last executing test programs:

3.055532666s ago: executing program 4 (id=1179):
socket(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c094, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x3, 0x0, 0x0, 0x1e, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x4008040)

2.939966245s ago: executing program 4 (id=1181):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/tcp6\x00')
preadv(r2, &(0x7f0000000340)=[{&(0x7f0000002140)=""/4096, 0x1000}], 0x1, 0x100013c, 0x20000000)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x200000}, 0x1c)
syz_io_uring_setup(0x88, &(0x7f00000004c0)={0x0, 0x8c04, 0x1, 0x1, 0x5a, 0x0, r2}, &(0x7f0000000080), &(0x7f0000000180))
sendto$inet6(r3, &(0x7f00000001c0)='O', 0x1, 0x80, &(0x7f0000000280)={0xa, 0x0, 0x0, @private2}, 0x1c)
shutdown(r3, 0x1)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c04, &(0x7f0000000340), 0x1, 0x779, &(0x7f0000001900)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTuZ206bmWmSJjPV+XzgZs65907O+c79cc7MPdwbQN8aT//kIg5HxLtJxGhjfhIRQ/XUYMTJjfVura0W0ymJ9fWXf0nq69xcWy1G03tSBxuZ/0fEN29FHMltLre6vDJXKJdLi438ZG3+wmR1eeXo+fnCbGm2tHB8anr62ImnThzfvVh/+37l0LX3Xnj885N/vPm/q+98m8TJONRY1hzHbhmP8cZnMpR+hHd5frcL67Gk1xVgR9JDc2DjKI/DMRoD9RQA8E/2ekSsAwB9JtH+A0CfyX4HuLm2Wsym3v4i0V3Xn4uI/RvxZ9c3N5YMNq7Z7a9fBx25mdx1ZSSJiLFdKH88Ij7+8tVP0yn26DokQCtvXI6Is2Pjm8//yaYxC9v1RIdl+xqv4/fMd/6D7vkq7f883ar/l7vd/4kW/Z/hFsfuTtz3+D+wC4V0kPb/nm0a23arKf6GsYFG7l/1Pt9Qcu58uZSe2/4dERMxNJzmpzqUMXHjzxvtljX3/359/7VP0vLT1ztr5H4aHL77PTOFWuFBYm52/XLEI4Ot4k9ub/+kTf/39BbLePGZtz9qtyyNP403mzbHH43RSXtj/UrEYy23/50RbUnH8YmT9d1hMtspWvjihw9H2pXfvP3TKS0/+y7QDen2H+kc/1jSPF6zuv0yvrsy+nW7ZfePv/X+vy95pZ7O+hGXCrXa4lTEvuSlzfOP3Xlvls/WT+OfeLT18d9p/0+/E57dYvyD137+bOfx7600/pltbf/tJ67emhtoV/7Wtv90PTXRmLOV899WK/ggnx0AAAAAAAAAAAAAAAAAAAAAAAAAbFUuIg5FksvfTudy+fzGM7z/GyO5cqVaO3KusrQwE/VnZY/FUC671eVo0/1Qpxr3w8/yx+7JPxkR/4mID4YPJNl9FGd6HDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZA62ef5/6sfhXtcOANgz+3tdAQCg67T/ANB/tP8A0H+0/wDQf7T/ANB/tP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADssdOnTqXT+u9rq8U0P3NxeWmucvHoTKk6l59fKuaLlcUL+dlKZbZcyhcr8/f7f+VK5cJ0LCxdmqyVqrXJ6vLKmfnK0kLtzPn5wmzpTGmoK1EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPZUl1fmCuVyaVFiB4n1h6MavU8MNHanh6U+XU0kD0c1djnR6ayR687JCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBv4K8AAAD//8yLIwE=")
open(&(0x7f00000005c0)='./bus\x00', 0x167842, 0x19)

2.829010914s ago: executing program 4 (id=1187):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRESDEC=0x0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c094, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000980)={0xa, 0x2, 0x400, @loopback, 0xfffffffd}, 0x71)
setsockopt$inet6_tcp_int(r3, 0x6, 0x2000000000000022, &(0x7f0000000000)=0x1, 0x4)
shutdown(r3, 0x2)
sendto$inet6(r3, &(0x7f0000000740)="e9", 0x1, 0x20008045, &(0x7f00000001c0)={0xa, 0x2, 0x1000, @empty}, 0x1c)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="18020000000000000000000000000015850000001700000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000008850000000700000095"], &(0x7f00000002c0)='GPL\x00', 0x1e, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000b00)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095", @ANYRES8=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6, 0x0, 0x400007}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000c00)=ANY=[@ANYBLOB="58000000100039042abd7000eaffffff000003e4", @ANYRES32=0x0, @ANYBLOB="03000000c31006003800128008000100736974002c00028006000e000010000008000300ac1414bb08000200ac14142d08004b2882f34cac67661400010001003c86610e01ce26e850d7521d3c2128ac0f98f4062bdfe9934af4b4991f73bd67e0692aec0f22827a20dd6625b5927dda67c2fe1f4307502ed5bfa8b40972d0c5a9b383dcb347e3a820bc61851d184770b312fd4f7aba062f5a8ca48d4ad266fab690298b4ffbee076cd827bcae5e1fde7eb67f1df6eede181bad94708b8e3a00821542fa516bd84eef80a08224cf9180084115ccbcfee23997f28e972025d78f3ce7db2b85763d5c1ea151b0f974b5b186a5dd3c52d1e51e746b35198e1f6907c9f25b410876c574148d1d2357286ab8cf47c797b5d146b8437a31e3a309165589ac0829"], 0x58}, 0x1, 0x0, 0x0, 0x8000}, 0x4008040)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080006000000e8fe55a1180015000600142603600e120800110000000401a80016000500", 0x36}, {&(0x7f0000000540)="0e5176a165b9dc815ca7d4c1a144dfd792335270df51c0356dbfadb633f46e07d078557969e7492dbee89248f923a23a3181c78a458079a26bd30f0734289b88506cfc7637761308225f0d51e508fb2cb0d51c9fc3f67ea10de974e1e10b31134a713cd18b63eb66bf9aee60f8903575ba4f30c1e983a2845a0955e052", 0x7d}], 0x2}, 0x200000e4)
r9 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="d800000010008104685fa3aa7143a0f8c81ded0b25000000e8fe09a11800150006001400000000120800030043000040a8002b", 0x33}], 0x1}, 0xc001)
write$cgroup_subtree(r9, &(0x7f0000000000)=ANY=[], 0xfe33)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000003c0)=0x11)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x2)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000340)=@o_path={&(0x7f0000000180)='./file0\x00', 0x0, 0x4008, r7}, 0x18)
sendmsg$netlink(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000100140001"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

2.355879492s ago: executing program 4 (id=1190):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20085, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
ioctl$IMADDTIMER(0xffffffffffffffff, 0x80044940, 0x0)
ioctl$IMADDTIMER(0xffffffffffffffff, 0x80044940, &(0x7f0000000200)=0x32)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000015}, 0x20008000)

2.231871682s ago: executing program 4 (id=1191):
setreuid(0xee01, 0x0)
r0 = getpid()
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x6, 0x40, 0x6, 0x0, 0x4000000000, 0xd4, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x8}, 0x100882, 0x7ff, 0x6, 0x7, 0xb, 0x2, 0x3ff, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r2, 0x0, 0xffffffffffffffff}, 0x18)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000c40)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
setgid(0x0)
r4 = syz_pidfd_open(r0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='io_uring_cqring_wait\x00', r6}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r5}, &(0x7f0000000380), &(0x7f0000000200)=r6}, 0x20)
syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
setns(r4, 0x24020000)

2.225064482s ago: executing program 4 (id=1192):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r2, 0x0, r3, 0x0, 0xf3a, 0x0)
write(r1, &(0x7f0000000240)="94", 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x9, 0xc, &(0x7f0000000300)=ANY=[@ANYRESHEX=0x0], 0x0, 0x20000080, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r4, 0x0, 0xfffffffffffffffd}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
lremovexattr(0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$unix(0x1, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$loop(0x0, 0x7, 0x180862)
io_setup(0x1, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, @perf_config_ext={0x1, 0x6}, 0x2, 0x0, 0x2, 0x5, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x5412, 0xfffffffc, 0x0)
io_submit(0x0, 0x0, 0x0)
r8 = perf_event_open$cgroup(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x22023500, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r8, 0x4008240b, &(0x7f0000000000)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x100000000000000, 0x2}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000500)='kfree\x00', r7}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYRES8=r7], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
clock_getres(0x1, 0x0)
tee(r0, r3, 0x8f1, 0x0)
write$binfmt_script(r3, 0x0, 0xd9)

1.907417077s ago: executing program 0 (id=1193):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r0}, 0x18)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x40900, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000d00), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)={0x34, r3, 0x1, 0x70bd29, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f00000000c0)={@empty, <r4=>0x0}, &(0x7f0000000100)=0x14)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1c, &(0x7f0000000200)={@private1, <r5=>0x0}, &(0x7f00000002c0)=0x14)
sendmsg$ETHTOOL_MSG_WOL_SET(r1, &(0x7f00000004c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000480)={&(0x7f0000000340)={0x54, r3, 0x1, 0x70bd28, 0x25dfdbff, {}, [@ETHTOOL_A_WOL_HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x24000004}, 0x20040090)
syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x79ab, 0x8, 0x8000, 0x400250}, &(0x7f00000003c0)=<r6=>0x0, &(0x7f0000000400))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r7, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
ioctl$int_in(r7, 0x5421, &(0x7f0000000100)=0x9)
connect$inet(r7, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
close(r7)

1.743630731s ago: executing program 3 (id=1195):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000140), &(0x7f0000000040)='%pI4   \x00'}, 0x2a)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file3\x00', 0x1d0)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0/file3\x00', 0x2)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080)={[{@delalloc}, {@errors_remount}]}, 0x81, 0x7d2, &(0x7f00000007c0)="$eJzs3ctrXNcZAPDvjh4jyW6lQqG1V4JCKzAeVa5qt9CFSxelUIOhXdcWo7FwNdIYzchYQmB5Ueim0JYuCsnG6zycRSDbPLbJPxGyCDYmkUWcVZhwr2b0nJElSzMS6PeDq3vOfZ3z6Z577pHuZSaAM2s0/ZGLuBAR/04ihhvLk4joy1K9Edc3tnu5tlJMpyTq9b98lWTbvH9u61hJY36ukflpRHz8j4hLub3lVpeWZ6fK5dJCIz9em7s3Xl1avnx3bmqmNFOavzoxOXnl2q+vXd3aZ/CIsX7z2fL5Z//54y/evd4bP3nyr0+SuB7nG+vW11aKRzz8HqMx2vid9KW/wh3+cNyFnbDkpCvAa0kvzZ6NqzwuxHD0ZKk2jnoBAgCnwsOIqAMAZ0zi/g8AZ0zz/wDrayvF5nSy/5Horue/j4iBjfibzzc31vQ2ntkNZM9Bh9aTHU9GkogYOYbyRyPizQ/+9nY6RYeeQwK0svooIm6PjK6v5Xf1/0na//Uf5di/3G9lPZ/NRnct1v9B93yYjn9+s3f8d3HzhZ6B7Oeu8c9AvsW1+zpeff3nnrbZ9Uh9U1M6/vvdtnfbtsZ/my+tjfQ0cj/Ixnx9yZ275VLat/0wIsaiL5/mJ7JNW78FNfbiuxftyt8+/vv6v39/Ky0/nW9tkXvam4/68LZ9pqdqU8cQeub5o4iLva3iTzbHv0mb8e/NA5bxp9/+841269L403ib0974O6v+OOLnLc//1rlM9n0/cTxrDuPNRtHCe1/8f6hd+VvnP5/N0/Kbfwt0Q3r+h/aPfyTZ/r5m9fBlfPp4+KN267a3/9bxZ+1/h7T99yd/zdLNTuDBVK22MBHRn/x57/IrW/s2883t0/jHftb6+m/X/nONd2Nvb+b21/us/53GoVrGn1ltF39npfFPH+r875OoN/bZterJy9meduUf7PxPZqmxxpKD9H+vqOkRWjMAAAAAAAAAAAAAAAAAAAAAAAAAHF4uIs5HkitspnO5QmHjO7x/HEO5cqVau3Snsjg/Hdl3ZY9EX675UZfD2z4PdaLxefjN/JVd+V9FxI8i4n/5wSxfKFbK0ycdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0nNv5/f8P01mhsLHuy/xJ1w4A6JiBk64AANB17v8AcPYc7v4/2LF6AADdc+i//+tJZyoCAHTNge//tztbDwCgezz/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMNu3riRTvVv11aKaX76/tLibOX+5elSdbYwt1gsFCsL9wozlcpMuVQoVubaHmh1Y1auVO5Nxvzig/FaqVobry4t35qrLM7Xbt2dm5op3Sr1dS0yAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADi46tLy7FS5XFqQ2CcxWBo8DdU4RYneOBXV2JNY/bwva9enpT5HTfTvs01ynGUN7l6yvZcYPKnuCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODU+z4AAP//3zAeLQ==")

1.729082722s ago: executing program 0 (id=1196):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = geteuid()
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000280)={{{@in=@loopback, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in6}, 0x0, @in6=@private2}}, &(0x7f0000000080)=0xe8)
setresuid(r3, r4, r5)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$FS_IOC_FSSETXATTR(r6, 0x401c5820, &(0x7f0000000180)={0xffffff9d, 0xdc, 0x1a7, 0xa, 0x3})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r7)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r8}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x5, 0x0, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xce9d8d60ab13d530, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r9}, &(0x7f0000000540), &(0x7f0000000580)='%pS    \x00'}, 0x20)
r10 = fcntl$dupfd(r2, 0x0, r2)
write$sndseq(r10, &(0x7f0000000040)=[{0x4, 0x7, 0x0, 0x0, @tick=0xf64b, {0x0, 0xb8}, {0x4, 0x6}, @control={0x2, 0x7f, 0x2}}, {0x0, 0x3, 0x0, 0x4, @time={0x83, 0xa77f}, {0x2, 0x4}, {0x0, 0x2}, @control={0x8, 0x4, 0x4c8}}], 0x38)

1.670804176s ago: executing program 0 (id=1197):
r0 = io_uring_setup(0x9f0, &(0x7f0000000400)={0x0, 0x8ebe, 0x400, 0x0, 0x34})
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x7, 0x0, 0x300)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
fcntl$dupfd(r1, 0x0, r1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008", @ANYRES32=r2], 0x0, 0x4, 0x0, 0x0, 0x0, 0x40}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000240), 0x80802, 0x0)
write$cgroup_int(r3, 0x0, 0x2)

1.649571858s ago: executing program 3 (id=1199):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000050000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mkdir(&(0x7f0000000200)='./file0\x00', 0x50)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000300), 0x80, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@access_uid}]}})

1.604138232s ago: executing program 0 (id=1200):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="31830000000000000000190000000c0001800800030001000000"], 0x20}, 0x1, 0x0, 0x0, 0x841}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r3, 0x0, 0xffffffffffffffff}, 0x18)
semctl$GETALL(0x0, 0x0, 0xd, &(0x7f0000000000)=""/49)
prctl$PR_SET_MM(0x4e, 0x3, &(0x7f00002d6000/0x4000)=nil)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x21906, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x130, 0x2e, 0xfffffbff, 0x0, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)

1.517893058s ago: executing program 3 (id=1202):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20085, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
ioctl$IMADDTIMER(0xffffffffffffffff, 0x80044940, 0x0)
ioctl$IMADDTIMER(0xffffffffffffffff, 0x80044940, &(0x7f0000000200)=0x32)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x58}, 0x1, 0x0, 0x0, 0x20000015}, 0x20008000)

1.480252371s ago: executing program 3 (id=1203):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001300)={&(0x7f0000000380)=ANY=[], 0x0, 0x27, 0x0, 0x1, 0x2}, 0x28)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00'}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00"/13], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000300), 0x20100, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

1.467377502s ago: executing program 0 (id=1205):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000a40)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@norecovery}, {@resuid}, {@quota}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
stat(0x0, 0x0)
write(r1, &(0x7f00000009c0)="3bf58d7d45d32c", 0x7)
r2 = perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8, 0x0, @perf_config_ext={0x1, 0xa}, 0x1184c, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'ip_vti0\x00', <r3=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0x0, 0x0, &(0x7f00000000c0)='GPL\x00', 0xb, 0x0, 0x0, 0x41000, 0x23, '\x00', r3, @fallback=0x8, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0xe, 0x7, 0x80000001}, 0x10, 0x0, r0, 0x6, 0x0, &(0x7f00000002c0)=[{0x2, 0x2, 0x4, 0xa}, {0x3, 0x1, 0x3, 0xa}, {0x4, 0x3, 0x6, 0x8}, {0x1, 0x3, 0x2, 0x4}, {0x0, 0x1, 0x8, 0x7}, {0x5, 0x4, 0xa, 0xc}], 0x10, 0xffff34f0}, 0x94)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, &(0x7f0000000040)={0xa0000004})
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7fffeffd)

595.151402ms ago: executing program 3 (id=1217):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='contention_end\x00', r1}, 0x18)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r2, &(0x7f00000011c0)={0xfc, {"a483885aed0d09f91b5e070987f70e06d038e7ff7fc6e5539b0d3e0e8b089b3f073063030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801118c20b8f16bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399ea4727d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a040200b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a64002bebc2407aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef64ab253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bf068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827475e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcb32b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba36b37767b6b45a44957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b94025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b03512629f46366e7205dd8d6f37525c1a0e94210dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9154f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d603994732d6b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21396532713e5b69cf767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285e6a89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeaf1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b627cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e46a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5c92441918145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed608000000a006e39336d07c2b80817a28ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030f81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c00004f5d374755534d7f68f679c4ff516e9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00", 0x1000}}, 0xffbc)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r4}, 0x10)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)

