last executing test programs:

38.74348696s ago: executing program 2 (id=532):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x3e, &(0x7f0000000640)={0x0, 0xaddb, 0x10100, 0x1, 0x92}, &(0x7f00000001c0)=<r2=>0x0, &(0x7f00000003c0)=<r3=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x80002101})
io_uring_enter(r1, 0xd81, 0x0, 0x0, 0x0, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCMIWAIT(r6, 0x545c, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000280), r5)

37.841498327s ago: executing program 2 (id=542):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x1, &(0x7f0000000500)=[{0x6, 0x7d, 0x0, 0x7fff0000}]})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001400)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r4, {0x0, 0x7}, {}, {0xfff1, 0x8}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}, @TCA_CHAIN={0x8, 0xb, 0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x800)
close_range(r0, 0xffffffffffffffff, 0x0)

37.666531311s ago: executing program 2 (id=547):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r3, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f00000045c0)={0x30, r4, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x4}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}]}, 0x30}}, 0x0)

37.505219764s ago: executing program 2 (id=551):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
unshare(0x24020400)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000580)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x1b5008, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000540)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2145499, 0x0)
mount$bpf(0x0, &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x80000, 0x0)

37.475479714s ago: executing program 2 (id=552):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x5}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r2}, 0x18)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r3}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

37.406973446s ago: executing program 2 (id=555):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000500)={r0, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x4, 0x600, 0x1}}, 0x20)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
sendto$inet6(r1, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x2000000, @loopback, 0xffffffff}, 0x1c)

37.353433547s ago: executing program 32 (id=555):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000500)={r0, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x4, 0x600, 0x1}}, 0x20)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
sendto$inet6(r1, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x2000000, @loopback, 0xffffffff}, 0x1c)

2.503968331s ago: executing program 4 (id=1254):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f00000000c0)={'macsec0\x00', 0x400})
ioctl$TUNGETIFF(0xffffffffffffffff, 0x800454d2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x8, 0x7fe2, 0x1}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)

2.223709557s ago: executing program 4 (id=1258):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000001000080000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x4}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'sit0\x00', <r3=>0x0})
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000004c40)={@private1, r3}, 0x14)

2.202591707s ago: executing program 4 (id=1260):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb904}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x34, 0x3, 0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000240)=[{0x0}], 0x1}, 0x0, 0x40000000})
r1 = syz_io_uring_setup(0x749, &(0x7f0000000100)={0x0, 0x59c4, 0x800, 0x1000, 0x5cc}, &(0x7f0000000900)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000740)=[{&(0x7f00000003c0)=""/201, 0xc9}], 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0, r1})
io_uring_enter(r1, 0x749f, 0x4, 0x1, 0x0, 0x0)

2.100713269s ago: executing program 4 (id=1264):
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x109a88, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioperm(0x3c, 0x1, 0x8)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
ftruncate(r0, 0x2000009)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000400)="ba", 0xfdef}], 0x1, 0xe7b, 0x0, 0x1)

1.832632234s ago: executing program 5 (id=1271):
r0 = socket$kcm(0x10, 0x2, 0x10)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e00000038000511d25a80698c63940d0124fc602f6e35400c000200001ec00037153e370a00018025581d00d1bd", 0x2e}], 0x1, 0x0, 0x0, 0x39c}, 0x0)

1.672945827s ago: executing program 5 (id=1275):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x1, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f00000004c0), 0x208e24b)

1.465446561s ago: executing program 1 (id=1278):
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000440)='./file2\x00', 0x0, &(0x7f0000000480), 0x1, 0x3da, &(0x7f00000004c0)="$eJzs3N1qHFUcAPD/TPNh0+pGrV5owUgRgx/5aEpssKCCl15ZX2BN0hLdNrZZwZZcKIh9APUBxMv6CF6Id4LgTfHaO6VQJMm1rMxmdjNudmO+ltHu7wcHzpnZ4Zz/zOyek3MOCWBgTUTEpxExEhEfREQlP57kKd7cTtnntjbWF7OURKNx+c+keX5zY30xCtdkTuWFyTQi/TyJZ7vUu3br9ofVWm35Zl6erl/7aHrt1u1XV65Vry5fXb4+N7OwMDN3cX5h/thi/T3u/Hbp3tuVL38+9+uP7787n7X3dH6uGMdxmYiJ9j3pNHXclZXskUI+GSqxIRxIGhEnImKo+f2vxInYeXiV+L5SauMAgL5oNN7oKAMAD79Enw8AA6b1d//mxvpiK5UxD1GWB29tL15t5mubW+34h9orIcMd61vHaSIivvv6teeyFH1ahwQAKPohG/9c7Db+S+Ns4XMnI2Is39t1OiIejYjHCvvFDmuio7x7/JPeP2IVe8rGf5cKe9u2CvHnxk/kpSzm8RhOrqzUlmfy+CdjeDQrz+5Rx9nLT//V61xx/JelrP7WWDBvx/2h0X9es1StV48Sc9GDzyKeGeoWf9Ie/ybNuA/v9Rt3n+p17t/j76/GNxEvdn3+Ozv3kr33J04334fp1lux252XXrjRq/6y48+e/9je8Y8nxf2aawev46cLK7/0OnfY938kea+ZH8mPfVKt12/ORowk7+w+fn7n2la59fks/slz3b//Z2LnTjweEU9ExJMRzeM9X+guXql9+/zh4++vLP6lAz3/g2fGvrh7r1f9+3v+F5q5yfzIfn7/9tvAo9w7AAAA+L9Im/O5STrVzqfp1NT2PO+ZGEtrq2v1l6+sfnx9aXvedzyG09ZMV6UwHzqbzxG2yuc7ynP5HMpXoyeb5anF1dpS2cEDwIA61aP/z/wxWnbrAIC+6dfmdgDgv0v/DwCDR/8PAINH/w8Ag0f/DwCDR/8PAAPlKP/XT0ZG5mHNlP3LBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQrr8DAAD//3JA1T8=")
prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='+}[@\x00G5\v\x89n\xb2\x0e\xb7\xb4\x9a\xb3\xb9\xe1\xff@`\x87\xefy\xb7\xe0\xe6c\x91\x81ND\t3\xc4\xca\xf0\xd0Zp\xadbdY\xdcz\xc6lo\xd0\xc7\'CT')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff27}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)

1.062709029s ago: executing program 0 (id=1284):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000780), r2)
getsockname$packet(r2, &(0x7f0000000300)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="4400000010000104001007fb5c360dff9fe30000", @ANYRES32=r3, @ANYBLOB="0100000000000000240012000c000100627269646765000e140002000800070005"], 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)
sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x11, 0x8100, r3, 0x1, 0x0, 0x6, @local}, 0x14)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)

1.01474279s ago: executing program 0 (id=1285):
r0 = socket(0x28, 0x5, 0x0)
r1 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r1, 0x4)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
sendmmsg(r0, &(0x7f0000000100)=[{{0x0, 0xffffff1c, &(0x7f00000000c0)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x51, 0x40000)
r2 = accept4$unix(r1, 0x0, 0x0, 0x800)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
recvfrom$unix(r2, &(0x7f0000000140)=""/248, 0x1ffd4, 0x0, 0x0, 0x0)

958.802902ms ago: executing program 4 (id=1286):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x5)
r1 = socket(0x28, 0x5, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000340)={0x200000, 0x200000, 0x0, 0x0, 0x5989})
setrlimit(0x40000000000008, &(0x7f0000000000))
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
sendmsg$nl_route_sched(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000002480)=@deltfilter={0x24, 0x2d, 0x4, 0x70bd2f, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff2}, {0x1, 0x2}, {0x4, 0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0x4004885}, 0x40004)
setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f00000000c0)={0x1, 0x79e}, 0x8)
sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)

958.401081ms ago: executing program 5 (id=1287):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x40)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xa00, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x8000)

955.178382ms ago: executing program 0 (id=1288):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
r4 = socket$rds(0x15, 0x5, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x1000080, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

850.327294ms ago: executing program 0 (id=1289):
pipe(&(0x7f0000000500)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, r0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000200000000005700000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r3}, 0x10)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r1, 0x0, 0x2)
symlinkat(&(0x7f0000000080)='./file0\x00', r4, &(0x7f00000000c0)='./file0\x00')
unlinkat(r4, &(0x7f0000000040)='./file0\x00', 0x0)

801.328115ms ago: executing program 4 (id=1291):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)

747.008916ms ago: executing program 0 (id=1292):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000080)={0x1d, r1}, 0x18)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r3=>0x0})
bind$can_j1939(r2, &(0x7f0000000100)={0x1d, r3}, 0x18)
connect$can_j1939(r2, &(0x7f0000000140)={0x1d, r3}, 0x18)
sendmsg$can_j1939(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)='data', 0x4}}, 0x0)
recvmsg$can_j1939(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000002c0)=""/4, 0x4}], 0x1}, 0x0)

746.212746ms ago: executing program 3 (id=1293):
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = syz_io_uring_setup(0x66e, &(0x7f0000000240)={0x0, 0x0, 0x10100, 0x3, 0x8d}, &(0x7f0000000380)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)=""/6, 0x6}], 0x1, 0x0, 0x1})
io_uring_enter(r2, 0x567, 0x0, 0x0, 0x0, 0x0)
connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg(r1, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0)
ppoll(&(0x7f0000000300)=[{r1, 0x3328}], 0x1, 0x0, 0x0, 0x0)
close(r0)

742.384136ms ago: executing program 0 (id=1294):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000000280)="db", 0x1}], 0x1}, 0x41)
recvmsg(r0, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x10001)
sendmsg$inet(r1, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000380)="1e", 0x1}], 0x1}, 0x41)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001d80)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
recvmsg(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x2)

685.553987ms ago: executing program 5 (id=1295):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r2}, 0x10)
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

593.809659ms ago: executing program 3 (id=1296):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$BTRFS_IOC_START_SYNC(0xffffffffffffffff, 0x80089418, 0x0)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000180)={0x0, 0x2}, 0x8)
sendto$inet6(r2, &(0x7f00000002c0)="be", 0x1, 0x4044096, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x4}, 0x1c)
shutdown(r2, 0x1)

560.899109ms ago: executing program 5 (id=1297):
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000003800)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x0, 0x5c, 0x160, 0xd0, 0x3e0, 0x1e0, 0x228, 0x25a, 0x1e0, 0x228, 0x4, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [], [0x0, 0x1fe], 'veth0_to_batadv\x00', 'batadv_slave_0\x00', {}, {0xff}}, 0x5002, 0xa8, 0xd0, 0x52020000, {0x0, 0x6802000000000000}}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@dev, @mcast1, [], [], 'virt_wifi0\x00', 'lo\x00', {}, {}, 0x89}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x7, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000280)={0x1, 0x0, 0x2f, 0x9})
sendmsg$unix(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="03", 0x1}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
recvmmsg(r1, &(0x7f0000001140), 0x700, 0x2, 0x0)

522.42068ms ago: executing program 5 (id=1298):
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x109a88, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioperm(0x3c, 0x1, 0x8)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
ftruncate(r0, 0x2000009)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000400)="ba", 0xfdef}], 0x1, 0xe7b, 0x0, 0x1)

512.81219ms ago: executing program 3 (id=1299):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}, 0x1, 0xfffc}, 0x4000800)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000003080)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000940)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r4}}, 0x24}}, 0x0)

377.665633ms ago: executing program 1 (id=1300):
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0xce)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x4, 0xfd, 0x0, 0x0, 0x1ff, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000240), 0x6}, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7, 0xfffd, 0x0, 0xfffffffd, 0x0, 0x8}, 0x0, 0xafffffffffffffff, r0, 0xa)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

344.983993ms ago: executing program 3 (id=1301):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xfff3, 0x7}, {}, {0xa, 0x1}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x14, 0x2, [@TCA_CGROUP_EMATCHES={0x10, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}, @TCA_EMATCH_TREE_LIST={0x4}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x40010)

263.738655ms ago: executing program 1 (id=1302):
r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x6)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r1, &(0x7f0000000080)='./file0\x00')
readlinkat(r1, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000780)=""/198, 0xc6)

206.969177ms ago: executing program 3 (id=1303):
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x100}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket(0x10, 0x80003, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
write(r2, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x85)
close_range(r2, 0xffffffffffffffff, 0x1000000000000000)

184.774107ms ago: executing program 1 (id=1304):
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000540), 0x84)
mmap$IORING_OFF_SQ_RING(&(0x7f0000003000/0x6000)=nil, 0x6000, 0x4, 0x88012, r1, 0x0)
perf_event_open(&(0x7f0000000400)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

122.732528ms ago: executing program 3 (id=1305):
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x8, 0xf9, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x9, 0x1000, &(0x7f0000001040)=""/4096, 0x41100, 0x64, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000280)}, 0x94)
syz_read_part_table(0x407c, &(0x7f0000008140)="$eJzs079KemEYB/BHh98ParHoAt4tAqnjnySnqGhoMAenxgoLQQzSwqWlu+mSuoCuw8AM5FSDFgTx+UzPOd/3efku7+rL00FEFHbuBr1x5BQjYjKd9osRhYioz5JC/ujwutc/v+j237aK+ZiFlb74//A4G/4tfufmWsRpioiV0fPG0Xfa8Uf83zqb/5xMfXzfyzk5bKX2cStljUa1U6mmd7VUyz7fyLJsLvmhGktZL3Wuxum+ezvs3QzS7natnNqXo1TZK6dKs1n/xWYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDKDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8rZPo3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG4FAAD//xQHINw=")

