last executing test programs:

2.816810556s ago: executing program 2 (id=1264):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r2}, 0x10)
dup(r0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r4 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGETMODE(r5, 0x4b3b, &(0x7f0000000380))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ftruncate(r5, 0x0)
keyctl$unlink(0x9, 0x0, 0x0)
keyctl$chown(0x4, r4, 0xee00, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x4c, &(0x7f0000000000), 0x4)
sendmsg$unix(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[], 0x18, 0x24000055}, 0x400c0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100000000000000000017"], 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000100)=ANY=[@ANYBLOB="24002d6a0cff02c801007c000008000500"/30], 0x24}, 0x1, 0x0, 0x0, 0x48840}, 0x80)

2.655426799s ago: executing program 2 (id=1267):
r0 = syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x14010, &(0x7f0000001280)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES32], 0x1, 0x11ee, &(0x7f0000003680)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0x13, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000000)=0xca)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="07000000040000000802000001"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x800000009)

2.049385537s ago: executing program 2 (id=1279):
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
timer_settime(0x0, 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffff7]}, 0x8, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

1.459383274s ago: executing program 4 (id=1298):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfd, 0x0, 0x7ffc9ffb}]})
ioperm(0x1, 0x2, 0x6)

1.437787706s ago: executing program 3 (id=1300):
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0xc82, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[@ANYBLOB="2c00000026000506"], 0x2c}}, 0x800)
recvmmsg(r0, &(0x7f0000007700), 0x318, 0xfc0, 0x0)

1.436969976s ago: executing program 4 (id=1301):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_open_dev$mouse(&(0x7f0000000280), 0x3d7, 0x420001)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x9, 0x5, 0xfff, 0x9, 0x42, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x40000, 0x0, 0x10000}, 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000240), &(0x7f00000001c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)

1.37884522s ago: executing program 3 (id=1303):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x40800, 0x2)
syz_genetlink_get_family_id$batadv(&(0x7f00000004c0), 0xffffffffffffffff)
syz_clone3(&(0x7f0000000380)={0x10000200, &(0x7f0000000040), &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000240), {0x36}, &(0x7f0000000280)=""/109, 0x6d, &(0x7f0000000300)=""/31, &(0x7f0000000340)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0], 0x4}, 0x58)
ptrace$poke(0x4, r2, &(0x7f0000000400), 0x8001)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYRESDEC=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r0, 0xf507, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000640), r1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
unshare(0x22020600)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
syz_clone(0x20001400, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x81}, 0x106263, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b702000008000000bfa300000000000007030000ffffffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000000000095000000000000006623848adf1dc9a764ab51a064caff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b81ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6b6981978d51514b00dcc4a2748b376358c33c9753beab62bdf27dc04e4cb4bc598affd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b770009524edd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd88345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1757b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c35af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d9900000011000003971b32fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d677d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc37e5aa23bff8cce0600000000000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68f536a03353a55a8a8e176e5d48887d31c8e0f77f2c1e68ec7c01bd5a2028a8fc107007f5f4c67600a6ade3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d9029f071fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2020ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a017ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f6c3652c423ce6ecc1be5d4e8133fc32f68ea86a2df1e7df98a0ae216c405d0ae9eed114ff2d6fe27dfdff1cf9194849c4cc0da9533e5983863e526a7dc0d8728f3b573ca4427bdb44df9341e9b8420e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9467b51d92e0993af4beaf1f3d47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c27c318475802e2c62681bd1a331422a6e47bbd40857d52c4894944fae5c5000000000000000000000000e0c47613e950b6aefeae054fc723f62ac7d13941de11b018f1f48ac50335df91c771729f81929128135b2803562c1171ee00a3f4a31281aa363e087d53d86dd85e3ff979a7e72d16fdd7e1a0f07a1c8e6085d280d760f74975ceb3a5be6cfb4da8e0aeb769b8b75f4aad803ed77d34872eed2711aa40a3b38099dc2752e8ec9b520faf39e416752aa0830206736570f5d41a4df848c9052551cf8dcb1be000000000eb2577188e8e96bd825d462350905d3eb916b397d2a46a64081e85661d7a5a2716cc87cb1976d15d9b6418e94f165911803e43830432226c660f4da67bb7c8ceb3755c07197d8b80b8d16b12c2ec63bebe107aa2350a7ae564bf69a6c52a2da1496016dd66a1c1b112"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r6, 0x0, 0xe, 0x0, &(0x7f0000000140)="3d6ee2e04b91ab10143d9abe86dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
r8 = socket$kcm(0x2a, 0x2, 0x0)
r9 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r8, 0x8933, &(0x7f0000000180)={'team0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x8c, 0x24, 0xf0b, 0x0, 0xfffffffe, {0x0, 0x0, 0x12, r10, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffd], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}}]}}]}, 0x8c}}, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x1001, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.361495062s ago: executing program 4 (id=1304):
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
r1 = creat(&(0x7f0000000080)='./file0/file1\x00', 0x90)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x0)
write$cgroup_type(r1, &(0x7f00000009c0), 0xd4ba0ff)
removexattr(&(0x7f0000000000)='./file0/file1\x00', &(0x7f00000002c0)=@known='user.incfs.size\x00')
unlink(&(0x7f0000000100)='./file0/file1\x00')
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r3 = syz_io_uring_setup(0x10b, &(0x7f0000000140), &(0x7f0000000300), &(0x7f0000000280))
io_uring_enter(r3, 0x47f9, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000680)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x33, 0x0, @val=@perf_event={0xe1}}, 0x18)
syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a00)={0x1c, 0x3e, 0x107, 0xfffffffc, 0x25dfdbf6, {0x1, 0x7c}, [@nested={0x8, 0x3, 0x0, 0x1, [@nested={0x4, 0x8a}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
r5 = syz_open_procfs(0x0, &(0x7f0000000140)='cgroup\x00')
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='sched_switch\x00', r6, 0x0, 0x40}, 0x18)
syz_clone(0xae12e400, 0x0, 0x0, 0x0, 0x0, 0x0)
preadv(r5, 0x0, 0x0, 0x12e, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r5, &(0x7f0000000140)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0, @in6={0xa, 0x4e20, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x9}, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x118)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$BTRFS_IOC_SCRUB(r7, 0xc400941b, &(0x7f0000000a00)={0x0, 0x7fffffffffffffff, 0xb9e, 0x1})
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

1.241527351s ago: executing program 2 (id=1306):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r0)
ioctl$SIOCSIFHWADDR(r0, 0x8923, &(0x7f0000002280)={'syzkaller0\x00', @random="440000004ec6"})

1.167355917s ago: executing program 2 (id=1308):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000380)={0x41, 0x2}, 0x10)

1.043322617s ago: executing program 0 (id=1311):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/14, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000040028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004801400030076657468315f6d6163767461700000000800014000000005"], 0xe8}}, 0x0)

1.026371468s ago: executing program 0 (id=1312):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r0, &(0x7f0000001200)={'#! ', './file0'}, 0xb)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, &(0x7f00000004c0)={{0x1, 0x1, 0x18, r1, {0x37}}, './bus\x00'})
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./bus\x00', 0x800, &(0x7f0000000280)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRES32, @ANYRESHEX], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
r2 = creat(0x0, 0x0)
r3 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
fallocate(r2, 0x0, 0x0, 0x1000f4)
io_setup(0x7fff, &(0x7f0000000400)=<r4=>0x0)
io_submit(r4, 0x1ffffff0, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r3, &(0x7f0000000000)="96", 0xffffff20}, &(0x7f0000000740)={0x0, 0x0, 0x41, 0x3, 0x0, r2, 0x0, 0x0, 0xffffffffffffffff}])

1.017660849s ago: executing program 1 (id=1313):
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0xc82, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[@ANYBLOB="2c00000026000506"], 0x2c}}, 0x800)
recvmmsg(r0, &(0x7f0000007700), 0x318, 0xfc0, 0x0)

978.470382ms ago: executing program 1 (id=1314):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfd, 0x0, 0x7ffc9ffb}]})
ioperm(0x1, 0x2, 0x6) (fail_nth: 2)

820.111755ms ago: executing program 1 (id=1315):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x88}, 0x94)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x52b, &(0x7f0000000f80)="$eJzs3c9rJFkdAPBvdbpjMpPZZNWDLriu7kJm0OlONu5u8LCOIHpaUNf7GJNOCOmkQ7qzOwmLm8E/QBBRwZNevAj+AYIsePG4CAt6VlQU0VkFPejUUt3VmZlMd6cz0/kxyecDlXqvXlV93+tQ1fW6HlUBXFjPRcSNiLibpum1iJjMlxfyKfbaU7be+3feWsymJNL09X8kkeTLOvtK8vnlfLOxiPj6VyK+lTwct7Gzu7ZQq1W38nylub5ZaezsXl9dX1iprlQ35uZmX55/Zf6l+ZmhtPNKRLz6pb/84Ls/+/Krv/rsm3+8+ber386qNZGX39+OIyr2K2w3vXTj4AZbjxjsLMraU+pkxrutMfLQktvHXCcAALrLrvE/HBGfjohrMRkj/S9nAQAAgCdQ+oWJ+F8SkXY32mM5AAAA8AQptMbAFqOcjwWYiEKhXG6P4f1oXCrU6o3mZ5br2xtL7bGyU1EqLK/WqjP5WOGpKCVZfraVvpd/8UB+LiKejojvT4638uXFem3ptH/8AAAAgAvicqvPnxQ6/f9/T7b7/wAAAMA5M3WEdf9zjPUAAAAAjs9R+v8AAADAk0n/HwAAAM61r772WjalnfdfL72xs71Wf+P6UrWxVl7fXiwv1rc2yyv1+krrmX3rh+2vVq9vfi42tm9VmtVGs9LY2b25Xt/eaN5cbb0OHAAAADgFT3/ynd8nEbH3+fHWlBkdbNMBVwPOquJ+KsnnXQ7rPzzVnv/5hCoFnIiRvqWlE6sHcPKKp10B4NT4hgeSQ8p7Dt55N59/arj1AQAAhm/6473v/xf6brnXvxg48xzEcHH1v/8PnGet+/+DjuR1sQDnSskVAFx4g9//P3AR8O6gEdL0yJUCAACGaqI1JYVyfmU/EYVCuRxxpfVagFKyvFqrzkTEUxHxu8nSh7L8bGvL5NA+AwAAAAAAAAAAAAAAAAAAAAAAAADQlqZJpAAAAMC5FlH4a/Lr9rP8pydfmDj4+8Bo8t/JyF8R+uaPX//hrYVmc2s2W/7P/eXNH+XLXzyNXzAAAADgQjjSC/w7/fROPx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhun9O28tdqaTjPv3L0bE1IH4SVZSjLGI0YixKEXEpX8lUbxvu0JEjAwh/nj252Pd2p9k1doPeTB+0tn2Me3d7hs/prJPoUf8y0OIDxfZO9n550a3468Qz7Xm3Y+/YsQD+UfV9fyXG8v/jvQ4/q8MGOOZ935R6Rn/dsQzxe7nn078pEf85weM/81v7O72Kkt/EjHd9fsneSBWpbm+WWns7F5fXV9Yqa5UN+bmZl+ef2X+pfmZyvJqrZr/7Rrje5/45d1+7b/UI/7UIe1/YcD2//+9W3c+0k6WusW/+nyX+L/5ab7Gw/Hz77707TydlU930nvt9P2e/flvn+3X/qUe7T/s/391wPZf+9p3/jTgqgDACWjs7K4t1GrVrWEnCse25yMmsl76GajGWftYJKpbjbeHusM0TdPsmHqM/SRxFj6WVuK0z0wAAMCw3bvoP+2aAAAAAAAAAAAAAAAAAAAAwMV1Eo8TOxhzbz+VDOMR2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ/FBAAAA///ROdsN")

814.276785ms ago: executing program 4 (id=1316):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x20050800)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xe, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="180000000000e270cc1240810f997b617d9d16ffffffdd00000000001018110000653621c2bdb84de4458af2cddb63a3314a85f6fa71a1ee13b0da4ecea16802000000000000008a51e606548af269941a7c49cbf0f6179989f1070222f63674993d22665f1e4b16b28cc1ecf571b1563aac4268f8663d8326baae91ef5df0df733f9804efd609d439fb8245bb4f8123fc972105bf9abae5986fcb236c924a44f304004cc8473da6af532680ef49328d9590c2fbe8ac39c9cc8f7c2f7cf3c5779c3bc38b16e3ca7e4a2d5b226b68a27c541892a3dfc6ac65081bc455de2037b0fb7027fe2106b3d8725ade35a277dd90f39a0d72f058cf4eab1c1043cac78d3eeea8bc3bd7bc4a51b4b0fcf11afd1ecb8a90da60ffb25803430acbbec7804e97f70000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
splice(r5, 0x0, r7, 0x0, 0x8000f28, 0x0)
r8 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000340), 0x4000, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r8, &(0x7f0000000840)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="54000000000801080000000000000000070000030600024088f7000006000240001c00001c0004800800024000000fff0800024000000200080001400000000806000240000100000900010073797a3100000000127d7b5d31529796ff77e1a440dee0d3036a87097cde1318ae427b3383035989f2c34023610658c2face55f9a0d246f5a8c689aa3febe95a1667bff96c252490f84a9caa3c3d218c644cc4f0bbd30c88dcb8d9118723b6f2eeda94485a384ac654209c0512b1e11f19cb5a7a6202248de5bacf42329ca2bbf46e081553451daabfd5c4ac"], 0x54}, 0x1, 0x0, 0x0, 0x48044}, 0x8001)
splice(r6, 0x0, r5, 0x0, 0x7f, 0xe)
write(r4, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x4012831, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000fb0000/0x2000)=nil, 0x2000, 0x0, 0xbc32038f29037ab7, r2, 0xb0505000)
r9 = syz_open_procfs(0x0, &(0x7f0000000580)='smaps_rollup\x00')
lseek(r9, 0x2004, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r10}, 0x10)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0x0, 0x7, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)

750.347101ms ago: executing program 0 (id=1317):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x208}, 0x1, 0x0, 0x0, 0x4c0d0}, 0x40)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r0, &(0x7f0000000440)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x1, @remote}, 0xa}}, 0x26)
writev(0xffffffffffffffff, &(0x7f0000001300)=[{&(0x7f00000001c0)='4', 0x1}, {&(0x7f0000000240)="01", 0x1}], 0x2)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
syz_pidfd_open(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/vlan/vlan0\x00')
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x4c, r2, 0x1, 0x0, 0x0, {0x41}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x8, 0x87}}]}, 0x4c}}, 0x0)
sendmsg$DEVLINK_CMD_RATE_GET(r1, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x4c, r2, 0x300, 0x70bd2b, 0x25dfdbfb, {}, [@handle=@pci={{0x8}, {0x11}}, @handle=@pci={{0x8}, {0x11}}]}, 0x4c}, 0x1, 0x0, 0x0, 0xc001}, 0x20004044)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r4, 0x8982, &(0x7f0000002800)={0x1, 'vlan0\x00'})

671.170577ms ago: executing program 0 (id=1318):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x52b, &(0x7f0000000f80)="$eJzs3c9rJFkdAPBvdbpjMpPZZNWDLriu7kJm0OlONu5u8LCOIHpaUNf7GJNOCOmkQ7qzOwmLm8E/QBBRwZNevAj+AYIsePG4CAt6VlQU0VkFPejUUt3VmZlMd6cz0/kxyecDlXqvXlV93+tQ1fW6HlUBXFjPRcSNiLibpum1iJjMlxfyKfbaU7be+3feWsymJNL09X8kkeTLOvtK8vnlfLOxiPj6VyK+lTwct7Gzu7ZQq1W38nylub5ZaezsXl9dX1iprlQ35uZmX55/Zf6l+ZmhtPNKRLz6pb/84Ls/+/Krv/rsm3+8+ber386qNZGX39+OIyr2K2w3vXTj4AZbjxjsLMraU+pkxrutMfLQktvHXCcAALrLrvE/HBGfjohrMRkj/S9nAQAAgCdQ+oWJ+F8SkXY32mM5AAAA8AQptMbAFqOcjwWYiEKhXG6P4f1oXCrU6o3mZ5br2xtL7bGyU1EqLK/WqjP5WOGpKCVZfraVvpd/8UB+LiKejojvT4638uXFem3ptH/8AAAAgAvicqvPnxQ6/f9/T7b7/wAAAMA5M3WEdf9zjPUAAAAAjs9R+v8AAADAk0n/HwAAAM61r772WjalnfdfL72xs71Wf+P6UrWxVl7fXiwv1rc2yyv1+krrmX3rh+2vVq9vfi42tm9VmtVGs9LY2b25Xt/eaN5cbb0OHAAAADgFT3/ynd8nEbH3+fHWlBkdbNMBVwPOquJ+KsnnXQ7rPzzVnv/5hCoFnIiRvqWlE6sHcPKKp10B4NT4hgeSQ8p7Dt55N59/arj1AQAAhm/6473v/xf6brnXvxg48xzEcHH1v/8PnGet+/+DjuR1sQDnSskVAFx4g9//P3AR8O6gEdL0yJUCAACGaqI1JYVyfmU/EYVCuRxxpfVagFKyvFqrzkTEUxHxu8nSh7L8bGvL5NA+AwAAAAAAAAAAAAAAAAAAAAAAAADQlqZJpAAAAMC5FlH4a/Lr9rP8pydfmDj4+8Bo8t/JyF8R+uaPX//hrYVmc2s2W/7P/eXNH+XLXzyNXzAAAADgQjjSC/w7/fROPx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhun9O28tdqaTjPv3L0bE1IH4SVZSjLGI0YixKEXEpX8lUbxvu0JEjAwh/nj252Pd2p9k1doPeTB+0tn2Me3d7hs/prJPoUf8y0OIDxfZO9n550a3468Qz7Xm3Y+/YsQD+UfV9fyXG8v/jvQ4/q8MGOOZ935R6Rn/dsQzxe7nn078pEf85weM/81v7O72Kkt/EjHd9fsneSBWpbm+WWns7F5fXV9Yqa5UN+bmZl+ef2X+pfmZyvJqrZr/7Rrje5/45d1+7b/UI/7UIe1/YcD2//+9W3c+0k6WusW/+nyX+L/5ab7Gw/Hz77707TydlU930nvt9P2e/flvn+3X/qUe7T/s/391wPZf+9p3/jTgqgDACWjs7K4t1GrVrWEnCse25yMmsl76GajGWftYJKpbjbeHusM0TdPsmHqM/SRxFj6WVuK0z0wAAMCw3bvoP+2aAAAAAAAAAAAAAAAAAAAAwMV1Eo8TOxhzbz+VDOMR2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ/FBAAAA///ROdsN")
fspick(0xffffffffffffff9c, 0x0, 0x0)