591.195623ms ago: executing program 2 (id=1218):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x10001}, 0x18)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3804402, &(0x7f0000000340), 0xfd, 0x564, &(0x7f0000000b00)="$eJzs3d9rW+UbAPDnpE33+7sOxvgqIoVdOJlL19YfE7yYl6LDgd7P0mZlNFlGk461Dtwu3I03MgQRB8Nr9d7L4T/gXzHQwZBRFPEmctKTmK3JmnXZmprPB872vjkne8+T9zzv3jcnIQEMrYn0j1zECxHxZRJxsG3faGQ7J9aPW3twdS7dkqjXP/o9iSR7rHl8kv29L6v8PyJ+/jzieG5ju9WV1cXZUqm4lNUna+VLk9WV1RMXyrMLxYXixemZmVNvzEy//dabfYv11bN/fvPhnfdOfXF07esf7x26mcTp2J/ta4/jKVxrr0zERPaa5OP0IwdO9aGxQZJs9wmwJSNZnucjHQMOxkiW9cB/32cRUQeGVCL/YUg15wHNtX2f1sE7xv131xdAG+MfXX9vJHY31kZ715KHVkbpene8D+2nbfz0262b6Rb9ex8CYFPXrkfEydHRjeNfko1/W3eyh2MebcP4B8/PnXT+81qn+U+uNf+JDvOffR1ydys2z//cvT4001U6/3un4/y3ddNqfCSrHWjM+fLJ+QulYjq2/S8ijkV+V1p/3P2cU2t36932tc//0i1tvzkXzM7j3uiuh58zP1ubfZqY292/HvFix/lv0ur/pEP/p6/H2R7bOFK89XK3fZvH/2zVv4t4pWP/51vHJI+/PznZuB4mm1fFRn/cOPJLt/a3O/60//eux/9XtiRs9X9mPGm/X1t98jZu7/672G3fVq//seTjRnkse+zKbK22NBUxlnyw8fHpf5/brDePT+M/dvTx41+n639PRHzSY/w3Dv/w0tbjf7bS+Oc7Xv/d+v/JC3ff//Tbzq3f7rH/X4+k7QZzL+Nfryf4VC8eAAAAAAAADJhcROyPJFdolXO5QmH98x2HY2+uVKnWjp+vLF+cj8Z3Zccjn2ve6T7Y9nmIqezzsM369CP1mYg4FBFfjexp1AtzldL8dgcPAAAAAAAAAAAAAAAAAAAAA2Jfl+//p34d2e6zA545P/kNw2vT/O/HLz0BA8n//zC85D8ML/kPw0v+w/CS/zC85D8ML/kPw0v+AwAAAAAAAAAAAAAAAAAAAAAAAAAAQF+dPXMm3eprD67OpfX5yyvLi5XLJ+aL1cVCeXmuMFdZulRYqFQWSsXCXKW82b9XqlQuTU3H8pXJWrFam6yurJ4rV5Yv1s5dKH9/IKKYfy5RAQAAAAAAAAAAAAAAAAAAwM5SXVldnC2ViksKjcKuGIjT2EGF0cE4DYU+FzoMFmPbMEABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQET8EwAA//+ndDnV")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r1, &(0x7f0000000140), 0x0, 0xfecc)

559.986415ms ago: executing program 0 (id=1219):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r2, 0x0, r3, 0x0, 0xf3a, 0x0)
write(r1, &(0x7f0000000240)="94", 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x9, 0xc, &(0x7f0000000300)=ANY=[@ANYRESHEX=0x0], 0x0, 0x20000080, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r4, 0x0, 0xfffffffffffffffd}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
lremovexattr(0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$unix(0x1, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$loop(0x0, 0x7, 0x180862)
io_setup(0x1, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, @perf_config_ext={0x1, 0x6}, 0x2, 0x0, 0x2, 0x5, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x5412, 0xfffffffc, 0x0)
io_submit(0x0, 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x22023500, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000500)='kfree\x00', r7}, 0x18)
r8 = openat$selinux_status(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYRES8=r7], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
clock_getres(0x1, 0x0)
tee(r0, r3, 0x8f1, 0x0)
write$binfmt_script(r3, 0x0, 0xd9)

486.566271ms ago: executing program 1 (id=1221):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x64)
setsockopt$CAN_RAW_JOIN_FILTERS(r0, 0x65, 0x6, &(0x7f0000000000)=0x1, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(0x0, r2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
syz_mount_image$msdos(&(0x7f0000000380), &(0x7f0000000040)='./file0\x00', 0x100c404, &(0x7f0000000800)=ANY=[@ANYBLOB='dots,fmask=00000000000000001000400,uid=', @ANYRESHEX=0x0, @ANYBLOB=',uid=', @ANYRESHEX=0xee00, @ANYRESDEC=r4], 0x1, 0x1f5, &(0x7f0000000600)="$eJzs3cFqE1EUANCbmCYTcdGdIAgjLnRV1C+oSAUxIFSy0J2gK7NqN6mb9jP8Bf/LD5CuspEncSadmKYxBDKj7Tmb3pn7Xt+7M2SSTW5SFL7f/RpZ1or2fuzHpBW70Y6ZswAArpNJSvEjFZreCwBQjzXe/3/WvCUAYMvevnv/+vlgcHCY51nE+dl4OB4Wf4v8y1eDgyf5b7vVrPPxeHjrIv80X/zsMM3vxO0y/6yYn1+kuxEx7Mbjh0V+mnvxZpD/Ob8XH7dcOwAAAAAAAAAAAAAAAAAAAAAANOV+5DNL+/vs7S3m+2W+OJrrD7TQv6cT9zrlYdUeKJ3WURQAAAAAAAAAAAAAAAAAAAD8Z45Pvnz+MBp9OqqCXkTMn+ksGXN10Cr/8VqDmw/asdn0flnmBou2yku03QL7y2/uOkF0/pW7s2mQ17BWf+XlTWkaLH8VzNpiXDm9GxGrV390uOnmJyml0bcHR8cnkVYOrp4RvVqfSAAAAAAAAAAAAAAAAAAAcHPNfev7kqyJDQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAA6rf/58Gl8+sDE4j4k78dfBsrZ3IGq0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA6+tXAAAA//85ziI4")
r5 = accept4$packet(0xffffffffffffffff, &(0x7f0000000180), &(0x7f0000000240)=0x14, 0x100000)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000300)={0x8, &(0x7f0000000280)=[{0x1, 0x83, 0x9, 0xfffffff3}, {0x4, 0x94, 0x2, 0x8}, {0x8000, 0x7, 0x8, 0x8}, {0x7, 0xf, 0x53, 0x2}, {0x1a, 0x14, 0x8, 0x10}, {0xb, 0xfb, 0x0, 0xd}, {0xa, 0x9, 0x1, 0xd0}, {0x2, 0x5, 0x1}]}, 0x10)
utime(&(0x7f0000000080)='./file0\x00', 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000580)={0x28, r3, 0xc4fc9e906872338b, 0x20, 0x2000000, {{0x15}, {@val={0x8}, @val={0xc, 0x99, {0xfffffffc}}}}}, 0x28}}, 0x0)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010029bd7000fcdbdf2a2700000008000300", @ANYRES32=0x0, @ANYBLOB="0e0034006185d0574cdd43fc782d00000600360008000000060036000200000004005f000a00060008021100000000000a0034000101010101010000"], 0x58}, 0x1, 0x0, 0x0, 0x4044085}, 0x40)
r6 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r7=>0x0}, &(0x7f0000cab000)=0xc)
mount$9p_fd(0x0, &(0x7f00000015c0)='./file0\x00', 0x0, 0x0, &(0x7f00000017c0)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid={'dfltgid', 0x3d, r7}}], [{@permit_directio}, {@smackfshat={'smackfshat', 0x3d, '@[]['}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'orlov'}}, {@smackfshat={'smackfshat', 0x3d, 'nomblk_io_submit'}}], 0x6b}})
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r8, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xb}}, 0x8}, 0x1c)
r9 = fcntl$dupfd(r8, 0x0, r8)
stat(&(0x7f0000000cc0)='./file0\x00', &(0x7f0000001c80)={0x0, 0x0, 0x0, 0x0, <r10=>0x0})
getegid()
newfstatat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, <r11=>0x0}, 0x100)
newfstatat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', &(0x7f0000001640)={0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}, 0x800)
setsockopt$EBT_SO_SET_ENTRIES(r9, 0x0, 0x80, &(0x7f0000000500)=@broute={'broute\x00', 0x20, 0x6, 0xa2c, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000002a80], 0x0, &(0x7f0000000180), &(0x7f0000002a80)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff02000000110000000100000068706e6963766630000000000000000000006272696467655f736c6176655f31000064766d7270310000000000000000000067656e65766530000000000000000000ffffffffffffffffffffff00aaaaaaaaaaaa00ffff00ff00e60100002e0200007602000068656c706572000000000000000000000000000000000000000000000000000028000000000000000100000073797a300000000000000000000000000000000000000000000000000000000000000000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004552524f520000000000000000000000000000000000000000000000000000002000000000000000ac7274d3678f2607929519de57d8737e4512bd253c81134356df67ef732300004552524f520000000000000000000000000000000000000000000000000000002000000000000000e5d658ca7403b6a57b79e55bf6e4321c4a481ed19319fee1f938f7549f5a0000110000001400000080f376657468315f766972745f776966690076657468305f766972745f776966690076657468315f766972745f776966690076657468315f746f5f62617461647600aaaaaaaa746c3280ffffffff0180c2000003ffff0000ff00ae0000002e0100005e0100006f776e65720000000000000000000000000000000000000000000000000000001800000000000000", @ANYRES32=r10, @ANYRES32=r11, @ANYRES32, @ANYRES32=r12, @ANYBLOB="06010000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3100000000000000000000000000000000000000000000000104000000ffffff7f00000000434c41535349465900000000000000000000000000000000000000000000000008000000000000005f0000000000000072656469726563740000000000000000000000000000000000000000000000000800000000000000fdffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000002000000fcffffff020000000500000002000000000376657468305f746f5f687372000000006970766c616e3000000000000000000064766d72703000000000000000000000766c616e310000000000000000000000aaaaaaaaaabb00000000000068f57b0d4a2effffffff00ff0601000006010000360100006970000000000000000000000000000000000000000000000000000000000000200000000000000000000000e0000002ffffff0000fffffe090600324e204e204e214e240000000069707673000000000000000000000000000000000000000000000000000000002800000000000000fc0100000000000000000000000000000000000000000000ff000000ff0000004e225e004e24041d415544495400000000000000000000000000000000000000000000000000000008000000000000000100000000000000090000004400000000056e696376663000000000000000000000626f6e64300000000000000000000000627269646765300000000000000000007465616d300000000000000000000000aaaaaaaaaabbffffff000000aaaaaaaaaa1500ffff00ff00ae000000fe000000760100006d61726b5f6d000000000000000000000000000000000000000000000000000018000000000000008b060000000000005a0000000000000000000000000000006c6f67000000000000000000000000000000000000000000000000000000000028000000000000000d6dce1e0aa0775b817cda288d64d094aa5b92caaba647923efa3fce1944ad0002000000000000006e666c6f670000000000000000000000000000000000000000000000000000005000000000000000060000000700000800000000b530b36aafea252d98d42eac7e1133e7b94cc889eae1980490a3568c29500b855f0e4a453c3589ae80d55d6a9c92790eb3bb443804df80f7123d2b4c69b4f7d50000000000000000000000000000000000000000000000000000000000000000000000000000000004000000fcffffff020000001100000065000000000676657468305f6d6163767461700000006e657464657673696d3000000000000076657468315f746f5f626f6e6400000076657468315f746f5f7465616d000000aaaaaaaaaabbffea00ff00ff00000000000000ffff00fffffe0000005e010000d60100006d61726b5f6d0000000000000000000000000000000000000000000000000000180000000000000009000000000000000500000000000000000000000000000068656c706572000000000000000000000000000000000000000000000000000028000000000000000100000073797a3100000000000000000000000000000000000000000000000000000000000000004155444954000000000000000000000000000000000000000000000000000000080000000000000000000000000000004e465155455545000000000000000000000000000000000000000000000000000800000000000000ff0f0000000000006e666c6f670000000000000000000000000000000000000000000000000000005000000000000000030000000002080000000000711ac34a79dddbde46375b12964ba0e444d9ed8af0e2cd7b6c25afc579067a614f20ef0706011d3415cbe0a291ecc2be05d04a5564588b4281df593560446104000000000500000043000000487e6970365f76746930000000000000000070696d367265673000000000000000006c6f0000000000000000000000000000766c616e310000000000000000000000ffffffffffffff00ffffffffaaaaaaaaaa3cffffff00ffffb6000000e60000001601000069700000000000000000000000000000000000000000000000000000000000002000000000000000ac14141c64010101000000ff000000ff07ff3d204e224e244e244e2000000000434c4153534946590000000000000000000000000000000000000000000000000800000000000000090000"]}, 0xa6f)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000400)=@nat={'nat\x00', 0x19, 0x4, 0xdd8, [0x200000000640, 0x0, 0x0, 0x2000000008b6, 0x2000000008e6], 0x0, &(0x7f0000000080), &(0x7f0000000640)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff010000001100000032000000900070696d3672656731000000000000000065727370616e3000000000000000000076657468315f746f5f626f6e6400000076657468315f746f5f626f6e64000000aaaaaaaaaaaa00ff00ffffffbbbbbbbbbbbbffffffffff00de0000001601000046020000766c616e0000000000000000000000000000000000000000000000000000000008000000000000000200040088e505026f776e65720000000000000000000000000000000000000000000000000000001800000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="06000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000ffffffffffff0000ffffffff000000005345434d41524b000000000000000000000000000000000000000000000000000801000000000000010000000900000073797374656d5f753a6f626a6563745f723a6c6f67726f746174655f7661725f6c69625f743a733000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff02000000050000000200000002006970365f7674693000000000000000007663616e300000000000000000000000627269646765300000000000000000006970766c616e31000000000000000000aaaaaaaaaa250000ff000000aaaaaaaaaaaa00ffff00ff0056080000be080000f60800007533320000000000000000000000000000000000000000000000000000000000c0070000000000000500000001000000050000000100000002000000000000000500000003000000d90700000000000009000000010000000b0000000100000009000000000000001ff80000030000000a000000020000005f19286300000000060000000500000001000080ff0000000500000000000000050000004aabffff0c00000000000080060000000400000001000000ff0300004000000004000000ff070000bb0400000800000000000000001000000080020004050000800000000300000001000000000000000700000001000000ffff000001000000d60600000100000000000100030000000100000003000000a90300000300000000800000030000000900000002000000060000000300000004000000050000000700000002000000050000000e00000009000000040000000900000009000000050000000900000005000000070000000300000000000000060000000200000005000000e8000000ffffffff0000000009020000470a0000010000000c00000002000000f20c0000030000000c0000000000000062000000000000007300000001000000090000000300000050000000010000000900000001000000040000000100000008000000ee36d109f77b0200000001000000000000000000e01903000000b30e00000000000708000000ffffff7f0001000002000000400000001b420000010000007f00000003000000040000000500000007000000000000007f00000082000000d200000003090000f7ffffff0300000007000000030000004200000003000000ffffff7f020000000300000000000000b2ad0000010000002b3d00000100000003000000000000000900000000000000820d000003000000001000000000000002000000edd0f27b0200000003000000ff010000090000000c00000009000000d0000000810000000400000000000000ffffff7fffffffff01000000ff01000023310000cd69000020001000020000000300000001000000070400000400000000000000ff0f000003000000050000000300000007000000010000000100000000000000020000000000000006000000010000000300000000000000a90000000000000002000000000000000200000000000000080000000600000001000000070000000080000004000000060000000300000050f600000000004000000000faffffff08000000040000000000000008000000080000000900000004000000030000000700000001000100000800000900000000000000306e0000030000000101000003000000d0d100000200000007000000020000000300000001000000050000000300000001080000030000000800000003000000826a0000000000000500000000000000010000000f0000000800000010000000ffff0000ffffff7fff0e0000fe0f0000060000000000000006000000080000000800000000f8ffff2e0000000b000000090000000500000005000000090000008f00000003000000070a000083b1747b0200000081000000000000000ff4ffff000000009cbf000001000000010000000100000000000100030000000200000002000000050000000200000005000000000000004000000000000000ff0f00000200000000020000ffffff7f0f00000073000000545300000300000081000000ff0f000001000080050000000900000005000000020000000700000004000000080000000200000000000000ff070000f1fffffff8ffffff03000000040000004000000001000000010000800000000006000000010000000000000002000000010000000100000002000000010000000200000003000000080000000200000081000000010000002ba40000020000000600000001000000040000000100000000040000bc0900000600000001000000d88f00000300000092e10000100000000300000008000000040000000900000000000000b4ffffffc1030000080000000c000000f9ffffff268700000700000001070000010000000000000002000000000000000a00000001000000ff01000000000000800000000100000009000000030000000200000003000000090000000000000009000000030000000e00000002000000760000000200000007000000060000000300000003000000050000001000000009000000ffffffff09000000040000000c0400000800000000002000f6ffffff02000000ff0100000100000009000000190a000002000000dcf000004d0000000705000048060000000000000700000003000000a1000000010000000100000001000000050000000100000008000000020000000200000002000000c2e8df6101000000ff030000020000000300000001000000e3b52e7d00000000fe00000002000000050000000900000003000000040000000e000000080000000200000002000000020000000700000000000000f124ff000800000005000000f7ffffff06000000060000000900000005000000030000000a040000ff07000002000000000000000300000007000000010000000000000003000000fdffffff0200000008000000010000001a0d0000020000000200000000000000ffffffff0100000006000000030000000100010002000000b68d77770400000001000000010000000000000007000000070000009d0400007db3000005000000080000007000000006000000040000000500000002000000f8ffffff01000000030000000c00000005000000400200000a0000000301000000000000000000000000000000000000000000000000000000000000000000000800000000000000fbffffff000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa0000fcffffff00000000736e61740000000000000000000000000000000000000000000000000000000010000000000000000180c20000000000100000000000000009000000000000000015626174616476300000000000000000006970766c616e300000000000000000006c6f000000000000000000000000000076657468305f766972745f7769666900aaaaaaaaaabbff00000000ff8d05ecdde724ffffff00ff00fe000000fe00000036010000697076730000000000000000000000000000000000000000000000000000000028000000000000006401010100000000000000000000000000000000ffffffffffffffffff0000004e2008024e2221026f776e65720000000000000000000000000000000000000000000000000000001800", @ANYRES32, @ANYRES32, @ANYRES32=r7, @ANYRES32=r12, @ANYBLOB="01040000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaabb0000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000003000000fcffffff010000000900000020000000001864766d727030000000000000000000007465616d5f736c6176655f300000000076657468305f746f5f7465616d0000007465616d5f736c6176655f3000000000aaaaaaaaaa1e0000ff0000ff000000000000ffffff00ff006e0000006e000000a6000000736e61740000000000000000000000000000000000000000000000000000000010000000000000000180c20000030000ffffffff00000000"]}, 0xe4c)

416.012256ms ago: executing program 2 (id=1222):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80)
r1 = socket$tipc(0x1e, 0x5, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r2}, &(0x7f00000004c0), &(0x7f0000000300)=r3}, 0x20)
socket$packet(0x11, 0x3, 0x300)
bind$tipc(r1, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
r4 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r4, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000884}, 0x4)
mknodat(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file1\x00', 0x81c0, 0x0)
linkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file2\x00', 0x0)

396.590458ms ago: executing program 2 (id=1223):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
r2 = pidfd_getfd(r1, r1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r4, 0x0, 0x5}, 0x18)
setns(r2, 0x66020000)
syz_clone(0x50a60080, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=@delqdisc={0x24, 0x26, 0x1, 0x60bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0xf, 0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x4081}, 0x2400c800)

