last executing test programs:

4m11.655404413s ago: executing program 4 (id=450):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000001c0), 0xfe, 0x25e, &(0x7f0000001000)="$eJzs3T9o3FYcB/Cf7k9d16a47VIo/QOllNZg3KFQ6NIuLRhKMaUU2oJLKZ2CHXBssvkyZcmQzEnwlMWEbHEyhiwmSyCrk3hwlgwxGWIyJMMFne7C+Xwmjs93CtbnA7L09J70nkDfZ3mQHEBhjUXEDxFRjojxiKhGRNLe4LNsGWsWl4fXZiLq9d8eJ412WTnTOm4kImoR8V1EpVW3uPrX5tP1n788s1D94tLqn8ODur52W5sbv2xf/PX01alvFkvNfaPNdft1HKaky75KEvF+Pzp7QySVvEfAfkyfvHI3zf0HEfF5I//VKDUje3b+rZvV+PrCXseee3Tno0GOFTh89Xo1/R1YqwOFU2o8AyeliYjItkuliYnsGf5eOYljc/Mnxv+fW5j9L++ZCjgESS37u3fjp+tD10Y68v+wnOV/X77t80iBvkjz//v0yv10e7uc92iAgfg4W6X5H/9n6auQfygc+Yfikn8oLvmHI+CA2ZV/KC75h+KSfzjCqq2NWtdq+Yfikn8oro785/I+LpCP9vwDAMVSH8r7DWQgL3nPPwAAAAAAAAAAAAAAAAAAwG7Lw2szrWVQfd46H7H1Y0RUdvY/1KgtN/4fccTbjZ/vPEnSZi8l2WE9+fvTHk/Qo8s5v3397oN8+7/9SX/Oe2pncc9v2y3NRtTSxpOVyu77P2nefwf33ivqq//22MFrSjrK3/8x2P47PV/Jt/+p9Ygb6fwz2W3+K8WHjXX3+We0/RPLB3T8WY8nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGBeBAAA//9hymrI")
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000)

4m11.464784408s ago: executing program 4 (id=454):
socket$nl_sock_diag(0x10, 0x3, 0x4)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_route(0x10, 0x3, 0x0)
socket$igmp(0x2, 0x3, 0x2)
socket$inet6(0xa, 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=r0, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f"], 0x6c}}, 0x840)

4m11.432609051s ago: executing program 4 (id=459):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_init_net_socket$llc(0x1a, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = syz_io_uring_setup(0x24f6, &(0x7f0000000b80)={0x0, 0x0, 0x10100, 0x2, 0x2e3}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, 0x0)
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

4m11.367157066s ago: executing program 4 (id=461):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./bus\x00', 0x400e, &(0x7f0000000280)={[{@i_version}, {@nobh}, {@data_err_ignore}, {@nolazytime}, {@init_itable_val={'init_itable', 0x3d, 0x4}}, {@acl}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x2000007, 0x12, 0xffffffffffffffff, 0x0)
pwrite64(r2, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)

4m11.101431327s ago: executing program 4 (id=469):
r0 = socket$inet6(0xa, 0x3, 0xff)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000002c0)={@mcast2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @dev={0xfe, 0x80, '\x00', 0x25}, 0x1, 0x6, 0x0, 0x100, 0x4, 0x540000, r2})
connect$inet6(r0, 0x0, 0x0)
write(r0, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f0000000100)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

4m9.959465848s ago: executing program 4 (id=477):
creat(&(0x7f0000000140)='./file0\x00', 0xd8)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x8413, &(0x7f0000000080)={[{@minixdf}, {}, {@nodioread_nolock}, {@errors_continue}, {@lazytime}, {@noblock_validity}, {@usrjquota}, {@nodelalloc}]}, 0x18, 0x56a, &(0x7f0000000780)="$eJzs3c9vHFcdAPDvjL3+kTixCxygEm2hRWkEWce12lgcSpEQnCqByj249tqysrYje93GVqU44g9AQqggcePSCxJ/ABJU6oVjhVQJroAACVWQwgEk6KBZz65dezbZuutdx/58pMm892bfft+b9czOvJ3MBHBuvVRMH2ZZdjUiJovytJi+mGd2I56KiA/uv7GQT0lk2St/TyIpylrvlTWNxsW9KvkbjMS3Il5Njsbd3N65NV+v1zaK/HRj9fb05vbOtZXV+eXacm1tdnbmhbkbc8/PXf8k3Vu6WCQuRcSL3/jrmz9465sv/uorr//p5t+GWq2+G4f68TENlxcf7HQlxvLZ+H7JxjGDnUatNdns8Xh3de4VfyIAAPRXflz6qeI4/2pMxlCnw1kAAADgkZV9bSL+m7R+uztipEM5AAAA8AhJI2IikrRaXO87EWlarUbzGt7PxIW0vr7Z+PLS+tbaYr4sYioq6dJKvXa9uFZ4KipJnp9ppvfzzx3Kz0bEY2nEjybHm/nqwnp9cdCDHwAAAHBOXDx0/v+vyTQdHXSjAAAAgN6bGnQDAAAAgBPn/B8AAADOPuf/AAAAcKZ9++WX8ylrPf968bXtrVvrr11brG3eqq5uLVQX1jduV5fX15eb9+xbfeCbtR8duLZ1Z7pR22yMRcTN1fWttcbNlb1HYAMAAAD999iTb/8+iYjdr443p9zIgeX/KZ4TMLAGAiemPWQXSTEfOfqiP17em/+lT40C+mLoYObNwbUD6L/m9//4saoerxZwalQG3QBg4JL95GTZ8rFkuLziu8X8C91GctgAAACDcuVznX//Tx9Yc/fBi4FTz0YM59fQoBsADExzVL/kkr9SDhbgTKm0jwCSAbcEGJSHbf0db97xbrcRDvwfotFu6wAAAL000ZyStFoM701EmlarEZeajwWoJEsr9dr1iLgcEb+brIzm+ZlmzcSIAQAAAAAAAAAAAAAAAAAAAAAAAAB0KcuSyAAAAIAzLSIdTd7Zu5f/lclnJg6PD4wk/56M4hGhr//0lR/fmW80Nmby8n+0yxs/KcqfOzq+MNyXUQwAAAA4H7p9pHbrPL11Hg8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfTB/TcWWlM/477/9YiYKos/HGPN+VhUIuLCP5MYPlAviYihHsTfvRcRny2Ln+TNaocsiz9+8vFjqlgLZfEv9iA+nGdv5/ufl8q2vzSeas7Lt7/hiI/kj6vz/i/a+7+hDtv/pS5jPP7eL6Y/UvDW/p7z/XsRjw+X739a8ZMO8Z/uMv73vruzU75krJ0qi38w1nRj9fb05vbOtZXV+eXacm1tdnbmhbkbc8/PXZ9eWqnXin8j4saR3eIPP//LDzu1Le//hQ7xpx7S/2e67P//3rtz/9Pxap6slMV/9umS+L/5WXsdHY6fFt99XyrS+fIrrfTuXvqgJ37+2yce1P/FDv1/2Of/bJf9v/qd7/+5y5cCAH2wub1za75er208MolsKKJs0XCHWvlZep+bGnEaVtTRRFp86KelPQNP3N0v+fUf9tbNk3H8v8wsyz7h6k2yLLvbgw5OFJ9017WuXN57cdIuGdAOCQAAODH7pwEHfp24POBGAQAAAAAAAAAAAAAAAAAAwDmzuf3Oid9l7XDM3XYq6cUttAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL/AQAA///A09p3")