656.473938ms ago: executing program 0 (id=1319):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00000000000000000000810000000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x2, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000001000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70203000000008500ddff85000000950000000c000000"], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_int(r1, 0x1, 0x2f, 0x0, &(0x7f0000000080))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
socket$packet(0x11, 0xa, 0x300)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
socket$inet6(0xa, 0x2, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000400)={0x0}, 0x1, 0x0, 0x0, 0x40001}, 0x4008000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1b)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r5}, 0x10)
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="3c0000001000370400000000ffffffff00000000", @ANYRES32=r6, @ANYBLOB="0b120500000000001c0012800b00010069703667726500000c00028008000100", @ANYRES32=r6, @ANYBLOB="bf52fea2a325ebecd6b5fc5c8777e29f9782d676a6dadf"], 0x3c}, 0x1, 0x0, 0x0, 0x48800}, 0x4000010)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vxcan0\x00'})

455.588894ms ago: executing program 1 (id=1320):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x9)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0xfd, 0x0, 0x7ffc0002}]})
rt_sigaction(0x19, 0x0, 0x0, 0x8, &(0x7f0000000440))
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_FLUSH(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="c4000000", @ANYRES16=r3, @ANYBLOB="01000000000000000000011500002c000280060002004e2000000800090010000000060002004e210000080007000101000006000f000700000008000400ff7fffff1400028008000600020000000800090008000000080004000200000060000180080009005600000007000600666f00000c0007002000000002000000080008000100000008000b00736970000600010002000000080005"], 0xc4}}, 0x4008800)

405.202958ms ago: executing program 3 (id=1321):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7}, 0x18)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x8fc)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f0000000180)='./file0\x00')
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x19f, &(0x7f0000000380)={[{@nodioread_nolock}, {@noblock_validity}, {@min_batch_time={'min_batch_time', 0x3d, 0x82f}}, {@grpquota}, {@debug}, {@debug}, {@grpid}]}, 0x80, 0x54f, &(0x7f0000000c00)="$eJzs3c9vHFcdAPDvbLxufji1SzlAJUqBoqSC7MY1bS0OJUgITpUQ5R6MvbGsrL2Rd93GViScvwAJIUBwggsXJP4AJBSJC0eEFAnOIBWBEDhwQAIy1cyOHdeZ3WzSza5/fD7SZN68+fF9bzYznjfzNBPAifVSRFyJiPtpmr4SEdNFfqUYYrs7ZMvd27m1mA1JpOnb/0giKfJ2t5UU43PFaqcj4htfi/h28nDc9ubW9YVms7FeTNc7qzfq7c2tSyurC8uN5cba3Nzs6/NvzL82f3ko9TwfEW9+5S8/+O7Pv/rmrz//7p+v/u1iVu2YKubvr8djyHbRRL8FulWv5vtiV7bC+hMEO6wm8hoWzpQtkaZpej+d3pdzeyQlAwDgoOwC9iMR8emIeCWm41T/y1kAAADgCEq/NBX/S7pPaEpM9sgHAAAAjpBK3gc2qdSKvgBTUanUat0+vB+Ns5Vmq9353LXWxtrS3R9PRcRMVCvXVpqNy0Vf4ZmoJtn0bJ5+MP3qgem5iHguIr4/fSafri22mkvjvvkBAAAAJ8S5A+3/f0932/8AAADAMTPzcFZlHOUAAAAAnp6S9j8AAABwzGj/AwAAwLH29bfeyoZ09/vXS+9sblxvvXNpqdG+XlvdWKwtttZv1JZbreX8nX2r+9c9VbK9Zqt14wuxtnGz3mm0O/X25tbV1dbGWufqygc+gQ0AAACM0HOfvPPHJCK2v3gmHzKT4y4UMBITe6mkGJcc/X96tjt+b0SFAkai7B7+Qe89M4KCACM38URrpYOcNoBDrjruAgBjlzxifs/OO78rxp8abnkAAIDhu/Dx3s//+38DYNsnAuCIcxDDyXXgQV46Pa6CACOXP/8ftMOviwU4VqoD9QAEjrMP/fz/kdL0sQoEAAAM3VQ+JJVacXtvKiqVWi3ifP5ZgGpybaXZuBwRz0bEH6arz2TTs/maySPbDAAAAAAAAAAAAAAAAAAAAAAAAABAV5omkfZzpe9cAAAA4AiIqPw1+U33Xf4Xpl+eOnh/YDL5T/5J4MmIePcnb//w5kKnsz6b5f9zL7/zoyL/1XHcwQAAAAAO2m2n77bjAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCY7u3cWry3cyv9786txVHG/fuXI2JmL34+dOdMxOl8fDqqEXH2X0lM7FsviYhTQ4i/fTsiPlYWP8mKtReyLP6Zpx8/Zoq9UBb/3BDiw0l2Jzv/XCk7/irxUj4uP/4mIj4w/aR6n/9i7/x3qsfxf37AGC/c/WW9Z/zbES9MlJ9/duMnD8VPinFloPjf+ubWVq956U8jLkR5/P3R6p3VG/X25talldWF5cZyY21ubvb1+TfmX5u/XL+20mwU/5bG+N4nfnW/X/3P9og/07P+3TK9PFDtI/5/9+bO8z3+XmXxL36mJP5vf1Ys8XD8SrGtzxbpbP6F3fR2N73fi7/4/Yv96r/0oP7VwX7/bsyL/av94AccxoECAAxNe3Pr+kKz2Vg/Conqk6yVtdLLZj1f7IEPX7DJw7J/JB4z8Z2hbjBN07TH/6g7ETHIdpI4DLslT4z3vAQAAAzfg4v+cZcEAAAAAAAAAAAAAAAAAAAATq4hvjNssvQ1eyVvFtjeSyXeDAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBrvBwAA//9pfNv4") (fail_nth: 4)

404.453498ms ago: executing program 1 (id=1322):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/14, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000040028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004801400030076657468315f6d6163767461700000000800014000000005"], 0xe8}}, 0x0)

382.938539ms ago: executing program 2 (id=1323):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000900)='T', 0x1}], 0x1}, 0x4048841) (async)
sendmsg$inet(r3, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="04", 0x1}], 0x1}, 0x1) (async)
recvmsg(r2, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x18102) (async)
close(0x4) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000001c0)={r4, &(0x7f0000000380), 0x0}, 0x20) (async)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r1)
sendmsg$NFC_CMD_LLC_SET_PARAMS(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000005c0)={0x2c, r5, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x76d}, @NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0xd}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x60001}, 0x0)

129.74257ms ago: executing program 1 (id=1324):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000600), 0x1, 0x563, &(0x7f0000000640)="$eJzs3c9vFFUcAPDvm/7gR9EWYlQ8aBNjIFFaWsAQ4wHuhOCPmxdXWgiy/Ait0aIHSPBiYrx4MPHkQfwvlOjVkzcPXjwZEmIMRxPXzHamLHS3tGXXqcznk0w7b95uvm9289038/bNbAC1NZn/ySL2RsTlFDHeUTccReXk8uPu/vXJ6XxJ0Wq99WeKVGwrH5+K/2PFk7dHxC8/ptgztDruwtLV841mc/5KUZ5evHB5emHp6oFzFxpn58/OX5x9dfbokcNHjs4c7Nu+nrjx/ofjn51859uv/04z3/12MsWx2FXUde5Hv0zG5Mpr0il/XY/2O1hFhor96XyL03CFDWJDyvdvJCKeifEYintv3nh8+kaljQMGqpUiWkBNJfkPNVUeB5Tn9oM4Dwa2pjvHlwcAVuf/8PLYYGxvjw3svJuic1gnRUQ/RubyGD//dPJGvsSAxuGA7q5dj4hnu+V/aufmRHsUP8//7L78zyLiVPE/3/7mJuNPPlCW//DfeZT8f7cj/9/bZHz5DwAAAAAAAP1z63hEvNLt+79sZf5PdJn/MxYRx/oQ/+Hf/2W3+xAG6OLO8YjXu87/zcqHTAwVpSfa8wFG0plzzfmDEfFkROyPkW15eWaNGAc+3/NVr7rO+X/5kscv5wIW7bg9vO3+58w1FhuPss/AsjvXI57rOv83rfT/qUv/n38eXF5njD0v3TzVq+7h+Q8MSuubiH1d+/97d65Ia9+fY7p9PDBdHhWs9vzHX3zfK778h+rk/f/OtfN/InXer2dh4zEOLQ23etVt9vh/NL3dvuXMaLHto8bi4pWZiNF0YvX22Y23GR5HZT6U+ZLn//4X1x7/63b8vyMirq0z5tP/jP3eq07/D9XJ839uQ/3/xldmb0780Cv++vr/w+0+fX+xxfgfrG29CVp1OwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/yiLiF2RsqmV9SybmooYi4inYmfWvLSw+PKZSx9cnMvr2r//n5W/9Du+XE7l7/9PdJRnHygfiojdEfHl0I52eer0peZc1TsPAAAAAAAAAAAAAAAAAAAAW8RYj+v/c38MVd06YOCGq24AUBn5D/Ul/6G+5D/Ul/yH+pL/UF/yH+pL/kN9yX+oL/kPAAAAAACPld0v3Po1RcS113a0l9xoUTdSacuAQcuqbgBQGbf4gfoy9Qfqyzk+kB5Sv33TzwQAAAAAAAAAAAAA+mXfXtf/Q125/h/qy/X/UF+u/4f6co4PuP4fAAAAAAAAAAAAALa+haWr5xvN5vwVK1asWFlZqfqTCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP0bAAD//zn7JB8=")
quotactl$Q_SETINFO(0xffffffff80000600, &(0x7f0000000140)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
setsockopt$sock_timeval(r2, 0x1, 0x15, &(0x7f0000000180)={0x0, 0xea60}, 0x10)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x100, 0x0)
connect$unix(r2, &(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400ea00b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10)
r4 = socket$rxrpc(0x21, 0x2, 0x2)
recvfrom$rxrpc(r4, &(0x7f00000000c0)=""/123, 0x7b, 0x40000040, &(0x7f0000000240)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e24, 0x1ff, @private1={0xfc, 0x1, '\x00', 0x1}, 0xd858}}, 0x24)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

46.345306ms ago: executing program 3 (id=1325):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000000680)="548852ac5b4eba7aeaccd2c62b2b", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x8}, 0x50)

45.367726ms ago: executing program 0 (id=1326):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x1f00) (async)
recvmsg(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x1f00)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r5}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r5}, 0x10)
r6 = gettid()
process_vm_writev(r6, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) (async)
process_vm_writev(r6, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x4000, 0x2}, 0x0, &(0x7f0000000240)={0x1f, 0xfffffffffffffffe, 0x0, 0x40000000, 0x7, 0x4, 0x0, 0xfffffffffffffffc}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) (async)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x4000, 0x2}, 0x0, &(0x7f0000000240)={0x1f, 0xfffffffffffffffe, 0x0, 0x40000000, 0x7, 0x4, 0x0, 0xfffffffffffffffc}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) (async)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
close_range(r7, 0xffffffffffffffff, 0x100000000000000)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r8, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r0, {0x2, 0x0, @rand_addr=0x64010100}, 0x2}}, 0x2e) (async)
connect$pppl2tp(r8, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r0, {0x2, 0x0, @rand_addr=0x64010100}, 0x2}}, 0x2e)
socket$nl_xfrm(0x10, 0x3, 0x6)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
process_vm_writev(0x0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x8000, &(0x7f0000000040)=ANY=[], 0x3, 0x1263, &(0x7f0000001340)="$eJzs3c9rHPUbB/Anvzbb9JtsvlqrLUg/6EUva5ODJy9BKkgDim0KrSBMzUaX3eyW7BLYIqY3r/4d4tGbIP4DuXjxLHjLxWMO4sj+qEnWZNuEblPw9TokT2bmnZnPTDLLLPPs7L337WZto1XeyNoxOTER0xci0n6KFJMxFX2P4u07v/72+q27924WBpNWbi+9m1JauPbTp199/8bP7Yt3flj4cTZ2Fz/b+2P5993Lu1f2/rr9ZbWVqq3UmIyUpfvNZju7X6+k9WqrVk7p43ola1VStdGqbLUPz9+oNx886KSssT5fjK1Kq5WyRifVKp3Ubqb2VidlX2TVRiqXy2l+LjjZ5BPmF2Ltu/08zyPyfCYKked5fiHm4mL8L+ZjIUqxOBPxUrwcl+KVuByvxmtxpbfUcxoAAAAAAAAAAAAAAAAAAAAA/EfsF2NU/3/8v9///0/Lv/5/AAAAAAAAAAAAAAAAAAAAePae8Pz/x/3/nv8PAAAAAAAAAAAAAAAAAAAAY6T/HwAAAAAAAAAAAAAAAAAAAM7frbv3bq6srt74JKVixOY322vba/3v/fkrG1GNelTiepTiz+h1//f16w8+XL1xPfUsxjubO4P8zvba1NH8Uu/jBI7NL/Xz6Wh+NuYO55ejFJeOzy8fmy/GW2/28xPdfDlK8cvn0Yx6rEc3e5D/eiml9z9aHcpf7S030s7YDw8AAAA8E+XBtXOx+8Mx1+/l7peJXjl0fd/Pn/z+QF7K87xwdG2H89Nxdfo5D5Z/aXUe1rJ6vbJ1uJiK4SlPUUwOfuPpUmcsJgYre1jLro17XWcrHu+Owhh3S8SLMNJTF4M98uhF2Z5xF3ODAY8+lEPLTB38hZ+Qmok4y//p0xZDJ4ruC8TseM5BnJ+Dg37eWwIAAAAAAAAAAMBpnOLGwOmRdyOOKM57jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH+zA8cCAAAAAML8rdPo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCqAAAA//+W2so9") (async)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x8000, &(0x7f0000000040)=ANY=[], 0x3, 0x1263, &(0x7f0000001340)="$eJzs3c9rHPUbB/Anvzbb9JtsvlqrLUg/6EUva5ODJy9BKkgDim0KrSBMzUaX3eyW7BLYIqY3r/4d4tGbIP4DuXjxLHjLxWMO4sj+qEnWZNuEblPw9TokT2bmnZnPTDLLLPPs7L337WZto1XeyNoxOTER0xci0n6KFJMxFX2P4u07v/72+q27924WBpNWbi+9m1JauPbTp199/8bP7Yt3flj4cTZ2Fz/b+2P5993Lu1f2/rr9ZbWVqq3UmIyUpfvNZju7X6+k9WqrVk7p43ola1VStdGqbLUPz9+oNx886KSssT5fjK1Kq5WyRifVKp3Ubqb2VidlX2TVRiqXy2l+LjjZ5BPmF2Ltu/08zyPyfCYKked5fiHm4mL8L+ZjIUqxOBPxUrwcl+KVuByvxmtxpbfUcxoAAAAAAAAAAAAAAAAAAAAA/EfsF2NU/3/8v9///0/Lv/5/AAAAAAAAAAAAAAAAAAAAePae8Pz/x/3/nv8PAAAAAAAAAAAAAAAAAAAAY6T/HwAAAAAAAAAAAAAAAAAAAM7frbv3bq6srt74JKVixOY322vba/3v/fkrG1GNelTiepTiz+h1//f16w8+XL1xPfUsxjubO4P8zvba1NH8Uu/jBI7NL/Xz6Wh+NuYO55ejFJeOzy8fmy/GW2/28xPdfDlK8cvn0Yx6rEc3e5D/eiml9z9aHcpf7S030s7YDw8AAAA8E+XBtXOx+8Mx1+/l7peJXjl0fd/Pn/z+QF7K87xwdG2H89Nxdfo5D5Z/aXUe1rJ6vbJ1uJiK4SlPUUwOfuPpUmcsJgYre1jLro17XWcrHu+Owhh3S8SLMNJTF4M98uhF2Z5xF3ODAY8+lEPLTB38hZ+Qmok4y//p0xZDJ4ruC8TseM5BnJ+Dg37eWwIAAAAAAAAAAMBpnOLGwOmRdyOOKM57jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH+zA8cCAAAAAML8rdPo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCqAAAA//+W2so9")

27.328038ms ago: executing program 4 (id=1327):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
r3 = socket$xdp(0x2c, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r4}, 0x38)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$keyring(&(0x7f0000000480), &(0x7f0000000580)={'syz', 0x1}, 0x0, 0x0, r6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r5, 0x0, 0x2}, 0x18)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x328000, 0x1000, 0x0, 0x3}, 0x20)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x2)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r7, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0x0, 0x100804, 0x0, 0xa, 0x10001, 0x0, 0x4, 0x0, 0x0, 0x4})
r8 = signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0xbf]}, 0x8)
sendmsg$NL80211_CMD_NEW_KEY(r8, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0x30, 0x0, 0x200, 0x1000, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x30}, 0x1, 0x0, 0x0, 0x40004}, 0x800)
close_range(r2, 0xffffffffffffffff, 0x0)

20.893978ms ago: executing program 3 (id=1328):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000740)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
ioperm(0x284, 0x7f, 0xe3)

797.79µs ago: executing program 3 (id=1329):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x208}, 0x1, 0x0, 0x0, 0x4c0d0}, 0x40)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r0, &(0x7f0000000440)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x1, @remote}, 0xa}}, 0x26)
writev(0xffffffffffffffff, &(0x7f0000001300)=[{&(0x7f00000001c0)='4', 0x1}, {&(0x7f0000000240)="01", 0x1}], 0x2)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
syz_pidfd_open(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/vlan/vlan0\x00')
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x4c, r2, 0x1, 0x0, 0x0, {0x41}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x8, 0x87}}]}, 0x4c}}, 0x0)
sendmsg$DEVLINK_CMD_RATE_GET(r1, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x4c, r2, 0x300, 0x70bd2b, 0x25dfdbfb, {}, [@handle=@pci={{0x8}, {0x11}}, @handle=@pci={{0x8}, {0x11}}]}, 0x4c}, 0x1, 0x0, 0x0, 0xc001}, 0x20004044)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r4, 0x8982, &(0x7f0000002800)={0x1, 'vlan0\x00'})

