, 0x0, 0x0)

1.293706529s ago: executing program 0 (id=4939):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x100000000000004, 0x0, 0x4, &(0x7f0000edfff0)={0x0, 0x989680}, 0x0, 0x0)

1.29219338s ago: executing program 3 (id=4949):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf"], 0x30}, 0x1, 0x0, 0x0, 0x8080}, 0x4080)

1.23250577s ago: executing program 0 (id=4940):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26}, 0x94)
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x1, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={&(0x7f00000002c0), 0x9}, 0x500, 0x9, 0x9, 0x0, 0xfffffffffff7bbfe, 0x0, 0x0, 0x0, 0x5ff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket(0x1f, 0x80802, 0x0)
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4800)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x105042, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000100), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}})
splice(r0, 0x0, r2, 0x0, 0x1fffffffffff, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000001180)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd606410a60014040000000000000000000000000000000000fe8000000000000000000000000000aa223c27d5c9a40900a14172170a013589317d2af3"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x89f1, &(0x7f0000000080))
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r4}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x4}, 0x0, 0x0)

1.231724401s ago: executing program 3 (id=4941):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x810, r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000580)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f00000004c0)={0x0, 0x3, 0x6, @broadcast}, 0x10)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000000)={0x0, 0x1, 0x6, @random="790c7edd3d8d"}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x1, 0x0, 0x2000001, {0x0, 0x0, 0x0, 0x0, {0x7}, {0xd}, {0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20048054)
sendmsg$nl_route_sched(r0, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000003c0)={&(0x7f0000000140)=@getchain={0x3c, 0x66, 0x23, 0x70bd2a, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xfff2, 0x8}, {0xffe0, 0x9}, {0x5, 0x4}}, [{0x8, 0xb, 0xfffff102}, {0x8, 0xb, 0x3}, {0x8, 0xb, 0x6}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f0000000280)={[{@nouid32}]}, 0x1, 0x71c, &(0x7f0000000f40)="$eJzs3U1rXNUbAPDn3mb+yb+NJoKKLyAVxYqlkya2lK6sC9FNMVBwm4bkJsTc9MbMTG1CF+nKrYii4Ea/gxtXims/gF9BQbTURV1F7mQmfZtJpppkIPP7wZ15zr03ec6ZCeeBnGFOAAPrZPmQRjwfEdNJxFjrfBIRlWY0FHFp+747t2/OlUcSW1tX/kia95TtuO9nSiciYjMinouInyoRp9NH89bWN5Zn8zxba7Un6iurE7X1jTNLK7OL2WJ27eK5c1PnLpy/eHH/xvrG+x88Wz3/zuj30wszpyZ//S6JSzHaunb/OPbT9mtSKV/CB7x7EMn6KOl3B/hXhiLiWOv5mRiLY80IADjKtoYjtgCAAZOo/wAwYNr/B2iv7R3UOlg3v78dESOd8g+11sxGmuuQx+8kD6xMJBExfpgd5UjavBURV8dPPvr3lzyyZvu4zu5HBzlQP5bzz6VO80+6M/9Eh/lnpP3Zif+o+/x3L/+xLvPfdI853nuxUXTNfyvihaFO+ZOd/EmX/Fd7zP/D3fm/u13b+jbitY71J3kgV/fPh0wsLOXZ2e3HzjlONm5+uNv4j3fJv7nH+Fd7HP/oZy//vLlL/tdf2f3975S/rImf9pj/k8pbX3S7Vuaf7zL+vd7/b3rMf+GljzZ6vBUAAAAAAAAAAAAAAAAAAAAAAAAAAACOhDQiRiNJqztxmlar23t4Px3H07yo1U8vFI1r89HcK3s8Kmn7q5bHtttJ2Z5sfR9/uz31UPvNiHgqIj4f/n+zXZ0r8vl+Dx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWk48tP//X8Pb+/8DAEfcSL87AAAcOvUfAAaP+g8Ag0f9B4DBo/4DwOBR/wFg8Kj/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAByy6cuXy2Przu2bc2V7/vp6Y7m4fmY+qy1XVxpz1blibbW6WBSLeVadK1b2+n15UaxOTUXjxkQ9q9UnausbMytF41p9ZmlldjGbySqHMioAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeDyjzSNJqxGRNuM0rVYjnoiI8agkC0t5djYinoyIX4Yrw2V7st+dBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB9VlvfWJ7N82xNIBAIdoJ+z0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw+O5t+t3vngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAP6W/JRFRHqfGXh19+Or/krvDzeeI+PjrK1/emK3X1ybL83/unK9/1To/1Y/+AwB7adfpdh0HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE5q6xvLs3merR1g0O8xAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwf/4JAAD//68fzsc=")
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[{}], 0x8, 0xd, &(0x7f0000001f00), &(0x7f0000002080), 0x8, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001158000000000000800000850000006d00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r2, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000181100", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='kfree\x00', r5, 0x0, 0x4092}, 0x18)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
flistxattr(r6, 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0)={0x0, r3}, 0x8)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000240)={0xc, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x4e21, 0x0, @loopback, 0x10000008}}}, 0x108)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000200)={0x14, 0x13, 0x1, 0x4, 0x25dfdbfc, "", [@nested={0x4, 0xf2}]}, 0x14}], 0x1, 0x0, 0x0, 0x4001}, 0x80)
r8 = socket$kcm(0x10, 0x2, 0x0)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
capset(&(0x7f0000000300)={0x19980330}, &(0x7f0000000440))
fremovexattr(r9, &(0x7f0000000000)=ANY=[@ANYBLOB='osx'])
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x20004880)

986.276105ms ago: executing program 3 (id=4942):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/nf_conntrack\x00')
syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000040)='./file0\x00', 0x1010084, &(0x7f0000000000)=ANY=[], 0x1, 0x265, &(0x7f0000000500)="$eJzs3cFuEkEYB/CvQCntRc7GwyZePBH1DYipiZHEBMNBT5JUL8WYbC/oicfwGXwkH6On3tbgYKENNSayu+j+fgnwsf+EmSHA7GGGfffg4/nZp4sPxfev0etl0YlYxFVEP1rRjuRgedf7VXdj06J942kcBQCw78bj6bDuPrAD3bujPB9OD7eem02+ldspAAAAAAAAAAAAyvLH6/8jorVt/X/lPQYA/pb1//+/PB9OT1bnbzdZ/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADU56oo7hW/udXdPwBg98z/ANA85n8AaB7zPwA0z+s3b18OR6PTcZb1Ii4X88l8kh5T/vzF6PRx9lM/Ilrp6OV8Pmlf509Snq1fdZkfxskqf7o178ajhylfZs9ejW7lR3FWzVsAAAAAAAAAAAAAAAAAAAAAtRtk1/rro+v9/YPBXXmqNv4f4Nb+/U7c71Q2DAAAAAAAAAAAAAAAAAAAAPinXXz+cj6dzd7n1RQHEVFSE51V0S6vib0de41FRLWNHlf/oS23OF59E/elP6koZjX/MAEAAAAAAAAAAAAAAAAAQANtbuQGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKZaX/+/vKLuMQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADN8CMAAP//womJPQ==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x11e)
futex_waitv(0x0, 0x0, 0x500, 0x0, 0x1)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180))
renameat2(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file3\x00', 0xffffffffffffff9c, 0x0, 0x0)
openat$selinux_relabel(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
mount$9p_rdma(&(0x7f00000013c0), &(0x7f0000001400)='.\x00', 0x0, 0x800, &(0x7f0000000080)=ANY=[])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000200)='xprtrdma_post_recvs\x00', r3, 0x0, 0x3fffffffffffffff}, 0x18)
bind$qrtr(r0, &(0x7f0000000140)={0x2a, 0x3, 0x4001}, 0xc)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r4, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
close_range(r1, 0xffffffffffffffff, 0x200000000000000)
preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000002380)=""/169, 0xa9}], 0x1, 0x101, 0x40000000)

815.227457ms ago: executing program 3 (id=4943):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f0000000280)={[{@nouid32}]}, 0x1, 0x71c, &(0x7f0000000f40)="$eJzs3U1rXNUbAPDn3mb+yb+NJoKKLyAVxYqlkya2lK6sC9FNMVBwm4bkJsTc9MbMTG1CF+nKrYii4Ea/gxtXims/gF9BQbTURV1F7mQmfZtJpppkIPP7wZ15zr03ec6ZCeeBnGFOAAPrZPmQRjwfEdNJxFjrfBIRlWY0FHFp+747t2/OlUcSW1tX/kia95TtuO9nSiciYjMinouInyoRp9NH89bWN5Zn8zxba7Un6iurE7X1jTNLK7OL2WJ27eK5c1PnLpy/eHH/xvrG+x88Wz3/zuj30wszpyZ//S6JSzHaunb/OPbT9mtSKV/CB7x7EMn6KOl3B/hXhiLiWOv5mRiLY80IADjKtoYjtgCAAZOo/wAwYNr/B2iv7R3UOlg3v78dESOd8g+11sxGmuuQx+8kD6xMJBExfpgd5UjavBURV8dPPvr3lzyyZvu4zu5HBzlQP5bzz6VO80+6M/9Eh/lnpP3Zif+o+/x3L/+xLvPfdI853nuxUXTNfyvihaFO+ZOd/EmX/Fd7zP/D3fm/u13b+jbitY71J3kgV/fPh0wsLOXZ2e3HzjlONm5+uNv4j3fJv7nH+Fd7HP/oZy//vLlL/tdf2f3975S/rImf9pj/k8pbX3S7Vuaf7zL+vd7/b3rMf+GljzZ6vBUAAAAAAAAAAAAAAAAAAAAAAAAAAACOhDQiRiNJqztxmlar23t4Px3H07yo1U8vFI1r89HcK3s8Kmn7q5bHtttJ2Z5sfR9/uz31UPvNiHgqIj4f/n+zXZ0r8vl+Dx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWk48tP//X8Pb+/8DAEfcSL87AAAcOvUfAAaP+g8Ag0f9B4DBo/4DwOBR/wFg8Kj/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAByy6cuXy2Przu2bc2V7/vp6Y7m4fmY+qy1XVxpz1blibbW6WBSLeVadK1b2+n15UaxOTUXjxkQ9q9UnausbMytF41p9ZmlldjGbySqHMioAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeDyjzSNJqxGRNuM0rVYjnoiI8agkC0t5djYinoyIX4Yrw2V7st+dBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB9VlvfWJ7N82xNIBAIdoJ+z0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw+O5t+t3vngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAP6W/JRFRHqfGXh19+Or/krvDzeeI+PjrK1/emK3X1ybL83/unK9/1To/1Y/+AwB7adfpdh0HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE5q6xvLs3merR1g0O8xAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwf/4JAAD//68fzsc=")
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[{}], 0x8, 0xd, &(0x7f0000001f00), &(0x7f0000002080), 0x8, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001158000000000000800000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = socket$kcm(0x2, 0x3, 0x84)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10004, 0x1, 0x4, 0x5, 0x20009, 0x2b, 0x0, 0x40000000, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$inet(r1, &(0x7f0000001000)={&(0x7f0000000080)={0x2, 0x29, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x14}, @loopback}}}], 0x20}, 0x4)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000300)={0x0, r1}, 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000004000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r2}, 0x10)
rt_tgsigqueueinfo(0x0, 0x0, 0x7, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000000c0)={r0, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5b, 0x8, 0x0, 0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
connect$l2tp6(r3, &(0x7f0000000040)={0xa, 0x0, 0xd8d9, @dev={0xfe, 0x80, '\x00', 0x24}, 0x800, 0x4}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r4}, 0x18)
fsmount(0xffffffffffffffff, 0x0, 0x1)
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
fdatasync(r3)

780.778108ms ago: executing program 1 (id=4944):
r0 = msgget$private(0x0, 0x790)
msgsnd(r0, &(0x7f0000000d00)=ANY=[@ANYRES8], 0x401, 0x0) (async)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x64, 0x1, 0x0, 0x0, 0x0, 0x210e, 0xc0002, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b80, 0x2, @perf_bp={&(0x7f0000000040), 0xe}, 0x14105, 0x32, 0xfffffbff, 0x3, 0x2, 0x0, 0xfffa, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0xb)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) (async)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x3)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r2, &(0x7f0000001240)=""/102400, 0x200000, 0x0) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) (async)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc) (async)
msgctl$IPC_RMID(r0, 0x0) (async)
close(0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff}) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x12, 0x7, 0x8, 0x2, 0x4}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f00000003c0), &(0x7f0000001d40)=r3}, 0x20) (async)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r4, &(0x7f0000000080)="994f8349c076ea"}, 0x20)
r5 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
setgroups(0x3, &(0x7f00000001c0)=[r6, r6, r6])
timer_create(0x3, 0x0, &(0x7f0000000300)=<r7=>0x0) (async)
clock_gettime(0x0, &(0x7f0000000200)={<r8=>0x0, <r9=>0x0})
timer_settime(r7, 0x1, &(0x7f0000000340)={{}, {r8, r9+60000000}}, 0x0)
timer_create(0xfffffffffffffffd, 0x0, &(0x7f00000000c0)=<r10=>0x0)
timer_settime(r10, 0x0, &(0x7f0000000080)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) (async)
timer_create(0xfffffffffffffffc, 0x0, &(0x7f0000000040)=<r11=>0x0)
timer_settime(r11, 0x1, &(0x7f0000000000)={{}, {0x0, 0x989680}}, 0x0) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r12, 0x8914, &(0x7f0000000100)={'bond0\x00', @broadcast})

588.383371ms ago: executing program 3 (id=4945):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x20004004)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f00000014c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x414, &(0x7f0000000000)=ANY=[@ANYRES8=r0], 0x3, 0x2b1, &(0x7f0000001880)="$eJzs3FFLU3EYx/EnZ25OdAsiKKgeqou6Oeh6ATVCIRoU5qS6CI55VmOnTc4ZxiRyN9Ftr0O67C6o3oA30U0X3XUnQdCNF9GJztnRzS2burmp3w/oeXae/2/nUaf8J2xr914/LeRcI2eWZSCmMiBSlXWR5N+q5ljt6G6e2lCVKyM/v5y9e//BrXQmMzmtOpWeuZpS1bHz7589f3PhY3lk9u3Yu6isJh+u/Uh9Wz21enrt98yTvKt5V4ulspo6VyqVzTnb0vm8WzBU79iW6VqaL7qW09DP2aWFhYqaxfnR+IJjua6axYoWrIqWS1p2Kmo+NvNFNQxDR+PNwx4pg22sya5MT5vpf7a9SEcnQtcNtzrpOOlq62Z2ZR9mAgAAfWb7/f+Qvybc/w/49VBdOjMbHDu8/xdh/98l1YZb/9n/44D76n92nLQZr/3+NmL/DwAAAAAAAAAAAAAAAAAAAADAQbDueQnP8xLhMfyIikhMRMLbvZ4T3bHLn/+1Ho2LDqt74V5MxH61mF3MBsegn85JXmyxZFwS8st/PNQE9dTNzOS4+pLywV6u5ZcXsxGJhvlQslX+3ImJIK+N+eMSr79+ShJysvX1Uy3zQ3L5Yl3ekIR8eiQlsWXef1xv5l9MqN64ndmSH/bXAQAAAABwGBi6oen5u9/3F8SkuR/kd/D/gS3PrwflTDtvUQkAAAAAAPbMrSwVTNu2nF0UURHZQ/ywFhHpizG2FNdFpA/G2K8iJiLBGd1N/PtGvLF1qXXKa+OeB0Wk59+WHRS9/ssEAAAAoNM2N/07CH1+2cWJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4etp5P7CYLBXC9U1rwsY291N3uci+f4EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAH/kTAAD//wR2ICk=")
r2 = creat(&(0x7f0000000d80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xb5)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000002080)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r6 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_MAKE_EQUIV(r6, &(0x7f00000004c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000380)={&(0x7f0000000140)={0x28, 0x3f7, 0x100, 0x70bd2c, 0x25dfdbfd, {0x7, 0x7, './file0', './file0'}}, 0x28}, 0x1, 0x0, 0x0, 0x20000050}, 0x5)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0x2, <r7=>0x0}, 0x8)
kexec_load(0xffffffffffffffff, 0x7, &(0x7f0000001300)=[{&(0x7f0000000900)="505db7fafd096372022820410bd1d8f56d84d5e8fa0481d82ca51addb0a7b2f07feba0357adf6c77be0ac94d9ea508cbb725474c7445dd393ea0a4b2c7fc0fa76db516ad7526905a2e7b1a0811fba86a14c9a19e5e836f1bcf887374685be5378faf342a823ac2e168b47875c0db78be153970bf064aa687235e0145519f54f4801eeb3f71", 0x85, 0x6448, 0x1}, {&(0x7f0000000680)="ac5b175601054a8321fae78329486fa34b0389a93ed440db85797e93bdb0cb19e557c27fd8f982cfe9b10fb5f5a77c5d57c1605de0132c47580634e336fe53a51d866d8b5d65bd1de092a74c5af9ec2d2e4fa0491c12d66d11aae99e5de136b455a4eed87f36baf1a395", 0x6a, 0x24, 0x3}, {&(0x7f0000000a00)="21b141c2afbfa8db8795638bf383555ca6d3f348448bf9e7750b535dcb19b814f4ca417cf60b5c8b023f1e911dfac4ed93975d70ef8f6d2fe8c5b5b1f1886237acca0887f39fa58fc4a07c20782bb1e9b0985f7feedaebf31d08158223ca213836afb50ca0dd652fee7a5da3cdc71692bc27b33dfef188c92f3d3cd7a237ddcb242f64743b065feaae9b5e9d0b75", 0x8e, 0x6, 0x7}, {&(0x7f0000000ac0)="1e189fb84a67fb3b70e92af18239889f3631acc15d03e7c706aa9f52b100db10d33f3cfda1c60ca9d343f190be9f06220fe936e1e8bab8c7ee798d0baa825a9332787fa976d788b41286ebc70e607a8a1fc9f6d6c3e0b4385cd2e4e5bbe713f9fd9303a32f933a38e924ccf4b993965a4d9633f412a2f895c2a9157488394ac5411df8b35d5100e291f5d3fe01d1d8a1481104a00c6cbe5b30efff45d7adbffab1d10a3b0e9bf108bc67167561650566ffae0ea3ff14e75211f38ed75157a08cce03ef22a14cf3f5827155ec72afd3ee2289edafc8e5ffe9dd61a68c8c7d9baacee7d561d79063", 0xe7, 0x365c, 0x3}, {&(0x7f0000000bc0)="9092203e0be1f11c0c5fd42cb8cb878fb503c6d6a42d9922d6606a8d336f41bddb64965620baa1b6630ad9f9121575d579a8a37f68b48b22bfe15b7ac7605ca30b5d49283872afaadf78d451f3205b0fe8755f9ec5914f44ec06ee4ace80afc05ba9aef909150f7e04c68da97335aa04bb39b1db65a2958601f851c012dc9cb16324e9f8d9c19b36f0ed1caef413083eea519bf68c4c73dcdf684bafa856181a6fe17438422df7edff07f0e95b21b3e3dacf06198d5c270d61159fa0a98a72c98d959d8e910e5e81197412754e44cc8d359893d3a24e802dde35ef59", 0xdc, 0xc8c, 0x3}, {&(0x7f0000001200)="4280550667ddd9c92a5a58b1e81780dac96004d026c424fb8ed31f0d6354219af3250bfe787a895a9ba731ab8780e1acdcf4a4e47d70404e6245c47f188d40df75edb1fe9079f48b19a2f7fd20d0a5de687dc6da2b0892a05be17e593d5551fc1d321cff3e27c73ac2be633ed19a597bd6715d68cd4dda16af776e46c9512c0b1e8e0218e7aafccb93d9ea8b4f981d3af73a6ad13892ccc2e3512d17a27196d4378ebeb4a2a95b3667db899861a25800d7538fdccec006d8ca290237cecd6f11e0ca581e2da0ce81676000518e71781fd0e7bf1f01671c37a1ebff48433a07", 0xdf, 0xd719, 0xfff}, {&(0x7f0000000cc0)="0a456960e6c523f841a9482a87caf22052e80c53c478e083bcbbc8b6b2befb6df14621627325390ab929a02f5fa71232abd39b136c17cde162a448817369ba204901c90b125fcd9a4e297e8202270dafafcb1746307065c2bfb732372eec7c6269639c79e38f62", 0x67, 0x0, 0x2}], 0x2a0000)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
syz_genetlink_get_family_id$devlink(&(0x7f0000000100), r0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000d08000640ffffff000800034000000038540000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000280003802400008004000180040002800c0004"], 0xe8}, 0x1, 0x0, 0x0, 0x1}, 0x20000000)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r8}, &(0x7f0000000000), &(0x7f00000005c0)=r10}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xc, &(0x7f00000007c0)=ANY=[@ANYRES16=r3, @ANYRESHEX=r3, @ANYRES64=r10, @ANYBLOB="8fe2d4d80d3ee1e04181082ec2a822429ae7432d77a4e5a3f391667215acacaae8d7064ee4db88ff7be1dbb7cc041db65d64bfbf41eeedeb0eddef5551614726ac7eb34fca8de7f80ef8b6e9b1d9611ba8c0671e14ae70698b5a89c3cdb7d04207ffca5ea40d01a85500302db2367141fb35220a4d49a0929d6d245cec484581a4ce41ca650f906686ab9517ab6246edade1b851f7881f9585b1c07cbc5dfda80ec5f72920667e99cc545f2018b101119b137a9038b9a6a0503292c0b4cbf50dcf905b54efad9e3a44045b65288f7796fcd24c967c80cfe375d3a3a95ab52f9d02f215d516b25e7fec333e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r4, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r11 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000d40)={&(0x7f0000000600), 0xc, &(0x7f00000009c0)={&(0x7f0000001080)=ANY=[@ANYRES16, @ANYBLOB="2b8dc0d993ba4ca5db2832a5a9e1e8f105c48a7678130927196cc53cb4c1b6bb4f77321cd196d3166b6a3d6285962b238fc90345206554162d7bbadd7066d4f240559cdef4e913fff72c5bbc41380bb71bffc9a201afe514f9030726a6f209552b4ad68cc1bd050421de298fc712b6cd74d1bfad2e40176fdd7a1c2f70ec6b0f725ba4b1d3f689b42ea320a8ff767f0e2d7b4ee3ec38a13a93a52abbfb916a18e802a9120be98b21c3341c1f9d3be9639d2d6ed75a564853974e0a212d247027633756a35076036dccd9fafd05609603173afccdca6380db952bc48866ba3b83ee3f25543e5f45e9a29ef6c16e7692eaf03f784be300389013"], 0x34}, 0x1, 0x0, 0x0, 0x48000}, 0xc884)
write$vga_arbiter(r11, &(0x7f0000000280)=ANY=[@ANYBLOB='lock m'], 0xc)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xc97c, 0x0, @perf_config_ext={0x2, 0x3}, 0x8, 0x4906f38e, 0x8409, 0x7, 0x0, 0x3c, 0xfffe}, 0x0, 0xffbfffffffffffff, 0xffffffffffffffff, 0x1)
lsm_get_self_attr(0x67, 0x0, &(0x7f00000001c0), 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r12}, 0x10)
symlinkat(0x0, 0xffffffffffffff9c, 0x0)
rename(&(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
recvfrom$inet(r0, &(0x7f0000001400)=""/145, 0x91, 0x0, &(0x7f0000000640)={0x2, 0x4e23, @rand_addr=0x64010102}, 0x10)