4m9.959362119s ago: executing program 32 (id=477):
creat(&(0x7f0000000140)='./file0\x00', 0xd8)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x8413, &(0x7f0000000080)={[{@minixdf}, {}, {@nodioread_nolock}, {@errors_continue}, {@lazytime}, {@noblock_validity}, {@usrjquota}, {@nodelalloc}]}, 0x18, 0x56a, &(0x7f0000000780)="$eJzs3c9vHFcdAPDvjL3+kTixCxygEm2hRWkEWce12lgcSpEQnCqByj249tqysrYje93GVqU44g9AQqggcePSCxJ/ABJU6oVjhVQJroAACVWQwgEk6KBZz65dezbZuutdx/58pMm892bfft+b9czOvJ3MBHBuvVRMH2ZZdjUiJovytJi+mGd2I56KiA/uv7GQT0lk2St/TyIpylrvlTWNxsW9KvkbjMS3Il5Njsbd3N65NV+v1zaK/HRj9fb05vbOtZXV+eXacm1tdnbmhbkbc8/PXf8k3Vu6WCQuRcSL3/jrmz9465sv/uorr//p5t+GWq2+G4f68TENlxcf7HQlxvLZ+H7JxjGDnUatNdns8Xh3de4VfyIAAPRXflz6qeI4/2pMxlCnw1kAAADgkZV9bSL+m7R+uztipEM5AAAA8AhJI2IikrRaXO87EWlarUbzGt7PxIW0vr7Z+PLS+tbaYr4sYioq6dJKvXa9uFZ4KipJnp9ppvfzzx3Kz0bEY2nEjybHm/nqwnp9cdCDHwAAAHBOXDx0/v+vyTQdHXSjAAAAgN6bGnQDAAAAgBPn/B8AAADOPuf/AAAAcKZ9++WX8ylrPf968bXtrVvrr11brG3eqq5uLVQX1jduV5fX15eb9+xbfeCbtR8duLZ1Z7pR22yMRcTN1fWttcbNlb1HYAMAAAD999iTb/8+iYjdr443p9zIgeX/KZ4TMLAGAiemPWQXSTEfOfqiP17em/+lT40C+mLoYObNwbUD6L/m9//4saoerxZwalQG3QBg4JL95GTZ8rFkuLziu8X8C91GctgAAACDcuVznX//Tx9Yc/fBi4FTz0YM59fQoBsADExzVL/kkr9SDhbgTKm0jwCSAbcEGJSHbf0db97xbrcRDvwfotFu6wAAAL000ZyStFoM701EmlarEZeajwWoJEsr9dr1iLgcEb+brIzm+ZlmzcSIAQAAAAAAAAAAAAAAAAAAAAAAAAB0KcuSyAAAAIAzLSIdTd7Zu5f/lclnJg6PD4wk/56M4hGhr//0lR/fmW80Nmby8n+0yxs/KcqfOzq+MNyXUQwAAAA4H7p9pHbrPL11Hg8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfTB/TcWWlM/477/9YiYKos/HGPN+VhUIuLCP5MYPlAviYihHsTfvRcRny2Ln+TNaocsiz9+8vFjqlgLZfEv9iA+nGdv5/ufl8q2vzSeas7Lt7/hiI/kj6vz/i/a+7+hDtv/pS5jPP7eL6Y/UvDW/p7z/XsRjw+X739a8ZMO8Z/uMv73vruzU75krJ0qi38w1nRj9fb05vbOtZXV+eXacm1tdnbmhbkbc8/PXZ9eWqnXin8j4saR3eIPP//LDzu1Le//hQ7xpx7S/2e67P//3rtz/9Pxap6slMV/9umS+L/5WXsdHY6fFt99XyrS+fIrrfTuXvqgJ37+2yce1P/FDv1/2Of/bJf9v/qd7/+5y5cCAH2wub1za75er208MolsKKJs0XCHWvlZep+bGnEaVtTRRFp86KelPQNP3N0v+fUf9tbNk3H8v8wsyz7h6k2yLLvbgw5OFJ9017WuXN57cdIuGdAOCQAAODH7pwEHfp24POBGAQAAAAAAAAAAAAAAAAAAwDmzuf3Oid9l7XDM3XYq6cUttAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL/AQAA///A09p3")

3m56.778085119s ago: executing program 3 (id=668):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000020b30100000000000700000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)

3m56.723430073s ago: executing program 3 (id=671):
perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0xbb, 0x1, 0x0, 0x0, 0x0, 0xe4b8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20000000}, 0x2980, 0x2, 0x0, 0x4, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000ff9000/0x7000)=nil, 0x7000, 0x0, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$hid(0x0, 0x3f, 0x0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r2 = socket(0x1, 0x803, 0x0)
flock(0xffffffffffffffff, 0x8)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800028006000100340200000c0002001f0000001e00000008000500", @ANYRES32=r3], 0x50}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r5=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r5}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

3m56.020599969s ago: executing program 3 (id=682):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$usbfs(0x0, 0x1ff, 0x402)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000840)={@cgroup=r4, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x5, 0x4, 0x6, 0x3, 0x0, 0xffffffffffffffff, 0xc8e}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x3, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffff7}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r5}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

3m55.12717771s ago: executing program 3 (id=693):
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0x400, &(0x7f0000000100)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54dabaa5206d4a2a060b5ccc774b3ec4c81a1a9852327ff871d16d0d9344e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9aeb8576d329be6e4bb168f1434000000", @ANYRESHEX=0x0], 0xfd, 0x296, &(0x7f0000001080)="$eJzs3M1qE1EUwPFj0o80tU0WIiiIB92oi6GNL2CQFsSAUhtRF8LUTjRkTMrMWImI7c6tz1FcuhPUF+jGnQt30k0XCm66UCOdjzatQ6u2yYTm/4Myp3Pvydz5CmcGctfvvHpcq7hGxfQklVFJiSzLhkh+MwodC5cpPx6SdstycfT7pzO37t67XiyVpmZUp4uzlwuqOn723dPnr8998EZvvxl/Oyyr+fvr3wpfVk+unlr/NRt9esNTU+caDc+csy2dr7o1Q/WmbZmupdW6azk72it2Y2GhqWZ9fiy74Fiuq2a9qTWrqV5DPaep5kOzWlfDMHQsK/0m/c8Z5ZWZGbPYkcEgCSNxKx2naKZjG8sr3RgUAADoLUnV/4+qrlZdre9X/6eE+r9zqP+PkuNrEvsUuFn/Z8P7d8uln10cGQAAAAAAAAAAAAAAAAAAAAAAOIiNVivXarVy0TL6GxaRjIhE/yc9TnTGQc7/cPeHi0PW9sO9jIj9crG8WA6WQXuxIlWxxZKJQZEf/vUQCuLpa6WpCfXl5b29FOYvLZbT/vXh50fy8fmTQb7uzB+UbPv2C5KTE/I5Lr8Qmz8kF8635RuSk48PpCG2zPvX9Xb+i0nVqzdKu/JH/H4AAAAAABwFhm754/ndbzc0mjZkV3uwcvv9gOT2eT+w6/l6QE4PJLffAAAAAAD0E7f5rGbatuUQ7AiuiMiefZI+dCM9cqA6GKQ2z0HXt/41ujV64yAcarD2JNi1v+mc4JcSAAAAgI7YLvqTHgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1rj2nAMmEXf03U/3/mHmvbXLr7ewgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0jt8BAAD//ysQG/U=")
open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f00000003c0)='./bus\x00', 0x14927e, 0xbb)
fallocate(r0, 0x11, 0x0, 0x8800000)

3m54.982694842s ago: executing program 3 (id=699):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x404, &(0x7f00000000c0)=ANY=[@ANYRES16=0x0, @ANYRES8, @ANYRES8], 0x1, 0x122e, &(0x7f0000002580)="$eJzs3MFrHFUcB/BftqlZU5tErdX2oA+9eBqaHDwJEiQFyYJSG6EVhCmZ6JJxN2SWwIoYe/Lq0b9BPHpTxH8gV/8Cb7mIpxzEEXZSk60NmlqyRT+fy/zIb76Z99hl4S3v7f7rX368uVFlG/kgWlNT0dqKSAcpUrTinhdXm+ut26vLnc7KjZSuL99cfC2lNPfSD+9/+s3LPw4uvPft3Hczsbfwwf4vSz/vXd67sv/7zY+6VepWqdcfpDzd6fcH+Z2ySOvdajNL6Z2yyKsidXtVsT3W3yj7W1vDlPfWL85ubRdVlfLeMG0WwzTop8H2MOUf5t1eyrIsXZwNTnT+729Z+/qgrr+PqOvz8UTUdV0/GbMxFU/FxZiLzyPi6Xgmno1L8Vxcjufjhbgyuusshg8AAAAAAAAAAAAAAAAAAAD/Hwej0/zj5/8vHJ7/n48F5/8BAAAAAAAAAAAAAAAAAADgDLx76/bqcqezciOldkT5xc7azlpzbfrLG9GNMoq4FvPxW4xO/zea+vpbnZVraeRcROwe5nd31s6N5xdHPydwmJ8e9e7lF5t8irvlsfxMzDb5dkQUsRTzcenY89tH+aUH5tvx6ivHnp/FfL0b0Y8y1kfPPsp/tpjSm2937stfHd0HAAAA/wVZ+tPC+Pq3Wb9n2Un9Jn+K7wfuW19Px9Xpyc6diGr4yWZelsX2eNH+y18mVsw8HsM4TdH6N/GZOLHVGmt99VPEpGf6WBTtw/fyo/iHU5OfzkMUdx/J3MeLCX8wcSaOXvRJjwQAAAAAAAAAAIDT+Cf7AX+Nh95FOB0P2Fn2xmSmCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MEOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAoQIAAP//uXHE5A==")
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x80000006, 0x48002)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000400)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})

3m54.046711757s ago: executing program 3 (id=717):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
pread64(r1, 0x0, 0x0, 0x3)

3m54.028672928s ago: executing program 33 (id=717):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
pread64(r1, 0x0, 0x0, 0x3)