387.220339ms ago: executing program 1 (id=1224):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000140), &(0x7f0000000040)='%pI4   \x00'}, 0x2a)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file3\x00', 0x1d0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080)={[{@delalloc}, {@errors_remount}]}, 0x81, 0x7d2, &(0x7f00000007c0)="$eJzs3ctrXNcZAPDvjh4jyW6lQqG1V4JCKzAeVa5qt9CFSxelUIOhXdcWo7FwNdIYzchYQmB5Ueim0JYuCsnG6zycRSDbPLbJPxGyCDYmkUWcVZhwr2b0nJElSzMS6PeDq3vOfZ3z6Z577pHuZSaAM2s0/ZGLuBAR/04ihhvLk4joy1K9Edc3tnu5tlJMpyTq9b98lWTbvH9u61hJY36ukflpRHz8j4hLub3lVpeWZ6fK5dJCIz9em7s3Xl1avnx3bmqmNFOavzoxOXnl2q+vXd3aZ/CIsX7z2fL5Z//54y/evd4bP3nyr0+SuB7nG+vW11aKRzz8HqMx2vid9KW/wh3+cNyFnbDkpCvAa0kvzZ6NqzwuxHD0ZKk2jnoBAgCnwsOIqAMAZ0zi/g8AZ0zz/wDrayvF5nSy/5Horue/j4iBjfibzzc31vQ2ntkNZM9Bh9aTHU9GkogYOYbyRyPizQ/+9nY6RYeeQwK0svooIm6PjK6v5Xf1/0na//Uf5di/3G9lPZ/NRnct1v9B93yYjn9+s3f8d3HzhZ6B7Oeu8c9AvsW1+zpeff3nnrbZ9Uh9U1M6/vvdtnfbtsZ/my+tjfQ0cj/Ixnx9yZ275VLat/0wIsaiL5/mJ7JNW78FNfbiuxftyt8+/vv6v39/Ky0/nW9tkXvam4/68LZ9pqdqU8cQeub5o4iLva3iTzbHv0mb8e/NA5bxp9/+841269L403ib0974O6v+OOLnLc//1rlM9n0/cTxrDuPNRtHCe1/8f6hd+VvnP5/N0/Kbfwt0Q3r+h/aPfyTZ/r5m9fBlfPp4+KN267a3/9bxZ+1/h7T99yd/zdLNTuDBVK22MBHRn/x57/IrW/s2883t0/jHftb6+m/X/nONd2Nvb+b21/us/53GoVrGn1ltF39npfFPH+r875OoN/bZterJy9meduUf7PxPZqmxxpKD9H+vqOkRWjMAAAAAAAAAAAAAAAAAAAAAAAAAHF4uIs5HkitspnO5QmHjO7x/HEO5cqVau3Snsjg/Hdl3ZY9EX675UZfD2z4PdaLxefjN/JVd+V9FxI8i4n/5wSxfKFbK0ycdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0nNv5/f8P01mhsLHuy/xJ1w4A6JiBk64AANB17v8AcPYc7v4/2LF6AADdc+i//+tJZyoCAHTNge//tztbDwCgezz/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMNu3riRTvVv11aKaX76/tLibOX+5elSdbYwt1gsFCsL9wozlcpMuVQoVubaHmh1Y1auVO5Nxvzig/FaqVobry4t35qrLM7Xbt2dm5op3Sr1dS0yAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADi46tLy7FS5XFqQ2CcxWBo8DdU4RYneOBXV2JNY/bwva9enpT5HTfTvs01ynGUN7l6yvZcYPKnuCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODU+z4AAP//3zAeLQ==")

302.795496ms ago: executing program 1 (id=1225):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000007010000006800cdaea79c", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f00000002c0), 0x0}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r6=>0x0})
lsetxattr$security_selinux(&(0x7f0000000740)='./file0\x00', &(0x7f0000000780), &(0x7f00000007c0)='system_u:object_r:removable_device_t:s0\x00', 0x28, 0x1)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_SET_MESH(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000040000020f00000005002e000100000005002f000000000008000300", @ANYRES32=r6], 0x2c}, 0x1, 0x0, 0x0, 0x4000040}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = inotify_init()
sendfile(r1, r8, &(0x7f0000000000)=0x101, 0x1f)
syz_io_uring_setup(0x2832, &(0x7f0000000200)={0x0, 0x8b01, 0x10000, 0x4, 0x1a}, &(0x7f00000001c0)=<r9=>0x0, &(0x7f0000000580))
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[@ANYBLOB="180000006a004d"], 0x18}}, 0x20004000)
sendmmsg(r10, &(0x7f00000002c0), 0x40000000000009f, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000020d0039000000000000b4a518110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00'}, 0x10)
r11 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000ff41fd01020400000a00120002002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000080)={0xa, 0x4e20, 0x0, @remote, 0x7fffffff}, 0x1c, &(0x7f0000000680)=[{&(0x7f0000000200)="3e73e8d526d86fd26ef16b33990f702790fd63e255717a8999466868d90a8260a39095706eb5c3f0db85fcf8420cb00a24b1a7b8185b78d700876be8cf9404a8401b180e75ec88fbd1bece73402e80d4aba59b402f8b89dd5aabbd5fd7a28397de299748d961d98ad7", 0x69}, {&(0x7f0000000340)="1536d4d4407096c2eacad5f831f946ecf191113b37067316a65aba17f2bb37a2a86fc2cadb9e9b3ee9f330f9b7ed03e570ae2f09a5c71019f61b3634220bd54a962ba93274f8b3a77244899157cf0d70c14f565a4746", 0x56}, {&(0x7f00000003c0)="3928e2624bca6d3665236c091bbc6ef066af938c2ea29a7ba23406c60db8b0ae9ef12e88a86c62d1b4d34e33cb", 0x2d}, {&(0x7f00000004c0)="ec0c7da682e09c6107384ebc64245b07f199891e46b5fab3615136a4e6511a03fa867cee4df679a6c9b9e8f696d449bd1f590b2fa62ba790cf4e5701d7dd79e94b83670c5e74262945235e2201e010605f5a009eabf40e2ef00815ddda93ea3619ce30d68fa468761b7711271055aa32f0df03720e33244122948a82316886e44b524b2ac6e34fa56f7776da4fc6061b9ccaeb7e3c5f477d33cc37ed32df1a1f", 0xa0}, {&(0x7f0000000580)="d5cae2b33efb3820aece63120484156874cf622acf15bd12d13efc9c6722f266f481ff944c83fa65c6705fa6cc2a8f63f9fbb5868bc0dea8f59a41d13526ad6745a835787118c1c5136da96a32b2b8c191fbc5eb77cd3f8f6c7df1b315bb99224d09e426905a80737472afd8a7119ebec89633707f1293ebff38098f4b3076a02157fc077929a800f8d65efb8f42d4acb334057f888b17788954798a7c76bbf51552ebf2add36d6a506cd9cceed2be596efc3f20d37a2c270c8415e3845ca95bcd965b1001bf5a4789c5b0b9c2a6ec3c2241c33e77e643080e8bf3aa1cac7a7949db770c2fc483381b18a1d73ba8", 0xee}], 0x5, &(0x7f0000000400)=ANY=[@ANYBLOB="140000000000000029000000430000000000000000000004140000000000000029000000430000003f0b000000000000"], 0x30}, 0x40000)

294.725126ms ago: executing program 2 (id=1226):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/tcp6\x00')
preadv(r2, &(0x7f0000000340)=[{&(0x7f0000002140)=""/4096, 0x1000}], 0x1, 0x100013c, 0x20000000)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x200000}, 0x1c)
syz_io_uring_setup(0x88, &(0x7f00000004c0)={0x0, 0x8c04, 0x1, 0x1, 0x5a, 0x0, r2}, &(0x7f0000000080), &(0x7f0000000180))
sendto$inet6(r3, &(0x7f00000001c0)='O', 0x1, 0x80, &(0x7f0000000280)={0xa, 0x0, 0x0, @private2}, 0x1c)
shutdown(r3, 0x1)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c04, &(0x7f0000000340), 0x1, 0x779, &(0x7f0000001900)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTuZ206bmWmSJjPV+XzgZs65907O+c79cc7MPdwbQN8aT//kIg5HxLtJxGhjfhIRQ/XUYMTJjfVura0W0ymJ9fWXf0nq69xcWy1G03tSBxuZ/0fEN29FHMltLre6vDJXKJdLi438ZG3+wmR1eeXo+fnCbGm2tHB8anr62ImnThzfvVh/+37l0LX3Xnj885N/vPm/q+98m8TJONRY1hzHbhmP8cZnMpR+hHd5frcL67Gk1xVgR9JDc2DjKI/DMRoD9RQA8E/2ekSsAwB9JtH+A0CfyX4HuLm2Wsym3v4i0V3Xn4uI/RvxZ9c3N5YMNq7Z7a9fBx25mdx1ZSSJiLFdKH88Ij7+8tVP0yn26DokQCtvXI6Is2Pjm8//yaYxC9v1RIdl+xqv4/fMd/6D7vkq7f883ar/l7vd/4kW/Z/hFsfuTtz3+D+wC4V0kPb/nm0a23arKf6GsYFG7l/1Pt9Qcu58uZSe2/4dERMxNJzmpzqUMXHjzxvtljX3/359/7VP0vLT1ztr5H4aHL77PTOFWuFBYm52/XLEI4Ot4k9ub/+kTf/39BbLePGZtz9qtyyNP403mzbHH43RSXtj/UrEYy23/50RbUnH8YmT9d1hMtspWvjihw9H2pXfvP3TKS0/+y7QDen2H+kc/1jSPF6zuv0yvrsy+nW7ZfePv/X+vy95pZ7O+hGXCrXa4lTEvuSlzfOP3Xlvls/WT+OfeLT18d9p/0+/E57dYvyD137+bOfx7600/pltbf/tJ67emhtoV/7Wtv90PTXRmLOV899WK/ggnx0AAAAAAAAAAAAAAAAAAAAAAAAAbFUuIg5FksvfTudy+fzGM7z/GyO5cqVaO3KusrQwE/VnZY/FUC671eVo0/1Qpxr3w8/yx+7JPxkR/4mID4YPJNl9FGd6HDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZA62ef5/6sfhXtcOANgz+3tdAQCg67T/ANB/tP8A0H+0/wDQf7T/ANB/tP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADssdOnTqXT+u9rq8U0P3NxeWmucvHoTKk6l59fKuaLlcUL+dlKZbZcyhcr8/f7f+VK5cJ0LCxdmqyVqrXJ6vLKmfnK0kLtzPn5wmzpTGmoK1EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPZUl1fmCuVyaVFiB4n1h6MavU8MNHanh6U+XU0kD0c1djnR6ayR687JCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBv4K8AAAD//8yLIwE=")
open(&(0x7f00000005c0)='./bus\x00', 0x167842, 0x19)

254.873589ms ago: executing program 3 (id=1227):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001300)={&(0x7f0000000380)=ANY=[], 0x0, 0x27, 0x0, 0x1, 0x2}, 0x28)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00'}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00"/13], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000300), 0x20100, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

252.490129ms ago: executing program 1 (id=1228):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000080000000a90000000030a0300000000000000000002e000000c00020000000000000000010900010073797a30"], 0xb8}}, 0x0)

195.667184ms ago: executing program 1 (id=1229):
r0 = io_uring_setup(0x9f0, &(0x7f0000000400)={0x0, 0x8ebe, 0x400, 0x0, 0x34})
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x7, 0x0, 0x300)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
fcntl$dupfd(r1, 0x0, r1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008", @ANYRES32=r2], 0x0, 0x4, 0x0, 0x0, 0x0, 0x40}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r3 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000240), 0x80802, 0x0)
write$cgroup_int(r3, 0x0, 0x2)

155.458937ms ago: executing program 1 (id=1230):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000a40)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@norecovery}, {@resuid}, {@quota}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
stat(0x0, 0x0)
write(r1, &(0x7f00000009c0)="3bf58d7d45d32c", 0x7)
r2 = perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8, 0x0, @perf_config_ext={0x1, 0xa}, 0x1184c, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'ip_vti0\x00', <r3=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0x0, 0x0, &(0x7f00000000c0)='GPL\x00', 0xb, 0x0, 0x0, 0x41000, 0x23, '\x00', r3, @fallback=0x8, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0xe, 0x7, 0x80000001}, 0x10, 0x0, r0, 0x6, 0x0, &(0x7f00000002c0)=[{0x2, 0x2, 0x4, 0xa}, {0x3, 0x1, 0x3, 0xa}, {0x4, 0x3, 0x6, 0x8}, {0x1, 0x3, 0x2, 0x4}, {0x0, 0x1, 0x8, 0x7}, {0x5, 0x4, 0xa, 0xc}], 0x10, 0xffff34f0}, 0x94)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, &(0x7f0000000040)={0xa0000004})
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7fffeffd)

153.410768ms ago: executing program 2 (id=1231):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = geteuid()
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000280)={{{@in=@loopback, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in6}, 0x0, @in6=@private2}}, &(0x7f0000000080)=0xe8)
setresuid(r3, r4, r5)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$FS_IOC_FSSETXATTR(r6, 0x401c5820, &(0x7f0000000180)={0xffffff9d, 0xdc, 0x1a7, 0xa, 0x3})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r7)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r8}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x5, 0x0, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xce9d8d60ab13d530, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
r11 = fcntl$dupfd(r2, 0x0, r2)
write$sndseq(r11, &(0x7f0000000040)=[{0x4, 0x7, 0x0, 0x0, @tick=0xf64b, {0x0, 0xb8}, {0x4, 0x6}, @control={0x2, 0x7f, 0x2}}, {0x0, 0x3, 0x0, 0x4, @time={0x83, 0xa77f}, {0x2, 0x4}, {0x0, 0x2}, @control={0x8, 0x4, 0x4c8}}], 0x38)

0s ago: executing program 2 (id=1232):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
r2 = pidfd_getfd(r1, r1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r4, 0x0, 0x5}, 0x18)
setns(r2, 0x66020000)
syz_clone(0x50a60080, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=@delqdisc={0x24, 0x26, 0x1, 0x60bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0xf, 0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x4081}, 0x2400c800)

kernel console output (not intermixed with test programs):