44.629569ms ago: executing program 1 (id=1306):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0xe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r3, 0x0)
connect$unix(r2, &(0x7f0000000200)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r3, 0x0, 0x0)

0s ago: executing program 1 (id=1307):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x51}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18)
r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_aout(r2, &(0x7f00000000c0)=ANY=[], 0x20)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0x0, 0x6, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

t journal. Quota mode: writeback.
[   35.762787][   T29] kauditd_printk_skb: 495 callbacks suppressed
[   35.762806][   T29] audit: type=1400 audit(1757982040.150:595): avc:  denied  { ioctl } for  pid=3798 comm="syz.2.120" path="/20/bus/file1" dev="loop2" ino=15 ioctlcmd=0x660b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   35.876018][ T3810] loop4: detected capacity change from 0 to 2048
[   35.930113][ T3813] netlink: 96 bytes leftover after parsing attributes in process `syz.0.124'.
[   35.955978][ T3295]  loop4: p1 < > p4
[   35.963857][ T3295] loop4: p4 size 8388608 extends beyond EOD, truncated
[   36.038483][ T3810]  loop4: p1 < > p4
[   36.045767][ T3810] loop4: p4 size 8388608 extends beyond EOD, truncated
[   36.096226][ T3820] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 37748736, id = 0
[   36.119500][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.130057][ T3295] udevd[3295]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   36.141763][ T3566] udevd[3566]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   36.191323][ T3566] udevd[3566]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   36.191403][ T3295] udevd[3295]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   36.214733][ T3825] loop0: detected capacity change from 0 to 8192
[   36.275234][ T3566]  loop0: p1 p2 p3 p4
[   36.279980][ T3566] loop0: p1 start 51379968 is beyond EOD, truncated
[   36.288693][ T3566] loop0: p3 size 15991040 extends beyond EOD, truncated
[   36.297085][ T3566] loop0: p4 start 16711680 is beyond EOD, truncated
[   36.307575][ T3825]  loop0: p1 p2 p3 p4
[   36.312593][ T3825] loop0: p1 start 51379968 is beyond EOD, truncated
[   36.320053][ T3825] loop0: p3 size 15991040 extends beyond EOD, truncated
[   36.327678][ T3825] loop0: p4 start 16711680 is beyond EOD, truncated
[   36.353864][ T3825] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 649
[   36.484711][   T29] audit: type=1326 audit(1757982040.870:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3851 comm="syz.3.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f743fe6eba9 code=0x7ffc0000
[   36.512441][   T29] audit: type=1326 audit(1757982040.900:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3851 comm="syz.3.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f743fe6eba9 code=0x7ffc0000
[   36.535904][   T29] audit: type=1326 audit(1757982040.900:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3854 comm="syz.3.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f743fea1465 code=0x7ffc0000
[   36.567620][ T3566] udevd[3566]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[   36.579461][ T3295] udevd[3295]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[   36.663512][   T29] audit: type=1326 audit(1757982041.050:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3854 comm="syz.3.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f743fe6eba9 code=0x7ffc0000
[   36.722829][   T29] audit: type=1326 audit(1757982041.050:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3851 comm="syz.3.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[   36.733095][ T3869] loop2: detected capacity change from 0 to 512
[   36.746552][   T29] audit: type=1326 audit(1757982041.050:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3851 comm="syz.3.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f743fe6eba9 code=0x7ffc0000
[   36.776904][ T3865] loop0: detected capacity change from 0 to 1024
[   36.791449][ T3869] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.142: corrupted in-inode xattr: bad e_name length
[   36.811380][ T3869] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.142: couldn't read orphan inode 15 (err -117)
[   36.812633][ T3865] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.837069][ T3869] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.859477][ T3869] EXT4-fs warning (device loop2): dx_probe:861: inode #2: comm syz.2.142: dx entry: limit 0 != root limit 125
[   36.871425][ T3869] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.142: Corrupt directory, running e2fsck is recommended
[   36.907506][ T3865] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.140: bg 0: block 494: padding at end of block bitmap is not set
[   36.923580][   T29] audit: type=1400 audit(1757982041.290:602): avc:  denied  { map } for  pid=3864 comm="syz.0.140" path="/28/file1/file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   36.947569][ T3869] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.142: path /24/file7: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0
[   36.989479][ T3878] netlink: 'syz.4.145': attribute type 13 has an invalid length.
[   37.015587][ T3878] gretap0: refused to change device tx_queue_len
[   37.023690][   T29] audit: type=1400 audit(1757982041.400:603): avc:  denied  { write } for  pid=3868 comm="syz.2.142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   37.043905][   T29] audit: type=1400 audit(1757982041.400:604): avc:  denied  { nlmsg_write } for  pid=3868 comm="syz.2.142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   37.072727][ T3878] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   37.112496][ T3889] loop1: detected capacity change from 0 to 512
[   37.126293][ T3889] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   37.148101][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.160480][ T3889] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   37.175287][ T3889] EXT4-fs (loop1): 1 truncate cleaned up
[   37.189099][ T3889] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.283318][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.317590][ T3902] netlink: '’': attribute type 10 has an invalid length.
[   37.406760][ T3865] syz.0.140 (3865) used greatest stack depth: 10136 bytes left
[   37.416705][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.514296][ T3904] netlink: 20 bytes leftover after parsing attributes in process `syz.1.154'.
[   37.523308][ T3904] netlink: 21 bytes leftover after parsing attributes in process `syz.1.154'.
[   37.532211][ T3904] netlink: 'syz.1.154': attribute type 2 has an invalid length.
[   37.539851][ T3904] netlink: 21 bytes leftover after parsing attributes in process `syz.1.154'.
[   37.647983][ T3919] loop1: detected capacity change from 0 to 2048
[   37.666977][ T3919] EXT4-fs (loop1): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.703068][ T3312] EXT4-fs (loop1): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[   37.851880][ T3936] netlink: 8 bytes leftover after parsing attributes in process `syz.0.166'.
[   38.272867][ T3955] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   38.284439][ T3955] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   38.343198][ T3959] rdma_op ffff888119f78980 conn xmit_rdma 0000000000000000
[   38.529624][ T3970] netlink: 'syz.0.182': attribute type 10 has an invalid length.
[   38.538255][ T3970] netlink: 40 bytes leftover after parsing attributes in process `syz.0.182'.
[   38.557460][ T3970] dummy0: entered promiscuous mode
[   38.575989][ T3970] bridge0: port 3(dummy0) entered blocking state
[   38.586513][ T3970] bridge0: port 3(dummy0) entered disabled state
[   38.612526][ T3970] dummy0: entered allmulticast mode
[   38.634125][ T3970] bridge0: port 3(dummy0) entered blocking state
[   38.642606][ T3970] bridge0: port 3(dummy0) entered forwarding state
[   38.849213][ T4002] netlink: 32 bytes leftover after parsing attributes in process `syz.1.196'.
[   39.028484][ T4018] netlink: 20 bytes leftover after parsing attributes in process `syz.0.204'.
[   39.077376][ T3429] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   39.098617][ T4026] Zero length message leads to an empty skb
[   39.105926][ T3429] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   39.120312][ T4018] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   39.166312][ T3429] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   39.419291][ T4048] loop2: detected capacity change from 0 to 8192
[   40.441183][ T4086] netlink: 332 bytes leftover after parsing attributes in process `syz.1.231'.
[   40.534014][ T4018] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   40.544512][ T4018] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   40.621232][ T4018] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   40.631683][ T4018] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   40.674715][ T4100] netlink: 96 bytes leftover after parsing attributes in process `syz.4.238'.
[   40.705598][ T4018] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   40.716250][ T4018] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   40.767056][ T4103] netlink: 12 bytes leftover after parsing attributes in process `syz.1.239'.
[   40.768038][ T4103] netlink: 'syz.1.239': attribute type 6 has an invalid length.
[   40.789556][   T38] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   40.789603][   T38] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   40.789680][   T38] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   40.789712][   T38] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   40.789753][   T38] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   40.789807][   T38] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   40.812062][   T38] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   40.812096][   T38] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   40.924886][ T3417] IPVS: starting estimator thread 0...
[   40.949713][ T4122] netem: change failed
[   41.004578][   T29] kauditd_printk_skb: 230 callbacks suppressed
[   41.004595][   T29] audit: type=1400 audit(1757982045.380:835): avc:  denied  { name_bind } for  pid=4126 comm="syz.1.249" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[   41.035349][ T4120] IPVS: using max 2880 ests per chain, 144000 per kthread
[   41.047190][ T4131] pim6reg: entered allmulticast mode
[   41.049223][ T4131] pim6reg: left allmulticast mode
[   41.076943][ T4129] tipc: Started in network mode
[   41.081921][ T4129] tipc: Node identity 2e92f816bc74, cluster identity 4711
[   41.089468][ T4129] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   41.104811][   T29] audit: type=1400 audit(1757982045.460:836): avc:  denied  { create } for  pid=4132 comm="syz.1.252" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   41.125482][   T29] audit: type=1400 audit(1757982045.460:837): avc:  denied  { write } for  pid=4132 comm="syz.1.252" name="file0" dev="tmpfs" ino=291 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   41.129596][ T4137] sch_fq: defrate 4294967295 ignored.
[   41.148194][   T29] audit: type=1400 audit(1757982045.460:838): avc:  denied  { open } for  pid=4132 comm="syz.1.252" path="/53/file0" dev="tmpfs" ino=291 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   41.176392][   T29] audit: type=1400 audit(1757982045.460:839): avc:  denied  { ioctl } for  pid=4132 comm="syz.1.252" path="/53/file0" dev="tmpfs" ino=291 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   41.176422][   T29] audit: type=1400 audit(1757982045.460:840): avc:  denied  { unlink } for  pid=3312 comm="syz-executor" name="file0" dev="tmpfs" ino=291 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   41.203717][ T4129] tipc: Disabling bearer <eth:syzkaller0>
[   41.558690][ T4150] loop3: detected capacity change from 0 to 8192
[   41.559103][ T4150] /dev/loop3: Can't open blockdev
[   41.719577][   T29] audit: type=1326 audit(1757982046.100:841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4166 comm="syz.3.267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f743fe6eba9 code=0x7ffc0000
[   41.719611][   T29] audit: type=1326 audit(1757982046.100:842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4166 comm="syz.3.267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f743fe6eba9 code=0x7ffc0000
[   41.735420][ T4169] tls_set_device_offload: netdev not found
[   41.778451][   T29] audit: type=1326 audit(1757982046.160:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4166 comm="syz.3.267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f743fe6eba9 code=0x7ffc0000
[   41.802373][   T29] audit: type=1326 audit(1757982046.160:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4166 comm="syz.3.267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f743fe6eba9 code=0x7ffc0000
[   41.878284][ T4173] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   42.155727][ T4209] netlink: 'syz.4.285': attribute type 7 has an invalid length.
[   42.176841][ T3417] kernel write not supported for file /124/attr/exec (pid: 3417 comm: kworker/0:3)
[   42.398202][ T4233] 9pnet: Could not find request transport: r
[   42.591447][ T4249] __nla_validate_parse: 9 callbacks suppressed
[   42.591535][ T4249] netlink: 12 bytes leftover after parsing attributes in process `syz.4.303'.
[   42.668348][ T4254] loop2: detected capacity change from 0 to 256
[   42.688712][ T4254] FAT-fs (loop2): IO charset ascIi not found
[   42.999775][ T4267] loop2: detected capacity change from 0 to 1024
[   43.024088][ T4267] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.054961][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.083792][ T4272] netlink: 'syz.2.312': attribute type 27 has an invalid length.
[   43.142147][ T4272] 8021q: adding VLAN 0 to HW filter on device bond0
[   43.172927][ T4272] 8021q: adding VLAN 0 to HW filter on device team0
[   43.193169][ T4272] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   43.326610][ T4288] netlink: 'syz.0.319': attribute type 39 has an invalid length.
[   43.388619][ T4294] loop1: detected capacity change from 0 to 512
[   43.397351][ T4294] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   43.420882][ T4294] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm syz.1.322: invalid indirect mapped block 4294967295 (level 0)
[   43.448099][ T4294] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm syz.1.322: invalid indirect mapped block 4294967295 (level 1)
[   43.464006][ T4294] EXT4-fs (loop1): 1 orphan inode deleted
[   43.469831][ T4294] EXT4-fs (loop1): 1 truncate cleaned up
[   43.482464][ T4294] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.536462][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.569676][ T4301] loop2: detected capacity change from 0 to 1024
[   43.577327][ T4301] EXT4-fs: Ignoring removed bh option
[   43.583983][ T4301] EXT4-fs: inline encryption not supported
[   43.592065][ T4301] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   43.613013][ T4301] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[   43.624030][ T4301] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 2: comm syz.2.325: lblock 2 mapped to illegal pblock 2 (length 1)
[   43.638992][ T4301] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 48: comm syz.2.325: lblock 0 mapped to illegal pblock 48 (length 1)
[   43.653709][ T4301] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.325: Failed to acquire dquot type 0
[   43.670789][ T4301] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6334: Corrupt filesystem
[   43.681044][ T4301] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.325: mark_inode_dirty error