587.906681ms ago: executing program 1 (id=4946):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='mm_page_free\x00', r1, 0x0, 0x5}, 0x18)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x2)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
r2 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
fchdir(r3)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="070000000400000020"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r5 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80)
sendfile(r5, r5, 0x0, 0x1000000201005)

510.528572ms ago: executing program 1 (id=4947):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r1, 0x0, 0xf7}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
socket(0x2b, 0x80801, 0x1)
socket(0x11, 0x3, 0x1000)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)

461.334143ms ago: executing program 4 (id=4948):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f0000000280)={[{@nouid32}]}, 0x1, 0x71c, &(0x7f0000000f40)="$eJzs3U1rXNUbAPDn3mb+yb+NJoKKLyAVxYqlkya2lK6sC9FNMVBwm4bkJsTc9MbMTG1CF+nKrYii4Ea/gxtXims/gF9BQbTURV1F7mQmfZtJpppkIPP7wZ15zr03ec6ZCeeBnGFOAAPrZPmQRjwfEdNJxFjrfBIRlWY0FHFp+747t2/OlUcSW1tX/kia95TtuO9nSiciYjMinouInyoRp9NH89bWN5Zn8zxba7Un6iurE7X1jTNLK7OL2WJ27eK5c1PnLpy/eHH/xvrG+x88Wz3/zuj30wszpyZ//S6JSzHaunb/OPbT9mtSKV/CB7x7EMn6KOl3B/hXhiLiWOv5mRiLY80IADjKtoYjtgCAAZOo/wAwYNr/B2iv7R3UOlg3v78dESOd8g+11sxGmuuQx+8kD6xMJBExfpgd5UjavBURV8dPPvr3lzyyZvu4zu5HBzlQP5bzz6VO80+6M/9Eh/lnpP3Zif+o+/x3L/+xLvPfdI853nuxUXTNfyvihaFO+ZOd/EmX/Fd7zP/D3fm/u13b+jbitY71J3kgV/fPh0wsLOXZ2e3HzjlONm5+uNv4j3fJv7nH+Fd7HP/oZy//vLlL/tdf2f3975S/rImf9pj/k8pbX3S7Vuaf7zL+vd7/b3rMf+GljzZ6vBUAAAAAAAAAAAAAAAAAAAAAAAAAAACOhDQiRiNJqztxmlar23t4Px3H07yo1U8vFI1r89HcK3s8Kmn7q5bHtttJ2Z5sfR9/uz31UPvNiHgqIj4f/n+zXZ0r8vl+Dx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWk48tP//X8Pb+/8DAEfcSL87AAAcOvUfAAaP+g8Ag0f9B4DBo/4DwOBR/wFg8Kj/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAByy6cuXy2Przu2bc2V7/vp6Y7m4fmY+qy1XVxpz1blibbW6WBSLeVadK1b2+n15UaxOTUXjxkQ9q9UnausbMytF41p9ZmlldjGbySqHMioAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeDyjzSNJqxGRNuM0rVYjnoiI8agkC0t5djYinoyIX4Yrw2V7st+dBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB9VlvfWJ7N82xNIBAIdoJ+z0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw+O5t+t3vngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAP6W/JRFRHqfGXh19+Or/krvDzeeI+PjrK1/emK3X1ybL83/unK9/1To/1Y/+AwB7adfpdh0HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE5q6xvLs3merR1g0O8xAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwf/4JAAD//68fzsc=")
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[{}], 0x8, 0xd, &(0x7f0000001f00), &(0x7f0000002080), 0x8, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x18)
fsopen(&(0x7f0000000240)='configfs\x00', 0x1)

423.085534ms ago: executing program 1 (id=4950):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
futex(&(0x7f000000cffc)=0x100000000000004, 0x0, 0x4, &(0x7f0000edfff0)={0x0, 0x989680}, 0x0, 0x0)

375.054394ms ago: executing program 1 (id=4951):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
ioctl$USBDEVFS_REAPURB(r0, 0x4008550c, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
perf_event_open(0x0, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0xb)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = open(0x0, 0x147842, 0x0)
preadv2(r2, &(0x7f0000000240)=[{&(0x7f0000001200)=""/4096, 0x1000}, {0x0}], 0x2, 0x0, 0x0, 0x1b)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000040)={0x1b, 0x0, 0x0, 0x4b, 0x0, 0x1, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x5}, 0x50)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000000)={0x38, 0x0, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_DEVKEY={0x18, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}]}]}, 0x38}}, 0x0)
r6 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r6, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x21, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xffffffffffffffff, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0xfffffffb, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x2000)
ioctl$SG_GET_VERSION_NUM(r7, 0x2284, &(0x7f0000000080))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x20, &(0x7f00000000c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xb79e}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000001c0)='syzkaller\x00', 0x101, 0x0, 0x0, 0x41000, 0x12, '\x00', r5, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x6, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x5, 0x1, 0x5, 0x5}, 0x10}, 0x94)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002680)=@newtaction={0x48, 0x30, 0x25, 0x1000, 0x0, {}, [{0x34, 0x1, [@m_pedit={0x30, 0x1, 0x0, 0x0, {{0xa}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x48}}, 0x40000)

245.299237ms ago: executing program 2 (id=4952):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf"], 0x30}, 0x1, 0x0, 0x0, 0x8080}, 0x4080)

244.392697ms ago: executing program 4 (id=4953):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f0000000280)={[{@nouid32}]}, 0x1, 0x71c, &(0x7f0000000f40)="$eJzs3U1rXNUbAPDn3mb+yb+NJoKKLyAVxYqlkya2lK6sC9FNMVBwm4bkJsTc9MbMTG1CF+nKrYii4Ea/gxtXims/gF9BQbTURV1F7mQmfZtJpppkIPP7wZ15zr03ec6ZCeeBnGFOAAPrZPmQRjwfEdNJxFjrfBIRlWY0FHFp+747t2/OlUcSW1tX/kia95TtuO9nSiciYjMinouInyoRp9NH89bWN5Zn8zxba7Un6iurE7X1jTNLK7OL2WJ27eK5c1PnLpy/eHH/xvrG+x88Wz3/zuj30wszpyZ//S6JSzHaunb/OPbT9mtSKV/CB7x7EMn6KOl3B/hXhiLiWOv5mRiLY80IADjKtoYjtgCAAZOo/wAwYNr/B2iv7R3UOlg3v78dESOd8g+11sxGmuuQx+8kD6xMJBExfpgd5UjavBURV8dPPvr3lzyyZvu4zu5HBzlQP5bzz6VO80+6M/9Eh/lnpP3Zif+o+/x3L/+xLvPfdI853nuxUXTNfyvihaFO+ZOd/EmX/Fd7zP/D3fm/u13b+jbitY71J3kgV/fPh0wsLOXZ2e3HzjlONm5+uNv4j3fJv7nH+Fd7HP/oZy//vLlL/tdf2f3975S/rImf9pj/k8pbX3S7Vuaf7zL+vd7/b3rMf+GljzZ6vBUAAAAAAAAAAAAAAAAAAAAAAAAAAACOhDQiRiNJqztxmlar23t4Px3H07yo1U8vFI1r89HcK3s8Kmn7q5bHtttJ2Z5sfR9/uz31UPvNiHgqIj4f/n+zXZ0r8vl+Dx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWk48tP//X8Pb+/8DAEfcSL87AAAcOvUfAAaP+g8Ag0f9B4DBo/4DwOBR/wFg8Kj/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAByy6cuXy2Przu2bc2V7/vp6Y7m4fmY+qy1XVxpz1blibbW6WBSLeVadK1b2+n15UaxOTUXjxkQ9q9UnausbMytF41p9ZmlldjGbySqHMioAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeDyjzSNJqxGRNuM0rVYjnoiI8agkC0t5djYinoyIX4Yrw2V7st+dBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB9VlvfWJ7N82xNIBAIdoJ+z0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw+O5t+t3vngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAP6W/JRFRHqfGXh19+Or/krvDzeeI+PjrK1/emK3X1ybL83/unK9/1To/1Y/+AwB7adfpdh0HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE5q6xvLs3merR1g0O8xAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwf/4JAAD//68fzsc=")
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[{}], 0x8, 0xd, &(0x7f0000001f00), &(0x7f0000002080), 0x8, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001158000000000000800000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = socket$kcm(0x2, 0x3, 0x84)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10004, 0x1, 0x4, 0x5, 0x20009, 0x2b, 0x0, 0x40000000, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$inet(r1, &(0x7f0000001000)={&(0x7f0000000080)={0x2, 0x29, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x14}, @loopback}}}], 0x20}, 0x4)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000300)={0x0, r1}, 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000004000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r2}, 0x10)
rt_tgsigqueueinfo(0x0, 0x0, 0x7, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000000c0)={r0, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5b, 0x8, 0x0, 0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
connect$l2tp6(r3, &(0x7f0000000040)={0xa, 0x0, 0xd8d9, @dev={0xfe, 0x80, '\x00', 0x24}, 0x800, 0x4}, 0x20)
fdatasync(r3)

243.865867ms ago: executing program 2 (id=4954):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4b, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
syz_emit_ethernet(0x3e, &(0x7f0000000500)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa86dd652170a4000800010000000000000000080000000a010100ff02000000000000000000000000000133"], 0x0)

237.328457ms ago: executing program 0 (id=4955):
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000580)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000000150600000fbf52ee4507000002000000250600000ee60000bf250000000000001f010000000000006507040002000000070700004c0000001f75000000000000bf540000000000000704000004000bffbd350100000000009500000000000000050000000000000095000000000000001f1bd1fe4b3af9c97925711095cc1a3a25b9418ffdc4a1da470a14e4391c3fb600100000a4911fe82664d775cdb9dfc83fa32db39b636c1866b526ffff00005172a74e9afe751664f580a6c5bccf1ef6583e0c1cd1f7fe416b5d6902e7db826e6dffda3aabdc5b5ce08ca4ee6035f1b7dc6b3b4672f7c22efa6d633473cd548789f8ab5a654106888aff6f3eb7e962160dac2c68c044584bb50e9c0952bab14c2c65176c7e40faaea21457d5f2d6f40c4d3390a1e14561cbf0a6ccd15f45c52753e24c6488b23ec9a3261c7706cecfc37b25b382c76631983e053efde84f80c5483d26bfaa66bf477cca77d399c76469551913f98a26fa0363ebb7f861a3d53d4dd6d91f7dcefb0748cd20346878bc0759851cd32ba781d6e62e8eee022be7fb6fff27871a5a7a723e5e330f454f0c568fbfc9b901bd6cc3af8355e5ecf3f74a472c7861beeeba7d5d25208a2e1d4c0b8e4f82ce05ffe1c69aaea312bbb3656c873b26161dccd130823e87d0b411e6fdb2cc4def13ecdf4217b647803c9dbaba0cd1036081842b7fc3a30759c24058ad22001bc2817d4604bc2d49bf41894e61356ddf6d394a397c67321a0dd4ac4082ee583de98e8a89535050054d40a4dbd809d0ce9c444286b5d5a51d933d35714d8ca7fb49b5329107825926fd5caaf4ddd1e81e616fc56e47d30e51cd558d630f665a88da23e96c45a0a4ccd554a92628336eb43de1022d60e5ffe41b6bef61ea28c5ea09a832f9f84b10aa4b6350930b11865184fce06bb8bf64b578e8477d3440526aa2055daa7945db10e7c2cf517d954fc2db6cdee34cff68b43fef6205f2cf390e1bc4ee8ee0b5f204bf14c30a54196863eb6c707de3b344a6f84b47be3012b55d41da4c0bc43af548ee4b98c8599008d140e106138c6469cbc3857beddafd53fd1ba63b4786d5efec1942049aae281112e43477f0bf74ce9f2acc9bc6dd58a434eb41ad1a5cd4f753c32f2a40ff3c0c25a6f7833acfee9fc332eca2a41a97e832240b574a6413334f8b1ce08f6b560569355cac2d81191aaa6f3849433ed3f4617a04e22917c889f878486657fc6c001d90dc4e3d609f0ee78305143c60140a2396e959d8430fdcd7ccfaa0b0ba1dcb130f25714a191dbe2efeab57746e44a4344eaaf95c70d7043145f560b2e633f546a8c6b1aca8fa92ddd95b5aeade2ca2bb39a19e9250ae15e3a083914ec19605f13b7f1dedb7d26a9713f920d9b83b038863f066ef0e0cef0b63927773078a6c9187881b96c14bcfb475a6cb07fc2e434ecd4c58b8dd7e8282d966d7d184dc1513c4fa2e161c26742d7c7a5afcb85291c9393206729cc9aa027814b03cbb598c5bd01fd63478d10e9a6c94a211be56e5b8bd4d6777eafa4fa777695b941bb65be7651828c9c7f6b68cd7e1b62f4d6a3b5cacbb7d34"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/consoles\x00', 0x0, 0x0)
r2 = syz_io_uring_setup(0x49d, &(0x7f00000003c0)={0x0, 0x79ac, 0x400, 0x7ffd, 0x32c, 0x0, r1}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd=r1, 0x6, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r2, 0xfd0, 0x4c1, 0x43, 0x0, 0x0)

228.236627ms ago: executing program 2 (id=4956):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f0000000280)={[{@nouid32}]}, 0x1, 0x71c, &(0x7f0000000f40)="$eJzs3U1rXNUbAPDn3mb+yb+NJoKKLyAVxYqlkya2lK6sC9FNMVBwm4bkJsTc9MbMTG1CF+nKrYii4Ea/gxtXims/gF9BQbTURV1F7mQmfZtJpppkIPP7wZ15zr03ec6ZCeeBnGFOAAPrZPmQRjwfEdNJxFjrfBIRlWY0FHFp+747t2/OlUcSW1tX/kia95TtuO9nSiciYjMinouInyoRp9NH89bWN5Zn8zxba7Un6iurE7X1jTNLK7OL2WJ27eK5c1PnLpy/eHH/xvrG+x88Wz3/zuj30wszpyZ//S6JSzHaunb/OPbT9mtSKV/CB7x7EMn6KOl3B/hXhiLiWOv5mRiLY80IADjKtoYjtgCAAZOo/wAwYNr/B2iv7R3UOlg3v78dESOd8g+11sxGmuuQx+8kD6xMJBExfpgd5UjavBURV8dPPvr3lzyyZvu4zu5HBzlQP5bzz6VO80+6M/9Eh/lnpP3Zif+o+/x3L/+xLvPfdI853nuxUXTNfyvihaFO+ZOd/EmX/Fd7zP/D3fm/u13b+jbitY71J3kgV/fPh0wsLOXZ2e3HzjlONm5+uNv4j3fJv7nH+Fd7HP/oZy//vLlL/tdf2f3975S/rImf9pj/k8pbX3S7Vuaf7zL+vd7/b3rMf+GljzZ6vBUAAAAAAAAAAAAAAAAAAAAAAAAAAACOhDQiRiNJqztxmlar23t4Px3H07yo1U8vFI1r89HcK3s8Kmn7q5bHtttJ2Z5sfR9/uz31UPvNiHgqIj4f/n+zXZ0r8vl+Dx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWk48tP//X8Pb+/8DAEfcSL87AAAcOvUfAAaP+g8Ag0f9B4DBo/4DwOBR/wFg8Kj/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAByy6cuXy2Przu2bc2V7/vp6Y7m4fmY+qy1XVxpz1blibbW6WBSLeVadK1b2+n15UaxOTUXjxkQ9q9UnausbMytF41p9ZmlldjGbySqHMioAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeDyjzSNJqxGRNuM0rVYjnoiI8agkC0t5djYinoyIX4Yrw2V7st+dBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB9VlvfWJ7N82xNIBAIdoJ+z0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw+O5t+t3vngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAP6W/JRFRHqfGXh19+Or/krvDzeeI+PjrK1/emK3X1ybL83/unK9/1To/1Y/+AwB7adfpdh0HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE5q6xvLs3merR1g0O8xAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwf/4JAAD//68fzsc=")
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[{}], 0x8, 0xd, &(0x7f0000001f00), &(0x7f0000002080), 0x8, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001158000000000000800000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = socket$kcm(0x2, 0x3, 0x84)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10004, 0x1, 0x4, 0x5, 0x20009, 0x2b, 0x0, 0x40000000, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$inet(r1, &(0x7f0000001000)={&(0x7f0000000080)={0x2, 0x29, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x14}, @loopback}}}], 0x20}, 0x4)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000300)={0x0, r1}, 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000004000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r2}, 0x10)
rt_tgsigqueueinfo(0x0, 0x0, 0x7, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000000c0)={r0, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5b, 0x8, 0x0, 0x0}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000080)={'#! ', './file0'}, 0xb)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r4}, 0x18)
fsmount(0xffffffffffffffff, 0x0, 0x1)
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
fdatasync(r3)

