last executing test programs:

8.124025752s ago: executing program 3 (id=1328):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56551, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x6, 0x1002, 0x0, 0x2, 0xffffffff}, [@TCA_NETEM_CORRUPT={0xc, 0x4, {0xfffffffd}}]}}}]}, 0x58}}, 0x20000000)
sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)

7.263892208s ago: executing program 3 (id=1336):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0xb0140, 0x2)
r1 = openat(r0, &(0x7f00000000c0)='./file0\x00', 0x50001, 0xc)
quotactl_fd$Q_SETQUOTA(r1, 0xffffffff80000802, 0x0, 0x0)
getpeername$l2tp6(r1, &(0x7f00000003c0)={0xa, 0x0, 0x0, @local}, &(0x7f0000000480)=0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, &(0x7f0000000600)={{0x1, 0x1, 0x18, <r2=>r0, {0x8fde, 0xf}}, './file0\x00'})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000940)={r2, 0x20, &(0x7f0000000640)={&(0x7f00000006c0)=""/78, 0x4e, <r3=>0x0, &(0x7f0000000840)=""/197, 0xc5}}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x18)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
mincore(&(0x7f0000b2f000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/36)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xec}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000580)='rss_stat\x00', r5, 0x0, 0x2}, 0x18)
r7 = socket(0x1e, 0x4, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r8=>r6}, './file0\x00'})
r9 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000300)={'lo\x00', <r10=>0x0})
sendmsg$can_raw(r9, &(0x7f0000000000)={&(0x7f0000000580)={0x1d, r10}, 0x10, &(0x7f0000000080)={&(0x7f0000001680)=@canfd={{0x2, 0x0, 0x0, 0x1}, 0x21, 0x3, 0x0, 0x0, "4b00da3a929a667d4dc30a7b0a4e06bcae7553ee9e66da75901b8620076714f79c9b8de6b3079729ab66cd7972b74a339533e93505e6aa5e8ca5b3f52ad00d57"}, 0x48}, 0x2, 0x0, 0x0, 0x2472ca9aa3d5954b}, 0x10044009)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r8, 0x89f1, &(0x7f00000002c0)={'gre0\x00', &(0x7f0000000200)={'gretap0\x00', r10, 0x20, 0x8000, 0x3, 0x9, {{0x5, 0x4, 0x1, 0x14, 0x14, 0x65, 0x0, 0x7, 0x4, 0x0, @loopback, @rand_addr=0x640100fd}}}})
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[], 0x58}, 0x1, 0x0, 0x0, 0x8000}, 0x48800)
setsockopt$packet_tx_ring(r7, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
recvmmsg$unix(r7, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000003100)=""/4096, 0x1000}], 0x1}}], 0x1, 0x400122a0, 0x0)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r13, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000500)={0x2c, r12, 0x10ada85e65c25359, 0xfffffffc, 0x25dfdbfd, {{0x6b}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x9}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8441}, 0x4000000)
sendmsg$NL80211_CMD_START_NAN(r7, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x20, r12, 0x20, 0x70bd25, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xffffffff, 0x55}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x44010}, 0x4008000)
sendmmsg(r7, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)

7.20039363s ago: executing program 3 (id=1339):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000007c0)={{0xffffffffffffffff, <r0=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r1 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200000a, 0x1, 0x8})
ioctl$BLKTRACESETUP(r1, 0x1276, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x1d, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x3, 0xfb, &(0x7f00000003c0)=""/251, 0x40f00, 0x28, '\x00', 0x0, 0x25, r1, 0x8, &(0x7f0000000140)={0x5, 0x5}, 0x8, 0x10, &(0x7f00000004c0)={0x4, 0x10, 0x1, 0x8}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000500)=[r0, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000640)=[{0x0, 0x4, 0xe, 0x9}, {0x1, 0x5, 0x6, 0xa}, {0x3, 0x1, 0x8, 0x9}, {0x0, 0x2, 0xb, 0xa}, {0x5, 0x2, 0xd, 0xb}, {0x5, 0x3, 0xd, 0x1}, {0x0, 0x2, 0x8, 0xc}, {0x4, 0x4, 0x5, 0xc}], 0x10, 0x2}, 0x94)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x36e, &(0x7f00000007c0)="$eJzs3U1oM0UYwPEnaZImeXmbHERRkA6+CHpZ2uhZDNKCELC0jdgKwrbdaMialGyoRsS2J4+Kd0+Ch9KbBQ8F7VnoxZteRPDWi6BgBXVlv5LNV9PGpMH2/4OSycw8uzPZSXk27WYv3vj03UrJ0kp6Q6JJJRERkUuRrEQlEPEfo245IfLJd622A3n+wW8/PL22UUx6FWo5v/5CTik1N//Nex+m/G6ns3Kefevi19wv54+fP3nxz/o7ZUuVLVWtNZSutmo/NfQt01A7ZauiKbViGrplqHLVMupe+1f+dsza7m5T6dWdh+ndumFZSq82VcVoqkZNNepNpb+tl6tK0zT1MC0Ypni0uqrnRwzeHvNgMCH1el6fEZFUT0vxaCoDAgAAU9Wd/0edlH5Y/h/Syv83Za5QWFpVTud2/n/8zFnjwesnc37+f5rol/+/+KO3rY783zmdaOf/Ne/8oDQ8//9cbpD/92ZE98vI+X92AoPBaOYTPVWRjmdO/p/237+uwzePF9wC+T8AAAAAAAAAAAAAAAAAAAAAAP8Hl7adsW07EzwGP+1LCPznuJMGHf9ZEUk6R9/m+N9laxubknQv3HOOsfnxXnGv6D36Hc5ExBTjb7ubszaCK4+UIyvfmvt+/P5eccZtyZek7MTLomQk666nULxtL79aWFpUHj++dZlSOhyfk4w8Fo7/2l2dTnyuM97ff0KeexSK1yQj329LTUzZcSPb+/9oUalXXit0xafcfiLy860fFAAAAAAAxkxTLX3P3zVtULv3LSP5kvsxkSELkpG/+p/fL/Q9P49lnopNe/YAAAAAANwPVvODii5Ro+4WTLNfISUDm8ZQiHXUxEWkb+dEV038qi3PhGZ43fEkxLuDyX+d1xfBq3qTqOAfKZyBt5r8O6rIaOMJ5u/WRGLP/u43/XnTeUUOxF0AB+GmqFwjPNY9+HmnQvXt/Gjgdg79ibRqgo+NEgNeZ1np3U70ipUQ76mxI6MtgCc++/KP8b1BXjrxV8D7wzsfmoa9L9c5KF0FZxe9TfGJ/+IBAAAAcOvaSX9Q83K4OXwjkfDNcvjLPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYzSRr/TrKgze++xtThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYun8DAAD//7ct9c4=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105142, 0x2c)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x100000b, 0x2013, r2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600)
r3 = socket$inet6_icmp(0xa, 0x2, 0x3a)
recvfrom$inet6(r3, &(0x7f0000000040)=""/58, 0x3a, 0x2120, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x12, &(0x7f0000000100), 0x1, 0x4c9, &(0x7f0000000b40)="$eJzs201sVNUeAPD/nU6/4PHo4yEKog6isdHYQkFh4QajiQtMjLjQZdMWghRqaE2EECmJwaUhcW9cunXhVt0ZVyZucWliSIhhA7gac2fubeez9GPaAeb3S6Y9586595z/3HPunLlnJoCeVUr/JBH/iYibEbGzmq0vUKr+u3fnytT9O1emYrFcPvV3Uil3N81n8v22Z5nRQkThi6ThgFXzly6fm5ydnbmY5ccXzn8yPn/p8qtnz0+emTkzc2Hi+PGjRw4fe33itbUH1aK+NK67+z6f27/3nY9uvDtVzLcPZf9r4+iUUpRaNaXixU5X1mU7atJJsYsNYU36IiI9Xf2V8b8z+sLJg15RLpfLg+2eHEjf6Rtca9oCPLKS6HYLgO7I3+rTz7/5Y8smHw+B2yeqH4DSuO9lj+ozxShkZfobPt/mFjtQ/1BEfLj4zzfpIzbpPgQAQK2fTuQzwbr535WDEbGnptx/szWUkYj4X0Tsioj/R8TuiHgiK/tkRDzVcPxSRJRXqL/UkG+e/xRubTTGlaTzvzeyta36+V8++4uRviy3IyKfMM8cyl6T0egfPH12duZw7UGT+jWon9/6/at29Zdq5n/pI60/nwtm7bhVbLhBNz25MLnhwDO3RyP2FRvjT4ppANWVgOHK370RsW8Nxx2pSZ99+bv9S5n++nKt429aNStXtgw0bO3AUkX524iXqud/MerO/3IbkpXXJ8eHYnbm0HjaCw61rOPX366/167+B57/H/5s3OXtYz+e2mjYS25fi9hW0/8jX79djn8kiUiW1mvn117H9T++bPuZZnX9/2rdPmn/H0g+qKTzLvHZ5MLCxcMRA8nJ5u0Ty/vm+bx8Gv/owdbjf1e2T/pKPB0RaSd+JiKejYjnsrYfiIjnI+LgCvH/8uYLH68//s2Vxj/d8vpXd/6X1+vnT+aJS6tN9J07cPN+m4vH6s7/0UpqNNvS+vqX1F00VtvADryEAAAA8NArROW7/4WxpXShMDZWvQe0O7YVZufmF145PffphenqbwRGor+Q3+mq3g/uT/L7nyM1+YmG/JHsvvHXfcOV/NjU3Ox0t4OHHre9MuaTpvGf+quv260DNp2f/EDvajn+a5bT9tzYwsYAW8r7P/SumvHf7jcti74pA4+n1u///VveDmDrtRr/V9exD/BoKRvL0NOMf+hdxXh/KV1YsRzwuDGuoSet/lf860mUB1s/NRTNhWNoc5ox3KKuriTSmdX6di9urPbh9eyVf/2rbZkoPOg4xbo+NhjNZfqiK+fizJ6Od/5y9l35Tjf1+5XHaT5d34QXamuvQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJvl3wAAAP//l3DWug==")

5.60832849s ago: executing program 3 (id=1352):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x401c2103, &(0x7f00000001c0)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0x300})
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000040)=0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0xc044)
getsockname$packet(0xffffffffffffffff, &(0x7f0000001400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000001440)=0x14)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002640)={0x11, 0x1d, &(0x7f0000002740)=ANY=[@ANYBLOB="180000000300000000000000c700000027447a28d7c46d85add724ad9b8ea4da0ac28eb2c4a2ae3cf750ea3b301276e0fdcb0f8d7b3ca318175efb34bb3dcecc344ab3bed569e4436621714366cee4d9d4041a0f0475ccaef6ccaef2c17a7c7159f35b0f4152f67a83f43d67db9975857c289487d7625ec329853296e07d51db7d4528acb50e0fc28ffee0b8add0238aaf11603199b3053fd2c294663a6d6f8b79428e5f05954ad0d855e61a1e0ed24e421aedcfdcfc46f245da1f5e461b93c730d19f9f04d16d5f9c4af7e09a3a3381", @ANYRES32=0x1, @ANYBLOB="0000000000000000b7080000040000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000820000001800000000000000000000000180000085100000feffffff182b0000", @ANYRES32, @ANYBLOB="00000000322b0000852000000300000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082000000183800000200000000000000000000009500000000000000"], &(0x7f00000014c0)='GPL\x00', 0xbe7, 0xf9, &(0x7f0000002480)=""/249, 0x40f00, 0x6c, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001540)={0x4, 0xe, 0xfffffff8, 0x4}, 0x10, 0x0, 0x0, 0xa, &(0x7f0000001580)=[0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x1, 0x1, 0xffffffffffffffff, 0x1, 0x1, 0xffffffffffffffff], &(0x7f0000002580)=[{0x4, 0x5}, {0x3, 0x5, 0x2, 0x1}, {0x5, 0x3, 0xe, 0xb}, {0x5, 0x2, 0x5, 0x7}, {0x0, 0x2, 0x10, 0x5}, {0x4, 0x5, 0x6, 0x2}, {0x5, 0x1, 0x2, 0x5}, {0x1, 0x1, 0x1, 0x2}, {0x1, 0x5, 0x4, 0x2}, {0x0, 0x1, 0xf}], 0x10, 0xe8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000001500)='f2fs_file_write_iter\x00', r4, 0x0, 0x4}, 0x18)
syz_emit_ethernet(0x135, &(0x7f0000001600)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd6012000800ff3a00fe8000000000000000000000000000bbfe8000000004000000000000000000aa08029078000000006000000000001101000000000000000058642653e0000002fe8000000000000000000000000000aa8017000000000000053a0001a0b9951e7300265b0fc7d31823c255c78aa401cec1d9bffd766c49b458b7115e3f3338689283dd25cff6ce7495f02bc9340b0694858a85e7aec44ce244c3c5dd3f810ae447db3f0cfa9db1c540c446d96ba1b6f821547bf810350dc1c7883f348ade3c686658e9a73c5ab217ebf0eabcdd851de7b9f7b18e54bb56ba870d361ad7dcb08e0c56f7b6f07067e7c9cf8a53d92158af46c5a0a2d6950879ce9d03553bdd3dd7261399a3f2be0535aa245a1f026cac205fedca72e729d000fb36eeca6fad50b1686d624a9a3b77f11e24d6a9928afa8e9051df2405e6c4cced25a628edfc615e87308c3458f6d0aa66407f97dcc38954"], 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000300)={[{@usrjquota}, {@lazytime}]}, 0x1, 0xba6, &(0x7f00000017c0)="$eJzs3M1rXFUUAPDzXj7bRicVEeumEZEWxGlaSbFFsJWKGxeCboWGdFJCph8kkZo0i4n+A6KuBTeCWpQu7LobBbdutG4tLoQisVEQ0cibjyQ2M0naTvJq8vvBzbt3zpvcc/KYeffCTALYsQayH2nEvog4nUQU6o+nEdFd7fVGVGrnLczPjvwxPzuSxOLi678mkUTE7fnZkcbvSurHPfVBb0R891ISj7y7et7J6Znx4XK5NFEfH5o6d/HQ5PTMs2Pnhs+WzpbOHz76/NCRoaODx4baVuufP5249vuTr/xc+euzv6/89sEnSZyIvnpsZR3tMhADS3+TlTojYrjdk+Wko17PyjqTznWelG5yUgAAtJSuWMM9FoXoiOXFWyG+/j7X5AAAAIC2WOyIWAQAAAC2ucT+HwAAALa5xucAbs/PjjRavp9I2Fq3TkZEf63+hXqrRTqjUj32RldE7L6dxMqvtSa1p923gYi4+eOxL7MWm/Q95LVU5iLi8WbXP6nW31/9Fvfq+tOIGGzD/AN3jP9P9Z9ow/x51w/AznT9ZO1Gtvr+ly6tf6LJ/a+zyb3rXuR9/2us/xZWrf+W6+9osf57bYNzXP70o0utYln9L1x7+YtGy+bPjvdV1F24NRfxRGez+pOl+pMW9Z/e4ByFfy6VWsXyrn/x44gD0bz+hmTt/090aHSsXBqs/Ww6x9y3Q5+3mj/v+rPrv7tF/etd/4sbnOPNU6eutoqtX3/6S3fyRrXXXX/k7eGpqYnDEd3Jq6sfP7J2Lo1zGr8jq//gU2u//pvVn70nVOp/h2wvMFc/ZuN37pjzxSuXv1qr/mzvl+f1P3OP1/+9Dc7x9DfvH2wVW7n/zVo2/82kthcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIY0IvoiSYtL/TQtFiP2RMSjsTstX5icemb0wlvnz2SxiP7oSkfHyqXBiCjUxkk2PlztL4+P3DF+LiL2RsSHhV3VcXHkQvlM3sUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwZE9E9EWSFiMijYiFQpoWi3lnBQAAALRdf94JAAAAAJvO/h8AAAC2P/t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANtne/ddvJBFROb6r2jLd9VhXrpkBmy3NOwEgNx15JwDkpjPvBIDc3OUe33IBtqFknXhvy0hP23MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4MF1YN/1G0lEVI7vqrZMdz3W1fQZ+7cwO2AzpXknAOSmY61g59blAWw9L3HYuZrv8YGdJFkn3rt8TuW/kZ5NywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAB09ftSVpMSLSaj9Ni8WIhyKiP7qS0bFyaTAiHo6IHwpdPdm4J++kAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLvJ6Znx4XK5NKGjo5NvJ3kw0qh18n5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD5PTM+PD5XJpYjLvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC8TU7PjA+Xy6WJDXSu3s3JKzp51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+DQAA//+LYA3r")
socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r6}, 0x18)
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000200))
prlimit64(0x0, 0x0, &(0x7f0000001780)={0xfff, 0x6e9891fb}, &(0x7f0000002700))
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

4.501902072s ago: executing program 3 (id=1363):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r3}, 0x18)
r4 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x2a)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000340)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}, @NFT_MSG_NEWSETELEM={0x4c, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x20, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}, {0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}, @NFT_MSG_DELSETELEM={0x2c, 0xe, 0xa, 0x201, 0x0, 0x0, {0xa}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xdc}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r4, 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x44f0)

4.351147915s ago: executing program 3 (id=1369):
r0 = accept4$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x2711, @hyper}, 0x10, 0x0)
quotactl_fd$Q_GETFMT(r0, 0xffffffff80000400, 0xee01, &(0x7f0000000040))
newfstatat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x6000)
getresuid(&(0x7f0000000140), &(0x7f0000000180)=<r1=>0x0, &(0x7f00000001c0))
r2 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$selinux_user(r2, &(0x7f0000000240)={'system_u:object_r:clock_device_t:s0', 0x20, 'root\x00'}, 0x29)
r3 = semget$private(0x0, 0x3, 0x100)
semctl$IPC_RMID(r3, 0x0, 0x0)
r4 = accept4$vsock_stream(r0, &(0x7f0000000280)={0x28, 0x0, 0x2711, @hyper}, 0x10, 0x80800)
ioctl$int_in(r4, 0x5421, &(0x7f00000002c0)=0x4)
fcntl$setsig(r2, 0xa, 0x11)
ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000340)={0x0, @isdn={0x22, 0x6, 0x7, 0x3, 0x1}, @ethernet={0x1, @multicast}, @l2={0x1f, 0xf0ad, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x1ff, 0x2}, 0xa293, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000300)='veth1_vlan\x00', 0x8000, 0x10d, 0x1})
mount$9p_unix(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000440), 0x1, &(0x7f0000000480)={'trans=unix,', {[{@privport}, {@cache_fscache}], [{@subj_role={'subj_role', 0x3d, '\xaa\xaa\xaa\xaa\xaa'}}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@euid_lt={'euid<', r1}}]}})
setxattr$security_evm(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540), &(0x7f0000000580)=@ng={0x4, 0xf, "3c1a3213c2a17d300e49"}, 0xc, 0x7)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{0x1, <r5=>0xffffffffffffffff}, &(0x7f00000005c0), &(0x7f0000000600)}, 0x20)
pipe2(&(0x7f0000000680)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x4800)
r8 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000007c0), 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000b40)={0xffffffffffffffff, 0xe0, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000880)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2, &(0x7f00000008c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000900)=[0x0, 0x0], <r9=>0x0, 0x94, &(0x7f0000000940)=[{}, {}], 0x10, 0x10, &(0x7f0000000980), &(0x7f00000009c0), 0x8, 0x1b, 0x8, 0x8, &(0x7f0000000a00)}}, 0x10)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000e40)={0x18, 0x2f, &(0x7f0000000b80)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x6}, {}, {}, [@ldst={0x2, 0x1, 0x2, 0x7, 0x0, 0x8, 0x1}, @printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7e77}}, @func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x80}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @map_val={0x18, 0x4, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0xffffd2d0}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000d00)='GPL\x00', 0x2, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000d40)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000d80)={0x5, 0xc, 0x1, 0xb10}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000dc0)=[0xffffffffffffffff, 0x1, 0xffffffffffffffff], &(0x7f0000000e00)=[{0x4, 0x1, 0xc}, {0x1, 0x1, 0x1, 0xc}, {0x5, 0x4, 0xd, 0x5}], 0x10, 0x400}, 0x94)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000f00)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x7fff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x1}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001000)={{0x1, <r12=>0xffffffffffffffff}, &(0x7f0000000f80), &(0x7f0000000fc0)='%-5lx  \x00'}, 0x20)
r13 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001040)={0x1b, 0x0, 0x0, 0x2, 0x0, 0x1, 0xed, '\x00', 0x0, 0xffffffffffffffff, 0x4}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001140)={{0xffffffffffffffff, <r14=>0xffffffffffffffff}, &(0x7f00000010c0), &(0x7f0000001100)}, 0x20)
r15 = syz_open_dev$vcsu(&(0x7f0000001180), 0x3, 0x200)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001240)={{0x1, <r16=>0xffffffffffffffff}, &(0x7f00000011c0), &(0x7f0000001200)='%ps    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000001300)={0x1e, 0xa, &(0x7f00000006c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x7b9b, 0x0, 0x0, 0x0, 0x54}, @tail_call={{0x18, 0x2, 0x1, 0x0, r5}}, @jmp={0x5, 0x0, 0x8, 0x3, 0x0, 0x2, 0xffffffffffffffff}, @map_val={0x18, 0x1, 0x2, 0x0, r7, 0x0, 0x0, 0x0, 0x1d5}], &(0x7f0000000740)='GPL\x00', 0xfffffff7, 0x1d, &(0x7f0000000780)=""/29, 0x0, 0x30, '\x00', 0x0, @fallback=0x14, r8, 0x8, &(0x7f0000000800)={0x9, 0x3}, 0x8, 0x10, &(0x7f0000000840)={0x4, 0xa, 0x80000000, 0x7}, 0x10, r9, r10, 0x1, &(0x7f0000001280)=[r11, r12, r13, r14, r15, 0xffffffffffffffff, r16], &(0x7f00000012c0)=[{0x1, 0x2, 0x10, 0x7}]}, 0x94)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r2, 0xf503, 0x0)
r17 = syz_genetlink_get_family_id$tipc2(&(0x7f0000001400), r7)
sendmsg$TIPC_NL_LINK_GET(r6, &(0x7f0000001800)={&(0x7f00000013c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000017c0)={&(0x7f0000001440)={0x364, r17, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_MEDIA={0x54, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x40}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_NET={0x28, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3ff}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xa45}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x101}]}, @TIPC_NLA_MEDIA={0xa0, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x40}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xe70}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}]}, @TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_LINK={0x10, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_BEARER={0x110, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x2, @loopback, 0xffffffff}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x6, @local}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xfffffe01}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x9}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0xfffffff9, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x3c38, @local, 0xff}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x517b}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x83c8, @remote, 0x10000}}, {0x14, 0x2, @in={0x2, 0x4e21, @local}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'batadv0\x00'}}, @TIPC_NLA_BEARER_NAME={0x12, 0x1, @l2={'ib', 0x3a, 'netdevsim0\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x9}]}, @TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}]}, @TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_NODE={0xcc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xfff}, @TIPC_NLA_NODE_ID={0xb2, 0x3, "9305f9d1e4751e1d96372cc9ea27eb9d99f7cc0f68c33a3d1194e8e3d8f63f3586596c76444ff768c6b6ce5245b523bc86be9afd23206dab4ce9f83a20cdab0a83e2f6cac16eb1a5699f0fabc253e150d7975bde9a1e2dc5d28ad680118c1cd18f9aae2efe52b96209c77247d7e79cea6c9a3f9182395cfcad97fc6f1a96f2f745b0231efb7e981f0bd00c506edc00e35f36f35f26ae40f1c3a5aa2d9bddbcf90c4774635e2b06776f08cc9b8eea"}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x7}]}, @TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}]}]}, 0x364}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000001840)={0x43, 0x2, 0x2}, 0x10)