[   43.704141][ T4301] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   43.717884][ T4301] EXT4-fs (loop2): 1 orphan inode deleted
[   43.724671][ T4301] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.738130][ T3450] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:8: lblock 1 mapped to illegal pblock 1 (length 1)
[   43.748080][ T4312] netlink: 4 bytes leftover after parsing attributes in process `syz.4.330'.
[   43.754439][ T3450] EXT4-fs error (device loop2): ext4_release_dquot:6973: comm kworker/u8:8: Failed to release dquot type 0
[   43.773752][ T4312] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   43.781142][ T4312] batman_adv: batadv0: Removing interface: batadv_slave_0
[   43.788976][ T4312] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   43.796468][ T4312] batman_adv: batadv0: Removing interface: batadv_slave_1
[   43.880879][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.892133][ T3378] af_packet: tpacket_rcv: packet too big, clamped from 94 to 4294967286. macoff=82
[   43.903977][ T3308] EXT4-fs error (device loop2): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[   43.934983][ T3308] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6334: Corrupt filesystem
[   43.944852][ T3308] EXT4-fs error (device loop2): ext4_quota_off:7221: inode #3: comm syz-executor: mark_inode_dirty error
[   45.378205][ T4498] netlink: 'syz.1.362': attribute type 32 has an invalid length.
[   45.424771][ T4512] loop3: detected capacity change from 0 to 512
[   45.555273][ T4529] loop4: detected capacity change from 0 to 256
[   45.577539][ T4529] syz.4.374: attempt to access beyond end of device
[   45.577539][ T4529] loop4: rw=2049, sector=256, nr_sectors = 68 limit=256
[   45.593660][ T4529] syz.4.374: attempt to access beyond end of device
[   45.593660][ T4529] loop4: rw=34817, sector=261, nr_sectors = 32 limit=256
[   45.660045][ T4535] loop1: detected capacity change from 0 to 512
[   45.675893][ T4535] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.688743][ T4535] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.735049][ T4542] netlink: 8 bytes leftover after parsing attributes in process `syz.4.377'.
[   45.743936][ T4542] netlink: 24 bytes leftover after parsing attributes in process `syz.4.377'.
[   45.754362][ T4542] netlink: 8 bytes leftover after parsing attributes in process `syz.4.377'.
[   45.763249][ T4542] netlink: 24 bytes leftover after parsing attributes in process `syz.4.377'.
[   45.764759][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.872716][ T4548] syz.2.380 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   45.944131][ T4556] tipc: Started in network mode
[   45.949054][ T4556] tipc: Node identity ac141413, cluster identity 4711
[   45.960746][ T4556] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[   46.006545][ T4559] netlink: 7 bytes leftover after parsing attributes in process `syz.2.382'.
[   46.019706][ T4559] netlink: 7 bytes leftover after parsing attributes in process `syz.2.382'.
[   46.055185][ T4565] netlink: 12 bytes leftover after parsing attributes in process `syz.4.388'.
[   46.074975][ T4565] netlink: 'syz.4.388': attribute type 1 has an invalid length.
[   46.122638][ T4570] netlink: 8 bytes leftover after parsing attributes in process `syz.4.390'.
[   46.181192][ T4578] tipc: Started in network mode
[   46.186318][ T4578] tipc: Node identity fe457faeaffe, cluster identity 4711
[   46.193870][ T4578] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   46.238278][ T4578] syzkaller0: entered promiscuous mode
[   46.243918][ T4578] syzkaller0: entered allmulticast mode
[   46.251175][ T4578] tipc: Resetting bearer <eth:syzkaller0>
[   46.268556][   T29] kauditd_printk_skb: 450 callbacks suppressed
[   46.268572][   T29] audit: type=1400 audit(1757982050.650:1292): avc:  denied  { mounton } for  pid=4589 comm="syz.2.396" path="/proc/178/task" dev="proc" ino=7643 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[   46.341170][ T4577] tipc: Resetting bearer <eth:syzkaller0>
[   46.343717][ T4598] loop1: detected capacity change from 0 to 1024
[   46.377670][ T4577] tipc: Disabling bearer <eth:syzkaller0>
[   46.397386][ T4598] Quota error (device loop1): do_check_range: Getting block 64 out of range 1-5
[   46.406679][ T4598] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[   46.416142][ T4598] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.398: Failed to acquire dquot type 0
[   46.448610][   T29] audit: type=1400 audit(1757982050.820:1293): avc:  denied  { watch watch_reads } for  pid=4599 comm="syz.0.400" path="/67" dev="tmpfs" ino=357 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   46.478812][ T4598] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   46.496392][ T4598] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #13: comm syz.1.398: corrupted inode contents
[   46.508902][ T4598] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #13: comm syz.1.398: mark_inode_dirty error
[   46.521675][ T4598] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #13: comm syz.1.398: corrupted inode contents
[   46.537968][ T4598] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #13: comm syz.1.398: mark_inode_dirty error
[   46.549643][   T29] audit: type=1400 audit(1757982050.920:1294): avc:  denied  { accept } for  pid=4610 comm="syz.4.405" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   46.570279][ T4598] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #13: comm syz.1.398: corrupted inode contents
[   46.583547][ T4598] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[   46.593594][ T4598] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #13: comm syz.1.398: corrupted inode contents
[   46.607291][ T4598] EXT4-fs error (device loop1): ext4_truncate:4666: inode #13: comm syz.1.398: mark_inode_dirty error
[   46.631194][ T4598] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[   46.640431][ T4616] loop4: detected capacity change from 0 to 1024
[   46.651465][ T4616] EXT4-fs: Ignoring removed bh option
[   46.662393][ T4616] EXT4-fs: inline encryption not supported
[   46.671216][ T4598] EXT4-fs (loop1): 1 truncate cleaned up
[   46.678407][ T4598] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.693627][ T4616] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   46.715834][ T4616] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[   46.735054][ T4616] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.406: lblock 2 mapped to illegal pblock 2 (length 1)
[   46.749706][ T4616] Quota error (device loop4): qtree_write_dquot: dquota write failed
[   46.751278][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.758073][ T4616] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.406: lblock 0 mapped to illegal pblock 48 (length 1)
[   46.790248][ T4616] Quota error (device loop4): v2_write_file_info: Can't write info structure
[   46.799208][ T4616] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.406: Failed to acquire dquot type 0
[   46.834780][   T29] audit: type=1326 audit(1757982051.220:1295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4630 comm="syz.1.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   46.861801][ T4616] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem
[   46.866196][   T29] audit: type=1326 audit(1757982051.220:1296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4630 comm="syz.1.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   46.894814][   T29] audit: type=1326 audit(1757982051.220:1297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4630 comm="syz.1.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   46.894957][ T4616] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.406: mark_inode_dirty error
[   46.946700][ T4616] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   46.958907][ T4616] EXT4-fs (loop4): 1 orphan inode deleted
[   46.972850][ T3450] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:8: lblock 1 mapped to illegal pblock 1 (length 1)
[   46.987784][ T4616] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.009907][ T3450] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:8: Failed to release dquot type 0
[   47.138826][ T4649] loop8: detected capacity change from 0 to 16384
[   47.187657][ T3369] hid_parser_main: 16 callbacks suppressed
[   47.187678][ T3369] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   47.201142][ T3369] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   47.208751][ T3369] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   47.216246][ T3369] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   47.223778][ T3369] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   47.231207][ T3369] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   47.238683][ T3369] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   47.246176][ T3369] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   47.253781][ T3369] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   47.261169][ T3369] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   47.270411][ T3369] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   47.292087][ T4654] loop8: detected capacity change from 16384 to 16383
[   47.304887][ T4657] fido_id[4657]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   47.372587][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.383624][ T3304] EXT4-fs error (device loop4): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[   47.403624][ T3304] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem
[   47.420706][ T3304] EXT4-fs error (device loop4): ext4_quota_off:7221: inode #3: comm syz-executor: mark_inode_dirty error
[   47.530259][ T4676] loop3: detected capacity change from 0 to 4096
[   47.547133][ T4676] EXT4-fs: Ignoring removed nomblk_io_submit option
[   47.566076][ T4676] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.611362][ T4684] process 'syz.2.433' launched '/dev/fd/6' with NULL argv: empty string added
[   47.810055][ T4695] __nla_validate_parse: 2 callbacks suppressed
[   47.810071][ T4695] netlink: 20 bytes leftover after parsing attributes in process `syz.2.438'.
[   47.853957][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.894040][ T4704] loop1: detected capacity change from 0 to 164
[   47.927452][ T4704] syz.1.440: attempt to access beyond end of device
[   47.927452][ T4704] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   47.943305][ T4704] syz.1.440: attempt to access beyond end of device
[   47.943305][ T4704] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[   48.006230][ T4718] netlink: 4 bytes leftover after parsing attributes in process `syz.3.446'.
[   48.015312][ T4718] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   48.029849][ T4718] batman_adv: batadv0: Removing interface: batadv_slave_1
[   48.173410][ T4737] netlink: 'syz.1.455': attribute type 1 has an invalid length.
[   48.187827][ T4737] 8021q: adding VLAN 0 to HW filter on device bond1
[   48.198721][ T4737] bond1: entered allmulticast mode
[   48.544826][ T4735] loop4: detected capacity change from 0 to 8192
[   48.568557][ T4765] netlink: 8 bytes leftover after parsing attributes in process `syz.3.467'.
[   48.707456][ T4778] capability: warning: `syz.0.470' uses deprecated v2 capabilities in a way that may be insecure
[   48.804721][ T4787] netlink: 28 bytes leftover after parsing attributes in process `syz.3.472'.
[   48.929920][ T4799] loop3: detected capacity change from 0 to 512
[   48.951231][ T4799] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   48.971559][ T4799] EXT4-fs (loop3): 1 truncate cleaned up
[   48.987706][ T4799] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.110513][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.170806][ T4828] loop2: detected capacity change from 0 to 164
[   49.240725][ T4828] syz.2.484: attempt to access beyond end of device
[   49.240725][ T4828] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   49.270106][ T4828] syz.2.484: attempt to access beyond end of device
[   49.270106][ T4828] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[   49.304738][ T4846] netlink: 'syz.3.489': attribute type 1 has an invalid length.
[   49.439331][ T4877] netlink: 360 bytes leftover after parsing attributes in process `syz.2.497'.
[   49.851470][ T4947] netlink: 12 bytes leftover after parsing attributes in process `syz.0.508'.
[   49.860473][ T4947] netlink: 28 bytes leftover after parsing attributes in process `syz.0.508'.
[   49.869510][ T4947] netlink: 12 bytes leftover after parsing attributes in process `syz.0.508'.
[   49.882135][ T4947] netlink: 28 bytes leftover after parsing attributes in process `syz.0.508'.
[   49.891087][ T4947] netlink: 'syz.0.508': attribute type 6 has an invalid length.
[   50.687147][ T5018] loop4: detected capacity change from 0 to 164
[   50.746121][ T5018] syz.4.524: attempt to access beyond end of device
[   50.746121][ T5018] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   50.782408][ T5018] syz.4.524: attempt to access beyond end of device
[   50.782408][ T5018] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[   50.892708][ T5031] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[   50.901582][ T5031] ref_ctr increment failed for inode: 0x25f offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff8881045605c0
[   50.991353][ T5038] netlink: 12 bytes leftover after parsing attributes in process `syz.1.530'.
[   51.287368][   T29] kauditd_printk_skb: 394 callbacks suppressed
[   51.287384][   T29] audit: type=1326 audit(1757982055.670:1691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5043 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91911eba9 code=0x7ffc0000
[   51.340886][   T29] audit: type=1326 audit(1757982055.700:1692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5043 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fd91911eba9 code=0x7ffc0000
[   51.364655][   T29] audit: type=1326 audit(1757982055.700:1693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5043 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91911eba9 code=0x7ffc0000
[   51.388268][   T29] audit: type=1326 audit(1757982055.700:1694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5043 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91911eba9 code=0x7ffc0000
[   51.412505][   T29] audit: type=1326 audit(1757982055.700:1695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5043 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd91911eba9 code=0x7ffc0000
[   51.436983][   T29] audit: type=1326 audit(1757982055.700:1696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5043 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91911eba9 code=0x7ffc0000
[   51.460515][   T29] audit: type=1326 audit(1757982055.700:1697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5043 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91911eba9 code=0x7ffc0000
[   51.484176][   T29] audit: type=1326 audit(1757982055.700:1698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5043 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd91911eba9 code=0x7ffc0000
[   51.507772][   T29] audit: type=1326 audit(1757982055.700:1699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5043 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91911eba9 code=0x7ffc0000
[   51.531177][   T29] audit: type=1326 audit(1757982055.700:1700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5043 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd91911eba9 code=0x7ffc0000
[   51.585306][ T4986] loop0: detected capacity change from 0 to 32768
[   51.630451][ T5055] loop3: detected capacity change from 0 to 512