69.833339ms ago: executing program 0 (id=4957):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x7fffffff}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x10e, &(0x7f0000000680)={[{@init_itable_val={'init_itable', 0x3d, 0x957}}, {@noinit_itable}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2a}}, {@nouser_xattr}, {@orlov}, {@grpid}], [{@fowner_gt={'fowner>', 0xee00}}]}, 0x4, 0x46b, &(0x7f00000009c0)="$eJzs289vFFUcAPDvTFt+IxXxBz/UKhobf2yhgHLwotHEgyYmXvBY20KQhRpaEyFE0Rg8GhITj8ajiX+BJ70Y9WTiVe+GhBguoqcxsztDd9fttsC2A93PJ9nueztv9r3vvHm7b+Z1AxhYY/mfJGJbRPweETua2fYCY82n69cuTP9z7cJ0Eln21l9Jo9zf1y5Ml0XL/bYWmfE0Iv00ib1d6p0/d/7UVL0+e7bITyycfm9i/tz5506enjoxe2L2zOTRo4cPHXzh+ckjfYnz3rytez6c27f7tbcvvzF97PI7P3+blPF3xNEnY702Ppllfa6uWttb0snwCnYYWsXGsGJ5N+TdNdIY/ztiKBY7b0e8+kmljQNWVVZYYvPFDFjHkqi6BUA1yi/6/Pq3fKzd7KN6V19qXgDlcV8vHs0tw5EWZUY6rm/7aSwijl3896v8EatzHwIAoM33+fzn2W7zvzQeaCl3T2xsrA2NFmspOyPivojYFRH3RzTKPhgRD3WrpMeCQOciyf/nP+mVW49uefn878Vibat9/lfO/mJ0qMhtb8R/JI2ozx5oHJOI8RjZePxkffZgjzp+eOW3z5fa1jr/yx95/eVcsGjHleGN7fvMTC1M3U7Mra5+HLFnuFv8yY2VgCQidkfEnlus4+TT3+xbatvy8fewknWmZWRfRzzV7P+L0RF/Kem9PjmxKT8fJvKz4EDXOn759dKbS9V/W/H3Qd7/W7qe/zfiH01a12vnb+bdm6P70h+fLXlNU7ul83/xhQ3F8wdTCwtnD0ZsSF5vNrr19cnFfct8WT6Pf3x/9/G/MxaPxN6IyE/ihyPikYh4tIjusYh4PCL29zgKP738xLu9jlD3+Df1eMf+yeOf6ej/0fYiHf2/mNgQna90Twyd+vG79ndcSfylvP8PN1LjxSuNz78ve8e1knbd7NkMAAAAd6s0IrZFktZupNO0Vmv+D/+u2JLW5+YXnjk+9/6ZmeZvBEZjJC3vdDXvB48k5f3P0Zb8ZEf+UHHf+IuhzY18bXquPlN18DDgtraO//KWb6359KffaMD614d1NOAuZfzD4DL+YXAZ/zC4uoz/zVW0A1h73b7/P6qgHcDa6xj/lv1ggLj+h8E1HFlSdRuAarR+//sggIExvzmW/5H8ekhkWZbdAc1YP4lI74hm9CeRrPIo2FZ1gDefqPqTCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoD/+CwAA//9lEuuH")
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000300)=""/180}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x2, 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)
get_mempolicy(0x0, 0x0, 0x203, &(0x7f0000394000/0x3000)=nil, 0x3)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x2, 0x0, 0x7ffc9ffb}]})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x4, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x8, 0x800008, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioperm(0x1, 0x2, 0x6)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB="4000000010001fff0000eb00000000000000e8f1", @ANYRES32=0x0, @ANYBLOB="0004000000000000200012800b0001006272696467650000100002800a001400aaaaaaaaaa170000"], 0x40}}, 0x0)
r3 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000080), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, r3)
mount$9p_rdma(&(0x7f0000000240), &(0x7f0000000300)='./file0\x00', &(0x7f0000001400), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=rdma,port=0x0000000000000000,privport'])
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000000f2ff007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffeca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r4, 0x0, 0x200000000000006}, 0x18)

68.997849ms ago: executing program 4 (id=4958):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26}, 0x94)
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x1, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={&(0x7f00000002c0), 0x9}, 0x500, 0x9, 0x9, 0x0, 0xfffffffffff7bbfe, 0x0, 0x0, 0x0, 0x5ff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket(0x1f, 0x80802, 0x0)
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4800)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x105042, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000100), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}})
splice(r0, 0x0, r2, 0x0, 0x1fffffffffff, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000001180)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd606410a60014040000000000000000000000000000000000fe8000000000000000000000000000aa223c27d5c9a40900a14172170a013589317d2af3"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r3}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x4}, 0x0, 0x0)

1.423751ms ago: executing program 2 (id=4959):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mdstat\x00', 0x0, 0x0)
preadv(r0, 0x0, 0x0, 0x8000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, 0x0, 0x0)
mkdir(0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
creat(&(0x7f0000000240)='./file0/bus\x00', 0x0)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r4, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x7ffffffe, {0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX])

0s ago: executing program 2 (id=4960):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
ioctl$USBDEVFS_REAPURB(r0, 0x4008550c, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x210e, 0xc0002, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b80, 0x2, @perf_bp={0x0, 0xe}, 0x14105, 0x32, 0xfffffbff, 0x9, 0x2, 0x0, 0xfffa, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0xb)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_read_part_table(0x60d, &(0x7f0000002200)="$eJzs3D9olHcYB/DvJbmcUTAdnFxqHDoJRXE0Q5XkqlgIp1IIDvYfIs0UIXDSw5Q4tBkUM0jHLlK4DhonYwYnRaFzEQeLkMGlYBepHXLl7l6SOyjF0oRS/HyGe353PDzf94F3/V34XxtIuTi1Kp3y/qd/298a3TzP50xzYvJ4q9VqnU5KOZtyxsq7l5MMpX9q9icZ7plz8/udq9/+9mG5+fTUq/fOPVgc2JhZyTtJdvU2Z+SvHqXyzzZlO9wafzi6cGW2erX9pdpYW/84uf1yorZycnFp+UT52Oft3y8nj4r+7osxkoup51K+zCdDbxz19eax1Jc/386vj194Um2sfdd8fnB9b3Xw7vkjr/etXrt/KJlrR0yl87JvGv6Xi/fkL/Tkz41dn15qHD1wZ8+Nw/V7j2svBn9vdRWR5a3JBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABge9xqf1yZrV6tj194Um2sffPzTx/dfjlRWzm5uLR8YvjYs6LvUVGHinox9VxKOclMZvJFZt88crrUmz/+cHRhI/+Pncnzg+t7q82754+8nly9dv9Qp6uUqXYZ2IqN+/XnN9bmxq5PLzWOHriz58bh+r3HtReD3b6ZSj7rrJuksvWPAQAAAAAAAAAAAAAAAAAAwFtuYvL4vqkPaqeTUs7uSPLrV51b9q3KyI/p3Lzv2l/UZ5Vkd5KbO7r/BdB8eurV8LkHi78Ul+LnU8l8kl0/rJxJ3t3IudwfW96czH/pzwAAAP//gTiR5w==")
creat(&(0x7f0000000200)='./bus\x00', 0x10)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x0)
preadv2(r2, &(0x7f0000000240)=[{&(0x7f0000001200)=""/4096, 0x1000}, {0x0}], 0x2, 0x0, 0x0, 0x1b)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000040)={0x1b, 0x0, 0x0, 0x4b, 0x0, 0x1, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x5}, 0x50)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000440))
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000000)={0x38, 0x0, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_DEVKEY={0x18, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}]}]}, 0x38}}, 0x0)
r6 = socket$inet6(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000190001000000000000000000021800000000fd000000ed0008000100ac1414003400080004"], 0x2c}}, 0x0)
sendto$inet6(r6, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000280)={0x0, 0x21, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xffffffffffffffff, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0xfffffffb, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r8 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x2000)
ioctl$SG_GET_VERSION_NUM(r8, 0x2284, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x20, &(0x7f00000000c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xb79e}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000001c0)='syzkaller\x00', 0x101, 0x0, 0x0, 0x41000, 0x12, '\x00', r5, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x6, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x5, 0x1, 0x5, 0x5}, 0x10, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000300)=[{0x1, 0x5, 0xd, 0x1}, {0x2, 0x3, 0x7, 0x6}, {0x0, 0x4, 0xb, 0x4}, {0x5, 0x2, 0x9, 0x6}, {0x5, 0x4, 0x6, 0x8}, {0x3, 0x2, 0x6, 0x9}]}, 0x94)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x40000)

kernel console output (not intermixed with test programs):