0s ago: executing program 4 (id=1330):
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000040), 0xfe, 0x4f2, &(0x7f0000000b00)="$eJzs3d9rHFsdAPDvTHbvbdpcN1d9uF6wLbaSFO0maWwbfKgKok8Ftb7XmGxDyCZbkk3bhKIp/gGCiAq+6JMvgn+AIP0TRCjou6gooq0++FAd2d3ZmKa7+UE3u97s5wMnc8782O85GebsnJlhJ4ChdTEiJiMiy7LsSkSU8vlpnmKnlRrrvXj+eKGRksiyO39LIsnntT/r7Xx6Lt/sTER87csR30xej7uxtb0yX61W1vPyVH01eZll21eXV+eXKkuVtdnZmRtzN+euz033pJ3jEXHri3/6wXd/9qVbv/r0w9/f/cvkt1oNbNnbjl5qNb3Y/F+0FSJi/SSCDUih2cKW6wOuCwAAB2uc7384Ij4REVeiFCPNszkAAADgNMk+NxYvk9b9PwAAAOB0SiNiLJK0nD/vOxZpWi63nuH9aJxNq7WN+qey0u71gvEopveWq5Xp/NmB8SgmjfJM/oxtu3xtX3k2It6NiO+XRpvl8kKtujjQKx8AAAAwPM7tG///s9Qa/wMAAACnzPigKwAAAACcOON/AAAAOP2M/wEAAOBU+8rt242Utd9/vfhga3Ol9uDqYmVjpby6uVBeqK3fLy/VakvN3+xbPezzqrXa/c/E2uajqXploz61sbV9d7W2uVa/u/zKK7ABAACAPnr3wtPfJRGx89nRNCKyZM+yYkQ2snflQv/rB5yc9Dgr//Hk6gH038igKwAMjFN6GF7FQVcAGLjD+oGuD+/8uvd1AQAATsbEx3bv/zdTw1v5smSgNQNOWn7/P3Gsw/Bx/x+Gl/t/MLyKB50BGBTAqZce4VB/8/v/WXasSgEAAD031kxJWs7HAWORpuVyxDvN1wIUk3vL1cp0RHwoIn5bKr7dKM80t0xcHgAAAAAAAAAAAAAAAAAAAAAAAACAI8qyJLIuRnfXAQAAAD7IItI/J/n7vyZKl8f2Xx94K/lXqTmNiIc/vvPDR/P1+vpMY/7fd+fXf5TPv9bvqxcAAABAJ+1xenscDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99OL544V26mfcv34hIsY7xS/Emeb0TBQj4uw/kijs2S6JiJEexN95EhHvdYqfNKoV43kt9sdPI2J0wPHP9SA+DLOnjf7n852OvzQuNqedj79Cnt5U9/4v3e3/Rrr0f+90+sD09VnvP/vFVNf4TyLeL3Tuf9rxky7xLx2xjd/4+vZ2t2XZTyMmOn7/JK/EmkoK96c2travLq/OL1WWKmuzszM35m7OXZ+bnrq3XK3kfzvG+N7Hf/mfg9p/tkv88UPaf/mI7f/3s0fPP9LKFvctKsZPsmzyUuf9/16X+O3vvk/mu7tRnmjnd1r5vc7//DfnLxzQ/sUu7T9s/08esf1XvvqdPxxxVQCgDza2tlfmq9XK+vEyScTOG2wuM1yZ0ehj0Pk4aJ32SWwf6vPtPNT/xS44dmZwfRIAAHAy/nfSP+iaAAAAAAAAAAAAAAAAAAAAwPA67GfAogc/J7Y/5s5gmgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcKD/BgAA//+6ychX")

kernel console output (not intermixed with test programs):