[   51.644340][ T5055] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   51.675680][ T5055] ext4 filesystem being mounted at /101/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.696841][ T3295]  loop0: p1 p3 < >
[   51.715159][ T4986]  loop0: p1 p3 < >
[   51.721837][ T5055] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #18: comm syz.3.538: corrupted inode contents
[   51.736730][ T5055] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #18: comm syz.3.538: mark_inode_dirty error
[   51.754039][ T5055] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #18: comm syz.3.538: corrupted inode contents
[   51.775385][ T5055] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #18: comm syz.3.538: mark_inode_dirty error
[   51.793951][ T5064] netlink: 'syz.4.541': attribute type 10 has an invalid length.
[   51.799159][ T5055] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #18: comm syz.3.538: mark inode dirty (error -117)
[   51.821148][ T5064] team0: Port device dummy0 added
[   51.835082][ T5064] netlink: 'syz.4.541': attribute type 10 has an invalid length.
[   51.848217][ T5064] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   51.853414][ T5055] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[   51.879576][ T5064] team0: Failed to send options change via netlink (err -105)
[   51.890977][ T5064] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   51.900915][ T5006] syz.0.513 (5006) used greatest stack depth: 9992 bytes left
[   51.915595][ T5064] team0: Port device dummy0 removed
[   51.920343][ T4977] syz.0.513 (4977) used greatest stack depth: 7528 bytes left
[   51.931100][ T5064] 
: (slave dummy0): Enslaving as an active interface with an up link
[   51.947732][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   51.973282][ T5070] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5070 comm=syz.1.544
[   51.993627][ T5070] netlink: 'syz.1.544': attribute type 1 has an invalid length.
[   52.032568][ T5070] bond2: (slave bridge1): making interface the new active one
[   52.040881][ T5070] bond2: (slave bridge1): Enslaving as an active interface with an up link
[   52.153417][ T3295] udevd[3295]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[   52.170433][ T3566] udevd[3566]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[   52.327638][ T5082] syzkaller0: entered promiscuous mode
[   52.333284][ T5082] syzkaller0: entered allmulticast mode
[   52.339503][ T5097] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[   52.348527][ T5097] ref_ctr increment failed for inode: 0x206 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff8881094d0b80
[   52.501433][ T5113] veth1_to_bond: entered allmulticast mode
[   52.518762][ T5113] veth1_to_bond: left allmulticast mode
[   52.625352][ T5126] IPVS: Error connecting to the multicast addr
[   52.710875][ T5104] chnl_net:caif_netlink_parms(): no params data found
[   52.778048][ T5104] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.785523][ T5104] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.793015][ T5104] bridge_slave_0: entered allmulticast mode
[   52.799598][ T5104] bridge_slave_0: entered promiscuous mode
[   52.806750][ T5104] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.813998][ T5104] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.887693][ T5104] bridge_slave_1: entered allmulticast mode
[   52.895263][ T5104] bridge_slave_1: entered promiscuous mode
[   52.915905][ T5104] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   52.943266][ T5104] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   52.963901][ T5104] team0: Port device team_slave_0 added
[   52.970800][ T5104] team0: Port device team_slave_1 added
[   52.989524][ T5104] batman_adv: batadv0: Adding interface: batadv_slave_0
[   52.996664][ T5104] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.015845][ T5146] loop4: detected capacity change from 0 to 512
[   53.022701][ T5104] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   53.042438][ T5104] batman_adv: batadv0: Adding interface: batadv_slave_1
[   53.049491][ T5104] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.075912][ T5104] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   53.098439][ T5146] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   53.113325][ T5146] ext4 filesystem being mounted at /126/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.129567][ T5146] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #18: comm syz.4.573: corrupted inode contents
[   53.141876][ T5146] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #18: comm syz.4.573: mark_inode_dirty error
[   53.153645][ T5146] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #18: comm syz.4.573: corrupted inode contents
[   53.156735][ T5104] hsr_slave_0: entered promiscuous mode
[   53.166705][ T5146] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #18: comm syz.4.573: mark_inode_dirty error
[   53.174163][ T5104] hsr_slave_1: entered promiscuous mode
[   53.189012][ T5104] debugfs: 'hsr0' already exists in 'hsr'
[   53.194860][ T5104] Cannot create hsr debugfs directory
[   53.206762][ T5146] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #18: comm syz.4.573: mark inode dirty (error -117)
[   53.221561][ T5146] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[   53.262559][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   53.346958][ T5104] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   53.368418][ T5104] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   53.387677][ T5162] netlink: 80 bytes leftover after parsing attributes in process `syz.4.576'.
[   53.391023][ T5104] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   53.409508][ T5104] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   53.463012][ T5104] 8021q: adding VLAN 0 to HW filter on device bond0
[   53.481891][ T5104] 8021q: adding VLAN 0 to HW filter on device team0
[   53.503304][ T3450] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.510593][ T3450] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.553245][ T3450] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.560366][ T3450] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.621609][ T5175] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   53.631699][ T5175] tipc: Disabling bearer <eth:syzkaller0>
[   53.742157][ T5186] netlink: 8 bytes leftover after parsing attributes in process `syz.4.584'.
[   53.977562][ T5104] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.173935][ T5104] veth0_vlan: entered promiscuous mode
[   54.196667][ T5104] veth1_vlan: entered promiscuous mode
[   54.231070][ T5104] veth0_macvtap: entered promiscuous mode
[   54.251473][ T5104] veth1_macvtap: entered promiscuous mode
[   54.281942][ T5104] batman_adv: batadv0: Interface activated: batadv_slave_0
[   54.304897][ T5104] batman_adv: batadv0: Interface activated: batadv_slave_1
[   54.346737][  T144] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   54.360436][  T144] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   54.376595][  T144] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   54.394266][  T144] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   54.451838][ T5217] loop5: detected capacity change from 0 to 1024
[   54.483670][ T5217] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.505970][ T5217] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   54.585648][ T5104] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.695574][ T5227] loop3: detected capacity change from 0 to 512
[   54.734467][ T5227] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.769261][ T5227] ext4 filesystem being mounted at /115/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   54.865752][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.885367][ T5246] netlink: 8 bytes leftover after parsing attributes in process `syz.5.601'.
[   54.969370][ T5258] netlink: 4 bytes leftover after parsing attributes in process `syz.3.606'.
[   54.979123][ T5258] netlink: 12 bytes leftover after parsing attributes in process `syz.3.606'.
[   55.451294][ T5272] loop5: detected capacity change from 0 to 512
[   55.483622][ T5272] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.496952][ T5272] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.560633][ T5104] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.659306][ T5281] loop9: detected capacity change from 0 to 7
[   55.669041][ T3295] Buffer I/O error on dev loop9, logical block 0, async page read
[   55.677678][ T3295] Buffer I/O error on dev loop9, logical block 0, async page read
[   55.685686][ T3295]  loop9: unable to read partition table
[   55.713310][ T5271] Set syz1 is full, maxelem 65536 reached
[   55.719454][ T5281] Buffer I/O error on dev loop9, logical block 0, async page read
[   55.727579][ T5283] loop1: detected capacity change from 0 to 512
[   55.734724][ T5281] Buffer I/O error on dev loop9, logical block 0, async page read
[   55.742612][ T5281]  loop9: unable to read partition table
[   55.748421][ T5281] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ �â·û
[   55.748421][ T5281] 
) failed (rc=-5)
[   55.753120][ T3295] Buffer I/O error on dev loop9, logical block 0, async page read
[   55.782242][ T3295] Buffer I/O error on dev loop9, logical block 0, async page read
[   55.790253][ T3295] Buffer I/O error on dev loop9, logical block 0, async page read
[   55.798408][ T3295] Buffer I/O error on dev loop9, logical block 0, async page read
[   55.806785][ T3295] Buffer I/O error on dev loop9, logical block 0, async page read
[   55.836067][ T5283] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.863732][ T5283] ext4 filesystem being mounted at /117/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.934879][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.071375][ T5309] tipc: Started in network mode
[   56.076360][ T5309] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[   56.083606][ T5309] tipc: Enabled bearer <eth:team0>, priority 0
[   56.098499][ T5316] netlink: 96 bytes leftover after parsing attributes in process `syz.1.631'.
[   56.280292][ T5339] netlink: 8 bytes leftover after parsing attributes in process `syz.1.640'.
[   56.319569][ T5338] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[   56.343719][   T29] kauditd_printk_skb: 143 callbacks suppressed
[   56.343779][   T29] audit: type=1326 audit(1757982060.730:1844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5345 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   56.373644][   T29] audit: type=1326 audit(1757982060.730:1845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5345 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   56.404027][   T29] audit: type=1326 audit(1757982060.730:1846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5345 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   56.427722][   T29] audit: type=1326 audit(1757982060.730:1847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5345 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   56.451399][   T29] audit: type=1326 audit(1757982060.730:1848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5345 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   56.475189][   T29] audit: type=1326 audit(1757982060.730:1849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5345 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   56.498700][   T29] audit: type=1326 audit(1757982060.730:1850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5345 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   56.522145][   T29] audit: type=1326 audit(1757982060.730:1851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5345 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   56.545599][   T29] audit: type=1326 audit(1757982060.730:1852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5345 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   56.569050][   T29] audit: type=1326 audit(1757982060.730:1853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5345 comm="syz.1.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   56.692598][ T5363] loop0: detected capacity change from 0 to 512
[   56.723692][ T5363] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.742295][ T5363] ext4 filesystem being mounted at /115/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.853809][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.103530][ T5400] loop5: detected capacity change from 0 to 512
[   57.109532][ T3369] tipc: Node number set to 11578026
[   57.123721][ T3369] kernel write not supported for file bpf-prog (pid: 3369 comm: kworker/1:2)
[   57.164226][ T5400] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c02c, mo2=0002]
[   57.172367][ T5400] System zones: 0-7
[   57.185649][ T5404] loop3: detected capacity change from 0 to 1024
[   57.232279][ T5400] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.247782][ T5400] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.273743][ T5404] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.281149][ T5384] Set syz1 is full, maxelem 65536 reached
[   57.335401][ T5404] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.665: bg 0: block 494: padding at end of block bitmap is not set
[   57.351896][ T5404] EXT4-fs (loop3): Remounting filesystem read-only
[   57.361658][ T5411] ip6gre1: entered allmulticast mode
[   57.365011][ T5404] EXT4-fs (loop3): error restoring inline_data for inode -- potential data loss! (inode 15, error -30)
[   57.457557][ T5415] batman_adv: batadv0: Adding interface: dummy0
[   57.464323][ T5415] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.492203][ T5415] batman_adv: batadv0: Interface activated: dummy0
[   57.516431][ T5415] batadv0: mtu less than device minimum
[   57.522675][ T5415] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   57.533536][ T5415] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   57.544428][ T5415] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   57.555314][ T5415] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   57.566132][ T5415] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   57.577293][ T5415] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   57.588228][ T5415] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   57.667096][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.703446][ T5427] Falling back ldisc for ttyS3.
[   58.179559][ T5455] batman_adv: batadv0: Interface deactivated: dummy0
[   58.186619][ T5455] batman_adv: batadv0: Removing interface: dummy0
[   58.238657][ T5455] bridge_slave_0: left allmulticast mode
[   58.244402][ T5455] bridge_slave_0: left promiscuous mode
[   58.250058][ T5455] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.360864][ T5455] bridge_slave_1: left allmulticast mode
[   58.366582][ T5455] bridge_slave_1: left promiscuous mode
[   58.372502][ T5455] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.465504][ T5455] bond0: (slave bond_slave_0): Releasing backup interface
[   58.494556][ T5455] bond0: (slave bond_slave_1): Releasing backup interface
[   58.523351][ T5455] team0: Port device team_slave_0 removed
[   58.549947][ T5455] team0: Port device team_slave_1 removed
[   58.560075][ T5455] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   58.567631][ T5455] batman_adv: batadv0: Removing interface: batadv_slave_0
[   58.576495][ T5455] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   58.584060][ T5455] batman_adv: batadv0: Removing interface: batadv_slave_1
[   58.603669][ T5455] bond2: (slave bridge1): Releasing active interface
[   58.663494][   T51] bridge_slave_1: left allmulticast mode
[   58.669236][   T51] bridge_slave_1: left promiscuous mode
[   58.675390][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.689881][ T5479] loop4: detected capacity change from 0 to 1024