2.945401026s ago: executing program 6 (id=3821):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9c, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x804}, 0x891)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
getsockopt$sock_buf(r3, 0x1, 0x1a, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r5, 0x6, 0x0, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x3, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000200)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=0x0, @ANYRES16=r5, @ANYBLOB="961f9815b5504f4ca7bdfc101528a080b0e7c0f676989af24d6aa377e6bc68dc543e2be449d500eb55539eb33ae83c74c328fc7d0d1a656fd2a8bc42899002426fa4564f675ff3edb9f94fc34bd393401f32da8ffb07abc4dec4f374cf2643944fa3279a2589b2a2f7166fb73d6515eeaf251f2ef0943ad2b6b25a300dd7d0ae873929c866141b2ce61548bad2523adabf7062608278eea5f493856c6bac202630edb9d555599b68a73f8760ef78563615031baf942d258a20a305e2", @ANYRESOCT, @ANYRESHEX=r6, @ANYRESOCT, @ANYRES64=r1, @ANYRESHEX=r1], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, 0xffffffffffffffff, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x14eeaa19, &(0x7f00000000c0))
r7 = fsmount(r5, 0x0, 0x0)
r8 = openat$cgroup_subtree(r7, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)

2.874447541s ago: executing program 0 (id=3823):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000a40)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@norecovery}, {@resuid}, {@quota}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000140), &(0x7f0000000440)=0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
stat(0x0, 0x0)
write(r3, &(0x7f00000009c0)="3bf58d7d45d32c", 0x7)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'ip_vti0\x00', <r4=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0x4, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5}, [@exit]}, &(0x7f00000000c0)='GPL\x00', 0xb, 0x65, &(0x7f00000001c0)=""/101, 0x41000, 0x23, '\x00', r4, @fallback=0x8, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0xe, 0x7, 0x80000001}, 0x10, 0x0, r2, 0x6, 0x0, &(0x7f00000002c0)=[{0x2, 0x2, 0x4, 0xa}, {0x3, 0x1, 0x3, 0xa}, {0x4, 0x3, 0x6, 0x8}, {0x1, 0x3, 0x2, 0x4}, {0x0, 0x1, 0x8, 0x7}, {0x5, 0x4, 0xa, 0xc}], 0x10, 0xffff34f0}, 0x94)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0xa0000004})
sendfile(r3, r2, 0x0, 0x3ffff)
sendfile(r3, r2, 0x0, 0x7fffeffd)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000a00)={0x0, 0xfffffffffffffe7f, &(0x7f00000009c0)={&(0x7f0000000640)={0x2c, r1, 0x1, 0x0, 0x25dfdbfe, {}, [@ETHTOOL_A_STRSET_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x141}, 0x0)

2.807375097s ago: executing program 1 (id=3824):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r2 = socket$nl_sock_diag(0x10, 0x3, 0x4)
dup(r2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
connect$inet(0xffffffffffffffff, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mremap(&(0x7f000040b000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f00004b3000/0x4000)=nil)
r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close(r5)

2.063764626s ago: executing program 6 (id=3827):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, &(0x7f0000000080))
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000005, 0x12, r0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00')
fcntl$notify(r1, 0x402, 0x8)
name_to_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x0, 0x1200)

2.00883729s ago: executing program 6 (id=3829):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x210000, &(0x7f0000000280)={[{@user_xattr}, {@noquota}, {@dioread_nolock}, {@jqfmt_vfsv1}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x70}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@stripe={'stripe', 0x3d, 0x20}}, {@bsdgroups}, {@max_batch_time={'max_batch_time', 0x3d, 0x3fe}}, {@user_xattr}, {@noinit_itable}]}, 0x3, 0x583, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvbHb7+32bQilvX15eCj1Yqd00iT8qeKhH0WJBPdclmYaSTbdkN6WJBduDvXiRIohYEO969+ChePHoX1HQQpES9OBlZTazybbZJJt0Y2L384Fpn2dmNs8888z34Zl9dpgABtaJ7J9CxPGI+CyJONyxrRj5xhNL+y0+vjmRLUk0m+/9lkSSr2vvn+T/H8wz/4mIHz+JOF1YXW59fmG6Uq2ms3l+pDFzbaQ+v3DmykxlKp1Kr46Nj597ZXzs9dde7VtdX7z4x5fv3n/r3KcnF7/47uGRu0mcj0P5ts56PINbnZkTzWZ+Tkpx/qkdR/tQ2G6S7PQBsCVDeZyXIuJ46XCpHfXA8+/jiGgCAyrZZPzv1V/Ac6I9Dmjf2/fpPvgf49GbSzdAq+tfXPpuJPa17o0OLCZP3Bll97vDfSg/K+P7X+/dzZbo3/cQABu6dTsizhaLq/u/JO//tu5sD/s8XYb+D/4+97Pxz0vdxj+F5fFPdBn/HOwSu1uxcfwXHvahmDVl4783uo5/lyethofy3L9aY75ScvlKNc36tn9HxKko7c3y683nnFt80FxrW+f4L1uy8ttjwfw4Hhb3PvmZyUqj8ix17vTodsR/u45/k+X2T7q0f3Y+PuixjGPpvf+vtW3j+m+v5jcRL3Rt/5UZrWT9+cmR1vUw0r4qVvv9zrGf1yq/e/1/+mEbqtpV1v4H1q//cNI5X1vffBlf7/szXWvbVq//Pcn7rfSefN2NSqMxOxqxJ3ln9fqxlc+28+39s/qfOrl+/9ft+t8fER/2WP87R7/939brv72y+k9uqv03n3jw9kdfrVV+b+3/cit1Kl/TS//X6wE+y7kDAAAAAACA3aYQEYciKZRjX54uFMrlpd93HI0DhWqt3jh9uTZ3dTJaz8oOR6nQnuk+3PF7iNH897Dt/NhT+fGIOBIRnw/tb+XLE7Xq5E5XHgAAAAAAAAAAAAAAAAAAAHaJg8vP/8cTz/9nfhna6aMDtl1x6f3fwADa8JX//XjTE7ArbRj/wHNL/MPgEv8wuMQ/DKTWFJ/4h8El/mFwiX8YXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAA+urihQvZ0lx8fHMiy09en5+brl0/M5nWp8szcxPlidrstfJUrTZVTcsTtZmN/l61Vrs2OhZzN0Yaab0xUp9fuDRTm7vauHRlpjKVXkq9ZxwAAAAAAAAAAAAAAAAAAABWq88vTFeq1XS2D4lStZoWIqKXnSP6VOgAJrJ2u1Xs7TxvTyKJlTXF3XJaJPqa2OmeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABW/BUAAP//2SsyHQ==")
r1 = syz_mount_image$ext4(&(0x7f00000007c0)='ext2\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f0000000180)={[{@journal_path={'journal_path', 0x3d, './file1'}}, {@nodioread_nolock}], [{@uid_gt}, {@obj_role={'obj_role', 0x3d, '^(\'\x00'}}, {@obj_user={'obj_user', 0x3d, 'pcr'}}, {@pcr}]}, 0x4, 0x580, &(0x7f0000000940)="$eJzs3U1oXNUeAPD/vZPpZ95LH7wHT+miqFChdJL0Q6urdisWCl0IbjRMpqFkkimZiTYhi3RfxC5EpZu604VLxYULcePSrRvFtVBsUGi60JH5atJkkk5qkqm5vx/cmXvm3Mn/3HvyvzPncC8TQGYdazykEc9ExKUkYmhV3UC0K4+1tlteWig+WFooJlGvX/41iSQi7i8tFDvbJ+3nwxGxGBH/j4hv8xEn0vVxq3Pzk2PlcmmmXR6uTV0brs7Nn7w6NTZRmihNn375lbPnzpwdPTW6+m0P6qtL+a3t682fbr138/vX7tz67POji8UPxpI4H4PtutX7sW32dY5JPs6vqTqz7cH6K+l3A3giuXaeN1LpfzEUuXbWd1Mf2tWmATusvj+iDmRUIv8hozrfAxrj386ym98/7l5oDUAacZfbS6tmIPY3nw80xyaHfkseGZk0xptHdrOh7EmLNyJiZGBg/f9/0pobW+dxo+CVSamRbW0pO+GbC62OWt//abv/DzQf155/Bjtzp39T5/y3vO78txI/t8H571KPMf548+ePN4x/I+LZrvGTh/GTLvHTiHi7x/i33/jq3EZ19U8ijkf3+B3J5vPDw1eulksjrceuMb4+fvTVzfb/0AbxW3O2B5ofM92Of5dp7a6+/O6L5xY3if/i85v3f7fjfzAi3u8x/n/uf/r6RnV3byT3Gt8Cttr/SeTjTo/xXzp/7MceNwUAAAAAAAAAALYgbV7LlqSFh+tpWii07uH9bxxKy5Vq7cSVyuz0eOuatyORTztXWg21ykmjPNq+HrdTPrWmfDrXDpg72CwXipXyeJ/3HQAAAAAAAAAAAAAAAAAAAJ4Wh9fc//97rnn//9qfqwb2qo1/8hvY6+Q/ZNej+Z/0rR3A7vP5D5lVl/+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/AAAAAAAAAAAAAAAAAAAAAAAAAADsiEsXLzaW+oOlhWKjPD4wNztZeefkeKk6WZiaLRaKlZlrhYlKZaJcKhQrU4/7e0mlcm0kpmevD9dK1dpwdW7+ranK7HTnN0VL+R3fIwAAAAAAAAAAAAAAAAAAAPjnGWwuSVqIiLS5nqaFQsS/IuJIEsmVq+XSSET8OyJ+yOX3N8qj/W40AAAAAAAAAAAAAAAAAAAA7DHVufnJsXK5NJORlYGtbBwRi9vbjMZf3PK78u2+elqOoZUsrPT5xAQAAAAAAAAAAAAAAAAAABm0ctNvr+/4c2cbBAAAAAAAAAAAAAAAAAAAAJmU/pJERGM5PvTC4NrafclyrvkcEe/evvzh9bFabWa08fq9h6/XPmq/fqof7Qd61cnTTh4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK6pz85Nj5XJpZgdX+r2PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE/irwAAAP//TF/YDw==")
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, r1, 0x0)
r2 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x169)
fsetxattr$trusted_overlay_redirect(r2, &(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x8, 0x0)
pwritev(r2, &(0x7f0000000080), 0x0, 0x8, 0x365)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000000c0)={'ip6_vti0\x00', 0x0})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, 0x0, 0x0, 0x0, 0x4007}})
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00'})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_open_dev$usbfs(0x0, 0x77, 0x1501)
r4 = openat$zero(0xffffffffffffff9c, 0x0, 0x20100, 0x0)
sendmsg$DEVLINK_CMD_TRAP_SET(r4, 0x0, 0x8050)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000180)=@base={0x6, 0x4, 0x10, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x7}, 0x50)