m_t pid=6312 comm="syz.4.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5dffadd4d0 code=0x7ffc0000
[   89.553623][   T29] audit: type=1326 audit(1754289061.215:5174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6312 comm="syz.4.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dffadeb69 code=0x7ffc0000
[   89.577849][ T6350] EXT4-fs (loop1): 1 truncate cleaned up
[   89.586990][   T29] audit: type=1326 audit(1754289061.215:5175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6312 comm="syz.4.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f5dffadeb69 code=0x7ffc0000
[   89.662872][   T29] audit: type=1326 audit(1754289061.215:5176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6312 comm="syz.4.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dffadeb69 code=0x7ffc0000
[   89.686230][   T29] audit: type=1326 audit(1754289061.215:5177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6312 comm="syz.4.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dffadeb69 code=0x7ffc0000
[   89.709844][   T29] audit: type=1400 audit(1754289061.245:5178): avc:  denied  { unlink } for  pid=3312 comm="syz-executor" name="file1" dev="tmpfs" ino=901 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   89.725298][ T6353] loop0: detected capacity change from 0 to 2048
[   89.732573][   T29] audit: type=1400 audit(1754289061.255:5179): avc:  denied  { read write } for  pid=3312 comm="syz-executor" name="loop0" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=blk_file permissive=1 trawcon="system_u:object_r:iptables_exec_t:s0"
[   89.777914][ T6356] loop3: detected capacity change from 0 to 512
[   89.785119][ T6356] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   89.805376][ T6353]  loop0: p1 < > p4
[   89.811565][ T6353] loop0: p4 size 8388608 extends beyond EOD, truncated
[   89.828665][ T6356] EXT4-fs (loop3): 1 truncate cleaned up
[   89.871753][ T6367] 9pnet_virtio: no channels available for device /dev/rnullb0
[   89.919598][ T6374] loop1: detected capacity change from 0 to 512
[   89.944323][ T6369] loop2: detected capacity change from 0 to 512
[   89.957295][ T6377] loop3: detected capacity change from 0 to 512
[   89.964060][ T6377] EXT4-fs: Ignoring removed nomblk_io_submit option
[   89.965439][ T6374] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   89.982629][ T6377] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   89.991263][ T6377] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   90.001406][ T6369] EXT4-fs (loop2): too many log groups per flexible block group
[   90.009261][ T6369] EXT4-fs (loop2): failed to initialize mballoc (-12)
[   90.018168][ T6374] EXT4-fs (loop1): 1 truncate cleaned up
[   90.036795][ T6377] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8042c018, mo2=0102]
[   90.051486][ T6369] EXT4-fs (loop2): mount failed
[   90.061718][ T6377] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.802: Allocating blocks 41-42 which overlap fs metadata
[   90.076415][ T6377] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.802: Allocating blocks 41-42 which overlap fs metadata
[   90.092196][ T6377] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.802: Failed to acquire dquot type 1
[   90.114151][ T6377] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[   90.143566][ T6377] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm syz.3.802: corrupted inode contents
[   90.162393][ T6377] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #12: comm syz.3.802: mark_inode_dirty error
[   90.177357][ T6384] hub 8-0:1.0: USB hub found
[   90.182061][ T6384] hub 8-0:1.0: 8 ports detected
[   90.196675][ T6377] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm syz.3.802: corrupted inode contents
[   90.205860][ T6386] loop1: detected capacity change from 0 to 128
[   90.224154][ T6377] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #12: comm syz.3.802: mark_inode_dirty error
[   90.237302][ T6388] loop4: detected capacity change from 0 to 512
[   90.245320][ T6388] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   90.249283][ T6377] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm syz.3.802: corrupted inode contents
[   90.274861][ T6388] EXT4-fs (loop4): 1 truncate cleaned up
[   90.289001][ T6377] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[   90.328997][ T6377] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm syz.3.802: corrupted inode contents
[   90.380218][ T6377] EXT4-fs error (device loop3): ext4_truncate:4666: inode #12: comm syz.3.802: mark_inode_dirty error
[   90.398231][ T6397] loop1: detected capacity change from 0 to 128
[   90.408195][ T6377] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[   90.429505][ T6377] EXT4-fs (loop3): 1 truncate cleaned up
[   90.437186][ T6397] ext4 filesystem being mounted at /173/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   90.526036][ T6395] loop4: detected capacity change from 0 to 512
[   90.533074][ T6395] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   90.551003][ T6395] EXT4-fs (loop4): 1 truncate cleaned up
[   90.718045][ T6412] serio: Serial port ptm0
[   90.755890][ T6419] loop3: detected capacity change from 0 to 128
[   90.784416][ T6417] hub 8-0:1.0: USB hub found
[   90.794694][ T6417] hub 8-0:1.0: 8 ports detected
[   90.955884][ T6434] loop4: detected capacity change from 0 to 512
[   90.974398][ T6434] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   90.982599][ T6434] EXT4-fs (loop4): orphan cleanup on readonly fs
[   90.989670][ T6434] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   91.004895][ T6434] EXT4-fs (loop4): Cannot turn on quotas: error -117
[   91.012260][ T6441] __nla_validate_parse: 7 callbacks suppressed
[   91.012275][ T6441] netlink: 56 bytes leftover after parsing attributes in process `syz.2.826'.
[   91.014018][ T6434] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.825: bg 0: block 40: padding at end of block bitmap is not set
[   91.018693][ T6441] netlink: 8 bytes leftover after parsing attributes in process `syz.2.826'.
[   91.051845][ T6434] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   91.061131][ T6434] EXT4-fs (loop4): 1 truncate cleaned up
[   91.073578][ T6443] netlink: 8 bytes leftover after parsing attributes in process `syz.1.827'.
[   91.083361][ T6443] netlink: 8 bytes leftover after parsing attributes in process `syz.1.827'.
[   91.092966][ T6443] netlink: 8 bytes leftover after parsing attributes in process `syz.1.827'.
[   91.107475][ T6443] netlink: 8 bytes leftover after parsing attributes in process `syz.1.827'.
[   91.138333][ T6444] loop2: detected capacity change from 0 to 164
[   91.167745][ T6446] loop1: detected capacity change from 0 to 128
[   91.177886][ T6446] ext4 filesystem being mounted at /180/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   91.277529][ T6453] hub 8-0:1.0: USB hub found
[   91.282332][ T6453] hub 8-0:1.0: 8 ports detected
[   91.290061][ T6456] netlink: 'syz.4.833': attribute type 1 has an invalid length.
[   91.297863][ T6456] netlink: 224 bytes leftover after parsing attributes in process `syz.4.833'.
[   91.360216][ T6466] loop4: detected capacity change from 0 to 512
[   91.379063][ T6466] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   91.387287][ T6466] EXT4-fs (loop4): orphan cleanup on readonly fs
[   91.395878][ T6466] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   91.411953][ T6461] loop1: detected capacity change from 0 to 8192
[   91.424323][ T6466] EXT4-fs (loop4): Cannot turn on quotas: error -117
[   91.431785][ T6466] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.836: bg 0: block 40: padding at end of block bitmap is not set
[   91.466470][ T6466] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   91.501182][ T6466] EXT4-fs (loop4): 1 truncate cleaned up
[   91.557148][ T6471] loop4: detected capacity change from 0 to 128
[   91.577271][ T6471] ext4 filesystem being mounted at /171/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   91.652732][ T6474] loop0: detected capacity change from 0 to 512
[   91.662474][ T6476] netlink: 8 bytes leftover after parsing attributes in process `syz.1.839'.
[   91.672410][ T6476] netlink: 8 bytes leftover after parsing attributes in process `syz.1.839'.
[   91.682194][ T6476] netlink: 8 bytes leftover after parsing attributes in process `syz.1.839'.
[   91.714320][ T6474] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   91.717754][ T6484] loop3: detected capacity change from 0 to 128
[   91.728982][ T6474] EXT4-fs (loop0): orphan cleanup on readonly fs
[   91.736228][ T6474] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   91.742184][ T6479] FAULT_INJECTION: forcing a failure.
[   91.742184][ T6479] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   91.764215][ T6479] CPU: 0 UID: 0 PID: 6479 Comm: syz.1.841 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(voluntary) 
[   91.764254][ T6479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   91.764270][ T6479] Call Trace:
[   91.764277][ T6479]  <TASK>
[   91.764285][ T6479]  __dump_stack+0x1d/0x30
[   91.764308][ T6479]  dump_stack_lvl+0xe8/0x140
[   91.764336][ T6479]  dump_stack+0x15/0x1b
[   91.764415][ T6479]  should_fail_ex+0x265/0x280
[   91.764447][ T6479]  should_fail+0xb/0x20
[   91.764476][ T6479]  should_fail_usercopy+0x1a/0x20
[   91.764495][ T6479]  _copy_from_user+0x1c/0xb0
[   91.764524][ T6479]  ___sys_sendmsg+0xc1/0x1d0
[   91.764578][ T6479]  __x64_sys_sendmsg+0xd4/0x160
[   91.764676][ T6479]  x64_sys_call+0x191e/0x2ff0
[   91.764698][ T6479]  do_syscall_64+0xd2/0x200
[   91.764721][ T6479]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   91.764750][ T6479]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   91.764806][ T6479]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.764827][ T6479] RIP: 0033:0x7f76d3d6eb69
[   91.764842][ T6479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.764917][ T6479] RSP: 002b:00007f76d23cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   91.764938][ T6479] RAX: ffffffffffffffda RBX: 00007f76d3f95fa0 RCX: 00007f76d3d6eb69
[   91.764950][ T6479] RDX: 0000000000000090 RSI: 00002000000002c0 RDI: 0000000000000006
[   91.765036][ T6479] RBP: 00007f76d23cf090 R08: 0000000000000000 R09: 0000000000000000
[   91.765051][ T6479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.765066][ T6479] R13: 0000000000000000 R14: 00007f76d3f95fa0 R15: 00007ffc30ece718
[   91.765090][ T6479]  </TASK>
[   91.775185][ T6474] EXT4-fs (loop0): Cannot turn on quotas: error -117
[   91.803042][ T6484] ext4 filesystem being mounted at /162/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   91.820913][ T6474] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.837: bg 0: block 40: padding at end of block bitmap is not set
[   91.962752][ T6500] loop1: detected capacity change from 0 to 512
[   92.002685][ T6474] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   92.016884][ T6474] EXT4-fs (loop0): 1 truncate cleaned up
[   92.041405][ T6500] EXT4-fs (loop1): orphan cleanup on readonly fs
[   92.050262][ T6500] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.849: bg 0: block 248: padding at end of block bitmap is not set
[   92.059600][ T6503] loop2: detected capacity change from 0 to 128
[   92.066604][ T6500] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.849: Failed to acquire dquot type 1
[   92.091071][ T6503] ext4 filesystem being mounted at /157/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   92.133238][ T6506] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   92.141169][ T6506] batman_adv: batadv0: Removing interface: batadv_slave_0
[   92.154120][ T6500] EXT4-fs (loop1): 1 truncate cleaned up
[   92.154173][ T6506] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   92.167381][ T6506] batman_adv: batadv0: Removing interface: batadv_slave_1
[   92.221133][ T6514] Q±6ã×\b‹¡Y­4��: renamed from lo (while UP)
[   92.221217][ T6511] netlink: 'syz.2.853': attribute type 1 has an invalid length.
[   92.241126][ T6516] loop0: detected capacity change from 0 to 512
[   92.253248][ T6516] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   92.280239][ T6516] EXT4-fs (loop0): orphan cleanup on readonly fs
[   92.294657][ T6516] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.855: iget: bad i_size value: 38620345925642
[   92.337227][ T6527] loop2: detected capacity change from 0 to 128
[   92.344436][ T6516] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.855: couldn't read orphan inode 15 (err -117)
[   92.372638][ T6529] loop4: detected capacity change from 0 to 128
[   92.392436][ T6527] ext4 filesystem being mounted at /159/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   92.505861][ T6540] FAULT_INJECTION: forcing a failure.
[   92.505861][ T6540] name failslab, interval 1, probability 0, space 0, times 0
[   92.518742][ T6540] CPU: 1 UID: 0 PID: 6540 Comm: syz.2.860 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(voluntary) 
[   92.518770][ T6540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   92.518783][ T6540] Call Trace:
[   92.518788][ T6540]  <TASK>
[   92.518794][ T6540]  __dump_stack+0x1d/0x30
[   92.518849][ T6540]  dump_stack_lvl+0xe8/0x140
[   92.518875][ T6540]  dump_stack+0x15/0x1b
[   92.518897][ T6540]  should_fail_ex+0x265/0x280
[   92.518970][ T6540]  should_failslab+0x8c/0xb0
[   92.519033][ T6540]  kmem_cache_alloc_node_noprof+0x57/0x320
[   92.519073][ T6540]  ? __alloc_skb+0x101/0x320
[   92.519174][ T6540]  __alloc_skb+0x101/0x320
[   92.519207][ T6540]  netlink_alloc_large_skb+0xba/0xf0
[   92.519256][ T6540]  netlink_sendmsg+0x3cf/0x6b0
[   92.519300][ T6540]  ? __pfx_netlink_sendmsg+0x10/0x10
[   92.519343][ T6540]  __sock_sendmsg+0x145/0x180
[   92.519374][ T6540]  ____sys_sendmsg+0x31e/0x4e0
[   92.519429][ T6540]  ___sys_sendmsg+0x17b/0x1d0
[   92.519489][ T6540]  __x64_sys_sendmsg+0xd4/0x160
[   92.519617][ T6540]  x64_sys_call+0x191e/0x2ff0
[   92.519706][ T6540]  do_syscall_64+0xd2/0x200
[   92.519747][ T6540]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   92.519778][ T6540]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   92.519806][ T6540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.519899][ T6540] RIP: 0033:0x7f38cfb8eb69
[   92.519918][ T6540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.519943][ T6540] RSP: 002b:00007f38ce1f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   92.519968][ T6540] RAX: ffffffffffffffda RBX: 00007f38cfdb5fa0 RCX: 00007f38cfb8eb69
[   92.519984][ T6540] RDX: 0000000024000000 RSI: 0000200000009b40 RDI: 0000000000000003
[   92.520000][ T6540] RBP: 00007f38ce1f7090 R08: 0000000000000000 R09: 0000000000000000
[   92.520016][ T6540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   92.520032][ T6540] R13: 0000000000000000 R14: 00007f38cfdb5fa0 R15: 00007ffd5c161a08
[   92.520105][ T6540]  </TASK>
[   92.752524][ T6551] loop0: detected capacity change from 0 to 512
[   92.771936][ T6551] EXT4-fs (loop0): orphan cleanup on readonly fs
[   92.801173][ T6551] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.864: bg 0: block 248: padding at end of block bitmap is not set
[   92.818059][ T6551] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.864: Failed to acquire dquot type 1
[   92.837725][ T6551] EXT4-fs (loop0): 1 truncate cleaned up
[   92.906575][ T6564] loop0: detected capacity change from 0 to 2048
[   92.969878][ T6564] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[   93.002380][ T6567] hub 8-0:1.0: USB hub found
[   93.008233][ T6567] hub 8-0:1.0: 8 ports detected
[   93.039505][ T6575] netlink: 'syz.1.875': attribute type 1 has an invalid length.
[   93.047354][ T6575] netlink: 'syz.1.875': attribute type 2 has an invalid length.
[   93.215259][ T6594] loop4: detected capacity change from 0 to 8192
[   93.310234][ T6595] loop1: detected capacity change from 0 to 128
[   93.708900][  T122] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[   93.801435][ T6622] bridge_slave_0: left allmulticast mode
[   93.807309][ T6622] bridge_slave_0: left promiscuous mode
[   93.813181][ T6622] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.827171][ T6624] FAULT_INJECTION: forcing a failure.
[   93.827171][ T6624] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   93.840355][ T6624] CPU: 0 UID: 0 PID: 6624 Comm: syz.3.885 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(voluntary) 
[   93.840387][ T6624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   93.840403][ T6624] Call Trace:
[   93.840413][ T6624]  <TASK>
[   93.840420][ T6624]  __dump_stack+0x1d/0x30
[   93.840525][ T6624]  dump_stack_lvl+0xe8/0x140
[   93.840545][ T6624]  dump_stack+0x15/0x1b
[   93.840566][ T6624]  should_fail_ex+0x265/0x280
[   93.840604][ T6624]  should_fail+0xb/0x20
[   93.840675][ T6624]  should_fail_usercopy+0x1a/0x20
[   93.840699][ T6624]  _copy_from_user+0x1c/0xb0
[   93.840724][ T6624]  sk_setsockopt+0x1fa/0x20e0
[   93.840755][ T6624]  ? selinux_socket_setsockopt+0x1ad/0x1e0
[   93.840794][ T6624]  sock_setsockopt+0x40/0x50
[   93.840858][ T6624]  unix_setsockopt+0xe8/0x1e0
[   93.840911][ T6624]  ? __pfx_unix_setsockopt+0x10/0x10
[   93.840953][ T6624]  __sys_setsockopt+0x184/0x200
[   93.841034][ T6624]  __x64_sys_setsockopt+0x64/0x80
[   93.841075][ T6624]  x64_sys_call+0x20ec/0x2ff0
[   93.841131][ T6624]  do_syscall_64+0xd2/0x200
[   93.841157][ T6624]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   93.841181][ T6624]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   93.841238][ T6624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.841338][ T6624] RIP: 0033:0x7f976ceaeb69
[   93.841358][ T6624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.841380][ T6624] RSP: 002b:00007f976b4f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   93.841400][ T6624] RAX: ffffffffffffffda RBX: 00007f976d0d6080 RCX: 00007f976ceaeb69
[   93.841412][ T6624] RDX: 000000000000001a RSI: 0000000000000001 RDI: 0000000000000008
[   93.841424][ T6624] RBP: 00007f976b4f6090 R08: 0000000000000010 R09: 0000000000000000
[   93.841435][ T6624] R10: 000020000002eff0 R11: 0000000000000246 R12: 0000000000000001
[   93.841462][ T6624] R13: 0000000000000000 R14: 00007f976d0d6080 R15: 00007ffc082e9c68
[   93.841484][ T6624]  </TASK>
[   94.079513][ T6622] bridge_slave_1: left allmulticast mode
[   94.085371][ T6622] bridge_slave_1: left promiscuous mode
[   94.091323][ T6622] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.147317][ T6622] bond0: (slave bond_slave_0): Releasing backup interface
[   94.164757][ T6622] bond0: (slave bond_slave_1): Releasing backup interface
[   94.229098][ T6622] team0: Port device team_slave_0 removed
[   94.249536][ T6622] team0: Port device team_slave_1 removed
[   94.265520][ T6622] bond1: (slave bridge1): Releasing active interface
[   94.363526][ T6631] loop2: detected capacity change from 0 to 512
[   94.639947][ T6631] ext4 filesystem being mounted at /164/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.654598][ T6639] loop3: detected capacity change from 0 to 2048
[   94.686598][   T29] kauditd_printk_skb: 433 callbacks suppressed
[   94.686616][   T29] audit: type=1400 audit(1754289834.665:5602): avc:  denied  { write } for  pid=6638 comm="syz.3.890" path="socket:[14486]" dev="sockfs" ino=14486 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   94.729090][ T6631] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.888: corrupted xattr block 33: bad e_name length
[   94.747501][ T6631] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   94.759552][ T6631] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.888: corrupted xattr block 33: bad e_name length
[   94.775352][ T6631] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   94.887836][   T29] audit: type=1400 audit(1754289834.738:5603): avc:  denied  { rename } for  pid=6630 comm="syz.2.888" name="file0" dev="loop2" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   94.910226][   T29] audit: type=1400 audit(1754289834.770:5604): avc:  denied  { unlink } for  pid=6630 comm="syz.2.888" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   94.932478][   T29] audit: type=1400 audit(1754289834.833:5605): avc:  denied  { write } for  pid=6630 comm="syz.2.888" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   94.952465][   T29] audit: type=1400 audit(1754289834.833:5606): avc:  denied  { create } for  pid=6638 comm="syz.3.890" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   94.972217][   T29] audit: type=1400 audit(1754289834.833:5607): avc:  denied  { ioctl } for  pid=6638 comm="syz.3.890" path="socket:[14489]" dev="sockfs" ino=14489 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   95.024331][   T29] audit: type=1400 audit(1754289835.022:5608): avc:  denied  { read write } for  pid=6654 comm="syz.0.893" name="rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   95.048601][   T29] audit: type=1400 audit(1754289835.022:5609): avc:  denied  { open } for  pid=6654 comm="syz.0.893" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   95.152842][   T29] audit: type=1400 audit(1754289835.158:5610): avc:  denied  { lock } for  pid=6660 comm="syz.4.895" path="socket:[13547]" dev="sockfs" ino=13547 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   95.186245][ T6663] loop1: detected capacity change from 0 to 512
[   95.203531][ T6663] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   95.217173][ T6665] loop4: detected capacity change from 0 to 512
[   95.226584][ T6665] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   95.234823][ T6665] EXT4-fs (loop4): orphan cleanup on readonly fs
[   95.242206][ T6665] Quota error (device loop4): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[   95.254188][ T6663] ext4 filesystem being mounted at /197/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   95.266557][ T6665] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   95.283691][ T6657] loop2: detected capacity change from 0 to 128
[   95.290974][ T6665] EXT4-fs (loop4): Cannot turn on quotas: error -117
[   95.311832][ T6665] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.897: bg 0: block 40: padding at end of block bitmap is not set
[   95.326345][ T6663] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.896: corrupted xattr block 32: bad e_name length
[   95.340117][ T6663] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[   95.344188][ T6665] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   95.349214][ T6663] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.896: corrupted xattr block 32: bad e_name length