[   58.711319][ T5479] EXT4-fs: Ignoring removed nomblk_io_submit option
[   58.719037][ T5479] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   58.728540][   T51] bridge_slave_0: left allmulticast mode
[   58.734453][   T51] bridge_slave_0: left promiscuous mode
[   58.740321][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.751848][ T5479] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.837363][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.860548][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   58.874148][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   58.885233][   T51] bond0 (unregistering): Released all slaves
[   58.951694][ T5506] loop5: detected capacity change from 0 to 128
[   58.951804][   T51] hsr_slave_0: left promiscuous mode
[   58.969480][   T51] hsr_slave_1: left promiscuous mode
[   58.996999][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[   59.027901][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[   59.144536][   T51] team0 (unregistering): Port device team_slave_1 removed
[   59.167054][   T51] team0 (unregistering): Port device team_slave_0 removed
[   59.388223][ T5533] 
: (slave dummy0): Releasing backup interface
[   59.607387][   T51] IPVS: stop unused estimator thread 0...
[   59.757903][ T5589] loop3: detected capacity change from 0 to 512
[   59.775443][ T5589] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   59.788990][ T5589] ext4 filesystem being mounted at /137/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   59.816732][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.854096][ T5596] smc: net device bond0 applied user defined pnetid SYZ0
[   59.861923][ T5596] smc: net device bond0 erased user defined pnetid SYZ0
[   59.947788][ T5607] loop5: detected capacity change from 0 to 1024
[   59.965055][ T5607] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.996442][ T5615] netlink: 55631 bytes leftover after parsing attributes in process `syz.1.723'.
[   60.048931][ T5607] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.722: Allocating blocks 449-513 which overlap fs metadata
[   60.153302][ T5606] EXT4-fs (loop5): pa ffff888105b67620: logic 48, phys. 177, len 21
[   60.161421][ T5606] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[   60.226178][ T5104] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.028416][ T5708] netlink: 36 bytes leftover after parsing attributes in process `syz.5.736'.
[   61.190106][ T5723] batman_adv: batadv0: Adding interface: dummy0
[   61.196544][ T5723] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   61.235824][ T5723] batman_adv: batadv0: Interface activated: dummy0
[   61.256153][ T5723] net_ratelimit: 13 callbacks suppressed
[   61.256174][ T5723] batadv0: mtu less than device minimum
[   61.268428][ T5723] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   61.279428][ T5723] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   61.290393][ T5723] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   61.301270][ T5723] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   61.311981][ T5723] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   61.322875][ T5723] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   61.333629][ T5723] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   61.344381][ T5723] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   61.355118][ T5723] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   61.365492][   T29] kauditd_printk_skb: 586 callbacks suppressed
[   61.365509][   T29] audit: type=1400 audit(1757982065.750:2440): avc:  denied  { getopt } for  pid=5729 comm="syz.4.741" lport=34527 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[   61.476887][ T5754] netlink: 'syz.4.744': attribute type 10 has an invalid length.
[   61.484996][ T5754] netlink: 40 bytes leftover after parsing attributes in process `syz.4.744'.
[   61.511126][ T5754] team0: Port device geneve1 added
[   61.632408][ T5767] Falling back ldisc for ttyS3.
[   61.864677][   T29] audit: type=1400 audit(1757982066.250:2441): avc:  denied  { bind } for  pid=5809 comm="syz.3.757" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   61.915854][   T29] audit: type=1400 audit(1757982066.250:2442): avc:  denied  { name_bind } for  pid=5809 comm="syz.3.757" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[   61.937183][   T29] audit: type=1400 audit(1757982066.250:2443): avc:  denied  { node_bind } for  pid=5809 comm="syz.3.757" saddr=ff02::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[   62.131237][ T5843] netlink: 24 bytes leftover after parsing attributes in process `syz.5.766'.
[   62.198765][ T5853] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5853 comm=syz.5.771
[   62.276612][ T5858] loop0: detected capacity change from 0 to 1024
[   62.279007][ T5861] loop5: detected capacity change from 0 to 512
[   62.315834][ T5858] EXT4-fs: Ignoring removed nobh option
[   62.321569][ T5858] EXT4-fs: inline encryption not supported
[   62.333550][ T5861] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.368370][ T5858] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.390629][ T5861] ext4 filesystem being mounted at /66/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.423964][ T5858] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.774: Allocating blocks 385-513 which overlap fs metadata
[   62.455138][ T5861] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #4: comm syz.5.775: corrupted inode contents
[   62.502534][ T5858] EXT4-fs (loop0): pa ffff888105b675b0: logic 16, phys. 129, len 24
[   62.510700][ T5858] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[   62.532205][ T5861] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #4: comm syz.5.775: mark_inode_dirty error
[   62.541810][ T5858] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[   62.556059][ T5858] EXT4-fs (loop0): This should not happen!! Data will be lost
[   62.556059][ T5858] 
[   62.565758][ T5858] EXT4-fs (loop0): Total free blocks count 0
[   62.571948][ T5858] EXT4-fs (loop0): Free/Dirty block details
[   62.573605][ T5861] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #4: comm syz.5.775: corrupted inode contents
[   62.577924][ T5858] EXT4-fs (loop0): free_blocks=128
[   62.577942][ T5858] EXT4-fs (loop0): dirty_blocks=0
[   62.577954][ T5858] EXT4-fs (loop0): Block reservation details
[   62.577966][ T5858] EXT4-fs (loop0): i_reserved_data_blocks=0
[   62.618313][   T29] audit: type=1400 audit(1757982066.980:2444): avc:  denied  { write } for  pid=5872 comm="syz.4.778" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   62.641612][   T29] audit: type=1400 audit(1757982066.980:2445): avc:  denied  { ioctl } for  pid=5872 comm="syz.4.778" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   62.665406][ T5873] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   62.671806][ T5861] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #4: comm syz.5.775: mark_inode_dirty error
[   62.692600][ T5873] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   62.708444][ T5861] Quota error (device loop5): write_blk: dquota write failed
[   62.716050][ T5861] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[   62.726035][ T5861] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.775: Failed to acquire dquot type 1
[   62.738462][ T5871] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #4: comm syz.5.775: corrupted inode contents
[   62.769027][ T5871] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #4: comm syz.5.775: mark_inode_dirty error
[   62.790958][ T5871] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #4: comm syz.5.775: corrupted inode contents
[   62.829210][ T5871] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #4: comm syz.5.775: mark_inode_dirty error
[   62.850269][ T5885] loop1: detected capacity change from 0 to 512
[   62.867443][ T5871] Quota error (device loop5): write_blk: dquota write failed
[   62.875007][ T5871] Quota error (device loop5): find_free_dqentry: Can't write quota data block 5
[   62.894157][ T5883] Falling back ldisc for ttyS3.
[   62.906936][ T5871] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.775: Failed to acquire dquot type 1
[   62.913037][ T5885] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.942212][ T5885] ext4 filesystem being mounted at /148/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.973687][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.063185][ T5104] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.292319][ T5937] loop4: detected capacity change from 0 to 1024
[   63.300654][ T5937] EXT4-fs: Ignoring removed nobh option
[   63.307590][ T5937] EXT4-fs: Ignoring removed bh option
[   63.347312][ T5937] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: none.
[   63.395792][ T5951] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5951 comm=syz.5.786
[   63.411816][ T5951] netlink: 12 bytes leftover after parsing attributes in process `syz.5.786'.
[   63.438378][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[   63.560472][ T5966] loop4: detected capacity change from 0 to 128
[   63.908053][ T6014] netlink: 24 bytes leftover after parsing attributes in process `syz.0.800'.
[   64.596239][ T6073] loop4: detected capacity change from 0 to 1024
[   64.626159][ T6073] EXT4-fs: Ignoring removed nobh option
[   64.631842][ T6073] EXT4-fs: inline encryption not supported
[   64.777497][ T6073] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   64.869082][ T6071] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.809: Allocating blocks 385-513 which overlap fs metadata
[   64.906495][ T6093] netlink: 'syz.0.819': attribute type 1 has an invalid length.
[   64.937891][ T6095] loop1: detected capacity change from 0 to 1024
[   64.943397][ T6071] EXT4-fs (loop4): pa ffff888106e7e380: logic 16, phys. 129, len 24
[   64.952767][ T6071] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[   64.992343][ T6071] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[   65.004747][ T6071] EXT4-fs (loop4): This should not happen!! Data will be lost
[   65.004747][ T6071] 
[   65.014561][ T6071] EXT4-fs (loop4): Total free blocks count 0
[   65.020572][ T6071] EXT4-fs (loop4): Free/Dirty block details
[   65.026528][ T6071] EXT4-fs (loop4): free_blocks=128
[   65.031708][ T6071] EXT4-fs (loop4): dirty_blocks=0
[   65.036771][ T6071] EXT4-fs (loop4): Block reservation details
[   65.042798][ T6071] EXT4-fs (loop4): i_reserved_data_blocks=0
[   65.052884][ T6095] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   65.099942][ T6095] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.813: Allocating blocks 449-513 which overlap fs metadata
[   65.176590][ T6094] EXT4-fs (loop1): pa ffff888105b675b0: logic 48, phys. 177, len 21
[   65.184876][ T6094] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[   65.212264][ T6112] netlink: 4 bytes leftover after parsing attributes in process `syz.0.815'.
[   65.212933][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.445426][ T6138] netlink: 4 bytes leftover after parsing attributes in process `syz.1.822'.
[   65.489616][ T6138] netlink: 12 bytes leftover after parsing attributes in process `syz.1.822'.
[   65.543396][ T6138] netlink: 156 bytes leftover after parsing attributes in process `syz.1.822'.
[   65.789800][ T6170] netlink: 12 bytes leftover after parsing attributes in process `syz.0.830'.
[   65.821544][ T6124] loop4: detected capacity change from 0 to 32768
[   65.840988][ T6172] netlink: 24 bytes leftover after parsing attributes in process `syz.1.832'.
[   65.850195][ T6172] netlink: 212 bytes leftover after parsing attributes in process `syz.1.832'.
[   65.873649][ T3295]  loop4: p1 p3 < >
[   65.918556][ T6124]  loop4: p1 p3 < >
[   65.928374][ T6176] netlink: 60 bytes leftover after parsing attributes in process `syz.1.833'.
[   66.282292][ T6190] loop0: detected capacity change from 0 to 128
[   66.288892][ T6190] EXT4-fs: Ignoring removed nobh option
[   66.306339][ T6190] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   66.338812][ T6190] ext4 filesystem being mounted at /148/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   66.354162][ T6190] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   66.372313][   T29] kauditd_printk_skb: 9 callbacks suppressed
[   66.372331][   T29] audit: type=1400 audit(1757982070.750:2454): avc:  denied  { relabelto } for  pid=6189 comm="syz.0.839" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[   66.379795][ T6115] syz.4.817 (6115) used greatest stack depth: 6328 bytes left
[   66.423909][ T3301] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   66.491531][ T6200] netlink: 60 bytes leftover after parsing attributes in process `syz.5.845'.
[   66.568470][ T6204] netlink: 'syz.1.846': attribute type 1 has an invalid length.
[   66.585122][ T6208] loop0: detected capacity change from 0 to 512
[   66.586048][ T6204] 8021q: adding VLAN 0 to HW filter on device bond3
[   66.603560][ T6206] loop5: detected capacity change from 0 to 512
[   66.617244][ T6206] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.622120][ T6204] netlink: 4 bytes leftover after parsing attributes in process `syz.1.846'.
[   66.649358][ T6204] bond3 (unregistering): Released all slaves
[   66.662322][ T6206] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.685582][ T6208] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.721390][ T6208] ext4 filesystem being mounted at /150/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.732927][   T29] audit: type=1400 audit(1757982071.100:2455): avc:  denied  { watch watch_reads } for  pid=6219 comm="syz.4.850" path="/172/file0" dev="tmpfs" ino=912 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   66.768397][ T6208] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #4: comm syz.0.847: corrupted inode contents
[   66.780667][ T5104] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.780977][ T6208] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #4: comm syz.0.847: mark_inode_dirty error
[   66.801384][ T6208] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #4: comm syz.0.847: corrupted inode contents
[   66.813854][ T6208] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #4: comm syz.0.847: mark_inode_dirty error
[   66.826125][ T6208] Quota error (device loop0): write_blk: dquota write failed
[   66.833761][ T6208] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[   66.844169][ T6208] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.847: Failed to acquire dquot type 1
[   66.857213][ T6224] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #4: comm syz.0.847: corrupted inode contents
[   66.869601][ T6224] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #4: comm syz.0.847: mark_inode_dirty error
[   66.885353][ T6224] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #4: comm syz.0.847: corrupted inode contents
[   66.897703][ T6224] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #4: comm syz.0.847: mark_inode_dirty error
[   66.978486][ T6224] Quota error (device loop0): write_blk: dquota write failed
[   66.986052][ T6224] Quota error (device loop0): find_free_dqentry: Can't write quota data block 5
[   67.032852][ T6224] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[   67.071289][ T6224] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.847: Failed to acquire dquot type 1
[   67.090949][ T6237] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   67.130330][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.151758][ T6237] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   67.621729][ T6276] loop0: detected capacity change from 0 to 512