1.982681092s ago: executing program 0 (id=3830):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000001}, 0x20000804)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0x2, 0xb}, {0xd, 0xd}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x4010004)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

1.918499507s ago: executing program 1 (id=3831):
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, 0x0)
syz_open_dev$evdev(0x0, 0x3, 0x210080)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82)
r4 = dup(r3)
ioctl$USBDEVFS_CONTROL(r4, 0xc0185500, &(0x7f0000000080)={0x23, 0x3, 0x17, 0x2000, 0x0, 0x0, 0x0})
renameat2(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x4)

1.842884743s ago: executing program 6 (id=3833):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x210000, &(0x7f0000000280)={[{@user_xattr}, {@noquota}, {@dioread_nolock}, {@jqfmt_vfsv1}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x70}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@stripe={'stripe', 0x3d, 0x20}}, {@bsdgroups}, {@max_batch_time={'max_batch_time', 0x3d, 0x3fe}}, {@user_xattr}, {@noinit_itable}]}, 0x3, 0x583, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvbHb7+32bQilvX15eCj1Yqd00iT8qeKhH0WJBPdclmYaSTbdkN6WJBduDvXiRIohYEO969+ChePHoX1HQQpES9OBlZTazybbZJJt0Y2L384Fpn2dmNs8888z34Zl9dpgABtaJ7J9CxPGI+CyJONyxrRj5xhNL+y0+vjmRLUk0m+/9lkSSr2vvn+T/H8wz/4mIHz+JOF1YXW59fmG6Uq2ms3l+pDFzbaQ+v3DmykxlKp1Kr46Nj597ZXzs9dde7VtdX7z4x5fv3n/r3KcnF7/47uGRu0mcj0P5ts56PINbnZkTzWZ+Tkpx/qkdR/tQ2G6S7PQBsCVDeZyXIuJ46XCpHfXA8+/jiGgCAyrZZPzv1V/Ac6I9Dmjf2/fpPvgf49GbSzdAq+tfXPpuJPa17o0OLCZP3Bll97vDfSg/K+P7X+/dzZbo3/cQABu6dTsizhaLq/u/JO//tu5sD/s8XYb+D/4+97Pxz0vdxj+F5fFPdBn/HOwSu1uxcfwXHvahmDVl4783uo5/lyethofy3L9aY75ScvlKNc36tn9HxKko7c3y683nnFt80FxrW+f4L1uy8ttjwfw4Hhb3PvmZyUqj8ix17vTodsR/u45/k+X2T7q0f3Y+PuixjGPpvf+vtW3j+m+v5jcRL3Rt/5UZrWT9+cmR1vUw0r4qVvv9zrGf1yq/e/1/+mEbqtpV1v4H1q//cNI5X1vffBlf7/szXWvbVq//Pcn7rfSefN2NSqMxOxqxJ3ln9fqxlc+28+39s/qfOrl+/9ft+t8fER/2WP87R7/939brv72y+k9uqv03n3jw9kdfrVV+b+3/cit1Kl/TS//X6wE+y7kDAAAAAACA3aYQEYciKZRjX54uFMrlpd93HI0DhWqt3jh9uTZ3dTJaz8oOR6nQnuk+3PF7iNH897Dt/NhT+fGIOBIRnw/tb+XLE7Xq5E5XHgAAAAAAAAAAAAAAAAAAAHaJg8vP/8cTz/9nfhna6aMDtl1x6f3fwADa8JX//XjTE7ArbRj/wHNL/MPgEv8wuMQ/DKTWFJ/4h8El/mFwiX8YXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAA+urihQvZ0lx8fHMiy09en5+brl0/M5nWp8szcxPlidrstfJUrTZVTcsTtZmN/l61Vrs2OhZzN0Yaab0xUp9fuDRTm7vauHRlpjKVXkq9ZxwAAAAAAAAAAAAAAAAAAABWq88vTFeq1XS2D4lStZoWIqKXnSP6VOgAJrJ2u1Xs7TxvTyKJlTXF3XJaJPqa2OmeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABW/BUAAP//2SsyHQ==")
r2 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x169)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000800)="59fdd4", 0xfdef}], 0x1, 0x8, 0x365)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, @dev, @dev={0xfe, 0x80, '\x00', 0x37}, 0x0, 0x0, 0x0, 0x3}})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000f00)=@delqdisc={0x38, 0x25, 0x100, 0x70bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xb, 0x7}, {0xfff3, 0x46e90b4a0aa5066a}, {0xfff1, 0x4}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x3, 0x4324}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x408a0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x20100, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000380), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000180)=@base={0x6, 0x4, 0x10, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x7}, 0x50)

1.787257698s ago: executing program 5 (id=3834):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001300)={&(0x7f0000000380)=ANY=[], 0x0, 0x27, 0x0, 0x1, 0x2}, 0x28)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
gettid()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
mount_setattr(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000001dc0)={0x0, 0x0, 0x80000}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000300), 0x20100, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

1.770441569s ago: executing program 0 (id=3835):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRESDEC=0x0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c094, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000980)={0xa, 0x2, 0x400, @loopback, 0xfffffffd}, 0x71)
setsockopt$inet6_tcp_int(r3, 0x6, 0x2000000000000022, &(0x7f0000000000)=0x1, 0x4)
shutdown(r3, 0x2)
sendto$inet6(r3, &(0x7f0000000740)="e9", 0x1, 0x20008045, &(0x7f00000001c0)={0xa, 0x2, 0x1000, @empty}, 0x1c)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="18020000000000000000000000000015850000001700000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000008850000000700000095"], &(0x7f00000002c0)='GPL\x00', 0x1e, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000b00)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r4, @ANYRES8=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6, 0x0, 0x400007}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000c00)=ANY=[@ANYBLOB="58000000100039042abd7000eaffffff000003e4", @ANYRES32=0x0, @ANYBLOB="03000000c31006003800128008000100736974002c00028006000e000010000008000300ac1414bb08000200ac14142d08004b2882f34cac67661400010001003c86610e01ce26e850d7521d3c2128ac0f98f4062bdfe9934af4b4991f73bd67e0692aec0f22827a20dd6625b5927dda67c2fe1f4307502ed5bfa8b40972d0c5a9b383dcb347e3a820bc61851d184770b312fd4f7aba062f5a8ca48d4ad266fab690298b4ffbee076cd827bcae5e1fde7eb67f1df6eede181bad94708b8e3a00821542fa516bd84eef80a08224cf9180084115ccbcfee23997f28e972025d78f3ce7db2b85763d5c1ea151b0f974b5b186a5dd3c52d1e51e746b35198e1f6907c9f25b410876c574148d1d2357286ab8cf47c797b5d146b8437a31e3a309165589ac0829"], 0x58}, 0x1, 0x0, 0x0, 0x8000}, 0x4008040)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080006000000e8fe55a1180015000600142603600e120800110000000401a8001600050001", 0x37}, {&(0x7f0000000540)="0e5176a165b9dc815ca7d4c1a144dfd792335270df51c0356dbfadb633f46e07d078557969e7492dbee89248f923a23a3181c78a458079a26bd30f0734289b88506cfc7637761308225f0d51e508fb2cb0d51c9fc3f67ea10de974e1e10b31134a713cd18b63eb66bf9aee60f8903575ba4f30c1e983a2845a0955e052", 0x7d}], 0x2}, 0x200000e4)
r9 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="d800000010008104685fa3aa7143a0f8c81ded0b25000000e8fe09a11800150006001400000000120800030043000040a8002b", 0x33}], 0x1}, 0xc001)
write$cgroup_subtree(r9, &(0x7f0000000000)=ANY=[], 0xfe33)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000003c0)=0x11)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x2)
r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000340)=@o_path={&(0x7f0000000180)='./file0\x00', 0x0, 0x4008, r7}, 0x18)
sendmsg$netlink(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000100140001"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