4.215493238s ago: executing program 0 (id=1374):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x401c2103, &(0x7f00000001c0)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0x300})
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000040)=0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000), &(0x7f00000013c0)=0x14, 0x800)
getsockname$packet(r4, &(0x7f0000001400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000001440)=0x14)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002640)={0x11, 0x1d, &(0x7f0000002740)=ANY=[@ANYBLOB="180000000300000000000000c700000027447a28d7c46d85add724ad9b8ea4da0ac28eb2c4a2ae3cf750ea3b301276e0fdcb0f8d7b3ca318175efb34bb3dcecc344ab3bed569e4436621714366cee4d9d4041a0f0475ccaef6ccaef2c17a7c7159f35b0f4152f67a83f43d67db9975857c289487d7625ec329853296e07d51db7d4528acb50e0fc28ffee0b8add0238aaf11603199b3053fd2c294663a6d6f8b79428e5f05954ad0d855e61a1e0ed24e421aedcfdcfc46f245da1f5e461b93c730d19f9f04d16d5f9c4af7e09a3a3381", @ANYRES32=0x1, @ANYBLOB="0000000000000000b7080000040000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000820000001800000000000000000000000180000085100000feffffff182b0000", @ANYRES32, @ANYBLOB="00000000322b0000852000000300000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082000000183800000200000000000000000000009500000000000000"], &(0x7f00000014c0)='GPL\x00', 0xbe7, 0xf9, &(0x7f0000002480)=""/249, 0x40f00, 0x6c, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001540)={0x4, 0xe, 0xfffffff8, 0x4}, 0x10, 0x0, 0x0, 0xa, &(0x7f0000001580)=[0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x1, 0x1, r4, 0x1, 0x1, 0xffffffffffffffff], &(0x7f0000002580)=[{0x4, 0x5}, {0x3, 0x5, 0x2, 0x1}, {0x5, 0x3, 0xe, 0xb}, {0x5, 0x2, 0x5, 0x7}, {0x0, 0x2, 0x10, 0x5}, {0x4, 0x5, 0x6, 0x2}, {0x5, 0x1, 0x2, 0x5}, {0x1, 0x1, 0x1, 0x2}, {0x1, 0x5, 0x4, 0x2}, {0x0, 0x1, 0xf}], 0x10, 0xe8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000001500)='f2fs_file_write_iter\x00', r5, 0x0, 0x4}, 0x18)
syz_emit_ethernet(0x135, &(0x7f0000001600)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd6012000800ff3a00fe8000000000000000000000000000bbfe8000000004000000000000000000aa08029078000000006000000000001101000000000000000058642653e0000002fe8000000000000000000000000000aa8017000000000000053a0001a0b9951e7300265b0fc7d31823c255c78aa401cec1d9bffd766c49b458b7115e3f3338689283dd25cff6ce7495f02bc9340b0694858a85e7aec44ce244c3c5dd3f810ae447db3f0cfa9db1c540c446d96ba1b6f821547bf810350dc1c7883f348ade3c686658e9a73c5ab217ebf0eabcdd851de7b9f7b18e54bb56ba870d361ad7dcb08e0c56f7b6f07067e7c9cf8a53d92158af46c5a0a2d6950879ce9d03553bdd3dd7261399a3f2be0535aa245a1f026cac205fedca72e729d000fb36eeca6fad50b1686d624a9a3b77f11e24d6a9928afa8e9051df2405e6c4cced25a628edfc615e87308c3458f6d0aa66407f97dcc38954"], 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000300)={[{@usrjquota}, {@lazytime}]}, 0x1, 0xba6, &(0x7f00000017c0)="$eJzs3M1rXFUUAPDzXj7bRicVEeumEZEWxGlaSbFFsJWKGxeCboWGdFJCph8kkZo0i4n+A6KuBTeCWpQu7LobBbdutG4tLoQisVEQ0cibjyQ2M0naTvJq8vvBzbt3zpvcc/KYeffCTALYsQayH2nEvog4nUQU6o+nEdFd7fVGVGrnLczPjvwxPzuSxOLi678mkUTE7fnZkcbvSurHPfVBb0R891ISj7y7et7J6Znx4XK5NFEfH5o6d/HQ5PTMs2Pnhs+WzpbOHz76/NCRoaODx4baVuufP5249vuTr/xc+euzv6/89sEnSZyIvnpsZR3tMhADS3+TlTojYrjdk+Wko17PyjqTznWelG5yUgAAtJSuWMM9FoXoiOXFWyG+/j7X5AAAAIC2WOyIWAQAAAC2ucT+HwAAALa5xucAbs/PjjRavp9I2Fq3TkZEf63+hXqrRTqjUj32RldE7L6dxMqvtSa1p923gYi4+eOxL7MWm/Q95LVU5iLi8WbXP6nW31/9Fvfq+tOIGGzD/AN3jP9P9Z9ow/x51w/AznT9ZO1Gtvr+ly6tf6LJ/a+zyb3rXuR9/2us/xZWrf+W6+9osf57bYNzXP70o0utYln9L1x7+YtGy+bPjvdV1F24NRfxRGez+pOl+pMW9Z/e4ByFfy6VWsXyrn/x44gD0bz+hmTt/090aHSsXBqs/Ww6x9y3Q5+3mj/v+rPrv7tF/etd/4sbnOPNU6eutoqtX3/6S3fyRrXXXX/k7eGpqYnDEd3Jq6sfP7J2Lo1zGr8jq//gU2u//pvVn70nVOp/h2wvMFc/ZuN37pjzxSuXv1qr/mzvl+f1P3OP1/+9Dc7x9DfvH2wVW7n/zVo2/82kthcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIY0IvoiSYtL/TQtFiP2RMSjsTstX5icemb0wlvnz2SxiP7oSkfHyqXBiCjUxkk2PlztL4+P3DF+LiL2RsSHhV3VcXHkQvlM3sUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwZE9E9EWSFiMijYiFQpoWi3lnBQAAALRdf94JAAAAAJvO/h8AAAC2P/t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANtne/ddvJBFROb6r2jLd9VhXrpkBmy3NOwEgNx15JwDkpjPvBIDc3OUe33IBtqFknXhvy0hP23MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4MF1YN/1G0lEVI7vqrZMdz3W1fQZ+7cwO2AzpXknAOSmY61g59blAWw9L3HYuZrv8YGdJFkn3rt8TuW/kZ5NywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAB09ftSVpMSLSaj9Ni8WIhyKiP7qS0bFyaTAiHo6IHwpdPdm4J++kAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLvJ6Znx4XK5NKGjo5NvJ3kw0qh18n5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD5PTM+PD5XJpYjLvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC8TU7PjA+Xy6WJDXSu3s3JKzp51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+DQAA//+LYA3r")
socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r7}, 0x18)
ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, &(0x7f0000000200))
prlimit64(0x0, 0x0, &(0x7f0000001780)={0xfff, 0x6e9891fb}, &(0x7f0000002700))
ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

3.291422656s ago: executing program 0 (id=1383):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe8e, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000200400001"], 0x48)

3.146170268s ago: executing program 0 (id=1385):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc00000019000100000000000000000020010000000000000000000000000000ac1414aa00000000000000000000000000000045000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000a900000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000000000000080400000000000000000080000000000000000000000000000000044000500ac1414aa000000000000000000000000000000003c00000000000000ffffffff00"/158], 0xfc}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
flock(0xffffffffffffffff, 0x1)
syz_clone(0x50a60080, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)=ANY=[@ANYBLOB="840100002100010000000000fefffffffc020000000000000000000000000000fc0200fffffff1000000000000000001fffc0000000000000a00e08000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="020000000000000034011100fe80000000000000000000000000001164010102000000000000000000000000ac1414aa000000000000000000000000fe8000000000000000000000000000bb3c000000000000000a000a00fc02000000000000000000000000000100000000000000000000000000000000fe880000000000000000000000000101200100000000000000000000000000022b030000043500000a0002000a010102000000000000000000000000fc000000000000000000000000000000fe8000000000000000000000000000bbffffffff0000000000000000000000006c010000000000000a000a00ac1414aa000000000000000000000000fc010000000000000000000000000001fe8000000000000000000000000000aa200100000000000000000000000000016c0200000735000000000a00"], 0x184}, 0x1, 0x0, 0x0, 0x800}, 0x0)
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40})
setsockopt$MRT_ADD_VIF(0xffffffffffffffff, 0x0, 0xca, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet6(0xa, 0x802, 0x0)
pipe2(&(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x4000)
pipe2(&(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x84000)
close_range(r5, r6, 0x2)
tee(r4, r7, 0xfffffffffffffc01, 0x0)
sendmmsg$inet6(r3, &(0x7f0000001840), 0x3b, 0x0)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/14], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.977165172s ago: executing program 2 (id=1388):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x16, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
creat(&(0x7f0000000200)='./file0\x00', 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000000)={0x2, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x1, 0x4}, {0x3, 0x7, 0x4, 0x7e}]})
pipe(&(0x7f0000005880)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r4, 0x0, 0x4}, 0x18)
fsetxattr$security_selinux(r2, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:getty_exec_t:s0\x00', 0x22, 0x0)

2.805275005s ago: executing program 2 (id=1389):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0, 0x0)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0)

2.236918287s ago: executing program 2 (id=1390):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40})
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=<r3=>r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000a00)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="88030000", @ANYRES16=0x0, @ANYBLOB="000829bd7000ffdbdf250200000008000100", @ANYRES32=0x0, @ANYRES16, @ANYRES32=0x0, @ANYRES32, @ANYRES32=0x0, @ANYBLOB="a80002806c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000003c000400010074ef03000000aadaa6070600000009001614050000004000300140000800ff010508b6ffffff4000065207000000070004090600000038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000600000008000100", @ANYRESHEX=r3, @ANYBLOB="080202804c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000054000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b00000024000400fdff0200070000000300020d020000000400f508ffff00000c9e06fd01000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000300000008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400ff0f000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004004f5300003c00010024000100757365725f6c696e6b75705f656e61626c656400000000000000000000000000050003000600000004000400fce20600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100f57365725f6c696e114070000000000000000000000000000000000000000000050003000600000006c1c2e1cbde74f0d68f230400040008000600588502ae3ade840a893415b62a1e9534f2dcbfd0cdb0746d3968284a2003000000febd2d54e5e3ab507f6463040c8e4091b930d8f38750834de68362ec20474ae9a1daa61ddc315e89d692b53e1a867d78e7f90684d6e33c74cc9e29c04d869d3b98e2b87087aeb790372f816e0a2b72509485b6638b71ef0d1e24ccf3cac00c2808b813b3625aa6efb2ff0479c717c2", @ANYRES32=0x0, @ANYBLOB], 0x388}, 0x1, 0x0, 0x0, 0x40880}, 0x800)
r4 = socket$inet6(0xa, 0x802, 0x0)
unshare(0x22020400)
pipe2(&(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x4000)
pipe2(&(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x84000)
close_range(r6, r7, 0x2)
tee(r5, r8, 0xfffffffffffffc01, 0x0)
connect$inet6(r4, &(0x7f0000000240)={0xa, 0x6e23, 0xfffffdff, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x9}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000001840), 0x3b, 0x0)
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.955130092s ago: executing program 0 (id=1391):
r0 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0xe0)
read(r0, &(0x7f0000000040)=""/69, 0x45)
write$UHID_INPUT(r0, &(0x7f0000000fc0)={0x8, {"b93037d242cda22c923cd91687ef6a971e18a2d8a80b7667f214496a798894075b839aaec9bd8e78ff9636d7ffc2b031d876596008e4853e6c615ff46a87a39518da73186122a5dc256e13b85c9227da594135f194272465163eb775ffbee3f8a44fcb3fb2beb53fd636f0d4d7826326cc9576c213a249b44ebd2d529b32c38fcd368570f738405a5139e19a0c6337e2ee01c0898251c41846bbb7f950af9ccb95381d9b17699bc2c770e62b7f368ec86c6d44f382194e97d54d45e9ad5428d12222c1af47609856192c0e69327d69b133d7b91df3b51f81d690e8557c7dd06d133df7727e403560b227d1e603e70e44c4c3790949fafa7ba189a05ad51575d851e97fa1a676758606f27c3fd83e63b552c090f45cc3dddc44646c1ade70760c3ee2e700701fd412be1ea95453f9ab9cc405def2bb295377d5ef13818f5442bc2d4fc61741b255ac4d30be5dcca784f51a60287d005ffd2882002cf1eae8e60e0475ecd1ee6180b9362f905dca23574d12ac093d1ea6daa52636501327c6d2563a32e5f797f2ec0d8fad661cc34de4954ab9dcca6cf4fa47f25ae839d21b91abc887939713937339eb8dce9f7016915eb3ad86777155909f3a2ae5d12645d1e74e0d0bdc11e1db97345c183282b53df67ef30e5f8a356774f990d46786bf42fc80dac90f842204182a242e731731812d3e45268e91eec3ba887f694e6b9a5822db8ad66b5648466443d11d63f0a1f2a65c2588f2e53a7e008527f95d3910e99d333eece27c7a18945cb709e6480d4761d4389164a8f1b1c4f9cee41d2f9067e41bc029ac2c3cdca3ef4f3a26d4b3a4375d77e89aa49eabe14620b929248b853d2552326b4aa28b90655b16b3e055800427a74d95dc64c972cd809a0ae65f2bb2d1ad5ad3fbac1ed93c5d0e4fd5d7f7aacc9492eedb1c31596feea2d0a466e2fc6fbdd23ded12d120b5061344cbfaf5eaedfe7827bf37f98a78a302cd5e540f36ae7fec3836279466d62bffbc54896b9e7dc5cf1f7f5a96295462aeb46545440b2c03630597cb8fb8aedb2be1cbbda130fe40644c61483b4ad4e11d7f22b3fd17655be13df72db08b2a6faae884f962c58f207d5984a5e01cb289bacab7197215c81dd5d0537e91982d93902cdaa3c21d75ed5ce0989bfbef24450c8564187b5b9ecbaa10a5de5163eccbb5e8053ed52ba895ca73a727b77e2d90a90f3b498bf620dc198e111924b2d4c26092688840d8feb6468f2f277fd0f4d276f4245761bee60fa7bdb4b077889177d5ed0391fbefb8b09f15fc4f24f3c84fde9da3189325fa92abd4a031c87e892d4c6e77285cfd5d983ad29dea3a5320e1f7fd2db109fa5fdacf67883ff02fb90801cdf1b5a221e2b8bd0ade10cdbb9d263f268226dfa5d062bc67116c6825d6bb7e710149da8ec409cecffa921282139614fefc5c696ab891d777dfd58226d8a2818e95b412b0c4ecd3539288ccebb50f41d12d55e0b1d29bfc8e3b5f3c1578cbbc3d7ff50ff108d67d5f06baf28b2901fa17ec1ca042f73efde0039cb4251353b824b7e645b9a1c5593cfe6898d9e3551920835d61b0b67f0021bbed8cfb4f4af39ab02ef0e81ca9cffec9901aa9d9cd1f9aa251267316eb99c30947bcdc87fdb8be016cb935f7787350ae657470567595057e6b7616b0e15dcc51d9f214420376b351484ff19de22d4f724c120f9f425770f9fc66824f90038575297ba0af3695d852adb531a2ad6fabcc51b2bdb05312e72c1c6873cf3c8bb8b7fce90918ac7514fd7ad1ac3a6350988342c5d814788b22d8e4464a4b9647bbe1cbb2c88826dbdff9f246576831b896aed85ffacadb70e0e2a4eac130b124097a27eea216b4cc955a99f45d77a2bb7be9d1889177277f2182c4003cf56cdc142b9572a16654e2c5d48d4d9e825c8b5e293ee7880730d3dad7b4fdab1582025169aff4c3488d3e9d19e622f0d133d985c79b0a3f840a15aab32344b805f179227d5a29473d6afafa3d646e9b6072cb315f0536e02294831dd77cc75800a189182effc8603b0b5d9a4353971eab7b5404f4095720a4ec12b2fddd3f70cdb6713f6997fee7d1ffd4c0f93ad46538962033acf5f96f72252bba30b46b9c40496a235b43d9433586401679270c20236e528807dbefb259f749192d919fcb3fe537f1c94cc14e0660e6034b35e1a3e28669e4a61c1fd3a98023089002eda631379841d69e081903cba8629584c6cc79edbc031a48e28cc855db4ebb3a3fc4c03309cde851f75f4df599816b5d52c445c33cd6a63d1885387a53df213ef805305ad36a33ab65c02b89be698fea65c197e8d595d9369aaad2895f6cf3fa97f58ccdc214e403b0820a404894a0c3144c8f82517fdd6fe552483781e617dda766da5e53cece132b4934dab83a031d36681d5ade8781c7d9acb6552be1f8a4044d9eac9c10f28005a76a9886c3e0edc55b1a9db53bd08341d8b5f19a77121fadeb50d15a297a68d2816d2be42d26e9ea6214b49a1889d0b430b8ca8bbf81ef3dbc02813ba461faf032b5cfaa9b627c823dae6d35aa3edc5b60905dd1e000b2b73133e60bdf0d21bdcf0a3f5876b546348f53a1e36593885cb86c16b3d47ffdf7950904a673000351fa383e6ad8c88de7792710cb8d10ad2a0bd7d8177165b1a79e5b8d7e1da25905a0ac13594cd168956037e9f1814293a52f9b9b69a10d79ab9672bcf250bdc8d8b05f9e1fb905e7570e984849ace66d9527aa8a62ca58a0ff09b96c977c154f114ba72bfd5674647c2ac365bc7c0db69c337a08b590ee00c84beb20ab4836768a223af4f245c71b95d581773163abfcbf89b27f4339e724a6cb4c93c03296f9cb7e42afebd7dc81ba0e5e1b03b92fb149f415f049bbaaee41ea049dcdc9185230f03c1664ce12180de93757852faeb91a951fc881a778a1ed50f320ad9f423cc32d60651eca1ad517f0c85319b8d406912ff435f9882b21e275d9bdc43ea96dcb913ead2c2cfb8b1e1b045b8cae4ff0b6abf18258976a6858275e5f0294dad1fb306cbedc62a746558924c471243ac22caf21d01cea4fbe0fc698d02ac7204aaca9fa43fdff25d44624832fbf0c989f54a1063aeddbf444ac1742a11531fedecde21c430bce27ab6445ccf5433eba2dd549c6fa0a1f946d6aac8496cff0277276c7bc3971447a54c26033c0b5847ed1205dab9960e63f5e1022a3448c16675b7fcacafa14e3fcfc71364e9e139da27b4c14b6c39602b583e8946cb1ead1cd5afb7ecece2a4cd9e0565e45e3254e90f1fee64567f75c731765ab96d46877afb361852da58c62953efd07eea85b7d228414781efadd30eac8c067c2227d9421a688fe5bd96320711584f72974d64d0e5d9d845bca6cae1b3948219c4000eea83f226c7a9c1dbb14eda50794940a407035318c8e3e9fdc145f78896f30a47e45f89136ef7946d231834e62687b35bd4f7d0319bfae187cfd1d6a50282aa2bf10ea9a8de07112b668dbbdd3280d2e25df28eaa5bb34b57080ce4ac0d24b13e598bfce815d2047dc8729cda19575181283cda1116226da7fbe25ea351c2611724d57817ffcca5266ce976da86aedf07384fd8329542dc56d83fc062aa2e51a28edb3c7f43fb3190b6731adabfa292ef7876a8e7586845f194da22b417ef02b5cc41a1338db37adbe7709ede723c73813736f3c140570df74863b094a9baedbf176ee03572709d1b9b2a4d61f83c5dcad456b9a9eeea4950d0eb3008995f63defa03f4dd99bc0997fc629237f79226faea8c3d44135fc44965c023e992741334d7d346392f2ac09bab12c4f40dd89e87885d727866ce80272f414f828202cb9de2a1b0e42c7ecda14081b396facb5d8f2afc7958c0f38097c1ec0021c332aa208f7da58576397975cb7d5586f85446f4ea7c46ff051790b969b97f06572bf3d395d30779c556025005404496e64dc32a912a1f988b9e9a646aa7aaeaf4a7f1fee5151e0a06c5ffbed19e842d320e524d456c2fd8eef4ad2ae78d2dd3241c9195669fe314aaff7c8d96e10025f023475a92de577bfd13b1eed1d882b902bafdda06ff239070f1954dc70f87157e8ae4b7d6dc302b91abe0c863c9a3943d16d97aa0840e9696d19f16eed6411456cbb45cde19e269241921d0c962cd5b954e1991f61094802e7c25ed9d459092c4282bf55d191ac818ccfddf382729312625b1d0a1f0ed5835fcf097487780c229cf77ac83cc89f6a0d349bf64e503dd6afaca48031d23310282df31e6ac4c897b03d6b133e2867e7950374acbb2f5ec89f29c2b54639fb5e6a984c3c19e9f958e0a77d8db66049374a6ddd221dbe547298079c4293ad2ed9facb9f0e22684ed7bd78a5fe173cf69cd421d07bbc63a9151e33cbbc9425445bae36265ad8467372a75adb9d230b0f94718a7786ff58461f8513a7c201af64738a24a1ed848b31957d1b22619ef31b8e34d487d8d97622143d03d7383135b7416d34c974b8ea45336cff651f1496b670edcc333e1019a6903697180ae7f5d601caef5194168313f8818df50d8e9d1e4e73c736e515dda3a4db1d743643d4e8d48b5e888f97599116d83f086375b9acc427f4dc17278702a118d9e61a0889a23a2aa6b3611f71cfb6f81f5a4c440614690c6cc45020a85defd8e38ae847a1ba59949fbd25d80b703b5288a2488c6ebf67476c0a405112121a859a86a8a8c4a310242481e53e562e002870f94c0a29393e120348becf248481025f819cd870935a346c7d885114d22e598e817381041595d5b9ccc1f1c8abe632e59338cd9ba764f5978acb8b49c6aafcb8bdba64fa381d5d306a4c67323a7b149c0a74b27e9388ee2fc2a0c01b4942fa61d72efb2fc3a68c40e24246951c87fc8655cf1d46e16568b6a6a14f1278a9c5ac4146ef5eb4a83de9dc6f1d41143ea85f2d6500c8a52d67c7a4a7dd87358c52279be2f9468e039297e4c429d19c628470e910a35f2319de1862ca7c39cd6f5d5ea6c7b92f1ce4cd47b34a8ef42b2498923ebb568d08fb2b6b4698aa2ad4a07298395c7af4234728719240976c1dd3966f92c15662f11f3650e192b95d34ae110062c270482fb044bf1bcf357b2cdeadccf12b1e3d39626c0621b28397bb35bf6d73c0c54057295da81839b7afdd71571b43c7ac7c637f2e21f6e6abeb218c8daf72499916d2f1d2d2baa88ae0bb5fb298fb506793d332e9fd3e8db4b50af7f4ba9a22b0a91a68a9beab7e0369316876c51e6c533f8a72ddb39aba88ba08c4e1d82379da2dda53f0df3ca5fa9532febc6d6f42f554d23fccdfd660fa4ed6925acbc0cb581c56d902ef9f7d1d009b728f2a60cc17b188fc385c0b9caf6f040962e98ffda759cf10e6115773e323c9040675698ebc8f31e7d31fdcc9cea2edacb18d9fcc5974db7cc262505b764eceb0bde6ce7d3163c8aea5b0012a992982f6129fd2077a022719141368081abcff4d88f81b6b4c13835957f8213b41053225fd0718353132a745cf3057425be18694184956ba628099ebc81bcef04428eb2ffaf964d0356ce3abec396248f8be05a72614581b0d3d27f61654b7f8feb8e1e4cfabe40579a1d2e63632bb0eb139370c577556739243034fd42746fc93d6988af6f738a07169d55f2ca9758c8334a03aa97411f1158192cfea7baac8eec0402eb77927d33c2e712f6f372c3d9335c9eb2e653f734aeba44409c48f6099674295d467585bfbdb58143c1b9f5232cbf60190b7b8ad4388bf38c68cb3a6865ccc8fb048bb59ed71376ed0af8ffa0ae3e095", 0x1000}}, 0x1006)
syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0x14, 0x0, 0x400, 0x70bd28, 0x25dfdbfc}, 0x14}}, 0x40400a0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x9e, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r1}, 0x18)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000240000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r5}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x2, 0x3, 0x1c10a1, 0x0, 0x84}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0xb5, 0x10, &(0x7f0000000000), 0x7}, 0x48)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
write$cgroup_subtree(r6, &(0x7f00000000c0)=ANY=[], 0x32600)
mount$cgroup(0x0, 0x0, 0x0, 0x2010042, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000300)='gpio_direction\x00', r8, 0x0, 0x10000}, 0x18)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.897758113s ago: executing program 1 (id=1392):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, 0x0, &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kfree\x00', 0xffffffffffffffff, 0x0, 0x3}, 0x18)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe8e, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000200400001"], 0x48)