[   95.366401][ T6657] syz.2.894: attempt to access beyond end of device
[   95.366401][ T6657] loop2: rw=0, sector=121, nr_sectors = 920 limit=128
[   95.373064][ T6663] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[   95.385159][ T6665] EXT4-fs (loop4): 1 truncate cleaned up
[   95.395509][ T6671] EXT4-fs error (device loop1): __ext4_new_inode:1279: comm syz.1.896: failed to insert inode 16: doubly allocated?
[   95.473045][ T6678] loop3: detected capacity change from 0 to 128
[   95.486273][ T6678] ext4 filesystem being mounted at /175/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   95.601301][ T6684] hub 8-0:1.0: USB hub found
[   95.606035][ T6684] hub 8-0:1.0: 8 ports detected
[   95.638268][ T6690] FAULT_INJECTION: forcing a failure.
[   95.638268][ T6690] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   95.651592][ T6690] CPU: 1 UID: 0 PID: 6690 Comm: syz.2.904 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(voluntary) 
[   95.651659][ T6690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   95.651674][ T6690] Call Trace:
[   95.651680][ T6690]  <TASK>
[   95.651687][ T6690]  __dump_stack+0x1d/0x30
[   95.651708][ T6690]  dump_stack_lvl+0xe8/0x140
[   95.651726][ T6690]  dump_stack+0x15/0x1b
[   95.651772][ T6690]  should_fail_ex+0x265/0x280
[   95.651814][ T6690]  should_fail+0xb/0x20
[   95.651888][ T6690]  should_fail_usercopy+0x1a/0x20
[   95.651908][ T6690]  _copy_to_user+0x20/0xa0
[   95.651940][ T6690]  simple_read_from_buffer+0xb5/0x130
[   95.651969][ T6690]  proc_fail_nth_read+0x10e/0x150
[   95.652003][ T6690]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   95.652044][ T6690]  vfs_read+0x1a0/0x6f0
[   95.652138][ T6690]  ? __rcu_read_unlock+0x4f/0x70
[   95.652164][ T6690]  ? __rcu_read_unlock+0x4f/0x70
[   95.652205][ T6690]  ? __fget_files+0x184/0x1c0
[   95.652236][ T6690]  ksys_read+0xda/0x1a0
[   95.652265][ T6690]  __x64_sys_read+0x40/0x50
[   95.652372][ T6690]  x64_sys_call+0x27bc/0x2ff0
[   95.652394][ T6690]  do_syscall_64+0xd2/0x200
[   95.652417][ T6690]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   95.652443][ T6690]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   95.652471][ T6690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.652572][ T6690] RIP: 0033:0x7f38cfb8d57c
[   95.652586][ T6690] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   95.652604][ T6690] RSP: 002b:00007f38ce1f7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   95.652622][ T6690] RAX: ffffffffffffffda RBX: 00007f38cfdb5fa0 RCX: 00007f38cfb8d57c
[   95.652635][ T6690] RDX: 000000000000000f RSI: 00007f38ce1f70a0 RDI: 000000000000000b
[   95.652647][ T6690] RBP: 00007f38ce1f7090 R08: 0000000000000000 R09: 0000000000000000
[   95.652659][ T6690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.652698][ T6690] R13: 0000000000000000 R14: 00007f38cfdb5fa0 R15: 00007ffd5c161a08
[   95.652722][ T6690]  </TASK>
[   95.915671][ T6682] loop1: detected capacity change from 0 to 512
[   95.923578][ T6682] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   95.957995][ T6696] __nla_validate_parse: 5 callbacks suppressed
[   95.958012][ T6696] netlink: 64 bytes leftover after parsing attributes in process `syz.0.906'.
[   95.975526][ T6682] EXT4-fs (loop1): 1 truncate cleaned up
[   95.992418][ T6702] loop3: detected capacity change from 0 to 512
[   96.001413][ T6702] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   96.056563][ T6702] EXT4-fs (loop3): 1 truncate cleaned up
[   96.144700][ T6716] hub 8-0:1.0: USB hub found
[   96.157307][ T6718] loop3: detected capacity change from 0 to 128
[   96.166108][ T6716] hub 8-0:1.0: 8 ports detected
[   96.182992][ T6714] hub 8-0:1.0: USB hub found
[   96.189826][ T6714] hub 8-0:1.0: 8 ports detected
[   96.209757][ T6685] Process accounting resumed
[   96.362368][ T6731] block device autoloading is deprecated and will be removed.
[   96.543496][ T6738] loop1: detected capacity change from 0 to 512
[   96.554786][ T6738] EXT4-fs (loop1): orphan cleanup on readonly fs
[   96.561931][ T6738] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.919: bg 0: block 248: padding at end of block bitmap is not set
[   96.577162][ T6738] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.919: Failed to acquire dquot type 1
[   96.586553][ T6723] loop4: detected capacity change from 0 to 8192
[   96.589962][ T6738] EXT4-fs (loop1): 1 truncate cleaned up
[   96.753067][ T6750] hub 8-0:1.0: USB hub found
[   96.768034][ T6750] hub 8-0:1.0: 8 ports detected
[   96.812434][ T6760] loop1: detected capacity change from 0 to 512
[   96.825008][ T6760] EXT4-fs (loop1): orphan cleanup on readonly fs
[   96.834364][ T6762] loop0: detected capacity change from 0 to 164
[   96.875803][ T6759] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6759 comm=syz.2.927
[   96.899473][ T6760] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.926: bg 0: block 248: padding at end of block bitmap is not set
[   96.914692][ T6760] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.926: Failed to acquire dquot type 1
[   96.927652][ T6760] EXT4-fs (loop1): 1 truncate cleaned up
[   96.953800][ T6768] FAULT_INJECTION: forcing a failure.
[   96.953800][ T6768] name failslab, interval 1, probability 0, space 0, times 0
[   96.966675][ T6768] CPU: 1 UID: 0 PID: 6768 Comm: syz.4.930 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(voluntary) 
[   96.966768][ T6768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   96.966783][ T6768] Call Trace:
[   96.966790][ T6768]  <TASK>
[   96.966799][ T6768]  __dump_stack+0x1d/0x30
[   96.966820][ T6768]  dump_stack_lvl+0xe8/0x140
[   96.966839][ T6768]  dump_stack+0x15/0x1b
[   96.966932][ T6768]  should_fail_ex+0x265/0x280
[   96.966976][ T6768]  should_failslab+0x8c/0xb0
[   96.967008][ T6768]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   96.967047][ T6768]  ? security_context_to_sid_core+0x69/0x3b0
[   96.967167][ T6768]  ? avc_perm_nonode+0x82/0xe0
[   96.967195][ T6768]  kmemdup_nul+0x36/0xc0
[   96.967235][ T6768]  security_context_to_sid_core+0x69/0x3b0
[   96.967320][ T6768]  ? avc_has_perm_noaudit+0x156/0x200
[   96.967407][ T6768]  security_context_to_sid+0x2e/0x40
[   96.967542][ T6768]  selinux_inode_setxattr+0x4af/0x6e0
[   96.967590][ T6768]  security_inode_setxattr+0x13a/0x1b0
[   96.967629][ T6768]  __vfs_setxattr_locked+0x83/0x1d0
[   96.967662][ T6768]  vfs_setxattr+0x132/0x270
[   96.967761][ T6768]  filename_setxattr+0x1ad/0x400
[   96.967789][ T6768]  path_setxattrat+0x2c9/0x310
[   96.967891][ T6768]  __x64_sys_lsetxattr+0x71/0x90
[   96.967942][ T6768]  x64_sys_call+0x2877/0x2ff0
[   96.967968][ T6768]  do_syscall_64+0xd2/0x200
[   96.968057][ T6768]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   96.968081][ T6768]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   96.968102][ T6768]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.968125][ T6768] RIP: 0033:0x7f5dffadeb69
[   96.968191][ T6768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.968220][ T6768] RSP: 002b:00007f5dfe147038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[   96.968242][ T6768] RAX: ffffffffffffffda RBX: 00007f5dffd05fa0 RCX: 00007f5dffadeb69
[   96.968256][ T6768] RDX: 0000200000000080 RSI: 0000200000000940 RDI: 0000200000000040
[   96.968270][ T6768] RBP: 00007f5dfe147090 R08: 0000000000000000 R09: 0000000000000000
[   96.968362][ T6768] R10: 0000000000000027 R11: 0000000000000246 R12: 0000000000000001
[   96.968377][ T6768] R13: 0000000000000000 R14: 00007f5dffd05fa0 R15: 00007ffeaeb09bd8
[   96.968402][ T6768]  </TASK>
[   97.266570][ T6787] FAULT_INJECTION: forcing a failure.
[   97.266570][ T6787] name failslab, interval 1, probability 0, space 0, times 0
[   97.277172][ T6785] hub 8-0:1.0: USB hub found
[   97.279429][ T6787] CPU: 0 UID: 0 PID: 6787 Comm: syz.1.935 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(voluntary) 
[   97.279471][ T6787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   97.279498][ T6787] Call Trace:
[   97.279505][ T6787]  <TASK>
[   97.279515][ T6787]  __dump_stack+0x1d/0x30
[   97.279546][ T6787]  dump_stack_lvl+0xe8/0x140
[   97.279574][ T6787]  dump_stack+0x15/0x1b
[   97.279597][ T6787]  should_fail_ex+0x265/0x280
[   97.279700][ T6787]  ? selinux_bpf_prog_load+0x36/0xf0
[   97.279820][ T6787]  should_failslab+0x8c/0xb0
[   97.279854][ T6787]  __kmalloc_cache_noprof+0x4c/0x320
[   97.279900][ T6787]  selinux_bpf_prog_load+0x36/0xf0
[   97.279948][ T6787]  security_bpf_prog_load+0x54/0xa0
[   97.280028][ T6787]  bpf_prog_load+0xe6b/0x1070
[   97.280082][ T6787]  ? security_bpf+0x2b/0x90
[   97.280126][ T6787]  __sys_bpf+0x462/0x7b0
[   97.280224][ T6787]  __x64_sys_bpf+0x41/0x50
[   97.280257][ T6787]  x64_sys_call+0x2aea/0x2ff0
[   97.280285][ T6787]  do_syscall_64+0xd2/0x200
[   97.280320][ T6787]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.280415][ T6787]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   97.280523][ T6787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.280554][ T6787] RIP: 0033:0x7f76d3d6eb69
[   97.280575][ T6787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.280602][ T6787] RSP: 002b:00007f76d23cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   97.280631][ T6787] RAX: ffffffffffffffda RBX: 00007f76d3f95fa0 RCX: 00007f76d3d6eb69
[   97.280658][ T6787] RDX: 0000000000000094 RSI: 0000200000000200 RDI: 0000000000000005
[   97.280676][ T6787] RBP: 00007f76d23cf090 R08: 0000000000000000 R09: 0000000000000000
[   97.280694][ T6787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.280712][ T6787] R13: 0000000000000000 R14: 00007f76d3f95fa0 R15: 00007ffc30ece718
[   97.280742][ T6787]  </TASK>
[   97.386944][ T6792] loop2: detected capacity change from 0 to 512
[   97.390650][ T6785] hub 8-0:1.0: 8 ports detected
[   97.408357][ T6792] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   97.522301][ T6792] EXT4-fs (loop2): 1 truncate cleaned up
[   97.582989][ T6800] loop3: detected capacity change from 0 to 512
[   97.616179][ T6800] ext4: Unknown parameter 'smackfsroot'
[   97.621325][ T6803] loop2: detected capacity change from 0 to 512
[   97.660939][ T6803] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   97.668082][ T6791] netlink: 64 bytes leftover after parsing attributes in process `syz.1.939'.
[   97.678306][ T6803] EXT4-fs (loop2): orphan cleanup on readonly fs
[   97.694098][ T6803] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   97.738865][ T6813] loop1: detected capacity change from 0 to 512
[   97.746835][ T6803] EXT4-fs (loop2): Cannot turn on quotas: error -117
[   97.763996][ T6815] netlink: 68 bytes leftover after parsing attributes in process `syz.0.946'.
[   97.776908][ T6815] netlink: 12 bytes leftover after parsing attributes in process `syz.0.946'.
[   97.786662][ T6813] EXT4-fs (loop1): orphan cleanup on readonly fs
[   97.795029][ T6803] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.941: bg 0: block 40: padding at end of block bitmap is not set
[   97.802370][ T6821] netlink: 8 bytes leftover after parsing attributes in process `syz.3.948'.
[   97.819852][ T6813] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.945: bg 0: block 248: padding at end of block bitmap is not set
[   97.823268][ T6821] bridge0: entered promiscuous mode
[   97.835202][ T6803] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   97.842284][ T6813] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.945: Failed to acquire dquot type 1
[   97.850828][ T6803] EXT4-fs (loop2): 1 truncate cleaned up
[   97.866625][ T6813] EXT4-fs (loop1): 1 truncate cleaned up
[   97.897392][ T6824] loop3: detected capacity change from 0 to 2048
[   97.980858][ T6824] FAULT_INJECTION: forcing a failure.
[   97.980858][ T6824] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.987286][ T6831] netlink: 8 bytes leftover after parsing attributes in process `syz.2.951'.
[   97.994431][ T6824] CPU: 1 UID: 0 PID: 6824 Comm: syz.3.949 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(voluntary) 
[   97.994473][ T6824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   97.994491][ T6824] Call Trace:
[   97.994499][ T6824]  <TASK>
[   97.994508][ T6824]  __dump_stack+0x1d/0x30
[   97.994608][ T6824]  dump_stack_lvl+0xe8/0x140
[   97.994635][ T6824]  dump_stack+0x15/0x1b
[   97.994658][ T6824]  should_fail_ex+0x265/0x280
[   97.994772][ T6824]  should_fail+0xb/0x20
[   97.994878][ T6824]  should_fail_usercopy+0x1a/0x20
[   97.994904][ T6824]  _copy_from_user+0x1c/0xb0
[   97.994941][ T6824]  restore_altstack+0x4b/0x2d0
[   97.995056][ T6824]  ? __set_task_blocked+0x23a/0x2a0
[   97.995088][ T6824]  __ia32_sys_rt_sigreturn+0xdc/0x350
[   97.995117][ T6824]  ? dev_map_lookup_elem+0x5a/0x80
[   97.995159][ T6824]  ? __rcu_read_unlock+0x4f/0x70
[   97.995267][ T6824]  ? bpf_trace_run2+0x124/0x1c0
[   97.995297][ T6824]  ? fpu__clear_user_states+0x63/0x1e0
[   97.995342][ T6824]  ? __bpf_trace_sys_enter+0x10/0x30
[   97.995373][ T6824]  ? trace_sys_enter+0xd0/0xf0
[   97.995420][ T6824]  x64_sys_call+0x2d3c/0x2ff0
[   97.995449][ T6824]  do_syscall_64+0xd2/0x200
[   97.995482][ T6824]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.995557][ T6824]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   97.995588][ T6824]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.995619][ T6824] RIP: 0033:0x7f976ce4ad69
[   97.995642][ T6824] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[   97.995667][ T6824] RSP: 002b:00007f976b516a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[   97.995692][ T6824] RAX: ffffffffffffffda RBX: 00007f976d0d5fa0 RCX: 00007f976ce4ad69
[   97.995749][ T6824] RDX: 00007f976b516a80 RSI: 00007f976b516bb0 RDI: 0000000000000021
[   97.995772][ T6824] RBP: 00007f976b517090 R08: 0000000000000000 R09: 0000000000000000
[   97.995788][ T6824] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[   97.995805][ T6824] R13: 0000000000000000 R14: 00007f976d0d5fa0 R15: 00007ffc082e9c68
[   97.995842][ T6824]  </TASK>
[   98.256292][ T6854] FAULT_INJECTION: forcing a failure.
[   98.256292][ T6854] name failslab, interval 1, probability 0, space 0, times 0
[   98.256329][ T6854] CPU: 1 UID: 0 PID: 6854 Comm: syz.4.959 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(voluntary) 
[   98.256365][ T6854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   98.256380][ T6854] Call Trace:
[   98.256387][ T6854]  <TASK>
[   98.256396][ T6854]  __dump_stack+0x1d/0x30
[   98.256430][ T6854]  dump_stack_lvl+0xe8/0x140
[   98.256498][ T6854]  dump_stack+0x15/0x1b
[   98.256515][ T6854]  should_fail_ex+0x265/0x280
[   98.256548][ T6854]  ? device_create+0xbe/0x1e0
[   98.256606][ T6854]  should_failslab+0x8c/0xb0
[   98.256640][ T6854]  __kmalloc_cache_noprof+0x4c/0x320
[   98.256678][ T6854]  device_create+0xbe/0x1e0
[   98.256697][ T6854]  ? reset_terminal+0x5a0/0x5c0
[   98.256792][ T6854]  ? vc_init+0x24c/0x260
[   98.256826][ T6851] loop2: detected capacity change from 0 to 512
[   98.256834][ T6854]  vcs_make_sysfs+0x32/0x90
[   98.256865][ T6854]  vc_allocate+0x3a3/0x3d0
[   98.256895][ T6854]  con_install+0x34/0x2a0
[   98.256953][ T6854]  tty_init_dev+0x7c/0x330
[   98.256989][ T6854]  tty_open+0x6cc/0xaf0
[   98.257037][ T6854]  chrdev_open+0x2eb/0x3a0
[   98.257124][ T6854]  do_dentry_open+0x646/0xa20
[   98.257220][ T6854]  ? __pfx_chrdev_open+0x10/0x10
[   98.257305][ T6854]  vfs_open+0x37/0x1e0
[   98.257340][ T6854]  path_openat+0x1c5e/0x2170
[   98.257361][ T6854]  ? pcpu_freelist_pop+0x75/0xa0
[   98.257407][ T6854]  do_filp_open+0x109/0x230
[   98.257477][ T6854]  do_sys_openat2+0xa6/0x110
[   98.257591][ T6854]  __x64_sys_openat+0xf2/0x120
[   98.257710][ T6854]  x64_sys_call+0x2e9c/0x2ff0
[   98.257740][ T6854]  do_syscall_64+0xd2/0x200
[   98.257770][ T6854]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   98.257860][ T6854]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   98.257941][ T6854]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.257965][ T6854] RIP: 0033:0x7f5dffadd4d0
[   98.257984][ T6854] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[   98.258084][ T6854] RSP: 002b:00007f5dfe146b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[   98.258108][ T6854] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f5dffadd4d0
[   98.258126][ T6854] RDX: 0000000000000002 RSI: 00007f5dfe146c10 RDI: 00000000ffffff9c
[   98.258141][ T6854] RBP: 00007f5dfe146c10 R08: 0000000000000000 R09: 00007f5dfe146986
[   98.258195][ T6854] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   98.258208][ T6854] R13: 0000000000000000 R14: 00007f5dffd05fa0 R15: 00007ffeaeb09bd8
[   98.258228][ T6854]  </TASK>
[   98.262421][ T6855] loop3: detected capacity change from 0 to 512
[   98.264594][ T6851] EXT4-fs (loop2): orphan cleanup on readonly fs
[   98.265605][ T6851] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.960: bg 0: block 248: padding at end of block bitmap is not set
[   98.266219][ T6851] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.960: Failed to acquire dquot type 1
[   98.267043][ T6851] EXT4-fs (loop2): 1 truncate cleaned up
[   98.321710][ T6855] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   98.321875][ T6855] EXT4-fs (loop3): orphan cleanup on readonly fs
[   98.435470][ T6867] netlink: 4 bytes leftover after parsing attributes in process `syz.2.963'.
[   98.438510][ T6855] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   98.443419][ T6867] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   98.447331][ T6855] EXT4-fs (loop3): Cannot turn on quotas: error -117
[   98.453252][ T6867] batman_adv: batadv0: Removing interface: batadv_slave_0
[   98.472916][ T6855] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.956: bg 0: block 40: padding at end of block bitmap is not set
[   98.658845][ T6855] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   98.659242][ T6855] EXT4-fs (loop3): 1 truncate cleaned up
[   98.659638][ T6855] EXT4-fs mount: 108 callbacks suppressed
[   98.659654][ T6855] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   98.670585][ T6874] netlink: 'syz.2.963': attribute type 1 has an invalid length.
[   98.670606][ T6874] netlink: 224 bytes leftover after parsing attributes in process `syz.2.963'.
[   98.704809][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.708472][ T6873] loop1: detected capacity change from 0 to 512
[   98.742367][ T6873] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #3: comm syz.1.964: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[   98.766072][ T6873] EXT4-fs error (device loop1): ext4_quota_enable:7127: comm syz.1.964: Bad quota inode: 3, type: 0
[   98.777967][ T6873] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   98.792790][ T6873] EXT4-fs (loop1): mount failed
[   98.831824][ T6885] loop4: detected capacity change from 0 to 512
[   98.841332][ T6885] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   98.871986][ T6885] EXT4-fs (loop4): orphan cleanup on readonly fs
[   98.878969][ T6885] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.967: iget: bad i_size value: 38620345925642
[   98.891677][ T6885] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.967: couldn't read orphan inode 15 (err -117)
[   98.905253][ T6885] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   98.957054][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.018048][ T6898] loop2: detected capacity change from 0 to 512
[   99.061679][ T6904] netlink: 24 bytes leftover after parsing attributes in process `syz.1.970'.
[   99.104858][ T6898] EXT4-fs (loop2): orphan cleanup on readonly fs
[   99.119628][ T6898] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.972: bg 0: block 248: padding at end of block bitmap is not set
[   99.136980][ T6898] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.972: Failed to acquire dquot type 1
[   99.149014][ T6898] EXT4-fs (loop2): 1 truncate cleaned up
[   99.215496][ T6898] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   99.299977][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.309565][ T6913] loop1: detected capacity change from 0 to 512
[   99.319100][ T6910] hub 8-0:1.0: USB hub found
[   99.324156][ T6910] hub 8-0:1.0: 8 ports detected
[   99.347604][ T6913] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   99.388938][ T6913] EXT4-fs (loop1): orphan cleanup on readonly fs
[   99.409942][ T6913] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   99.428886][ T6916] netlink: 'syz.2.977': attribute type 2 has an invalid length.
[   99.431098][ T6913] EXT4-fs (loop1): Cannot turn on quotas: error -117
[   99.436691][ T6916] netlink: 'syz.2.977': attribute type 1 has an invalid length.
[   99.444179][ T6913] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.975: bg 0: block 40: padding at end of block bitmap is not set
[   99.451146][ T6916] netlink: 152 bytes leftover after parsing attributes in process `syz.2.977'.
[   99.466324][ T6913] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   99.483445][ T6913] EXT4-fs (loop1): 1 truncate cleaned up
[   99.485741][ T6923] hub 9-0:1.0: USB hub found
[   99.489641][ T6913] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   99.494427][ T6923] hub 9-0:1.0: 8 ports detected
[   99.507796][ T6913] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.530330][   T29] kauditd_printk_skb: 571 callbacks suppressed
[   99.530346][   T29] audit: type=1400 audit(1754289839.746:6169): avc:  denied  { read write } for  pid=6919 comm="syz.4.978" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   99.530937][ T6921] loop4: detected capacity change from 0 to 256
[   99.537367][   T29] audit: type=1400 audit(1754289839.746:6170): avc:  denied  { open } for  pid=6919 comm="syz.4.978" path="/dev/loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   99.590860][   T29] audit: type=1400 audit(1754289839.746:6171): avc:  denied  { ioctl } for  pid=6919 comm="syz.4.978" path="/dev/loop4" dev="devtmpfs" ino=104 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   99.674442][   T29] audit: type=1400 audit(1754289839.851:6172): avc:  denied  { mounton } for  pid=6919 comm="syz.4.978" path="/196/file0" dev="tmpfs" ino=1123 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   99.697187][   T29] audit: type=1400 audit(1754289839.851:6173): avc:  denied  { mount } for  pid=6919 comm="syz.4.978" name="/" dev="loop4" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   99.719323][   T29] audit: type=1400 audit(1754289839.893:6174): avc:  denied  { unmount } for  pid=3307 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   99.719861][ T6925] FAULT_INJECTION: forcing a failure.