1.751314651s ago: executing program 1 (id=3836):
r0 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0xffffffffffffffff, 0xdb, 0x18}, 0xc)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r0, &(0x7f00000018c0)="80a5b4b903b1cf64e3790cf6324cb1f4efb2db361293d8f3af7afe7289bc9a9cace319011fe07adf17b91bd8a369924b43b45f355ad35a2d72eacf37992a385f85cc988fe60446339d111f3045f01a2b0ba576720f43cb6ed88876a5669c07fc0db0740b78dc9e1b903e8de922bcbb00cd5a60bf1b1f44ac8a0ffdb421b51cf572f8e218b874a40c60d8bbba46d2c5f1070ef775b37722b035219a9e21450564d641aa25f7901ef108a7c77ed39f68abcc49b6d015ee5ac6d086d7db14f5f00053efe7d5b74326751b133552ef0ed5aaa565baba2d580b256354a5c1317715056241d1b19636c9aa2bf886c8293e2edb094f7cd8f39498ef35cb09b05afd61fbfb000018000000000000814c6a6f59c72dc6788c77dba6bc8a293c455de5ed81ae796408657744a931c42255433c431c485b30c5c1463da0d0b668d7d1753a3564945a110aad5e6fa26d591ca0a73a5c1cb44c9c5e4b8090c8ee1af13e4a276906a3a7b3d25f6f52", &(0x7f00000008c0)=""/4096, 0x4}, 0x1f)
r1 = socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0xff05, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x4a00, 0x0, 0x8001}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_ADDRESS={0xa}]}, 0x40}, 0x1, 0x0, 0x0, 0xd0}, 0x0)
r3 = syz_io_uring_complete(0x0)
r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x38, r4, 0x1, 0x70bd27, 0x25dfdbff, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x20004401}, 0x24000800)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r3)
sendmsg$NL80211_CMD_REQ_SET_REG(r3, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000300)={&(0x7f0000001a40)={0x118, r5, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'b\x00'}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_REG_RULES={0xf8, 0x22, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xb}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x4}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0xb26}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xb5a}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x9}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x80}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0xffffffff}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x42ea}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xce740000}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x81}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0xed66d00c}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x3}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0xea}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xcd}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xfffffff7}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x4}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x5}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x80000000}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0xffffff48}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x8}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x1}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x800}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x5}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xa}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xffffff80}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7}]}, {0x4}]}]}, 0x118}, 0x1, 0x0, 0x0, 0x40010}, 0x81)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
socket(0xa, 0x2, 0x0)
poll(0x0, 0x0, 0xffffffffffbffff8)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x84, &(0x7f0000000440)={0x0, @in={{0x2, 0x4e24, @multicast1}}, 0xfffc, 0x86}, &(0x7f0000000500)=0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = io_uring_setup(0x1fb8, &(0x7f0000000540)={0x0, 0x1ae0, 0x400, 0x0, 0xea})
io_uring_register$IORING_REGISTER_BUFFERS(r7, 0x0, &(0x7f0000000940)=[{&(0x7f0000000a00)=""/181, 0xb5}, {&(0x7f0000000200)=""/38, 0x26}, {0x0}, {&(0x7f0000000380)=""/88, 0x58}, {&(0x7f0000000ac0)=""/173, 0xad}], 0x5)
io_uring_register$IORING_REGISTER_FILES(r7, 0x1e, &(0x7f0000000000)=[r7], 0x1)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000040)={[{@errors_remount}, {@discard}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")

1.715531544s ago: executing program 6 (id=3837):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x3000)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYRESOCT=0x0, @ANYRES32, @ANYRES32=r1, @ANYRESDEC, @ANYRESHEX=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0xc)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f00000002c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000980)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xfff3, 0xfff2}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
r6 = getpid()
r7 = syz_pidfd_open(r6, 0x0)
r8 = pidfd_getfd(r7, r7, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$rxrpc(0x21, 0x2, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r9, 0x0, 0x5}, 0x18)
ioctl$MON_IOCT_RING_SIZE(0xffffffffffffffff, 0x9204, 0xa0006a21)
setns(r8, 0x66020000)
syz_clone(0x50a60080, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f0000656000/0x3000)=nil, 0x3000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r10, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="1400000076031f03000000000000000004002c80b8c257b87e54f5b6938e54c5ed9f896ebf7ac75ca25d6584f3ffb74bbc10fa2d33f56277ffac4072f69a38"], 0x14}], 0x1}, 0x0)

1.708548724s ago: executing program 5 (id=3838):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9c, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x804}, 0x891)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
getsockopt$sock_buf(r3, 0x1, 0x1a, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r5, 0x6, 0x0, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x3, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000200)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYRESOCT=0x0, @ANYRES16=r5, @ANYBLOB="961f9815b5504f4ca7bdfc101528a080b0e7c0f676989af24d6aa377e6bc68dc543e2be449d500eb55539eb33ae83c74c328fc7d0d1a656fd2a8bc42899002426fa4564f675ff3edb9f94fc34bd393401f32da8ffb07abc4dec4f374cf2643944fa3279a2589b2a2f7166fb73d6515eeaf251f2ef0943ad2b6b25a300dd7d0ae873929c866141b2ce61548bad2523adabf7062608278eea5f493856c6bac202630edb9d555599b68a73f8760ef78563615031baf942d258a20a305e2", @ANYRESOCT, @ANYRESHEX=r6, @ANYRESOCT, @ANYRES64=r1, @ANYRESHEX=r1], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, 0xffffffffffffffff, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x14eeaa19, &(0x7f00000000c0))
r7 = fsmount(r5, 0x0, 0x0)
r8 = openat$cgroup_subtree(r7, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)

1.321562355s ago: executing program 2 (id=3839):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x0, &(0x7f0000000240), 0x21, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f0000000080)={0x23, 0x3, 0x17, 0x2000, 0x0, 0x0, 0x0})

1.171784497s ago: executing program 2 (id=3840):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x3, 0x6361, 0x5, 0xfffffffd, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x211}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x20000804)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x4010004)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

1.022132909s ago: executing program 0 (id=3841):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000a40)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@norecovery}, {@resuid}, {@quota}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r1, &(0x7f00000009c0)="3bf58d7d45d32c", 0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0x4, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5}, [@exit]}, &(0x7f00000000c0)='GPL\x00', 0xb, 0x65, &(0x7f00000001c0)=""/101, 0x41000, 0x23, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0xe, 0x7, 0x80000001}, 0x10, 0x0, r0, 0x6, 0x0, &(0x7f00000002c0)=[{0x2, 0x2, 0x4, 0xa}, {0x3, 0x1, 0x3, 0xa}, {0x4, 0x3, 0x6, 0x8}, {0x1, 0x3, 0x2, 0x4}, {0x0, 0x1, 0x8, 0x7}, {0x5, 0x4, 0xa, 0xc}], 0x10, 0xffff34f0}, 0x94)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7fffeffd)

964.626934ms ago: executing program 6 (id=3842):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, r0)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r2, 0x0, r1, 0x0, 0x6, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f0000000100)=0x3ff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000180)='sys_enter\x00'}, 0x18)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