1.775224345s ago: executing program 4 (id=1393):
geteuid() (fail_nth: 1)

1.762620226s ago: executing program 1 (id=1394):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0x68, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0x54, 0x1, [@m_ctinfo={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_CTINFO_ACT={0x18}, @TCA_CTINFO_PARMS_DSCP_MASK={0x8}]}, {0x2}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)

1.717091897s ago: executing program 1 (id=1395):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000900)={0x2c, r1, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_PEERS={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24000855}, 0x0)
truncate(&(0x7f0000000000)='./file1\x00', 0x8)
r2 = geteuid()
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x12, 0x8, 0x4, 0x7cb4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x9, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_bp={0x0, 0xc}, 0x1041bb, 0x7, 0x3fe, 0x6, 0x1000000001, 0x20005, 0x9, 0x0, 0x10000, 0x0, 0x2000000a}, 0x0, 0x4, 0xffffffffffffffff, 0x2)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2000002, 0x42032, 0xffffffffffffffff, 0x80000000)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
mount$9p_xen(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x2, &(0x7f00000000c0)={'trans=xen,', {[{@version_L}, {@afid={'afid', 0x3d, 0x7}}, {@cachetag={'cachetag', 0x3d, '(%@\x90}%^-)'}}, {@noextend}, {@cache_none}, {@ignoreqv}, {@cache_fscache}], [{@euid_gt={'euid>', r2}}]}})

1.431965122s ago: executing program 4 (id=1396):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc00000019000100000000000000000020010000000000000000000000000000ac1414aa00000000000000000000000000000045000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000a900000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000000000000080400000000000000000080000000000000000000000000000000044000500ac1414aa000000000000000000000000000000003c00000000000000ffffffff00"/158], 0xfc}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
flock(0xffffffffffffffff, 0x1)
ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, 0x0)
sendmsg$NL80211_CMD_NEW_MPATH(r3, &(0x7f0000000080)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x14}}, 0x40800)
syz_clone(0x50a60080, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)=ANY=[@ANYBLOB="840100002100010000000000fefffffffc020000000000000000000000000000fc0200fffffff1000000000000000001fffc0000000000000a00e08000000000", @ANYRES32=<r4=>0x0, @ANYRES32=<r5=>0x0, @ANYBLOB="020000000000000034011100fe80000000000000000000000000001164010102000000000000000000000000ac1414aa000000000000000000000000fe8000000000000000000000000000bb3c000000000000000a000a00fc02000000000000000000000000000100000000000000000000000000000000fe880000000000000000000000000101200100000000000000000000000000022b030000043500000a0002000a010102000000000000000000000000fc000000000000000000000000000000fe8000000000000000000000000000bbffffffff0000000000000000000000006c010000000000000a000a00ac1414aa000000000000000000000000fc010000000000000000000000000001fe8000000000000000000000000000aa200100000000000000000000000000016c0200000735000000000a00"], 0x184}, 0x1, 0x0, 0x0, 0x800}, 0x0)
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40})
setsockopt$MRT_ADD_VIF(0xffffffffffffffff, 0x0, 0xca, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=<r6=>r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000a00)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="88030000", @ANYRES16=0x0, @ANYBLOB="000829bd7000ffdbdf250200000008000100", @ANYRES32=0x0, @ANYRES16=r5, @ANYRES32=0x0, @ANYRES32=r4, @ANYRES32=0x0, @ANYBLOB="a80002806c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000003c000400010074ef03000000aadaa6070600000009001614050000004000300140000800ff010508b6ffffff4000065207000000070004090600000038000100240001006d636173745f72656a6f696e5f636f756e7400"/151, @ANYRESHEX=r6, @ANYBLOB="080202804c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000054000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b00000024000400fdff0200070000000300020d020000000400f508ffff00000c9e06fd01000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000300000008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400ff0f000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004004f5300003c00010024000100757365725f6c696e6b75705f656e61626c656400000000000000000000000000050003000600000004000400fce20600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100f57365725f6c696e114070000000000000000000000000000000000000000000050003000600000006c1c2e1cbde74f0d68f230400040008000600588502ae3ade840a893415b62a1e9534f2dcbfd0cdb0746d3968284a2003000000febd2d54e5e3ab507f6463040c8e4091b930d8f38750834de68362ec20474ae9a1daa61ddc315e89d692b53e1a867d78e7f90684d6e33c74cc9e29c04d869d3b98e2b87087aeb790372f816e0a2b72509485b6638b71ef0d1e24ccf3cac00c2808b813b3625aa6efb2ff0479c717c2", @ANYRES32=0x0, @ANYBLOB], 0x388}, 0x1, 0x0, 0x0, 0x40880}, 0x800)
r7 = socket$inet6(0xa, 0x802, 0x0)
pipe2(&(0x7f0000000000)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x4000)
pipe2(&(0x7f0000000040)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x84000)
close_range(r9, r10, 0x2)
tee(r8, r11, 0xfffffffffffffc01, 0x0)
sendmmsg$inet6(r7, &(0x7f0000001840), 0x3b, 0x0)
r12 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.418231833s ago: executing program 1 (id=1397):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000006c0)={[{@noblock_validity}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xe6}}, {@oldalloc}, {@barrier}, {@auto_da_alloc}, {@nodioread_nolock}]}, 0x1, 0x5b3, &(0x7f0000000780)="$eJzs3T9sG9UfAPDvne2mf/L7pUggAepQAVKRqjpJ/0BhaldEpUodkFggctyoihNXcQJNFKnpXiE68E9dygYDI4iBAbGwwcoCYkaqaARS04EaObaTNHWCE+q4xJ+PdPF7dxd/3zv7++x7upMD6FmHa3/SiGci4nwSMbBmWzYaGw/X91tanC/cW5wvJFGtXvg9iSQi7i7OF5r7J43HAxGxEBFPR8R3uYij6cpT7mkWKrNz4yOlUnGqUR+cnrg8WJmdO3ZpYmSsOFacPPHyK6dOnzw1fHx4bXPvVdfWclvr6/Vfbrx3/cfXbt34/ItDC4UPRpI4E/2NbWv78SjVj0kuzqxbf7ITwboo6XYD2JZMI89rqfRUDESmkfWtVNcODn070jygg6p9EVWgRyXyH3pU83tA7fy3uezk94/bZ+snILW4S4vzhavRjJ+tz03E3uVzk/1/JA+cmdTONw/uZEPZlRauRcRQNvvw+z9pvP/WzlptzdCjaiQd8+3Z+gv18Oufrow/0WL86W/Onf5LzfFvqTH+LbWIn9lg/DvfZoy/3vz1kw3jX+uLZ7MR9x+Kn6zET1rETyPi7Tbj33zj69Mbbat+GnEkWvV/dUYx2Xx+ePDipVJxqP63ZYxvjhx6deP+R+zfIH59znbv8sfM2v7vabQpbbP/X33/5XMLm8R/8fnNX/9Wx39fRLzfZvwn7n72+kbbbl9L7tS+BbTq/2bxk8jFrTbjv3Tm8M+NollDAAAAAAAAAAB4hNLla9mSNL9STtN8vn4P75OxPy2VK9NHL5ZnJkfr17wdjFzavNJqoF5PavXhxvW4zfrxdfUTmUbAzL7ler5QLo12ue8AAAAAAAAAAAAAAAAAAADwuDiw7v7/PzPL9/+v/7lqYLfa+Ce/gd1O/kPvejD/k661A9h5Pv+hZ1XlP/SuVvlvTIDeINehd8l/6F3yH3qX/IfeJf8BAAAAAAAAAAAAAAAAAAAAAAAAAKAjzp87V1uq9xbnC7X6aHZ2Zrz8zrHRYmU8PzFTyBfKU5fzY+XyWKmYL5Qn/un5knL58lBMzlwZnC5Wpgcrs3NvTZRnJpu/KVrMdbxHAAAAAAAAAAAAAAAAAAAA8N/Tv7wkaT4iV6+naT4f8b+IOJhEcvFSqTgUEf+PiJ8yub5afbjbjQYAAAAAAAAAAAAAAAAAAIBdpjI7Nz5SKhWnOlfINkJ1MET7hexWdo6IhTZ2vtp+M2rPuOU25xoHsMuHbvuFu9W6bjXjhw9X12Qej/fh41/o4qAEAAAAAAAAAAAAAAAAAAA9avWm33b/435nGwQAAAAAAAAAAAAAAAAAAAA9Kf0tiYjacmTghf71W/ckS5nlx4h49+aFj66MTE9PDdfW31lZP/1xY/3xbrQfaFczT9OIqOUxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsKoyOzc+UioVp7ZZ6Gtjn273EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGA7/g4AAP//5TrUlQ==")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000008c0)=@delchain={0x24, 0x65, 0xe0a, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x8, 0xffe0}, {0xc, 0x8}, {0x8, 0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x20004804)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020002000000000000020000000900020073797a30000000000900010073797a300000"], 0x80}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1, 0x8d)
pwrite64(r3, &(0x7f0000000140)='2', 0xfdef, 0xe7c)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0x40305829, &(0x7f0000000000)={0x17c04, r3, 0x6, 0x100000000, 0x6, 0x2d1})
r4 = open(&(0x7f00000003c0)='./file1\x00', 0x0, 0x21)
fcntl$setsig(r1, 0xa, 0x2)
fsync(r4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000001000010029bd7000fcdbdf2500000000", @ANYRES32=r0, @ANYBLOB="1a8904000a00000008001b00000000000a003f00aa40"], 0x34}}, 0x6000000)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xcdb281c6bf69a511}, 0x4800)

1.107584818s ago: executing program 2 (id=1398):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000400)=@nameseq={0x1e, 0x1, 0x3, {0x42, 0x0, 0x2}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f00000001c0)={0x42, 0x1}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000080)={0x0, 0x989680}, 0x0)
bind$tipc(r2, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x4}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
dup3(r2, r1, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x6, 0x0, 0x0, 0x40f00, 0x20}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x81, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_config_ext={0xffffffffffffffff, 0xfffffffffffffffd}, 0x4000, 0x17000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000980)='target_sequencer_start\x00', r6, 0x0, 0x6}, 0x18)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000010c0)={[], [{@fsmagic={'fsmagic', 0x3d, 0x65de}}, {@fsuuid={'fsuuid', 0x3d, {[0x34, 0x62, 0x33, 0x62, 0x32, 0x36, 0x30, 0x35], 0x2d, [0x34, 0x31, 0x37, 0x63], 0x2d, [0x66, 0x34, 0x35, 0x64], 0x2d, [0x0, 0x34, 0x34, 0x36], 0x2d, [0x62, 0x36, 0x32, 0x0, 0x61, 0x66, 0x35, 0x66]}}}, {@fowner_lt}]}, 0x1, 0x4bc, &(0x7f0000001140)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r7 = creat(&(0x7f00000000c0)='./bus\x00', 0x1a2)
fallocate(r7, 0x0, 0xbf5, 0x2000402)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0, r8}, 0x18)
writev(r5, &(0x7f0000000740)=[{&(0x7f0000000840)="cc23517db6bab499ac2bf4689357428f2f3558bc02d73005a3a92fedbcfe4f6059c111168283a5f592f0ecae1de3de4fc23eb47bb9a79c979c747f33c39066a5f2505072d5e011834d76f82938ef6490f7d7c3488a3a32f19a438401255f575ea97e9316dd071dac4c79bb0830bc247223e34d80e522d911355f55e076b1080709855e3dec1690de1a1a3daff86a7b4fac8a96f39bb278c1ea8609bb3b4427b0114409668fe9a58a8e093386fbabc783331dcb91294881a768870534d59b6ad635b5458ecfc33aa42906175730c17dd31f3a921ae7295325", 0xd8}, {&(0x7f0000000f00)="0d3d897ced065450581e3510667ad868f58d2ac54ccfb78e2a81d131747e5c69523b4b0a01a142af5c589aa4b3c5d040dace6e07ad977dfde2ca688a0042ada94186254e2d0fa52b0a3a9b77adf92e252dfddfbae0bce2ca06c69b5f8725ec68df78e21e4c0e36279e56d7e4d196a5cecba072b1cb69f8bc097a0743e6bbb51946c7638fa816570f56ff72d3d2db143c7c41f11b8b132e941d070dda7139a54abea2e12d8886941e56029bf17ef5bc09c72d853780c940f40e5a6ec689a253", 0xbf}], 0x2)
readv(0xffffffffffffffff, &(0x7f0000000080), 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
socket$inet_udp(0x2, 0x2, 0x0)

874.478703ms ago: executing program 0 (id=1399):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/pm_wakeup_irq', 0x0, 0xb)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x51}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x0)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000001600)={r0, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x5, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x0, 0x0, 0x3}]}]}, 0xfc}}, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000740)=@migrate={0xec, 0x21, 0x8, 0x0, 0xfffffffe, {{@in6=@private2={0xfc, 0x2, '\x00', 0xfe}, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0xfffc, 0x0, 0x0, 0x4, 0x2, 0x40, 0x80}, 0x2}, [@migrate={0x9c, 0x11, [{@in=@local, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@ipv4={'\x00', '\xff\xff', @empty}, @in=@remote, 0x33, 0x3, 0x0, 0x2, 0x2, 0x2}, {@in6=@ipv4={'\x00', '\xff\xff', @loopback}, @in=@empty, @in=@remote, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x3c, 0x0, 0x0, 0x0, 0x8, 0x8}]}]}, 0xec}, 0x1, 0x0, 0x0, 0x800}, 0x42000)

786.353735ms ago: executing program 1 (id=1400):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, 0x0, 0x4)
pselect6(0x40, &(0x7f0000000080)={0x7, 0x3, 0x1, 0x1, 0x3fc0000000, 0x100000001, 0x8, 0x2}, &(0x7f0000000240)={0x9, 0x5, 0x9, 0x0, 0x299, 0x2, 0xffffffff80000001, 0x2c362cc3}, 0x0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x38, 0x2, {{0x0, 0x800000fc, 0x0, 0x1, 0xffffffff}, [@TCA_NETEM_REORDER={0xc, 0x3, {0x0, 0xfffffff8}}, @TCA_NETEM_CORR={0x10, 0x1, {0x1, 0xff, 0xffffffff}}]}}}]}, 0x68}, 0x1, 0x0, 0x0, 0x40080c0}, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
getsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(r5, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_tcp_int(r6, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00'})
sendmsg$inet(r6, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)

701.683556ms ago: executing program 0 (id=1401):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc00000019000100000000000000000020010000000000000000000000000000ac1414aa00000000000000000000000000000045000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000a900000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000000000000080400000000000000000080000000000000000000000000000000044000500ac1414aa000000000000000000000000000000003c00000000000000ffffffff00"/158], 0xfc}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
flock(0xffffffffffffffff, 0x1)
syz_clone(0x50a60080, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)=ANY=[@ANYBLOB="840100002100010000000000fefffffffc020000000000000000000000000000fc0200fffffff1000000000000000001fffc0000000000000a00e08000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="020000000000000034011100fe80000000000000000000000000001164010102000000000000000000000000ac1414aa000000000000000000000000fe8000000000000000000000000000bb3c000000000000000a000a00fc02000000000000000000000000000100000000000000000000000000000000fe880000000000000000000000000101200100000000000000000000000000022b030000043500000a0002000a010102000000000000000000000000fc000000000000000000000000000000fe8000000000000000000000000000bbffffffff0000000000000000000000006c010000000000000a000a00ac1414aa000000000000000000000000fc010000000000000000000000000001fe8000000000000000000000000000aa200100000000000000000000000000016c0200000735000000000a00"], 0x184}, 0x1, 0x0, 0x0, 0x800}, 0x0)
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40})
setsockopt$MRT_ADD_VIF(0xffffffffffffffff, 0x0, 0xca, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet6(0xa, 0x802, 0x0)
pipe2(&(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x4000)
pipe2(&(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x84000)
close_range(r5, r6, 0x2)
tee(r4, r7, 0xfffffffffffffc01, 0x0)
sendmmsg$inet6(r3, &(0x7f0000001840), 0x3b, 0x0)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/14], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