 T6112] EXT4-fs (loop1): can't get journal size
[   97.135231][ T6114] vlan2: entered allmulticast mode
[   97.146584][ T6112] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   97.157058][ T6112] EXT4-fs error (device loop1): ext4_protect_reserved_inode:160: inode #32: comm syz.1.697: iget: special inode unallocated
[   97.175722][ T6112] EXT4-fs (loop1): failed to initialize system zone (-117)
[   97.193272][ T6112] EXT4-fs (loop1): mount failed
[   97.264818][ T6112] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   97.370683][ T6120] loop2: detected capacity change from 0 to 512
[   97.388398][ T6131] loop4: detected capacity change from 0 to 128
[   97.405684][ T6120] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   97.420640][ T6124] loop3: detected capacity change from 0 to 512
[   97.423958][ T6120] EXT4-fs (loop2): orphan cleanup on readonly fs
[   97.455861][ T6120] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.700: corrupted inode contents
[   97.469744][ T6135] loop1: detected capacity change from 0 to 1024
[   97.472326][ T6120] EXT4-fs (loop2): Remounting filesystem read-only
[   97.477250][ T6122] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   97.482729][ T6120] EXT4-fs (loop2): 1 truncate cleaned up
[   97.490501][ T6122] FAT-fs (loop4): Filesystem has been set read-only
[   97.498089][   T31] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   97.513545][   T31] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   97.524274][   T31] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   97.524738][ T6124] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   97.536045][ T6122] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   97.550352][ T6122] syz.4.701: attempt to access beyond end of device
[   97.550352][ T6122] loop4: rw=2049, sector=2065, nr_sectors = 8 limit=128
[   97.564356][ T6124] EXT4-fs (loop3): orphan cleanup on readonly fs
[   97.583210][ T6124] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.702: corrupted inode contents
[   97.603591][ T6124] EXT4-fs (loop3): Remounting filesystem read-only
[   97.610873][ T6124] EXT4-fs (loop3): 1 truncate cleaned up
[   97.612583][ T6141] loop0: detected capacity change from 0 to 512
[   97.617963][ T6135] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.705: Allocating blocks 449-513 which overlap fs metadata
[   97.636658][   T31] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   97.647206][   T31] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   97.662172][   T31] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   97.682666][ T6141] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.684630][ T6134] EXT4-fs (loop1): pa ffff8881072cca10: logic 48, phys. 177, len 21
[   97.701318][ T6134] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[   97.747607][ T6145] loop4: detected capacity change from 0 to 2048
[   97.799371][ T6151] netlink: 8 bytes leftover after parsing attributes in process `syz.1.708'.
[   97.850611][ T6151] netlink: 'syz.1.708': attribute type 1 has an invalid length.
[   97.859660][ T6151] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   97.877955][ T6151] can0: slcan on ttyS3.
[   97.949087][ T6151] can0 (unregistered): slcan off ttyS3.
[   97.957394][ T6157] can0: slcan on ttyS3.
[   97.965111][ T6151] netlink: 'syz.1.708': attribute type 1 has an invalid length.
[   97.972924][ T6151] netlink: 224 bytes leftover after parsing attributes in process `syz.1.708'.
[   98.019191][ T6150] can0 (unregistered): slcan off ttyS3.
[   98.108360][ T6163] loop2: detected capacity change from 0 to 512
[   98.132240][ T6163] EXT4-fs mount: 231 callbacks suppressed
[   98.132259][ T6163] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   98.166172][ T6163] ext4 filesystem being mounted at /140/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.199801][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   98.240486][ T6173] netlink: 56 bytes leftover after parsing attributes in process `syz.2.717'.
[   98.256354][ T6176] netlink: 24 bytes leftover after parsing attributes in process `syz.1.718'.
[   98.267571][ T6176] netlink: 12 bytes leftover after parsing attributes in process `syz.1.718'.
[   98.283039][ T6176] netlink: 152 bytes leftover after parsing attributes in process `syz.1.718'.
[   98.325725][ T6180] loop2: detected capacity change from 0 to 512
[   98.342731][ T6180] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   98.355883][ T6180] ext4 filesystem being mounted at /142/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.363563][ T6178] vlan2: entered promiscuous mode
[   98.371574][ T6178] vlan2: entered allmulticast mode
[   98.376735][ T6178] hsr_slave_1: entered allmulticast mode
[   98.403377][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   98.430801][ T6185] loop2: detected capacity change from 0 to 512
[   98.441223][ T6185] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   98.461411][ T6185] EXT4-fs (loop2): 1 truncate cleaned up
[   98.468646][ T6185] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.598069][ T6191] loop1: detected capacity change from 0 to 512
[   98.626405][ T6191] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   98.655299][ T6191] ext4 filesystem being mounted at /139/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.700511][ T6197] loop0: detected capacity change from 0 to 512
[   98.708785][ T6197] ext4: Unknown parameter 'uid<18446744073709551615'
[   98.718600][ T6197] capability: warning: `syz.0.725' uses 32-bit capabilities (legacy support in use)
[   98.734530][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   98.754256][ T6199] loop4: detected capacity change from 0 to 1024
[   98.779004][ T6199] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.831031][ T6205] loop0: detected capacity change from 0 to 512
[   98.855014][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.867431][ T6205] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   98.882242][ T6205] ext4 filesystem being mounted at /136/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.913314][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   99.138605][ T6226] loop1: detected capacity change from 0 to 512
[   99.149110][ T6226] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   99.153801][ T6226] EXT4-fs (loop1): 1 truncate cleaned up
[   99.154301][ T6226] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.353354][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.380455][ T6232] loop2: detected capacity change from 0 to 128
[  100.012385][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.175672][ T6244] loop1: detected capacity change from 0 to 512
[  100.202698][ T6244] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.240985][ T6244] ext4 filesystem being mounted at /144/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.266039][ T6244] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  100.357897][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.386097][ T6248] loop2: detected capacity change from 0 to 2048
[  100.431652][ T6248] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.457570][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.727898][ T6268] loop1: detected capacity change from 0 to 512
[  100.737423][ T6268] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  100.820591][ T6268] EXT4-fs (loop1): 1 truncate cleaned up
[  100.828100][ T6268] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.241635][ T6275] loop3: detected capacity change from 0 to 2048
[  101.261429][ T6275] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.291484][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.314790][ T6279] loop3: detected capacity change from 0 to 512
[  101.322527][ T6279] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  101.338482][ T6279] EXT4-fs (loop3): 1 truncate cleaned up
[  101.349293][ T6279] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.458028][ T6283] loop0: detected capacity change from 0 to 1024
[  101.485731][ T6283] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.530178][ T6283] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.751: Allocating blocks 449-513 which overlap fs metadata
[  101.568397][ T6282] EXT4-fs (loop0): pa ffff8881072cca80: logic 48, phys. 177, len 21
[  101.576584][ T6282] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  101.599894][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.613115][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.643798][ T6288] loop0: detected capacity change from 0 to 512
[  101.664950][ T6290] __nla_validate_parse: 4 callbacks suppressed
[  101.664965][ T6290] netlink: 8 bytes leftover after parsing attributes in process `syz.1.753'.
[  101.684897][ T6288] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  101.702035][ T6288] ext4 filesystem being mounted at /144/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  101.715986][   T29] kauditd_printk_skb: 1130 callbacks suppressed
[  101.716014][   T29] audit: type=1326 audit(1756466902.268:6573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6287 comm="syz.0.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14d7eebe9 code=0x7ffc0000
[  101.738075][ T6293] netlink: 164 bytes leftover after parsing attributes in process `syz.1.753'.
[  101.745705][   T29] audit: type=1326 audit(1756466902.268:6574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6287 comm="syz.0.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14d7eebe9 code=0x7ffc0000
[  101.745734][   T29] audit: type=1326 audit(1756466902.268:6575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6287 comm="syz.0.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7fb14d7eebe9 code=0x7ffc0000
[  101.759139][ T6293] can0: slcan on ttyS3.
[  101.778221][   T29] audit: type=1326 audit(1756466902.268:6576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6287 comm="syz.0.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14d7eebe9 code=0x7ffc0000
[  101.828961][   T29] audit: type=1326 audit(1756466902.268:6577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6287 comm="syz.0.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb14d7eebe9 code=0x7ffc0000
[  101.852624][   T29] audit: type=1326 audit(1756466902.268:6578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6287 comm="syz.0.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14d7eebe9 code=0x7ffc0000
[  101.853230][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  101.875950][   T29] audit: type=1326 audit(1756466902.268:6579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6287 comm="syz.0.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14d7eebe9 code=0x7ffc0000
[  101.908170][   T29] audit: type=1326 audit(1756466902.268:6580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6287 comm="syz.0.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb14d7eebe9 code=0x7ffc0000
[  101.931642][   T29] audit: type=1326 audit(1756466902.268:6581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6287 comm="syz.0.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14d7eebe9 code=0x7ffc0000
[  101.955030][   T29] audit: type=1326 audit(1756466902.268:6582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6287 comm="syz.0.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb14d7eebe9 code=0x7ffc0000
[  101.996724][ T6295] loop4: detected capacity change from 0 to 512
[  102.010725][ T6295] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  102.018790][ T6295] EXT4-fs (loop4): orphan cleanup on readonly fs
[  102.029543][ T6293] can0 (unregistered): slcan off ttyS3.
[  102.034057][ T6299] netlink: 'syz.1.753': attribute type 1 has an invalid length.
[  102.038408][ T6290] can0: slcan on ttyS3.
[  102.042800][ T6299] netlink: 224 bytes leftover after parsing attributes in process `syz.1.753'.
[  102.063558][ T6295] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.755: corrupted inode contents
[  102.102423][ T6295] EXT4-fs (loop4): Remounting filesystem read-only
[  102.109434][ T6295] EXT4-fs (loop4): 1 truncate cleaned up
[  102.115264][   T37] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  102.125815][   T37] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  102.137167][   T37] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  102.172250][ T6295] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  102.188991][ T6289] can0 (unregistered): slcan off ttyS3.
[  102.191342][ T6295] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.304460][ T6307] capability: warning: `syz.4.758' uses deprecated v2 capabilities in a way that may be insecure
[  102.347919][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.364049][ T6315] netlink: 34 bytes leftover after parsing attributes in process `syz.4.760'.
[  102.378297][ T6317] netlink: 34 bytes leftover after parsing attributes in process `syz.0.762'.
[  102.408721][ T6321] FAULT_INJECTION: forcing a failure.
[  102.408721][ T6321] name failslab, interval 1, probability 0, space 0, times 0
[  102.421392][ T6321] CPU: 0 UID: 0 PID: 6321 Comm: syz.4.763 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  102.421431][ T6321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  102.421445][ T6321] Call Trace:
[  102.421452][ T6321]  <TASK>
[  102.421460][ T6321]  __dump_stack+0x1d/0x30
[  102.421484][ T6321]  dump_stack_lvl+0xe8/0x140
[  102.421501][ T6321]  dump_stack+0x15/0x1b
[  102.421518][ T6321]  should_fail_ex+0x265/0x280
[  102.421537][ T6321]  should_failslab+0x8c/0xb0
[  102.421565][ T6321]  kmem_cache_alloc_noprof+0x50/0x310
[  102.421620][ T6321]  ? create_new_namespaces+0x3c/0x3d0
[  102.421683][ T6321]  ? __rcu_read_unlock+0x4f/0x70
[  102.421707][ T6321]  create_new_namespaces+0x3c/0x3d0
[  102.421776][ T6321]  __se_sys_setns+0x1b8/0xf20
[  102.421815][ T6321]  __x64_sys_setns+0x31/0x40
[  102.421843][ T6321]  x64_sys_call+0x2b16/0x2ff0
[  102.421920][ T6321]  do_syscall_64+0xd2/0x200
[  102.421944][ T6321]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  102.421965][ T6321]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  102.422008][ T6321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.422026][ T6321] RIP: 0033:0x7fc263bdebe9
[  102.422039][ T6321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.422058][ T6321] RSP: 002b:00007fc26263f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000134
[  102.422129][ T6321] RAX: ffffffffffffffda RBX: 00007fc263e05fa0 RCX: 00007fc263bdebe9
[  102.422140][ T6321] RDX: 0000000000000000 RSI: 0000000024020000 RDI: 0000000000000005
[  102.422151][ T6321] RBP: 00007fc26263f090 R08: 0000000000000000 R09: 0000000000000000
[  102.422161][ T6321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.422173][ T6321] R13: 00007fc263e06038 R14: 00007fc263e05fa0 R15: 00007ffe40dbff08
[  102.422194][ T6321]  </TASK>
[  102.675950][ T6320] loop3: detected capacity change from 0 to 2048
[  102.726273][ T6320] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.736430][ T6336] netlink: 8 bytes leftover after parsing attributes in process `syz.0.769'.
[  102.755583][ T6332] loop4: detected capacity change from 0 to 2048
[  102.766288][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.777234][ T6332] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.791143][ T6339] netlink: 164 bytes leftover after parsing attributes in process `syz.0.769'.
[  102.806091][ T6339] can0: slcan on ttyS3.
[  102.864399][ T6341] loop3: detected capacity change from 0 to 2048
[  102.870799][ T6339] can0 (unregistered): slcan off ttyS3.
[  102.885718][ T6336] can0: slcan on ttyS3.
[  102.894947][ T6336] netlink: 'syz.0.769': attribute type 1 has an invalid length.
[  102.895589][ T6341] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.902612][ T6336] netlink: 224 bytes leftover after parsing attributes in process `syz.0.769'.
[  102.949073][ T6334] can0 (unregistered): slcan off ttyS3.
[  102.993827][ T6345] loop0: detected capacity change from 0 to 1024
[  103.036055][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.046896][ T6345] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.106135][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.118490][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.143757][ T6351] loop3: detected capacity change from 0 to 512
[  103.162597][ T6351] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  103.183899][ T6354] loop0: detected capacity change from 0 to 1024
[  103.183963][ T6351] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.215779][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  103.230350][ T6354] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.294223][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.328975][ T6366] loop4: detected capacity change from 0 to 1024
[  103.350704][ T6366] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.392436][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.408460][ T6375] netlink: 100 bytes leftover after parsing attributes in process `syz.0.781'.
[  103.445084][ T6379] netlink: 'syz.4.783': attribute type 39 has an invalid length.
[  103.453691][ T6370] loop3: detected capacity change from 0 to 512
[  103.469991][ T6370] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  103.478060][ T6370] EXT4-fs (loop3): orphan cleanup on readonly fs
[  103.485888][ T6370] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.780: corrupted inode contents
[  103.497837][ T6370] EXT4-fs (loop3): Remounting filesystem read-only
[  103.504724][ T6370] EXT4-fs (loop3): 1 truncate cleaned up
[  103.518957][   T37] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  103.529535][   T37] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  103.541631][   T37] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  103.552581][ T6370] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  103.565652][ T6387] loop0: detected capacity change from 0 to 512
[  103.565764][ T6370] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.611595][ T6387] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  103.624540][ T6387] ext4 filesystem being mounted at /156/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.649167][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  104.185671][ T6402] loop4: detected capacity change from 0 to 128
[  104.278654][ T6405] loop3: detected capacity change from 0 to 1024
[  104.312218][ T6405] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.342405][ T6405] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.790: Allocating blocks 449-513 which overlap fs metadata
[  104.359667][ T6404] EXT4-fs (loop3): pa ffff88810556ebd0: logic 48, phys. 177, len 21
[  104.367685][ T6404] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  104.390358][ T6411] loop4: detected capacity change from 0 to 2048
[  104.391404][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.524861][ T6418] loop2: detected capacity change from 0 to 1024
[  104.536389][ T6418] ext3: Unknown parameter 'subj_role'
[  104.569697][ T6418] loop2: detected capacity change from 0 to 2048
[  104.578748][ T6411] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.782462][ T6424] loop0: detected capacity change from 0 to 512
[  104.913759][ T6424] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  104.946413][ T6424] EXT4-fs (loop0): orphan cleanup on readonly fs
[  104.993521][ T6418]  loop2: p1 < > p4
[  104.998307][ T6418] loop2: p4 size 8388608 extends beyond EOD, truncated
[  105.010840][ T6424] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.795: corrupted inode contents
[  105.033595][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.041595][ T6424] EXT4-fs (loop0): Remounting filesystem read-only
[  105.049807][ T6424] EXT4-fs (loop0): 1 truncate cleaned up
[  105.056580][   T12] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  105.067198][   T12] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  105.122787][   T12] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  105.139185][ T6424] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  105.170101][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.246967][ T6439] loop0: detected capacity change from 0 to 1024
[  105.293240][ T6439] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.333963][ T6449] loop4: detected capacity change from 0 to 256
[  105.344931][ T6453] loop1: detected capacity change from 0 to 128
[  105.352768][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.371386][ T6449] msdos: Bad value for 'uid'
[  105.373418][ T6455] loop1: detected capacity change from 0 to 512
[  105.376003][ T6449] msdos: Bad value for 'uid'
[  105.386973][ T6455] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  105.393057][ T6449] 9pnet_fd: Insufficient options for proto=fd
[  105.411842][ T6455] EXT4-fs (loop1): 1 truncate cleaned up
[  105.424100][ T6461] loop0: detected capacity change from 0 to 512
[  105.424927][ T6455] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.446226][ T6463] netlink: 100 bytes leftover after parsing attributes in process `syz.4.809'.
[  105.470377][ T6461] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  105.483341][ T6461] ext4 filesystem being mounted at /161/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.500801][ T6451] loop3: detected capacity change from 0 to 512
[  105.513031][ T6451] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  105.523973][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  105.533139][ T6451] EXT4-fs (loop3): orphan cleanup on readonly fs
[  105.548467][ T6451] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.804: corrupted inode contents
[  105.548720][ T6451] EXT4-fs (loop3): Remounting filesystem read-only
[  105.548826][ T6451] EXT4-fs (loop3): 1 truncate cleaned up
[  105.549216][   T51] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  105.549300][   T51] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  105.549349][   T51] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  105.550176][ T6451] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  105.550741][ T6451] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.610337][ T6475] loop4: detected capacity change from 0 to 128
[  105.640770][ T6473] loop0: detected capacity change from 0 to 512
[  105.648369][ T6473] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  105.682055][ T6473] EXT4-fs (loop0): 1 truncate cleaned up