[   99.719861][ T6925] name failslab, interval 1, probability 0, space 0, times 0
[   99.740099][   T29] audit: type=1400 audit(1754289839.956:6175): avc:  denied  { read } for  pid=6924 comm="syz.2.979" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   99.751953][ T6925] CPU: 0 UID: 0 PID: 6925 Comm: syz.2.979 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(voluntary) 
[   99.751989][ T6925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   99.752004][ T6925] Call Trace:
[   99.752012][ T6925]  <TASK>
[   99.752022][ T6925]  __dump_stack+0x1d/0x30
[   99.752053][ T6925]  dump_stack_lvl+0xe8/0x140
[   99.752083][ T6925]  dump_stack+0x15/0x1b
[   99.752108][ T6925]  should_fail_ex+0x265/0x280
[   99.752153][ T6925]  should_failslab+0x8c/0xb0
[   99.752191][ T6925]  kmem_cache_alloc_noprof+0x50/0x310
[   99.752231][ T6925]  ? vm_area_alloc+0x2c/0xb0
[   99.752274][ T6925]  vm_area_alloc+0x2c/0xb0
[   99.752315][ T6925]  mmap_region+0xaa2/0x1630
[   99.752382][ T6925]  do_mmap+0x9b3/0xbe0
[   99.752435][ T6925]  vm_mmap_pgoff+0x17a/0x2e0
[   99.752481][ T6925]  ksys_mmap_pgoff+0xc2/0x310
[   99.752526][ T6925]  ? __x64_sys_mmap+0x49/0x70
[   99.752558][ T6925]  x64_sys_call+0x14a3/0x2ff0
[   99.752589][ T6925]  do_syscall_64+0xd2/0x200
[   99.752621][ T6925]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   99.752656][ T6925]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   99.752694][ T6925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.752726][ T6925] RIP: 0033:0x7f38cfb8eba3
[   99.752748][ T6925] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[   99.752773][ T6925] RSP: 002b:00007f38ce1f6e18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   99.752801][ T6925] RAX: ffffffffffffffda RBX: 00000000000004f0 RCX: 00007f38cfb8eba3
[   99.752820][ T6925] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[   99.752836][ T6925] RBP: 0000200000000b02 R08: 00000000ffffffff R09: 0000000000000000
[   99.752854][ T6925] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000005
[   99.752871][ T6925] R13: 00007f38ce1f6ef0 R14: 00007f38ce1f6eb0 R15: 0000200000000040
[   99.752899][ T6925]  </TASK>
[   99.847311][ T6929] FAULT_INJECTION: forcing a failure.
[   99.847311][ T6929] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   99.850789][   T29] audit: type=1400 audit(1754289839.956:6176): avc:  denied  { open } for  pid=6924 comm="syz.2.979" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   99.855375][ T6929] CPU: 0 UID: 0 PID: 6929 Comm: syz.1.982 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(voluntary) 
[   99.855416][ T6929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   99.855434][ T6929] Call Trace:
[   99.855443][ T6929]  <TASK>
[   99.855452][ T6929]  __dump_stack+0x1d/0x30
[   99.855483][ T6929]  dump_stack_lvl+0xe8/0x140
[   99.855511][ T6929]  dump_stack+0x15/0x1b
[   99.855576][ T6929]  should_fail_ex+0x265/0x280
[   99.855702][ T6929]  should_fail+0xb/0x20
[   99.855743][ T6929]  should_fail_usercopy+0x1a/0x20
[   99.855809][ T6929]  _copy_to_user+0x20/0xa0
[   99.855845][ T6929]  simple_read_from_buffer+0xb5/0x130
[   99.855875][ T6929]  proc_fail_nth_read+0x10e/0x150
[   99.855914][ T6929]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   99.855970][ T6929]  vfs_read+0x1a0/0x6f0
[   99.855997][ T6929]  ? __rcu_read_unlock+0x4f/0x70
[   99.856046][ T6929]  ? __fget_files+0x184/0x1c0
[   99.856083][ T6929]  ksys_read+0xda/0x1a0
[   99.856115][ T6929]  __x64_sys_read+0x40/0x50
[   99.856161][ T6929]  x64_sys_call+0x27bc/0x2ff0
[   99.856237][ T6929]  do_syscall_64+0xd2/0x200
[   99.856268][ T6929]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   99.856301][ T6929]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   99.856330][ T6929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.856361][ T6929] RIP: 0033:0x7f76d3d6d57c
[   99.856388][ T6929] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   99.856490][ T6929] RSP: 002b:00007f76d23cf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   99.856517][ T6929] RAX: ffffffffffffffda RBX: 00007f76d3f95fa0 RCX: 00007f76d3d6d57c
[   99.856534][ T6929] RDX: 000000000000000f RSI: 00007f76d23cf0a0 RDI: 0000000000000007
[   99.856586][ T6929] RBP: 00007f76d23cf090 R08: 0000000000000000 R09: 0000000000000000
[   99.856603][ T6929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.856621][ T6929] R13: 0000000000000000 R14: 00007f76d3f95fa0 R15: 00007ffc30ece718
[   99.856702][ T6929]  </TASK>
[  100.209228][   T29] audit: type=1400 audit(1754289840.051:6177): avc:  denied  { map_create } for  pid=6930 comm="syz.3.983" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  100.228581][   T29] audit: type=1400 audit(1754289840.061:6178): avc:  denied  { map_read map_write } for  pid=6930 comm="syz.3.983" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  100.276126][ T6931] loop3: detected capacity change from 0 to 512
[  100.283535][ T6931] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  100.296802][ T6932] FAULT_INJECTION: forcing a failure.
[  100.296802][ T6932] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.309973][ T6932] CPU: 1 UID: 0 PID: 6932 Comm: syz.0.981 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(voluntary) 
[  100.310012][ T6932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  100.310028][ T6932] Call Trace:
[  100.310110][ T6932]  <TASK>
[  100.310119][ T6932]  __dump_stack+0x1d/0x30
[  100.310148][ T6932]  dump_stack_lvl+0xe8/0x140
[  100.310174][ T6932]  dump_stack+0x15/0x1b
[  100.310195][ T6932]  should_fail_ex+0x265/0x280
[  100.310233][ T6932]  should_fail+0xb/0x20
[  100.310319][ T6932]  should_fail_usercopy+0x1a/0x20
[  100.310342][ T6932]  _copy_from_iter+0xcf/0xe40
[  100.310371][ T6932]  ? __build_skb_around+0x1a0/0x200
[  100.310529][ T6932]  ? __alloc_skb+0x223/0x320
[  100.310563][ T6932]  netlink_sendmsg+0x471/0x6b0
[  100.310633][ T6932]  ? __pfx_netlink_sendmsg+0x10/0x10
[  100.310684][ T6932]  __sock_sendmsg+0x145/0x180
[  100.310795][ T6932]  ____sys_sendmsg+0x31e/0x4e0
[  100.310885][ T6932]  ___sys_sendmsg+0x17b/0x1d0
[  100.310949][ T6932]  __x64_sys_sendmsg+0xd4/0x160
[  100.310995][ T6932]  x64_sys_call+0x191e/0x2ff0
[  100.311092][ T6932]  do_syscall_64+0xd2/0x200
[  100.311119][ T6932]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.311147][ T6932]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  100.311239][ T6932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.311267][ T6932] RIP: 0033:0x7f934c52eb69
[  100.311287][ T6932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.311308][ T6932] RSP: 002b:00007f934ab97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  100.311329][ T6932] RAX: ffffffffffffffda RBX: 00007f934c755fa0 RCX: 00007f934c52eb69
[  100.311345][ T6932] RDX: 00000000000000c4 RSI: 0000200000000100 RDI: 0000000000000003
[  100.311359][ T6932] RBP: 00007f934ab97090 R08: 0000000000000000 R09: 0000000000000000
[  100.311390][ T6932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.311406][ T6932] R13: 0000000000000000 R14: 00007f934c755fa0 R15: 00007fff1333a9b8
[  100.311432][ T6932]  </TASK>
[  100.525168][ T6931] EXT4-fs (loop3): 1 truncate cleaned up
[  100.531859][ T6931] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.589931][ T6945] loop2: detected capacity change from 0 to 512
[  100.599888][ T6945] EXT4-fs (loop2): orphan cleanup on readonly fs
[  100.608142][ T6945] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.987: bg 0: block 248: padding at end of block bitmap is not set
[  100.624522][ T6945] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.987: Failed to acquire dquot type 1
[  100.637637][ T6945] EXT4-fs (loop2): 1 truncate cleaned up
[  100.644831][    C0] vcan0: j1939_xtp_rx_dat: no tx connection found
[  100.663409][ T6945] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  100.681176][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.682289][ T6947] loop1: detected capacity change from 0 to 512
[  100.715422][ T6950] hub 8-0:1.0: USB hub found
[  100.715543][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.720255][ T6950] hub 8-0:1.0: 8 ports detected
[  100.742146][ T6947] EXT4-fs (loop1): too many log groups per flexible block group
[  100.745570][ T6952] hub 8-0:1.0: USB hub found
[  100.750011][ T6947] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  100.756347][ T6954] netlink: 8 bytes leftover after parsing attributes in process `syz.3.989'.
[  100.763222][ T6952] hub 8-0:1.0: 8 ports detected
[  100.781963][ T6954] netlink: 8 bytes leftover after parsing attributes in process `syz.3.989'.
[  100.788306][ T6947] EXT4-fs (loop1): mount failed
[  100.808131][ T6954] netlink: 8 bytes leftover after parsing attributes in process `syz.3.989'.
[  100.823349][ T6954] netlink: 8 bytes leftover after parsing attributes in process `syz.3.989'.
[  100.835460][ T6962] loop2: detected capacity change from 0 to 512
[  100.868318][ T6962] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  100.896037][ T6962] EXT4-fs (loop2): orphan cleanup on readonly fs
[  100.913612][ T6973] FAULT_INJECTION: forcing a failure.
[  100.913612][ T6973] name failslab, interval 1, probability 0, space 0, times 0
[  100.926642][ T6973] CPU: 0 UID: 0 PID: 6973 Comm: syz.3.994 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(voluntary) 
[  100.926680][ T6973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  100.926697][ T6973] Call Trace:
[  100.926705][ T6973]  <TASK>
[  100.926715][ T6973]  __dump_stack+0x1d/0x30
[  100.926742][ T6973]  dump_stack_lvl+0xe8/0x140
[  100.926768][ T6973]  dump_stack+0x15/0x1b
[  100.926845][ T6973]  should_fail_ex+0x265/0x280
[  100.926881][ T6973]  should_failslab+0x8c/0xb0
[  100.926959][ T6973]  kmem_cache_alloc_noprof+0x50/0x310
[  100.926997][ T6973]  ? dst_alloc+0xbd/0x100
[  100.927034][ T6973]  dst_alloc+0xbd/0x100
[  100.927094][ T6973]  ip_route_output_key_hash_rcu+0xef5/0x1380
[  100.927135][ T6973]  ip_route_output_flow+0x7b/0x130
[  100.927163][ T6973]  ip_tunnel_xmit+0x789/0x1580
[  100.927265][ T6973]  ? ip_tunnel_xmit+0x70/0x1580
[  100.927306][ T6973]  ipgre_xmit+0x5c0/0x6a0
[  100.927336][ T6973]  dev_hard_start_xmit+0x125/0x3e0
[  100.927379][ T6973]  __dev_queue_xmit+0x10f9/0x2000
[  100.927470][ T6973]  ? __dev_queue_xmit+0x182/0x2000
[  100.927507][ T6973]  ? skb_release_data+0x34a/0x370
[  100.927611][ T6973]  __bpf_redirect+0x67f/0x990
[  100.927633][ T6973]  bpf_clone_redirect+0x18e/0x200
[  100.927704][ T6973]  bpf_prog_973cd02a7a0e8181+0x5f/0x68
[  100.927730][ T6973]  ? obj_cgroup_charge_account+0x122/0x1a0
[  100.927803][ T6973]  ? should_fail_ex+0x30/0x280
[  100.927840][ T6973]  ? __rcu_read_unlock+0x4f/0x70
[  100.927916][ T6973]  ? avc_has_perm_noaudit+0x1b1/0x200
[  100.927957][ T6973]  ? avc_has_perm+0xf7/0x180
[  100.927984][ T6973]  ? __rcu_read_unlock+0x4f/0x70
[  100.928011][ T6973]  ? is_bpf_text_address+0x141/0x160
[  100.928057][ T6973]  ? kernel_text_address+0x94/0xb0
[  100.928082][ T6973]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  100.928160][ T6973]  ? __kernel_text_address+0xd/0x40
[  100.928225][ T6973]  ? unwind_get_return_address+0x16/0x40
[  100.928261][ T6973]  ? arch_stack_walk+0xfc/0x150
[  100.928291][ T6973]  ? __list_add_valid_or_report+0x38/0xe0
[  100.928412][ T6973]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  100.928452][ T6973]  ? stack_depot_save_flags+0xa6a/0xb60
[  100.928491][ T6973]  ? read_tsc+0x9/0x20
[  100.928511][ T6973]  ? ktime_get+0x1eb/0x210
[  100.928540][ T6973]  bpf_test_run+0x1e0/0x490
[  100.928614][ T6973]  ? __list_add_valid_or_report+0x38/0xe0
[  100.928648][ T6973]  ? bpf_test_run+0xf6/0x490
[  100.928697][ T6973]  bpf_prog_test_run_skb+0x834/0xbd0
[  100.928800][ T6973]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  100.928830][ T6973]  bpf_prog_test_run+0x227/0x390
[  100.928871][ T6973]  __sys_bpf+0x4b9/0x7b0
[  100.928977][ T6973]  __x64_sys_bpf+0x41/0x50
[  100.929005][ T6973]  x64_sys_call+0x2aea/0x2ff0
[  100.929033][ T6973]  do_syscall_64+0xd2/0x200
[  100.929064][ T6973]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.929168][ T6973]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  100.929197][ T6973]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.929226][ T6973] RIP: 0033:0x7f976ceaeb69
[  100.929246][ T6973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.929266][ T6973] RSP: 002b:00007f976b4f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  100.929290][ T6973] RAX: ffffffffffffffda RBX: 00007f976d0d6080 RCX: 00007f976ceaeb69
[  100.929306][ T6973] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[  100.929327][ T6973] RBP: 00007f976b4f6090 R08: 0000000000000000 R09: 0000000000000000
[  100.929343][ T6973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.929359][ T6973] R13: 0000000000000000 R14: 00007f976d0d6080 R15: 00007ffc082e9c68
[  100.929380][ T6973]  </TASK>
[  101.065024][ T6962] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  101.305937][ T6962] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  101.313903][ T6962] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.993: bg 0: block 40: padding at end of block bitmap is not set
[  101.334796][ T6962] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  101.347636][ T6962] EXT4-fs (loop2): 1 truncate cleaned up
[  101.365709][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811a7fa200: rx timeout, send abort
[  101.445836][ T6962] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  101.476139][ T6962] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.535206][ T6984] loop1: detected capacity change from 0 to 2048
[  101.555406][ T6984] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.641092][ T7003] FAULT_INJECTION: forcing a failure.
[  101.641092][ T7003] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.648908][ T7000] hub 8-0:1.0: USB hub found
[  101.654957][ T7003] CPU: 0 UID: 0 PID: 7003 Comm: syz.3.1005 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(voluntary) 
[  101.655000][ T7003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  101.655053][ T7003] Call Trace:
[  101.655062][ T7003]  <TASK>
[  101.655072][ T7003]  __dump_stack+0x1d/0x30
[  101.655102][ T7003]  dump_stack_lvl+0xe8/0x140
[  101.655211][ T7003]  dump_stack+0x15/0x1b
[  101.655234][ T7003]  should_fail_ex+0x265/0x280
[  101.655296][ T7003]  should_fail+0xb/0x20
[  101.655333][ T7003]  should_fail_usercopy+0x1a/0x20
[  101.655438][ T7003]  _copy_from_user+0x1c/0xb0
[  101.655524][ T7003]  ___sys_sendmsg+0xc1/0x1d0
[  101.655664][ T7003]  __x64_sys_sendmsg+0xd4/0x160
[  101.655718][ T7003]  x64_sys_call+0x191e/0x2ff0
[  101.655750][ T7003]  do_syscall_64+0xd2/0x200
[  101.655783][ T7003]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.655889][ T7003]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  101.655961][ T7003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.655992][ T7003] RIP: 0033:0x7f976ceaeb69
[  101.656013][ T7003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.656042][ T7003] RSP: 002b:00007f976b517038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  101.656103][ T7003] RAX: ffffffffffffffda RBX: 00007f976d0d5fa0 RCX: 00007f976ceaeb69
[  101.656121][ T7003] RDX: 0000000000000000 RSI: 0000200000002540 RDI: 0000000000000007
[  101.656139][ T7003] RBP: 00007f976b517090 R08: 0000000000000000 R09: 0000000000000000
[  101.656203][ T7003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.656220][ T7003] R13: 0000000000000000 R14: 00007f976d0d5fa0 R15: 00007ffc082e9c68
[  101.656248][ T7003]  </TASK>
[  101.695915][ T7005] loop4: detected capacity change from 0 to 128
[  101.698146][ T7000] hub 8-0:1.0: 8 ports detected
[  101.825656][ T7013] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1009'.
[  101.853316][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811a7fa200: abort rx timeout. Force session deactivation
[  101.863479][ T7013] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1009'.
[  101.874295][ T7005] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  101.910195][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.920601][ T7005] ext4 filesystem being mounted at /201/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  101.961624][ T7013] wireguard0: entered promiscuous mode
[  101.967344][ T7016] loop2: detected capacity change from 0 to 1024
[  102.004397][ T3307] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  102.025800][ T7026] loop4: detected capacity change from 0 to 512
[  102.038102][ T7016] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.115221][ T7016] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  102.132762][ T7016] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  102.145098][ T7016] EXT4-fs (loop2): This should not happen!! Data will be lost
[  102.145098][ T7016] 
[  102.154958][ T7016] EXT4-fs (loop2): Total free blocks count 0
[  102.161006][ T7016] EXT4-fs (loop2): Free/Dirty block details
[  102.167246][ T7016] EXT4-fs (loop2): free_blocks=20480
[  102.172572][ T7016] EXT4-fs (loop2): dirty_blocks=80
[  102.177824][ T7016] EXT4-fs (loop2): Block reservation details
[  102.183927][ T7016] EXT4-fs (loop2): i_reserved_data_blocks=5
[  102.206857][ T7026] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  102.215260][ T7026] EXT4-fs (loop4): orphan cleanup on readonly fs
[  102.223043][ T7026] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  102.245429][ T7026] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  102.252909][ T7026] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1016: bg 0: block 40: padding at end of block bitmap is not set
[  102.282746][ T3840] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 64 with error 28
[  102.319826][ T7026] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  102.341238][ T7026] EXT4-fs (loop4): 1 truncate cleaned up
[  102.354278][ T7026] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  102.405625][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.432921][ T7051] hub 8-0:1.0: USB hub found
[  102.438955][ T7051] hub 8-0:1.0: 8 ports detected
[  103.012811][ T7063] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1026'.
[  103.042073][ T7063] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1026'.
[  103.233909][ T7061] loop3: detected capacity change from 0 to 164
[  103.676485][ T7033] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1018'.
[  103.892017][ T7090] sch_tbf: burst 0 is lower than device macvtap0 mtu (1514) !
[  104.010376][ T7096] hub 8-0:1.0: USB hub found
[  104.015158][ T7096] hub 8-0:1.0: 8 ports detected
[  104.091310][ T7105] loop3: detected capacity change from 0 to 512
[  104.103524][ T7110] hub 9-0:1.0: USB hub found
[  104.110537][ T7110] hub 9-0:1.0: 8 ports detected
[  104.118832][ T7105] EXT4-fs (loop3): orphan cleanup on readonly fs
[  104.135598][ T7105] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1043: bg 0: block 248: padding at end of block bitmap is not set
[  104.159763][ T7105] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1043: Failed to acquire dquot type 1
[  104.188122][ T7105] EXT4-fs (loop3): 1 truncate cleaned up
[  104.195160][ T7105] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  104.253702][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.332847][ T7133] loop4: detected capacity change from 0 to 128
[  104.347939][ T7129] loop1: detected capacity change from 0 to 512
[  104.360925][ T7133] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  104.387599][ T7129] EXT4-fs (loop1): too many log groups per flexible block group
[  104.400178][ T7129] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  104.409666][ T7133] ext4 filesystem being mounted at /210/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  104.441979][ T7129] EXT4-fs (loop1): mount failed
[  104.458418][ T7126] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1047'.
[  104.529124][   T29] kauditd_printk_skb: 269 callbacks suppressed
[  104.529140][   T29] audit: type=1326 audit(1754289844.996:6442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7132 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dffadeb69 code=0x7ffc0000
[  104.562323][ T7145] hub 8-0:1.0: USB hub found
[  104.567082][ T7145] hub 8-0:1.0: 8 ports detected
[  104.592226][   T29] audit: type=1326 audit(1754289845.059:6443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7132 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dffadeb69 code=0x7ffc0000
[  104.615843][   T29] audit: type=1326 audit(1754289845.070:6444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7132 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=197 compat=0 ip=0x7f5dffadeb69 code=0x7ffc0000
[  104.639438][   T29] audit: type=1326 audit(1754289845.070:6445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7132 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dffadeb69 code=0x7ffc0000
[  104.662993][   T29] audit: type=1326 audit(1754289845.070:6446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7132 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dffadeb69 code=0x7ffc0000
[  104.688294][   T29] audit: type=1326 audit(1754289845.070:6447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7146 comm="syz.2.1055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38cfb8eb69 code=0x7ffc0000
[  104.712144][   T29] audit: type=1326 audit(1754289845.070:6448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7146 comm="syz.2.1055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38cfb8eb69 code=0x7ffc0000
[  104.735706][   T29] audit: type=1326 audit(1754289845.070:6449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7132 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5dffadeb69 code=0x7ffc0000
[  104.759283][   T29] audit: type=1326 audit(1754289845.070:6450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7132 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dffadeb69 code=0x7ffc0000
[  104.783046][   T29] audit: type=1326 audit(1754289845.070:6451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7132 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dffadeb69 code=0x7ffc0000
[  104.808902][ T3307] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  104.881597][ T7164] serio: Serial port ptm0
[  104.889015][ T7162] loop2: detected capacity change from 0 to 128
[  104.923360][ T7162] syz.2.1061: attempt to access beyond end of device
[  104.923360][ T7162] loop2: rw=0, sector=121, nr_sectors = 920 limit=128
[  104.974996][ T7171] loop3: detected capacity change from 0 to 8192
[  105.695410][ T7214] __nla_validate_parse: 2 callbacks suppressed