684.277347ms ago: executing program 1 (id=1402):
r0 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYRESHEX=r2, @ANYRES8=r0, @ANYRES64=r1, @ANYRES64=r2, @ANYRES16=r2, @ANYBLOB="dda573a1b710a49649653e29b54364d72b71df111d9164dc23dd9c503607fc65515f45bf5e35c4a26754ebddad76274023a97527b31d40218add596c05a60bd7954d276e4b6d31cbda19172e4b45e9b23a687349162e907a553f52359048539597e716128bd85d915af295d3b21eb0d9e5de5f5d48a3bdd1757c466c5fd2a370db2a91bf", @ANYRES64=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x18)
memfd_create(0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000000100)=0xfffffffc, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000000480), 0x0)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000440)=ANY=[@ANYBLOB="380000001214010025bd7000fcdbdf2508004f000300000008004b00130000000800150003000000080001000000000008000380"], 0x38}, 0x1, 0x0, 0x0, 0x20040001}, 0x20000000)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="9d467ba31000010025bdda2db2b6dfe40000a33c09e3b5a00fd1b60832ece0545e00f1", @ANYRES32=0x0, @ANYBLOB="1f5b04008bba070008001b000000000004001400"], 0x2c}, 0x1, 0x0, 0x0, 0x68010}, 0x8840)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
unshare(0x64000600)
r9 = socket(0x10, 0x3, 0x0)
connect$netlink(r9, &(0x7f0000000280)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r9, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x4010}, 0x8084)
bpf$MAP_CREATE(0x0, 0x0, 0x48)

592.184868ms ago: executing program 4 (id=1403):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
r5 = socket$kcm(0x2, 0x200000000000001, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000006c0)={'\x00', 0x9, 0x3, 0xb6, 0x6000000000000000, 0x10001, <r6=>0xffffffffffffffff})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000740)={0x0, <r7=>0x0})
tgkill(r6, r7, 0x9)
sendmsg$inet(r5, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240048c1)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x11, 0xb, &(0x7f0000000e40)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x9, '\x00', 0x0, r8, 0x0, 0x4, 0x3}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x1f, 0x8, 0x7, 0x9, 0x45809, r9, 0x3, '\x00', 0x0, r2, 0x5, 0x4}, 0x50)
r10 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r10, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x8000000000000002, &(0x7f0000000e80)={<r11=>0xffffffffffffffff}, 0x2, 0x8}}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x4d, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r12, 0x0, 0x2}, 0x18)
write$RDMA_USER_CM_CMD_QUERY(r10, &(0x7f0000000180)={0x13, 0x10, 0x8, {0x0, r11, 0x1}}, 0x18)
setsockopt$sock_attach_bpf(r5, 0x1, 0x3e, &(0x7f0000000100)=r8, 0x4)
r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r13, &(0x7f0000000180), 0x40010)
ioctl$LOOP_CONFIGURE(r8, 0x4c0a, &(0x7f00000004c0)={r13, 0x7280, {0x0, 0x0, 0x0, 0x321d4996, 0x3, 0x0, 0x6, 0xa, 0x10, "fd08599913f9a6f08d33f333b9c73403be6a89c82d535882d6e3025eff6b89a3da59e1bd1f92c0eea043783bd1241125dda334e0180cd92a75ddf5f2cd66bb1c", "f73b816848347229403620a407c3ce80022ece3f13db701816db83455199e6a4cbdcb5a3150f3a9d863a3ca716ee994da225b1ba6af19588e42d5e9839e64caa", "74a2dae49152da9041e8f208ebd4b260223e678c70aa5f5d02dda188f178f6d8", [0x1, 0x19f6]}})

551.416749ms ago: executing program 4 (id=1404):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, 0x0, &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kfree\x00', 0xffffffffffffffff, 0x0, 0x3}, 0x18)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe8e, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000200400001"], 0x48)

327.267973ms ago: executing program 4 (id=1405):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0x68, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0x54, 0x1, [@m_ctinfo={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_CTINFO_ACT={0x18}, @TCA_CTINFO_PARMS_DSCP_MASK={0x8}]}, {0x2}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)

271.752125ms ago: executing program 4 (id=1406):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
socket$inet(0x2, 0xa, 0x6)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
fallocate(r1, 0x20, 0x0, 0x8000)
pwritev(r1, 0x0, 0x0, 0x7, 0x4)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x2400c014)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r4, &(0x7f00000008c0)="3bf58d7d45d32cfe1da7c797b82fee444b42785c24a868a4046cf670ba8f376c429a424fcc374c08887ba2bb530d843b61bf79", 0x33)
sendfile(r4, r3, 0x0, 0x3ffff)
sendfile(r4, r3, 0x0, 0x7fffeffd)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r5, 0x0, 0xa20, 0x8000c64)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r8 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r8, 0x29, 0x1b, &(0x7f0000000100)={@empty}, 0x14)
syz_emit_ethernet(0x9a, &(0x7f00000004c0)=ANY=[@ANYBLOB="0180c200000eaaaaaaaaaa0086dd602abe0000641100000000000000000000000000000000000000000000000000000000000000000000004f22006490780200e1c602000000030000008a8bebc4b04ccb77e7f3a5ca93d7c73e6c0c42d91e27fb2f15030dcafcdaca76e24fcb751eeaa8add0b2f075633f64c710fa9742846dea296c9d16d6e124990851f3b6750c654f5d43fbb564be51ddae"], 0x0)
sendmsg$NL80211_CMD_GET_SCAN(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="0107000000000000000020000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_FLUSH_PMKSA(r5, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="00022a00020000dbdf4b6f00000008000300", @ANYRES32=r9, @ANYBLOB="0c0099000900000075000000"], 0x28}, 0x1, 0x0, 0x0, 0x40040}, 0x8000)
write$qrtrtun(0xffffffffffffffff, &(0x7f00000000c0)="96d3a8b07826254e3eba011499c872dc6d5b01e7f1b3ffaa7ce34e4154ee667ccb5f8af1453665fb2f19957d57fcbc9c9f6e5bee7f29389987d302509ea1cd7f3f8fc13e3add1b2bbec6d5b84e91b8cccd", 0x51)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10)
socket$key(0xf, 0x3, 0x2)

264.159005ms ago: executing program 2 (id=1407):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x18)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x300000c, 0x3032, 0xffffffffffffffff, 0x0)
setitimer(0x2, &(0x7f0000000080)={{0x0, 0xea60}, {0x77359400}}, 0x0)
getitimer(0x2, &(0x7f0000000000))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000800)={&(0x7f0000000300)=ANY=[@ANYBLOB="9feb010018000000000000006c0000006c00000007000000000000000000000d0a0000000000000001000006040000000000000e"], &(0x7f0000000f40)=""/4089, 0x8b, 0xff9, 0x8}, 0x28)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/timers\x00', 0x0, 0x0)
close(r5)
setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000040)={0x0, 0xea60}, 0x10)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x4e23, 0x6, @remote, 0x3}, 0x1c)
sendmmsg(r0, &(0x7f0000004c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4010)
socketpair(0x2a, 0xa, 0x1210001, &(0x7f0000000080)={<r6=>0xffffffffffffffff})
listen(r6, 0x0)
socket$inet(0x2, 0x1, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)

0s ago: executing program 2 (id=1408):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40})
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=<r3=>r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000a00)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="88030000", @ANYRES16=0x0, @ANYBLOB="000829bd7000ffdbdf250200000008000100", @ANYRES32=0x0, @ANYRES16, @ANYRES32=0x0, @ANYRES32, @ANYRES32=0x0, @ANYBLOB="a80002806c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000003c000400010074ef03000000aadaa6070600000009001614050000004000300140000800ff010508b6ffffff4000065207000000070004090600000038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000600000008000100", @ANYRESHEX=r3, @ANYBLOB="080202804c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000054000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b00000024000400fdff0200070000000300020d020000000400f508ffff00000c9e06fd01000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000300000008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400ff0f000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004004f5300003c00010024000100757365725f6c696e6b75705f656e61626c656400000000000000000000000000050003000600000004000400fce20600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100f57365725f6c696e114070000000000000000000000000000000000000000000050003000600000006c1c2e1cbde74f0d68f230400040008000600588502ae3ade840a893415b62a1e9534f2dcbfd0cdb0746d3968284a2003000000febd2d54e5e3ab507f6463040c8e4091b930d8f38750834de68362ec20474ae9a1daa61ddc315e89d692b53e1a867d78e7f90684d6e33c74cc9e29c04d869d3b98e2b87087aeb790372f816e0a2b72509485b6638b71ef0d1e24ccf3cac00c2808b813b3625aa6efb2ff0479c717c2", @ANYRES32=0x0, @ANYBLOB], 0x388}, 0x1, 0x0, 0x0, 0x40880}, 0x800)
r4 = socket$inet6(0xa, 0x802, 0x0)
unshare(0x22020400)
pipe2(&(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x4000)
pipe2(&(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x84000)
close_range(r6, r7, 0x2)
tee(r5, r8, 0xfffffffffffffc01, 0x0)
connect$inet6(r4, &(0x7f0000000240)={0xa, 0x6e23, 0xfffffdff, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x9}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000001840), 0x3b, 0x0)
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

kernel console output (not intermixed with test programs):