[   67.688317][ T6276] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.709500][ T6276] ext4 filesystem being mounted at /155/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.746549][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.814130][ T6278] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.041180][ T6278] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.101246][ T6308] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   68.121518][ T6303] tipc: Disabling bearer <eth:syzkaller0>
[   68.137457][ T6311] netlink: 'syz.4.884': attribute type 1 has an invalid length.
[   68.154681][ T6311] 8021q: adding VLAN 0 to HW filter on device bond1
[   68.182410][ T6311] bond1 (unregistering): Released all slaves
[   68.307029][ T6278] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.373462][ T6328] netlink: 'syz.5.888': attribute type 13 has an invalid length.
[   68.411449][   T29] audit: type=1400 audit(1757982072.790:2456): avc:  denied  { read write } for  pid=6332 comm="syz.0.891" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   68.436574][   T29] audit: type=1400 audit(1757982072.790:2457): avc:  denied  { open } for  pid=6332 comm="syz.0.891" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   68.502918][ T6328] gretap0: refused to change device tx_queue_len
[   68.504929][   T29] audit: type=1400 audit(1757982072.860:2458): avc:  denied  { ioctl } for  pid=6332 comm="syz.0.891" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   68.513510][ T6328] net_ratelimit: 12 callbacks suppressed
[   68.513525][ T6328] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   68.595430][ T6278] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.667653][ T6349] atomic_op ffff888121b6f528 conn xmit_atomic 0000000000000000
[   68.736516][ T3450] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   68.748880][ T3450] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   68.777823][ T3450] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   68.797474][ T3450] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.501734][ T6397] loop4: detected capacity change from 0 to 1024
[   69.514733][ T6397] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[   69.524564][ T6397] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[   69.577315][ T6397] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   69.587752][ T6397] EXT4-fs error (device loop4): ext4_get_journal_inode:5800: inode #32: comm syz.4.919: iget: special inode unallocated
[   69.602406][ T6397] EXT4-fs (loop4): no journal found
[   69.607660][ T6397] EXT4-fs (loop4): can't get journal size
[   69.614661][ T6397] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   69.630001][ T6396] EXT4-fs error (device loop4): ext4_inlinedir_to_tree:1314: inode #12: block 16: comm syz.4.919: path /192/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=20, inode=13, rec_len=16, size=60 fake=0
[   69.671846][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.029795][ T6429] loop0: detected capacity change from 0 to 1024
[   70.049840][ T6429] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[   70.059696][ T6429] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[   70.077476][ T6435] netlink: 'syz.4.934': attribute type 1 has an invalid length.
[   70.085744][ T6429] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   70.102282][ T6429] EXT4-fs error (device loop0): ext4_get_journal_inode:5800: inode #32: comm syz.0.932: iget: special inode unallocated
[   70.117438][ T6429] EXT4-fs (loop0): no journal found
[   70.121236][ T6435] bond1: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[   70.122718][ T6429] EXT4-fs (loop0): can't get journal size
[   70.123691][ T6429] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   70.135342][ T6435] bond1: (slave ipvlan2): The slave device specified does not support setting the MAC address
[   70.135365][ T6435] bond1: (slave ipvlan2): Setting fail_over_mac to active for active-backup mode
[   70.164699][ T6429] EXT4-fs error (device loop0): ext4_inlinedir_to_tree:1314: inode #12: block 16: comm syz.0.932: path /164/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=20, inode=13, rec_len=16, size=60 fake=0
[   70.248831][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.300860][ T6445] IPVS: stopping master sync thread 3820 ...
[   70.336742][ T6456] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[   70.343384][ T6456] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   70.351534][ T6456] vhci_hcd vhci_hcd.0: Device attached
[   70.380909][ T6456] loop5: detected capacity change from 0 to 512
[   70.399175][ T6456] EXT4-fs: Ignoring removed nobh option
[   70.435370][ T6456] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.938: corrupted inode contents
[   70.448271][ T6456] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #3: comm syz.5.938: mark_inode_dirty error
[   70.463926][ T6456] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #3: comm syz.5.938: corrupted inode contents
[   70.477181][ T6456] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #3: comm syz.5.938: mark_inode_dirty error
[   70.495642][ T6456] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.938: Failed to acquire dquot type 0
[   70.508505][ T6456] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.938: corrupted inode contents
[   70.520791][ T6456] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #16: comm syz.5.938: mark_inode_dirty error
[   70.532273][ T3369] vhci_hcd: vhci_device speed not set
[   70.540143][ T6456] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.938: corrupted inode contents
[   70.559395][ T6456] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.938: mark_inode_dirty error
[   70.574359][ T6456] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.938: corrupted inode contents
[   70.587436][ T6456] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[   70.592286][ T3369] usb 11-1: new full-speed USB device number 2 using vhci_hcd
[   70.596204][ T6456] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.938: corrupted inode contents
[   70.619000][ T6456] EXT4-fs error (device loop5): ext4_truncate:4666: inode #16: comm syz.5.938: mark_inode_dirty error
[   70.645905][ T6456] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[   70.674343][ T6456] EXT4-fs (loop5): 1 truncate cleaned up
[   70.682837][ T6456] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.696805][ T6456] ext4 filesystem being mounted at /99/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   70.701878][ T6485] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6485 comm=syz.4.947
[   70.730524][ T6456] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.775396][ T6457] vhci_hcd: connection reset by peer
[   70.793295][   T51] vhci_hcd: stop threads
[   70.797599][   T51] vhci_hcd: release socket
[   70.802189][   T51] vhci_hcd: disconnect device
[   70.906466][ T6507] netlink: 'syz.1.953': attribute type 13 has an invalid length.
[   70.930036][ T6507] gretap0: refused to change device tx_queue_len
[   70.943450][ T6507] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   71.027378][ T6522] __nla_validate_parse: 10 callbacks suppressed
[   71.027399][ T6522] netlink: 4 bytes leftover after parsing attributes in process `syz.3.955'.
[   71.310886][ T6552] netlink: 12 bytes leftover after parsing attributes in process `syz.1.957'.
[   71.333624][ T6553] netlink: 96 bytes leftover after parsing attributes in process `syz.4.958'.
[   71.357510][ T6555] IPv4: Oversized IP packet from 127.202.26.0
[   71.464268][ T6569] loop4: detected capacity change from 0 to 1024
[   71.484256][ T6569] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.500505][   T29] kauditd_printk_skb: 26 callbacks suppressed
[   71.500523][   T29] audit: type=1400 audit(1757982075.880:2483): avc:  denied  { read } for  pid=6568 comm="syz.4.965" path="/207/file1/bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   71.513895][ T6569] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[   71.558679][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.609114][   T29] audit: type=1400 audit(1757982075.990:2484): avc:  denied  { create } for  pid=6575 comm="syz.4.968" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   71.641136][ T6577] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.677073][ T6583] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6583 comm=syz.0.971
[   71.689962][   T29] audit: type=1107 audit(1757982076.070:2485): pid=6582 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[   71.707091][ T6577] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.729897][ T6586] netlink: 12 bytes leftover after parsing attributes in process `syz.0.972'.
[   71.775450][ T6577] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.878888][ T6577] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.892571][   T29] audit: type=1326 audit(1757982076.280:2486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   71.898196][ T6606] loop3: detected capacity change from 0 to 256
[   71.923458][   T29] audit: type=1326 audit(1757982076.300:2487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   71.933025][ T6606] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   71.946954][   T29] audit: type=1326 audit(1757982076.310:2488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   71.983017][   T29] audit: type=1326 audit(1757982076.310:2489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   72.010061][   T29] audit: type=1326 audit(1757982076.390:2490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   72.033581][   T29] audit: type=1326 audit(1757982076.390:2491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   72.057152][   T29] audit: type=1326 audit(1757982076.390:2492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6601 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   72.090603][ T6606] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   72.127752][ T6610] netlink: 12 bytes leftover after parsing attributes in process `syz.1.977'.
[   72.145732][   T31] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.165526][   T31] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.216125][   T31] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.238648][   T31] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.251216][ T6615] netlink: 'syz.0.978': attribute type 13 has an invalid length.
[   72.267356][ T6615] gretap0: refused to change device tx_queue_len
[   72.304056][ T6615] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   72.396723][ T6633] netlink: 100 bytes leftover after parsing attributes in process `syz.0.988'.
[   72.635067][ T6647] pim6reg1: entered promiscuous mode
[   72.640406][ T6647] pim6reg1: entered allmulticast mode
[   72.759272][ T6654] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   72.771487][ T6654] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.875809][ T6654] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   72.887879][ T6654] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.964859][ T6654] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   72.975008][ T6654] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   73.023879][ T6654] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   73.034438][ T6654] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   73.137725][ T4449] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   73.146059][ T4449] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.177329][ T4449] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   73.185645][ T4449] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.214992][ T4449] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   73.223456][ T4449] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.270563][  T144] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   73.279375][  T144] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.320172][ T6663] loop3: detected capacity change from 0 to 1024
[   73.330867][ T6663] EXT4-fs: Ignoring removed orlov option
[   73.344496][ T6663] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.612121][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.628493][ T6668] tipc: New replicast peer: 255.255.255.255
[   73.634635][ T6668] tipc: Enabled bearer <udp:s>, priority 10
[   73.695827][ T6677] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1004'.
[   73.737992][ T6679] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1015'.
[   73.752306][ T6673] netlink: 'syz.3.999': attribute type 13 has an invalid length.
[   73.777332][ T6673] gretap0: refused to change device tx_queue_len
[   73.788785][ T6673] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   73.810080][ T6685] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1006'.
[   73.952678][ T6688] netlink: 'syz.0.1019': attribute type 1 has an invalid length.
[   73.973745][ T6691] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1007'.
[   73.989046][ T6688] 8021q: adding VLAN 0 to HW filter on device bond1
[   74.024832][ T6695] loop4: detected capacity change from 0 to 2048
[   74.055287][ T3295]  loop4: p4 < >
[   74.056425][ T6696] 8021q: adding VLAN 0 to HW filter on device batadv1
[   74.067081][ T6695]  loop4: p4 < >
[   74.144128][ T6696] bond1: (slave batadv1): making interface the new active one
[   74.153444][ T6696] bond1: (slave batadv1): Enslaving as an active interface with an up link
[   74.174317][ T3295] udevd[3295]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   74.312843][ T6713] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.375350][ T6713] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.435814][ T6713] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.486041][ T6713] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.547956][  T144] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.569859][  T144] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.597894][  T144] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.618699][  T144] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.752046][   T36] tipc: Node number set to 2464610326
[   75.139848][ T6740] netlink: 'syz.4.1029': attribute type 13 has an invalid length.
[   75.181379][ T6740] gretap0: refused to change device tx_queue_len
[   75.193421][ T6747] loop5: detected capacity change from 0 to 1024
[   75.202822][ T6740] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   75.236019][ T6747] EXT4-fs: Ignoring removed orlov option
[   75.249127][ T6747] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.427066][ T6770] SELinux: security_context_str_to_sid () failed with errno=-22
[   75.461653][ T6772] netlink: 'syz.3.1042': attribute type 7 has an invalid length.
[   75.496664][ T6778] loop1: detected capacity change from 0 to 256
[   75.516877][ T6778] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   75.534905][ T6780] loop0: detected capacity change from 0 to 2048
[   75.560202][ T6778] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   75.578381][ T6780] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   75.642105][ T3369] usb 11-1: enqueue for inactive port 0
[   75.647918][ T3369] usb 11-1: enqueue for inactive port 0
[   75.692377][ T5104] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.723143][ T3369] vhci_hcd: vhci_device speed not set
[   75.727584][ T6789] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   75.754068][ T6792] netlink: 'syz.3.1048': attribute type 13 has an invalid length.
[   75.772036][ T6792] gretap0: refused to change device tx_queue_len
[   75.780566][ T6789] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 942 with error 28
[   75.786809][ T6792] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   75.793474][ T6789] EXT4-fs (loop0): This should not happen!! Data will be lost
[   75.793474][ T6789] 
[   75.793497][ T6789] EXT4-fs (loop0): Total free blocks count 0