[  105.696999][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.706371][ T6473] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.740163][ T6487] loop3: detected capacity change from 0 to 1024
[  105.762248][ T6487] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.828756][ T6497] loop1: detected capacity change from 0 to 256
[  105.835539][ T6497] msdos: Bad value for 'uid'
[  105.840236][ T6497] msdos: Bad value for 'uid'
[  105.855646][ T6497] 9pnet_fd: Insufficient options for proto=fd
[  105.903746][ T6500] loop1: detected capacity change from 0 to 512
[  105.924674][ T6500] ext4 filesystem being mounted at /156/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.166526][ T6514] loop3: detected capacity change from 0 to 128
[  106.226956][ T6516] loop3: detected capacity change from 0 to 1024
[  106.314981][ T6519] loop1: detected capacity change from 0 to 128
[  106.325351][ T6516] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.825: Allocating blocks 449-513 which overlap fs metadata
[  106.363328][ T6511] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  106.371304][ T6511] FAT-fs (loop1): Filesystem has been set read-only
[  106.402480][ T6515] EXT4-fs (loop3): pa ffff88810556eb60: logic 48, phys. 177, len 21
[  106.410533][ T6515] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  106.422247][ T6511] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  106.430818][ T6511] syz.1.823: attempt to access beyond end of device
[  106.430818][ T6511] loop1: rw=2049, sector=2065, nr_sectors = 8 limit=128
[  106.544813][ T6523] loop3: detected capacity change from 0 to 512
[  106.563243][ T6523] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  106.577936][ T6525] loop0: detected capacity change from 0 to 512
[  106.585102][ T6525] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  106.596299][ T6523] EXT4-fs (loop3): 1 truncate cleaned up
[  106.601056][ T6528] netlink: 'syz.1.829': attribute type 39 has an invalid length.
[  106.616253][ T6525] EXT4-fs (loop0): 1 truncate cleaned up
[  106.825438][ T6537] __nla_validate_parse: 1 callbacks suppressed
[  106.825451][ T6537] netlink: 56 bytes leftover after parsing attributes in process `syz.1.831'.
[  106.941047][ T6541] loop1: detected capacity change from 0 to 2048
[  107.051806][ T6545] loop1: detected capacity change from 0 to 2048
[  107.173664][ T6549] loop1: detected capacity change from 0 to 2048
[  107.226414][ T6553] loop1: detected capacity change from 0 to 128
[  107.656913][ T6565] loop3: detected capacity change from 0 to 512
[  107.666665][ T6570] netlink: 56 bytes leftover after parsing attributes in process `syz.0.842'.
[  107.681241][ T6565] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  107.689703][ T6565] EXT4-fs (loop3): orphan cleanup on readonly fs
[  107.697829][ T6565] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.841: corrupted inode contents
[  107.711022][ T6565] EXT4-fs (loop3): Remounting filesystem read-only
[  107.717608][ T6565] EXT4-fs (loop3): 1 truncate cleaned up
[  107.725468][   T51] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  107.736068][   T51] __quota_error: 705 callbacks suppressed
[  107.736080][   T51] Quota error (device loop3): write_blk: dquota write failed
[  107.749230][   T51] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries
[  107.759255][   T51] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  107.769783][   T51] Quota error (device loop3): write_blk: dquota write failed
[  107.777200][   T51] Quota error (device loop3): free_dqentry: Can't move quota data block (5) to free list
[  107.837504][   T51] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  107.847756][   T51] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  107.878881][   T51] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  107.952758][ T6581] netlink: 'syz.0.846': attribute type 39 has an invalid length.
[  108.105294][ T6583] loop0: detected capacity change from 0 to 512
[  108.120695][ T6583] ext4 filesystem being mounted at /169/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.202971][   T29] audit: type=1326 audit(1756466908.748:7264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14d7eebe9 code=0x7ffc0000
[  108.229268][   T29] audit: type=1326 audit(1756466908.778:7265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7fb14d7eebe9 code=0x7ffc0000
[  108.252727][   T29] audit: type=1326 audit(1756466908.778:7266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14d7eebe9 code=0x7ffc0000
[  108.276228][   T29] audit: type=1326 audit(1756466908.778:7267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14d7eebe9 code=0x7ffc0000
[  108.338753][ T6593] loop1: detected capacity change from 0 to 128
[  108.378031][ T6597] loop3: detected capacity change from 0 to 1024
[  108.400949][ T6599] netlink: 8 bytes leftover after parsing attributes in process `syz.1.853'.
[  108.406991][ T6597] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.852: Allocating blocks 449-513 which overlap fs metadata
[  108.430888][ T6596] EXT4-fs (loop3): pa ffff88810556e9a0: logic 48, phys. 177, len 21
[  108.438976][ T6596] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  108.452726][ T6602] netlink: 'syz.1.853': attribute type 1 has an invalid length.
[  108.461388][ T6602] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  108.480551][ T6599] can0: slcan on ttyS3.
[  108.490548][ T6604] netlink: 'syz.3.854': attribute type 39 has an invalid length.
[  108.519069][ T6599] can0 (unregistered): slcan off ttyS3.
[  108.526303][ T6599] netlink: 'syz.1.853': attribute type 1 has an invalid length.
[  108.534123][ T6599] netlink: 224 bytes leftover after parsing attributes in process `syz.1.853'.
[  108.617825][ T6606] loop1: detected capacity change from 0 to 2048
[  108.649005][ T6610] loop3: detected capacity change from 0 to 2048
[  109.613765][ T6633] loop2: detected capacity change from 0 to 512
[  109.670378][ T6633] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  109.678380][ T6633] EXT4-fs (loop2): orphan cleanup on readonly fs
[  109.697434][ T6642] loop3: detected capacity change from 0 to 512
[  109.703520][ T6642] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  109.722745][ T6633] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.863: corrupted inode contents
[  109.723491][ T6633] EXT4-fs (loop2): Remounting filesystem read-only
[  109.723591][ T6633] EXT4-fs (loop2): 1 truncate cleaned up
[  109.725111][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  109.725132][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  109.725147][   T12] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  109.749804][ T6642] EXT4-fs (loop3): 1 truncate cleaned up
[  110.372141][ T6651] loop2: detected capacity change from 0 to 2048
[  110.421673][ T6655] 9pnet_fd: Insufficient options for proto=fd
[  110.558550][ T6645] syz.3.864 (6645) used greatest stack depth: 9680 bytes left
[  110.683180][ T6660] loop3: detected capacity change from 0 to 512
[  110.699900][ T6660] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  110.708223][ T6660] EXT4-fs (loop3): orphan cleanup on readonly fs
[  110.716347][ T6660] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.870: corrupted inode contents
[  110.728442][ T6660] EXT4-fs (loop3): Remounting filesystem read-only
[  110.735086][ T6660] EXT4-fs (loop3): 1 truncate cleaned up
[  110.741244][ T6403] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  110.751856][ T6403] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  110.762423][ T6403] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  110.912989][ T6667] loop4: detected capacity change from 0 to 2048
[  111.423814][ T6677] netlink: 'syz.3.875': attribute type 13 has an invalid length.
[  111.434981][ T6677] gretap0: refused to change device tx_queue_len
[  111.441895][ T6677] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  111.723460][ T6688] loop0: detected capacity change from 0 to 1024
[  111.731004][ T6686] loop3: detected capacity change from 0 to 2048
[  111.830615][ T6694] netlink: 8 bytes leftover after parsing attributes in process `syz.1.881'.
[  111.850135][ T6696] netlink: 8 bytes leftover after parsing attributes in process `syz.3.880'.
[  111.881541][ T6699] netlink: 'syz.1.881': attribute type 1 has an invalid length.
[  111.905147][ T6699] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  111.920359][ T6701] netlink: 164 bytes leftover after parsing attributes in process `syz.3.880'.
[  111.944441][ T6704] loop4: detected capacity change from 0 to 512
[  111.954384][ T6699] can0: slcan on ttyS3.
[  111.958690][ T6702] loop0: detected capacity change from 0 to 512
[  111.966913][ T6704] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  111.974248][ T6694] netlink: 'syz.1.881': attribute type 1 has an invalid length.
[  111.984518][ T6694] netlink: 224 bytes leftover after parsing attributes in process `syz.1.881'.
[  111.993717][ T6702] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  112.005516][ T6704] EXT4-fs (loop4): 1 truncate cleaned up
[  112.014780][ T6702] EXT4-fs (loop0): 1 truncate cleaned up
[  112.030096][ T6696] can0 (unregistered): slcan off ttyS3.
[  112.038700][ T6701] can0: slcan on ttyS3.
[  112.059051][ T6696] netlink: 'syz.3.880': attribute type 1 has an invalid length.
[  112.066707][ T6696] netlink: 224 bytes leftover after parsing attributes in process `syz.3.880'.
[  112.159301][ T6709] netlink: 'syz.1.885': attribute type 39 has an invalid length.
[  112.172044][ T6695] can0 (unregistered): slcan off ttyS3.
[  112.254345][ T6714] loop1: detected capacity change from 0 to 512
[  112.286012][ T6714] ext4 filesystem being mounted at /178/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.399471][ T6721] loop1: detected capacity change from 0 to 256
[  112.415481][ T6721] msdos: Bad value for 'uid'
[  112.420226][ T6721] msdos: Bad value for 'uid'
[  112.456407][ T6721] 9pnet_fd: Insufficient options for proto=fd
[  112.649450][ T6727] loop3: detected capacity change from 0 to 2048
[  112.741438][ T6731] FAULT_INJECTION: forcing a failure.
[  112.741438][ T6731] name failslab, interval 1, probability 0, space 0, times 0
[  112.754209][ T6731] CPU: 1 UID: 0 PID: 6731 Comm: syz.1.891 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  112.754239][ T6731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  112.754254][ T6731] Call Trace:
[  112.754261][ T6731]  <TASK>
[  112.754269][ T6731]  __dump_stack+0x1d/0x30
[  112.754295][ T6731]  dump_stack_lvl+0xe8/0x140
[  112.754314][ T6731]  dump_stack+0x15/0x1b
[  112.754347][ T6731]  should_fail_ex+0x265/0x280
[  112.754371][ T6731]  ? resv_map_alloc+0x32/0x190
[  112.754404][ T6731]  should_failslab+0x8c/0xb0
[  112.754497][ T6731]  __kmalloc_cache_noprof+0x4c/0x320
[  112.754526][ T6731]  ? vfs_write+0x7e8/0x960
[  112.754546][ T6731]  resv_map_alloc+0x32/0x190
[  112.754569][ T6731]  hugetlbfs_get_inode+0x67/0x370
[  112.754675][ T6731]  hugetlb_file_setup+0x192/0x3d0
[  112.754765][ T6731]  ksys_mmap_pgoff+0x157/0x310
[  112.754855][ T6731]  x64_sys_call+0x14a3/0x2ff0
[  112.754939][ T6731]  do_syscall_64+0xd2/0x200
[  112.754971][ T6731]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  112.754998][ T6731]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  112.755025][ T6731]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.755115][ T6731] RIP: 0033:0x7f62f0cdebe9
[  112.755131][ T6731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.755151][ T6731] RSP: 002b:00007f62ef747038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  112.755250][ T6731] RAX: ffffffffffffffda RBX: 00007f62f0f05fa0 RCX: 00007f62f0cdebe9
[  112.755266][ T6731] RDX: 0000000000000008 RSI: 0000000000c00000 RDI: 0000200000400000
[  112.755281][ T6731] RBP: 00007f62ef747090 R08: ffffffffffffffff R09: 0000000000000000
[  112.755296][ T6731] R10: 0000000000051031 R11: 0000000000000246 R12: 0000000000000001
[  112.755310][ T6731] R13: 00007f62f0f06038 R14: 00007f62f0f05fa0 R15: 00007fff7cbe9dd8
[  112.755331][ T6731]  </TASK>
[  113.038855][ T6707] syz.4.884 (6707) used greatest stack depth: 9232 bytes left
[  113.085387][   T29] kauditd_printk_skb: 703 callbacks suppressed
[  113.085402][   T29] audit: type=1400 audit(1756466913.618:7959): avc:  denied  { write } for  pid=6733 comm="syz.1.893" name="tcp6" dev="proc" ino=4026532444 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  113.127406][ T6740] loop4: detected capacity change from 0 to 1024
[  113.179843][ T6741] loop1: detected capacity change from 0 to 2048
[  113.187876][ T6743] loop0: detected capacity change from 0 to 2048
[  113.359761][   T29] audit: type=1326 audit(1756466913.908:7960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6758 comm="syz.3.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77d475ebe9 code=0x7ffc0000
[  113.359851][   T29] audit: type=1326 audit(1756466913.908:7961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6758 comm="syz.3.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77d475ebe9 code=0x7ffc0000
[  113.361041][   T29] audit: type=1326 audit(1756466913.908:7962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6758 comm="syz.3.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f77d475ebe9 code=0x7ffc0000
[  113.361077][   T29] audit: type=1326 audit(1756466913.908:7963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6758 comm="syz.3.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f77d475ec23 code=0x7ffc0000
[  113.361687][   T29] audit: type=1326 audit(1756466913.908:7964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6758 comm="syz.3.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f77d475d69f code=0x7ffc0000
[  113.385699][   T29] audit: type=1326 audit(1756466913.928:7965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6758 comm="syz.3.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f77d475ec77 code=0x7ffc0000
[  113.386023][   T29] audit: type=1326 audit(1756466913.928:7966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6758 comm="syz.3.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f77d475d550 code=0x7ffc0000
[  113.386110][   T29] audit: type=1326 audit(1756466913.928:7967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6758 comm="syz.3.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f77d475e7eb code=0x7ffc0000
[  113.386156][ T6759] loop3: detected capacity change from 0 to 256
[  113.386240][   T29] audit: type=1326 audit(1756466913.928:7968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6758 comm="syz.3.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f77d475d84a code=0x7ffc0000
[  113.386605][ T6759] msdos: Bad value for 'uid'
[  113.386618][ T6759] msdos: Bad value for 'uid'
[  113.409467][ T6759] 9pnet_fd: Insufficient options for proto=fd
[  113.429267][ T6763] loop4: detected capacity change from 0 to 512
[  113.449971][ T6763] ext4 filesystem being mounted at /175/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.639878][ T6792] loop3: detected capacity change from 0 to 2048
[  114.657986][ T6796] loop2: detected capacity change from 0 to 256
[  114.665811][ T6796] msdos: Bad value for 'uid'
[  114.670547][ T6796] msdos: Bad value for 'uid'
[  114.680170][ T6796] 9pnet_fd: Insufficient options for proto=fd
[  114.712833][ T6795] loop1: detected capacity change from 0 to 2048
[  114.727846][ T6800] loop3: detected capacity change from 0 to 512
[  114.756750][ T6800] ext4 filesystem being mounted at /204/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.773285][ T6802] loop2: detected capacity change from 0 to 2048
[  114.933498][ T6815] loop0: detected capacity change from 0 to 2048
[  115.288069][ T6834] loop1: detected capacity change from 0 to 512
[  115.302036][ T6834] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  115.310056][ T6834] EXT4-fs (loop1): orphan cleanup on readonly fs
[  115.318175][ T6834] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.924: corrupted inode contents
[  115.331214][ T6834] EXT4-fs (loop1): Remounting filesystem read-only
[  115.337822][ T6834] EXT4-fs (loop1): 1 truncate cleaned up
[  115.343717][  T267] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  115.354312][  T267] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  115.364881][  T267] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  115.883503][ T6839] loop2: detected capacity change from 0 to 512
[  115.886759][ T6841] loop0: detected capacity change from 0 to 256
[  115.896581][ T6841] msdos: Bad value for 'uid'
[  115.901317][ T6841] msdos: Bad value for 'uid'
[  115.908774][ T6841] 9pnet_fd: Insufficient options for proto=fd
[  115.913845][ T6839] ext4 filesystem being mounted at /168/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.941232][ T6845] netlink: 'syz.0.927': attribute type 39 has an invalid length.
[  115.963894][ T6849] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  116.017422][ T6851] loop2: detected capacity change from 0 to 256
[  116.024493][ T6851] msdos: Bad value for 'uid'
[  116.029175][ T6851] msdos: Bad value for 'uid'
[  116.037328][ T6851] FAULT_INJECTION: forcing a failure.
[  116.037328][ T6851] name failslab, interval 1, probability 0, space 0, times 0
[  116.050136][ T6851] CPU: 1 UID: 0 PID: 6851 Comm: syz.2.930 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  116.050174][ T6851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  116.050190][ T6851] Call Trace:
[  116.050198][ T6851]  <TASK>
[  116.050206][ T6851]  __dump_stack+0x1d/0x30
[  116.050233][ T6851]  dump_stack_lvl+0xe8/0x140
[  116.050258][ T6851]  dump_stack+0x15/0x1b
[  116.050377][ T6851]  should_fail_ex+0x265/0x280
[  116.050405][ T6851]  should_failslab+0x8c/0xb0
[  116.050435][ T6851]  kmem_cache_alloc_noprof+0x50/0x310
[  116.050515][ T6851]  ? audit_log_start+0x365/0x6c0
[  116.050555][ T6851]  audit_log_start+0x365/0x6c0
[  116.050594][ T6851]  audit_seccomp+0x48/0x100
[  116.050628][ T6851]  ? __seccomp_filter+0x68c/0x10d0
[  116.050763][ T6851]  __seccomp_filter+0x69d/0x10d0
[  116.050785][ T6851]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  116.050818][ T6851]  ? vfs_write+0x7e8/0x960
[  116.050852][ T6851]  __secure_computing+0x82/0x150
[  116.050950][ T6851]  syscall_trace_enter+0xcf/0x1e0
[  116.050980][ T6851]  do_syscall_64+0xac/0x200
[  116.051014][ T6851]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  116.051043][ T6851]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  116.051082][ T6851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.051108][ T6851] RIP: 0033:0x7f734673ebe9
[  116.051127][ T6851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.051204][ T6851] RSP: 002b:00007f73451a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  116.051228][ T6851] RAX: ffffffffffffffda RBX: 00007f7346965fa0 RCX: 00007f734673ebe9
[  116.051308][ T6851] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000005
[  116.051323][ T6851] RBP: 00007f73451a7090 R08: 0000000000000000 R09: 0000000000000000
[  116.051338][ T6851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  116.051353][ T6851] R13: 00007f7346966038 R14: 00007f7346965fa0 R15: 00007ffe7f129118
[  116.051375][ T6851]  </TASK>
[  116.054903][ T6851] 9pnet_fd: Insufficient options for proto=fd
[  116.145780][ T6855] loop1: detected capacity change from 0 to 2048
[  116.152022][ T6858] loop2: detected capacity change from 0 to 512
[  116.270525][ T6858] EXT4-fs: Ignoring removed orlov option
[  116.276382][ T6858] EXT4-fs: Ignoring removed nomblk_io_submit option
[  116.283067][ T6858] ext4: Unknown parameter 'fsname'
[  116.332434][ T6867] loop2: detected capacity change from 0 to 256
[  116.339106][ T6867] vfat: Unknown parameter 'no|ŸKþŸ 
C—Ð<ä£numtail'
[  116.349890][ T6867] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6867 comm=syz.2.936
[  116.378172][ T6874] loop2: detected capacity change from 0 to 256
[  116.385076][ T6874] msdos: Bad value for 'uid'
[  116.389736][ T6874] msdos: Bad value for 'uid'
[  116.397478][ T6874] 9pnet_fd: Insufficient options for proto=fd
[  116.424550][ T6877] loop2: detected capacity change from 0 to 512
[  116.451684][ T6877] ext4 filesystem being mounted at /173/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.496594][ T6882] netlink: 'syz.2.940': attribute type 39 has an invalid length.
[  116.739795][ T6884] loop2: detected capacity change from 0 to 512
[  116.749936][ T6884] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  116.757927][ T6884] EXT4-fs (loop2): orphan cleanup on readonly fs
[  116.766513][ T6884] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.941: corrupted inode contents
[  116.778657][ T6884] EXT4-fs (loop2): Remounting filesystem read-only
[  116.785372][ T6884] EXT4-fs (loop2): 1 truncate cleaned up
[  116.792242][   T51] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  116.802776][   T51] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  116.813625][   T51] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  116.935631][ T6895] netlink: 8 bytes leftover after parsing attributes in process `syz.4.945'.
[  116.982141][ T6895] netlink: 164 bytes leftover after parsing attributes in process `syz.4.945'.
[  116.994167][ T6895] can0: slcan on ttyS3.
[  117.049020][ T6895] can0 (unregistered): slcan off ttyS3.
[  117.056843][ T6896] can0: slcan on ttyS3.
[  117.065297][ T6895] netlink: 'syz.4.945': attribute type 1 has an invalid length.
[  117.072992][ T6895] netlink: 224 bytes leftover after parsing attributes in process `syz.4.945'.
[  117.119158][ T6894] can0 (unregistered): slcan off ttyS3.
[  117.220780][ T6900] FAULT_INJECTION: forcing a failure.
[  117.220780][ T6900] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  117.233938][ T6900] CPU: 0 UID: 0 PID: 6900 Comm: syz.1.947 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  117.233965][ T6900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  117.233981][ T6900] Call Trace:
[  117.233988][ T6900]  <TASK>
[  117.233993][ T6900]  __dump_stack+0x1d/0x30
[  117.234037][ T6900]  dump_stack_lvl+0xe8/0x140
[  117.234052][ T6900]  dump_stack+0x15/0x1b
[  117.234065][ T6900]  should_fail_ex+0x265/0x280
[  117.234131][ T6900]  should_fail+0xb/0x20
[  117.234144][ T6900]  should_fail_usercopy+0x1a/0x20
[  117.234210][ T6900]  _copy_from_user+0x1c/0xb0
[  117.234294][ T6900]  sg_write+0x1ed/0x750
[  117.234315][ T6900]  ? _parse_integer_limit+0x170/0x190
[  117.234341][ T6900]  ? __pfx_sg_write+0x10/0x10
[  117.234439][ T6900]  vfs_write+0x269/0x960