evice loop0): ext4_acquire_dquot:6937: comm syz.0.939: Failed to acquire dquot type 0
[  110.711962][ T6202] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.939: corrupted inode contents
[  110.725460][ T6202] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.939: mark_inode_dirty error
[  110.737839][ T6202] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.939: corrupted inode contents
[  110.751274][ T6202] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.939: mark_inode_dirty error
[  110.778172][ T6202] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.939: corrupted inode contents
[  110.791511][ T6202] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  110.819811][ T6202] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.939: corrupted inode contents
[  110.837656][ T6208] loop1: detected capacity change from 0 to 1024
[  110.845340][ T6208] EXT4-fs: Ignoring removed oldalloc option
[  110.851899][ T6202] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.939: mark_inode_dirty error
[  110.865271][ T6202] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  110.887736][ T6202] EXT4-fs (loop0): 1 truncate cleaned up
[  110.897717][ T6208] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  110.915945][ T6202] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.934363][ T6208] ext4 filesystem being mounted at /196/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  110.961468][ T6202] ext4 filesystem being mounted at /187/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  110.977595][ T6208] netlink: 8 bytes leftover after parsing attributes in process `syz.1.941'.
[  110.986532][ T6208] netlink: 'syz.1.941': attribute type 1 has an invalid length.
[  110.994316][ T6208] netlink: 8 bytes leftover after parsing attributes in process `syz.1.941'.
[  111.034742][ T6208] netlink: 8 bytes leftover after parsing attributes in process `syz.1.941'.
[  111.043654][ T6208] netlink: 'syz.1.941': attribute type 1 has an invalid length.
[  111.051435][ T6208] netlink: 8 bytes leftover after parsing attributes in process `syz.1.941'.
[  111.065077][ T6208] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.941: Freeing blocks not in datazone - block = 0, count = 16
[  111.077684][ T6218] lo speed is unknown, defaulting to 1000
[  111.109942][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.126719][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  111.194714][ T6223] loop1: detected capacity change from 0 to 128
[  111.236321][ T6227] loop0: detected capacity change from 0 to 128
[  111.266581][ T6227] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  111.274517][ T6227] FAT-fs (loop0): Filesystem has been set read-only
[  111.282014][ T6223] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  111.289900][ T6223] FAT-fs (loop1): Filesystem has been set read-only
[  111.316602][ T6227] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  111.324567][ T6227] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  111.342470][ T6223] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  111.449087][ T6232] loop4: detected capacity change from 0 to 4096
[  111.974429][ T6232] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  111.992944][ T6226] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  112.003361][ T6232] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.020285][ T6226] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  112.028398][ T6226] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  112.056704][ T6230] hub 9-0:1.0: USB hub found
[  112.061408][ T6230] hub 9-0:1.0: 8 ports detected
[  112.081203][ T6244] loop2: detected capacity change from 0 to 512
[  112.169562][ T6244] EXT4-fs: Ignoring removed nobh option
[  112.243540][ T6244] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #3: comm syz.2.952: corrupted inode contents
[  112.283685][ T6244] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #3: comm syz.2.952: mark_inode_dirty error
[  112.295556][ T6244] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #3: comm syz.2.952: corrupted inode contents
[  112.307499][ T6244] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.952: mark_inode_dirty error
[  112.319047][ T6244] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.952: Failed to acquire dquot type 0
[  112.330827][ T6244] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.952: corrupted inode contents
[  112.347685][ T6244] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #16: comm syz.2.952: mark_inode_dirty error
[  112.362637][ T6244] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.952: corrupted inode contents
[  112.374932][ T6244] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.952: mark_inode_dirty error
[  112.386798][ T6244] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.952: corrupted inode contents
[  112.409204][ T6254] loop0: detected capacity change from 0 to 512
[  112.416197][ T6244] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  112.426222][ T6244] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.952: corrupted inode contents
[  112.432589][ T6254] EXT4-fs: Ignoring removed nobh option
[  112.438791][ T6244] EXT4-fs error (device loop2): ext4_truncate:4666: inode #16: comm syz.2.952: mark_inode_dirty error
[  112.459265][ T6244] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  112.468932][ T6244] EXT4-fs (loop2): 1 truncate cleaned up
[  112.476445][ T6244] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.489413][ T6244] ext4 filesystem being mounted at /155/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.510670][ T6254] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.956: corrupted inode contents
[  112.525116][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.533390][ T6254] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.956: mark_inode_dirty error
[  112.546420][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.556293][ T6254] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.956: corrupted inode contents
[  112.572144][ T6254] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.956: mark_inode_dirty error
[  112.590861][ T6254] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.956: Failed to acquire dquot type 0
[  112.612174][ T6254] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.956: corrupted inode contents
[  112.625727][ T6266] loop2: detected capacity change from 0 to 1024
[  112.633770][ T6266] EXT4-fs: Ignoring removed oldalloc option
[  112.639985][ T6254] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.956: mark_inode_dirty error
[  112.652449][ T6254] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.956: corrupted inode contents
[  112.665252][ T6254] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.956: mark_inode_dirty error
[  112.679894][ T6266] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  112.692281][ T6266] ext4 filesystem being mounted at /156/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.692396][ T6254] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.956: corrupted inode contents
[  112.692581][ T6254] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  112.709086][ T6266] netlink: 8 bytes leftover after parsing attributes in process `syz.2.958'.
[  112.716488][ T6254] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.956: corrupted inode contents
[  112.723308][ T6266] netlink: 'syz.2.958': attribute type 1 has an invalid length.
[  112.734030][ T6254] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.956: mark_inode_dirty error
[  112.743854][ T6266] netlink: 8 bytes leftover after parsing attributes in process `syz.2.958'.
[  112.754099][ T6254] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  112.763451][ T6266] netlink: 'syz.2.958': attribute type 1 has an invalid length.
[  112.825449][ T6278] loop4: detected capacity change from 0 to 4096
[  112.867266][ T6278] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  112.940180][ T6282] lo speed is unknown, defaulting to 1000
[  112.946373][ T6254] EXT4-fs (loop0): 1 truncate cleaned up
[  112.953506][ T6254] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.986561][ T6278] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.004332][ T6254] ext4 filesystem being mounted at /191/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.195923][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  113.313795][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.441901][ T6291] loop0: detected capacity change from 0 to 128
[  113.450401][ T6291] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  113.458521][ T6291] FAT-fs (loop0): Filesystem has been set read-only
[  113.465418][ T6291] bio_check_eod: 167041 callbacks suppressed
[  113.465438][ T6291] syz.0.966: attempt to access beyond end of device
[  113.465438][ T6291] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  113.486635][ T6291] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  113.494532][ T6291] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  113.504163][ T6291] syz.0.966: attempt to access beyond end of device
[  113.504163][ T6291] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  113.517648][ T6291] syz.0.966: attempt to access beyond end of device
[  113.517648][ T6291] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  113.533416][ T6291] syz.0.966: attempt to access beyond end of device
[  113.533416][ T6291] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  113.547355][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.569024][ T6291] syz.0.966: attempt to access beyond end of device
[  113.569024][ T6291] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  113.582273][ T6289] syz.0.966: attempt to access beyond end of device
[  113.582273][ T6289] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  113.600609][ T6292] syz.0.966: attempt to access beyond end of device
[  113.600609][ T6292] loop0: rw=0, sector=2065, nr_sectors = 1 limit=128
[  113.612697][ T6298] FAULT_INJECTION: forcing a failure.
[  113.612697][ T6298] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  113.613911][ T6292] buffer_io_error: 164513 callbacks suppressed
[  113.613929][ T6292] Buffer I/O error on dev loop0, logical block 2065, async page read
[  113.628782][ T6298] CPU: 0 UID: 0 PID: 6298 Comm: syz.2.978 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  113.628901][ T6298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  113.628920][ T6298] Call Trace:
[  113.628929][ T6298]  <TASK>
[  113.628942][ T6298]  __dump_stack+0x1d/0x30
[  113.628972][ T6298]  dump_stack_lvl+0xe8/0x140
[  113.629004][ T6298]  dump_stack+0x15/0x1b
[  113.629028][ T6298]  should_fail_ex+0x265/0x280
[  113.629064][ T6298]  should_fail+0xb/0x20
[  113.629093][ T6298]  should_fail_usercopy+0x1a/0x20
[  113.629188][ T6298]  _copy_to_user+0x20/0xa0
[  113.629234][ T6298]  simple_read_from_buffer+0xb5/0x130
[  113.629281][ T6298]  proc_fail_nth_read+0x10e/0x150
[  113.629322][ T6298]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  113.629360][ T6298]  vfs_read+0x1a5/0x770
[  113.629456][ T6298]  ? __rcu_read_unlock+0x4f/0x70
[  113.629575][ T6298]  ? __fget_files+0x184/0x1c0
[  113.629622][ T6298]  ksys_read+0xda/0x1a0
[  113.629656][ T6298]  __x64_sys_read+0x40/0x50
[  113.629691][ T6298]  x64_sys_call+0x27bc/0x2ff0
[  113.629801][ T6298]  do_syscall_64+0xd2/0x200
[  113.629846][ T6298]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  113.629879][ T6298]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  113.629938][ T6298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.629969][ T6298] RIP: 0033:0x7fbf506bd8dc
[  113.629993][ T6298] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  113.630019][ T6298] RSP: 002b:00007fbf4f11f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  113.630049][ T6298] RAX: ffffffffffffffda RBX: 00007fbf50915fa0 RCX: 00007fbf506bd8dc
[  113.630093][ T6298] RDX: 000000000000000f RSI: 00007fbf4f11f0a0 RDI: 0000000000000003
[  113.630111][ T6298] RBP: 00007fbf4f11f090 R08: 0000000000000000 R09: 0000000000000000
[  113.630128][ T6298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.630146][ T6298] R13: 00007fbf50916038 R14: 00007fbf50915fa0 R15: 00007ffce40bac08
[  113.630173][ T6298]  </TASK>
[  113.843675][ T6292] syz.0.966: attempt to access beyond end of device
[  113.843675][ T6292] loop0: rw=0, sector=2066, nr_sectors = 1 limit=128
[  113.856901][ T6292] Buffer I/O error on dev loop0, logical block 2066, async page read
[  113.865128][ T6292] syz.0.966: attempt to access beyond end of device
[  113.865128][ T6292] loop0: rw=0, sector=2067, nr_sectors = 1 limit=128
[  113.878308][ T6292] Buffer I/O error on dev loop0, logical block 2067, async page read
[  113.886602][ T6292] syz.0.966: attempt to access beyond end of device
[  113.886602][ T6292] loop0: rw=0, sector=2068, nr_sectors = 1 limit=128
[  113.900028][ T6292] Buffer I/O error on dev loop0, logical block 2068, async page read
[  113.910094][ T6292] Buffer I/O error on dev loop0, logical block 2069, async page read
[  113.910431][   T29] kauditd_printk_skb: 270 callbacks suppressed
[  113.910507][   T29] audit: type=1326 audit(1759111047.843:5347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6300 comm="syz.4.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  113.918312][ T6292] Buffer I/O error on dev loop0, logical block 2070, async page read
[  113.918337][ T6292] Buffer I/O error on dev loop0, logical block 2071, async page read
[  113.928525][   T29] audit: type=1326 audit(1759111047.863:5348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6300 comm="syz.4.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  113.948264][ T6292] Buffer I/O error on dev loop0, logical block 2072, async page read
[  113.948377][ T6292] Buffer I/O error on dev loop0, logical block 2065, async page read
[  114.004443][ T6292] Buffer I/O error on dev loop0, logical block 2066, async page read
[  114.013338][   T29] audit: type=1326 audit(1759111047.893:5349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6300 comm="syz.4.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  114.037083][   T29] audit: type=1326 audit(1759111047.893:5350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6300 comm="syz.4.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  114.060461][   T29] audit: type=1326 audit(1759111047.893:5351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6300 comm="syz.4.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  114.083919][   T29] audit: type=1326 audit(1759111047.893:5352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6300 comm="syz.4.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  114.107619][   T29] audit: type=1326 audit(1759111047.893:5353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6300 comm="syz.4.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  114.131079][   T29] audit: type=1326 audit(1759111047.893:5354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6300 comm="syz.4.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  114.154508][   T29] audit: type=1326 audit(1759111047.893:5355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6300 comm="syz.4.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  114.177797][   T29] audit: type=1326 audit(1759111047.893:5356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6300 comm="syz.4.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  114.207077][ T6296] lo speed is unknown, defaulting to 1000
[  114.226112][ T6304] loop1: detected capacity change from 0 to 512
[  114.291570][ T6304] EXT4-fs: Ignoring removed nobh option
[  114.299172][ T6305] loop2: detected capacity change from 0 to 128
[  114.327541][ T6304] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.969: corrupted inode contents
[  114.340045][ T6304] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #3: comm syz.1.969: mark_inode_dirty error
[  114.363667][ T6304] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.969: corrupted inode contents
[  114.443387][ T6304] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.969: mark_inode_dirty error
[  114.472264][ T6320] loop4: detected capacity change from 0 to 128
[  114.491612][ T6320] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  114.493378][ T6304] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.969: Failed to acquire dquot type 0
[  114.499533][ T6320] FAT-fs (loop4): Filesystem has been set read-only
[  114.519140][ T6304] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.969: corrupted inode contents
[  114.520137][ T6320] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  114.531341][ T6304] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #16: comm syz.1.969: mark_inode_dirty error
[  114.556419][ T6304] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.969: corrupted inode contents
[  114.568820][ T6304] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.969: mark_inode_dirty error
[  114.639427][ T6328] loop2: detected capacity change from 0 to 4096
[  114.647889][ T6328] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  114.742456][ T6328] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.763066][ T6328] hub 9-0:1.0: USB hub found
[  114.767934][ T6328] hub 9-0:1.0: 8 ports detected
[  114.778623][ T6304] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.969: corrupted inode contents
[  114.969475][ T6304] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  115.025403][ T6334] futex_wake_op: syz.4.980 tries to shift op by -1; fix this program
[  115.038382][ T6331] lo speed is unknown, defaulting to 1000
[  115.051967][ T6304] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.969: corrupted inode contents
[  115.089281][ T6304] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.969: mark_inode_dirty error
[  115.145173][ T6304] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  115.210838][ T6304] EXT4-fs (loop1): 1 truncate cleaned up
[  115.222726][ T6304] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.235364][ T6304] ext4 filesystem being mounted at /200/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.307891][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.379161][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.453450][ T6347] loop0: detected capacity change from 0 to 1024
[  115.460412][ T6347] EXT4-fs: Ignoring removed oldalloc option
[  115.496624][ T6347] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  115.515144][ T6347] ext4 filesystem being mounted at /196/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.554544][ T6347] __nla_validate_parse: 2 callbacks suppressed
[  115.554559][ T6347] netlink: 8 bytes leftover after parsing attributes in process `syz.0.984'.
[  115.569784][ T6347] netlink: 'syz.0.984': attribute type 1 has an invalid length.
[  115.577631][ T6347] netlink: 8 bytes leftover after parsing attributes in process `syz.0.984'.
[  115.590270][ T6347] netlink: 8 bytes leftover after parsing attributes in process `syz.0.984'.
[  115.599119][ T6347] netlink: 'syz.0.984': attribute type 1 has an invalid length.
[  115.606827][ T6347] netlink: 8 bytes leftover after parsing attributes in process `syz.0.984'.
[  115.619712][ T6358] EXT4-fs error (device loop0): ext4_free_blocks:6696: comm syz.0.984: Freeing blocks not in datazone - block = 0, count = 16
[  115.636378][ T6347] netlink: 'syz.0.984': attribute type 63 has an invalid length.
[  115.658930][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  115.681926][ T6361] loop0: detected capacity change from 0 to 512
[  115.688729][ T6361] EXT4-fs: Ignoring removed nobh option
[  115.714929][ T6361] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.988: corrupted inode contents
[  115.726933][ T6361] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.988: mark_inode_dirty error
[  115.740157][ T6361] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.988: corrupted inode contents
[  115.753955][ T6361] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.988: mark_inode_dirty error
[  115.765648][ T6361] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.988: Failed to acquire dquot type 0
[  115.778617][ T6361] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.988: corrupted inode contents
[  115.790861][ T6361] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.988: mark_inode_dirty error
[  115.802837][ T6361] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.988: corrupted inode contents
[  115.815022][ T6361] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.988: mark_inode_dirty error
[  115.826745][ T6361] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.988: corrupted inode contents
[  115.838698][ T6361] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  115.848600][ T6361] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.988: corrupted inode contents
[  115.860810][ T6361] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.988: mark_inode_dirty error
[  115.874158][ T6361] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  115.884711][ T6361] EXT4-fs (loop0): 1 truncate cleaned up
[  115.890803][ T6361] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.907445][ T6361] ext4 filesystem being mounted at /197/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.939723][ T6369] loop4: detected capacity change from 0 to 2048
[  115.947430][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.984931][ T6369] siw: device registration error -23
[  116.060528][ T6367] lo speed is unknown, defaulting to 1000
[  116.185574][ T6384] loop4: detected capacity change from 0 to 4096
[  116.193585][ T6384] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  116.255508][ T6384] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.278485][ T6384] hub 9-0:1.0: USB hub found
[  116.283349][ T6384] hub 9-0:1.0: 8 ports detected
[  116.805996][ T6398] 9pnet_fd: Insufficient options for proto=fd
[  116.811594][ T6401] loop1: detected capacity change from 0 to 128
[  116.823464][ T6401] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  116.831413][ T6401] FAT-fs (loop1): Filesystem has been set read-only
[  116.844592][ T6401] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  116.852772][ T6401] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  116.871668][ T6404] futex_wake_op: syz.0.1002 tries to shift op by -1; fix this program
[  116.929615][ T6405] lo speed is unknown, defaulting to 1000
[  116.943812][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.983430][ T6409] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1004'.
[  117.113479][ T6409] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1004'.
[  117.200623][ T6423] loop4: detected capacity change from 0 to 2048
[  117.304473][ T6414] siw: device registration error -23
[  117.807559][ T6433] lo speed is unknown, defaulting to 1000
[  117.985323][ T6446] loop2: detected capacity change from 0 to 4096
[  117.993240][ T6446] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  118.006378][ T6446] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.028895][ T6446] hub 9-0:1.0: USB hub found
[  118.033775][ T6446] hub 9-0:1.0: 8 ports detected
[  118.336178][ T6436] lo speed is unknown, defaulting to 1000
[  118.586912][ T6452] loop3: detected capacity change from 0 to 4096
[  118.595043][ T6452] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  118.659576][ T6452] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.780502][ T6452] hub 9-0:1.0: USB hub found
[  118.786042][ T6452] hub 9-0:1.0: 8 ports detected
[  119.062047][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.155092][ T6457] netlink: 'syz.4.1017': attribute type 1 has an invalid length.
[  119.171555][ T6459] loop0: detected capacity change from 0 to 128
[  119.252847][ T6459] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  119.252888][ T6459] FAT-fs (loop0): Filesystem has been set read-only
[  119.252980][ T6459] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  119.253179][ T6459] bio_check_eod: 57605 callbacks suppressed
[  119.253194][ T6459] syz.0.1018: attempt to access beyond end of device
[  119.253194][ T6459] loop0: rw=2049, sector=2065, nr_sectors = 8 limit=128
[  119.380799][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.399509][ T6472] loop2: detected capacity change from 0 to 128
[  119.408562][ T6472] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  119.408588][ T6472] FAT-fs (loop2): Filesystem has been set read-only
[  119.408605][ T6472] syz.2.1021: attempt to access beyond end of device
[  119.408605][ T6472] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  119.408701][ T6472] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  119.408723][ T6472] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  119.408938][ T6472] syz.2.1021: attempt to access beyond end of device
[  119.408938][ T6472] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  119.409022][ T6472] syz.2.1021: attempt to access beyond end of device
[  119.409022][ T6472] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  119.409070][ T6472] syz.2.1021: attempt to access beyond end of device
[  119.409070][ T6472] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  119.409123][ T6472] syz.2.1021: attempt to access beyond end of device
[  119.409123][ T6472] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  119.409246][ T6472] syz.2.1021: attempt to access beyond end of device
[  119.409246][ T6472] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  119.409290][ T6472] syz.2.1021: attempt to access beyond end of device
[  119.409290][ T6472] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  119.409384][ T6472] syz.2.1021: attempt to access beyond end of device
[  119.409384][ T6472] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  119.409430][ T6472] syz.2.1021: attempt to access beyond end of device
[  119.409430][ T6472] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  119.410524][ T6468] loop0: detected capacity change from 0 to 2048
[  119.458403][ T6466] siw: device registration error -23
[  119.478491][ T6476] buffer_io_error: 56622 callbacks suppressed
[  119.478509][ T6476] Buffer I/O error on dev loop2, logical block 2065, async page read
[  119.478564][ T6476] Buffer I/O error on dev loop2, logical block 2066, async page read
[  119.478586][ T6476] Buffer I/O error on dev loop2, logical block 2067, async page read
[  119.478602][ T6476] Buffer I/O error on dev loop2, logical block 2068, async page read
[  119.478631][ T6476] Buffer I/O error on dev loop2, logical block 2069, async page read
[  119.478651][ T6476] Buffer I/O error on dev loop2, logical block 2070, async page read
[  119.478668][ T6476] Buffer I/O error on dev loop2, logical block 2071, async page read
[  119.478697][ T6476] Buffer I/O error on dev loop2, logical block 2072, async page read
[  119.478731][ T6476] Buffer I/O error on dev loop2, logical block 2065, async page read
[  119.478753][ T6476] Buffer I/O error on dev loop2, logical block 2066, async page read
[  119.481230][ T6478] futex_wake_op: syz.0.1023 tries to shift op by -1; fix this program
[  119.582590][ T6481] loop1: detected capacity change from 0 to 512
[  119.584435][ T6481] EXT4-fs (loop1): orphan cleanup on readonly fs
[  119.585143][ T6481] EXT4-fs warning (device loop1): ext4_xattr_inode_get:556: inode #11: comm syz.1.1024: EA inode hash validation failed
[  119.585242][ T6481] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #15: comm syz.1.1024: corrupted inode contents
[  119.585454][ T6481] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #15: comm syz.1.1024: mark_inode_dirty error
[  119.585799][ T6481] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #15: comm syz.1.1024: corrupted inode contents
[  119.586051][ T6481] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2991: inode #15: comm syz.1.1024: mark_inode_dirty error
[  119.586313][ T6481] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2994: inode #15: comm syz.1.1024: mark inode dirty (error -117)
[  119.586548][ T6481] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117)
[  119.586584][ T6481] EXT4-fs (loop1): 1 orphan inode deleted
[  119.586987][ T6481] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  119.601911][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.624346][ T6490] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1017'.
[  119.738719][ T6492] hub 9-0:1.0: USB hub found
[  119.739063][ T6492] hub 9-0:1.0: 8 ports detected
[  120.567772][ T6504] lo speed is unknown, defaulting to 1000
[  120.784799][ T6512] loop4: detected capacity change from 0 to 2048
[  120.798574][ T6494] lo speed is unknown, defaulting to 1000
[  121.093783][ T6512] siw: device registration error -23
[  121.315392][ T6523] loop4: detected capacity change from 0 to 512
[  121.322068][ T6523] EXT4-fs: Ignoring removed nobh option
[  121.378164][ T6528] loop3: detected capacity change from 0 to 128