[  105.695428][ T7214] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1077'.
[  105.743678][ T7214] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1077'.
[  105.770935][ T7214] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1077'.
[  105.788240][ T7214] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1077'.
[  105.808514][ T7214] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1077'.
[  105.924467][ T7220] loop1: detected capacity change from 0 to 2048
[  105.985597][ T7241] lo speed is unknown, defaulting to 1000
[  106.002755][ T7243] loop1: detected capacity change from 0 to 1024
[  106.005998][ T7226] loop4: detected capacity change from 0 to 8192
[  106.015844][ T7241] lo speed is unknown, defaulting to 1000
[  106.022252][ T7241] lo speed is unknown, defaulting to 1000
[  106.042430][ T7243] ext4: Unknown parameter 'smackfshat'
[  106.051564][ T7241] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  106.077682][ T7243] loop1: detected capacity change from 0 to 512
[  106.100293][ T7241] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  106.107894][ T7243] EXT4-fs: Ignoring removed nobh option
[  106.122554][ T7241] lo speed is unknown, defaulting to 1000
[  106.129888][ T7243] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.137324][ T7241] lo speed is unknown, defaulting to 1000
[  106.200053][ T7241] lo speed is unknown, defaulting to 1000
[  106.206260][ T7241] lo speed is unknown, defaulting to 1000
[  106.218041][ T7241] lo speed is unknown, defaulting to 1000
[  106.238849][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.278945][ T7259] loop1: detected capacity change from 0 to 128
[  106.351341][ T7262] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1091'.
[  106.360514][ T7262] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1091'.
[  106.376084][ T7259] syz.1.1090: attempt to access beyond end of device
[  106.376084][ T7259] loop1: rw=0, sector=121, nr_sectors = 920 limit=128
[  106.398122][ T7266] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1092'.
[  106.414569][ T7266] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1092'.
[  106.425105][ T7266] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1092'.
[  106.467091][ T7270] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  106.489475][ T7270] batman_adv: batadv0: Removing interface: batadv_slave_1
[  106.575379][ T7279] loop1: detected capacity change from 0 to 512
[  106.589310][ T7279] EXT4-fs (loop1): orphan cleanup on readonly fs
[  106.612001][ T7284] loop4: detected capacity change from 0 to 512
[  106.618471][   T10] Process accounting resumed
[  106.627758][ T7279] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1098: bg 0: block 248: padding at end of block bitmap is not set
[  106.644288][ T7279] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1098: Failed to acquire dquot type 1
[  106.668778][ T7279] EXT4-fs (loop1): 1 truncate cleaned up
[  106.676579][ T7284] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  106.677139][ T7279] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  106.697063][ T7284] EXT4-fs (loop4): orphan cleanup on readonly fs
[  106.704578][ T7284] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  106.733419][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.743785][ T7284] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  106.751645][ T7284] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1100: bg 0: block 40: padding at end of block bitmap is not set
[  106.773320][ T7284] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  106.783732][ T7284] EXT4-fs (loop4): 1 truncate cleaned up
[  106.805600][ T7284] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  106.827792][ T7302] loop1: detected capacity change from 0 to 512
[  106.834863][ T7302] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  106.858974][ T7302] EXT4-fs (loop1): 1 orphan inode deleted
[  106.864801][ T7302] EXT4-fs (loop1): 1 truncate cleaned up
[  106.871386][ T7284] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.879559][ T7302] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.926363][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.021025][ T7321] ip6gre1: entered promiscuous mode
[  107.245224][ T7333] loop2: detected capacity change from 0 to 512
[  107.269918][ T7333] EXT4-fs (loop2): too many log groups per flexible block group
[  107.277805][ T7333] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  107.294663][ T7333] EXT4-fs (loop2): mount failed
[  108.184331][ T7366] loop2: detected capacity change from 0 to 512
[  108.196475][ T7368] loop3: detected capacity change from 0 to 1024
[  108.215789][ T7370] loop4: detected capacity change from 0 to 1024
[  108.232256][ T7368] EXT4-fs: inline encryption not supported
[  108.243445][ T7370] EXT4-fs: inline encryption not supported
[  108.251818][ T7368] EXT4-fs: Ignoring removed bh option
[  108.262332][ T7370] EXT4-fs: Ignoring removed bh option
[  108.323673][ T7366] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  108.341433][ T7366] EXT4-fs (loop2): orphan cleanup on readonly fs
[  108.356551][ T7366] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  108.387270][ T7366] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  108.402596][ T7366] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1122: bg 0: block 40: padding at end of block bitmap is not set
[  108.433503][ T7366] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  108.452355][ T7366] EXT4-fs (loop2): 1 truncate cleaned up
[  108.465223][ T7366] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  108.519357][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.867884][ T7370] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.881452][ T7368] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.934106][ T7370] FAULT_INJECTION: forcing a failure.
[  108.934106][ T7370] name failslab, interval 1, probability 0, space 0, times 0
[  108.946816][ T7370] CPU: 0 UID: 0 PID: 7370 Comm: syz.4.1124 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(voluntary) 
[  108.946905][ T7370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  108.946922][ T7370] Call Trace:
[  108.946932][ T7370]  <TASK>
[  108.946942][ T7370]  __dump_stack+0x1d/0x30
[  108.946970][ T7370]  dump_stack_lvl+0xe8/0x140
[  108.947034][ T7370]  dump_stack+0x15/0x1b
[  108.947055][ T7370]  should_fail_ex+0x265/0x280
[  108.947098][ T7370]  should_failslab+0x8c/0xb0
[  108.947141][ T7370]  kmem_cache_alloc_noprof+0x50/0x310
[  108.947177][ T7370]  ? audit_log_start+0x365/0x6c0
[  108.947217][ T7370]  audit_log_start+0x365/0x6c0
[  108.947279][ T7370]  audit_seccomp+0x48/0x100
[  108.947353][ T7370]  ? __seccomp_filter+0x68c/0x10d0
[  108.947381][ T7370]  __seccomp_filter+0x69d/0x10d0
[  108.947457][ T7370]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  108.947491][ T7370]  ? vfs_write+0x75e/0x8e0
[  108.947595][ T7370]  __secure_computing+0x82/0x150
[  108.947621][ T7370]  syscall_trace_enter+0xcf/0x1e0
[  108.947652][ T7370]  do_syscall_64+0xac/0x200
[  108.947682][ T7370]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  108.947722][ T7370]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  108.947748][ T7370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.947775][ T7370] RIP: 0033:0x7f5dffadeb69
[  108.947793][ T7370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.947881][ T7370] RSP: 002b:00007f5dfe147038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  108.947913][ T7370] RAX: ffffffffffffffda RBX: 00007f5dffd05fa0 RCX: 00007f5dffadeb69
[  108.947928][ T7370] RDX: 0000000000042080 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  108.947943][ T7370] RBP: 00007f5dfe147090 R08: 0000000000000000 R09: 0000000000000000
[  108.947958][ T7370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  108.947974][ T7370] R13: 0000000000000000 R14: 00007f5dffd05fa0 R15: 00007ffeaeb09bd8
[  108.947998][ T7370]  </TASK>
[  109.259437][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.274478][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.304479][ T7399] SELinux: security_context_str_to_sid () failed with errno=-22
[  109.323100][   T29] kauditd_printk_skb: 303 callbacks suppressed
[  109.323155][   T29] audit: type=1326 audit(1754289850.036:6749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7398 comm="syz.3.1131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f976ceaeb69 code=0x7ffc0000
[  109.365354][ T7400] loop3: detected capacity change from 0 to 512
[  109.383430][   T29] audit: type=1326 audit(1754289850.036:6750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7398 comm="syz.3.1131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f976ceaeb69 code=0x7ffc0000
[  109.407041][   T29] audit: type=1400 audit(1754289850.036:6751): avc:  denied  { create } for  pid=7385 comm="syz.2.1125" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  109.426717][   T29] audit: type=1326 audit(1754289850.078:6752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7398 comm="syz.3.1131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f976ceaeb69 code=0x7ffc0000
[  109.446916][ T7400] EXT4-fs (loop3): orphan cleanup on readonly fs
[  109.450198][   T29] audit: type=1326 audit(1754289850.078:6753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7398 comm="syz.3.1131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f976ceaeb69 code=0x7ffc0000
[  109.479998][   T29] audit: type=1326 audit(1754289850.078:6754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7398 comm="syz.3.1131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f976ceaeb69 code=0x7ffc0000
[  109.485440][ T7400] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1131: bg 0: block 248: padding at end of block bitmap is not set
[  109.503565][   T29] audit: type=1326 audit(1754289850.078:6755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7398 comm="syz.3.1131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f976ceaeb69 code=0x7ffc0000
[  109.541246][   T29] audit: type=1326 audit(1754289850.078:6756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7398 comm="syz.3.1131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f976ceaeb69 code=0x7ffc0000
[  109.564864][   T29] audit: type=1326 audit(1754289850.078:6757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7398 comm="syz.3.1131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f976ceaeb69 code=0x7ffc0000
[  109.583176][ T7410] lo speed is unknown, defaulting to 1000
[  109.588408][   T29] audit: type=1326 audit(1754289850.078:6758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7398 comm="syz.3.1131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f976ceaeb69 code=0x7ffc0000
[  109.599147][ T7400] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1131: Failed to acquire dquot type 1
[  109.721107][ T7400] EXT4-fs (loop3): 1 truncate cleaned up
[  109.743833][ T7400] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  109.814919][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.833394][ T7422] loop2: detected capacity change from 0 to 512
[  109.871276][ T7422] EXT4-fs (loop2): too many log groups per flexible block group
[  109.879124][ T7422] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  109.913361][ T7422] EXT4-fs (loop2): mount failed
[  110.445231][ T7450] loop3: detected capacity change from 0 to 128
[  110.477579][ T7452] FAULT_INJECTION: forcing a failure.
[  110.477579][ T7452] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  110.490800][ T7452] CPU: 0 UID: 0 PID: 7452 Comm: syz.1.1142 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(voluntary) 
[  110.490835][ T7452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  110.490851][ T7452] Call Trace:
[  110.490858][ T7452]  <TASK>
[  110.490889][ T7452]  __dump_stack+0x1d/0x30
[  110.490936][ T7452]  dump_stack_lvl+0xe8/0x140
[  110.490955][ T7452]  dump_stack+0x15/0x1b
[  110.490970][ T7452]  should_fail_ex+0x265/0x280
[  110.491061][ T7452]  should_fail+0xb/0x20
[  110.491095][ T7452]  should_fail_usercopy+0x1a/0x20
[  110.491126][ T7452]  strncpy_from_user+0x25/0x230
[  110.491151][ T7452]  ? kmem_cache_alloc_noprof+0x186/0x310
[  110.491196][ T7452]  ? getname_flags+0x80/0x3b0
[  110.491247][ T7452]  getname_flags+0xae/0x3b0
[  110.491277][ T7452]  __x64_sys_unlinkat+0x70/0xb0
[  110.491382][ T7452]  x64_sys_call+0x2ede/0x2ff0
[  110.491410][ T7452]  do_syscall_64+0xd2/0x200
[  110.491467][ T7452]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  110.491571][ T7452]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  110.491600][ T7452]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.491663][ T7452] RIP: 0033:0x7f76d3d6eb69
[  110.491678][ T7452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.491696][ T7452] RSP: 002b:00007f76d23cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000107
[  110.491740][ T7452] RAX: ffffffffffffffda RBX: 00007f76d3f95fa0 RCX: 00007f76d3d6eb69
[  110.491756][ T7452] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffff9c
[  110.491772][ T7452] RBP: 00007f76d23cf090 R08: 0000000000000000 R09: 0000000000000000
[  110.491788][ T7452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.491802][ T7452] R13: 0000000000000000 R14: 00007f76d3f95fa0 R15: 00007ffc30ece718
[  110.491821][ T7452]  </TASK>
[  110.514188][ T7450] syz.3.1141: attempt to access beyond end of device
[  110.514188][ T7450] loop3: rw=2049, sector=145, nr_sectors = 16 limit=128
[  110.564745][ T7456] loop2: detected capacity change from 0 to 512
[  110.697639][ T7450] syz.3.1141: attempt to access beyond end of device
[  110.697639][ T7450] loop3: rw=2049, sector=169, nr_sectors = 8 limit=128
[  110.714330][ T7456] EXT4-fs (loop2): orphan cleanup on readonly fs
[  110.722068][ T7456] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1144: bg 0: block 248: padding at end of block bitmap is not set
[  110.740151][ T7456] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1144: Failed to acquire dquot type 1
[  110.753792][ T7456] EXT4-fs (loop2): 1 truncate cleaned up
[  110.771320][ T7456] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  110.819543][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.928052][ T7475] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=19 sclass=netlink_audit_socket pid=7475 comm=syz.2.1146
[  110.939633][ T7479] __nla_validate_parse: 13 callbacks suppressed
[  110.939653][ T7479] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1151'.
[  110.976488][ T7478] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1150'.
[  110.998156][ T7479] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1151'.
[  111.007953][ T7479] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1151'.
[  111.017182][ T7478] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1150'.
[  111.047671][ T7478] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1150'.
[  111.064825][ T7479] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1151'.
[  111.073808][ T7485] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  111.080355][ T7485] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  111.088168][ T7485] vhci_hcd vhci_hcd.0: Device attached
[  111.122342][ T7478] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1150'.
[  111.133768][ T7485] gtp uses obsolete (PF_INET,SOCK_PACKET)
[  111.139774][ T7479] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1151'.
[  111.153108][ T7485] netlink: 36 bytes leftover after parsing attributes in process `gtp'.
[  111.355092][ T7513] tipc: Started in network mode
[  111.360027][ T7513] tipc: Node identity 6273f6c92fbd, cluster identity 4711
[  111.360670][ T3381] usb 6-1: SetAddress Request (2) to port 0
[  111.367403][ T7513] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  111.382088][ T3381] usb 6-1: new SuperSpeed USB device number 2 using vhci_hcd
[  111.404773][ T7516] D: renamed from syzkaller0
[  111.418723][ T7516] tipc: Disabling bearer <eth:syzkaller0>
[  111.485851][ T7516] loop4: detected capacity change from 0 to 512
[  111.539565][ T7516] netlink: 'syz.4.1159': attribute type 10 has an invalid length.
[  111.574995][ T7516] batman_adv: batadv0: Adding interface: macvlan0
[  111.581583][ T7516] batman_adv: batadv0: The MTU of interface macvlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.661154][ T7539] netlink: 'syz.0.1161': attribute type 10 has an invalid length.
[  111.753088][ T7516] batman_adv: batadv0: Interface activated: macvlan0
[  111.792059][ T7539] team0: Port device geneve1 added
[  112.660834][ T7644] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=7644 comm=syz.0.1173
[  112.697728][ T7648] loop3: detected capacity change from 0 to 512
[  112.716761][ T7648] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  112.743217][ T7648] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  112.753498][ T7648] System zones: 0-2, 18-18, 34-34
[  112.764754][ T7648] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.779873][ T7648] ext4 filesystem being mounted at /236/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.816424][ T7662] loop4: detected capacity change from 0 to 512
[  112.824268][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.828141][ T7662] EXT4-fs (loop4): too many log groups per flexible block group
[  112.841234][ T7662] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  112.848414][ T7662] EXT4-fs (loop4): mount failed
[  113.148779][ T7693] loop1: detected capacity change from 0 to 512
[  113.167414][ T7693] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  113.181880][ T7693] EXT4-fs (loop1): 1 truncate cleaned up
[  113.188854][ T7693] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.248383][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.332744][ T7486] vhci_hcd: connection reset by peer
[  113.338361][ T5530] vhci_hcd: stop threads
[  113.342795][ T5530] vhci_hcd: release socket
[  113.347225][ T5530] vhci_hcd: disconnect device
[  113.443138][ T7729] loop3: detected capacity change from 0 to 512
[  113.451538][ T7729] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.1187: bad orphan inode 15
[  113.462130][ T7729] ext4_test_bit(bit=14, block=5) = 0
[  113.468237][ T7729] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.493289][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.533962][ T7733] loop3: detected capacity change from 0 to 128
[  113.603368][ T7733] syz.3.1188: attempt to access beyond end of device
[  113.603368][ T7733] loop3: rw=0, sector=121, nr_sectors = 920 limit=128
[  113.693168][ T7748] loop4: detected capacity change from 0 to 512
[  113.710797][ T7748] EXT4-fs: Ignoring removed mblk_io_submit option
[  113.723115][ T7748] EXT4-fs: Ignoring removed mblk_io_submit option
[  113.732312][ T7748] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  113.767597][ T7748] EXT4-fs (loop4): failed to open journal device unknown-block(0,0) -6
[  114.101035][   T29] kauditd_printk_skb: 317 callbacks suppressed
[  114.101065][   T29] audit: type=1400 audit(1754289855.044:7072): avc:  denied  { allowed } for  pid=7774 comm="syz.2.1203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  114.159078][   T29] audit: type=1400 audit(1754289855.086:7073): avc:  denied  { create } for  pid=7774 comm="syz.2.1203" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  114.180502][   T29] audit: type=1400 audit(1754289855.086:7074): avc:  denied  { sqpoll } for  pid=7774 comm="syz.2.1203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  114.192821][ T7781] loop3: detected capacity change from 0 to 512
[  114.222574][   T29] audit: type=1400 audit(1754289855.180:7075): avc:  denied  { mounton } for  pid=7779 comm="syz.3.1205" path="/245/file0" dev="tmpfs" ino=1384 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  114.246129][   T29] audit: type=1400 audit(1754289855.191:7076): avc:  denied  { write } for  pid=7783 comm="syz.2.1208" name="001" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  114.270342][ T7781] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  114.274304][ T7786] hub 8-0:1.0: USB hub found
[  114.283428][ T7786] hub 8-0:1.0: 8 ports detected
[  114.285529][ T7781] EXT4-fs (loop3): orphan cleanup on readonly fs
[  114.301095][   T29] audit: type=1326 audit(1754289855.201:7077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7788 comm="syz.1.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76d3d6eb69 code=0x7ffc0000
[  114.301153][ T7781] Quota error (device loop3): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  114.301235][ T7781] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  114.324723][   T29] audit: type=1326 audit(1754289855.201:7078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7788 comm="syz.1.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f76d3d6eb69 code=0x7ffc0000
[  114.324767][   T29] audit: type=1326 audit(1754289855.201:7079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7788 comm="syz.1.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76d3d6eb69 code=0x7ffc0000
[  114.324804][   T29] audit: type=1326 audit(1754289855.201:7080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7788 comm="syz.1.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76d3d6eb69 code=0x7ffc0000
[  114.330233][ T7789] loop1: detected capacity change from 0 to 512
[  114.352411][ T7781] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  114.413011][ T7792] loop2: detected capacity change from 0 to 2048
[  114.424500][ T7781] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1205: bg 0: block 40: padding at end of block bitmap is not set
[  114.435477][ T7789] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  114.441199][ T7781] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  114.456515][ T7789] EXT4-fs (loop1): orphan cleanup on readonly fs
[  114.463636][ T7781] EXT4-fs (loop3): 1 truncate cleaned up
[  114.480515][ T7789] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1209: corrupted inode contents
[  114.484083][ T7781] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  114.497311][ T7792] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  114.507981][ T7781] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.520949][ T7789] EXT4-fs (loop1): Remounting filesystem read-only
[  114.536103][ T7789] EXT4-fs (loop1): 1 truncate cleaned up
[  114.541940][ T5530] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  114.552602][ T5530] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  114.573494][ T5530] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  114.615583][ T7789] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  114.630703][ T7789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.718313][ T7806] loop3: detected capacity change from 0 to 512