818.466255ms ago: executing program 5 (id=3843):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x64)
setsockopt$CAN_RAW_JOIN_FILTERS(r0, 0x65, 0x6, &(0x7f0000000000)=0x1, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(0x0, r2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
syz_mount_image$msdos(&(0x7f0000000380), &(0x7f0000000040)='./file0\x00', 0x100c404, &(0x7f0000000800)=ANY=[@ANYBLOB='dots,fmask=00000000000000001000400,uid=', @ANYRESHEX=0x0, @ANYBLOB=',uid=', @ANYRESHEX=0xee00, @ANYRESDEC=r4], 0x1, 0x1f5, &(0x7f0000000600)="$eJzs3cFqE1EUANCbmCYTcdGdIAgjLnRV1C+oSAUxIFSy0J2gK7NqN6mb9jP8Bf/LD5CuspEncSadmKYxBDKj7Tmb3pn7Xt+7M2SSTW5SFL7f/RpZ1or2fuzHpBW70Y6ZswAArpNJSvEjFZreCwBQjzXe/3/WvCUAYMvevnv/+vlgcHCY51nE+dl4OB4Wf4v8y1eDgyf5b7vVrPPxeHjrIv80X/zsMM3vxO0y/6yYn1+kuxEx7Mbjh0V+mnvxZpD/Ob8XH7dcOwAAAAAAAAAAAAAAAAAAAAAANOV+5DNL+/vs7S3m+2W+OJrrD7TQv6cT9zrlYdUeKJ3WURQAAAAAAAAAAAAAAAAAAAD8Z45Pvnz+MBp9OqqCXkTMn+ksGXN10Cr/8VqDmw/asdn0flnmBou2yku03QL7y2/uOkF0/pW7s2mQ17BWf+XlTWkaLH8VzNpiXDm9GxGrV390uOnmJyml0bcHR8cnkVYOrp4RvVqfSAAAAAAAAAAAAAAAAAAAcHPNfev7kqyJDQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAA6rf/58Gl8+sDE4j4k78dfBsrZ3IGq0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA6+tXAAAA//85ziI4")
r5 = accept4$packet(0xffffffffffffffff, &(0x7f0000000180), &(0x7f0000000240)=0x14, 0x100000)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000300)={0x9, &(0x7f0000000280)=[{0x1, 0x83, 0x9, 0xfffffff3}, {0x4, 0x94, 0x2, 0x8}, {0x8000, 0x7, 0x8, 0x8}, {0x7, 0xf, 0x53, 0x2}, {0x1a, 0x14, 0x8, 0x10}, {0xb, 0xfb, 0x0, 0xd}, {0xa, 0x9, 0x1, 0xd0}, {0x2, 0x5, 0x1}, {0x93b, 0x4, 0xc1, 0xfffffffa}]}, 0x10)
utime(&(0x7f0000000080)='./file0\x00', 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000580)={0x28, r3, 0xc4fc9e906872338b, 0x20, 0x2000000, {{0x15}, {@val={0x8}, @val={0xc, 0x99, {0xfffffffc}}}}}, 0x28}}, 0x0)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010029bd7000fcdbdf2a2700000008000300", @ANYRES32=0x0, @ANYBLOB="0e0034006185d0574cdd43fc782d00000600360008000000060036000200000004005f000a00060008021100000000000a0034000101010101010000"], 0x58}, 0x1, 0x0, 0x0, 0x4044085}, 0x40)
r6 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r7=>0x0}, &(0x7f0000cab000)=0xc)
mount$9p_fd(0x0, &(0x7f00000015c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000017c0)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid={'dfltgid', 0x3d, r7}}], [{@permit_directio}, {@smackfshat={'smackfshat', 0x3d, '@[]['}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'orlov'}}, {@smackfshat={'smackfshat', 0x3d, 'nomblk_io_submit'}}], 0x6b}})
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r8, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xb}}, 0x8}, 0x1c)
r9 = fcntl$dupfd(r8, 0x0, r8)
stat(&(0x7f0000000cc0)='./file0\x00', &(0x7f0000001c80)={0x0, 0x0, 0x0, 0x0, <r10=>0x0, <r11=>0x0})
r12 = getegid()
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f00000016c0)=ANY=[@ANYRESDEC, @ANYRES32=r11, @ANYBLOB="feb6efdf", @ANYRES64, @ANYRES64, @ANYRES16, @ANYRES64, @ANYRES8, @ANYBLOB="0200", @ANYRES32=0x0, @ANYBLOB="0200", @ANYRES32=0xee00, @ANYBLOB="08000300", @ANYBLOB="7de0de6148d7d44c4d01eeff92df69b773e9c6727f8fbda7576c2a151378b664926695450adc68e74593", @ANYRESDEC=r10, @ANYBLOB="08000400", @ANYBLOB='\b\x00', @ANYRES32=0x0, @ANYRES8, @ANYRES32=r12, @ANYRESOCT, @ANYRES32=0xee00, @ANYBLOB="10000400000000002000000000000000", @ANYRESHEX], 0x94, 0x1)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000500)={[{@jqfmt_vfsv0}, {}, {@stripe={'stripe', 0x3d, 0x1ff}}, {@resgid}, {@orlov}, {@grpjquota, 0x2e}, {@bh}, {@errors_remount}, {@nomblk_io_submit}, {@delalloc}], [{@fsname={'fsname', 0x3d, 'errors=remount-ro'}}, {@euid_eq={'euid', 0x3d, r10}}, {@obj_user={'obj_user', 0x3d, ':}$\\/(['}}, {@euid_lt={'euid<', r10}}, {@smackfsroot={'smackfsroot', 0x3d, '&\x02@@^/\xcd}&='}}, {@dont_measure}], 0x2c}, 0x1, 0x4c0, &(0x7f0000000ac0)="$eJzs3M1vG0UbAPBnN3H63aR9+74v/YAaCqKikDRpgR44FARSL0hIcCjHkIaqNG1REyRaVTQgVI6IvwA4IiFx4sIJJISAEx9XuCOkCvXSwgEFrb2bbBLHdRwnafHvJ9mZ2Z3NzLO74x3v2A6ga1WzpyRia0T8EhH99ez8AtX6n1s3roz9eePKWBIzMy/+kdTK3bxxZawoWmy3Ja1nfrockb6bxN4G9U5eunx2dGJi/GKeH5o69/rQ5KXLj505N3p6/PT4+ZFjx44eGX7yiZHHOxJnFtfNPW9d2Lf7xMsfPD82E69892nW3q35+nIcdQMrrrMa1ZjJzS3tqz0/tOL/fmfZVkonvevYEJalJyKyw1Wp9f/+6Im5g9cfz70zm/l6nRoIrJrs2rRj0dKe/G86e/0C/o0SfRy6VHHFz97/Fo+1HH+st+tPZ8/jtfhv5Y/6mt6o3cYYqL9j71li++MrrH9rRJyc/uvD7BEN70MAAHTWl9n459FG4780/lcqtz2fQxmIiEMRsTMi/hMRuyLivxG1sv+PiHuWWX91QX7x+OfHTW0F1qJs/PdUPrc1f/yX5iWS2dy2WvyV5NUzE+OH831yMCobsvxwkzq+evbn95daVy2N/7JHVn8xFszb8XvvhvnbnBqdGl1ByPNcfztiT2+j+JPZmYBsD+yOiD1t/P9sn5155JN9WXr7lsXrbx9/Ex2YZ5r5OOLh+vGfjgXxF5J6TUvNTw5tjInxw0PFWbHY9z9ce6Gcr5TS8+Lf2FpMG9sNtoHs+G9ueP7n8RfdoJivnVx+Hdd+fW/J9zSLj38SJ6fLJfLzv/QqkJ3/fclLtXRfvuzN0ampi8MRffmCectH5rYt8kX5LP6DBxr3/50Rf3+Ub7c3IrKT+N6IuC8i9udtvz8iHoiIA03i//aZB19rvofaPP87IIv/VLPjHzGQlOfr20j0nP3mi6Xqb+3172gtdTBf0srrX6sNXMm+AwAAgLtFWpuDTtLBqNTTpZtTu2JzOnFhcupQNd44f6o+Vz0QlbS409Vfuh86nN8bLvIjC/JHImJH7ZNGm2r5wbELE9vWM3Agtsz2/+K1IE0HB+vrfit/6KWTN52BO8ey5tHK3w787PPONwZYU76vCd1L/4fupf9D99L/oXs16v9XI26tQ1OANeb6D92rxf7ft9rtANae6z90L/0futLir8QXP7TQzjf95xI7T6xo81VPzPQvWNL6TwY0S0wvf6ueVYo0yj/asWQiiYj2qoi0eZm+Fmpft0R62zLH29wty0jszxMbIqLVra4226uViOjo+QMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD3+ycAAP//rynbqw==")
newfstatat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, <r13=>0x0}, 0x100)
newfstatat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', &(0x7f0000001640)={0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}, 0x800)
setsockopt$EBT_SO_SET_ENTRIES(r9, 0x0, 0x80, &(0x7f0000000500)=@broute={'broute\x00', 0x20, 0x6, 0xa2c, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000002a80], 0x0, &(0x7f0000000180), &(0x7f0000002a80)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff02000000110000000100000068706e6963766630000000000000000000006272696467655f736c6176655f31000064766d7270310000000000000000000067656e65766530000000000000000000ffffffffffffffffffffff00aaaaaaaaaaaa00ffff00ff00e60100002e0200007602000068656c706572000000000000000000000000000000000000000000000000000028000000000000000100000073797a300000000000000000000000000000000000000000000000000000000000000000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004552524f520000000000000000000000000000000000000000000000000000002000000000000000ac7274d3678f2607929519de57d8737e4512bd253c81134356df67ef732300004552524f520000000000000000000000000000000000000000000000000000002000000000000000e5d658ca7403b6a57b79e55bf6e4321c4a481ed19319fee1f938f7549f5a0000110000001400000080f376657468315f766972745f776966690076657468305f766972745f776966690076657468315f766972745f776966690076657468315f746f5f62617461647600aaaaaaaa746c3280ffffffff0180c2000003ffff0000ff00ae0000002e0100005e0100006f776e65720000000000000000000000000000000000000000000000000000001800000000000000", @ANYRES32=r10, @ANYRES32=r13, @ANYRES32, @ANYRES32=r14, @ANYBLOB="06010000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3100000000000000000000000000000000000000000000000104000000ffffff7f00000000434c41535349465900000000000000000000000000000000000000000000000008000000000000005f0000000000000072656469726563740000000000000000000000000000000000000000000000000800000000000000fdffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000002000000fcffffff020000000500000002000000000376657468305f746f5f687372000000006970766c616e3000000000000000000064766d72703000000000000000000000766c616e310000000000000000000000aaaaaaaaaabb00000000000068f57b0d4a2effffffff00ff0601000006010000360100006970000000000000000000000000000000000000000000000000000000000000200000000000000000000000e0000002ffffff0000fffffe090600324e204e204e214e240000000069707673000000000000000000000000000000000000000000000000000000002800000000000000fc0100000000000000000000000000000000000000000000ff000000ff0000004e225e004e24041d415544495400000000000000000000000000000000000000000000000000000008000000000000000100000000000000090000004400000000056e696376663000000000000000000000626f6e64300000000000000000000000627269646765300000000000000000007465616d300000000000000000000000aaaaaaaaaabbffffff000000aaaaaaaaaa1500ffff00ff00ae000000fe000000760100006d61726b5f6d000000000000000000000000000000000000000000000000000018000000000000008b060000000000005a0000000000000000000000000000006c6f67000000000000000000000000000000000000000000000000000000000028000000000000000d6dce1e0aa0775b817cda288d64d094aa5b92caaba647923efa3fce1944ad0002000000000000006e666c6f670000000