r directory
[  523.621052][ T5632] loop1: p4 size 8388608 extends beyond EOD, truncated
[  523.648433][T17446] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17446 comm=syz.0.4191
[  523.655175][ T3559] loop3: p4 size 8388608 extends beyond EOD, truncated
[  523.691738][T17448]  loop3: p1 < > p4
[  523.701393][T17453]  loop1: p1 < > p4
[  523.707914][T17453] loop1: p4 size 8388608 extends beyond EOD, truncated
[  523.715399][T17448] loop3: p4 size 8388608 extends beyond EOD, truncated
[  523.814851][T17448] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17448 comm=syz.3.4192
[  523.856881][T17461] netlink: 27 bytes leftover after parsing attributes in process `syz.1.4194'.
[  523.966099][T17465] loop2: detected capacity change from 0 to 2048
[  523.989062][T17465] EXT4-fs (loop2): failed to initialize system zone (-117)
[  524.018786][T17465] EXT4-fs (loop2): mount failed
[  524.101997][T17469] loop2: detected capacity change from 0 to 256
[  524.122947][T17469] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  524.153512][ T2998]  loop0: p1 < > p4
[  524.166668][ T2998] loop0: p4 size 8388608 extends beyond EOD, truncated
[  524.201210][   T29] kauditd_printk_skb: 240 callbacks suppressed
[  524.201228][   T29] audit: type=1326 audit(1753153455.895:5678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17433 comm="syz.4.4190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa495c4e9a9 code=0x7ffc0000
[  524.234290][   T29] audit: type=1326 audit(1753153455.925:5679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17433 comm="syz.4.4190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa495c4e9a9 code=0x7ffc0000
[  524.314649][T17045] udevd[17045]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  524.315097][ T6052] udevd[6052]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  524.328129][T17478] netlink: 'syz.3.4201': attribute type 6 has an invalid length.
[  524.363533][ T2998]  loop1: p1 < > p4
[  524.374717][T17480] netlink: 'syz.2.4203': attribute type 1 has an invalid length.
[  524.383729][ T2998] loop1: p4 size 8388608 extends beyond EOD, truncated
[  524.484108][   T29] audit: type=1326 audit(1753153456.175:5680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17487 comm="syz.2.4207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf30ee9a9 code=0x7ffc0000
[  524.485934][T17488] loop2: detected capacity change from 0 to 128
[  524.507882][   T29] audit: type=1326 audit(1753153456.175:5681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17487 comm="syz.2.4207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf30ee9a9 code=0x7ffc0000
[  524.522206][T17051] udevd[17051]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  524.546626][ T6052] udevd[6052]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  524.581350][   T29] audit: type=1326 audit(1753153456.185:5682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17487 comm="syz.2.4207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fedf30ee9a9 code=0x7ffc0000
[  524.581456][   T29] audit: type=1326 audit(1753153456.185:5683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17487 comm="syz.2.4207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fedf30ee9e3 code=0x7ffc0000
[  524.581491][   T29] audit: type=1326 audit(1753153456.185:5684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17487 comm="syz.2.4207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fedf30ed45f code=0x7ffc0000
[  524.581526][   T29] audit: type=1326 audit(1753153456.185:5685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17487 comm="syz.2.4207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fedf30eea37 code=0x7ffc0000
[  524.581625][   T29] audit: type=1326 audit(1753153456.185:5686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17487 comm="syz.2.4207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fedf30ed310 code=0x7ffc0000
[  524.581737][   T29] audit: type=1326 audit(1753153456.185:5687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17487 comm="syz.2.4207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fedf30ee5ab code=0x7ffc0000
[  524.620392][T17488] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  524.622051][T17494] loop3: detected capacity change from 0 to 256
[  524.623558][T17494] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  524.641959][T17488] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  524.717416][ T6248] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  524.815128][T17506] loop2: detected capacity change from 0 to 2048
[  524.981089][T17513] netlink: 'syz.3.4217': attribute type 1 has an invalid length.
[  524.993139][T17506]  loop2: p1 < > p4
[  524.998593][T17506] loop2: p4 size 8388608 extends beyond EOD, truncated
[  525.111892][T17521] loop0: detected capacity change from 0 to 2048
[  525.142349][T17506] netlink: 'syz.2.4215': attribute type 2 has an invalid length.
[  525.150322][T17506] netlink: 59 bytes leftover after parsing attributes in process `syz.2.4215'.
[  525.168624][T17045]  loop0: p1 < > p4
[  525.189074][T17045] loop0: p4 size 8388608 extends beyond EOD, truncated
[  525.197322][T17533] loop1: detected capacity change from 0 to 256
[  525.210782][T17533] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  525.223723][T17521]  loop0: p1 < > p4
[  525.234960][T17521] loop0: p4 size 8388608 extends beyond EOD, truncated
[  525.256828][ T2998]  loop0: p1 < > p4
[  525.268299][ T2998] loop0: p4 size 8388608 extends beyond EOD, truncated
[  525.380676][T17543] loop1: detected capacity change from 0 to 512
[  525.406611][T17545] netlink: 27 bytes leftover after parsing attributes in process `syz.0.4219'.
[  525.441540][T17543] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  525.524110][T17555] loop3: detected capacity change from 0 to 2048
[  525.571940][T17051]  loop3: p1 < > p4
[  525.588309][T17051] loop3: p4 size 8388608 extends beyond EOD, truncated
[  525.597982][ T2998]  loop2: p1 < > p4
[  525.608865][ T2998] loop2: p4 size 8388608 extends beyond EOD, truncated
[  525.618638][T17555]  loop3: p1 < > p4
[  525.640724][T17555] loop3: p4 size 8388608 extends beyond EOD, truncated
[  525.650122][T17045] udevd[17045]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  525.666126][ T6052] udevd[6052]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  525.784796][T17569] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17569 comm=syz.3.4229
[  525.841588][T17574] loop1: detected capacity change from 0 to 512
[  525.860370][T17574] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  525.875597][ T2998]  loop0: p1 < > p4
[  525.885535][ T2998] loop0: p4 size 8388608 extends beyond EOD, truncated
[  525.938510][T17580] loop0: detected capacity change from 0 to 256
[  525.957525][T17580] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  526.017196][T17585] loop1: detected capacity change from 0 to 128
[  526.041057][T17585] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  526.086646][T17585] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  526.125590][T17595] netlink: 'syz.4.4244': attribute type 1 has an invalid length.
[  526.270249][T17606] loop1: detected capacity change from 0 to 2048
[  526.290321][ T2998]  loop3: p1 < > p4
[  526.302156][ T2998] loop3: p4 size 8388608 extends beyond EOD, truncated
[  526.307603][T17606] EXT4-fs (loop1): failed to initialize system zone (-117)
[  526.329526][T17613] netlink: 'syz.4.4251': attribute type 6 has an invalid length.
[  526.334116][T17606] EXT4-fs (loop1): mount failed
[  526.401549][T17616] loop2: detected capacity change from 0 to 2048
[  526.453066][T17620] netlink: 'syz.0.4255': attribute type 1 has an invalid length.
[  526.488431][T17627] loop4: detected capacity change from 0 to 128
[  526.494667][ T6052]  loop2: p1 < > p4
[  526.501906][T17627] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  526.506349][ T6052] loop2: p4 size 8388608 extends beyond EOD, truncated
[  526.526590][T17627] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  526.542909][T17616]  loop2: p1 < > p4
[  526.552571][T17616] loop2: p4 size 8388608 extends beyond EOD, truncated
[  526.571019][T17630] loop1: detected capacity change from 0 to 2048
[  526.617650][T17630]  loop1: p1 < > p4
[  526.649099][T17630] loop1: p4 size 8388608 extends beyond EOD, truncated
[  526.695461][T17611] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17611 comm=syz.2.4249
[  526.725187][T17630] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17630 comm=syz.1.4256
[  526.779221][T17644] netlink: 'syz.4.4264': attribute type 6 has an invalid length.
[  526.899876][T17650] loop3: detected capacity change from 0 to 2048
[  526.941690][T17652] loop4: detected capacity change from 0 to 2048
[  526.953018][T17045]  loop3: p1 < > p4
[  526.961030][T17045] loop3: p4 size 8388608 extends beyond EOD, truncated
[  526.968931][T17652] EXT4-fs (loop4): failed to initialize system zone (-117)
[  526.978093][T17652] EXT4-fs (loop4): mount failed
[  526.986148][T17650]  loop3: p1 < > p4
[  527.006242][T17650] loop3: p4 size 8388608 extends beyond EOD, truncated
[  527.013529][T17658] loop0: detected capacity change from 0 to 2048
[  527.034338][ T2998]  loop3: p1 < > p4
[  527.044488][ T2998] loop3: p4 size 8388608 extends beyond EOD, truncated
[  527.045205][ T6052]  loop0: p1 < > p4
[  527.072958][ T6052] loop0: p4 size 8388608 extends beyond EOD, truncated
[  527.085582][T17660] loop4: detected capacity change from 0 to 512
[  527.106333][T17658]  loop0: p1 < > p4
[  527.119416][ T2998]  loop2: p1 < > p4
[  527.124126][ T2998] loop2: p4 size 8388608 extends beyond EOD, truncated
[  527.124155][T17658] loop0: p4 size 8388608 extends beyond EOD, truncated
[  527.138687][T17663] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17663 comm=syz.3.4265
[  527.144798][T17660] ext4: Unknown parameter 'nouser_xattr'
[  527.301868][T17671] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17671 comm=syz.0.4268
[  527.355357][ T2998]  loop1: p1 < > p4
[  527.364523][ T2998] loop1: p4 size 8388608 extends beyond EOD, truncated
[  527.411154][T17674] loop2: detected capacity change from 0 to 128
[  527.453333][T17674] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  527.493741][T17674] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  527.597410][T17682] loop2: detected capacity change from 0 to 256
[  527.615597][T17684] loop1: detected capacity change from 0 to 1024
[  527.641580][T17682] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  527.643860][T17684] EXT4-fs: Ignoring removed nomblk_io_submit option
[  527.688691][T17684] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  527.720573][T17686] loop3: detected capacity change from 0 to 512
[  527.731523][T17684] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  527.761146][T17686] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  527.784102][T17684] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  527.805260][ T2998]  loop0: p1 < > p4
[  527.816901][ T2998] loop0: p4 size 8388608 extends beyond EOD, truncated
[  527.899469][T17697] netlink: 'syz.2.4280': attribute type 1 has an invalid length.
[  528.021536][T14270] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  528.038408][T17709] loop1: detected capacity change from 0 to 1024
[  528.045473][T14270] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  528.069520][T17709] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  528.085614][T17716] fido_id[17716]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  528.106263][T17709] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  528.128437][   T36] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  528.142140][T17714] loop3: detected capacity change from 0 to 1024
[  528.151250][   T36] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  528.171829][T17714] EXT4-fs: Ignoring removed nomblk_io_submit option
[  528.232865][T17714] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  528.269416][T12901] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  528.280877][T17714] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  528.330070][T17728] loop2: detected capacity change from 0 to 2048
[  528.338369][T17730] loop1: detected capacity change from 0 to 256
[  528.348420][T17714] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  528.381368][T17730] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  528.443032][T17051]  loop2: p1 < > p4
[  528.458430][T17051] loop2: p4 size 8388608 extends beyond EOD, truncated
[  528.489342][T17732] netlink: 'syz.3.4290': attribute type 1 has an invalid length.
[  528.492572][T17728]  loop2: p1 < > p4
[  528.537247][T17728] loop2: p4 size 8388608 extends beyond EOD, truncated
[  528.593138][T17738] loop3: detected capacity change from 0 to 1024
[  528.647996][T17738] EXT4-fs: Ignoring removed nomblk_io_submit option
[  528.683128][T17744] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17744 comm=syz.2.4288
[  528.687002][T17738] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  528.699433][T17742] loop1: detected capacity change from 0 to 2048
[  528.746033][T17738] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  528.786298][T17045]  loop1: p1 < > p4
[  528.794933][T17045] loop1: p4 size 8388608 extends beyond EOD, truncated
[  528.816492][T13230] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  528.827515][T17742]  loop1: p1 < > p4
[  528.846503][T17742] loop1: p4 size 8388608 extends beyond EOD, truncated
[  529.033107][T17749] netlink: 87 bytes leftover after parsing attributes in process `syz.1.4292'.
[  529.296936][T17778] loop3: detected capacity change from 0 to 512
[  529.315473][T17778] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  529.383633][T17781] loop4: detected capacity change from 0 to 2048
[  529.434802][ T2998]  loop1: p1 < > p4
[  529.449283][T17045]  loop4: p1 < > p4
[  529.456123][ T2998] loop1: p4 size 8388608 extends beyond EOD, truncated
[  529.464714][T17045] loop4: p4 size 8388608 extends beyond EOD, truncated
[  529.473603][T17791] loop2: detected capacity change from 0 to 1024
[  529.492182][T17791] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  529.503948][T17781]  loop4: p1 < > p4
[  529.517955][T17781] loop4: p4 size 8388608 extends beyond EOD, truncated
[  529.551580][T17051] udevd[17051]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  529.555415][ T6052] udevd[6052]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  529.571519][T17791] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  529.621765][T17791] tmpfs: Unknown parameter ''
[  529.633785][T17805] validate_nla: 1 callbacks suppressed
[  529.633804][T17805] netlink: 'syz.1.4316': attribute type 1 has an invalid length.
[  529.645359][T17807] netlink: 27 bytes leftover after parsing attributes in process `syz.4.4305'.
[  529.693731][T13021] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  529.748152][T17816] netlink: 'syz.1.4321': attribute type 1 has an invalid length.
[  529.757727][   T10] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  529.778711][   T10] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  529.798051][T17819] loop0: detected capacity change from 0 to 2048
[  529.844356][T17823] fido_id[17823]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  529.864660][T17051]  loop0: p1 < > p4
[  529.878456][T17827] loop3: detected capacity change from 0 to 2048
[  529.886536][T17051] loop0: p4 size 8388608 extends beyond EOD, truncated
[  529.898683][T17819]  loop0: p1 < > p4
[  529.903372][T17819] loop0: p4 size 8388608 extends beyond EOD, truncated
[  529.917820][   T10] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  529.940961][T17045]  loop3: p1 < > p4
[  529.961577][T17045] loop3: p4 size 8388608 extends beyond EOD, truncated
[  529.969535][   T10] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  530.005368][T17827]  loop3: p1 < > p4
[  530.018640][T17830] fido_id[17830]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  530.025296][T17827] loop3: p4 size 8388608 extends beyond EOD, truncated
[  530.053605][T17833] netlink: 'syz.0.4318': attribute type 2 has an invalid length.
[  530.053631][T17833] netlink: 59 bytes leftover after parsing attributes in process `syz.0.4318'.
[  530.111653][T17835] loop1: detected capacity change from 0 to 2048
[  530.133569][T17835] EXT4-fs (loop1): failed to initialize system zone (-117)
[  530.158366][T17835] EXT4-fs (loop1): mount failed
[  530.181199][ T2998]  loop4: p1 < > p4
[  530.181223][T17840] netlink: 87 bytes leftover after parsing attributes in process `syz.3.4322'.
[  530.206577][ T2998] loop4: p4 size 8388608 extends beyond EOD, truncated
[  530.289146][ T6052] udevd[6052]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  530.303025][T17846] loop4: detected capacity change from 0 to 1024
[  530.333024][T17051] udevd[17051]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  530.334420][T17846] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  530.406402][T17846] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  530.419192][T17848] loop2: detected capacity change from 0 to 1024
[  530.426166][T17848] EXT4-fs: Ignoring removed nomblk_io_submit option
[  530.435580][T17848] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  530.466230][T17848] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  530.487082][T17848] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  530.487093][T13436] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  530.522548][ T2998]  loop0: p1 < > p4
[  530.527269][ T2998] loop0: p4 size 8388608 extends beyond EOD, truncated
[  530.576025][ T3559] udevd[3559]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  530.586547][T17051] udevd[17051]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  530.666721][ T2998]  loop3: p1 < > p4
[  530.674668][ T2998] loop3: p4 size 8388608 extends beyond EOD, truncated
[  530.714883][T17869] loop1: detected capacity change from 0 to 2048
[  530.729679][T17870] loop4: detected capacity change from 0 to 2048
[  530.756375][T17869] EXT4-fs (loop1): failed to initialize system zone (-117)
[  530.779283][T17870]  loop4: p1 < > p4
[  530.790590][T17869] EXT4-fs (loop1): mount failed
[  530.803208][T17870] loop4: p4 size 8388608 extends beyond EOD, truncated
[  530.929646][T17884] loop1: detected capacity change from 0 to 512
[  530.945330][T17886] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17886 comm=syz.4.4335
[  530.954663][T17884] ext4: Unknown parameter 'nouser_xattr'
[  531.001884][T17889] loop2: detected capacity change from 0 to 2048
[  531.046708][T17891] loop0: detected capacity change from 0 to 2048
[  531.054532][T17045]  loop2: p1 < > p4
[  531.067439][T17045] loop2: p4 size 8388608 extends beyond EOD, truncated
[  531.079236][T17889]  loop2: p1 < > p4
[  531.086757][T17889] loop2: p4 size 8388608 extends beyond EOD, truncated
[  531.095727][T17051]  loop0: p1 < > p4
[  531.115677][T17051] loop0: p4 size 8388608 extends beyond EOD, truncated
[  531.137005][T17891]  loop0: p1 < > p4
[  531.146962][T17891] loop0: p4 size 8388608 extends beyond EOD, truncated
[  531.236983][T17898] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17898 comm=syz.2.4340
[  531.290152][T17903] netlink: 'syz.0.4343': attribute type 2 has an invalid length.
[  531.298011][T17903] netlink: 59 bytes leftover after parsing attributes in process `syz.0.4343'.
[  531.453595][T17905] netlink: 'syz.3.4346': attribute type 1 has an invalid length.
[  531.470368][ T2998]  loop4: p1 < > p4
[  531.479876][ T2998] loop4: p4 size 8388608 extends beyond EOD, truncated
[  531.560165][ T6052] udevd[6052]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  531.572831][T17045] udevd[17045]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  531.645723][T17914] netlink: 3 bytes leftover after parsing attributes in process `syz.4.4349'.
[  531.654796][T17914] 0ªX¹¦À: renamed from caif0
[  531.661446][T17914] 0ªX¹¦À: entered allmulticast mode
[  531.667016][T17914] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  531.881660][ T2998]  loop2: p1 < > p4
[  531.965455][ T2998] loop2: p4 size 8388608 extends beyond EOD, truncated
[  532.034123][ T2998]  loop0: p1 < > p4
[  532.048691][ T2998] loop0: p4 size 8388608 extends beyond EOD, truncated
[  532.209862][T17921] netlink: 'syz.2.4353': attribute type 6 has an invalid length.
[  532.302382][T17928] loop2: detected capacity change from 0 to 1024
[  532.311932][T17928] EXT4-fs: Ignoring removed nomblk_io_submit option
[  532.324406][T17928] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  532.344785][T17928] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  532.360095][T17930] loop0: detected capacity change from 0 to 2048
[  532.368912][T17928] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  532.417871][T17930]  loop0: p1 < > p4
[  532.449869][T17930] loop0: p4 size 8388608 extends beyond EOD, truncated
[  532.481320][T17936] loop2: detected capacity change from 0 to 2048
[  532.498297][ T2998]  loop0: p1 < > p4
[  532.508191][ T2998] loop0: p4 size 8388608 extends beyond EOD, truncated
[  532.525672][T17936] EXT4-fs (loop2): failed to initialize system zone (-117)
[  532.549101][T17936] EXT4-fs (loop2): mount failed
[  532.628734][T17943] loop3: detected capacity change from 0 to 2048
[  532.639238][T17944] netlink: 27 bytes leftover after parsing attributes in process `syz.0.4355'.
[  532.715038][T17051]  loop3: p1 < > p4
[  532.719835][T17051] loop3: p4 size 8388608 extends beyond EOD, truncated
[  532.748025][T17943]  loop3: p1 < > p4
[  532.769800][T17943] loop3: p4 size 8388608 extends beyond EOD, truncated
[  532.805792][T17950] loop2: detected capacity change from 0 to 1024
[  532.812971][   T29] kauditd_printk_skb: 220 callbacks suppressed
[  532.812987][   T29] audit: type=1326 audit(1753153464.505:5908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17882 comm="syz.1.4342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  532.899036][T17950] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  532.920064][   T29] audit: type=1326 audit(1753153464.505:5909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17882 comm="syz.1.4342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  532.930114][T17953] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17953 comm=syz.3.4358
[  532.969193][T17950] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  532.978062][   T29] audit: type=1326 audit(1753153464.675:5910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17956 comm="syz.4.4361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa495c4e9a9 code=0x7ffc0000
[  533.004083][T17950] tmpfs: Unknown parameter ''
[  533.005315][   T29] audit: type=1326 audit(1753153464.675:5911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17956 comm="syz.4.4361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa495c4e9a9 code=0x7ffc0000
[  533.037890][T17957] loop4: detected capacity change from 0 to 128
[  533.055082][T17957] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  533.079367][T13021] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  533.092327][   T29] audit: type=1326 audit(1753153464.735:5912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17956 comm="syz.4.4361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fa495c4e9a9 code=0x7ffc0000