[  121.396872][ T6528] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  121.404790][ T6528] FAT-fs (loop3): Filesystem has been set read-only
[  121.412099][ T6523] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #3: comm syz.4.1036: corrupted inode contents
[  121.425633][ T6528] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  121.433541][ T6528] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  121.436489][ T6518] lo speed is unknown, defaulting to 1000
[  121.444748][ T6523] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #3: comm syz.4.1036: mark_inode_dirty error
[  121.459363][ T6530] netlink: 'syz.0.1039': attribute type 1 has an invalid length.
[  121.480072][ T6523] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #3: comm syz.4.1036: corrupted inode contents
[  121.566934][ T6523] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #3: comm syz.4.1036: mark_inode_dirty error
[  121.567244][ T6523] __quota_error: 406 callbacks suppressed
[  121.567259][ T6523] Quota error (device loop4): write_blk: dquota write failed
[  121.567339][ T6523] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  121.567367][ T6523] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.1036: Failed to acquire dquot type 0
[  121.567767][ T6523] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.1036: corrupted inode contents
[  121.567920][ T6523] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #16: comm syz.4.1036: mark_inode_dirty error
[  121.568030][ T6523] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.1036: corrupted inode contents
[  121.568181][ T6523] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #16: comm syz.4.1036: mark_inode_dirty error
[  121.568308][ T6523] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.1036: corrupted inode contents
[  121.568459][ T6523] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  121.568573][ T6523] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.1036: corrupted inode contents
[  121.568681][ T6523] EXT4-fs error (device loop4): ext4_truncate:4666: inode #16: comm syz.4.1036: mark_inode_dirty error
[  121.568822][ T6523] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  121.582847][ T6523] EXT4-fs (loop4): 1 truncate cleaned up
[  121.583517][ T6523] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.583606][ T6523] ext4 filesystem being mounted at /236/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.610849][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.806002][ T6545] hub 9-0:1.0: USB hub found
[  121.806389][ T6545] hub 9-0:1.0: 8 ports detected
[  122.513156][ T6552] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1045'.
[  122.579616][ T6556] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1045'.
[  122.599927][ T6552] 8021q: adding VLAN 0 to HW filter on device bond1
[  122.629596][ T6555] loop3: detected capacity change from 0 to 2048
[  122.683893][ T6550] lo speed is unknown, defaulting to 1000
[  122.694436][ T6555] siw: device registration error -23
[  122.725612][ T6571] syzkaller1: entered promiscuous mode
[  122.731148][ T6571] syzkaller1: entered allmulticast mode
[  122.786866][ T6571] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=6571 comm=syz.0.1049
[  122.801370][ T6571] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1049'.
[  122.982949][ T6576] lo speed is unknown, defaulting to 1000
[  123.040911][ T6580] loop2: detected capacity change from 0 to 512
[  123.048139][ T6580] EXT4-fs: Ignoring removed nobh option
[  123.066593][ T6580] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #3: comm syz.2.1052: corrupted inode contents
[  123.081878][ T6580] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #3: comm syz.2.1052: mark_inode_dirty error
[  123.095396][ T6580] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #3: comm syz.2.1052: corrupted inode contents
[  123.108807][ T6580] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.1052: mark_inode_dirty error
[  123.121709][ T6580] Quota error (device loop2): write_blk: dquota write failed
[  123.138304][ T6580] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  123.148607][ T6580] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.1052: Failed to acquire dquot type 0
[  123.162492][ T6580] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.1052: corrupted inode contents
[  123.176572][ T6580] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #16: comm syz.2.1052: mark_inode_dirty error
[  123.188354][ T6580] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.1052: corrupted inode contents
[  123.202023][ T6580] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.1052: mark_inode_dirty error
[  123.226383][ T6580] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.1052: corrupted inode contents
[  123.240336][ T6580] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  123.249513][ T6580] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.1052: corrupted inode contents
[  123.269414][ T6580] EXT4-fs error (device loop2): ext4_truncate:4666: inode #16: comm syz.2.1052: mark_inode_dirty error
[  123.281444][ T6580] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  123.292140][ T6580] EXT4-fs (loop2): 1 truncate cleaned up
[  123.299664][ T6580] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.312410][ T6580] ext4 filesystem being mounted at /177/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.356489][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.382020][ T6585] futex_wake_op: syz.2.1053 tries to shift op by -1; fix this program
[  123.446473][ T6588] loop4: detected capacity change from 0 to 128
[  123.459967][ T6588] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  123.467964][ T6588] FAT-fs (loop4): Filesystem has been set read-only
[  123.476225][ T6588] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  123.484131][ T6588] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  123.574123][ T6593] loop1: detected capacity change from 0 to 128
[  123.582449][ T6593] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  123.590280][ T6593] FAT-fs (loop1): Filesystem has been set read-only
[  123.618750][ T6593] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  123.767908][ T6601] hub 9-0:1.0: USB hub found
[  123.772788][ T6601] hub 9-0:1.0: 8 ports detected
[  124.262517][ T6588] bio_check_eod: 52183 callbacks suppressed
[  124.262611][ T6588] syz.4.1054: attempt to access beyond end of device
[  124.262611][ T6588] loop4: rw=0, sector=2066, nr_sectors = 1 limit=128
[  124.344880][ T6602] lo speed is unknown, defaulting to 1000
[  124.368978][ T6588] syz.4.1054: attempt to access beyond end of device
[  124.368978][ T6588] loop4: rw=0, sector=2067, nr_sectors = 1 limit=128
[  124.382681][ T6588] syz.4.1054: attempt to access beyond end of device
[  124.382681][ T6588] loop4: rw=0, sector=2068, nr_sectors = 1 limit=128
[  124.396483][ T6588] syz.4.1054: attempt to access beyond end of device
[  124.396483][ T6588] loop4: rw=0, sector=2069, nr_sectors = 1 limit=128
[  124.409863][ T6588] syz.4.1054: attempt to access beyond end of device
[  124.409863][ T6588] loop4: rw=0, sector=2070, nr_sectors = 1 limit=128
[  124.423261][ T6588] syz.4.1054: attempt to access beyond end of device
[  124.423261][ T6588] loop4: rw=0, sector=2071, nr_sectors = 1 limit=128
[  124.438188][ T6588] syz.4.1054: attempt to access beyond end of device
[  124.438188][ T6588] loop4: rw=0, sector=2072, nr_sectors = 1 limit=128
[  124.571005][ T6614] loop3: detected capacity change from 0 to 2048
[  124.625006][ T6614] siw: device registration error -23
[  124.662621][ T6629] loop3: detected capacity change from 0 to 128
[  124.671725][ T6629] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  124.679738][ T6629] FAT-fs (loop3): Filesystem has been set read-only
[  124.689516][ T6629] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  124.697710][ T6629] syz.3.1069: attempt to access beyond end of device
[  124.697710][ T6629] loop3: rw=2049, sector=2065, nr_sectors = 8 limit=128
[  124.761854][ T6631] lo speed is unknown, defaulting to 1000
[  124.785470][ T6633] futex_wake_op: syz.3.1071 tries to shift op by -1; fix this program
[  124.800884][ T6635] loop0: detected capacity change from 0 to 1024
[  124.807791][ T6635] EXT4-fs: Ignoring removed oldalloc option
[  124.838576][ T6635] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  124.852572][ T6635] ext4 filesystem being mounted at /211/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  124.870002][ T6635] EXT4-fs error (device loop0): ext4_free_blocks:6696: comm syz.0.1070: Freeing blocks not in datazone - block = 0, count = 16
[  124.911143][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  124.960854][ T6643] loop0: detected capacity change from 0 to 128
[  124.971196][ T6643] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  124.979237][ T6643] FAT-fs (loop0): Filesystem has been set read-only
[  124.987318][ T6643] syz.0.1072: attempt to access beyond end of device
[  124.987318][ T6643] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  125.001159][ T6643] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  125.009198][ T6643] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  125.019098][ T6643] syz.0.1072: attempt to access beyond end of device
[  125.019098][ T6643] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  125.033891][ T6644] buffer_io_error: 50230 callbacks suppressed
[  125.033912][ T6644] Buffer I/O error on dev loop0, logical block 2065, async page read
[  125.052096][ T6644] Buffer I/O error on dev loop0, logical block 2066, async page read
[  125.064205][ T6644] Buffer I/O error on dev loop0, logical block 2067, async page read
[  125.072660][ T6644] Buffer I/O error on dev loop0, logical block 2068, async page read
[  125.080776][ T6644] Buffer I/O error on dev loop0, logical block 2069, async page read
[  125.090533][ T6644] Buffer I/O error on dev loop0, logical block 2070, async page read
[  125.099350][ T6644] Buffer I/O error on dev loop0, logical block 2071, async page read
[  125.114910][ T6644] Buffer I/O error on dev loop0, logical block 2072, async page read
[  125.125302][ T6644] Buffer I/O error on dev loop0, logical block 2065, async page read
[  125.133860][ T6644] Buffer I/O error on dev loop0, logical block 2066, async page read
[  125.579235][ T6660] loop2: detected capacity change from 0 to 2048
[  125.686625][ T6665] loop4: detected capacity change from 0 to 4096
[  125.694810][ T6665] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  125.751525][ T6665] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  125.774555][ T6665] hub 9-0:1.0: USB hub found
[  125.779467][ T6665] hub 9-0:1.0: 8 ports detected
[  126.107277][ T6671] loop3: detected capacity change from 0 to 128
[  126.154002][ T6671] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  126.161991][ T6671] FAT-fs (loop3): Filesystem has been set read-only
[  126.264396][ T6671] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  126.286542][ T6676] syzkaller1: entered promiscuous mode
[  126.292181][ T6676] syzkaller1: entered allmulticast mode
[  126.333464][ T6676] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=6676 comm=syz.2.1083
[  126.348205][   T29] audit: type=1326 audit(1759111060.283:5759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6680 comm="syz.3.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cc600eec9 code=0x7ffc0000
[  126.371816][   T29] audit: type=1326 audit(1759111060.283:5760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6680 comm="syz.3.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cc600eec9 code=0x7ffc0000
[  126.455727][   T29] audit: type=1326 audit(1759111060.333:5761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6680 comm="syz.3.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7cc600eec9 code=0x7ffc0000
[  126.479214][   T29] audit: type=1326 audit(1759111060.333:5762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6680 comm="syz.3.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cc600eec9 code=0x7ffc0000
[  126.481514][ T6673] lo speed is unknown, defaulting to 1000
[  126.502698][   T29] audit: type=1326 audit(1759111060.333:5763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6680 comm="syz.3.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cc600eec9 code=0x7ffc0000
[  126.502744][   T29] audit: type=1326 audit(1759111060.333:5764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6680 comm="syz.3.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7cc600eec9 code=0x7ffc0000
[  126.566884][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.576886][   T29] kauditd_printk_skb: 9 callbacks suppressed
[  126.576901][   T29] audit: type=1326 audit(1759111060.513:5774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6680 comm="syz.3.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cc600eec9 code=0x7ffc0000
[  126.677526][   T29] audit: type=1326 audit(1759111060.513:5775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6680 comm="syz.3.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7cc600eec9 code=0x7ffc0000
[  126.701439][   T29] audit: type=1326 audit(1759111060.523:5776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6680 comm="syz.3.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cc600eec9 code=0x7ffc0000
[  126.724948][   T29] audit: type=1326 audit(1759111060.523:5777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6680 comm="syz.3.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7cc600eec9 code=0x7ffc0000
[  126.748514][   T29] audit: type=1326 audit(1759111060.523:5778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6680 comm="syz.3.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cc600eec9 code=0x7ffc0000
[  126.772183][   T29] audit: type=1326 audit(1759111060.523:5779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6680 comm="syz.3.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cc600eec9 code=0x7ffc0000
[  126.795708][   T29] audit: type=1326 audit(1759111060.523:5780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6680 comm="syz.3.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7cc600eec9 code=0x7ffc0000
[  126.819143][   T29] audit: type=1326 audit(1759111060.523:5781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6680 comm="syz.3.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cc600eec9 code=0x7ffc0000
[  126.842699][   T29] audit: type=1326 audit(1759111060.523:5782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6680 comm="syz.3.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cc600eec9 code=0x7ffc0000
[  126.866144][   T29] audit: type=1326 audit(1759111060.523:5783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6680 comm="syz.3.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f7cc600eec9 code=0x7ffc0000
[  127.041536][ T6704] futex_wake_op: syz.0.1092 tries to shift op by -1; fix this program
[  127.161345][ T6708] loop1: detected capacity change from 0 to 4096
[  127.194862][ T6708] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  127.223930][ T6708] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.255500][ T6708] hub 9-0:1.0: USB hub found
[  127.260356][ T6708] hub 9-0:1.0: 8 ports detected
[  127.448578][ T6713] loop2: detected capacity change from 0 to 2048
[  127.603374][ T6720] loop2: detected capacity change from 0 to 128
[  127.683024][ T6720] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  127.690924][ T6720] FAT-fs (loop2): Filesystem has been set read-only
[  127.703933][ T6720] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  127.711815][ T6720] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  128.066743][ T6724] loop4: detected capacity change from 0 to 4096
[  128.132577][ T6724] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  128.144073][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.158675][ T6724] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.181618][ T6724] hub 9-0:1.0: USB hub found
[  128.186629][ T6724] hub 9-0:1.0: 8 ports detected
[  128.472726][ T6731] loop1: detected capacity change from 0 to 128
[  128.495721][ T6731] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  128.503645][ T6731] FAT-fs (loop1): Filesystem has been set read-only
[  128.515210][ T6731] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  128.627495][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.837384][ T6732] lo speed is unknown, defaulting to 1000
[  129.016283][ T6752] loop2: detected capacity change from 0 to 2048
[  129.068421][ T6741] netdevsim netdevsim1: Direct firmware load for ./file0/file1 failed with error -2
[  129.068540][ T6735] lo speed is unknown, defaulting to 1000
[  129.332022][ T6766] loop2: detected capacity change from 0 to 512
[  129.338622][ T6766] EXT4-fs: Ignoring removed nobh option
[  129.356181][ T6766] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #3: comm syz.2.1111: corrupted inode contents
[  129.369630][ T6766] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #3: comm syz.2.1111: mark_inode_dirty error
[  129.390539][ T6766] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #3: comm syz.2.1111: corrupted inode contents
[  129.402828][ T6766] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.1111: mark_inode_dirty error
[  129.414614][ T6766] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.1111: Failed to acquire dquot type 0
[  129.426808][ T6766] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.1111: corrupted inode contents
[  129.440427][ T6766] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #16: comm syz.2.1111: mark_inode_dirty error
[  129.452099][ T6766] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.1111: corrupted inode contents
[  129.464200][ T6766] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.1111: mark_inode_dirty error
[  129.475819][ T6766] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.1111: corrupted inode contents
[  129.488740][ T6766] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  129.498933][ T6766] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.1111: corrupted inode contents
[  129.511281][ T6766] EXT4-fs error (device loop2): ext4_truncate:4666: inode #16: comm syz.2.1111: mark_inode_dirty error
[  129.526320][ T6766] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  129.540917][ T6770] netlink: 'syz.3.1112': attribute type 6 has an invalid length.
[  129.559211][ T6766] EXT4-fs (loop2): 1 truncate cleaned up
[  129.560859][ T6770] loop3: detected capacity change from 0 to 764
[  129.576307][ T6770] rock: directory entry would overflow storage
[  129.577884][ T6766] ext4 filesystem being mounted at /193/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  129.582531][ T6770] rock: sig=0x4f50, size=4, remaining=3
[  129.582552][ T6770] iso9660: Corrupted directory entry in block 6 of inode 1792
[  129.625833][ T6770] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.647588][ T6780] loop4: detected capacity change from 0 to 128
[  129.656501][ T6780] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  129.664723][ T6780] FAT-fs (loop4): Filesystem has been set read-only
[  129.671960][ T6780] bio_check_eod: 47446 callbacks suppressed
[  129.671977][ T6780] syz.4.1115: attempt to access beyond end of device
[  129.671977][ T6780] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  129.691903][ T6780] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  129.691932][ T6780] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  129.692193][ T6780] syz.4.1115: attempt to access beyond end of device
[  129.692193][ T6780] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  129.692242][ T6780] syz.4.1115: attempt to access beyond end of device
[  129.692242][ T6780] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  129.692282][ T6780] syz.4.1115: attempt to access beyond end of device
[  129.692282][ T6780] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  129.692509][ T6780] syz.4.1115: attempt to access beyond end of device
[  129.692509][ T6780] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  129.692548][ T6780] syz.4.1115: attempt to access beyond end of device
[  129.692548][ T6780] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  129.692696][ T6780] syz.4.1115: attempt to access beyond end of device
[  129.692696][ T6780] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  129.692734][ T6780] syz.4.1115: attempt to access beyond end of device
[  129.692734][ T6780] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  129.692815][ T6780] syz.4.1115: attempt to access beyond end of device
[  129.692815][ T6780] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  129.692863][ T6780] syz.4.1115: attempt to access beyond end of device
[  129.692863][ T6780] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  129.784983][ T6788] loop0: detected capacity change from 0 to 4096
[  129.790940][ T6788] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  129.874001][ T6788] hub 9-0:1.0: USB hub found
[  129.874360][ T6788] hub 9-0:1.0: 8 ports detected
[  130.081566][ T6770] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.102201][ T6780] buffer_io_error: 47662 callbacks suppressed
[  130.102221][ T6780] Buffer I/O error on dev loop4, logical block 2065, async page read
[  130.104020][ T6780] Buffer I/O error on dev loop4, logical block 2066, async page read
[  130.104108][ T6780] Buffer I/O error on dev loop4, logical block 2067, async page read
[  130.104195][ T6780] Buffer I/O error on dev loop4, logical block 2068, async page read
[  130.104213][ T6780] Buffer I/O error on dev loop4, logical block 2069, async page read
[  130.104230][ T6780] Buffer I/O error on dev loop4, logical block 2070, async page read
[  130.104250][ T6780] Buffer I/O error on dev loop4, logical block 2071, async page read
[  130.104580][ T6780] Buffer I/O error on dev loop4, logical block 2072, async page read
[  130.104630][ T6780] Buffer I/O error on dev loop4, logical block 2065, async page read
[  130.104650][ T6780] Buffer I/O error on dev loop4, logical block 2066, async page read
[  130.165072][ T6770] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.275930][ T6770] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.400252][   T12] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  130.574164][ T6795] loop1: detected capacity change from 0 to 128
[  130.593590][ T3559] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  130.685832][ T6795] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  130.693842][ T6795] FAT-fs (loop1): Filesystem has been set read-only
[  130.695806][ T3559] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  130.709028][ T3559] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  130.717575][ T6795] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  130.725491][ T6795] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  130.936306][ T6799] netdevsim netdevsim4: Direct firmware load for ./file0/file1 failed with error -2
[  130.953344][ T6801] lo speed is unknown, defaulting to 1000
[  131.444109][ T6821] loop1: detected capacity change from 0 to 512
[  131.451253][ T6821] EXT4-fs: Ignoring removed nobh option
[  131.471266][ T6821] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.1129: corrupted inode contents
[  131.483763][ T6821] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #3: comm syz.1.1129: mark_inode_dirty error
[  131.496028][ T6821] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.1129: corrupted inode contents
[  131.509922][ T6821] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.1129: mark_inode_dirty error
[  131.525192][ T6818] lo speed is unknown, defaulting to 1000
[  131.546083][ T6821] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.1129: Failed to acquire dquot type 0
[  131.588163][ T6821] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1129: corrupted inode contents
[  131.607396][ T6821] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #16: comm syz.1.1129: mark_inode_dirty error
[  131.628689][ T6821] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1129: corrupted inode contents
[  131.641102][ T6821] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.1129: mark_inode_dirty error
[  131.652755][ T6821] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1129: corrupted inode contents
[  131.673945][ T6821] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  131.686142][ T6821] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1129: corrupted inode contents
[  131.714623][ T6821] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.1129: mark_inode_dirty error
[  131.731856][ T6834] loop0: detected capacity change from 0 to 1024
[  131.738757][ T6834] EXT4-fs: Ignoring removed oldalloc option
[  131.745300][ T6821] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  131.755081][ T6821] EXT4-fs (loop1): 1 truncate cleaned up
[  131.774766][ T6834] ext4 filesystem being mounted at /226/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  131.852692][ T6838] loop3: detected capacity change from 0 to 4096
[  131.861372][ T6838] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  131.874800][ T6821] ext4 filesystem being mounted at /228/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  131.895644][   T29] kauditd_printk_skb: 320 callbacks suppressed
[  131.895662][   T29] audit: type=1326 audit(1759111065.833:6100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6840 comm="syz.2.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf506beec9 code=0x7ffc0000
[  131.952851][ T6838] EXT4-fs mount: 6 callbacks suppressed
[  131.952866][ T6838] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.980880][ T6838] hub 9-0:1.0: USB hub found
[  131.985673][ T6838] hub 9-0:1.0: 8 ports detected
[  132.217480][ T6834] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1135'.
[  132.226465][ T6834] netlink: 'syz.0.1135': attribute type 1 has an invalid length.
[  132.234239][ T6834] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1135'.
[  132.268655][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.346703][   T29] audit: type=1326 audit(1759111065.863:6101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6840 comm="syz.2.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf506beec9 code=0x7ffc0000
[  132.370280][   T29] audit: type=1326 audit(1759111065.863:6102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6840 comm="syz.2.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf506beec9 code=0x7ffc0000
[  132.373839][ T6834] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1135'.
[  132.393749][   T29] audit: type=1326 audit(1759111065.863:6103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6840 comm="syz.2.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf506beec9 code=0x7ffc0000
[  132.393806][   T29] audit: type=1326 audit(1759111065.863:6104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6840 comm="syz.2.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf506beec9 code=0x7ffc0000
[  132.402724][ T6834] netlink: 'syz.0.1135': attribute type 1 has an invalid length.
[  132.426095][   T29] audit: type=1326 audit(1759111065.863:6105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6840 comm="syz.2.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf506beec9 code=0x7ffc0000
[  132.449485][ T6834] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1135'.
[  132.457221][   T29] audit: type=1326 audit(1759111065.863:6106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6840 comm="syz.2.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf506beec9 code=0x7ffc0000
[  132.485687][ T6844] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.1135: bg 0: block 3: invalid block bitmap
[  132.489810][   T29] audit: type=1326 audit(1759111065.863:6107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6840 comm="syz.2.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf506beec9 code=0x7ffc0000
[  132.518759][ T6844] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 117
[  132.525353][   T29] audit: type=1326 audit(1759111065.863:6108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6840 comm="syz.2.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fbf506beec9 code=0x7ffc0000
[  132.549236][ T6844] EXT4-fs (loop0): This should not happen!! Data will be lost
[  132.549236][ T6844] 
[  132.561639][   T29] audit: type=1326 audit(1759111065.863:6109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6840 comm="syz.2.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf506beec9 code=0x7ffc0000
[  132.595591][ T6846] loop2: detected capacity change from 0 to 512
[  132.665007][ T6834] netlink: 'syz.0.1135': attribute type 63 has an invalid length.
[  132.705559][ T6849] futex_wake_op: syz.1.1137 tries to shift op by -1; fix this program
[  132.716309][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  132.734701][ T6846] EXT4-fs (loop2): orphan cleanup on readonly fs