000000000000000000000000000000000000000000000005000000000000000060000000700000800000000b530b36aafea252d98d42eac7e1133e7b94cc889eae1980490a3568c29500b855f0e4a453c3589ae80d55d6a9c92790eb3bb443804df80f7123d2b4c69b4f7d50000000000000000000000000000000000000000000000000000000000000000000000000000000004000000fcffffff020000001100000065000000000676657468305f6d6163767461700000006e657464657673696d3000000000000076657468315f746f5f626f6e6400000076657468315f746f5f7465616d000000aaaaaaaaaabbffea00ff00ff00000000000000ffff00fffffe0000005e010000d60100006d61726b5f6d0000000000000000000000000000000000000000000000000000180000000000000009000000000000000500000000000000000000000000000068656c706572000000000000000000000000000000000000000000000000000028000000000000000100000073797a3100000000000000000000000000000000000000000000000000000000000000004155444954000000000000000000000000000000000000000000000000000000080000000000000000000000000000004e465155455545000000000000000000000000000000000000000000000000000800000000000000ff0f0000000000006e666c6f670000000000000000000000000000000000000000000000000000005000000000000000030000000002080000000000711ac34a79dddbde46375b12964ba0e444d9ed8af0e2cd7b6c25afc579067a614f20ef0706011d3415cbe0a291ecc2be05d04a5564588b4281df593560446104000000000500000043000000487e6970365f76746930000000000000000070696d367265673000000000000000006c6f0000000000000000000000000000766c616e310000000000000000000000ffffffffffffff00ffffffffaaaaaaaaaa3cffffff00ffffb6000000e60000001601000069700000000000000000000000000000000000000000000000000000000000002000000000000000ac14141c64010101000000ff000000ff07ff3d204e224e244e244e2000000000434c4153534946590000000000000000000000000000000000000000000000000800000000000000090000000000000072656469726563740000000000000000000000000000000000000000000000000800000000000000fdffffff00000000"]}, 0xaa4)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000400)=@nat={'nat\x00', 0x19, 0x4, 0xdd8, [0x200000000640, 0x0, 0x0, 0x2000000008b6, 0x2000000008e6], 0x0, &(0x7f0000000080), &(0x7f0000000640)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff010000001100000032000000900070696d3672656731000000000000000065727370616e3000000000000000000076657468315f746f5f626f6e6400000076657468315f746f5f626f6e64000000aaaaaaaaaaaa00ff00ffffffbbbbbbbbbbbbffffffffff00de0000001601000046020000766c616e0000000000000000000000000000000000000000000000000000000008000000000000000200040088e505026f776e65720000000000000000000000000000000000000000000000000000001800000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="06000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000ffffffffffff0000ffffffff000000005345434d41524b000000000000000000000000000000000000000000000000000801000000000000010000000900000073797374656d5f753a6f626a6563745f723a6c6f67726f746174655f7661725f6c69625f743a733000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff02000000050000000200000002006970365f7674693000000000000000007663616e300000000000000000000000627269646765300000000000000000006970766c616e31000000000000000000aaaaaaaaaa250000ff000000aaaaaaaaaaaa00ffff00ff0056080000be080000f60800007533320000000000000000000000000000000000000000000000000000000000c0070000000000000500000001000000050000000100000002000000000000000500000003000000d90700000000000009000000010000000b0000000100000009000000000000001ff80000030000000a000000020000005f19286300000000060000000500000001000080ff0000000500000000000000050000004aabffff0c00000000000080060000000400000001000000ff0300004000000004000000ff070000bb0400000800000000000000001000000080020004050000800000000300000001000000000000000700000001000000ffff000001000000d60600000100000000000100030000000100000003000000a90300000300000000800000030000000900000002000000060000000300000004000000050000000700000002000000050000000e00000009000000040000000900000009000000050000000900000005000000070000000300000000000000060000000200000005000000e8000000ffffffff0000000009020000470a0000010000000c00000002000000f20c0000030000000c0000000000000062000000000000007300000001000000090000000300000050000000010000000900000001000000040000000100000008000000ee36d109f77b0200000001000000000000000000e01903000000b30e00000000000708000000ffffff7f0001000002000000400000001b420000010000007f00000003000000040000000500000007000000000000007f00000082000000d200000003090000f7ffffff0300000007000000030000004200000003000000ffffff7f020000000300000000000000b2ad0000010000002b3d00000100000003000000000000000900000000000000820d000003000000001000000000000002000000edd0f27b0200000003000000ff010000090000000c00000009000000d0000000810000000400000000000000ffffff7fffffffff01000000ff01000023310000cd69000020001000020000000300000001000000070400000400000000000000ff0f000003000000050000000300000007000000010000000100000000000000020000000000000006000000010000000300000000000000a90000000000000002000000000000000200000000000000080000000600000001000000070000000080000004000000060000000300000050f600000000004000000000faffffff08000000040000000000000008000000080000000900000004000000030000000700000001000100000800000900000000000000306e0000030000000101000003000000d0d100000200000007000000020000000300000001000000050000000300000001080000030000000800000003000000826a0000000000000500000000000000010000000f0000000800000010000000ffff0000ffffff7fff0e0000fe0f0000060000000000000006000000080000000800000000f8ffff2e0000000b000000090000000500000005000000090000008f00000003000000070a000083b1747b0200000081000000000000000ff4ffff000000009cbf000001000000010000000100000000000100030000000200000002000000050000000200000005000000000000004000000000000000ff0f00000200000000020000ffffff7f0f00000073000000545300000300000081000000ff0f000001000080050000000900000005000000020000000700000004000000080000000200000000000000ff070000f1fffffff8ffffff03000000040000004000000001000000010000800000000006000000010000000000000002000000010000000100000002000000010000000200000003000000080000000200000081000000010000002ba40000020000000600000001000000040000000100000000040000bc0900000600000001000000d88f00000300000092e10000100000000300000008000000040000000900000000000000b4ffffffc1030000080000000c000000f9ffffff268700000700000001070000010000000000000002000000000000000a00000001000000ff01000000000000800000000100000009000000030000000200000003000000090000000000000009000000030000000e00000002000000760000000200000007000000060000000300000003000000050000001000000009000000ffffffff09000000040000000c0400000800000000002000f6ffffff02000000ff0100000100000009000000190a000002000000dcf000004d0000000705000048060000000000000700000003000000a1000000010000000100000001000000050000000100000008000000020000000200000002000000c2e8df6101000000ff030000020000000300000001000000e3b52e7d00000000fe00000002000000050000000900000003000000040000000e000000080000000200000002000000020000000700000000000000f124ff000800000005000000f7ffffff06000000060000000900000005000000030000000a040000ff07000002000000000000000300000007000000010000000000000003000000fdffffff0200000008000000010000001a0d0000020000000200000000000000ffffffff0100000006000000030000000100010002000000b68d77770400000001000000010000000000000007000000070000009d0400007db3000005000000080000007000000006000000040000000500000002000000f8ffffff01000000030000000c00000005000000400200000a0000000301000000000000000000000000000000000000000000000000000000000000000000000800000000000000fbffffff000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa0000fcffffff00000000736e61740000000000000000000000000000000000000000000000000000000010000000000000000180c20000000000100000000000000009000000000000000015626174616476300000000000000000006970766c616e300000000000000000006c6f000000000000000000000000000076657468305f766972745f7769666900aaaaaaaaaabbff00000000ff8d05ecdde724ffffff00ff00fe000000fe00000036010000697076730000000000000000000000000000000000000000000000000000000028000000000000006401010100000000000000000000000000000000ffffffffffffffffff0000004e2008024e2221026f776e65720000000000000000000000000000000000000000000000000000001800", @ANYRES32, @ANYRES32, @ANYRES32=r7, @ANYRES32=r14, @ANYBLOB="01040000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaabb0000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000003000000fcffffff010000000900000020000000001864766d727030000000000000000000007465616d5f736c6176655f300000000076657468305f746f5f7465616d0000007465616d5f736c6176655f3000000000aaaaaaaaaa1e0000ff0000ff000000000000ffffff00ff006e0000006e000000a6000000736e61740000000000000000000000000000000000000000000000000000000010000000000000000180c20000030000ffffffff0000"]}, 0xe4a)