[  117.234478][ T6900]  ? __rcu_read_unlock+0x4f/0x70
[  117.234494][ T6900]  ? __fget_files+0x184/0x1c0
[  117.234518][ T6900]  ksys_write+0xda/0x1a0
[  117.234535][ T6900]  __x64_sys_write+0x40/0x50
[  117.234615][ T6900]  x64_sys_call+0x27fe/0x2ff0
[  117.234638][ T6900]  do_syscall_64+0xd2/0x200
[  117.234712][ T6900]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  117.234746][ T6900]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  117.234768][ T6900]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.234785][ T6900] RIP: 0033:0x7f62f0cdebe9
[  117.234796][ T6900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.234862][ T6900] RSP: 002b:00007f62ef747038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  117.234877][ T6900] RAX: ffffffffffffffda RBX: 00007f62f0f05fa0 RCX: 00007f62f0cdebe9
[  117.234887][ T6900] RDX: 0000000000000038 RSI: 0000200000000040 RDI: 0000000000000007
[  117.234896][ T6900] RBP: 00007f62ef747090 R08: 0000000000000000 R09: 0000000000000000
[  117.234972][ T6900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  117.234981][ T6900] R13: 00007f62f0f06038 R14: 00007f62f0f05fa0 R15: 00007fff7cbe9dd8
[  117.234995][ T6900]  </TASK>
[  117.486020][ T6904] loop2: detected capacity change from 0 to 256
[  117.492930][ T6904] msdos: Bad value for 'uid'
[  117.497566][ T6904] msdos: Bad value for 'uid'
[  117.506326][ T6904] 9pnet_fd: Insufficient options for proto=fd
[  117.510895][ T6906] loop1: detected capacity change from 0 to 1024
[  117.531763][ T6908] loop2: detected capacity change from 0 to 1024
[  117.556593][ T6908] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.951: Allocating blocks 449-513 which overlap fs metadata
[  117.579547][ T6907] EXT4-fs (loop2): pa ffff88810556ea80: logic 48, phys. 177, len 21
[  117.587596][ T6907] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  117.603324][ T6915] loop1: detected capacity change from 0 to 512
[  117.610214][ T6915] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  117.621601][ T6915] EXT4-fs (loop1): 1 truncate cleaned up
[  117.652855][ T6920] loop2: detected capacity change from 0 to 512
[  117.660814][ T6920] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  117.672895][ T6920] EXT4-fs (loop2): 1 truncate cleaned up
[  117.912210][ T6931] netlink: 100 bytes leftover after parsing attributes in process `syz.3.957'.
[  118.078315][ T6936] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[  118.078315][ T6936]    program syz.4.959 not setting count and/or reply_len properly
[  118.095661][   T29] kauditd_printk_skb: 1645 callbacks suppressed
[  118.095677][   T29] audit: type=1326 audit(1756466918.648:9600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6932 comm="syz.3.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f77d4755ba7 code=0x7ffc0000
[  118.125714][   T29] audit: type=1326 audit(1756466918.648:9601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6932 comm="syz.3.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f77d46fade9 code=0x7ffc0000
[  118.149035][   T29] audit: type=1326 audit(1756466918.648:9602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6932 comm="syz.3.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77d475ebe9 code=0x7ffc0000
[  118.172428][   T29] audit: type=1326 audit(1756466918.648:9603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6932 comm="syz.3.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f77d4755ba7 code=0x7ffc0000
[  118.195685][   T29] audit: type=1326 audit(1756466918.648:9604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6932 comm="syz.3.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f77d46fade9 code=0x7ffc0000
[  118.219079][   T29] audit: type=1326 audit(1756466918.648:9605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6932 comm="syz.3.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77d475ebe9 code=0x7ffc0000
[  118.242579][   T29] audit: type=1326 audit(1756466918.658:9606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6932 comm="syz.3.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f77d4755ba7 code=0x7ffc0000
[  118.266042][   T29] audit: type=1326 audit(1756466918.658:9607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6932 comm="syz.3.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f77d46fade9 code=0x7ffc0000
[  118.289342][   T29] audit: type=1326 audit(1756466918.658:9608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6932 comm="syz.3.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77d475ebe9 code=0x7ffc0000
[  118.312658][   T29] audit: type=1326 audit(1756466918.668:9609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6932 comm="syz.3.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f77d4755ba7 code=0x7ffc0000
[  118.449473][ T6942] loop1: detected capacity change from 0 to 512
[  118.462572][ T6942] ext4 filesystem being mounted at /196/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.517696][ T6947] loop1: detected capacity change from 0 to 512
[  118.553215][ T6947] ext4 filesystem being mounted at /197/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.605944][ T6955] FAULT_INJECTION: forcing a failure.
[  118.605944][ T6955] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  118.619155][ T6955] CPU: 0 UID: 0 PID: 6955 Comm: syz.1.964 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  118.619180][ T6955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  118.619192][ T6955] Call Trace:
[  118.619198][ T6955]  <TASK>
[  118.619213][ T6955]  __dump_stack+0x1d/0x30
[  118.619234][ T6955]  dump_stack_lvl+0xe8/0x140
[  118.619251][ T6955]  dump_stack+0x15/0x1b
[  118.619314][ T6955]  should_fail_ex+0x265/0x280
[  118.619333][ T6955]  should_fail+0xb/0x20
[  118.619349][ T6955]  should_fail_usercopy+0x1a/0x20
[  118.619423][ T6955]  _copy_from_iter+0xd2/0xe80
[  118.619452][ T6955]  ? __build_skb_around+0x1a0/0x200
[  118.619608][ T6955]  ? __alloc_skb+0x223/0x320
[  118.619626][ T6955]  netlink_sendmsg+0x471/0x6b0
[  118.619719][ T6955]  ? __pfx_netlink_sendmsg+0x10/0x10
[  118.619740][ T6955]  __sock_sendmsg+0x145/0x180
[  118.619843][ T6955]  ____sys_sendmsg+0x31e/0x4e0
[  118.619865][ T6955]  ___sys_sendmsg+0x17b/0x1d0
[  118.619897][ T6955]  __x64_sys_sendmsg+0xd4/0x160
[  118.619925][ T6955]  x64_sys_call+0x191e/0x2ff0
[  118.619996][ T6955]  do_syscall_64+0xd2/0x200
[  118.620020][ T6955]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  118.620116][ T6955]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  118.620162][ T6955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.620184][ T6955] RIP: 0033:0x7f62f0cdebe9
[  118.620200][ T6955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.620364][ T6955] RSP: 002b:00007f62ef747038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  118.620442][ T6955] RAX: ffffffffffffffda RBX: 00007f62f0f05fa0 RCX: 00007f62f0cdebe9
[  118.620455][ T6955] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  118.620475][ T6955] RBP: 00007f62ef747090 R08: 0000000000000000 R09: 0000000000000000
[  118.620488][ T6955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.620501][ T6955] R13: 00007f62f0f06038 R14: 00007f62f0f05fa0 R15: 00007fff7cbe9dd8
[  118.620521][ T6955]  </TASK>
[  119.032454][ T6977] loop1: detected capacity change from 0 to 128
[  119.049942][ T6971] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  119.057782][ T6971] FAT-fs (loop1): Filesystem has been set read-only
[  119.078955][ T6971] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  119.080004][ T6971] syz.1.968: attempt to access beyond end of device
[  119.080004][ T6971] loop1: rw=2049, sector=2065, nr_sectors = 8 limit=128
[  119.226927][ T6984] loop3: detected capacity change from 0 to 512
[  119.236145][ T6984] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  119.261138][ T6984] EXT4-fs (loop3): 1 truncate cleaned up
[  119.347906][ T6989] loop0: detected capacity change from 0 to 2048
[  119.358264][ T6992] netlink: 100 bytes leftover after parsing attributes in process `syz.1.976'.
[  119.651685][ T7010] netlink: 8 bytes leftover after parsing attributes in process `syz.1.981'.
[  119.701395][ T7010] netlink: 164 bytes leftover after parsing attributes in process `syz.1.981'.
[  119.731136][ T7010] can0: slcan on ttyS3.
[  119.779006][ T7010] can0 (unregistered): slcan off ttyS3.
[  119.788954][ T7010] can0: slcan on ttyS3.
[  119.800840][ T7010] netlink: 'syz.1.981': attribute type 1 has an invalid length.
[  119.808512][ T7010] netlink: 224 bytes leftover after parsing attributes in process `syz.1.981'.
[  119.855488][ T7013] loop0: detected capacity change from 0 to 128
[  119.871317][ T7012] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  119.879341][ T7012] FAT-fs (loop0): Filesystem has been set read-only
[  119.886207][ T7009] can0 (unregistered): slcan off ttyS3.
[  119.893626][ T7012] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  119.911591][ T7012] syz.0.982: attempt to access beyond end of device
[  119.911591][ T7012] loop0: rw=2049, sector=2065, nr_sectors = 8 limit=128
[  120.031646][ T7017] loop0: detected capacity change from 0 to 512
[  120.046255][ T7017] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  120.080426][ T7017] EXT4-fs (loop0): 1 truncate cleaned up
[  120.206693][ T7022] loop3: detected capacity change from 0 to 1024
[  120.267447][ T7028] ip6tnl1: entered promiscuous mode
[  120.274557][ T7028] FAULT_INJECTION: forcing a failure.
[  120.274557][ T7028] name failslab, interval 1, probability 0, space 0, times 0
[  120.287205][ T7028] CPU: 0 UID: 0 PID: 7028 Comm: syz.3.987 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  120.287292][ T7028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  120.287306][ T7028] Call Trace:
[  120.287311][ T7028]  <TASK>
[  120.287336][ T7028]  __dump_stack+0x1d/0x30
[  120.287379][ T7028]  dump_stack_lvl+0xe8/0x140
[  120.287404][ T7028]  dump_stack+0x15/0x1b
[  120.287425][ T7028]  should_fail_ex+0x265/0x280
[  120.287538][ T7028]  should_failslab+0x8c/0xb0
[  120.287623][ T7028]  kmem_cache_alloc_node_noprof+0x57/0x320
[  120.287724][ T7028]  ? __alloc_skb+0x101/0x320
[  120.287814][ T7028]  __alloc_skb+0x101/0x320
[  120.287835][ T7028]  ? __rcu_read_unlock+0x4f/0x70
[  120.287863][ T7028]  alloc_skb_with_frags+0x7d/0x470
[  120.287898][ T7028]  ? is_bpf_text_address+0x141/0x160
[  120.287962][ T7028]  ? kernel_text_address+0x94/0xb0
[  120.288003][ T7028]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  120.288111][ T7028]  sock_alloc_send_pskb+0x43a/0x4f0
[  120.288147][ T7028]  __ip_append_data+0x18bd/0x2440
[  120.288188][ T7028]  ? ____sys_sendmsg+0x345/0x4e0
[  120.288216][ T7028]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  120.288261][ T7028]  ? xfrm_lookup_with_ifid+0x10c2/0x1360
[  120.288292][ T7028]  ? __rcu_read_unlock+0x4f/0x70
[  120.288369][ T7028]  ? ipv4_mtu+0x217/0x240
[  120.288403][ T7028]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  120.288438][ T7028]  ip_make_skb+0x137/0x2c0
[  120.288476][ T7028]  udp_sendmsg+0x1013/0x13c0
[  120.288538][ T7028]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  120.288589][ T7028]  udpv6_sendmsg+0x7e9/0x1590
[  120.288683][ T7028]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  120.288712][ T7028]  inet6_sendmsg+0xac/0xd0
[  120.288822][ T7028]  __sock_sendmsg+0x8b/0x180
[  120.288846][ T7028]  ____sys_sendmsg+0x345/0x4e0
[  120.288878][ T7028]  ___sys_sendmsg+0x17b/0x1d0
[  120.288910][ T7028]  __sys_sendmmsg+0x178/0x300
[  120.288953][ T7028]  __x64_sys_sendmmsg+0x57/0x70
[  120.289032][ T7028]  x64_sys_call+0x1c4a/0x2ff0
[  120.289080][ T7028]  do_syscall_64+0xd2/0x200
[  120.289110][ T7028]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  120.289133][ T7028]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  120.289180][ T7028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.289203][ T7028] RIP: 0033:0x7f77d475ebe9
[  120.289225][ T7028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.289240][ T7028] RSP: 002b:00007f77d31bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  120.289296][ T7028] RAX: ffffffffffffffda RBX: 00007f77d4985fa0 RCX: 00007f77d475ebe9
[  120.289310][ T7028] RDX: 0000000000000001 RSI: 00002000000017c0 RDI: 0000000000000004
[  120.289320][ T7028] RBP: 00007f77d31bf090 R08: 0000000000000000 R09: 0000000000000000
[  120.289330][ T7028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.289346][ T7028] R13: 00007f77d4986038 R14: 00007f77d4985fa0 R15: 00007ffc62d3af58
[  120.289361][ T7028]  </TASK>
[  120.631983][ T7032] netlink: 'syz.3.989': attribute type 21 has an invalid length.
[  120.639793][ T7032] netlink: 128 bytes leftover after parsing attributes in process `syz.3.989'.
[  120.654974][ T7032] netlink: 'syz.3.989': attribute type 4 has an invalid length.
[  120.662740][ T7032] netlink: 'syz.3.989': attribute type 5 has an invalid length.
[  120.670434][ T7032] netlink: 3 bytes leftover after parsing attributes in process `syz.3.989'.
[  120.703818][ T7034] loop4: detected capacity change from 0 to 2048
[  120.736575][ T7038] loop3: detected capacity change from 0 to 512
[  120.750913][ T7038] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  120.770400][ T7038] EXT4-fs (loop3): 1 truncate cleaned up
[  120.777509][ T7041] loop4: detected capacity change from 0 to 128
[  121.194044][ T7055] loop0: detected capacity change from 0 to 512
[  121.201911][ T7055] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  121.213356][ T7055] EXT4-fs (loop0): 1 truncate cleaned up
[  121.830138][ T7068] loop4: detected capacity change from 0 to 256
[  121.839237][ T7068] msdos: Bad value for 'uid'
[  121.843854][ T7068] msdos: Bad value for 'uid'
[  121.867059][ T7068] 9pnet_fd: Insufficient options for proto=fd
[  121.897281][ T7072] loop4: detected capacity change from 0 to 128
[  122.136006][ T7078] loop0: detected capacity change from 0 to 128
[  122.144357][ T7078] ext4 filesystem being mounted at /196/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  122.178588][ T7078] EXT4-fs (loop0): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09 ro.
[  122.250290][ T3306] EXT4-fs error (device loop0): ext4_lookup:1787: inode #11: comm syz-executor: iget: checksum invalid
[  122.262056][ T3306] EXT4-fs error (device loop0): ext4_lookup:1787: inode #11: comm syz-executor: iget: checksum invalid
[  122.450259][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.491503][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.541300][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.592473][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.678273][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  122.688065][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  122.701293][   T12] bond0 (unregistering): Released all slaves
[  122.769361][   T12] hsr_slave_0: left promiscuous mode
[  122.783739][   T12] hsr_slave_1: left promiscuous mode
[  122.798664][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  122.806464][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  122.814510][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  122.821944][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  122.835554][   T12] veth1_macvtap: left promiscuous mode
[  122.841330][   T12] veth0_macvtap: left promiscuous mode
[  122.846895][   T12] veth1_vlan: left promiscuous mode
[  122.852366][   T12] veth0_vlan: left promiscuous mode
[  122.882701][ T7093] loop4: detected capacity change from 0 to 2048
[  122.925184][   T12] team0 (unregistering): Port device team_slave_1 removed
[  122.935629][   T12] team0 (unregistering): Port device C removed
[  122.952945][ T7098] loop2: detected capacity change from 0 to 512
[  122.967125][ T7098] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  122.996688][ T7098] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1009: bg 0: block 4: invalid block bitmap
[  123.014664][ T7098] EXT4-fs (loop2): Remounting filesystem read-only
[  123.031718][ T7098] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  123.045299][ T7098] EXT4-fs (loop2): 1 truncate cleaned up
[  123.233824][ T7111] __nla_validate_parse: 2 callbacks suppressed
[  123.233841][ T7111] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1011'.
[  123.251963][ T7115] netlink: 'syz.4.1012': attribute type 39 has an invalid length.
[  123.260241][ T7086] chnl_net:caif_netlink_parms(): no params data found
[  123.299189][ T7086] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.306289][ T7086] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.313585][ T7086] bridge_slave_0: entered allmulticast mode
[  123.320193][ T7086] bridge_slave_0: entered promiscuous mode
[  123.327164][ T7086] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.334259][ T7086] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.343378][ T7086] bridge_slave_1: entered allmulticast mode
[  123.350027][ T7086] bridge_slave_1: entered promiscuous mode
[  123.352646][   T29] kauditd_printk_skb: 878 callbacks suppressed
[  123.352663][   T29] audit: type=1326 audit(1756466923.898:10488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7118 comm="syz.4.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc263bdebe9 code=0x7ffc0000
[  123.370506][ T7123] loop1: detected capacity change from 0 to 256
[  123.385633][   T29] audit: type=1326 audit(1756466923.898:10489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7118 comm="syz.4.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc263bdebe9 code=0x7ffc0000
[  123.385665][   T29] audit: type=1326 audit(1756466923.898:10490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7118 comm="syz.4.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7fc263bdebe9 code=0x7ffc0000
[  123.394566][ T7123] msdos: Bad value for 'uid'
[  123.415399][   T29] audit: type=1326 audit(1756466923.898:10491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7118 comm="syz.4.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc263bdebe9 code=0x7ffc0000
[  123.415436][   T29] audit: type=1326 audit(1756466923.898:10492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7118 comm="syz.4.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc263bdebe9 code=0x7ffc0000
[  123.438898][ T7123] msdos: Bad value for 'uid'
[  123.446025][ T7123] 9pnet_fd: Insufficient options for proto=fd
[  123.467177][   T29] audit: type=1326 audit(1756466923.898:10493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7118 comm="syz.4.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc263bdebe9 code=0x7ffc0000
[  123.525061][   T29] audit: type=1326 audit(1756466923.898:10494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7118 comm="syz.4.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc263bdebe9 code=0x7ffc0000
[  123.548575][   T29] audit: type=1326 audit(1756466923.898:10495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7118 comm="syz.4.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc263bdebe9 code=0x7ffc0000
[  123.572232][   T29] audit: type=1326 audit(1756466923.898:10496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7118 comm="syz.4.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc263bdebe9 code=0x7ffc0000
[  123.595702][   T29] audit: type=1326 audit(1756466923.898:10497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7118 comm="syz.4.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc263bdebe9 code=0x7ffc0000
[  123.627196][ T7086] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  123.637748][ T7086] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  123.663216][ T7127] loop1: detected capacity change from 0 to 512
[  123.670826][ T7127] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  123.672741][ T7086] team0: Port device team_slave_0 added
[  123.687584][ T7086] team0: Port device team_slave_1 added
[  123.700317][ T7127] EXT4-fs (loop1): 1 truncate cleaned up
[  123.707580][ T7086] batman_adv: batadv0: Adding interface: batadv_slave_0
[  123.714606][ T7086] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  123.740585][ T7086] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  123.751869][ T7086] batman_adv: batadv0: Adding interface: batadv_slave_1
[  123.759032][ T7086] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  123.785083][ T7086] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  123.817578][ T7086] hsr_slave_0: entered promiscuous mode
[  123.824214][ T7086] hsr_slave_1: entered promiscuous mode
[  123.830237][ T7086] debugfs: 'hsr0' already exists in 'hsr'
[  123.835981][ T7086] Cannot create hsr debugfs directory
[  124.210787][ T7086] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  124.222130][ T7086] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  124.231131][ T7086] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  124.240976][ T7086] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  124.294718][ T7086] 8021q: adding VLAN 0 to HW filter on device bond0
[  124.316315][ T7086] 8021q: adding VLAN 0 to HW filter on device team0
[  124.330428][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.337506][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[  124.352788][  T267] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.359859][  T267] bridge0: port 2(bridge_slave_1) entered forwarding state
[  124.449770][ T7086] 8021q: adding VLAN 0 to HW filter on device batadv0
[  124.572302][ T7086] veth0_vlan: entered promiscuous mode
[  124.587648][ T7086] veth1_vlan: entered promiscuous mode
[  124.617564][ T7086] veth0_macvtap: entered promiscuous mode
[  124.626933][ T7086] veth1_macvtap: entered promiscuous mode
[  124.650555][ T7086] batman_adv: batadv0: Interface activated: batadv_slave_0
[  124.662327][ T7086] batman_adv: batadv0: Interface activated: batadv_slave_1
[  124.673656][   T31] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  124.684722][   T31] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  124.702798][   T31] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  124.724953][   T31] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  124.752115][ T7165] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1017'.
[  124.781551][ T7161] loop1: detected capacity change from 0 to 512
[  124.790725][ T7167] loop0: detected capacity change from 0 to 256
[  124.798541][ T7167] msdos: Bad value for 'uid'
[  124.803259][ T7167] msdos: Bad value for 'uid'
[  124.814810][ T7167] 9pnet_fd: Insufficient options for proto=fd