[  533.116132][   T29] audit: type=1326 audit(1753153464.735:5913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17956 comm="syz.4.4361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa495c4e9e3 code=0x7ffc0000
[  533.139725][   T29] audit: type=1326 audit(1753153464.735:5914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17956 comm="syz.4.4361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fa495c4d45f code=0x7ffc0000
[  533.163179][   T29] audit: type=1326 audit(1753153464.735:5915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17956 comm="syz.4.4361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fa495c4ea37 code=0x7ffc0000
[  533.174159][T17957] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  533.186737][   T29] audit: type=1326 audit(1753153464.735:5916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17956 comm="syz.4.4361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa495c4d310 code=0x7ffc0000
[  533.219362][   T29] audit: type=1326 audit(1753153464.735:5917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17956 comm="syz.4.4361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa495c4e5ab code=0x7ffc0000
[  533.281999][ T3395] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  533.290158][ T3395] hid-generic 0000:0000:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  533.359883][ T2998]  loop3: p1 < > p4
[  533.377574][T17965] fido_id[17965]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  533.377647][ T2998] loop3: p4 size 8388608 extends beyond EOD, truncated
[  533.450083][ T3395] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  533.471777][ T3395] hid-generic 0000:0000:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  533.499370][T17976] netlink: 'syz.0.4368': attribute type 6 has an invalid length.
[  533.500780][T17978] loop3: detected capacity change from 0 to 512
[  533.526026][T17978] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  533.550192][T17976] 9pnet_fd: Insufficient options for proto=fd
[  533.564505][T17980] loop4: detected capacity change from 0 to 1024
[  533.578517][ T6052] udevd[6052]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  533.590770][T17051] udevd[17051]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  533.630484][T17980] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  533.694894][T17984] fido_id[17984]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  533.723350][T17980] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  533.796069][T17995] loop0: detected capacity change from 0 to 2048
[  533.831541][T17998] loop1: detected capacity change from 0 to 1024
[  533.865301][T17998] EXT4-fs: Ignoring removed nomblk_io_submit option
[  533.875343][T17051]  loop0: p1 < > p4
[  533.882798][T17998] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  533.892282][T13436] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  533.901729][T17051] loop0: p4 size 8388608 extends beyond EOD, truncated
[  533.928248][T17995]  loop0: p1 < > p4
[  533.932032][T17998] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  533.934619][T17995] loop0: p4 size 8388608 extends beyond EOD, truncated
[  533.952153][T17998] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  533.972421][T18001] loop4: detected capacity change from 0 to 512
[  533.990017][ T2998]  loop0: p1 < > p4
[  533.996868][ T2998] loop0: p4 size 8388608 extends beyond EOD, truncated
[  534.008311][T18001] ext4: Unknown parameter 'nouser_xattr'
[  534.121625][T18017] loop2: detected capacity change from 0 to 512
[  534.134566][T18018] netlink: 27 bytes leftover after parsing attributes in process `syz.0.4371'.
[  534.163246][T18020] loop1: detected capacity change from 0 to 2048
[  534.185346][T18021] loop3: detected capacity change from 0 to 2048
[  534.207540][T18017] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  534.220685][T18017] ext4 filesystem being mounted at /303/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  534.233067][T18020]  loop1: p1 < > p4
[  534.237764][T17045]  loop3: p1 < > p4
[  534.242323][T17045] loop3: p4 size 8388608 extends beyond EOD, truncated
[  534.256601][T18020] loop1: p4 size 8388608 extends beyond EOD, truncated
[  534.272481][T18021]  loop3: p1 < > p4
[  534.281931][T18021] loop3: p4 size 8388608 extends beyond EOD, truncated
[  534.418719][T18029] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18029 comm=syz.3.4379
[  534.424486][T18027] netlink: 'syz.1.4378': attribute type 2 has an invalid length.
[  534.439090][T18027] netlink: 59 bytes leftover after parsing attributes in process `syz.1.4378'.
[  534.505305][ T2998]  loop0: p1 < > p4
[  534.517648][ T2998] loop0: p4 size 8388608 extends beyond EOD, truncated
[  534.579309][T17051] udevd[17051]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  534.591605][T17045] udevd[17045]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  534.871361][T18038] netlink: 'syz.0.4383': attribute type 1 has an invalid length.
[  534.894101][ T2998]  loop1: p1 < > p4
[  534.913042][ T2998] loop1: p4 size 8388608 extends beyond EOD, truncated
[  534.941548][T18041] netlink: 'syz.0.4384': attribute type 1 has an invalid length.
[  534.965401][ T2998]  loop3: p1 < > p4
[  534.970041][ T2998] loop3: p4 size 8388608 extends beyond EOD, truncated
[  535.022920][T17045] udevd[17045]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  535.041892][T17051] udevd[17051]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  535.073758][T17051] udevd[17051]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  535.090882][T18049] loop0: detected capacity change from 0 to 2048
[  535.090979][ T6052] udevd[6052]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  535.145663][T18049]  loop0: p1 < > p4
[  535.152141][T18049] loop0: p4 size 8388608 extends beyond EOD, truncated
[  535.176455][ T2998]  loop0: p1 < > p4
[  535.181600][ T2998] loop0: p4 size 8388608 extends beyond EOD, truncated
[  535.249506][T18045] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18045 comm=syz.0.4386
[  535.329620][ T2998]  loop0: p1 < > p4
[  535.339233][T18058] loop1: detected capacity change from 0 to 2048
[  535.354789][ T2998] loop0: p4 size 8388608 extends beyond EOD, truncated
[  535.377482][T18058] EXT4-fs (loop1): failed to initialize system zone (-117)
[  535.394803][T18058] EXT4-fs (loop1): mount failed
[  535.417306][ T6052] udevd[6052]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  535.418382][T17045] udevd[17045]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  535.665597][T18075] loop1: detected capacity change from 0 to 2048
[  535.688938][   T10] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  535.689389][   T36] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  535.700007][   T10] hid-generic 0000:0000:0000.0011: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  535.717448][T18075] EXT4-fs (loop1): failed to initialize system zone (-117)
[  535.726827][T18078] loop0: detected capacity change from 0 to 1024
[  535.737472][   T36] hid-generic 0000:0000:0000.0012: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  535.743394][T18075] EXT4-fs (loop1): mount failed
[  535.772524][T18078] EXT4-fs: Ignoring removed nomblk_io_submit option
[  535.819050][T18078] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  535.836628][T18078] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  535.869689][T18081] fido_id[18081]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  535.874589][T18078] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  535.891932][T18085] loop4: detected capacity change from 0 to 2048
[  535.930212][T18087] loop1: detected capacity change from 0 to 1024
[  535.955946][T18085] EXT4-fs (loop4): failed to initialize system zone (-117)
[  535.971553][T18087] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  535.997495][T18085] EXT4-fs (loop4): mount failed
[  536.007888][T18091] loop0: detected capacity change from 0 to 512
[  536.025940][T18087] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  536.061033][T18091] ext4: Unknown parameter 'nouser_xattr'
[  536.092477][T18095] loop3: detected capacity change from 0 to 1024
[  536.145805][T18095] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  536.189523][T18095] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  536.247430][T18095] tmpfs: Bad value for 'mpol'
[  536.289704][T13230] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  536.382428][T18110] netlink: 148 bytes leftover after parsing attributes in process `syz.4.4407'.
[  536.404526][T18110] netlink: 56 bytes leftover after parsing attributes in process `syz.4.4407'.
[  536.413531][T18110] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4407'.
[  536.432896][T18112] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4408'.
[  536.491396][T18114] loop4: detected capacity change from 0 to 512
[  536.517563][T18114] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  536.607209][T18122] loop3: detected capacity change from 0 to 512
[  536.636398][T18122] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  536.786353][ T3395] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  536.802349][ T3395] hid-generic 0000:0000:0000.0013: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  536.828452][T12901] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  536.853837][T18132] fido_id[18132]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  536.908956][T18137] loop3: detected capacity change from 0 to 128
[  536.915028][T18136] loop4: detected capacity change from 0 to 2048
[  536.936549][T18137] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  536.958523][T18137] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  536.968881][T17045]  loop4: p1 < > p4
[  536.974866][T17045] loop4: p4 size 8388608 extends beyond EOD, truncated
[  536.988197][T18136]  loop4: p1 < > p4
[  537.002937][T18136] loop4: p4 size 8388608 extends beyond EOD, truncated
[  537.138828][T18152] netlink: 27 bytes leftover after parsing attributes in process `syz.4.4414'.
[  537.171487][T18150] 9pnet_fd: Insufficient options for proto=fd
[  537.237160][T18157] netlink: 'syz.1.4421': attribute type 6 has an invalid length.
[  537.311751][T18158] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18158 comm=syz.3.4420
[  537.367062][T13021] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  537.437899][T18168] loop2: detected capacity change from 0 to 256
[  537.497929][T18168] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  537.498778][T18170] loop0: detected capacity change from 0 to 512
[  537.533034][T18172] loop3: detected capacity change from 0 to 1024
[  537.545317][T18170] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  537.560874][T18172] EXT4-fs: Ignoring removed nomblk_io_submit option
[  537.584333][T18172] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  537.635557][T18172] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  537.663217][T18172] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  537.703636][T18183] netlink: 'syz.3.4430': attribute type 1 has an invalid length.
[  537.726701][T18185] 9pnet_fd: Insufficient options for proto=fd
[  537.780875][ T2998]  loop4: p1 < > p4
[  537.783529][T18192] loop0: detected capacity change from 0 to 1024
[  537.785602][ T2998] loop4: p4 size 8388608 extends beyond EOD, truncated
[  537.821067][T18192] EXT4-fs: Ignoring removed nomblk_io_submit option
[  537.856457][T18192] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  537.870180][T18195] loop3: detected capacity change from 0 to 2048
[  537.889852][T18192] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  537.910895][T18195]  loop3: p1 < > p4
[  537.925181][T18195] loop3: p4 size 8388608 extends beyond EOD, truncated
[  537.925730][T18192] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  537.970292][   T29] kauditd_printk_skb: 102 callbacks suppressed
[  537.970313][   T29] audit: type=1326 audit(1753153469.665:6020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18202 comm="syz.2.4436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf30ee9a9 code=0x7ffc0000
[  538.059104][   T29] audit: type=1326 audit(1753153469.695:6021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18202 comm="syz.2.4436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fedf30ee9a9 code=0x7ffc0000
[  538.082751][   T29] audit: type=1326 audit(1753153469.695:6022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18202 comm="syz.2.4436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf30ee9a9 code=0x7ffc0000
[  538.083441][T18204] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18204 comm=syz.4.4435
[  538.106296][   T29] audit: type=1326 audit(1753153469.695:6023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18202 comm="syz.2.4436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf30ee9a9 code=0x7ffc0000
[  538.142360][   T29] audit: type=1326 audit(1753153469.705:6024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18202 comm="syz.2.4436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fedf30ee9a9 code=0x7ffc0000
[  538.148997][T18213] netlink: 27 bytes leftover after parsing attributes in process `syz.3.4432'.
[  538.165849][   T29] audit: type=1326 audit(1753153469.705:6025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18202 comm="syz.2.4436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf30ee9a9 code=0x7ffc0000
[  538.165888][   T29] audit: type=1326 audit(1753153469.705:6026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18202 comm="syz.2.4436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf30ee9a9 code=0x7ffc0000
[  538.221993][   T29] audit: type=1326 audit(1753153469.705:6027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18202 comm="syz.2.4436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fedf30ee9a9 code=0x7ffc0000
[  538.245441][   T29] audit: type=1326 audit(1753153469.705:6028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18202 comm="syz.2.4436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf30ee9a9 code=0x7ffc0000
[  538.247486][T18217] loop1: detected capacity change from 0 to 512
[  538.268988][   T29] audit: type=1326 audit(1753153469.705:6029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18202 comm="syz.2.4436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedf30ee9a9 code=0x7ffc0000
[  538.294245][T18206] loop2: detected capacity change from 0 to 512
[  538.324775][T18206] ext4: Unknown parameter 'nouser_xattr'
[  538.401395][T18217] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  538.421787][T18217] ext4 filesystem being mounted at /313/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  538.484114][T18231] loop0: detected capacity change from 0 to 512
[  538.491610][T18231] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  538.557547][T18235] netlink: 'syz.4.4442': attribute type 1 has an invalid length.
[  538.647289][T18241] loop4: detected capacity change from 0 to 1024
[  538.664608][ T2998]  loop3: p1 < > p4
[  538.671318][ T2998] loop3: p4 size 8388608 extends beyond EOD, truncated
[  538.680168][T18241] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  538.722756][T18241] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  538.757611][T18241] tmpfs: Bad value for 'mpol'
[  538.775759][T13436] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  538.833594][T18251] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4447'.
[  538.844323][T17045] udevd[17045]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  538.861018][T17051] udevd[17051]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  538.883644][T18253] netlink: 148 bytes leftover after parsing attributes in process `syz.4.4446'.
[  538.900664][T12981] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0
[  538.918564][T18247] loop0: detected capacity change from 0 to 1024
[  538.925587][T12981] hid-generic 0000:0000:0000.0014: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  538.931376][T18255] loop3: detected capacity change from 0 to 256
[  538.954543][T18247] EXT4-fs: Ignoring removed nomblk_io_submit option
[  538.968110][T18255] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  538.974118][T18247] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  539.019156][T18247] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  539.098480][T18247] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  539.102610][T18263] loop3: detected capacity change from 0 to 512
[  539.122943][T18263] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  539.189921][T18258] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18258 comm=syz.4.4449
[  539.360164][T18275] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18275 comm=syz.3.4452
[  539.389042][T18279] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4453'.
[  539.399988][T18279] netlink: 108 bytes leftover after parsing attributes in process `syz.0.4453'.
[  539.595801][T18287] 9pnet_fd: Insufficient options for proto=fd
[  539.677898][T18289] loop3: detected capacity change from 0 to 1024
[  539.714479][T18289] EXT4-fs: Ignoring removed bh option
[  539.761614][T18289] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  539.799594][T18298] netlink: 'syz.0.4461': attribute type 6 has an invalid length.
[  539.873508][T13230] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  539.967381][T18308] loop4: detected capacity change from 0 to 1024
[  539.982569][T18308] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  540.049970][T18308] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  540.086931][T18308] tmpfs: Bad value for 'mpol'
[  540.099620][T18318] netlink: 256 bytes leftover after parsing attributes in process `syz.3.4463'.
[  540.125654][T13436] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  540.252424][T18327] netlink: 'syz.0.4473': attribute type 12 has an invalid length.
[  540.260546][T18327] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4473'.
[  540.304935][T18327] netlink: 492 bytes leftover after parsing attributes in process `syz.0.4473'.
[  540.315549][T18334] loop2: detected capacity change from 0 to 2048
[  540.345083][T17045]  loop2: p1 < > p4
[  540.351502][T17045] loop2: p4 size 8388608 extends beyond EOD, truncated
[  540.366588][T18334]  loop2: p1 < > p4
[  540.375761][T18334] loop2: p4 size 8388608 extends beyond EOD, truncated
[  540.420114][T18341] loop3: detected capacity change from 0 to 2048
[  540.448969][T18339] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18339 comm=syz.4.4475
[  540.464425][T18343] loop0: detected capacity change from 0 to 2048
[  540.477855][T18341]  loop3: p1 < > p4
[  540.499937][T18341] loop3: p4 size 8388608 extends beyond EOD, truncated
[  540.535653][T18343] EXT4-fs (loop0): failed to initialize system zone (-117)
[  540.555867][T18343] EXT4-fs (loop0): mount failed
[  540.581887][T18349] netlink: 27 bytes leftover after parsing attributes in process `syz.2.4474'.
[  540.692479][T18341] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18341 comm=syz.3.4476
[  540.922380][T18361] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4480'.
[  541.079166][ T2998]  loop2: p1 < > p4
[  541.097454][ T2998] loop2: p4 size 8388608 extends beyond EOD, truncated
[  541.179174][T18369] loop4: detected capacity change from 0 to 2048
[  541.216624][T17045] udevd[17045]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  541.227378][T18369] EXT4-fs (loop4): failed to initialize system zone (-117)
[  541.230157][T17051] udevd[17051]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  541.236243][T18369] EXT4-fs (loop4): mount failed
[  541.257905][ T2998]  loop3: p1 < > p4
[  541.269010][ T2998] loop3: p4 size 8388608 extends beyond EOD, truncated
[  541.289337][T18375] netlink: 'syz.0.4487': attribute type 6 has an invalid length.
[  541.297722][T18377] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4486'.
[  541.311206][T18373] delete_channel: no stack
[  541.368374][T18382] loop3: detected capacity change from 0 to 2048
[  541.405588][T18382] EXT4-fs (loop3): failed to initialize system zone (-117)
[  541.414549][T18387] SELinux: failed to load policy
[  541.450935][T18382] EXT4-fs (loop3): mount failed
[  541.476395][T17045] udevd[17045]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  541.482532][ T6052] udevd[6052]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  541.516085][T18391] netlink: 'syz.0.4493': attribute type 1 has an invalid length.
[  541.649115][T18404] netlink: 'syz.3.4499': attribute type 6 has an invalid length.
[  541.676560][T18407] loop4: detected capacity change from 0 to 1024
[  541.689807][T18407] EXT4-fs: Ignoring removed nomblk_io_submit option
[  541.711911][T18404] 9pnet_fd: Insufficient options for proto=fd
[  541.720334][T18407] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  541.740531][T18410] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18410 comm=syz.0.4494
[  541.765802][T18407] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  541.779994][T18407] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  541.813436][T18415] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4502'.
[  541.879737][T18422] loop3: detected capacity change from 0 to 1024
[  541.887488][T18422] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  541.907418][T18422] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  541.933673][   T10] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  541.948780][   T10] hid-generic 0000:0000:0000.0015: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  541.965103][T18422] tmpfs: Bad value for 'mpol'
[  541.985240][T18427] loop2: detected capacity change from 0 to 2048
[  541.998171][T13230] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  542.025570][T18427] EXT4-fs (loop2): failed to initialize system zone (-117)
[  542.050891][T18427] EXT4-fs (loop2): mount failed
[  542.075561][T18434] loop3: detected capacity change from 0 to 1024
[  542.099003][T18434] EXT4-fs: Ignoring removed nomblk_io_submit option
[  542.125710][T18434] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  542.150413][T18437] loop4: detected capacity change from 0 to 2048
[  542.151248][T18434] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  542.182870][T18441] loop2: detected capacity change from 0 to 512
[  542.193288][T12901] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  542.203280][T17045]  loop4: p1 < > p4
[  542.214615][T18434] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  542.218403][T18441] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  542.224221][T17045] loop4: p4 size 8388608 extends beyond EOD, truncated
[  542.240572][T18441] ext4 filesystem being mounted at /320/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  542.265530][T18437]  loop4: p1 < > p4
[  542.281200][T18437] loop4: p4 size 8388608 extends beyond EOD, truncated
[  542.410236][T18451] loop1: detected capacity change from 0 to 1024
[  542.424100][T18437] netlink: 27 bytes leftover after parsing attributes in process `syz.4.4508'.
[  542.501840][T18465] loop0: detected capacity change from 0 to 1024