[   75.793513][ T6789] EXT4-fs (loop0): Free/Dirty block details
[   75.793526][ T6789] EXT4-fs (loop0): free_blocks=2415919104
[   75.793542][ T6789] EXT4-fs (loop0): dirty_blocks=944
[   75.811591][ T6797] tipc: New replicast peer: 255.255.255.255
[   75.819155][ T6789] EXT4-fs (loop0): Block reservation details
[   75.819173][ T6789] EXT4-fs (loop0): i_reserved_data_blocks=59
[   75.860639][ T6797] tipc: Enabled bearer <udp:s>, priority 10
[   75.953524][ T6808] wireguard0: entered promiscuous mode
[   75.959060][ T6808] wireguard0: entered allmulticast mode
[   75.980439][ T6811] loop1: detected capacity change from 0 to 256
[   76.002851][ T6811] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   76.015576][ T6811] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   76.360864][   T31] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[   76.419463][ T6834] loop0: detected capacity change from 0 to 128
[   76.440137][ T6834] syz.0.1067: attempt to access beyond end of device
[   76.440137][ T6834] loop0: rw=2049, sector=138, nr_sectors = 112 limit=128
[   76.511314][   T29] kauditd_printk_skb: 397 callbacks suppressed
[   76.511331][   T29] audit: type=1326 audit(1757982080.890:2890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6823 comm="syz.3.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f743fe6eba9 code=0x7ffc0000
[   76.557139][   T29] audit: type=1326 audit(1757982080.930:2891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6823 comm="syz.3.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f743fe6eba9 code=0x7ffc0000
[   76.580626][   T29] audit: type=1326 audit(1757982080.940:2892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6823 comm="syz.3.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f743fe6eba9 code=0x7ffc0000
[   76.624123][   T29] audit: type=1326 audit(1757982080.990:2893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6823 comm="syz.3.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f743fe6eba9 code=0x7ffc0000
[   76.647969][   T29] audit: type=1326 audit(1757982081.000:2894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6823 comm="syz.3.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f743fe6eba9 code=0x7ffc0000
[   76.673118][   T29] audit: type=1326 audit(1757982081.060:2895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6823 comm="syz.3.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f743fe6eba9 code=0x7ffc0000
[   76.739153][   T29] audit: type=1326 audit(1757982081.110:2896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6823 comm="syz.3.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f743fe6eba9 code=0x7ffc0000
[   76.762832][   T29] audit: type=1326 audit(1757982081.120:2897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6823 comm="syz.3.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f743fe6eba9 code=0x7ffc0000
[   76.787899][   T29] audit: type=1326 audit(1757982081.170:2898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6823 comm="syz.3.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f743fe6eba9 code=0x7ffc0000
[   76.858306][   T29] audit: type=1326 audit(1757982081.210:2899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6823 comm="syz.3.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f743fe6eba9 code=0x7ffc0000
[   76.982083][ T3417] tipc: Node number set to 2886997011
[   77.135613][ T6870] @: renamed from vlan0 (while UP)
[   77.166369][ T6873] IPv6: Can't replace route, no match found
[   77.174902][ T6874] loop0: detected capacity change from 0 to 1024
[   77.183956][ T6874] EXT4-fs: Ignoring removed orlov option
[   77.202531][ T6874] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.357693][ T6884] syzkaller0: entered allmulticast mode
[   77.363762][ T6884] syzkaller0: entered promiscuous mode
[   77.371192][ T6884] syzkaller0 (unregistering): left allmulticast mode
[   77.378044][ T6884] syzkaller0 (unregistering): left promiscuous mode
[   77.445785][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.465255][ T6886] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6886 comm=syz.0.1086
[   77.479590][ T6886] netlink: 'syz.0.1086': attribute type 1 has an invalid length.
[   77.507125][ T6886] bond2: (slave bridge2): making interface the new active one
[   77.516321][ T6886] bond2: (slave bridge2): Enslaving as an active interface with an up link
[   77.546961][ T6893] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   77.554502][ T6893] batman_adv: batadv0: Removing interface: batadv_slave_0
[   77.572962][ T6893] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   77.580610][ T6893] batman_adv: batadv0: Removing interface: batadv_slave_1
[   77.717366][ T6900] loop1: detected capacity change from 0 to 512
[   77.734747][ T6900] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.748215][ T6900] ext4 filesystem being mounted at /229/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.801768][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.866345][ T6916] loop4: detected capacity change from 0 to 256
[   77.873765][ T6916] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   77.888451][ T6917] loop1: detected capacity change from 0 to 2048
[   77.898301][ T6916] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   77.922897][ T6917]  loop1: p4 < >
[   77.930412][ T2992]  loop1: p4 < >
[   77.966717][ T3295] udevd[3295]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   77.988843][ T3295] udevd[3295]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   78.020222][ T6929] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   78.027813][ T6929] batman_adv: batadv0: Removing interface: batadv_slave_0
[   78.067221][ T6933] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6933 comm=syz.4.1108
[   78.199939][ T6938] netlink: 'syz.3.1111': attribute type 1 has an invalid length.
[   78.215927][ T6938] 8021q: adding VLAN 0 to HW filter on device bond1
[   78.236159][ T6938] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.245130][ T6938] bond1: (slave batadv0): making interface the new active one
[   78.254776][ T6938] bond1: (slave batadv0): Enslaving as an active interface with an up link
[   78.626364][ T6951] netlink: 'syz.0.1116': attribute type 25 has an invalid length.
[   78.659802][ T6955] loop3: detected capacity change from 0 to 128
[   78.683078][ T6945] loop1: detected capacity change from 0 to 65536
[   78.698801][ T6955] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[   78.753714][ T6955] syz.3.1118: attempt to access beyond end of device
[   78.753714][ T6955] loop3: rw=0, sector=97, nr_sectors = 944 limit=128
[   78.789058][ T4449] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[   78.793134][ T6953] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.846495][ T6960] loop3: detected capacity change from 0 to 1024
[   78.875010][ T6960] EXT4-fs: Ignoring removed orlov option
[   78.902834][ T6960] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.977911][ T6953] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.117190][ T6953] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.231000][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.258524][ T6953] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.273642][ T6987] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[   79.273671][ T6987] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   79.273776][ T6987] vhci_hcd vhci_hcd.0: Device attached
[   79.279465][ T6987] loop4: detected capacity change from 0 to 512
[   79.320865][ T6987] EXT4-fs: Ignoring removed nobh option
[   79.334675][ T6987] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #3: comm syz.4.1130: corrupted inode contents
[   79.347028][ T6987] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #3: comm syz.4.1130: mark_inode_dirty error
[   79.361917][ T6987] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #3: comm syz.4.1130: corrupted inode contents
[   79.374920][ T6987] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #3: comm syz.4.1130: mark_inode_dirty error
[   79.387034][ T6987] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.1130: Failed to acquire dquot type 0
[   79.432566][ T6987] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.1130: corrupted inode contents
[   79.452070][ T3399] vhci_hcd: vhci_device speed not set
[   79.474712][ T6987] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #16: comm syz.4.1130: mark_inode_dirty error
[   79.492477][ T6987] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.1130: corrupted inode contents
[   79.522130][ T3399] usb 9-1: new full-speed USB device number 2 using vhci_hcd
[   79.541833][   T31] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   79.558086][   T31] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   79.566898][ T6987] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #16: comm syz.4.1130: mark_inode_dirty error
[   79.574411][   T31] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   79.587663][ T6987] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.1130: corrupted inode contents
[   79.607875][ T7007] __nla_validate_parse: 3 callbacks suppressed
[   79.607894][ T7007] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1135'.
[   79.620966][ T7011] loop5: detected capacity change from 0 to 512
[   79.623893][ T3450] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   79.631418][ T6987] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[   79.658336][ T6987] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.1130: corrupted inode contents
[   79.671727][ T6987] EXT4-fs error (device loop4): ext4_truncate:4666: inode #16: comm syz.4.1130: mark_inode_dirty error
[   79.684458][ T6987] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[   79.696932][ T7011] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.710222][ T7011] ext4 filesystem being mounted at /120/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.721524][ T6987] EXT4-fs (loop4): 1 truncate cleaned up
[   79.737938][ T6987] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.777489][ T6987] ext4 filesystem being mounted at /235/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.797868][ T6987] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.830676][ T5104] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.883185][ T6988] vhci_hcd: connection reset by peer
[   79.890793][ T4449] vhci_hcd: stop threads
[   79.895292][ T4449] vhci_hcd: release socket
[   79.899834][ T4449] vhci_hcd: disconnect device
[   79.982601][ T7031] loop0: detected capacity change from 0 to 512
[   79.988470][ T7033] netlink: 2048 bytes leftover after parsing attributes in process `syz.5.1143'.
[   79.998354][ T7033] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1143'.
[   80.009472][ T7031] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   80.023811][ T7031] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.037558][ T7031] ext4 filesystem being mounted at /213/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.065906][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.137760][ T7037] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.237076][ T7037] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.312772][ T7037] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.365434][ T7037] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.412737][ T7053] netlink: 'syz.4.1151': attribute type 1 has an invalid length.
[   80.444487][ T7053] 8021q: adding VLAN 0 to HW filter on device bond2
[   80.471484][ T7053] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.506091][ T7053] bond2: (slave batadv0): making interface the new active one
[   80.515682][ T7053] bond2: (slave batadv0): Enslaving as an active interface with an up link
[   80.607866][ T7059] IPv6: Can't replace route, no match found
[   80.826860][   T31] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   80.898831][ T7074] loop4: detected capacity change from 0 to 1024
[   80.929688][ T7074] EXT4-fs: Ignoring removed orlov option
[   81.012817][ T4451] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.021650][ T7100] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.035906][ T7074] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.050321][ T7057] loop3: detected capacity change from 0 to 32768
[   81.057808][ T7108] loop0: detected capacity change from 0 to 512
[   81.073482][ T7077] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.108080][ T3566]  loop3: p1 p3 < >
[   81.134919][ T7108] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.158234][ T2992] udevd[2992]: worker [3566] terminated by signal 33 (Unknown signal 33)
[   81.166900][ T7108] ext4 filesystem being mounted at /216/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.186860][ T2992] udevd[2992]: worker [3566] failed while handling '/devices/virtual/block/loop3'
[   81.206832][ T7057]  loop3: p1 p3 < >
[   81.275915][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.288651][ T7133] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.365605][ T7133] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.416950][ T7133] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.488370][ T7133] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.528841][ T7140] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[   81.535409][ T7140] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   81.543085][ T7140] vhci_hcd vhci_hcd.0: Device attached
[   81.578854][ T7140] loop0: detected capacity change from 0 to 512
[   81.600600][ T7140] EXT4-fs: Ignoring removed nobh option
[   81.618795][ T7140] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.1164: corrupted inode contents
[   81.635632][ T7140] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.1164: mark_inode_dirty error
[   81.717063][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.732149][   T36] vhci_hcd: vhci_device speed not set
[   81.738079][ T7140] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.1164: corrupted inode contents
[   81.752565][ T3295] udevd[3295]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   81.764330][ T3695] udevd[3695]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   81.830432][ T7140] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.1164: mark_inode_dirty error
[   81.843885][   T36] usb 1-1: new full-speed USB device number 2 using vhci_hcd
[   81.881729][ T7149] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1166'.
[   81.893523][ T7140] __quota_error: 726 callbacks suppressed
[   81.893613][ T7140] Quota error (device loop0): write_blk: dquota write failed
[   81.907691][ T7140] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[   81.925555][ T7140] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.1164: Failed to acquire dquot type 0
[   81.938667][ T7140] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.1164: corrupted inode contents
[   81.963388][ T7140] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.1164: mark_inode_dirty error
[   81.985331][ T7140] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.1164: corrupted inode contents
[   82.009752][   T29] audit: type=1326 audit(1757982086.390:3624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7158 comm="syz.5.1170" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f73fda6eba9 code=0x0
[   82.010629][ T7140] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.1164: mark_inode_dirty error
[   82.049760][ T7140] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.1164: corrupted inode contents
[   82.074363][ T7140] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[   82.086541][ T7140] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.1164: corrupted inode contents
[   82.105281][ T7166] bridge: RTM_NEWNEIGH with invalid ether address