[  124.822626][ T7161] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  124.832109][ T7161] EXT4-fs (loop1): orphan cleanup on readonly fs
[  124.839918][ T7161] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1021: corrupted inode contents
[  124.854076][ T7161] EXT4-fs (loop1): Remounting filesystem read-only
[  124.860720][ T7161] EXT4-fs (loop1): 1 truncate cleaned up
[  124.866544][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  124.877169][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  124.925120][ T7171] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1024'.
[  124.936376][   T12] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  124.954248][ T7173] loop2: detected capacity change from 0 to 512
[  124.961456][ T7173] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  124.974998][ T7173] EXT4-fs (loop2): 1 truncate cleaned up
[  125.508685][ T7179] loop1: detected capacity change from 0 to 512
[  125.533616][ T7181] loop3: detected capacity change from 0 to 512
[  125.541436][ T7179] ext4 filesystem being mounted at /213/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.554648][ T7181] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  125.576613][ T7181] EXT4-fs (loop3): 1 truncate cleaned up
[  125.674388][ T7186] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1028'.
[  125.683420][ T7186] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1028'.
[  125.692433][ T7186] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1028'.
[  125.789876][ T7186] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1028'.
[  125.926160][ T7196] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[  125.926160][ T7196]    program syz.2.1031 not setting count and/or reply_len properly
[  126.012370][ T7201] loop0: detected capacity change from 0 to 128
[  126.057011][ T7206] loop0: detected capacity change from 0 to 512
[  126.072568][ T7206] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.196777][ T7211] loop0: detected capacity change from 0 to 2048
[  126.323759][ T7217] loop4: detected capacity change from 0 to 256
[  126.339953][ T7217] msdos: Bad value for 'uid'
[  126.344593][ T7217] msdos: Bad value for 'uid'
[  126.366525][ T7217] 9pnet_fd: Insufficient options for proto=fd
[  126.542943][ T7224] loop3: detected capacity change from 0 to 256
[  126.549391][ T7222] loop4: detected capacity change from 0 to 2048
[  126.550898][ T7224] msdos: Bad value for 'uid'
[  126.560516][ T7224] msdos: Bad value for 'uid'
[  126.572556][ T7224] 9pnet_fd: Insufficient options for proto=fd
[  126.650054][ T2956] IPVS: starting estimator thread 0...
[  126.695563][ T7235] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1044'.
[  126.705728][ T7236] loop0: detected capacity change from 0 to 128
[  126.730610][ T7230] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  126.738462][ T7230] FAT-fs (loop0): Filesystem has been set read-only
[  126.739289][ T7233] IPVS: using max 2496 ests per chain, 124800 per kthread
[  126.745602][ T7230] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  126.770694][ T7230] syz.0.1042: attempt to access beyond end of device
[  126.770694][ T7230] loop0: rw=2049, sector=2065, nr_sectors = 8 limit=128
[  126.795353][ T7240] loop3: detected capacity change from 0 to 512
[  126.821172][ T7240] ext4 filesystem being mounted at /225/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.014567][ T7258] loop2: detected capacity change from 0 to 128
[  127.114611][ T7244] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  127.122622][ T7244] FAT-fs (loop2): Filesystem has been set read-only
[  127.179079][ T7244] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  127.187052][ T7244] syz.2.1047: attempt to access beyond end of device
[  127.187052][ T7244] loop2: rw=2049, sector=2065, nr_sectors = 8 limit=128
[  127.370638][ T7261] loop1: detected capacity change from 0 to 2048
[  127.507290][ T7271] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1057'.
[  127.744301][ T7277] loop2: detected capacity change from 0 to 512
[  127.771607][ T7280] loop1: detected capacity change from 0 to 128
[  127.780444][ T7277] ext4 filesystem being mounted at /194/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.805149][ T7275] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  127.813020][ T7275] FAT-fs (loop1): Filesystem has been set read-only
[  127.825647][ T7282] tipc: Invalid UDP bearer configuration
[  127.825659][ T7282] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  127.858055][ T7275] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  127.869716][ T7284] loop2: detected capacity change from 0 to 128
[  127.878047][ T7275] syz.1.1059: attempt to access beyond end of device
[  127.878047][ T7275] loop1: rw=2049, sector=2065, nr_sectors = 8 limit=128
[  127.913104][ T7289] loop2: detected capacity change from 0 to 512
[  127.920894][ T7289] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  127.932047][ T7289] EXT4-fs (loop2): 1 truncate cleaned up
[  127.946504][ T7291] loop4: detected capacity change from 0 to 512
[  127.962797][ T7291] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  127.993239][ T7291] EXT4-fs (loop4): 1 truncate cleaned up
[  128.022043][ T7301] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1068'.
[  128.090121][ T7305] loop0: detected capacity change from 0 to 512
[  128.097122][ T7305] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  128.127410][ T7305] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.1069: bg 0: block 4: invalid block bitmap
[  128.150982][ T7305] EXT4-fs (loop0): Remounting filesystem read-only
[  128.157548][ T7305] EXT4-fs (loop0): 1 truncate cleaned up
[  128.163738][ T7305] EXT4-fs mount: 132 callbacks suppressed
[  128.163753][ T7305] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.184787][ T7308] FAULT_INJECTION: forcing a failure.
[  128.184787][ T7308] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  128.197909][ T7308] CPU: 1 UID: 0 PID: 7308 Comm: syz.1.1070 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  128.197941][ T7308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  128.197957][ T7308] Call Trace:
[  128.197966][ T7308]  <TASK>
[  128.197975][ T7308]  __dump_stack+0x1d/0x30
[  128.197996][ T7308]  dump_stack_lvl+0xe8/0x140
[  128.198062][ T7308]  dump_stack+0x15/0x1b
[  128.198081][ T7308]  should_fail_ex+0x265/0x280
[  128.198163][ T7308]  should_fail+0xb/0x20
[  128.198184][ T7308]  should_fail_usercopy+0x1a/0x20
[  128.198206][ T7308]  _copy_from_user+0x1c/0xb0
[  128.198247][ T7308]  copy_from_bpfptr+0x5c/0x90
[  128.198342][ T7308]  bpf_prog_load+0x74a/0x1070
[  128.198375][ T7308]  ? security_bpf+0x2b/0x90
[  128.198411][ T7308]  __sys_bpf+0x462/0x7b0
[  128.198516][ T7308]  __x64_sys_bpf+0x41/0x50
[  128.198546][ T7308]  x64_sys_call+0x2aea/0x2ff0
[  128.198572][ T7308]  do_syscall_64+0xd2/0x200
[  128.198643][ T7308]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  128.198672][ T7308]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  128.198696][ T7308]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.198782][ T7308] RIP: 0033:0x7f62f0cdebe9
[  128.198800][ T7308] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.198822][ T7308] RSP: 002b:00007f62ef747038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  128.198844][ T7308] RAX: ffffffffffffffda RBX: 00007f62f0f05fa0 RCX: 00007f62f0cdebe9
[  128.198857][ T7308] RDX: 0000000000000094 RSI: 00002000000000c0 RDI: 0000000000000005
[  128.198908][ T7308] RBP: 00007f62ef747090 R08: 0000000000000000 R09: 0000000000000000
[  128.198923][ T7308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  128.198934][ T7308] R13: 00007f62f0f06038 R14: 00007f62f0f05fa0 R15: 00007fff7cbe9dd8
[  128.198951][ T7308]  </TASK>
[  128.368116][ T7086] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.477896][ T7311] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1071'.
[  128.528591][ T7314] C: renamed from team_slave_0 (while UP)
[  128.544392][ T7314] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1071'.
[  128.582806][ T7311] can0: slcan on ttyS3.
[  128.588389][ T7313] loop1: detected capacity change from 0 to 2048
[  128.635530][ T7313] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.648989][ T7311] can0 (unregistered): slcan off ttyS3.
[  128.659336][ T7314] netlink: 'syz.0.1071': attribute type 1 has an invalid length.
[  128.667102][ T7314] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1071'.
[  128.727908][ T7319] loop0: detected capacity change from 0 to 512
[  128.780113][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.789609][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.815132][ T7319] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  128.850012][ T7319] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.892844][   T29] kauditd_printk_skb: 1182 callbacks suppressed
[  128.892856][   T29] audit: type=1326 audit(1756466929.438:11674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7318 comm="syz.0.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89784febe9 code=0x7ffc0000
[  128.971304][ T7086] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  128.974565][   T29] audit: type=1326 audit(1756466929.478:11675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7318 comm="syz.0.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89784febe9 code=0x7ffc0000
[  129.003930][   T29] audit: type=1326 audit(1756466929.478:11676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7318 comm="syz.0.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f89784febe9 code=0x7ffc0000
[  129.027463][   T29] audit: type=1326 audit(1756466929.478:11677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7318 comm="syz.0.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89784febe9 code=0x7ffc0000
[  129.051249][   T29] audit: type=1326 audit(1756466929.478:11678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7318 comm="syz.0.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89784febe9 code=0x7ffc0000
[  129.075004][   T29] audit: type=1326 audit(1756466929.478:11679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7318 comm="syz.0.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f89784febe9 code=0x7ffc0000
[  129.098535][   T29] audit: type=1326 audit(1756466929.478:11680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7318 comm="syz.0.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89784febe9 code=0x7ffc0000
[  129.122027][   T29] audit: type=1326 audit(1756466929.478:11681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7318 comm="syz.0.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89784febe9 code=0x7ffc0000
[  129.145520][   T29] audit: type=1326 audit(1756466929.478:11682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7318 comm="syz.0.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f89784febe9 code=0x7ffc0000
[  129.169165][   T29] audit: type=1326 audit(1756466929.478:11683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7318 comm="syz.0.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89784febe9 code=0x7ffc0000
[  129.315966][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.331920][ T7330] loop0: detected capacity change from 0 to 512
[  129.342961][ T7330] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  129.361958][ T7330] EXT4-fs (loop0): 1 truncate cleaned up
[  129.368071][ T7330] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.496220][ T7343] netlink: 100 bytes leftover after parsing attributes in process `syz.4.1082'.
[  129.587087][ T7346] random: crng reseeded on system resumption
[  129.607428][ T7346] Restarting kernel threads ...
[  129.623946][ T7346] Done restarting kernel threads.
[  129.678741][ T7350] loop1: detected capacity change from 0 to 512
[  129.701416][ T7350] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  129.730296][ T7350] EXT4-fs (loop1): 1 truncate cleaned up
[  129.746562][ T7350] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.811012][ T7351] mmap: syz.4.1083 (7351) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  129.844074][ T7357] loop2: detected capacity change from 0 to 512
[  129.863165][ T7357] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  129.891239][ T7357] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1086: bg 0: block 4: invalid block bitmap
[  129.952033][ T7357] EXT4-fs (loop2): Remounting filesystem read-only
[  129.964773][ T7346] SELinux:  Context system_u:object_r:setrans_exec_t:s0 is not valid (left unmapped).
[  129.983971][ T7357] EXT4-fs (loop2): 1 truncate cleaned up
[  130.007134][ T7346] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  130.022586][ T7357] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.075428][ T7363] loop3: detected capacity change from 0 to 512
[  130.110505][ T7363] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  130.133770][ T7363] EXT4-fs (loop3): 1 truncate cleaned up
[  130.140543][ T7363] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.173112][ T7086] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.242379][ T7371] loop0: detected capacity change from 0 to 256
[  130.253533][ T7371] msdos: Bad value for 'uid'
[  130.258155][ T7371] msdos: Bad value for 'uid'
[  130.271712][ T7371] 9pnet_fd: Insufficient options for proto=fd
[  130.396210][ T7379] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1093'.
[  130.529642][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.606632][ T7388] netlink: 'syz.1.1095': attribute type 39 has an invalid length.
[  130.683313][ T7392] loop1: detected capacity change from 0 to 512
[  130.705597][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.719193][ T7392] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  130.745931][ T7392] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1098: bg 0: block 4: invalid block bitmap
[  130.773485][ T7392] EXT4-fs (loop1): Remounting filesystem read-only
[  130.787669][ T7392] EXT4-fs (loop1): 1 truncate cleaned up
[  130.800734][ T7392] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.909004][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.934647][ T7400] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[  130.934647][ T7400]    program syz.2.1101 not setting count and/or reply_len properly
[  130.955589][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.032776][ T7408] loop1: detected capacity change from 0 to 512
[  131.051223][ T7411] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1106'.
[  131.062906][ T7408] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  131.075720][ T7408] EXT4-fs (loop1): 1 truncate cleaned up
[  131.083543][ T7408] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.216094][ T7420] loop4: detected capacity change from 0 to 512
[  131.246505][ T7422] loop3: detected capacity change from 0 to 1024
[  131.280097][ T7420] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  131.299423][ T7422] EXT4-fs: Ignoring removed nobh option
[  131.314955][ T7420] EXT4-fs (loop4): 1 truncate cleaned up
[  131.324852][ T7422] EXT4-fs: Ignoring removed oldalloc option
[  131.330853][ T7422] EXT4-fs: Ignoring removed i_version option
[  131.339440][ T7420] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.360621][ T7422] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  131.393593][ T7422] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #11: comm syz.3.1110: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  131.498213][ T7422] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1110: couldn't read orphan inode 11 (err -117)
[  131.560264][ T7422] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.901927][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.059870][ T7439] FAULT_INJECTION: forcing a failure.
[  132.059870][ T7439] name failslab, interval 1, probability 0, space 0, times 0
[  132.072520][ T7439] CPU: 0 UID: 0 PID: 7439 Comm: syz.1.1114 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  132.072542][ T7439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  132.072590][ T7439] Call Trace:
[  132.072597][ T7439]  <TASK>
[  132.072604][ T7439]  __dump_stack+0x1d/0x30
[  132.072625][ T7439]  dump_stack_lvl+0xe8/0x140
[  132.072643][ T7439]  dump_stack+0x15/0x1b
[  132.072660][ T7439]  should_fail_ex+0x265/0x280
[  132.072682][ T7439]  ? sel_netport_sid_slow+0x11b/0x330
[  132.072735][ T7439]  should_failslab+0x8c/0xb0
[  132.072757][ T7439]  __kmalloc_cache_noprof+0x4c/0x320
[  132.072840][ T7439]  sel_netport_sid_slow+0x11b/0x330
[  132.072876][ T7439]  sel_netport_sid+0xe9/0x140
[  132.072914][ T7439]  selinux_socket_connect_helper+0x36b/0x470
[  132.072939][ T7439]  selinux_sctp_bind_connect+0x178/0x250
[  132.072972][ T7439]  security_sctp_bind_connect+0x50/0x90
[  132.073024][ T7439]  sctp_sendmsg+0xee3/0x18d0
[  132.073183][ T7439]  ? selinux_socket_sendmsg+0xa1/0x1b0
[  132.073216][ T7439]  ? __pfx_sctp_sendmsg+0x10/0x10
[  132.073280][ T7439]  inet_sendmsg+0xc2/0xd0
[  132.073304][ T7439]  __sock_sendmsg+0x102/0x180
[  132.073335][ T7439]  ____sys_sendmsg+0x345/0x4e0
[  132.073361][ T7439]  ___sys_sendmsg+0x17b/0x1d0
[  132.073390][ T7439]  __sys_sendmmsg+0x178/0x300
[  132.073488][ T7439]  __x64_sys_sendmmsg+0x57/0x70
[  132.073512][ T7439]  x64_sys_call+0x1c4a/0x2ff0
[  132.073535][ T7439]  do_syscall_64+0xd2/0x200
[  132.073660][ T7439]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  132.073684][ T7439]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  132.073712][ T7439]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.073735][ T7439] RIP: 0033:0x7f62f0cdebe9
[  132.073750][ T7439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.073840][ T7439] RSP: 002b:00007f62ef747038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  132.073859][ T7439] RAX: ffffffffffffffda RBX: 00007f62f0f05fa0 RCX: 00007f62f0cdebe9
[  132.073919][ T7439] RDX: 0000000000000002 RSI: 0000200000000900 RDI: 0000000000000006
[  132.073932][ T7439] RBP: 00007f62ef747090 R08: 0000000000000000 R09: 0000000000000000
[  132.073943][ T7439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.073953][ T7439] R13: 00007f62f0f06038 R14: 00007f62f0f05fa0 R15: 00007fff7cbe9dd8
[  132.073968][ T7439]  </TASK>
[  132.420612][ T7442] netlink: 34 bytes leftover after parsing attributes in process `syz.0.1116'.
[  132.548495][ T7450] loop1: detected capacity change from 0 to 2048
[  132.560810][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.583452][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.605279][ T7450] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.848763][ T7470] loop3: detected capacity change from 0 to 512
[  132.864272][ T7470] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  132.890812][ T7470] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1124: bg 0: block 4: invalid block bitmap
[  132.916632][ T7470] EXT4-fs (loop3): Remounting filesystem read-only
[  132.930666][ T7472] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1126'.
[  132.930806][ T7470] EXT4-fs (loop3): 1 truncate cleaned up
[  132.972711][ T7470] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.003138][ T7474] netlink: 164 bytes leftover after parsing attributes in process `syz.4.1126'.
[  133.052238][ T7474] can0: slcan on ttyS3.
[  133.109381][ T7472] can0 (unregistered): slcan off ttyS3.
[  133.123548][ T7472] netlink: 'syz.4.1126': attribute type 1 has an invalid length.
[  133.131420][ T7472] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1126'.
[  133.205143][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.243412][ T7476] loop4: detected capacity change from 0 to 512
[  133.271133][ T7476] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  133.304330][ T7476] EXT4-fs (loop4): 1 truncate cleaned up
[  133.320763][ T7476] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.351268][ T7481] loop1: detected capacity change from 0 to 512
[  133.391969][ T7481] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.428370][ T7481] ext4 filesystem being mounted at /240/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.470585][ T7481] FAULT_INJECTION: forcing a failure.
[  133.470585][ T7481] name failslab, interval 1, probability 0, space 0, times 0
[  133.483238][ T7481] CPU: 1 UID: 0 PID: 7481 Comm: syz.1.1129 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  133.483286][ T7481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  133.483331][ T7481] Call Trace:
[  133.483336][ T7481]  <TASK>
[  133.483342][ T7481]  __dump_stack+0x1d/0x30
[  133.483362][ T7481]  dump_stack_lvl+0xe8/0x140
[  133.483384][ T7481]  dump_stack+0x15/0x1b
[  133.483404][ T7481]  should_fail_ex+0x265/0x280
[  133.483440][ T7481]  should_failslab+0x8c/0xb0
[  133.483502][ T7481]  kmem_cache_alloc_noprof+0x50/0x310
[  133.483529][ T7481]  ? __es_insert_extent+0x508/0xee0
[  133.483573][ T7481]  __es_insert_extent+0x508/0xee0
[  133.483598][ T7481]  ? xas_load+0x413/0x430
[  133.483676][ T7481]  ? should_fail_ex+0xdb/0x280
[  133.483696][ T7481]  ext4_es_insert_extent+0x435/0x1c10
[  133.483727][ T7481]  ? ext4_find_extent+0x16b/0x7a0
[  133.483769][ T7481]  ext4_ext_map_blocks+0x172b/0x38a0
[  133.483791][ T7481]  ? __bpf_get_stackid+0x7e9/0x800
[  133.483822][ T7481]  ? find_get_block_common+0x736/0x960
[  133.483846][ T7481]  ext4_map_query_blocks+0xa8/0x480
[  133.483879][ T7481]  ext4_map_blocks+0x330/0xd00
[  133.483961][ T7481]  ? __ext4_journal_get_write_access+0x1d1/0x350
[  133.483985][ T7481]  ? __ext4_journal_start_sb+0x131/0x300
[  133.484009][ T7481]  ext4_alloc_file_blocks+0x2a9/0x800
[  133.484088][ T7481]  ? __pfx_ext4_dirty_inode+0x10/0x10
[  133.484165][ T7481]  ext4_do_fallocate+0x13b/0x3f0
[  133.484193][ T7481]  ext4_fallocate+0x20d/0x2f0
[  133.484295][ T7481]  vfs_fallocate+0x3b6/0x400
[  133.484316][ T7481]  __x64_sys_fallocate+0x7a/0xd0
[  133.484338][ T7481]  x64_sys_call+0x2514/0x2ff0
[  133.484356][ T7481]  do_syscall_64+0xd2/0x200
[  133.484405][ T7481]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  133.484430][ T7481]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  133.484451][ T7481]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.484498][ T7481] RIP: 0033:0x7f62f0cdebe9
[  133.484514][ T7481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.484529][ T7481] RSP: 002b:00007f62ef747038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  133.484544][ T7481] RAX: ffffffffffffffda RBX: 00007f62f0f05fa0 RCX: 00007f62f0cdebe9