[  542.516746][T13021] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  542.524551][T18465] EXT4-fs: Ignoring removed nomblk_io_submit option
[  542.550728][T18451] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  542.581851][T18451] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  542.604719][T18465] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  542.640623][T18515] loop2: detected capacity change from 0 to 256
[  542.653544][T18465] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  542.673002][T18465] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  542.686673][T18515] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  542.793958][T18520] netlink: 'syz.0.4516': attribute type 1 has an invalid length.
[  542.800874][T18523] netlink: 'syz.2.4517': attribute type 6 has an invalid length.
[  542.822845][T18523] 9pnet_fd: Insufficient options for proto=fd
[  542.907066][ T2998]  loop4: p1 < > p4
[  542.917115][ T2998] loop4: p4 size 8388608 extends beyond EOD, truncated
[  542.998973][ T3301] printk: udevd: 117 output lines suppressed due to ratelimiting
[  543.077388][T18537] loop2: detected capacity change from 0 to 2048
[  543.143412][T18537]  loop2: p1 < > p4
[  543.157627][T18537] loop2: p4 size 8388608 extends beyond EOD, truncated
[  543.230580][ T3395] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0
[  543.277763][T12901] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  543.288726][ T3395] hid-generic 0000:0000:0000.0016: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  543.396074][T18553] loop0: detected capacity change from 0 to 512
[  543.413835][T18553] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  543.486821][   T29] kauditd_printk_skb: 179 callbacks suppressed
[  543.486841][   T29] audit: type=1326 audit(1753153475.185:6209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18563 comm="syz.1.4532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  543.524136][   T29] audit: type=1326 audit(1753153475.185:6210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18563 comm="syz.1.4532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  543.547708][   T29] audit: type=1326 audit(1753153475.185:6211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18563 comm="syz.1.4532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  543.547874][T18565] loop3: detected capacity change from 0 to 2048
[  543.571296][   T29] audit: type=1326 audit(1753153475.185:6212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18563 comm="syz.1.4532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  543.571344][   T29] audit: type=1326 audit(1753153475.185:6213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18563 comm="syz.1.4532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  543.624997][   T29] audit: type=1326 audit(1753153475.185:6214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18563 comm="syz.1.4532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  543.648716][   T29] audit: type=1326 audit(1753153475.185:6215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18563 comm="syz.1.4532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  543.672247][   T29] audit: type=1326 audit(1753153475.185:6216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18563 comm="syz.1.4532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  543.695686][   T29] audit: type=1326 audit(1753153475.185:6217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18563 comm="syz.1.4532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  543.719405][   T29] audit: type=1326 audit(1753153475.185:6218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18563 comm="syz.1.4532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  543.750371][T18569] loop1: detected capacity change from 0 to 1024
[  543.757257][T18569] EXT4-fs: Ignoring removed nomblk_io_submit option
[  543.764792][T18569] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  543.775154][T18565]  loop3: p1 < > p4
[  543.787079][T18565] loop3: p4 size 8388608 extends beyond EOD, truncated
[  543.794984][T18569] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  543.812660][T18569] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  543.840002][T18574] loop0: detected capacity change from 0 to 512
[  543.852387][T18574] ext4: Unknown parameter 'nouser_xattr'
[  543.901425][T18583] loop1: detected capacity change from 0 to 512
[  543.910693][T18583] ext4: Unknown parameter 'nouser_xattr'
[  543.953157][T18587] loop4: detected capacity change from 0 to 2048
[  544.016704][T18587]  loop4: p1 < > p4
[  544.021426][T18587] loop4: p4 size 8388608 extends beyond EOD, truncated
[  544.332739][T18604] loop3: detected capacity change from 0 to 1024
[  544.355025][T18604] EXT4-fs: Ignoring removed nomblk_io_submit option
[  544.367412][T18604] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  544.389189][ T3395] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0
[  544.407429][T18604] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  544.414453][ T3395] hid-generic 0000:0000:0000.0017: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  544.445449][T18604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  544.820114][T18622] __nla_validate_parse: 5 callbacks suppressed
[  544.820136][T18622] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4552'.
[  544.900428][T18628] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4555'.
[  544.954207][T18631] loop2: detected capacity change from 0 to 512
[  544.971909][T18631] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  545.030165][T18641] loop1: detected capacity change from 0 to 2048
[  545.047510][T18641] EXT4-fs (loop1): failed to initialize system zone (-117)
[  545.065157][T18641] EXT4-fs (loop1): mount failed
[  545.075915][T18644] loop4: detected capacity change from 0 to 2048
[  545.083746][T18646] loop2: detected capacity change from 0 to 128
[  545.101824][T18646] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  545.123021][T18646] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  545.133090][T18644]  loop4: p1 < > p4
[  545.139550][T18644] loop4: p4 size 8388608 extends beyond EOD, truncated
[  545.185395][T12981] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0
[  545.205214][T12981] hid-generic 0000:0000:0000.0018: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  545.245819][T18659] loop1: detected capacity change from 0 to 256
[  545.259384][T18634] netlink: 27 bytes leftover after parsing attributes in process `syz.4.4558'.
[  545.269035][T18657] loop0: detected capacity change from 0 to 2048
[  545.279763][T18659] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  545.336126][T18663] loop2: detected capacity change from 0 to 2048
[  545.341537][T18657]  loop0: p1 < > p4
[  545.350848][T18657] loop0: p4 size 8388608 extends beyond EOD, truncated
[  545.364805][T18663]  loop2: p1 < > p4
[  545.369778][T18663] loop2: p4 size 8388608 extends beyond EOD, truncated
[  545.406587][T18669] loop3: detected capacity change from 0 to 512
[  545.414397][T18669] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  545.491239][T18657] netlink: 27 bytes leftover after parsing attributes in process `syz.0.4562'.
[  545.508023][T18684] netlink: 'syz.2.4572': attribute type 6 has an invalid length.
[  545.509723][T18681] loop1: detected capacity change from 0 to 2048
[  545.532180][T18684] 9pnet_fd: Insufficient options for proto=fd
[  545.545538][T18681] EXT4-fs (loop1): failed to initialize system zone (-117)
[  545.554249][T18681] EXT4-fs (loop1): mount failed
[  545.588497][T18690] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4574'.
[  545.618281][T18692] loop2: detected capacity change from 0 to 256
[  545.626875][T18692] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  545.679567][T18696] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4576'.
[  545.695031][T18699] netlink: 'syz.3.4573': attribute type 4 has an invalid length.
[  545.778675][T18705] netlink: 'syz.2.4580': attribute type 12 has an invalid length.
[  545.786603][T18705] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4580'.
[  545.797328][T18705] netlink: 492 bytes leftover after parsing attributes in process `syz.2.4580'.
[  545.897249][T18713] netlink: 'syz.4.4583': attribute type 6 has an invalid length.
[  545.905445][T18711] loop1: detected capacity change from 0 to 2048
[  545.913171][T18715] netlink: 'syz.2.4584': attribute type 6 has an invalid length.
[  545.923578][T18715] 9pnet_fd: Insufficient options for proto=fd
[  545.924881][T18713] 9pnet_fd: Insufficient options for proto=fd
[  545.954942][T18711]  loop1: p1 < > p4
[  545.960552][T18711] loop1: p4 size 8388608 extends beyond EOD, truncated
[  546.035092][T18724] loop1: detected capacity change from 0 to 512
[  546.049908][T18725] loop4: detected capacity change from 0 to 2048
[  546.064171][T18724] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.4588: casefold flag without casefold feature
[  546.077497][T18724] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.4588: couldn't read orphan inode 15 (err -117)
[  546.090486][T18725]  loop4: p1 < > p4
[  546.096384][T18725] loop4: p4 size 8388608 extends beyond EOD, truncated
[  546.099228][T18724] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  546.162441][T18734] netlink: 'syz.2.4592': attribute type 12 has an invalid length.
[  546.170374][T18734] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4592'.
[  546.180970][T18734] netlink: 492 bytes leftover after parsing attributes in process `syz.2.4592'.
[  546.189865][T18732] loop0: detected capacity change from 0 to 512
[  546.206955][T18732] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  546.283884][T12901] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  546.293082][T18745] loop2: detected capacity change from 0 to 128
[  546.297090][T18747] SELinux: failed to load policy
[  546.304306][T18745] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  546.317010][T18745] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  546.363855][T18749] FAULT_INJECTION: forcing a failure.
[  546.363855][T18749] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  546.378353][T18749] CPU: 0 UID: 0 PID: 18749 Comm: syz.1.4596 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  546.378458][T18749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  546.378533][T18749] Call Trace:
[  546.378541][T18749]  <TASK>
[  546.378551][T18749]  __dump_stack+0x1d/0x30
[  546.378579][T18749]  dump_stack_lvl+0xe8/0x140
[  546.378603][T18749]  dump_stack+0x15/0x1b
[  546.378678][T18749]  should_fail_ex+0x265/0x280
[  546.378802][T18749]  should_fail+0xb/0x20
[  546.378835][T18749]  should_fail_usercopy+0x1a/0x20
[  546.378912][T18749]  _copy_to_user+0x20/0xa0
[  546.378939][T18749]  simple_read_from_buffer+0xb5/0x130
[  546.378979][T18749]  proc_fail_nth_read+0x100/0x140
[  546.379053][T18749]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  546.379093][T18749]  vfs_read+0x19d/0x6f0
[  546.379121][T18749]  ? __rcu_read_unlock+0x4f/0x70
[  546.379143][T18749]  ? __fget_files+0x184/0x1c0
[  546.379216][T18749]  ksys_read+0xda/0x1a0
[  546.379316][T18749]  __x64_sys_read+0x40/0x50
[  546.379426][T18749]  x64_sys_call+0x2d77/0x2fb0
[  546.379454][T18749]  do_syscall_64+0xd2/0x200
[  546.379479][T18749]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  546.379512][T18749]  ? clear_bhb_loop+0x40/0x90
[  546.379537][T18749]  ? clear_bhb_loop+0x40/0x90
[  546.379631][T18749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.379652][T18749] RIP: 0033:0x7fd0486ed3bc
[  546.379668][T18749] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  546.379688][T18749] RSP: 002b:00007fd046d4f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  546.379707][T18749] RAX: ffffffffffffffda RBX: 00007fd048915fa0 RCX: 00007fd0486ed3bc
[  546.379719][T18749] RDX: 000000000000000f RSI: 00007fd046d4f0a0 RDI: 0000000000000006
[  546.379731][T18749] RBP: 00007fd046d4f090 R08: 0000000000000000 R09: 0000000000000000
[  546.379750][T18749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  546.379766][T18749] R13: 0000000000000000 R14: 00007fd048915fa0 R15: 00007ffecc66e8c8
[  546.379842][T18749]  </TASK>
[  546.790159][ T3395] hid-generic 0000:0000:0000.0019: unknown main item tag 0x0
[  546.819217][ T3395] hid-generic 0000:0000:0000.0019: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  546.861215][ T3395] hid-generic 0000:0000:0000.001A: unknown main item tag 0x0
[  546.910089][ T3395] hid-generic 0000:0000:0000.001A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  547.022598][T18780] FAULT_INJECTION: forcing a failure.
[  547.022598][T18780] name failslab, interval 1, probability 0, space 0, times 1
[  547.035428][T18780] CPU: 1 UID: 0 PID: 18780 Comm: syz.3.4608 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  547.035474][T18780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  547.035566][T18780] Call Trace:
[  547.035574][T18780]  <TASK>
[  547.035581][T18780]  __dump_stack+0x1d/0x30
[  547.035603][T18780]  dump_stack_lvl+0xe8/0x140
[  547.035626][T18780]  dump_stack+0x15/0x1b
[  547.035644][T18780]  should_fail_ex+0x265/0x280
[  547.035754][T18780]  should_failslab+0x8c/0xb0
[  547.035780][T18780]  kmem_cache_alloc_noprof+0x50/0x310
[  547.035812][T18780]  ? audit_log_start+0x365/0x6c0
[  547.035921][T18780]  audit_log_start+0x365/0x6c0
[  547.036038][T18780]  audit_seccomp+0x48/0x100
[  547.036101][T18780]  ? __seccomp_filter+0x68c/0x10d0
[  547.036126][T18780]  __seccomp_filter+0x69d/0x10d0
[  547.036161][T18780]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  547.036270][T18780]  ? vfs_write+0x75e/0x8e0
[  547.036305][T18780]  ? __rcu_read_unlock+0x4f/0x70
[  547.036326][T18780]  ? __fget_files+0x184/0x1c0
[  547.036520][T18780]  __secure_computing+0x82/0x150
[  547.036542][T18780]  syscall_trace_enter+0xcf/0x1e0
[  547.036573][T18780]  do_syscall_64+0xac/0x200
[  547.036597][T18780]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  547.036629][T18780]  ? clear_bhb_loop+0x40/0x90
[  547.036730][T18780]  ? clear_bhb_loop+0x40/0x90
[  547.036758][T18780]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  547.036785][T18780] RIP: 0033:0x7f24334fe9a9
[  547.036804][T18780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  547.036851][T18780] RSP: 002b:00007f2431b5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  547.036882][T18780] RAX: ffffffffffffffda RBX: 00007f2433725fa0 RCX: 00007f24334fe9a9
[  547.036898][T18780] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004
[  547.036914][T18780] RBP: 00007f2431b5f090 R08: 0000000000000000 R09: 0000000000000000
[  547.036929][T18780] R10: 0001000000201005 R11: 0000000000000246 R12: 0000000000000001
[  547.036945][T18780] R13: 0000000000000000 R14: 00007f2433725fa0 R15: 00007ffcca3f3de8
[  547.036972][T18780]  </TASK>
[  547.267380][T18784] loop2: detected capacity change from 0 to 512
[  547.297983][T18784] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  547.314104][T18784] ext4 filesystem being mounted at /358/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  547.341366][T18793] loop3: detected capacity change from 0 to 512
[  547.361019][T18793] ext4: Unknown parameter 'nouser_xattr'
[  547.370291][T18795] loop0: detected capacity change from 0 to 512
[  547.381897][T18797] loop4: detected capacity change from 0 to 256
[  547.388028][T18795] ext4: Unknown parameter 'nouser_xattr'
[  547.402991][T18797] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  547.504131][T18803] netlink: 'syz.1.4615': attribute type 6 has an invalid length.
[  547.524604][T18803] 9pnet_fd: Insufficient options for proto=fd
[  547.756878][T18824] loop4: detected capacity change from 0 to 256
[  547.775644][T18824] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  548.055087][T18837] loop1: detected capacity change from 0 to 2048
[  548.084825][T18837] EXT4-fs (loop1): failed to initialize system zone (-117)
[  548.102300][T18837] EXT4-fs (loop1): mount failed
[  548.578688][ T3395] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0
[  548.595564][ T3395] hid-generic 0000:0000:0000.001B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  548.716046][   T29] kauditd_printk_skb: 224 callbacks suppressed
[  548.716074][   T29] audit: type=1326 audit(1753153480.415:6441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18864 comm="syz.4.4638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa495c4e9a9 code=0x7ffc0000
[  548.747524][T18865] loop4: detected capacity change from 0 to 128
[  548.765043][   T29] audit: type=1326 audit(1753153480.415:6442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18864 comm="syz.4.4638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa495c4e9a9 code=0x7ffc0000
[  548.769744][T18865] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  548.788575][   T29] audit: type=1326 audit(1753153480.445:6443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18864 comm="syz.4.4638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fa495c4e9a9 code=0x7ffc0000
[  548.801759][T18867] loop0: detected capacity change from 0 to 512
[  548.824081][   T29] audit: type=1326 audit(1753153480.445:6444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18864 comm="syz.4.4638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa495c4e9e3 code=0x7ffc0000
[  548.853905][   T29] audit: type=1326 audit(1753153480.445:6445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18864 comm="syz.4.4638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fa495c4d45f code=0x7ffc0000
[  548.877334][   T29] audit: type=1326 audit(1753153480.445:6446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18864 comm="syz.4.4638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fa495c4ea37 code=0x7ffc0000
[  548.900819][   T29] audit: type=1326 audit(1753153480.445:6447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18864 comm="syz.4.4638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa495c4d310 code=0x7ffc0000
[  548.924433][   T29] audit: type=1326 audit(1753153480.445:6448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18864 comm="syz.4.4638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa495c4e5ab code=0x7ffc0000
[  548.944212][T18865] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  548.947949][   T29] audit: type=1326 audit(1753153480.445:6449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18864 comm="syz.4.4638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fa495c4d60a code=0x7ffc0000
[  548.980354][   T29] audit: type=1326 audit(1753153480.445:6450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18864 comm="syz.4.4638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fa495c4d60a code=0x7ffc0000
[  549.015151][T18867] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  549.087700][T18882] loop3: detected capacity change from 0 to 256
[  549.116731][T18882] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  549.168449][T18886] loop3: detected capacity change from 0 to 512
[  549.178437][T18886] ext4: Unknown parameter 'nouser_xattr'
[  549.188197][T18884] loop4: detected capacity change from 0 to 2048
[  549.205775][T18884] EXT4-fs (loop4): failed to initialize system zone (-117)
[  549.213059][T18884] EXT4-fs (loop4): mount failed
[  549.282238][T18896] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  549.469320][T18908] loop1: detected capacity change from 0 to 2048
[  549.536537][T18908]  loop1: p1 < > p4
[  549.549697][T18908] loop1: p4 size 8388608 extends beyond EOD, truncated
[  549.728612][T18915] loop0: detected capacity change from 0 to 2048
[  549.762923][T18915] EXT4-fs (loop0): failed to initialize system zone (-117)
[  549.779156][T18915] EXT4-fs (loop0): mount failed
[  549.812254][T13021] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  549.831826][T18915] netlink: 'syz.0.4653': attribute type 39 has an invalid length.
[  549.859014][T18919] loop2: detected capacity change from 0 to 2048
[  549.895897][T18919] EXT4-fs (loop2): failed to initialize system zone (-117)
[  549.903243][T18919] EXT4-fs (loop2): mount failed
[  550.132012][T18927] loop0: detected capacity change from 0 to 256
[  550.160095][T18927] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  550.204840][T18929] loop2: detected capacity change from 0 to 512
[  550.225346][T18929] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  550.321253][T18942] __nla_validate_parse: 4 callbacks suppressed
[  550.321272][T18942] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4661'.
[  550.418789][T18951] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18951 comm=syz.1.4664
[  550.446008][T18953] loop2: detected capacity change from 0 to 2048
[  550.465283][T18953] EXT4-fs (loop2): failed to initialize system zone (-117)
[  550.480046][T18953] EXT4-fs (loop2): mount failed
[  550.487591][T18955] netlink: 'syz.3.4666': attribute type 39 has an invalid length.
[  550.540754][T18960] IPv6: syztnl0: Disabled Multicast RS
[  550.551216][T18962] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4668'.
[  550.560479][T18962] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4668'.
[  550.569640][T18962] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4668'.
[  550.606123][T18966] loop1: detected capacity change from 0 to 256
[  550.614237][T18966] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  550.657181][T18968] loop1: detected capacity change from 0 to 512
[  550.665190][T18968] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  550.667777][T18970] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4672'.
[  550.719101][T18979] loop2: detected capacity change from 0 to 512
[  550.726290][T18979] ext4: Unknown parameter 'nouser_xattr'
[  550.776064][T18984] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4676'.
[  550.798927][T18983] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18983 comm=syz.3.4673
[  550.841815][T18992] loop1: detected capacity change from 0 to 164
[  550.848721][T18992] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  550.904111][T18994] loop1: detected capacity change from 0 to 2048
[  550.915785][T18994] EXT4-fs (loop1): failed to initialize system zone (-117)
[  550.923255][T18994] EXT4-fs (loop1): mount failed
[  550.985516][T18998] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4680'.
[  550.998434][T18998] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4680'.
[  551.007471][T18998] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4680'.
[  551.115830][T19007] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4683'.
[  551.126674][T19005] loop3: detected capacity change from 0 to 2048
[  551.165099][T19005]  loop3: p1 < > p4
[  551.176590][T19012] syz.0.4685 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  551.188022][T19005] loop3: p4 size 8388608 extends beyond EOD, truncated
[  551.235702][T19016] loop0: detected capacity change from 0 to 512
[  551.243834][T19016] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  551.324899][T19028] netlink: 'syz.0.4690': attribute type 6 has an invalid length.
[  551.336148][T19028] 9pnet_fd: Insufficient options for proto=fd
[  551.406678][T19032] loop0: detected capacity change from 0 to 256