[  132.744152][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.750105][ T6846] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.1138: bad orphan inode 13
[  132.765137][ T6846] ext4_test_bit(bit=12, block=18) = 1
[  132.770579][ T6846] is_bad_inode(inode)=0
[  132.774794][ T6846] NEXT_ORPHAN(inode)=2130706432
[  132.779863][ T6846] max_ino=32
[  132.783122][ T6846] i_nlink=1
[  132.787101][ T6846] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  132.800707][ T6846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.827076][ T6859] loop0: detected capacity change from 0 to 128
[  132.848412][ T6858] loop3: detected capacity change from 0 to 2048
[  132.855640][ T6859] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  132.863691][ T6859] FAT-fs (loop0): Filesystem has been set read-only
[  132.870435][ T6859] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  132.878492][ T6859] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  132.904029][ T6858] siw: device registration error -23
[  133.059096][ T6872] lo speed is unknown, defaulting to 1000
[  133.614799][ T6877] loop1: detected capacity change from 0 to 128
[  133.628112][ T6877] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  133.636095][ T6877] FAT-fs (loop1): Filesystem has been set read-only
[  133.662434][ T6877] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  133.732040][ T6885] loop1: detected capacity change from 0 to 512
[  133.742876][ T6885] EXT4-fs: Ignoring removed nobh option
[  133.755716][ T6885] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.1150: corrupted inode contents
[  133.772099][ T6885] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #3: comm syz.1.1150: mark_inode_dirty error
[  133.809721][ T6891] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1151'.
[  133.819558][ T6885] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.1150: corrupted inode contents
[  133.843188][ T6885] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.1150: mark_inode_dirty error
[  133.874855][ T6885] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.1150: Failed to acquire dquot type 0
[  133.906492][ T6885] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1150: corrupted inode contents
[  133.935258][ T6885] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #16: comm syz.1.1150: mark_inode_dirty error
[  133.948271][ T6885] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1150: corrupted inode contents
[  133.975633][ T6884] lo speed is unknown, defaulting to 1000
[  134.002627][ T6885] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.1150: mark_inode_dirty error
[  134.014360][ T6885] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1150: corrupted inode contents
[  134.026748][ T6885] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  134.035632][ T6885] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1150: corrupted inode contents
[  134.052718][ T6885] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.1150: mark_inode_dirty error
[  134.064228][ T6885] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  134.073622][ T6885] EXT4-fs (loop1): 1 truncate cleaned up
[  134.079981][ T6885] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.093014][ T6885] ext4 filesystem being mounted at /233/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.126235][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.159864][ T6899] loop1: detected capacity change from 0 to 2048
[  134.194658][ T6899] siw: device registration error -23
[  134.340662][ T6913] loop0: detected capacity change from 0 to 128
[  134.350022][ T6913] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  134.357972][ T6913] FAT-fs (loop0): Filesystem has been set read-only
[  134.365705][ T6913] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  134.393164][ T6916] loop0: detected capacity change from 0 to 128
[  134.401973][ T6916] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  134.410079][ T6916] FAT-fs (loop0): Filesystem has been set read-only
[  134.416866][ T6916] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  134.424719][ T6916] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  134.458511][ T6919] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6919 comm=syz.2.1161
[  134.471090][ T6919] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6919 comm=syz.2.1161
[  134.586812][ T6927] loop2: detected capacity change from 0 to 512
[  134.593860][ T6927] EXT4-fs: Ignoring removed nobh option
[  134.605254][ T6927] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #3: comm syz.2.1165: corrupted inode contents
[  134.628655][ T6927] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #3: comm syz.2.1165: mark_inode_dirty error
[  134.672364][ T6916] bio_check_eod: 137439 callbacks suppressed
[  134.672381][ T6916] syz.0.1160: attempt to access beyond end of device
[  134.672381][ T6916] loop0: rw=0, sector=2068, nr_sectors = 1 limit=128
[  134.692046][ T6927] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #3: comm syz.2.1165: corrupted inode contents
[  134.692741][ T6916] syz.0.1160: attempt to access beyond end of device
[  134.692741][ T6916] loop0: rw=0, sector=2069, nr_sectors = 1 limit=128
[  134.718849][ T6927] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.1165: mark_inode_dirty error
[  134.719609][ T6916] syz.0.1160: attempt to access beyond end of device
[  134.719609][ T6916] loop0: rw=0, sector=2070, nr_sectors = 1 limit=128
[  134.747336][ T6927] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.1165: Failed to acquire dquot type 0
[  134.748466][ T6916] syz.0.1160: attempt to access beyond end of device
[  134.748466][ T6916] loop0: rw=0, sector=2071, nr_sectors = 1 limit=128
[  134.772012][ T6916] syz.0.1160: attempt to access beyond end of device
[  134.772012][ T6916] loop0: rw=0, sector=2072, nr_sectors = 1 limit=128
[  134.785508][ T6916] syz.0.1160: attempt to access beyond end of device
[  134.785508][ T6916] loop0: rw=0, sector=2065, nr_sectors = 1 limit=128
[  134.798916][ T6916] syz.0.1160: attempt to access beyond end of device
[  134.798916][ T6916] loop0: rw=0, sector=2066, nr_sectors = 1 limit=128
[  134.812242][ T6916] syz.0.1160: attempt to access beyond end of device
[  134.812242][ T6916] loop0: rw=0, sector=2067, nr_sectors = 1 limit=128
[  134.825832][ T6916] syz.0.1160: attempt to access beyond end of device
[  134.825832][ T6916] loop0: rw=0, sector=2068, nr_sectors = 1 limit=128
[  134.839285][ T6916] syz.0.1160: attempt to access beyond end of device
[  134.839285][ T6916] loop0: rw=0, sector=2069, nr_sectors = 1 limit=128
[  134.884356][ T6927] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.1165: corrupted inode contents
[  134.902010][ T6927] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #16: comm syz.2.1165: mark_inode_dirty error
[  134.941627][ T6927] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.1165: corrupted inode contents
[  134.971580][ T6927] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.1165: mark_inode_dirty error
[  134.989752][ T6931] lo speed is unknown, defaulting to 1000
[  135.008273][ T6927] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.1165: corrupted inode contents
[  135.085362][ T6927] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  135.102422][ T6916] buffer_io_error: 142513 callbacks suppressed
[  135.102452][ T6916] Buffer I/O error on dev loop0, logical block 2068, async page read
[  135.119035][ T6927] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.1165: corrupted inode contents
[  135.131564][ T6927] EXT4-fs error (device loop2): ext4_truncate:4666: inode #16: comm syz.2.1165: mark_inode_dirty error
[  135.144549][ T6916] Buffer I/O error on dev loop0, logical block 2069, async page read
[  135.152939][ T6916] Buffer I/O error on dev loop0, logical block 2070, async page read
[  135.161282][ T6927] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  135.175572][ T6916] Buffer I/O error on dev loop0, logical block 2071, async page read
[  135.185979][ T6927] EXT4-fs (loop2): 1 truncate cleaned up
[  135.192603][ T6927] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.206668][ T6916] Buffer I/O error on dev loop0, logical block 2072, async page read
[  135.214950][ T6927] ext4 filesystem being mounted at /209/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  135.233737][ T6937] loop3: detected capacity change from 0 to 2048
[  135.240250][ T6916] Buffer I/O error on dev loop0, logical block 2065, async page read
[  135.248637][ T6916] Buffer I/O error on dev loop0, logical block 2066, async page read
[  135.256912][ T6916] Buffer I/O error on dev loop0, logical block 2067, async page read
[  135.265247][ T6916] Buffer I/O error on dev loop0, logical block 2068, async page read
[  135.273583][ T6916] Buffer I/O error on dev loop0, logical block 2069, async page read
[  135.313192][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.372067][ T6944] loop1: detected capacity change from 0 to 4096
[  135.393116][ T6944] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  135.413586][ T6937] siw: device registration error -23
[  135.420446][ T6944] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.443954][ T6944] hub 9-0:1.0: USB hub found
[  135.448988][ T6944] hub 9-0:1.0: 8 ports detected
[  136.154794][ T6963] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6963 comm=syz.4.1174
[  136.167352][ T6963] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6963 comm=syz.4.1174
[  136.191651][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.224786][ T6971] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1176'.
[  136.308489][ T6966] lo speed is unknown, defaulting to 1000
[  136.456461][ T6986] futex_wake_op: syz.2.1181 tries to shift op by -1; fix this program
[  136.571497][ T6992] loop4: detected capacity change from 0 to 2048
[  136.624329][ T6992] siw: device registration error -23
[  136.802235][ T7001] lo speed is unknown, defaulting to 1000
[  137.134030][ T7006] loop0: detected capacity change from 0 to 4096
[  137.256693][ T7008] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7008 comm=syz.3.1187
[  137.269294][ T7008] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7008 comm=syz.3.1187
[  137.546213][ T7006] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  137.646119][ T7006] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.670173][ T7006] hub 9-0:1.0: USB hub found
[  137.675127][ T7006] hub 9-0:1.0: 8 ports detected
[  137.955940][ T7028] loop2: detected capacity change from 0 to 2048
[  137.966832][   T29] kauditd_printk_skb: 614 callbacks suppressed
[  137.966846][   T29] audit: type=1326 audit(1759111071.903:6720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7033 comm="syz.4.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  137.998098][   T29] audit: type=1326 audit(1759111071.903:6721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7033 comm="syz.4.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  138.021818][   T29] audit: type=1326 audit(1759111071.903:6722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7033 comm="syz.4.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  138.045369][   T29] audit: type=1326 audit(1759111071.903:6723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7033 comm="syz.4.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  138.068914][   T29] audit: type=1326 audit(1759111071.903:6724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7033 comm="syz.4.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  138.092461][   T29] audit: type=1326 audit(1759111071.903:6725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7033 comm="syz.4.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f843bff5d67 code=0x7ffc0000
[  138.115943][   T29] audit: type=1326 audit(1759111071.903:6726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7033 comm="syz.4.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f843bf9af79 code=0x7ffc0000
[  138.139461][   T29] audit: type=1326 audit(1759111071.903:6727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7033 comm="syz.4.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f843bff5d67 code=0x7ffc0000
[  138.162823][   T29] audit: type=1326 audit(1759111071.903:6728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7033 comm="syz.4.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f843bf9af79 code=0x7ffc0000
[  138.186302][   T29] audit: type=1326 audit(1759111071.903:6729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7033 comm="syz.4.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f843bff5d67 code=0x7ffc0000
[  138.263865][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.304020][ T7043] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1197'.
[  138.337035][ T7048] futex_wake_op: syz.1.1201 tries to shift op by -1; fix this program
[  138.811806][ T7064] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7064 comm=syz.3.1206
[  138.824485][ T7064] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7064 comm=syz.3.1206
[  139.273357][ T7076] loop0: detected capacity change from 0 to 4096
[  139.281158][ T7076] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  139.325429][ T7077] loop2: detected capacity change from 0 to 2048
[  139.371670][ T7084] loop1: detected capacity change from 0 to 128
[  139.381978][ T7084] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  139.389881][ T7084] FAT-fs (loop1): Filesystem has been set read-only
[  139.398012][ T7084] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  139.441527][ T7076] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.460329][ T7076] hub 9-0:1.0: USB hub found
[  139.465223][ T7076] hub 9-0:1.0: 8 ports detected
[  139.658313][ T7092] loop1: detected capacity change from 0 to 2048
[  139.745770][ T7103] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1219'.
[  139.756509][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.773523][ T7106] futex_wake_op: syz.2.1221 tries to shift op by -1; fix this program
[  139.775214][ T7092] siw: device registration error -23
[  140.111897][ T7125] loop1: detected capacity change from 0 to 4096
[  140.173439][ T7125] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  140.204676][ T7125] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.673579][ T7131] loop4: detected capacity change from 0 to 128
[  140.761271][ T7130] loop3: detected capacity change from 0 to 2048
[  140.775105][ T7131] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  140.778991][ T7138] loop2: detected capacity change from 0 to 128
[  140.783001][ T7131] FAT-fs (loop4): Filesystem has been set read-only
[  140.797808][ T7136] loop0: detected capacity change from 0 to 128
[  140.800075][ T7138] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  140.812171][ T7138] FAT-fs (loop2): Filesystem has been set read-only
[  140.825025][ T7136] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  140.832979][ T7136] FAT-fs (loop0): Filesystem has been set read-only
[  140.838465][ T7131] bio_check_eod: 9340 callbacks suppressed
[  140.838485][ T7131] syz.4.1228: attempt to access beyond end of device
[  140.838485][ T7131] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  140.847094][ T7130] siw: device registration error -23
[  140.866125][ T7138] syz.2.1230: attempt to access beyond end of device
[  140.866125][ T7138] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  140.891181][ T7136] syz.0.1229: attempt to access beyond end of device
[  140.891181][ T7136] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  140.910798][ T7136] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  140.918732][ T7136] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  140.919679][ T7131] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  140.930141][ T7138] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  140.934657][ T7131] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  140.942765][ T7138] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  140.950421][ T7136] syz.0.1229: attempt to access beyond end of device
[  140.950421][ T7136] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  140.973327][ T7128] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  140.973569][ T7136] syz.0.1229: attempt to access beyond end of device
[  140.973569][ T7136] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  140.995109][ T7136] syz.0.1229: attempt to access beyond end of device
[  140.995109][ T7136] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  140.997035][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.017974][ T7138] syz.2.1230: attempt to access beyond end of device
[  141.017974][ T7138] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  141.033217][ T7128] syz.4.1228: attempt to access beyond end of device
[  141.033217][ T7128] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  141.043837][ T7143] syz.2.1230: attempt to access beyond end of device
[  141.043837][ T7143] loop2: rw=0, sector=2065, nr_sectors = 1 limit=128
[  141.047311][ T7131] syz.4.1228: attempt to access beyond end of device
[  141.047311][ T7131] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  141.060203][ T7143] buffer_io_error: 3 callbacks suppressed
[  141.060221][ T7143] Buffer I/O error on dev loop2, logical block 2065, async page read
[  141.088298][ T7128] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  141.096273][ T7128] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  141.099195][ T7140] Buffer I/O error on dev loop4, logical block 2065, async page read
[  141.115188][ T7140] Buffer I/O error on dev loop4, logical block 2066, async page read
[  141.125146][ T7143] Buffer I/O error on dev loop2, logical block 2066, async page read
[  141.133479][ T7139] Buffer I/O error on dev loop0, logical block 2065, async page read
[  141.141804][ T7140] Buffer I/O error on dev loop4, logical block 2067, async page read
[  141.151615][ T7143] Buffer I/O error on dev loop2, logical block 2067, async page read
[  141.153656][ T7139] Buffer I/O error on dev loop0, logical block 2066, async page read
[  141.162066][ T7140] Buffer I/O error on dev loop4, logical block 2068, async page read
[  141.169874][ T7139] Buffer I/O error on dev loop0, logical block 2067, async page read
[  141.326095][ T7158] loop1: detected capacity change from 0 to 4096
[  141.335470][ T7158] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  141.426408][ T7158] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  141.443702][ T7158] hub 9-0:1.0: USB hub found
[  141.449038][ T7158] hub 9-0:1.0: 8 ports detected
[  141.670345][ T7161] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7161 comm=syz.3.1236
[  141.682991][ T7161] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7161 comm=syz.3.1236
[  141.975540][ T7167] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1238'.
[  142.040247][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.786787][ T7180] loop4: detected capacity change from 0 to 2048
[  142.823759][ T7180] siw: device registration error -23
[  142.937196][ T7196] loop1: detected capacity change from 0 to 128
[  142.962190][ T7196] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  142.970147][ T7196] FAT-fs (loop1): Filesystem has been set read-only
[  142.981946][ T7197] lo speed is unknown, defaulting to 1000
[  142.992458][ T7196] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  143.000380][ T7196] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  143.017233][ T7202] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7202 comm=syz.0.1249
[  143.029773][ T7202] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7202 comm=syz.0.1249
[  143.100864][ T7205] loop2: detected capacity change from 0 to 4096
[  143.169654][ T7205] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  143.269675][ T7205] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.293464][ T7205] hub 9-0:1.0: USB hub found
[  143.298834][ T7205] hub 9-0:1.0: 8 ports detected
[  143.777014][ T7213] loop4: detected capacity change from 0 to 4096
[  143.849519][ T7213] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.864913][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.876807][ T7217] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1253'.
[  143.928517][ T7213] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1251'.
[  143.950811][   T29] kauditd_printk_skb: 1192 callbacks suppressed
[  143.950828][   T29] audit: type=1400 audit(1759111077.873:7922): avc:  denied  { nlmsg_read } for  pid=7220 comm="syz.2.1252" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  143.987146][ T7221] loop2: detected capacity change from 0 to 1024
[  144.008426][ T7221] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  144.019418][ T7221] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  144.026998][ T7224] loop0: detected capacity change from 0 to 2048
[  144.037634][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.060343][ T7221] JBD2: no valid journal superblock found
[  144.066163][ T7221] EXT4-fs (loop2): Could not load journal inode
[  144.083774][ T7224] siw: device registration error -23
[  144.106647][ T7221] loop2: detected capacity change from 0 to 128
[  144.130550][ T7221] msdos: Unknown parameter ''
[  144.165863][   T29] audit: type=1326 audit(1759111078.103:7923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7235 comm="syz.4.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f843bff5d67 code=0x7ffc0000
[  144.223494][ T7234] loop0: detected capacity change from 0 to 2048
[  144.230984][   T29] audit: type=1326 audit(1759111078.133:7924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7235 comm="syz.4.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f843bf9af79 code=0x7ffc0000
[  144.254837][   T29] audit: type=1326 audit(1759111078.133:7925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7235 comm="syz.4.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f843bff5d67 code=0x7ffc0000
[  144.278262][   T29] audit: type=1326 audit(1759111078.133:7926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7235 comm="syz.4.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f843bf9af79 code=0x7ffc0000
[  144.301819][   T29] audit: type=1326 audit(1759111078.133:7927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7235 comm="syz.4.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  144.325355][   T29] audit: type=1326 audit(1759111078.133:7928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7235 comm="syz.4.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f843bff5d67 code=0x7ffc0000
[  144.348856][   T29] audit: type=1326 audit(1759111078.133:7929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7235 comm="syz.4.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f843bf9af79 code=0x7ffc0000
[  144.372221][   T29] audit: type=1326 audit(1759111078.133:7930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7235 comm="syz.4.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  144.395861][   T29] audit: type=1326 audit(1759111078.133:7931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7235 comm="syz.4.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f843bff5d67 code=0x7ffc0000
[  144.434753][ T7248] loop3: detected capacity change from 0 to 1024
[  144.441823][ T7248] EXT4-fs: Ignoring removed i_version option
[  144.447938][ T7248] EXT4-fs: Ignoring removed nomblk_io_submit option
[  144.449723][ T7234] siw: device registration error -23
[  144.477678][ T7248] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.496408][ T7252] futex_wake_op: syz.4.1263 tries to shift op by -1; fix this program
[  144.644607][ T7260] loop0: detected capacity change from 0 to 4096
[  144.652894][ T7260] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  144.716009][ T7260] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.738881][ T7260] hub 9-0:1.0: USB hub found
[  144.744002][ T7260] hub 9-0:1.0: 8 ports detected
[  145.329188][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.377107][ T7280] FAULT_INJECTION: forcing a failure.
[  145.377107][ T7280] name failslab, interval 1, probability 0, space 0, times 0
[  145.389814][ T7280] CPU: 0 UID: 0 PID: 7280 Comm: syz.1.1273 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  145.389849][ T7280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  145.389865][ T7280] Call Trace:
[  145.389872][ T7280]  <TASK>
[  145.389894][ T7280]  __dump_stack+0x1d/0x30
[  145.389928][ T7280]  dump_stack_lvl+0xe8/0x140
[  145.389953][ T7280]  dump_stack+0x15/0x1b
[  145.389974][ T7280]  should_fail_ex+0x265/0x280
[  145.390017][ T7280]  ? getname_flags+0x208/0x3b0
[  145.390046][ T7280]  should_failslab+0x8c/0xb0
[  145.390076][ T7280]  __kmalloc_cache_noprof+0x4c/0x320
[  145.390179][ T7280]  getname_flags+0x208/0x3b0
[  145.390278][ T7280]  getname_uflags+0x21/0x30
[  145.390318][ T7280]  __x64_sys_execveat+0x5d/0x90
[  145.390399][ T7280]  x64_sys_call+0x1fec/0x2ff0
[  145.390426][ T7280]  do_syscall_64+0xd2/0x200
[  145.390457][ T7280]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  145.390499][ T7280]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  145.390532][ T7280]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.390554][ T7280] RIP: 0033:0x7f12e774eec9
[  145.390574][ T7280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.390598][ T7280] RSP: 002b:00007f12e61af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  145.390645][ T7280] RAX: ffffffffffffffda RBX: 00007f12e79a5fa0 RCX: 00007f12e774eec9
[  145.390659][ T7280] RDX: 0000000000000000 RSI: 0000200000030140 RDI: ffffffffffffffff
[  145.390671][ T7280] RBP: 00007f12e61af090 R08: f13caab8a54f7f16 R09: 0000000000000000
[  145.390683][ T7280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  145.390724][ T7280] R13: 00007f12e79a6038 R14: 00007f12e79a5fa0 R15: 00007ffe600401e8
[  145.390750][ T7280]  </TASK>
[  145.570439][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.597027][ T7285] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1277'.
[  145.645161][ T7291] loop1: detected capacity change from 0 to 2048
[  145.684096][ T7291] siw: device registration error -23
[  145.728306][ T7298] lo speed is unknown, defaulting to 1000
[  145.899870][ T7309] loop1: detected capacity change from 0 to 1024
[  145.935640][ T7309] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  145.946599][ T7309] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  145.959253][ T7309] JBD2: no valid journal superblock found
[  145.965135][ T7309] EXT4-fs (loop1): Could not load journal inode
[  146.048409][ T7313] loop1: detected capacity change from 0 to 2048
[  146.265296][ T7324] loop1: detected capacity change from 0 to 2048
[  146.314430][ T7324] siw: device registration error -23
[  146.426176][ T7335] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1294'.
[  146.445754][ T7337] loop1: detected capacity change from 0 to 1024
[  146.463983][ T7337] EXT4-fs: Ignoring removed nobh option
[  146.469650][ T7337] EXT4-fs: inline encryption not supported
[  146.525096][ T7337] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.540471][ T7348] loop3: detected capacity change from 0 to 512
[  146.554208][ T7350] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1294'.
[  146.568655][ T7348] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.584543][ T7337] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 18: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  146.611975][ T7348] ext4 filesystem being mounted at /256/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.653134][ T7358] loop0: detected capacity change from 0 to 2048
[  146.660418][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.680614][ T7337] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1295'.
[  146.689817][ T7337] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1295'.
[  146.700170][ T7358] siw: device registration error -23
[  146.716501][ T7364] loop2: detected capacity change from 0 to 2048
[  146.725911][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.758698][ T7376] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1306'.
[  146.771769][ T7369] loop3: detected capacity change from 0 to 2048
[  146.991790][ T7385] lo speed is unknown, defaulting to 1000
[  147.034489][ T7386] lo speed is unknown, defaulting to 1000
[  147.084858][ T7387] netlink: 'syz.2.1308': attribute type 4 has an invalid length.
[  147.092694][ T7387] netlink: 17 bytes leftover after parsing attributes in process `syz.2.1308'.
[  147.523000][ T7398] FAULT_INJECTION: forcing a failure.
[  147.523000][ T7398] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  147.536464][ T7398] CPU: 1 UID: 0 PID: 7398 Comm: syz.4.1314 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  147.536500][ T7398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  147.536517][ T7398] Call Trace:
[  147.536526][ T7398]  <TASK>
[  147.536534][ T7398]  __dump_stack+0x1d/0x30