[  133.484555][ T7481] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  133.484614][ T7481] RBP: 00007f62ef747090 R08: 0000000000000000 R09: 0000000000000000
[  133.484706][ T7481] R10: 00000000001000f4 R11: 0000000000000246 R12: 0000000000000001
[  133.484719][ T7481] R13: 00007f62f0f06038 R14: 00007f62f0f05fa0 R15: 00007fff7cbe9dd8
[  133.484736][ T7481]  </TASK>
[  133.797107][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.812705][ T7493] loop0: detected capacity change from 0 to 512
[  133.819411][ T7489] loop2: detected capacity change from 0 to 512
[  133.827271][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.848190][ T7489] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 4)
[  133.858311][ T7489] FAT-fs (loop2): FAT read failed (blocknr 52768)
[  133.858681][ T7493] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  133.897369][ T7489] loop2: detected capacity change from 0 to 736
[  133.905162][   T29] kauditd_printk_skb: 901 callbacks suppressed
[  133.905175][   T29] audit: type=1326 audit(1756466934.448:12583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7488 comm="syz.2.1132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f734673d84a code=0x7ffc0000
[  133.912916][ T7493] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.935410][ T7489] iso9660: Unknown parameter 'msdos'
[  134.011628][ T7086] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  134.038743][   T29] audit: type=1326 audit(1756466934.488:12584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7488 comm="syz.2.1132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f734673d84a code=0x7ffc0000
[  134.062468][   T29] audit: type=1326 audit(1756466934.488:12585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7488 comm="syz.2.1132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f734673d457 code=0x7ffc0000
[  134.086046][   T29] audit: type=1326 audit(1756466934.488:12586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7488 comm="syz.2.1132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f734674038a code=0x7ffc0000
[  134.109743][   T29] audit: type=1326 audit(1756466934.528:12587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.0.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89784febe9 code=0x7ffc0000
[  134.133296][   T29] audit: type=1326 audit(1756466934.528:12588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.0.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89784febe9 code=0x7ffc0000
[  134.156873][   T29] audit: type=1326 audit(1756466934.528:12589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.0.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f89784febe9 code=0x7ffc0000
[  134.180420][   T29] audit: type=1326 audit(1756466934.528:12590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.0.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89784febe9 code=0x7ffc0000
[  134.203970][   T29] audit: type=1326 audit(1756466934.528:12591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.0.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89784febe9 code=0x7ffc0000
[  134.227655][   T29] audit: type=1326 audit(1756466934.528:12592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.0.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f89784febe9 code=0x7ffc0000
[  134.266492][ T7504] loop1: detected capacity change from 0 to 512
[  134.273413][ T7504] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  134.292940][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.305414][ T7504] EXT4-fs (loop1): 1 truncate cleaned up
[  134.313500][ T7504] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.398713][ T7514] loop2: detected capacity change from 0 to 2048
[  134.414189][ T7506] loop3: detected capacity change from 0 to 512
[  134.442667][ T7514] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.466550][ T7519] __nla_validate_parse: 2 callbacks suppressed
[  134.466570][ T7519] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1142'.
[  134.468852][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.494592][ T7506] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  134.494697][ T7506] EXT4-fs (loop3): orphan cleanup on readonly fs
[  134.513676][ T7506] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.1138: corrupted inode contents
[  134.526857][ T7526] netlink: 164 bytes leftover after parsing attributes in process `syz.4.1142'.
[  134.543403][ T7506] EXT4-fs (loop3): Remounting filesystem read-only
[  134.545012][ T7526] can0: slcan on ttyS3.
[  134.559825][ T7506] EXT4-fs (loop3): 1 truncate cleaned up
[  134.560165][   T31] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  134.576143][   T31] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  134.581946][ T7528] loop2: detected capacity change from 0 to 256
[  134.582532][ T7528] msdos: Bad value for 'uid'
[  134.582586][ T7528] msdos: Bad value for 'uid'
[  134.582839][   T31] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  134.594216][ T7506] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  134.594297][ T7528] 9pnet_fd: Insufficient options for proto=fd
[  134.594635][ T7506] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.621890][ T7519] can0 (unregistered): slcan off ttyS3.
[  134.624902][ T7519] can0: slcan on ttyS3.
[  134.628186][ T7519] netlink: 'syz.4.1142': attribute type 1 has an invalid length.
[  134.628203][ T7519] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1142'.
[  134.632216][ T7530] loop2: detected capacity change from 0 to 512
[  134.642970][ T7530] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  134.664443][ T7530] EXT4-fs (loop2): 1 truncate cleaned up
[  134.721376][ T7518] can0 (unregistered): slcan off ttyS3.
[  134.722490][ T7530] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.910491][ T7539] loop0: detected capacity change from 0 to 2048
[  134.932714][ T7539] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.009903][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.296887][ T7086] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.350683][ T7555] loop0: detected capacity change from 0 to 512
[  135.360831][ T7555] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  135.372959][ T7555] EXT4-fs (loop0): 1 truncate cleaned up
[  135.400580][ T7555] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.529244][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.950256][ T7571] loop2: detected capacity change from 0 to 2048
[  135.971462][ T7571] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.994115][ T7576] loop4: detected capacity change from 0 to 128
[  135.994579][ T7571] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.040044][ T7566] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  136.047954][ T7566] FAT-fs (loop4): Filesystem has been set read-only
[  136.054957][ T7566] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  136.065432][ T7566] syz.4.1155: attempt to access beyond end of device
[  136.065432][ T7566] loop4: rw=2049, sector=2065, nr_sectors = 8 limit=128
[  136.121997][ T7573] loop1: detected capacity change from 0 to 2048
[  136.150813][ T7573] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.163480][ T7581] loop2: detected capacity change from 0 to 512
[  136.171919][ T7581] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  136.201941][ T7581] EXT4-fs (loop2): 1 truncate cleaned up
[  136.213076][ T7581] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.227073][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.285400][ T7590] loop4: detected capacity change from 0 to 512
[  136.292218][ T7590] EXT4-fs: Ignoring removed i_version option
[  136.306965][ T7086] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.321466][ T7590] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.336141][ T7588] loop1: detected capacity change from 0 to 2048
[  136.344320][ T7590] ext4 filesystem being mounted at /227/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  136.358550][ T7595] loop0: detected capacity change from 0 to 512
[  136.365626][ T7595] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  136.376762][ T7588] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.389821][ T7595] EXT4-fs (loop0): 1 truncate cleaned up
[  136.395923][ T7595] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.425877][ T7590] netlink: 'syz.4.1163': attribute type 1 has an invalid length.
[  136.433814][ T7590] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1163'.
[  136.523790][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.645701][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.908332][ T7618] loop4: detected capacity change from 0 to 512
[  136.915435][ T7618] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  136.928947][ T7618] EXT4-fs (loop4): 1 truncate cleaned up
[  136.935019][ T7618] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.009558][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.225901][ T7086] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.260152][ T7628] loop2: detected capacity change from 0 to 512
[  137.279524][ T7628] EXT4-fs: Ignoring removed nobh option
[  137.312084][ T7628] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #3: comm syz.2.1175: corrupted inode contents
[  137.348719][ T7628] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #3: comm syz.2.1175: mark_inode_dirty error
[  137.414088][ T7628] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #3: comm syz.2.1175: corrupted inode contents
[  137.449151][ T7628] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.1175: mark_inode_dirty error
[  137.469542][ T7628] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.1175: Failed to acquire dquot type 0
[  137.485627][ T7628] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.1175: corrupted inode contents
[  137.493316][ T7637] loop0: detected capacity change from 0 to 2048
[  137.512252][ T7628] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #16: comm syz.2.1175: mark_inode_dirty error
[  137.540244][ T7628] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.1175: corrupted inode contents
[  137.565228][ T7637] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.580136][ T7628] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.1175: mark_inode_dirty error
[  137.594576][ T7628] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.1175: corrupted inode contents
[  137.609160][ T7628] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  137.628512][ T7628] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.1175: corrupted inode contents
[  137.659633][ T7628] EXT4-fs error (device loop2): ext4_truncate:4666: inode #16: comm syz.2.1175: mark_inode_dirty error
[  137.680280][ T7628] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  137.702324][ T7628] EXT4-fs (loop2): 1 truncate cleaned up
[  137.716896][ T7628] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.757941][ T7628] ext4 filesystem being mounted at /219/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  137.774515][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.867822][ T7086] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.998549][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.025142][ T7648] loop4: detected capacity change from 0 to 2048
[  138.036192][ T7651] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[  138.036192][ T7651]    program syz.0.1183 not setting count and/or reply_len properly
[  138.111913][ T7663] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1187'.
[  138.178686][ T7665] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1187'.
[  138.187662][ T7667] loop2: detected capacity change from 0 to 512
[  138.202032][ T7665] can0: slcan on ttyS3.
[  138.207039][ T7667] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  138.222018][ T7667] EXT4-fs (loop2): 1 truncate cleaned up
[  138.269009][ T7665] can0 (unregistered): slcan off ttyS3.
[  138.283551][ T7663] can0: slcan on ttyS3.
[  138.300423][ T7663] netlink: 'syz.4.1187': attribute type 1 has an invalid length.
[  138.308185][ T7663] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1187'.
[  138.409455][ T7662] can0 (unregistered): slcan off ttyS3.
[  138.453199][ T7674] loop3: detected capacity change from 0 to 512
[  138.473114][ T7674] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  138.489361][ T7674] EXT4-fs (loop3): orphan cleanup on readonly fs
[  138.513827][ T7674] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.1189: corrupted inode contents
[  138.528979][ T7674] EXT4-fs (loop3): Remounting filesystem read-only
[  138.535623][ T7674] EXT4-fs (loop3): 1 truncate cleaned up
[  138.544854][   T51] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  138.555764][   T51] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  138.604492][   T51] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  138.911745][   T29] kauditd_printk_skb: 857 callbacks suppressed
[  138.911761][   T29] audit: type=1326 audit(1756466939.458:13436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7658 comm="syz.0.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f89784f5ba7 code=0x7ffc0000
[  138.944146][   T29] audit: type=1326 audit(1756466939.458:13437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7658 comm="syz.0.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f897849ade9 code=0x7ffc0000
[  138.967672][   T29] audit: type=1326 audit(1756466939.458:13438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7658 comm="syz.0.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89784febe9 code=0x7ffc0000
[  138.991204][   T29] audit: type=1326 audit(1756466939.458:13439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7658 comm="syz.0.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f89784f5ba7 code=0x7ffc0000
[  139.014685][   T29] audit: type=1326 audit(1756466939.458:13440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7658 comm="syz.0.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f897849ade9 code=0x7ffc0000
[  139.038507][   T29] audit: type=1326 audit(1756466939.458:13441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7658 comm="syz.0.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89784febe9 code=0x7ffc0000
[  139.062219][   T29] audit: type=1326 audit(1756466939.458:13442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7658 comm="syz.0.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f89784f5ba7 code=0x7ffc0000
[  139.085669][   T29] audit: type=1326 audit(1756466939.458:13443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7658 comm="syz.0.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f897849ade9 code=0x7ffc0000
[  139.109125][   T29] audit: type=1326 audit(1756466939.458:13444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7658 comm="syz.0.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89784febe9 code=0x7ffc0000
[  139.132597][   T29] audit: type=1326 audit(1756466939.498:13445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7658 comm="syz.0.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f89784f5ba7 code=0x7ffc0000
[  139.198584][ T7692] loop2: detected capacity change from 0 to 256
[  139.205113][ T7691] loop3: detected capacity change from 0 to 2048
[  139.212602][ T7692] msdos: Bad value for 'uid'
[  139.215864][ T7694] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[  139.215864][ T7694]    program syz.0.1196 not setting count and/or reply_len properly
[  139.217284][ T7692] msdos: Bad value for 'uid'
[  139.289902][ T7703] netlink: 'syz.0.1200': attribute type 39 has an invalid length.
[  139.323662][ T7701] loop2: detected capacity change from 0 to 2048
[  139.455466][ T7716] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1204'.
[  139.470151][ T7718] loop0: detected capacity change from 0 to 512
[  139.477405][ T7718] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  139.490298][ T7718] EXT4-fs (loop0): 1 truncate cleaned up
[  139.678723][ T7728] FAULT_INJECTION: forcing a failure.
[  139.678723][ T7728] name failslab, interval 1, probability 0, space 0, times 0
[  139.691431][ T7728] CPU: 0 UID: 0 PID: 7728 Comm: syz.2.1207 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  139.691499][ T7728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  139.691510][ T7728] Call Trace:
[  139.691515][ T7728]  <TASK>
[  139.691521][ T7728]  __dump_stack+0x1d/0x30
[  139.691618][ T7728]  dump_stack_lvl+0xe8/0x140
[  139.691635][ T7728]  dump_stack+0x15/0x1b
[  139.691651][ T7728]  should_fail_ex+0x265/0x280
[  139.691723][ T7728]  should_failslab+0x8c/0xb0
[  139.691747][ T7728]  kmem_cache_alloc_node_noprof+0x57/0x320
[  139.691789][ T7728]  ? __alloc_skb+0x101/0x320
[  139.691811][ T7728]  __alloc_skb+0x101/0x320
[  139.691830][ T7728]  ? audit_log_start+0x365/0x6c0
[  139.691917][ T7728]  audit_log_start+0x380/0x6c0
[  139.691949][ T7728]  audit_seccomp+0x48/0x100
[  139.691972][ T7728]  ? __seccomp_filter+0x68c/0x10d0
[  139.692044][ T7728]  __seccomp_filter+0x69d/0x10d0
[  139.692082][ T7728]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  139.692114][ T7728]  ? vfs_write+0x7e8/0x960
[  139.692144][ T7728]  __secure_computing+0x82/0x150
[  139.692188][ T7728]  syscall_trace_enter+0xcf/0x1e0
[  139.692210][ T7728]  do_syscall_64+0xac/0x200
[  139.692296][ T7728]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  139.692318][ T7728]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  139.692423][ T7728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.692518][ T7728] RIP: 0033:0x7f734673ebe9
[  139.692537][ T7728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.692559][ T7728] RSP: 002b:00007f73451a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000013d
[  139.692591][ T7728] RAX: ffffffffffffffda RBX: 00007f7346965fa0 RCX: 00007f734673ebe9
[  139.692656][ T7728] RDX: 0000200000000280 RSI: 0000000000000008 RDI: 0000000000000001
[  139.692667][ T7728] RBP: 00007f73451a7090 R08: 0000000000000000 R09: 0000000000000000
[  139.692677][ T7728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.692688][ T7728] R13: 00007f7346966038 R14: 00007f7346965fa0 R15: 00007ffe7f129118
[  139.692703][ T7728]  </TASK>
[  139.938956][ T7730] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[  139.938956][ T7730]    program syz.2.1208 not setting count and/or reply_len properly
[  139.963009][ T7732] loop1: detected capacity change from 0 to 256
[  139.989224][ T7732] msdos: Bad value for 'uid'
[  139.993948][ T7732] msdos: Bad value for 'uid'
[  140.059865][ T7734] loop2: detected capacity change from 0 to 2048
[  140.204193][ T7744] loop2: detected capacity change from 0 to 512
[  140.234814][ T7744] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  140.269189][ T7744] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1214: bg 0: block 4: invalid block bitmap
[  140.299288][ T7744] EXT4-fs (loop2): Remounting filesystem read-only
[  140.305861][ T7744] EXT4-fs (loop2): 1 truncate cleaned up
[  140.330308][ T7748] netlink: 'syz.1.1216': attribute type 39 has an invalid length.
[  140.367802][ T7751] loop2: detected capacity change from 0 to 1024
[  140.406444][ T7757] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[  140.406444][ T7757]    program syz.1.1220 not setting count and/or reply_len properly
[  140.480961][ T7764] loop1: detected capacity change from 0 to 256
[  140.481471][ T7764] msdos: Bad value for 'uid'
[  140.481522][ T7764] msdos: Bad value for 'uid'
[  140.567130][ T7771] loop1: detected capacity change from 0 to 2048
[  140.681986][ T7784] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1228'.
[  140.717022][ T7779] loop2: detected capacity change from 0 to 2048
[  140.778647][ T7791] loop1: detected capacity change from 0 to 512
[  140.790335][ T7791] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  140.802222][ T7791] EXT4-fs (loop1): 1 truncate cleaned up
[  140.821066][ T7794] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[  140.821066][ T7794]    program syz.2.1231 not setting count and/or reply_len properly
[  140.949816][ T7796] ==================================================================
[  140.957940][ T7796] BUG: KCSAN: data-race in __mark_inode_dirty / writeback_single_inode
[  140.966203][ T7796] 
[  140.968545][ T7796] write to 0xffff88810ce341a0 of 4 bytes by task 7791 on cpu 0:
[  140.976177][ T7796]  writeback_single_inode+0x14a/0x3e0
[  140.981584][ T7796]  sync_inode_metadata+0x5b/0x90
[  140.986540][ T7796]  generic_buffers_fsync_noflush+0xd9/0x120
[  140.992461][ T7796]  ext4_sync_file+0x1ab/0x690
[  140.997160][ T7796]  vfs_fsync_range+0x10d/0x130
[  141.001947][ T7796]  ext4_buffered_write_iter+0x34f/0x3c0
[  141.007523][ T7796]  ext4_file_write_iter+0xdbf/0xf00
[  141.012732][ T7796]  iter_file_splice_write+0x663/0xa60
[  141.018113][ T7796]  direct_splice_actor+0x153/0x2a0
[  141.023391][ T7796]  splice_direct_to_actor+0x30f/0x680
[  141.028757][ T7796]  do_splice_direct+0xda/0x150
[  141.033606][ T7796]  do_sendfile+0x380/0x650
[  141.038030][ T7796]  __x64_sys_sendfile64+0x105/0x150
[  141.043230][ T7796]  x64_sys_call+0x2bb0/0x2ff0
[  141.047913][ T7796]  do_syscall_64+0xd2/0x200
[  141.052427][ T7796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.058314][ T7796] 
[  141.060633][ T7796] read to 0xffff88810ce341a0 of 4 bytes by task 7796 on cpu 1:
[  141.068193][ T7796]  __mark_inode_dirty+0x55/0x750
[  141.073172][ T7796]  file_modified_flags+0x324/0x350
[  141.078285][ T7796]  file_modified+0x17/0x20
[  141.082708][ T7796]  ext4_file_write_iter+0x9b1/0xf00
[  141.087908][ T7796]  iter_file_splice_write+0x663/0xa60
[  141.093276][ T7796]  direct_splice_actor+0x153/0x2a0
[  141.098384][ T7796]  splice_direct_to_actor+0x30f/0x680
[  141.103747][ T7796]  do_splice_direct+0xda/0x150
[  141.108502][ T7796]  do_sendfile+0x380/0x650
[  141.113050][ T7796]  __x64_sys_sendfile64+0x105/0x150
[  141.118255][ T7796]  x64_sys_call+0x2bb0/0x2ff0
[  141.122932][ T7796]  do_syscall_64+0xd2/0x200
[  141.127445][ T7796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.133335][ T7796] 
[  141.135648][ T7796] value changed: 0x00000008 -> 0x00000002
[  141.141367][ T7796] 
[  141.143683][ T7796] Reported by Kernel Concurrency Sanitizer on:
[  141.149830][ T7796] CPU: 1 UID: 0 PID: 7796 Comm: syz.1.1230 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  141.159641][ T7796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  141.169700][ T7796] ==================================================================