[  551.422022][T19036] FAULT_INJECTION: forcing a failure.
[  551.422022][T19036] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  551.435263][T19036] CPU: 0 UID: 0 PID: 19036 Comm: syz.1.4694 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  551.435324][T19036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  551.435340][T19036] Call Trace:
[  551.435349][T19036]  <TASK>
[  551.435359][T19036]  __dump_stack+0x1d/0x30
[  551.435386][T19036]  dump_stack_lvl+0xe8/0x140
[  551.435443][T19036]  dump_stack+0x15/0x1b
[  551.435465][T19036]  should_fail_ex+0x265/0x280
[  551.435522][T19036]  should_fail+0xb/0x20
[  551.435548][T19036]  should_fail_usercopy+0x1a/0x20
[  551.435601][T19036]  _copy_to_user+0x20/0xa0
[  551.435678][T19036]  simple_read_from_buffer+0xb5/0x130
[  551.435715][T19036]  proc_fail_nth_read+0x100/0x140
[  551.435748][T19036]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  551.435824][T19036]  vfs_read+0x19d/0x6f0
[  551.435852][T19036]  ? __rcu_read_unlock+0x4f/0x70
[  551.435877][T19036]  ? __rcu_read_unlock+0x4f/0x70
[  551.435904][T19036]  ? __fget_files+0x184/0x1c0
[  551.435961][T19036]  ksys_read+0xda/0x1a0
[  551.436001][T19036]  __x64_sys_read+0x40/0x50
[  551.436053][T19036]  x64_sys_call+0x2d77/0x2fb0
[  551.436074][T19036]  do_syscall_64+0xd2/0x200
[  551.436099][T19036]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  551.436142][T19036]  ? clear_bhb_loop+0x40/0x90
[  551.436163][T19036]  ? clear_bhb_loop+0x40/0x90
[  551.436186][T19036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  551.436207][T19036] RIP: 0033:0x7fd0486ed3bc
[  551.436262][T19036] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  551.436285][T19036] RSP: 002b:00007fd046d4f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  551.436338][T19036] RAX: ffffffffffffffda RBX: 00007fd048915fa0 RCX: 00007fd0486ed3bc
[  551.436354][T19036] RDX: 000000000000000f RSI: 00007fd046d4f0a0 RDI: 0000000000000007
[  551.436368][T19036] RBP: 00007fd046d4f090 R08: 0000000000000000 R09: 0000000000000000
[  551.436435][T19036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  551.436451][T19036] R13: 0000000000000000 R14: 00007fd048915fa0 R15: 00007ffecc66e8c8
[  551.436470][T19036]  </TASK>
[  551.437422][T19034] loop4: detected capacity change from 0 to 2048
[  551.448679][T19032] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  551.606464][T19034] EXT4-fs (loop4): failed to initialize system zone (-117)
[  551.681454][T19034] EXT4-fs (loop4): mount failed
[  551.897634][T19071] loop2: detected capacity change from 0 to 2048
[  551.912520][T19073] netlink: 'syz.4.4703': attribute type 6 has an invalid length.
[  551.922883][T19073] 9pnet_fd: Insufficient options for proto=fd
[  551.936068][T19071] EXT4-fs (loop2): failed to initialize system zone (-117)
[  551.944212][T19071] EXT4-fs (loop2): mount failed
[  551.972787][T19082] loop4: detected capacity change from 0 to 512
[  551.980471][T19082] ext4: Unknown parameter 'nouser_xattr'
[  552.021814][T19088] loop2: detected capacity change from 0 to 512
[  552.030182][T19088] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.4708: casefold flag without casefold feature
[  552.043291][T19088] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.4708: couldn't read orphan inode 15 (err -117)
[  552.078141][T19079] netlink: 'syz.1.4705': attribute type 30 has an invalid length.
[  552.086310][T19089] netlink: 'syz.1.4705': attribute type 30 has an invalid length.
[  552.093783][T19079] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  552.103479][T19079] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  552.136409][T19089] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  552.145958][T19089] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  552.170809][T19099] loop2: detected capacity change from 0 to 2048
[  552.188795][T19101] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19101 comm=syz.3.4707
[  552.224726][T19099]  loop2: p1 < > p4
[  552.232957][T19099] loop2: p4 size 8388608 extends beyond EOD, truncated
[  552.574189][T19106] loop0: detected capacity change from 0 to 2048
[  552.585213][T19106] EXT4-fs (loop0): failed to initialize system zone (-117)
[  552.592535][T19106] EXT4-fs (loop0): mount failed
[  552.936997][T19121] netlink: 'syz.0.4716': attribute type 6 has an invalid length.
[  553.065975][T19134] loop3: detected capacity change from 0 to 2048
[  553.114698][T19134]  loop3: p1 < > p4
[  553.120831][T19134] loop3: p4 size 8388608 extends beyond EOD, truncated
[  553.165941][T19143] loop2: detected capacity change from 0 to 2048
[  553.214525][T19143]  loop2: p1 < > p4
[  553.219024][T19149] 1ªX¹¦À: renamed from 
60ªX¹¦À
[  553.226500][T19149] A link change request failed with some changes committed already. Interface 
61ªX¹¦À may have been left with an inconsistent configuration, please check.
[  553.227372][T19143] loop2: p4 size 8388608 extends beyond EOD, truncated
[  553.316987][T19151] loop0: detected capacity change from 0 to 512
[  553.407895][T19151] ext4 filesystem being mounted at /322/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  553.797254][T19159] netlink: 'syz.1.4724': attribute type 6 has an invalid length.
[  553.820561][T19159] 9pnet_fd: Insufficient options for proto=fd
[  554.955526][T19174] netlink: 'syz.1.4731': attribute type 6 has an invalid length.
[  554.986769][T19174] 9pnet_fd: Insufficient options for proto=fd
[  555.060575][T19182] loop4: detected capacity change from 0 to 2048
[  555.124613][T19182]  loop4: p1 < > p4
[  555.145945][T19182] loop4: p4 size 8388608 extends beyond EOD, truncated
[  555.204111][   T29] kauditd_printk_skb: 181 callbacks suppressed
[  555.204169][   T29] audit: type=1326 audit(1753153486.895:6632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19192 comm="syz.1.4739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  555.262685][T19195] loop2: detected capacity change from 0 to 2048
[  555.299111][   T29] audit: type=1326 audit(1753153486.935:6633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19192 comm="syz.1.4739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  555.322714][   T29] audit: type=1326 audit(1753153486.935:6634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19192 comm="syz.1.4739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  555.346444][   T29] audit: type=1326 audit(1753153486.935:6635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19192 comm="syz.1.4739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  555.370051][   T29] audit: type=1326 audit(1753153486.945:6636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19192 comm="syz.1.4739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  555.393847][   T29] audit: type=1326 audit(1753153486.945:6637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19192 comm="syz.1.4739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  555.417416][   T29] audit: type=1326 audit(1753153486.945:6638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19192 comm="syz.1.4739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  555.441131][   T29] audit: type=1326 audit(1753153486.955:6639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19192 comm="syz.1.4739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  555.464697][   T29] audit: type=1326 audit(1753153486.955:6640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19192 comm="syz.1.4739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  555.488494][   T29] audit: type=1326 audit(1753153486.955:6641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19192 comm="syz.1.4739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  555.530596][T19204] netlink: 'syz.1.4742': attribute type 6 has an invalid length.
[  555.540604][T19190]  loop2: p1 < > p4
[  555.548931][T19190] loop2: p4 size 8388608 extends beyond EOD, truncated
[  555.599760][T19204] 9pnet_fd: Insufficient options for proto=fd
[  555.672575][T19190] __nla_validate_parse: 10 callbacks suppressed
[  555.672621][T19190] netlink: 27 bytes leftover after parsing attributes in process `syz.2.4738'.
[  555.692223][T19195]  loop2: p1 < > p4
[  555.700800][T19195] loop2: p4 size 8388608 extends beyond EOD, truncated
[  555.757728][T19210] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4743'.
[  555.837663][T19210] syz.1.4743 (19210) used greatest stack depth: 8896 bytes left
[  555.916946][T19216] loop1: detected capacity change from 0 to 256
[  555.961063][T19216] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  556.219288][T19225] loop3: detected capacity change from 0 to 512
[  556.251335][T19225] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.4749: casefold flag without casefold feature
[  556.272784][T19225] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.4749: couldn't read orphan inode 15 (err -117)
[  556.401462][T19234] loop4: detected capacity change from 0 to 512
[  556.485772][T19234] ext4 filesystem being mounted at /324/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  556.544234][T19240] loop2: detected capacity change from 0 to 256
[  556.565036][T19240] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  556.737032][T19244] loop2: detected capacity change from 0 to 2048
[  556.775418][T19244]  loop2: p1 < > p4
[  556.784125][T19244] loop2: p4 size 8388608 extends beyond EOD, truncated
[  556.903230][T19244] netlink: 27 bytes leftover after parsing attributes in process `syz.2.4754'.
[  556.960971][T19236] loop1: detected capacity change from 0 to 256
[  557.297651][T19230] FAULT_INJECTION: forcing a failure.
[  557.297651][T19230] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  557.310849][T19230] CPU: 1 UID: 0 PID: 19230 Comm: syz.3.4750 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  557.310879][T19230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  557.310892][T19230] Call Trace:
[  557.310899][T19230]  <TASK>
[  557.310906][T19230]  __dump_stack+0x1d/0x30
[  557.310971][T19230]  dump_stack_lvl+0xe8/0x140
[  557.310993][T19230]  dump_stack+0x15/0x1b
[  557.311058][T19230]  should_fail_ex+0x265/0x280
[  557.311163][T19230]  should_fail+0xb/0x20
[  557.311236][T19230]  should_fail_usercopy+0x1a/0x20
[  557.311271][T19230]  _copy_from_iter+0xcf/0xe40
[  557.311306][T19230]  ? __rcu_read_unlock+0x4f/0x70
[  557.311392][T19230]  ? avc_has_perm_noaudit+0x1b1/0x200
[  557.311430][T19230]  copy_page_from_iter+0x178/0x2a0
[  557.311464][T19230]  anon_pipe_write+0x967/0xaa0
[  557.311487][T19230]  ? anon_pipe_write+0x80/0xaa0
[  557.311574][T19230]  ? selinux_file_permission+0x2f0/0x320
[  557.311607][T19230]  ? __pfx_anon_pipe_write+0x10/0x10
[  557.311632][T19230]  vfs_write+0x49d/0x8e0
[  557.311674][T19230]  ksys_write+0xda/0x1a0
[  557.311747][T19230]  __x64_sys_write+0x40/0x50
[  557.311776][T19230]  x64_sys_call+0x2cdd/0x2fb0
[  557.311799][T19230]  do_syscall_64+0xd2/0x200
[  557.311822][T19230]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  557.311924][T19230]  ? clear_bhb_loop+0x40/0x90
[  557.311946][T19230]  ? clear_bhb_loop+0x40/0x90
[  557.312032][T19230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  557.312053][T19230] RIP: 0033:0x7f24334fe9a9
[  557.312068][T19230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  557.312090][T19230] RSP: 002b:00007f2431b5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  557.312137][T19230] RAX: ffffffffffffffda RBX: 00007f2433725fa0 RCX: 00007f24334fe9a9
[  557.312154][T19230] RDX: 0000000000000020 RSI: 0000200000000180 RDI: 0000000000000005
[  557.312229][T19230] RBP: 00007f2431b5f090 R08: 0000000000000000 R09: 0000000000000000
[  557.312261][T19230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  557.312272][T19230] R13: 0000000000000000 R14: 00007f2433725fa0 R15: 00007ffcca3f3de8
[  557.312295][T19230]  </TASK>
[  557.696498][T19254] loop3: detected capacity change from 0 to 1024
[  557.706270][T19254] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  557.755674][T19254] EXT4-fs mount: 8 callbacks suppressed
[  557.755694][T19254] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  557.793343][T19267] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4761'.
[  557.828105][T19274] loop0: detected capacity change from 0 to 512
[  557.835252][T19274] ext4: Unknown parameter 'nouser_xattr'
[  557.861488][T19278] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19278 comm=syz.4.4758
[  557.911711][T19286] FAULT_INJECTION: forcing a failure.
[  557.911711][T19286] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  557.924958][T19286] CPU: 0 UID: 0 PID: 19286 Comm: syz.1.4763 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  557.924995][T19286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  557.925089][T19286] Call Trace:
[  557.925097][T19286]  <TASK>
[  557.925105][T19286]  __dump_stack+0x1d/0x30
[  557.925127][T19286]  dump_stack_lvl+0xe8/0x140
[  557.925230][T19286]  dump_stack+0x15/0x1b
[  557.925253][T19286]  should_fail_ex+0x265/0x280
[  557.925294][T19286]  should_fail+0xb/0x20
[  557.925338][T19286]  should_fail_usercopy+0x1a/0x20
[  557.925380][T19286]  _copy_from_user+0x1c/0xb0
[  557.925409][T19286]  user_termios_to_kernel_termios_1+0x22/0x30
[  557.925475][T19286]  set_termios+0x125/0x4e0
[  557.925511][T19286]  tty_mode_ioctl+0x379/0x5c0
[  557.925539][T19286]  n_tty_ioctl_helper+0x91/0x210
[  557.925574][T19286]  n_tty_ioctl+0x101/0x200
[  557.925609][T19286]  ? __pfx_n_tty_ioctl+0x10/0x10
[  557.925636][T19286]  tty_ioctl+0x845/0xb80
[  557.925674][T19286]  ? __pfx_tty_ioctl+0x10/0x10
[  557.925711][T19286]  __se_sys_ioctl+0xcb/0x140
[  557.925772][T19286]  __x64_sys_ioctl+0x43/0x50
[  557.925808][T19286]  x64_sys_call+0x19a8/0x2fb0
[  557.925833][T19286]  do_syscall_64+0xd2/0x200
[  557.925895][T19286]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  557.925931][T19286]  ? clear_bhb_loop+0x40/0x90
[  557.925958][T19286]  ? clear_bhb_loop+0x40/0x90
[  557.926022][T19286]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  557.926046][T19286] RIP: 0033:0x7fd0486ee9a9
[  557.926066][T19286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  557.926089][T19286] RSP: 002b:00007fd046d0d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  557.926114][T19286] RAX: ffffffffffffffda RBX: 00007fd048916160 RCX: 00007fd0486ee9a9
[  557.926132][T19286] RDX: 0000200000000080 RSI: 0000000000005404 RDI: 0000000000000009
[  557.926149][T19286] RBP: 00007fd046d0d090 R08: 0000000000000000 R09: 0000000000000000
[  557.926230][T19286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  557.926247][T19286] R13: 0000000000000001 R14: 00007fd048916160 R15: 00007ffecc66e8c8
[  557.926413][T19286]  </TASK>
[  558.511912][T13230] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  558.533912][T19293] netlink: 'syz.3.4767': attribute type 6 has an invalid length.
[  558.575932][T19295] loop3: detected capacity change from 0 to 512
[  558.583453][T19295] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  558.794298][T19312] loop1: detected capacity change from 0 to 1024
[  558.821967][T19312] EXT4-fs: Ignoring removed orlov option
[  558.832237][T19312] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  558.847699][T19312] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  558.870577][T19321] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4777'.
[  558.882434][T19319] loop3: detected capacity change from 0 to 2048
[  558.920473][T19319] EXT4-fs (loop3): failed to initialize system zone (-117)
[  558.929406][T12901] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  558.945725][T19324] loop4: detected capacity change from 0 to 512
[  558.969185][T19319] EXT4-fs (loop3): mount failed
[  558.986617][T19324] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  558.999211][T19324] ext4 filesystem being mounted at /326/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  559.022601][T19332] loop0: detected capacity change from 0 to 512
[  559.033661][T19332] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  559.189966][T19347] loop3: detected capacity change from 0 to 512
[  559.224522][T19347] ext4: Unknown parameter 'nouser_xattr'
[  559.253869][T19347] 9pnet_virtio: no channels available for device 127.0.0.1
[  559.301426][T19356] loop2: detected capacity change from 0 to 2048
[  559.351951][T19356] EXT4-fs (loop2): failed to initialize system zone (-117)
[  559.375708][T19356] EXT4-fs (loop2): mount failed
[  559.431461][T19362] loop3: detected capacity change from 0 to 2048
[  559.491131][T19362] EXT4-fs (loop3): failed to initialize system zone (-117)
[  559.511393][T19365] loop1: detected capacity change from 0 to 2048
[  559.524183][T19362] EXT4-fs (loop3): mount failed
[  559.537916][T19368] loop0: detected capacity change from 0 to 512
[  559.560818][T19368] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.4791: casefold flag without casefold feature
[  559.596650][T19365] EXT4-fs (loop1): failed to initialize system zone (-117)
[  559.620149][T19368] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.4791: couldn't read orphan inode 15 (err -117)
[  559.632786][T19365] EXT4-fs (loop1): mount failed
[  559.653165][T19368] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  559.707452][T13722] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  559.977175][T19395] loop1: detected capacity change from 0 to 512
[  559.997543][T19395] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.4802: casefold flag without casefold feature
[  560.022913][T19395] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.4802: couldn't read orphan inode 15 (err -117)
[  560.048084][T19395] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  560.049346][T19398] loop2: detected capacity change from 0 to 2048
[  560.097717][T12901] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  560.127117][T19398] EXT4-fs (loop2): failed to initialize system zone (-117)
[  560.134707][T19398] EXT4-fs (loop2): mount failed
[  560.144212][T19401] loop1: detected capacity change from 0 to 512
[  560.154333][T19401] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  560.261297][T19407] loop0: detected capacity change from 0 to 2048
[  560.309051][T19407] EXT4-fs (loop0): failed to initialize system zone (-117)
[  560.338660][T19407] EXT4-fs (loop0): mount failed
[  560.368871][T19422] loop2: detected capacity change from 0 to 2048
[  560.381175][T19426] loop3: detected capacity change from 0 to 256
[  560.418226][T19426] msdos: Unknown parameter 'ÿ0xffffffffffffffffÿÿÿÿ18446744073709551615'
[  560.436841][T19422] EXT4-fs (loop2): failed to initialize system zone (-117)
[  560.459357][T19422] EXT4-fs (loop2): mount failed
[  560.507047][T19436] loop3: detected capacity change from 0 to 2048
[  560.537324][T19436] EXT4-fs (loop3): failed to initialize system zone (-117)
[  560.553428][T19436] EXT4-fs (loop3): mount failed
[  560.622946][T19443] loop2: detected capacity change from 0 to 1024
[  560.648017][T19445] loop3: detected capacity change from 0 to 512
[  560.667045][T19443] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  560.677915][T19445] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  560.700024][T19443] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  560.791834][T19455] FAULT_INJECTION: forcing a failure.
[  560.791834][T19455] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  560.805345][T19455] CPU: 0 UID: 0 PID: 19455 Comm: syz.1.4822 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  560.805449][T19455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  560.805466][T19455] Call Trace:
[  560.805475][T19455]  <TASK>
[  560.805485][T19455]  __dump_stack+0x1d/0x30
[  560.805511][T19455]  dump_stack_lvl+0xe8/0x140
[  560.805533][T19455]  dump_stack+0x15/0x1b
[  560.805628][T19455]  should_fail_ex+0x265/0x280
[  560.805666][T19455]  should_fail_alloc_page+0xf2/0x100
[  560.805695][T19455]  __alloc_frozen_pages_noprof+0xff/0x360
[  560.805738][T19455]  alloc_pages_mpol+0xb3/0x250
[  560.805840][T19455]  alloc_pages_noprof+0x90/0x130
[  560.805884][T19455]  get_free_pages_noprof+0xc/0x40
[  560.805923][T19455]  __se_sys_mincore+0xd9/0x490
[  560.805992][T19455]  __x64_sys_mincore+0x43/0x50
[  560.806014][T19455]  x64_sys_call+0x2c2d/0x2fb0
[  560.806072][T19455]  do_syscall_64+0xd2/0x200
[  560.806096][T19455]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  560.806163][T19455]  ? clear_bhb_loop+0x40/0x90
[  560.806263][T19455]  ? clear_bhb_loop+0x40/0x90
[  560.806284][T19455]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  560.806306][T19455] RIP: 0033:0x7fd0486ee9a9
[  560.806325][T19455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  560.806398][T19455] RSP: 002b:00007fd046d4f038 EFLAGS: 00000246 ORIG_RAX: 000000000000001b
[  560.806418][T19455] RAX: ffffffffffffffda RBX: 00007fd048915fa0 RCX: 00007fd0486ee9a9
[  560.806431][T19455] RDX: 0000200000000440 RSI: 0000000000800000 RDI: 0000200000000000
[  560.806445][T19455] RBP: 00007fd046d4f090 R08: 0000000000000000 R09: 0000000000000000
[  560.806457][T19455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  560.806469][T19455] R13: 0000000000000000 R14: 00007fd048915fa0 R15: 00007ffecc66e8c8
[  560.806561][T19455]  </TASK>
[  561.032650][T19460] loop3: detected capacity change from 0 to 512
[  561.049041][T19460] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.4824: casefold flag without casefold feature
[  561.069123][   T29] kauditd_printk_skb: 34 callbacks suppressed
[  561.069140][   T29] audit: type=1326 audit(1753153492.765:6676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19461 comm="syz.1.4825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd0486e5967 code=0x7ffc0000
[  561.075129][T19460] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.4824: couldn't read orphan inode 15 (err -117)
[  561.081798][   T29] audit: type=1326 audit(1753153492.775:6677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19461 comm="syz.1.4825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd04868ab89 code=0x7ffc0000
[  561.134181][   T29] audit: type=1326 audit(1753153492.775:6678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19461 comm="syz.1.4825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd0486e5967 code=0x7ffc0000
[  561.136054][T19460] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  561.157659][   T29] audit: type=1326 audit(1753153492.775:6679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19461 comm="syz.1.4825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd04868ab89 code=0x7ffc0000
[  561.157699][   T29] audit: type=1326 audit(1753153492.775:6680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19461 comm="syz.1.4825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  561.217148][   T29] audit: type=1326 audit(1753153492.775:6681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19461 comm="syz.1.4825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0486ee9a9 code=0x7ffc0000
[  561.240691][   T29] audit: type=1326 audit(1753153492.775:6682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19461 comm="syz.1.4825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd0486e5967 code=0x7ffc0000