[   82.114403][ T7140] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.1164: mark_inode_dirty error
[   82.137905][ T7140] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[   82.160583][ T7140] EXT4-fs (loop0): 1 truncate cleaned up
[   82.167334][ T7140] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.181156][ T7140] ext4 filesystem being mounted at /218/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.193850][ T7140] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.242341][ T7141] vhci_hcd: connection reset by peer
[   82.247780][ T7106] vhci_hcd: stop threads
[   82.252160][ T7106] vhci_hcd: release socket
[   82.256637][ T7106] vhci_hcd: disconnect device
[   84.602170][ T3399] usb 9-1: enqueue for inactive port 0
[   84.607679][ T3399] usb 9-1: enqueue for inactive port 0
[   84.627071][ T7106] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.638172][ T7106] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.649173][ T7125] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.660134][ T7125] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.682077][ T3399] vhci_hcd: vhci_device speed not set
[   84.701187][ T7175] netlink: 'syz.5.1177': attribute type 21 has an invalid length.
[   84.707324][ T7180] loop1: detected capacity change from 0 to 1024
[   84.709334][ T7181] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1178'.
[   84.717435][ T7180] EXT4-fs: Ignoring removed orlov option
[   84.725936][ T7175] netlink: 132 bytes leftover after parsing attributes in process `syz.5.1177'.
[   84.739380][ T7175] netlink: 'syz.5.1177': attribute type 1 has an invalid length.
[   84.754057][ T7180] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.011497][ T7200] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1185'.
[   85.025678][ T7202] loop5: detected capacity change from 0 to 512
[   85.035967][ T7200] batadv1: entered promiscuous mode
[   85.041239][ T7200] batadv1: entered allmulticast mode
[   85.072725][ T7202] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.147144][   T29] audit: type=1326 audit(1757982089.500:3625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7206 comm="syz.0.1190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb63ad0eba9 code=0x7ffc0000
[   85.170888][   T29] audit: type=1326 audit(1757982089.510:3626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7206 comm="syz.0.1190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7fb63ad0eba9 code=0x7ffc0000
[   85.194452][   T29] audit: type=1326 audit(1757982089.510:3627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7206 comm="syz.0.1190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb63ad0eba9 code=0x7ffc0000
[   85.295945][ T7212] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1192'.
[   85.307038][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.368738][   T29] audit: type=1326 audit(1757982089.750:3628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7217 comm="syz.1.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   85.410023][   T29] audit: type=1326 audit(1757982089.750:3629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7217 comm="syz.1.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   85.433763][   T29] audit: type=1326 audit(1757982089.760:3630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7217 comm="syz.1.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   85.458109][   T29] audit: type=1326 audit(1757982089.840:3631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7217 comm="syz.1.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5b005eba9 code=0x7ffc0000
[   85.551233][ T7220] tipc: New replicast peer: 255.255.255.255
[   85.557499][ T7220] tipc: Enabled bearer <udp:syz2>, priority 10
[   85.759607][ T7250] loop0: detected capacity change from 0 to 2048
[   85.813199][ T3295]  loop0: p1 < > p4
[   85.819058][ T3295] loop0: p4 size 8388608 extends beyond EOD, truncated
[   85.838810][ T7250]  loop0: p1 < > p4
[   85.886512][ T7250] loop0: p4 size 8388608 extends beyond EOD, truncated
[   85.959398][ T5104] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.005777][ T7264] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1217'.
[   86.022616][ T7239] futex_wake_op: syz.1.1203 tries to shift op by 144; fix this program
[   86.032244][ T3695] udevd[3695]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   86.052425][ T3295] udevd[3295]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[   86.216167][ T7277] veth0_to_team: entered promiscuous mode
[   86.345040][ T7285] Falling back ldisc for ttyS3.
[   86.682050][ T3399] tipc: Node number set to 1371242414
[   86.776575][ T7348] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1241'.
[   86.806139][ T7348] syz_tun: entered promiscuous mode
[   86.825003][ T7348] syz_tun: left promiscuous mode
[   86.871605][ T7349] vhci_hcd: invalid port number 96
[   86.876897][ T7349] vhci_hcd: default hub control req: 0300 vfbfa i0060 l0
[   86.924242][   T36] usb 1-1: enqueue for inactive port 0
[   86.940494][   T36] usb 1-1: enqueue for inactive port 0
[   86.984370][ T7353] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1244'.
[   86.993821][ T7357] openvswitch: netlink: Message has 6 unknown bytes.
[   87.022364][   T36] vhci_hcd: vhci_device speed not set
[   87.044925][ T7361] loop3: detected capacity change from 0 to 512
[   87.077046][ T7364] veth0_to_team: entered promiscuous mode
[   87.094789][ T7361] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.143233][   T29] kauditd_printk_skb: 43 callbacks suppressed
[   87.143249][   T29] audit: type=1400 audit(1757982091.520:3675): avc:  denied  { write } for  pid=7372 comm="syz.1.1252" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   87.161147][ T7361] ext4 filesystem being mounted at /237/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.173160][   T29] audit: type=1400 audit(1757982091.520:3676): avc:  denied  { open } for  pid=7372 comm="syz.1.1252" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   87.237004][   T29] audit: type=1400 audit(1757982091.530:3677): avc:  denied  { ioctl } for  pid=7372 comm="syz.1.1252" path="/dev/sg0" dev="devtmpfs" ino=135 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   87.262606][   T29] audit: type=1400 audit(1757982091.590:3678): avc:  denied  { ioctl } for  pid=7374 comm="syz.0.1253" path="socket:[16695]" dev="sockfs" ino=16695 ioctlcmd=0x48e3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   87.287864][   T29] audit: type=1326 audit(1757982091.620:3679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7376 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91911eba9 code=0x7ffc0000
[   87.311878][   T29] audit: type=1326 audit(1757982091.620:3680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7376 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91911eba9 code=0x7ffc0000
[   87.312960][ T7382] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1256'.
[   87.335515][   T29] audit: type=1326 audit(1757982091.620:3681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7376 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd91911eba9 code=0x7ffc0000
[   87.335590][   T29] audit: type=1326 audit(1757982091.620:3682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7376 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91911eba9 code=0x7ffc0000
[   87.335676][   T29] audit: type=1326 audit(1757982091.620:3683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7376 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd91911eba9 code=0x7ffc0000
[   87.349875][ T7382] syz_tun: entered promiscuous mode
[   87.368065][   T29] audit: type=1326 audit(1757982091.620:3684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7376 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd91911eba9 code=0x7ffc0000
[   87.400445][ T7382] syz_tun: left promiscuous mode
[   87.450095][ T7373] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   87.450095][ T7373]    program syz.1.1252 not setting count and/or reply_len properly
[   87.548717][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.682363][ T7407] netlink: 'syz.3.1267': attribute type 7 has an invalid length.
[   87.690143][ T7407] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1267'.
[   87.818962][ T7400] loop4: detected capacity change from 0 to 8192
[   87.913100][ T7417] openvswitch: netlink: Message has 6 unknown bytes.
[   87.944082][ T7422] netlink: 'syz.3.1272': attribute type 1 has an invalid length.
[   88.060246][ T7425] bond2: entered promiscuous mode
[   88.065449][ T7425] bond2: entered allmulticast mode
[   88.070813][ T7427] loop0: detected capacity change from 0 to 764
[   88.092051][ T7425] 8021q: adding VLAN 0 to HW filter on device bond2
[   88.105101][ T7422] bridge7: entered promiscuous mode
[   88.110494][ T7422] bridge7: entered allmulticast mode
[   88.110614][ T7427] Symlink component flag not implemented
[   88.125019][ T7431] loop5: detected capacity change from 0 to 128
[   88.138133][ T7431] syz.5.1275: attempt to access beyond end of device
[   88.138133][ T7431] loop5: rw=2049, sector=154, nr_sectors = 6 limit=128
[   88.157226][ T7422] bond2: (slave bridge7): Enslaving as a backup interface with an up link
[   88.166659][ T7427] Symlink component flag not implemented (129)
[   88.181159][ T7128] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[   88.201688][ T7431] syz.5.1275: attempt to access beyond end of device
[   88.201688][ T7431] loop5: rw=2049, sector=158, nr_sectors = 2 limit=128
[   88.215438][ T7431] Buffer I/O error on dev loop5, logical block 79, lost async page write
[   88.253783][ T7436] loop1: detected capacity change from 0 to 512
[   88.279671][ T7431] syz.5.1275: attempt to access beyond end of device
[   88.279671][ T7431] loop5: rw=2049, sector=160, nr_sectors = 2 limit=128
[   88.293286][ T7431] Buffer I/O error on dev loop5, logical block 80, lost async page write
[   88.297091][ T7427] rock: directory entry would overflow storage
[   88.304099][ T7431] syz.5.1275: attempt to access beyond end of device
[   88.304099][ T7431] loop5: rw=2049, sector=162, nr_sectors = 6 limit=128
[   88.308187][ T7427] rock: sig=0x4f50, size=4, remaining=3
[   88.322584][ T7431] syz.5.1275: attempt to access beyond end of device
[   88.322584][ T7431] loop5: rw=2049, sector=166, nr_sectors = 2 limit=128
[   88.327197][ T7427] iso9660: Corrupted directory entry in block 6 of inode 1792
[   88.340553][ T7431] Buffer I/O error on dev loop5, logical block 83, lost async page write
[   88.361368][ T7431] syz.5.1275: attempt to access beyond end of device
[   88.361368][ T7431] loop5: rw=2049, sector=168, nr_sectors = 2 limit=128
[   88.374906][ T7431] Buffer I/O error on dev loop5, logical block 84, lost async page write
[   88.383640][ T7125] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[   88.420059][ T7436] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.424755][ T7431] syz.5.1275: attempt to access beyond end of device
[   88.424755][ T7431] loop5: rw=2049, sector=186, nr_sectors = 6 limit=128
[   88.446682][ T7431] syz.5.1275: attempt to access beyond end of device
[   88.446682][ T7431] loop5: rw=2049, sector=190, nr_sectors = 2 limit=128
[   88.460168][ T7431] Buffer I/O error on dev loop5, logical block 95, lost async page write
[   88.468813][ T7431] syz.5.1275: attempt to access beyond end of device
[   88.468813][ T7431] loop5: rw=2049, sector=192, nr_sectors = 2 limit=128
[   88.482425][ T7431] Buffer I/O error on dev loop5, logical block 96, lost async page write
[   88.491192][ T7431] syz.5.1275: attempt to access beyond end of device
[   88.491192][ T7431] loop5: rw=2049, sector=194, nr_sectors = 6 limit=128
[   88.505373][ T7431] Buffer I/O error on dev loop5, logical block 99, lost async page write
[   88.514010][ T7431] Buffer I/O error on dev loop5, logical block 100, lost async page write
[   88.531933][ T7431] Buffer I/O error on dev loop5, logical block 111, lost async page write
[   88.540798][ T7431] Buffer I/O error on dev loop5, logical block 112, lost async page write
[   88.659440][ T7449] netlink: 'syz.0.1284': attribute type 7 has an invalid length.
[   88.667452][ T7449] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1284'.
[   88.775152][ T7453] netlink: 'syz.5.1287': attribute type 10 has an invalid length.
[   88.797309][ T7453] batman_adv: batadv0: Interface deactivated: dummy0
[   88.812840][ T7453] batman_adv: batadv0: Removing interface: dummy0
[   88.829759][ T7453] team0: Port device dummy0 added
[   88.832138][ T7456] netlink: 'syz.5.1287': attribute type 10 has an invalid length.
[   88.876786][ T7456] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   88.893786][ T7456] team0: Failed to send options change via netlink (err -105)
[   88.905605][ T7456] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   88.920035][ T7456] team0: Port device dummy0 removed
[   88.952560][ T7456] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   89.335751][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.468157][ T7482] loop5: detected capacity change from 0 to 8192
[   89.721876][ T7482] ==================================================================
[   89.730114][ T7482] BUG: KCSAN: data-race in fat16_ent_put / fat_mirror_bhs
[   89.737272][ T7482] 
[   89.739614][ T7482] write to 0xffff888121ce14ba of 2 bytes by task 7493 on cpu 1:
[   89.747688][ T7482]  fat16_ent_put+0x28/0x60
[   89.752194][ T7482]  fat_alloc_clusters+0x4ce/0xa80
[   89.757238][ T7482]  fat_get_block+0x258/0x5e0
[   89.761841][ T7482]  __block_write_begin_int+0x3fd/0xf90
[   89.767416][ T7482]  cont_write_begin+0x5fc/0x970
[   89.772291][ T7482]  fat_write_begin+0x4f/0xe0
[   89.776915][ T7482]  generic_perform_write+0x181/0x490
[   89.782255][ T7482]  __generic_file_write_iter+0x9e/0x120
[   89.787826][ T7482]  generic_file_write_iter+0x8d/0x2f0
[   89.793219][ T7482]  do_iter_readv_writev+0x499/0x540
[   89.798432][ T7482]  vfs_writev+0x2df/0x8b0
[   89.802776][ T7482]  __se_sys_pwritev2+0xfc/0x1c0
[   89.807644][ T7482]  __x64_sys_pwritev2+0x67/0x80
[   89.812506][ T7482]  x64_sys_call+0x2c55/0x2ff0
[   89.817193][ T7482]  do_syscall_64+0xd2/0x200
[   89.821799][ T7482]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.827801][ T7482] 
[   89.830130][ T7482] read to 0xffff888121ce1400 of 512 bytes by task 7482 on cpu 0:
[   89.837847][ T7482]  fat_mirror_bhs+0x1df/0x320
[   89.842541][ T7482]  fat_alloc_clusters+0x98b/0xa80
[   89.847578][ T7482]  fat_get_block+0x258/0x5e0
[   89.852264][ T7482]  __block_write_begin_int+0x3fd/0xf90
[   89.857731][ T7482]  cont_write_begin+0x5fc/0x970
[   89.862675][ T7482]  fat_write_begin+0x4f/0xe0
[   89.867272][ T7482]  cont_write_begin+0x1ad/0x970
[   89.872132][ T7482]  fat_write_begin+0x4f/0xe0
[   89.876727][ T7482]  generic_cont_expand_simple+0xb0/0x150
[   89.882454][ T7482]  fat_cont_expand+0x3e/0x170
[   89.887223][ T7482]  fat_setattr+0x2a5/0x8a0
[   89.891640][ T7482]  notify_change+0x809/0x890
[   89.896239][ T7482]  do_ftruncate+0x34b/0x450
[   89.900749][ T7482]  __x64_sys_ftruncate+0x68/0xc0
[   89.905691][ T7482]  x64_sys_call+0x2d52/0x2ff0
[   89.910373][ T7482]  do_syscall_64+0xd2/0x200
[   89.914889][ T7482]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.920784][ T7482] 
[   89.923104][ T7482] Reported by Kernel Concurrency Sanitizer on:
[   89.929256][ T7482] CPU: 0 UID: 0 PID: 7482 Comm: syz.5.1298 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   89.939161][ T7482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   89.949216][ T7482] ==================================================================
[   90.272708][ T7496] loop3: detected capacity change from 0 to 32768
[   98.282049][   T10] page_pool_release_retry() stalled pool shutdown: id 26, 1 inflight 60 sec