[  147.536555][ T7398]  dump_stack_lvl+0xe8/0x140
[  147.536656][ T7398]  dump_stack+0x15/0x1b
[  147.536679][ T7398]  should_fail_ex+0x265/0x280
[  147.536781][ T7398]  should_fail_alloc_page+0xf2/0x100
[  147.536810][ T7398]  __alloc_frozen_pages_noprof+0xff/0x360
[  147.536859][ T7398]  alloc_pages_mpol+0xb3/0x250
[  147.536946][ T7398]  alloc_pages_noprof+0x90/0x130
[  147.536987][ T7398]  get_free_pages_noprof+0xc/0x40
[  147.537044][ T7398]  selinux_genfs_get_sid+0x33/0x180
[  147.537120][ T7398]  inode_doinit_with_dentry+0x5fe/0x7a0
[  147.537192][ T7398]  selinux_d_instantiate+0x27/0x40
[  147.537228][ T7398]  security_d_instantiate+0x7a/0xa0
[  147.537265][ T7398]  d_instantiate+0x3f/0x80
[  147.537373][ T7398]  __debugfs_create_file+0x1c1/0x330
[  147.537411][ T7398]  debugfs_create_file_full+0x3f/0x60
[  147.537449][ T7398]  ? __pfx_vxcan_setup+0x10/0x10
[  147.537478][ T7398]  ref_tracker_dir_debugfs+0x100/0x1e0
[  147.537519][ T7398]  alloc_netdev_mqs+0x1a2/0xa30
[  147.537632][ T7398]  rtnl_create_link+0x239/0x710
[  147.537659][ T7398]  rtnl_newlink_create+0x14c/0x620
[  147.537753][ T7398]  ? security_capable+0x83/0x90
[  147.537787][ T7398]  ? netlink_ns_capable+0x86/0xa0
[  147.537907][ T7398]  rtnl_newlink+0xf29/0x12d0
[  147.537982][ T7398]  ? __pfx_rtnl_newlink+0x10/0x10
[  147.538014][ T7398]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  147.538093][ T7398]  netlink_rcv_skb+0x123/0x220
[  147.538120][ T7398]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  147.538159][ T7398]  rtnetlink_rcv+0x1c/0x30
[  147.538260][ T7398]  netlink_unicast+0x5bd/0x690
[  147.538285][ T7398]  netlink_sendmsg+0x58b/0x6b0
[  147.538311][ T7398]  ? __pfx_netlink_sendmsg+0x10/0x10
[  147.538363][ T7398]  __sock_sendmsg+0x145/0x180
[  147.538420][ T7398]  ____sys_sendmsg+0x31e/0x4e0
[  147.538448][ T7398]  ___sys_sendmsg+0x17b/0x1d0
[  147.538491][ T7398]  __x64_sys_sendmsg+0xd4/0x160
[  147.538594][ T7398]  x64_sys_call+0x191e/0x2ff0
[  147.538616][ T7398]  do_syscall_64+0xd2/0x200
[  147.538655][ T7398]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  147.538735][ T7398]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  147.538774][ T7398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.538804][ T7398] RIP: 0033:0x7f843bffeec9
[  147.538824][ T7398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.538923][ T7398] RSP: 002b:00007f843aa5f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  147.538949][ T7398] RAX: ffffffffffffffda RBX: 00007f843c255fa0 RCX: 00007f843bffeec9
[  147.538962][ T7398] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000005
[  147.538976][ T7398] RBP: 00007f843aa5f090 R08: 0000000000000000 R09: 0000000000000000
[  147.538989][ T7398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  147.539005][ T7398] R13: 00007f843c256038 R14: 00007f843c255fa0 R15: 00007ffea0771f68
[  147.539031][ T7398]  </TASK>
[  147.991176][ T7406] loop4: detected capacity change from 0 to 2048
[  148.044603][ T7406] siw: device registration error -23
[  148.177232][ T7417] loop1: detected capacity change from 0 to 4096
[  148.186090][ T7417] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  148.256610][ T7417] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.279296][ T7417] hub 9-0:1.0: USB hub found
[  148.284627][ T7417] hub 9-0:1.0: 8 ports detected
[  148.921139][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.474780][   T29] kauditd_printk_skb: 987 callbacks suppressed
[  149.474799][   T29] audit: type=1400 audit(1759111083.413:8919): avc:  denied  { mounton } for  pid=7438 comm="syz.0.1329" path="/256/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  149.523471][   T29] audit: type=1326 audit(1759111083.413:8920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7442 comm="syz.4.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  149.547052][   T29] audit: type=1326 audit(1759111083.413:8921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7442 comm="syz.4.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  149.570475][   T29] audit: type=1326 audit(1759111083.413:8922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7442 comm="syz.4.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  149.594036][   T29] audit: type=1326 audit(1759111083.413:8923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7442 comm="syz.4.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  149.617495][   T29] audit: type=1326 audit(1759111083.413:8924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7442 comm="syz.4.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  149.640978][   T29] audit: type=1326 audit(1759111083.413:8925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7442 comm="syz.4.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  149.664533][   T29] audit: type=1326 audit(1759111083.413:8926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7442 comm="syz.4.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  149.688064][   T29] audit: type=1326 audit(1759111083.413:8927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7442 comm="syz.4.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  149.711559][   T29] audit: type=1326 audit(1759111083.413:8928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7442 comm="syz.4.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  149.819285][ T7449] loop0: detected capacity change from 0 to 2048
[  149.906649][ T7449] siw: device registration error -23
[  150.045728][ T7463] loop4: detected capacity change from 0 to 4096
[  150.056312][ T7461] loop3: detected capacity change from 0 to 128
[  150.133079][ T7466] loop1: detected capacity change from 0 to 1024
[  150.298913][ T7470] lo speed is unknown, defaulting to 1000
[  150.548866][ T7463] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  150.562864][ T7463] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.588117][ T7462] hub 9-0:1.0: USB hub found
[  150.592847][ T7462] hub 9-0:1.0: 8 ports detected
[  150.667645][ T7461] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  150.675635][ T7461] FAT-fs (loop3): Filesystem has been set read-only
[  150.701294][ T7461] bio_check_eod: 38011 callbacks suppressed
[  150.701316][ T7461] syz.3.1339: attempt to access beyond end of device
[  150.701316][ T7461] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  150.728420][ T7461] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  150.736448][ T7461] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  150.797266][ T7466] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  150.804176][ T7461] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  150.846656][ T7461] syz.3.1339: attempt to access beyond end of device
[  150.846656][ T7461] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  150.868505][ T7466] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 15: block 369:freeing already freed block (bit 23); block bitmap corrupt.
[  150.872461][ T7464] syz.3.1339: attempt to access beyond end of device
[  150.872461][ T7464] loop3: rw=0, sector=2065, nr_sectors = 1 limit=128
[  150.896454][ T7464] buffer_io_error: 36982 callbacks suppressed
[  150.896469][ T7464] Buffer I/O error on dev loop3, logical block 2065, async page read
[  150.970481][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.980921][ T7461] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  150.989647][ T7461] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  150.998013][ T7464] syz.3.1339: attempt to access beyond end of device
[  150.998013][ T7464] loop3: rw=0, sector=2066, nr_sectors = 1 limit=128
[  151.011359][ T7464] Buffer I/O error on dev loop3, logical block 2066, async page read
[  151.020044][ T7464] syz.3.1339: attempt to access beyond end of device
[  151.020044][ T7464] loop3: rw=0, sector=2067, nr_sectors = 1 limit=128
[  151.033444][ T7464] Buffer I/O error on dev loop3, logical block 2067, async page read
[  151.042407][ T7464] syz.3.1339: attempt to access beyond end of device
[  151.042407][ T7464] loop3: rw=0, sector=2068, nr_sectors = 1 limit=128
[  151.055691][ T7464] Buffer I/O error on dev loop3, logical block 2068, async page read
[  151.095063][ T7486] loop4: detected capacity change from 0 to 2048
[  151.104429][ T7464] syz.3.1339: attempt to access beyond end of device
[  151.104429][ T7464] loop3: rw=0, sector=2069, nr_sectors = 1 limit=128
[  151.117747][ T7464] Buffer I/O error on dev loop3, logical block 2069, async page read
[  151.129052][ T7486] siw: device registration error -23
[  151.156038][ T7464] syz.3.1339: attempt to access beyond end of device
[  151.156038][ T7464] loop3: rw=0, sector=2070, nr_sectors = 1 limit=128
[  151.169381][ T7464] Buffer I/O error on dev loop3, logical block 2070, async page read
[  151.179475][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.189925][ T7464] syz.3.1339: attempt to access beyond end of device
[  151.189925][ T7464] loop3: rw=0, sector=2071, nr_sectors = 1 limit=128
[  151.203315][ T7464] Buffer I/O error on dev loop3, logical block 2071, async page read
[  151.219120][ T7464] syz.3.1339: attempt to access beyond end of device
[  151.219120][ T7464] loop3: rw=0, sector=2072, nr_sectors = 1 limit=128
[  151.232603][ T7464] Buffer I/O error on dev loop3, logical block 2072, async page read
[  151.240986][ T7460] Buffer I/O error on dev loop3, logical block 2065, async page read
[  151.277437][ T7460] Buffer I/O error on dev loop3, logical block 2066, async page read
[  151.342792][ T7499] loop4: detected capacity change from 0 to 8192
[  151.350429][ T7499] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  151.484996][ T7509] loop0: detected capacity change from 0 to 128
[  151.501604][ T7505] loop2: detected capacity change from 0 to 2048
[  151.515601][ T7509] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  151.523557][ T7509] FAT-fs (loop0): Filesystem has been set read-only
[  151.530712][ T7509] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  151.568462][ T7513] loop4: detected capacity change from 0 to 2048
[  151.719323][ T7529] loop3: detected capacity change from 0 to 4096
[  151.733566][ T7529] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  151.795109][ T7532] loop2: detected capacity change from 0 to 1024
[  151.802039][ T7532] EXT4-fs: Ignoring removed oldalloc option
[  151.814693][ T7529] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.836958][ T7529] hub 9-0:1.0: USB hub found
[  151.841718][ T7529] hub 9-0:1.0: 8 ports detected
[  152.045066][ T7534] loop4: detected capacity change from 0 to 512
[  152.054145][ T7534] EXT4-fs: Ignoring removed orlov option
[  152.060467][ T7534] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  152.070754][ T7534] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.1357: corrupted in-inode xattr: e_value size too large
[  152.093372][ T7534] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1357: couldn't read orphan inode 15 (err -117)
[  152.117867][ T7532] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  152.155425][ T7534] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  152.178287][ T7532] ext4 filesystem being mounted at /239/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  152.209913][ T7532] netlink: 'syz.2.1358': attribute type 1 has an invalid length.
[  152.217791][ T7532] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1358'.
[  152.288484][ T7532] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.1358: Freeing blocks not in datazone - block = 0, count = 16
[  152.308479][ T7532] netlink: 'syz.2.1358': attribute type 63 has an invalid length.
[  152.330766][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  152.420116][ T7564] FAULT_INJECTION: forcing a failure.
[  152.420116][ T7564] name failslab, interval 1, probability 0, space 0, times 0
[  152.432974][ T7564] CPU: 0 UID: 0 PID: 7564 Comm: syz.0.1362 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  152.433009][ T7564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  152.433023][ T7564] Call Trace:
[  152.433029][ T7564]  <TASK>
[  152.433039][ T7564]  __dump_stack+0x1d/0x30
[  152.433123][ T7564]  dump_stack_lvl+0xe8/0x140
[  152.433143][ T7564]  dump_stack+0x15/0x1b
[  152.433163][ T7564]  should_fail_ex+0x265/0x280
[  152.433197][ T7564]  should_failslab+0x8c/0xb0
[  152.433302][ T7564]  kmem_cache_alloc_node_noprof+0x57/0x320
[  152.433342][ T7564]  ? __alloc_skb+0x101/0x320
[  152.433377][ T7564]  ? event_sched_in+0x675/0x750
[  152.433477][ T7564]  __alloc_skb+0x101/0x320
[  152.433499][ T7564]  pfkey_sendmsg+0xd7/0x900
[  152.433530][ T7564]  ? avc_has_perm+0xf7/0x180
[  152.433575][ T7564]  ? selinux_socket_sendmsg+0x175/0x1b0
[  152.433691][ T7564]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  152.433728][ T7564]  __sock_sendmsg+0x145/0x180
[  152.433769][ T7564]  ____sys_sendmsg+0x31e/0x4e0
[  152.433869][ T7564]  ___sys_sendmsg+0x17b/0x1d0
[  152.433917][ T7564]  __x64_sys_sendmsg+0xd4/0x160
[  152.433958][ T7564]  x64_sys_call+0x191e/0x2ff0
[  152.433986][ T7564]  do_syscall_64+0xd2/0x200
[  152.434018][ T7564]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  152.434107][ T7564]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.434184][ T7564] RIP: 0033:0x7fda3097eec9
[  152.434204][ T7564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.434227][ T7564] RSP: 002b:00007fda2f3e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  152.434315][ T7564] RAX: ffffffffffffffda RBX: 00007fda30bd5fa0 RCX: 00007fda3097eec9
[  152.434332][ T7564] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000007
[  152.434349][ T7564] RBP: 00007fda2f3e7090 R08: 0000000000000000 R09: 0000000000000000
[  152.434363][ T7564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  152.434376][ T7564] R13: 00007fda30bd6038 R14: 00007fda30bd5fa0 R15: 00007ffe76fa6cb8
[  152.434444][ T7564]  </TASK>
[  152.648443][ T7565] loop2: detected capacity change from 0 to 512
[  152.655429][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.665500][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.669285][ T7565] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  152.698823][ T7565] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  152.736752][ T7569] SELinux: ebitmap: truncated map
[  152.746152][ T7569] SELinux: failed to load policy
[  152.753264][ T7565] EXT4-fs (loop2): mount failed
[  152.763557][ T7577] loop0: detected capacity change from 0 to 128
[  152.772145][ T7577] msdos: Unknown parameter '�\pw���^��!���1T"���;�5�@�\/h(J�<�Wi ��}�'
[  152.808147][ T7576] loop4: detected capacity change from 0 to 2048
[  152.819715][ T7586] SELinux: syz.3.1369 (7586) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  152.854010][ T7576] siw: device registration error -23
[  152.898815][ T7593] IPv4: Oversized IP packet from 127.202.26.0
[  152.947290][ T7593] loop4: detected capacity change from 0 to 1024
[  152.964323][ T7593] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  153.007584][ T7593] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 15: block 369:freeing already freed block (bit 23); block bitmap corrupt.
[  153.065626][ T7600] loop0: detected capacity change from 0 to 4096
[  153.074366][ T7600] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  153.175280][ T7600] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.198096][ T7600] hub 9-0:1.0: USB hub found
[  153.203393][ T7600] hub 9-0:1.0: 8 ports detected
[  153.399880][ T7604] futex_wake_op: syz.1.1375 tries to shift op by -1; fix this program
[  153.483064][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.704245][ T7617] hub 9-0:1.0: USB hub found
[  153.709159][ T7617] hub 9-0:1.0: 8 ports detected
[  153.718113][ T2954] hid_parser_main: 6 callbacks suppressed
[  153.718150][ T2954] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[  153.731601][ T2954] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[  153.739107][ T2954] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[  153.741560][ T7615] SELinux: ebitmap: truncated map
[  153.746554][ T2954] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[  153.746584][ T2954] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[  153.746611][ T2954] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[  153.746640][ T2954] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[  153.763509][ T7615] SELinux: failed to load policy
[  153.766494][ T2954] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[  153.793753][ T2954] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[  153.801150][ T2954] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[  153.856712][ T2954] hid-generic 0003:0004:0000.0002: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  153.867115][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.972073][ T7629] loop4: detected capacity change from 0 to 4096
[  153.980077][ T7629] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  154.344415][ T7629] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.421708][ T7644] lo: entered allmulticast mode
[  154.428210][ T7644] tunl0: entered allmulticast mode
[  154.434912][ T7644] gre0: entered allmulticast mode
[  154.442244][ T7644] gretap0: entered allmulticast mode
[  154.448715][ T7644] erspan0: entered allmulticast mode
[  154.455215][ T7644] ip_vti0: entered allmulticast mode
[  154.461748][ T7644] ip6_vti0: entered allmulticast mode
[  154.468628][ T7644] sit0: entered allmulticast mode
[  154.478136][ T7644] ip6tnl0: entered allmulticast mode
[  154.484716][ T7644] ip6gre0: entered allmulticast mode
[  154.491436][ T7644] syz_tun: entered allmulticast mode
[  154.497925][ T7644] ip6gretap0: entered allmulticast mode
[  154.504782][ T7644] bridge0: entered allmulticast mode
[  154.511364][ T7644] vcan0: entered allmulticast mode
[  154.520247][ T7644] bond0: entered allmulticast mode
[  154.525414][ T7644] bond_slave_0: entered allmulticast mode
[  154.531221][ T7644] bond_slave_1: entered allmulticast mode
[  154.538266][ T7644] 8021q: adding VLAN 0 to HW filter on device bond0
[  154.546255][ T7644] team0: entered allmulticast mode
[  154.551435][ T7644] team_slave_0: entered allmulticast mode
[  154.557195][ T7644] team_slave_1: entered allmulticast mode
[  154.563692][ T7644] 8021q: adding VLAN 0 to HW filter on device team0
[  154.571579][ T7644] dummy0: entered allmulticast mode
[  154.578413][ T7644] nlmon0: entered allmulticast mode
[  154.884669][ T7644] caif0: entered allmulticast mode
[  154.889869][ T7644] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  154.930006][ T7645] lo speed is unknown, defaulting to 1000
[  155.373234][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.399997][ T7657] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1394'.
[  155.409056][ T7657] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1394'.
[  155.420446][ T7659] FAULT_INJECTION: forcing a failure.
[  155.420446][ T7659] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  155.433604][ T7659] CPU: 0 UID: 0 PID: 7659 Comm: syz.4.1393 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  155.433652][ T7659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  155.433668][ T7659] Call Trace:
[  155.433676][ T7659]  <TASK>
[  155.433685][ T7659]  __dump_stack+0x1d/0x30
[  155.433755][ T7659]  dump_stack_lvl+0xe8/0x140
[  155.433780][ T7659]  dump_stack+0x15/0x1b
[  155.433802][ T7659]  should_fail_ex+0x265/0x280
[  155.433834][ T7659]  should_fail+0xb/0x20
[  155.433861][ T7659]  should_fail_usercopy+0x1a/0x20
[  155.433936][ T7659]  _copy_to_user+0x20/0xa0
[  155.433979][ T7659]  simple_read_from_buffer+0xb5/0x130
[  155.434080][ T7659]  proc_fail_nth_read+0x10e/0x150
[  155.434117][ T7659]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  155.434221][ T7659]  vfs_read+0x1a5/0x770
[  155.434249][ T7659]  ? __rcu_read_unlock+0x4f/0x70
[  155.434277][ T7659]  ? __fget_files+0x184/0x1c0
[  155.434332][ T7659]  ksys_read+0xda/0x1a0
[  155.434362][ T7659]  __x64_sys_read+0x40/0x50
[  155.434392][ T7659]  x64_sys_call+0x27bc/0x2ff0
[  155.434420][ T7659]  do_syscall_64+0xd2/0x200
[  155.434588][ T7659]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  155.434621][ T7659]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  155.434659][ T7659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.434688][ T7659] RIP: 0033:0x7f843bffd8dc
[  155.434784][ T7659] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  155.434809][ T7659] RSP: 002b:00007f843aa5f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  155.434835][ T7659] RAX: ffffffffffffffda RBX: 00007f843c255fa0 RCX: 00007f843bffd8dc
[  155.434852][ T7659] RDX: 000000000000000f RSI: 00007f843aa5f0a0 RDI: 0000000000000003
[  155.434868][ T7659] RBP: 00007f843aa5f090 R08: 0000000000000000 R09: 0000000000000000
[  155.434908][ T7659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  155.434921][ T7659] R13: 00007f843c256038 R14: 00007f843c255fa0 R15: 00007ffea0771f68
[  155.434941][ T7659]  </TASK>
[  155.696978][ T7664] loop0: detected capacity change from 0 to 128
[  155.738876][ T7664] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  155.746758][ T7664] FAT-fs (loop0): Filesystem has been set read-only
[  155.753550][ T7664] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  155.761667][ T7664] bio_check_eod: 10697 callbacks suppressed
[  155.761681][ T7664] syz.0.1391: attempt to access beyond end of device
[  155.761681][ T7664] loop0: rw=2049, sector=2065, nr_sectors = 8 limit=128
[  155.806661][ T7664] lo speed is unknown, defaulting to 1000
[  155.997773][ T7670] loop1: detected capacity change from 0 to 1024
[  156.047053][ T7670] EXT4-fs: Ignoring removed oldalloc option
[  156.225144][ T7670] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  156.238746][ T7670] ext4 filesystem being mounted at /293/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  156.257411][ T7670] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.1397: Freeing blocks not in datazone - block = 0, count = 16
[  156.274773][ T7676] tipc: Failed to remove unknown binding: 66,1,1/0:3766285971/3766285973
[  156.283314][ T7676] tipc: Failed to remove unknown binding: 66,1,1/0:3766285971/3766285973
[  156.294433][ T7678] loop9: detected capacity change from 0 to 7
[  156.301146][ T7678] buffer_io_error: 10694 callbacks suppressed
[  156.301162][ T7678] Buffer I/O error on dev loop9, logical block 0, async page read
[  156.307580][ T7676] loop2: detected capacity change from 0 to 512
[  156.316296][ T7678] Buffer I/O error on dev loop9, logical block 0, async page read
[  156.324283][ T7676] ext4: Unknown parameter 'fsmagic'
[  156.329595][ T7678]  loop9: unable to read partition table
[  156.341651][ T7670] netlink: 'syz.1.1397': attribute type 63 has an invalid length.
[  156.363837][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  156.373484][ T7678] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  156.373484][ T7678] 
) failed (rc=-5)
[  156.402242][ T7676] loop2: detected capacity change from 0 to 1024
[  156.411726][ T7676] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  156.422784][ T7676] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  156.445157][ T7676] JBD2: no valid journal superblock found
[  156.450930][ T7676] EXT4-fs (loop2): Could not load journal inode
[  156.602458][   T29] kauditd_printk_skb: 479 callbacks suppressed
[  156.602477][   T29] audit: type=1326 audit(1759111090.513:9407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7687 comm="syz.4.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  156.632337][   T29] audit: type=1326 audit(1759111090.513:9408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7687 comm="syz.4.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  156.655966][   T29] audit: type=1326 audit(1759111090.513:9409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7687 comm="syz.4.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  156.679466][   T29] audit: type=1326 audit(1759111090.513:9410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7687 comm="syz.4.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  156.702906][   T29] audit: type=1326 audit(1759111090.513:9411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7687 comm="syz.4.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  156.726354][   T29] audit: type=1326 audit(1759111090.513:9412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7687 comm="syz.4.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  156.749968][   T29] audit: type=1326 audit(1759111090.513:9413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7687 comm="syz.4.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  156.773641][   T29] audit: type=1326 audit(1759111090.513:9414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7687 comm="syz.4.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  156.797070][   T29] audit: type=1326 audit(1759111090.513:9415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7687 comm="syz.4.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  156.801911][ T7694] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1405'.
[  156.820753][   T29] audit: type=1326 audit(1759111090.513:9416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7687 comm="syz.4.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f843bffeec9 code=0x7ffc0000
[  156.829754][ T7694] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1405'.
[  156.885921][ T7696] loop4: detected capacity change from 0 to 512
[  156.892802][ T7696] EXT4-fs: Ignoring removed mblk_io_submit option
[  156.899969][ T7696] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  156.911433][ T7696] EXT4-fs (loop4): 1 truncate cleaned up
[  156.917786][ T7696] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  156.993325][ T7698] lo speed is unknown, defaulting to 1000
[  157.041497][ T7702] netlink: 'syz.4.1406': attribute type 3 has an invalid length.
[  157.184647][ T7696] ==================================================================
[  157.192783][ T7696] BUG: KCSAN: data-race in filemap_write_and_wait_range / xas_set_mark
[  157.201054][ T7696] 
[  157.203391][ T7696] write to 0xffff88811a09f6ac of 4 bytes by task 7699 on cpu 0:
[  157.211033][ T7696]  xas_set_mark+0x12b/0x140
[  157.215679][ T7696]  __folio_start_writeback+0x1dd/0x440
[  157.221204][ T7696]  ext4_bio_write_folio+0x5ad/0x9f0
[  157.226721][ T7696]  mpage_process_page_bufs+0x4a1/0x620
[  157.232209][ T7696]  mpage_prepare_extent_to_map+0x786/0xc00
[  157.238032][ T7696]  ext4_do_writepages+0xa05/0x2750
[  157.243216][ T7696]  ext4_writepages+0x176/0x300
[  157.247990][ T7696]  do_writepages+0x1c3/0x310
[  157.252596][ T7696]  file_write_and_wait_range+0x156/0x2c0
[  157.258343][ T7696]  generic_buffers_fsync_noflush+0x45/0x120
[  157.264253][ T7696]  ext4_sync_file+0x1ab/0x690
[  157.268964][ T7696]  vfs_fsync_range+0x10a/0x130
[  157.273744][ T7696]  ext4_buffered_write_iter+0x34f/0x3c0
[  157.279314][ T7696]  ext4_file_write_iter+0xdbf/0xf00
[  157.284525][ T7696]  iter_file_splice_write+0x666/0xa60
[  157.289989][ T7696]  direct_splice_actor+0x156/0x2a0
[  157.295108][ T7696]  splice_direct_to_actor+0x312/0x680
[  157.300484][ T7696]  do_splice_direct+0xda/0x150
[  157.305267][ T7696]  do_sendfile+0x380/0x650
[  157.309706][ T7696]  __x64_sys_sendfile64+0x105/0x150
[  157.314912][ T7696]  x64_sys_call+0x2bb0/0x2ff0
[  157.319684][ T7696]  do_syscall_64+0xd2/0x200
[  157.324290][ T7696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.330188][ T7696] 
[  157.332519][ T7696] read to 0xffff88811a09f6ac of 4 bytes by task 7696 on cpu 1:
[  157.340079][ T7696]  filemap_write_and_wait_range+0xfc/0x340
[  157.345909][ T7696]  filemap_invalidate_pages+0xa4/0x1a0
[  157.351377][ T7696]  kiocb_invalidate_pages+0x6e/0x80
[  157.356580][ T7696]  __iomap_dio_rw+0x5d4/0x1250
[  157.361350][ T7696]  iomap_dio_rw+0x40/0x90
[  157.365693][ T7696]  ext4_file_write_iter+0xad9/0xf00
[  157.370930][ T7696]  iter_file_splice_write+0x666/0xa60
[  157.376307][ T7696]  direct_splice_actor+0x156/0x2a0
[  157.381431][ T7696]  splice_direct_to_actor+0x312/0x680
[  157.386807][ T7696]  do_splice_direct+0xda/0x150
[  157.391569][ T7696]  do_sendfile+0x380/0x650
[  157.395995][ T7696]  __x64_sys_sendfile64+0x105/0x150
[  157.401206][ T7696]  x64_sys_call+0x2bb0/0x2ff0
[  157.406001][ T7696]  do_syscall_64+0xd2/0x200
[  157.410519][ T7696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.416448][ T7696] 
[  157.418767][ T7696] value changed: 0x0a000021 -> 0x04000021
[  157.424482][ T7696] 
[  157.426803][ T7696] Reported by Kernel Concurrency Sanitizer on:
[  157.432947][ T7696] CPU: 1 UID: 0 PID: 7696 Comm: syz.4.1406 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  157.442686][ T7696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  157.452745][ T7696] ==================================================================
[  157.798568][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.