[  561.264215][   T29] audit: type=1326 audit(1753153492.775:6683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19461 comm="syz.1.4825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd04868ab89 code=0x7ffc0000
[  561.287673][   T29] audit: type=1326 audit(1753153492.775:6684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19461 comm="syz.1.4825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd0486e5967 code=0x7ffc0000
[  561.311153][   T29] audit: type=1326 audit(1753153492.775:6685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19461 comm="syz.1.4825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd04868ab89 code=0x7ffc0000
[  561.345724][T13230] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  561.488333][T19470] loop0: detected capacity change from 0 to 2048
[  561.494680][T13021] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  561.544697][T19470]  loop0: p1 < > p4
[  561.549262][T19470] loop0: p4 size 8388608 extends beyond EOD, truncated
[  561.576270][T19483] loop3: detected capacity change from 0 to 2048
[  561.614646][T19485] loop2: detected capacity change from 0 to 2048
[  561.635275][T19483]  loop3: p1 < > p4
[  561.642639][T19483] loop3: p4 size 8388608 extends beyond EOD, truncated
[  561.654773][T19485]  loop2: p1 < > p4
[  561.661595][T19485] loop2: p4 size 8388608 extends beyond EOD, truncated
[  561.673887][T19489] netlink: 27 bytes leftover after parsing attributes in process `syz.0.4827'.
[  561.790526][T19483] netlink: 27 bytes leftover after parsing attributes in process `syz.3.4826'.
[  561.814445][T19481] netlink: 27 bytes leftover after parsing attributes in process `syz.2.4831'.
[  561.830794][T19498] loop1: detected capacity change from 0 to 2048
[  561.897950][T19498] EXT4-fs (loop1): failed to initialize system zone (-117)
[  561.908645][T19498] EXT4-fs (loop1): mount failed
[  562.061135][T19505] random: crng reseeded on system resumption
[  562.097516][T19507] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4836'.
[  562.165916][T13436] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  562.227240][T19515] loop1: detected capacity change from 0 to 1024
[  562.240828][T19515] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  562.266395][T19515] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  562.349187][T19523] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19523 comm=syz.4.4841
[  562.472799][T19541] 9pnet_fd: Insufficient options for proto=fd
[  562.538768][T19550] loop0: detected capacity change from 0 to 2048
[  562.548450][T19547] loop3: detected capacity change from 0 to 2048
[  562.565469][T19550] EXT4-fs (loop0): failed to initialize system zone (-117)
[  562.576280][T19552] loop4: detected capacity change from 0 to 512
[  562.583032][T19550] EXT4-fs (loop0): mount failed
[  562.588470][T19552] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  562.595130][T19547]  loop3: p1 < > p4
[  562.614374][T19547] loop3: p4 size 8388608 extends beyond EOD, truncated
[  562.662764][T19562] netlink: 'syz.0.4855': attribute type 6 has an invalid length.
[  562.692092][T19564] loop4: detected capacity change from 0 to 512
[  562.729408][T19564] ext4: Unknown parameter 'nouser_xattr'
[  562.740083][T19569] netlink: 27 bytes leftover after parsing attributes in process `syz.3.4848'.
[  562.861845][T19575] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT
[  562.996916][T19583] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19583 comm=syz.2.4861
[  563.114527][T12901] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  563.127378][T19589] 9pnet_fd: Insufficient options for proto=fd
[  563.201633][T19595] loop2: detected capacity change from 0 to 2048
[  563.215835][T19595] EXT4-fs (loop2): failed to initialize system zone (-117)
[  563.223456][T19599] netlink: 'syz.0.4867': attribute type 6 has an invalid length.
[  563.233458][T19597] loop1: detected capacity change from 0 to 2048
[  563.240218][T19595] EXT4-fs (loop2): mount failed
[  563.269242][T19597] EXT4-fs (loop1): failed to initialize system zone (-117)
[  563.305273][T19597] EXT4-fs (loop1): mount failed
[  563.353731][T19609] FAULT_INJECTION: forcing a failure.
[  563.353731][T19609] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  563.367143][T19609] CPU: 0 UID: 0 PID: 19609 Comm: syz.2.4870 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  563.367242][T19609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  563.367254][T19609] Call Trace:
[  563.367263][T19609]  <TASK>
[  563.367294][T19609]  __dump_stack+0x1d/0x30
[  563.367320][T19609]  dump_stack_lvl+0xe8/0x140
[  563.367375][T19609]  dump_stack+0x15/0x1b
[  563.367395][T19609]  should_fail_ex+0x265/0x280
[  563.367512][T19609]  should_fail_alloc_page+0xf2/0x100
[  563.367540][T19609]  __alloc_frozen_pages_noprof+0xff/0x360
[  563.367579][T19609]  alloc_pages_mpol+0xb3/0x250
[  563.367641][T19609]  alloc_pages_noprof+0x90/0x130
[  563.367731][T19609]  get_zeroed_page_noprof+0x1a/0x40
[  563.367840][T19609]  simple_transaction_get+0x4c/0x130
[  563.367944][T19609]  selinux_transaction_write+0x9d/0x110
[  563.368057][T19609]  ? __pfx_selinux_transaction_write+0x10/0x10
[  563.368091][T19609]  vfs_write+0x269/0x8e0
[  563.368192][T19609]  ? __rcu_read_unlock+0x4f/0x70
[  563.368269][T19609]  ? __fget_files+0x184/0x1c0
[  563.368290][T19609]  ksys_write+0xda/0x1a0
[  563.368377][T19609]  __x64_sys_write+0x40/0x50
[  563.368416][T19609]  x64_sys_call+0x2cdd/0x2fb0
[  563.368439][T19609]  do_syscall_64+0xd2/0x200
[  563.368460][T19609]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  563.368555][T19609]  ? clear_bhb_loop+0x40/0x90
[  563.368581][T19609]  ? clear_bhb_loop+0x40/0x90
[  563.368618][T19609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  563.368639][T19609] RIP: 0033:0x7fedf30ee9a9
[  563.368654][T19609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  563.368675][T19609] RSP: 002b:00007fedf1757038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  563.368699][T19609] RAX: ffffffffffffffda RBX: 00007fedf3315fa0 RCX: 00007fedf30ee9a9
[  563.368715][T19609] RDX: 0000000000000027 RSI: 0000200000000080 RDI: 0000000000000006
[  563.368732][T19609] RBP: 00007fedf1757090 R08: 0000000000000000 R09: 0000000000000000
[  563.368791][T19609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  563.368861][T19609] R13: 0000000000000000 R14: 00007fedf3315fa0 R15: 00007ffec7292bc8
[  563.368887][T19609]  </TASK>
[  563.678613][T19615] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4872'.
[  563.755755][T19626] loop2: detected capacity change from 0 to 512
[  563.763498][T19626] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  564.025743][T19637] 9pnet_fd: Insufficient options for proto=fd
[  564.100459][T19639] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4880'.
[  564.210786][T19641] loop2: detected capacity change from 0 to 256
[  564.243420][T19641] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  564.395154][T19647] loop2: detected capacity change from 0 to 512
[  564.412458][T19647] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  564.445573][T19647] EXT4-fs (loop2): orphan cleanup on readonly fs
[  564.462455][T19647] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:517: comm syz.2.4884: Block bitmap for bg 0 marked uninitialized
[  564.502852][T19647] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  564.569441][T19647] EXT4-fs (loop2): 1 orphan inode deleted
[  564.577135][T19647] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  564.635188][T19647] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4884'.
[  564.689940][T13021] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  564.747673][T19669] loop2: detected capacity change from 0 to 256
[  564.765180][T19669] msdos: Unknown parameter 'ÿ0xffffffffffffffffÿÿÿÿ18446744073709551615'
[  564.782962][T19670] loop0: detected capacity change from 0 to 2048
[  564.838541][T19670]  loop0: p1 < > p4
[  564.852772][T19670] loop0: p4 size 8388608 extends beyond EOD, truncated
[  564.887006][T19680] netlink: 14 bytes leftover after parsing attributes in process `+}[@'.
[  564.902034][T19678] loop3: detected capacity change from 0 to 2048
[  564.915777][T19678]  loop3: p1 < > p4
[  564.915810][T19682] loop1: detected capacity change from 0 to 164
[  564.920346][T19678] loop3: p4 size 8388608 extends beyond EOD, truncated
[  564.946118][T19670] netlink: 27 bytes leftover after parsing attributes in process `syz.0.4890'.
[  564.961275][T19685] loop4: detected capacity change from 0 to 164
[  565.030133][T19691] FAULT_INJECTION: forcing a failure.
[  565.030133][T19691] name failslab, interval 1, probability 0, space 0, times 0
[  565.043146][T19691] CPU: 0 UID: 0 PID: 19691 Comm: syz.4.4897 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  565.043183][T19691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  565.043198][T19691] Call Trace:
[  565.043205][T19691]  <TASK>
[  565.043215][T19691]  __dump_stack+0x1d/0x30
[  565.043248][T19691]  dump_stack_lvl+0xe8/0x140
[  565.043273][T19691]  dump_stack+0x15/0x1b
[  565.043295][T19691]  should_fail_ex+0x265/0x280
[  565.043397][T19691]  should_failslab+0x8c/0xb0
[  565.043496][T19691]  kmem_cache_alloc_noprof+0x50/0x310
[  565.043529][T19691]  ? getname_flags+0x80/0x3b0
[  565.043574][T19691]  ? fput+0x8f/0xc0
[  565.043605][T19691]  getname_flags+0x80/0x3b0
[  565.043708][T19691]  __x64_sys_symlinkat+0x40/0x70
[  565.043763][T19691]  x64_sys_call+0x1558/0x2fb0
[  565.043792][T19691]  do_syscall_64+0xd2/0x200
[  565.043817][T19691]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  565.043894][T19691]  ? clear_bhb_loop+0x40/0x90
[  565.043924][T19691]  ? clear_bhb_loop+0x40/0x90
[  565.043953][T19691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  565.043984][T19691] RIP: 0033:0x7fa495c4e9a9
[  565.044004][T19691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  565.044029][T19691] RSP: 002b:00007fa49428e038 EFLAGS: 00000246 ORIG_RAX: 000000000000010a
[  565.044113][T19691] RAX: ffffffffffffffda RBX: 00007fa495e76080 RCX: 00007fa495c4e9a9
[  565.044129][T19691] RDX: 0000200000000640 RSI: ffffffffffffff9c RDI: 0000200000001040
[  565.044186][T19691] RBP: 00007fa49428e090 R08: 0000000000000000 R09: 0000000000000000
[  565.044201][T19691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  565.044215][T19691] R13: 0000000000000000 R14: 00007fa495e76080 R15: 00007fff97d828b8
[  565.044238][T19691]  </TASK>
[  565.229249][T19689] loop2: detected capacity change from 0 to 2048
[  565.253018][T19692] iso9660: Corrupted directory entry in block 2 of inode 1792
[  565.264928][T19689]  loop2: p1 < > p4
[  565.269496][T19689] loop2: p4 size 8388608 extends beyond EOD, truncated
[  565.631852][T19698] loop0: detected capacity change from 0 to 2048
[  565.670442][T19700] netlink: 'syz.3.4900': attribute type 6 has an invalid length.
[  565.695036][T19698]  loop0: p1 < > p4
[  565.699766][T19698] loop0: p4 size 8388608 extends beyond EOD, truncated
[  565.732276][T19704] 9pnet_fd: Insufficient options for proto=fd
[  565.802542][T19710] loop1: detected capacity change from 0 to 512
[  565.839808][T19710] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  565.871207][T19710] ext4 filesystem being mounted at /423/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  565.900474][T19710] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.4904: iget: bad i_size value: 2533274857506816
[  565.914642][T19710] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.4904: iget: bad i_size value: 2533274857506816
[  565.924142][T19720] loop2: detected capacity change from 0 to 2048
[  565.956773][T19720] EXT4-fs (loop2): failed to initialize system zone (-117)
[  565.968710][T19720] EXT4-fs (loop2): mount failed
[  565.992693][T19728] loop4: detected capacity change from 0 to 2048
[  565.993030][T19726] loop3: detected capacity change from 0 to 128
[  566.010146][T12901] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  566.028671][T19728] EXT4-fs (loop4): failed to initialize system zone (-117)
[  566.048381][T19728] EXT4-fs (loop4): mount failed
[  566.074750][T19735] 9pnet_fd: Insufficient options for proto=fd
[  566.082937][T19736] netlink: 'syz.1.4911': attribute type 6 has an invalid length.
[  566.100829][T19736] 9pnet_fd: Insufficient options for proto=fd
[  566.227501][T19755] loop4: detected capacity change from 0 to 512
[  566.240006][T19755] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  566.241462][T19753] loop2: detected capacity change from 0 to 2048
[  566.293503][T19762] loop1: detected capacity change from 0 to 164
[  566.316761][T19753]  loop2: p1 < > p4
[  566.326820][T19753] loop2: p4 size 8388608 extends beyond EOD, truncated
[  566.411088][T19767] loop4: detected capacity change from 0 to 2048
[  566.423951][T19767] EXT4-fs (loop4): failed to initialize system zone (-117)
[  566.451836][T19767] EXT4-fs (loop4): mount failed
[  566.567170][T19776] FAULT_INJECTION: forcing a failure.
[  566.567170][T19776] name failslab, interval 1, probability 0, space 0, times 0
[  566.580135][T19776] CPU: 1 UID: 0 PID: 19776 Comm: syz.0.4925 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  566.580272][T19776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  566.580288][T19776] Call Trace:
[  566.580297][T19776]  <TASK>
[  566.580308][T19776]  __dump_stack+0x1d/0x30
[  566.580345][T19776]  dump_stack_lvl+0xe8/0x140
[  566.580371][T19776]  dump_stack+0x15/0x1b
[  566.580389][T19776]  should_fail_ex+0x265/0x280
[  566.580440][T19776]  should_failslab+0x8c/0xb0
[  566.580569][T19776]  kmem_cache_alloc_noprof+0x50/0x310
[  566.580602][T19776]  ? getname_flags+0x80/0x3b0
[  566.580633][T19776]  getname_flags+0x80/0x3b0
[  566.580709][T19776]  do_sys_openat2+0x60/0x110
[  566.580741][T19776]  __x64_sys_openat+0xf2/0x120
[  566.580777][T19776]  x64_sys_call+0x1af/0x2fb0
[  566.580885][T19776]  do_syscall_64+0xd2/0x200
[  566.580909][T19776]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  566.580940][T19776]  ? clear_bhb_loop+0x40/0x90
[  566.580967][T19776]  ? clear_bhb_loop+0x40/0x90
[  566.581057][T19776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  566.581086][T19776] RIP: 0033:0x7fda1e0ee9a9
[  566.581105][T19776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  566.581170][T19776] RSP: 002b:00007fda1c736038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  566.581193][T19776] RAX: ffffffffffffffda RBX: 00007fda1e316080 RCX: 00007fda1e0ee9a9
[  566.581253][T19776] RDX: 0000000000000002 RSI: 0000200000000080 RDI: 00000000ffffff9c
[  566.581269][T19776] RBP: 00007fda1c736090 R08: 0000000000000000 R09: 0000000000000000
[  566.581281][T19776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  566.581293][T19776] R13: 0000000000000000 R14: 00007fda1e316080 R15: 00007fff5b9ef538
[  566.581312][T19776]  </TASK>
[  566.776776][T19777] __nla_validate_parse: 8 callbacks suppressed
[  566.776809][T19777] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4926'.
[  566.792481][T19777] netlink: 152 bytes leftover after parsing attributes in process `syz.4.4926'.
[  566.885383][T19779] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4926'.
[  566.911304][T19779] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4926'.
[  567.064827][T19786] loop3: detected capacity change from 0 to 2048
[  567.077744][T19786] EXT4-fs (loop3): failed to initialize system zone (-117)
[  567.085383][T19786] EXT4-fs (loop3): mount failed
[  567.111018][T19792] loop0: detected capacity change from 0 to 2048
[  567.126861][T19792] EXT4-fs (loop0): failed to initialize system zone (-117)
[  567.145172][T19792] EXT4-fs (loop0): mount failed
[  567.173803][   T29] kauditd_printk_skb: 73 callbacks suppressed
[  567.173829][   T29] audit: type=1326 audit(1753153498.865:6759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19796 comm="syz.3.4933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24334fe9a9 code=0x7ffc0000
[  567.203571][   T29] audit: type=1326 audit(1753153498.865:6760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19796 comm="syz.3.4933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24334fe9a9 code=0x7ffc0000
[  567.227184][   T29] audit: type=1326 audit(1753153498.865:6761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19796 comm="syz.3.4933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f24334fe9a9 code=0x7ffc0000
[  567.250716][   T29] audit: type=1326 audit(1753153498.865:6762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19796 comm="syz.3.4933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24334fe9a9 code=0x7ffc0000
[  567.274243][   T29] audit: type=1326 audit(1753153498.865:6763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19796 comm="syz.3.4933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24334fe9a9 code=0x7ffc0000
[  567.297818][   T29] audit: type=1326 audit(1753153498.865:6764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19796 comm="syz.3.4933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f24334fe9a9 code=0x7ffc0000
[  567.321369][   T29] audit: type=1326 audit(1753153498.865:6765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19796 comm="syz.3.4933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24334fe9a9 code=0x7ffc0000
[  567.345096][   T29] audit: type=1326 audit(1753153498.865:6766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19796 comm="syz.3.4933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24334fe9a9 code=0x7ffc0000
[  567.368617][   T29] audit: type=1326 audit(1753153498.865:6767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19796 comm="syz.3.4933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f24334fe9a9 code=0x7ffc0000
[  567.392107][   T29] audit: type=1326 audit(1753153498.865:6768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19796 comm="syz.3.4933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24334fe9a9 code=0x7ffc0000
[  567.449374][T19808] loop4: detected capacity change from 0 to 2048
[  567.524690][T19808]  loop4: p1 < > p4
[  567.532312][T19808] loop4: p4 size 8388608 extends beyond EOD, truncated
[  567.595139][T19820] loop3: detected capacity change from 0 to 2048
[  567.635877][T19820] EXT4-fs (loop3): failed to initialize system zone (-117)
[  567.636093][T19804] netlink: 27 bytes leftover after parsing attributes in process `syz.4.4935'.
[  567.643200][T19820] EXT4-fs (loop3): mount failed
[  567.801418][T19829] loop3: detected capacity change from 0 to 512
[  567.809744][T19829] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  567.998441][T19835] loop3: detected capacity change from 0 to 2048
[  568.028711][T19835] EXT4-fs (loop3): failed to initialize system zone (-117)
[  568.040872][T19835] EXT4-fs (loop3): mount failed
[  568.174999][T19844] loop3: detected capacity change from 0 to 128
[  568.181737][T19844] vfat: Unknown parameter ''
[  568.234154][T19844] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4945'.
[  568.243262][T19844] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4945'.
[  568.369942][T19851] loop4: detected capacity change from 0 to 2048
[  568.413774][T19851] EXT4-fs (loop4): failed to initialize system zone (-117)
[  568.434728][T19851] EXT4-fs (loop4): mount failed
[  568.552365][T19864] loop4: detected capacity change from 0 to 2048
[  568.565160][T19870] loop2: detected capacity change from 0 to 2048
[  568.586737][T19864] EXT4-fs (loop4): failed to initialize system zone (-117)
[  568.601699][T19871] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19871 comm=syz.1.4951
[  568.608706][T19864] EXT4-fs (loop4): mount failed
[  568.616297][T19870] EXT4-fs (loop2): failed to initialize system zone (-117)
[  568.632803][T19870] EXT4-fs (loop2): mount failed
[  568.722834][T19882] loop0: detected capacity change from 0 to 512
[  568.743317][T19882] ext4: Unknown parameter 'nouser_xattr'
[  568.754995][T19884] 9pnet_fd: Insufficient options for proto=fd
[  568.869559][T19890] loop2: detected capacity change from 0 to 2048
[  568.927861][T19890]  loop2: p1 < > p4
[  568.942435][T19890] loop2: p4 size 8388608 extends beyond EOD, truncated
[  568.954069][    C0] ==================================================================
[  568.962228][    C0] BUG: KCSAN: data-race in wq_worker_tick / wq_worker_tick
[  568.969481][    C0] 
[  568.971832][    C0] read-write to 0xffff8881001e3ab8 of 8 bytes by interrupt on cpu 1:
[  568.979933][    C0]  wq_worker_tick+0x60/0x230
[  568.984560][    C0]  sched_tick+0x11a/0x270
[  568.988925][    C0]  update_process_times+0x15f/0x190
[  568.994158][    C0]  tick_nohz_handler+0x249/0x2d0
[  568.999173][    C0]  __hrtimer_run_queues+0x20f/0x5a0
[  569.004395][    C0]  hrtimer_interrupt+0x21a/0x460
[  569.009360][    C0]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[  569.015288][    C0]  sysvec_apic_timer_interrupt+0x6f/0x80
[  569.020955][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  569.026964][    C0]  finish_task_switch+0xb6/0x2b0
[  569.031928][    C0]  __schedule+0x6a8/0xb30
[  569.036299][    C0]  schedule+0x5f/0xd0
[  569.040311][    C0]  schedule_timeout+0xb7/0x170
[  569.045104][    C0]  wait_for_common+0xfa/0x1e0
[  569.049808][    C0]  io_ring_exit_work+0x2ab/0x560
[  569.054769][    C0]  process_scheduled_works+0x4cb/0x9d0
[  569.060267][    C0]  worker_thread+0x582/0x770
[  569.064893][    C0]  kthread+0x489/0x510
[  569.068984][    C0]  ret_from_fork+0xda/0x150
[  569.073514][    C0]  ret_from_fork_asm+0x1a/0x30
[  569.078359][    C0] 
[  569.080699][    C0] read-write to 0xffff8881001e3ab8 of 8 bytes by interrupt on cpu 0:
[  569.088784][    C0]  wq_worker_tick+0x60/0x230
[  569.093399][    C0]  sched_tick+0x11a/0x270
[  569.097752][    C0]  update_process_times+0x15f/0x190
[  569.102996][    C0]  tick_nohz_handler+0x249/0x2d0
[  569.107958][    C0]  __hrtimer_run_queues+0x20f/0x5a0
[  569.113181][    C0]  hrtimer_interrupt+0x21a/0x460
[  569.118148][    C0]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[  569.124076][    C0]  sysvec_apic_timer_interrupt+0x6f/0x80
[  569.129738][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  569.135741][    C0]  finish_task_switch+0xb6/0x2b0
[  569.140700][    C0]  __schedule+0x6a8/0xb30
[  569.145055][    C0]  schedule+0x5f/0xd0
[  569.149062][    C0]  schedule_timeout+0xb7/0x170
[  569.153846][    C0]  wait_for_common+0xfa/0x1e0
[  569.158549][    C0]  io_ring_exit_work+0x2ab/0x560
[  569.163510][    C0]  process_scheduled_works+0x4cb/0x9d0
[  569.169000][    C0]  worker_thread+0x582/0x770
[  569.173656][    C0]  kthread+0x489/0x510
[  569.177745][    C0]  ret_from_fork+0xda/0x150
[  569.182268][    C0]  ret_from_fork_asm+0x1a/0x30
[  569.187150][    C0] 
[  569.189485][    C0] value changed: 0x0000000000081650 -> 0x0000000000083d60
[  569.196693][    C0] 
[  569.199030][    C0] Reported by Kernel Concurrency Sanitizer on:
[  569.205193][    C0] CPU: 0 UID: 0 PID: 18473 Comm: kworker/u8:27 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  569.216240][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  569.226317][    C0] Workqueue: iou_exit io_ring_exit_work
[  569.231898][    C0] ==================================================================
[  569.364628][T19890] netlink: 27 bytes leftover after parsing attributes in process `syz.2.4960'.