[  114.739192][ T7792] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  114.762731][ T7792] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  114.775446][ T7792] EXT4-fs (loop2): This should not happen!! Data will be lost
[  114.775446][ T7792] 
[  114.783683][ T7801] loop4: detected capacity change from 0 to 8192
[  114.785444][ T7792] EXT4-fs (loop2): Total free blocks count 0
[  114.797697][ T7792] EXT4-fs (loop2): Free/Dirty block details
[  114.803666][ T7792] EXT4-fs (loop2): free_blocks=2415919104
[  114.809454][ T7792] EXT4-fs (loop2): dirty_blocks=2720
[  114.814800][ T7792] EXT4-fs (loop2): Block reservation details
[  114.820948][ T7792] EXT4-fs (loop2): i_reserved_data_blocks=170
[  114.836625][ T7806] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1213: Failed to acquire dquot type 1
[  114.941243][ T7806] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.1213: corrupted inode contents
[  114.964606][ T7806] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.1213: mark_inode_dirty error
[  114.990871][ T7806] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.1213: corrupted inode contents
[  115.007239][ T7806] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.1213: mark_inode_dirty error
[  115.027462][ T7806] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.1213: corrupted inode contents
[  115.050133][ T7806] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  115.059155][ T7806] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.1213: corrupted inode contents
[  115.060015][ T6125] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  115.072829][ T7806] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.1213: mark_inode_dirty error
[  115.095935][ T7806] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  115.105530][ T7806] EXT4-fs (loop3): 1 truncate cleaned up
[  115.111717][ T7806] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.124948][ T7806] ext4 filesystem being mounted at /247/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.257493][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.338132][ T7831] loop4: detected capacity change from 0 to 512
[  115.357593][ T7831] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  115.400082][ T7831] EXT4-fs (loop4): orphan cleanup on readonly fs
[  115.407553][ T7831] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  115.423378][ T7831] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  115.430864][ T7831] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1222: bg 0: block 40: padding at end of block bitmap is not set
[  115.448532][ T7831] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  115.466315][ T7831] EXT4-fs (loop4): 1 truncate cleaned up
[  115.475002][ T7831] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  115.488394][ T7831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.496701][ T7840] loop1: detected capacity change from 0 to 128
[  115.507805][ T7838] loop2: detected capacity change from 0 to 512
[  115.518961][ T7840] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  115.532740][ T7838] EXT4-fs (loop2): too many log groups per flexible block group
[  115.540543][ T7838] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  115.548082][ T7840] ext4 filesystem being mounted at /256/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  115.561042][ T7838] EXT4-fs (loop2): mount failed
[  115.604472][ T3298] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  115.748855][ T7864] loop1: detected capacity change from 0 to 512
[  115.764639][ T7864] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  115.785291][ T7869] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  115.790281][ T7864] EXT4-fs (loop1): orphan cleanup on readonly fs
[  115.799221][ T7864] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  115.801689][ T7869] D: renamed from syzkaller0
[  115.821215][ T7869] tipc: Disabling bearer <eth:syzkaller0>
[  115.827177][ T7864] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  115.834369][ T7870] tipc: Started in network mode
[  115.839420][ T7870] tipc: Node identity 9a02beaca584, cluster identity 4711
[  115.846720][ T7870] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  115.871260][ T7870] D: renamed from syzkaller0
[  115.877832][ T7870] tipc: Disabling bearer <eth:syzkaller0>
[  115.893326][ T7872] loop4: detected capacity change from 0 to 512
[  115.905650][ T7864] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1234: bg 0: block 40: padding at end of block bitmap is not set
[  115.955762][ T7872] netlink: 'syz.4.1236': attribute type 10 has an invalid length.
[  115.963734][ T7872] __nla_validate_parse: 8 callbacks suppressed
[  115.963753][ T7872] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1236'.
[  115.982798][ T7864] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  115.993931][ T7864] EXT4-fs (loop1): 1 truncate cleaned up
[  116.001956][ T7864] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  116.042372][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.086303][ T7887] loop1: detected capacity change from 0 to 128
[  116.138420][ T7887] syz.1.1241: attempt to access beyond end of device
[  116.138420][ T7887] loop1: rw=0, sector=121, nr_sectors = 920 limit=128
[  116.199429][ T3381] usb 6-1: device descriptor read/8, error -110
[  116.270745][ T7895] 9pnet_fd: Insufficient options for proto=fd
[  116.271640][ T7897] loop4: detected capacity change from 0 to 512
[  116.303720][ T3381] usb 6-1: new SuperSpeed USB device number 2 using vhci_hcd
[  116.304645][ T7897] EXT4-fs (loop4): orphan cleanup on readonly fs
[  116.321049][ T7897] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1243: bg 0: block 248: padding at end of block bitmap is not set
[  116.322961][ T3381] usb 6-1: enqueue for inactive port 0
[  116.336874][ T7897] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1243: Failed to acquire dquot type 1
[  116.388597][ T7897] EXT4-fs (loop4): 1 truncate cleaned up
[  116.397644][ T3381] usb 6-1: enqueue for inactive port 0
[  116.411084][ T3381] usb 6-1: enqueue for inactive port 0
[  116.451846][ T7907] loop3: detected capacity change from 0 to 512
[  116.464702][ T7910] FAULT_INJECTION: forcing a failure.
[  116.464702][ T7910] name failslab, interval 1, probability 0, space 0, times 0
[  116.477635][ T7910] CPU: 0 UID: 0 PID: 7910 Comm: syz.1.1249 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(voluntary) 
[  116.477715][ T7910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  116.477728][ T7910] Call Trace:
[  116.477733][ T7910]  <TASK>
[  116.477739][ T7910]  __dump_stack+0x1d/0x30
[  116.477764][ T7910]  dump_stack_lvl+0xe8/0x140
[  116.477836][ T7910]  dump_stack+0x15/0x1b
[  116.477857][ T7910]  should_fail_ex+0x265/0x280
[  116.477900][ T7910]  should_failslab+0x8c/0xb0
[  116.477939][ T7910]  kmem_cache_alloc_noprof+0x50/0x310
[  116.477972][ T7910]  ? security_inode_alloc+0x37/0x100
[  116.478005][ T7910]  security_inode_alloc+0x37/0x100
[  116.478113][ T7910]  inode_init_always_gfp+0x4b7/0x500
[  116.478138][ T7910]  ? __pfx_sock_alloc_inode+0x10/0x10
[  116.478170][ T7910]  alloc_inode+0x58/0x170
[  116.478195][ T7910]  do_accept+0xa0/0x3a0
[  116.478219][ T7910]  ? dev_map_lookup_elem+0x5a/0x80
[  116.478358][ T7910]  __sys_accept4+0xbf/0x140
[  116.478399][ T7910]  __x64_sys_accept+0x42/0x50
[  116.478432][ T7910]  x64_sys_call+0x212c/0x2ff0
[  116.478479][ T7910]  do_syscall_64+0xd2/0x200
[  116.478508][ T7910]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  116.478536][ T7910]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  116.478556][ T7910]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.478643][ T7910] RIP: 0033:0x7f76d3d6eb69
[  116.478662][ T7910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.478686][ T7910] RSP: 002b:00007f76d23cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002b
[  116.478710][ T7910] RAX: ffffffffffffffda RBX: 00007f76d3f95fa0 RCX: 00007f76d3d6eb69
[  116.478726][ T7910] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  116.478805][ T7910] RBP: 00007f76d23cf090 R08: 0000000000000000 R09: 0000000000000000
[  116.478819][ T7910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  116.478832][ T7910] R13: 0000000000000000 R14: 00007f76d3f95fa0 R15: 00007ffc30ece718
[  116.478851][ T7910]  </TASK>
[  116.689348][ T7907] EXT4-fs (loop3): orphan cleanup on readonly fs
[  116.696458][ T7907] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1248: bg 0: block 248: padding at end of block bitmap is not set
[  116.711573][ T7907] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1248: Failed to acquire dquot type 1
[  116.727480][ T7915] loop4: detected capacity change from 0 to 128
[  116.737723][ T7915] FAT-fs (loop4): error, corrupted directory (invalid entries)
[  116.745445][ T7915] FAT-fs (loop4): Filesystem has been set read-only
[  116.753159][ T7907] EXT4-fs (loop3): 1 truncate cleaned up
[  116.753357][ T7915] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1251'.
[  116.782523][ T7905] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1247'.
[  116.864724][ T7921] loop2: detected capacity change from 0 to 512
[  116.874247][ T7921] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  116.888816][ T7929] loop4: detected capacity change from 0 to 128
[  116.889167][ T7921] EXT4-fs (loop2): 1 truncate cleaned up
[  116.904941][ T7929] ext4 filesystem being mounted at /252/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  116.938242][ T7931] loop3: detected capacity change from 0 to 8192
[  117.171779][ T7954] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  117.186775][ T7949] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1264'.
[  117.196603][ T7954] D: renamed from syzkaller0
[  117.205574][ T7954] tipc: Disabling bearer <eth:syzkaller0>
[  117.350694][ T7956] loop2: detected capacity change from 0 to 8192
[  117.373495][ T7961] loop4: detected capacity change from 0 to 128
[  117.450313][ T7961] syz.4.1269: attempt to access beyond end of device
[  117.450313][ T7961] loop4: rw=0, sector=121, nr_sectors = 920 limit=128
[  117.552011][ T3381] usb usb6-port1: attempt power cycle
[  117.609175][ T7972] loop1: detected capacity change from 0 to 128
[  117.711903][ T7972] ext4 filesystem being mounted at /264/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  117.761819][ T7980] loop3: detected capacity change from 0 to 128
[  117.769073][ T7980] FAT-fs (loop3): bogus number of reserved sectors
[  117.775769][ T7980] FAT-fs (loop3): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  117.785229][ T7980] FAT-fs (loop3): Can't find a valid FAT filesystem
[  117.791245][ T7984] loop4: detected capacity change from 0 to 512
[  117.855187][ T7984] loop4: detected capacity change from 0 to 2048
[  117.889174][ T7997] loop1: detected capacity change from 0 to 128
[  117.897191][ T7984] EXT4-fs (loop4): failed to initialize system zone (-117)
[  117.909342][ T7984] EXT4-fs (loop4): mount failed
[  117.944908][ T7997] syz.1.1280: attempt to access beyond end of device
[  117.944908][ T7997] loop1: rw=0, sector=121, nr_sectors = 920 limit=128
[  117.987389][ T7984] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1277'.
[  118.108689][ T8015] loop3: detected capacity change from 0 to 8192
[  118.137885][ T8021] loop1: detected capacity change from 0 to 512
[  118.145568][ T8021] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  118.195438][ T8021] EXT4-fs (loop1): 1 truncate cleaned up
[  118.278008][ T8027] loop1: detected capacity change from 0 to 128
[  118.292215][ T8027] ext4 filesystem being mounted at /267/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  118.381757][ T8030] loop1: detected capacity change from 0 to 128
[  118.466393][ T8049] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1300'.
[  118.476232][ T8049] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1300'.
[  118.486397][ T8049] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1300'.
[  118.496227][ T8049] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1300'.
[  118.536999][ T8054] loop1: detected capacity change from 0 to 128
[  118.553344][ T8054] ext4 filesystem being mounted at /269/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  118.663381][ T8062] loop3: detected capacity change from 0 to 512
[  118.715005][ T8062] ext4 filesystem being mounted at /265/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.730537][ T8074] loop1: detected capacity change from 0 to 512
[  118.752644][ T8074] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  118.762017][ T8074] EXT4-fs (loop1): orphan cleanup on readonly fs
[  118.768790][ T8074] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  118.798882][ T8074] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  118.806913][ T8074] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1309: bg 0: block 40: padding at end of block bitmap is not set
[  118.822104][ T8074] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  118.831807][ T8074] EXT4-fs (loop1): 1 truncate cleaned up
[  118.889603][ T8087] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1313'.
[  118.923450][   T29] kauditd_printk_skb: 418 callbacks suppressed
[  118.923470][   T29] audit: type=1326 audit(1754289860.115:7484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8088 comm="syz.1.1314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76d3d6eb69 code=0x7ffc0000
[  118.948900][ T8089] FAULT_INJECTION: forcing a failure.
[  118.948900][ T8089] name failslab, interval 1, probability 0, space 0, times 0
[  118.953711][   T29] audit: type=1326 audit(1754289860.115:7485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8088 comm="syz.1.1314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76d3d6eb69 code=0x7ffc0000
[  118.965786][ T8089] CPU: 0 UID: 0 PID: 8089 Comm: syz.1.1314 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(voluntary) 
[  118.965819][ T8089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  118.965836][ T8089] Call Trace:
[  118.965843][ T8089]  <TASK>
[  118.965853][ T8089]  __dump_stack+0x1d/0x30
[  118.965951][ T8089]  dump_stack_lvl+0xe8/0x140
[  118.966038][ T8089]  dump_stack+0x15/0x1b
[  118.966060][ T8089]  should_fail_ex+0x265/0x280
[  118.966105][ T8089]  should_failslab+0x8c/0xb0
[  118.966219][ T8089]  kmem_cache_alloc_node_noprof+0x57/0x320
[  118.966258][ T8089]  ? __alloc_skb+0x101/0x320
[  118.966300][ T8089]  __alloc_skb+0x101/0x320
[  118.966336][ T8089]  ? audit_log_start+0x365/0x6c0
[  118.966411][ T8089]  audit_log_start+0x380/0x6c0
[  118.966459][ T8089]  audit_seccomp+0x48/0x100
[  118.966500][ T8089]  ? __seccomp_filter+0x68c/0x10d0
[  118.966564][ T8089]  __seccomp_filter+0x69d/0x10d0
[  118.966596][ T8089]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  118.966633][ T8089]  ? vfs_write+0x75e/0x8e0
[  118.966663][ T8089]  ? __rcu_read_unlock+0x4f/0x70
[  118.966730][ T8089]  ? __fget_files+0x184/0x1c0
[  118.966815][ T8089]  __secure_computing+0x82/0x150
[  118.966844][ T8089]  syscall_trace_enter+0xcf/0x1e0
[  118.966879][ T8089]  do_syscall_64+0xac/0x200
[  118.966911][ T8089]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  118.966979][ T8089]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  118.967066][ T8089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.967110][ T8089] RIP: 0033:0x7f76d3d6eb69
[  118.967132][ T8089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.967158][ T8089] RSP: 002b:00007f76d23cf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ad
[  118.967185][ T8089] RAX: ffffffffffffffda RBX: 00007f76d3f95fa0 RCX: 00007f76d3d6eb69
[  118.967255][ T8089] RDX: 0000000000000006 RSI: 0000000000000002 RDI: 0000000000000001
[  118.967271][ T8089] RBP: 00007f76d23cf090 R08: 0000000000000000 R09: 0000000000000000
[  118.967294][ T8089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.967311][ T8089] R13: 0000000000000000 R14: 00007f76d3f95fa0 R15: 00007ffc30ece718
[  118.967341][ T8089]  </TASK>
[  118.967375][ T8089] audit: audit_lost=6 audit_rate_limit=0 audit_backlog_limit=64
[  118.989378][   T29] audit: type=1326 audit(1754289860.115:7486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8088 comm="syz.1.1314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f76d3d6d4d0 code=0x7ffc0000
[  119.001590][ T8089] audit: out of memory in audit_log_start
[  119.011696][   T29] audit: type=1326 audit(1754289860.115:7487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8088 comm="syz.1.1314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f76d3d6d61f code=0x7ffc0000
[  119.043525][ T8091] loop1: detected capacity change from 0 to 512
[  119.070676][   T29] audit: type=1326 audit(1754289860.209:7488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8088 comm="syz.1.1314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f76d3d6d57c code=0x7ffc0000
[  119.102266][ T8091] EXT4-fs (loop1): orphan cleanup on readonly fs
[  119.105784][   T29] audit: type=1326 audit(1754289860.209:7489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8088 comm="syz.1.1314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f76d3d6d61f code=0x7ffc0000
[  119.111631][ T8091] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1315: bg 0: block 248: padding at end of block bitmap is not set
[  119.115360][   T29] audit: type=1326 audit(1754289860.209:7490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8088 comm="syz.1.1314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f76d3d6d7ca code=0x7ffc0000
[  119.122289][ T8091] Quota error (device loop1): write_blk: dquota write failed
[  119.373931][ T8091] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1315: Failed to acquire dquot type 1
[  119.402610][ T8091] EXT4-fs (loop1): 1 truncate cleaned up
[  119.466475][ T3381] usb usb6-port1: unable to enumerate USB device
[  119.494413][ T3467] IPVS: starting estimator thread 0...
[  119.538018][ T8111] FAULT_INJECTION: forcing a failure.
[  119.538018][ T8111] name failslab, interval 1, probability 0, space 0, times 0
[  119.550840][ T8111] CPU: 0 UID: 0 PID: 8111 Comm: syz.3.1321 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(voluntary) 
[  119.550876][ T8111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  119.550890][ T8111] Call Trace:
[  119.550896][ T8111]  <TASK>
[  119.550904][ T8111]  __dump_stack+0x1d/0x30
[  119.550929][ T8111]  dump_stack_lvl+0xe8/0x140
[  119.550978][ T8111]  dump_stack+0x15/0x1b
[  119.550996][ T8111]  should_fail_ex+0x265/0x280
[  119.551032][ T8111]  should_failslab+0x8c/0xb0
[  119.551067][ T8111]  kmem_cache_alloc_noprof+0x50/0x310
[  119.551097][ T8111]  ? security_inode_alloc+0x37/0x100
[  119.551125][ T8111]  security_inode_alloc+0x37/0x100
[  119.551150][ T8111]  inode_init_always_gfp+0x4b7/0x500
[  119.551255][ T8111]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  119.551283][ T8111]  alloc_inode+0x58/0x170
[  119.551308][ T8111]  new_inode+0x1d/0xe0
[  119.551339][ T8111]  shmem_get_inode+0x244/0x750
[  119.551387][ T8111]  __shmem_file_setup+0x113/0x210
[  119.551473][ T8111]  shmem_file_setup+0x3b/0x50
[  119.551512][ T8111]  __se_sys_memfd_create+0x2c3/0x590
[  119.551540][ T8111]  __x64_sys_memfd_create+0x31/0x40
[  119.551625][ T8111]  x64_sys_call+0x2abe/0x2ff0
[  119.551652][ T8111]  do_syscall_64+0xd2/0x200
[  119.551674][ T8111]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  119.551697][ T8111]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  119.551718][ T8111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.551788][ T8111] RIP: 0033:0x7f976ceaeb69
[  119.551804][ T8111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.551865][ T8111] RSP: 002b:00007f976b516e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  119.551961][ T8111] RAX: ffffffffffffffda RBX: 000000000000054f RCX: 00007f976ceaeb69
[  119.551974][ T8111] RDX: 00007f976b516ef0 RSI: 0000000000000000 RDI: 00007f976cf32784
[  119.551986][ T8111] RBP: 0000200000000c00 R08: 00007f976b516bb7 R09: 00007f976b516e40
[  119.551997][ T8111] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[  119.552009][ T8111] R13: 00007f976b516ef0 R14: 00007f976b516eb0 R15: 0000200000000380
[  119.552029][ T8111]  </TASK>
[  119.777198][ T8118] loop1: detected capacity change from 0 to 1024
[  119.799173][ T8108] IPVS: using max 2304 ests per chain, 115200 per kthread
[  119.904417][ T8133] loop4: detected capacity change from 0 to 512
[  119.924714][ T8133] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  119.943832][ T8126] ==================================================================
[  119.951962][ T8126] BUG: KCSAN: data-race in _copy_from_iter / _copy_from_iter
[  119.959424][ T8126] 
[  119.961763][ T8126] write to 0xffff88814380c000 of 4096 bytes by task 8136 on cpu 0:
[  119.969655][ T8126]  _copy_from_iter+0x130/0xe40
[  119.974429][ T8126]  copy_page_from_iter+0x178/0x2a0
[  119.979549][ T8126]  process_vm_rw+0x659/0x960
[  119.984159][ T8126]  __x64_sys_process_vm_writev+0x78/0x90
[  119.989829][ T8126]  x64_sys_call+0x2a7c/0x2ff0
[  119.994523][ T8126]  do_syscall_64+0xd2/0x200
[  119.999038][ T8126]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.004939][ T8126] 
[  120.007264][ T8126] write to 0xffff88814380c000 of 4096 bytes by task 8126 on cpu 1:
[  120.015163][ T8126]  _copy_from_iter+0x130/0xe40
[  120.019943][ T8126]  copy_page_from_iter+0x178/0x2a0
[  120.025071][ T8126]  process_vm_rw+0x659/0x960
[  120.029677][ T8126]  __x64_sys_process_vm_writev+0x78/0x90
[  120.035427][ T8126]  x64_sys_call+0x2a7c/0x2ff0
[  120.040132][ T8126]  do_syscall_64+0xd2/0x200
[  120.044673][ T8126]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.050582][ T8126] 
[  120.052913][ T8126] Reported by Kernel Concurrency Sanitizer on:
[  120.059067][ T8126] CPU: 1 UID: 0 PID: 8126 Comm: syz.0.1326 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(voluntary) 
[  120.071229][ T8126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  120.081996][ T8126] ==================================================================
[  120.090274][ T8133] EXT4-fs (loop4): orphan cleanup on readonly fs
[  120.098804][ T8133] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  120.113717][ T8133] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  120.124831][ T8133] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1330: bg 0: block 40: padding at end of block bitmap is not set
[  120.139367][ T8133] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  120.161736][ T8133] EXT4-fs (loop4): 1 truncate cleaned up