776.762608ms ago: executing program 1 (id=3844):
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@noblock_validity}, {}, {@dioread_lock}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@jqfmt_vfsv1}, {@dax}, {@noacl}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={r0, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x6, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r1=>0x0, 0x2d, &(0x7f0000000480)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0xb7, 0x8, 0x8, &(0x7f0000000580)}}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x1, 0x9, 0x8, 0x4, 0x5, 0x6})
r3 = getpid()
r4 = syz_pidfd_open(r3, 0x0)
setns(r4, 0x8000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r2}, 0x10)
setitimer(0x0, 0x0, 0x0)
r5 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r6 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
tee(r5, r6, 0x3, 0x0)
ioctl$PPPIOCATTCHAN(r6, 0x40047438, &(0x7f00000002c0)=0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)

764.694109ms ago: executing program 2 (id=3845):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00'})
lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000002440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0x0, @ANYBLOB="040000000000800008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
lgetxattr(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)=@known='system.posix_acl_access\x00', &(0x7f0000000140)=""/246, 0xf6)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766c616e000000001800028006000100010000000c000200540a00001800000008000500", @ANYRES32=r2], 0x50}, 0x1, 0xba01}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x404c080)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0x14, 0x0, &(0x7f0000000080)="f6f4e9a10000502468da5eb1c6b2feff8833c000", 0x0, 0x86, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
write(r3, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24)
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000180), 0x0, &(0x7f0000000100)={[{@mpol={'mpol', 0x3d, {'bind', '=static', @void}}}]})

588.959283ms ago: executing program 1 (id=3846):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000001}, 0x20000804)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0x2, 0xb}, {0xd, 0xd}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x4010004)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

550.997846ms ago: executing program 5 (id=3847):
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x2}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
close(r1)

518.033129ms ago: executing program 2 (id=3848):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x210000, &(0x7f0000000280)={[{@user_xattr}, {@noquota}, {@dioread_nolock}, {@jqfmt_vfsv1}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x70}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@stripe={'stripe', 0x3d, 0x20}}, {@bsdgroups}, {@max_batch_time={'max_batch_time', 0x3d, 0x3fe}}, {@user_xattr}, {@noinit_itable}]}, 0x3, 0x583, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvbHb7+32bQilvX15eCj1Yqd00iT8qeKhH0WJBPdclmYaSTbdkN6WJBduDvXiRIohYEO969+ChePHoX1HQQpES9OBlZTazybbZJJt0Y2L384Fpn2dmNs8888z34Zl9dpgABtaJ7J9CxPGI+CyJONyxrRj5xhNL+y0+vjmRLUk0m+/9lkSSr2vvn+T/H8wz/4mIHz+JOF1YXW59fmG6Uq2ms3l+pDFzbaQ+v3DmykxlKp1Kr46Nj597ZXzs9dde7VtdX7z4x5fv3n/r3KcnF7/47uGRu0mcj0P5ts56PINbnZkTzWZ+Tkpx/qkdR/tQ2G6S7PQBsCVDeZyXIuJ46XCpHfXA8+/jiGgCAyrZZPzv1V/Ac6I9Dmjf2/fpPvgf49GbSzdAq+tfXPpuJPa17o0OLCZP3Bll97vDfSg/K+P7X+/dzZbo3/cQABu6dTsizhaLq/u/JO//tu5sD/s8XYb+D/4+97Pxz0vdxj+F5fFPdBn/HOwSu1uxcfwXHvahmDVl4783uo5/lyethofy3L9aY75ScvlKNc36tn9HxKko7c3y683nnFt80FxrW+f4L1uy8ttjwfw4Hhb3PvmZyUqj8ix17vTodsR/u45/k+X2T7q0f3Y+PuixjGPpvf+vtW3j+m+v5jcRL3Rt/5UZrWT9+cmR1vUw0r4qVvv9zrGf1yq/e/1/+mEbqtpV1v4H1q//cNI5X1vffBlf7/szXWvbVq//Pcn7rfSefN2NSqMxOxqxJ3ln9fqxlc+28+39s/qfOrl+/9ft+t8fER/2WP87R7/939brv72y+k9uqv03n3jw9kdfrVV+b+3/cit1Kl/TS//X6wE+y7kDAAAAAACA3aYQEYciKZRjX54uFMrlpd93HI0DhWqt3jh9uTZ3dTJaz8oOR6nQnuk+3PF7iNH897Dt/NhT+fGIOBIRnw/tb+XLE7Xq5E5XHgAAAAAAAAAAAAAAAAAAAHaJg8vP/8cTz/9nfhna6aMDtl1x6f3fwADa8JX//XjTE7ArbRj/wHNL/MPgEv8wuMQ/DKTWFJ/4h8El/mFwiX8YXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAA+urihQvZ0lx8fHMiy09en5+brl0/M5nWp8szcxPlidrstfJUrTZVTcsTtZmN/l61Vrs2OhZzN0Yaab0xUp9fuDRTm7vauHRlpjKVXkq9ZxwAAAAAAAAAAAAAAAAAAABWq88vTFeq1XS2D4lStZoWIqKXnSP6VOgAJrJ2u1Xs7TxvTyKJlTXF3XJaJPqa2OmeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABW/BUAAP//2SsyHQ==")
r2 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x169)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000800)="59fdd4", 0xfdef}], 0x1, 0x8, 0x365)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, @dev, @dev={0xfe, 0x80, '\x00', 0x37}, 0x0, 0x0, 0x0, 0x3}})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000f00)=@delqdisc={0x38, 0x25, 0x100, 0x70bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xb, 0x7}, {0xfff3, 0x46e90b4a0aa5066a}, {0xfff1, 0x4}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x3, 0x4324}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x408a0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x20100, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000380), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000180)=@base={0x6, 0x4, 0x10, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x7}, 0x50)

503.99877ms ago: executing program 5 (id=3849):
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4e, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYRESOCT, @ANYRES32=r0, @ANYBLOB="00000000000200000295"], &(0x7f0000000200)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
lsm_get_self_attr(0x64, &(0x7f0000002200)={0x0, 0x0, 0x1020, 0x1000, ""/4096}, &(0x7f0000000080)=0x1020, 0x0)

464.212774ms ago: executing program 5 (id=3850):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000838500000071000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r1)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r3=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)='F', 0x1}, {0x0, 0xe0}], 0x2, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b, r3}}], 0x20, 0x2400e044}, 0x0)

427.627316ms ago: executing program 1 (id=3851):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000a40)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@norecovery}, {@resuid}, {@quota}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000140), &(0x7f0000000440)=0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
stat(0x0, 0x0)
write(r2, &(0x7f00000009c0)="3bf58d7d45d32c", 0x7)
r3 = perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8, 0x0, @perf_config_ext={0x1, 0xa}, 0x1184c, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'ip_vti0\x00', <r4=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0x4, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5}, [@exit]}, &(0x7f00000000c0)='GPL\x00', 0xb, 0x65, &(0x7f00000001c0)=""/101, 0x41000, 0x23, '\x00', r4, @fallback=0x8, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0xe, 0x7, 0x80000001}, 0x10, 0x0, r1, 0x6, 0x0, &(0x7f00000002c0)=[{0x2, 0x2, 0x4, 0xa}, {0x3, 0x1, 0x3, 0xa}, {0x4, 0x3, 0x6, 0x8}, {0x1, 0x3, 0x2, 0x4}, {0x0, 0x1, 0x8, 0x7}, {0x5, 0x4, 0xa, 0xc}], 0x10, 0xffff34f0}, 0x94)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, &(0x7f0000000040)={0xa0000004})
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7fffeffd)

373.941241ms ago: executing program 2 (id=3852):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRESDEC=0x0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c094, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000980)={0xa, 0x2, 0x400, @loopback, 0xfffffffd}, 0x71)
setsockopt$inet6_tcp_int(r3, 0x6, 0x2000000000000022, &(0x7f0000000000)=0x1, 0x4)
shutdown(r3, 0x2)
sendto$inet6(r3, &(0x7f0000000740)="e9", 0x1, 0x20008045, &(0x7f00000001c0)={0xa, 0x2, 0x1000, @empty}, 0x1c)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="18020000000000000000000000000015850000001700000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000008850000000700000095"], &(0x7f00000002c0)='GPL\x00', 0x1e, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000b00)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r4, @ANYRES8=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6, 0x0, 0x400007}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000c00)=ANY=[@ANYBLOB="58000000100039042abd7000eaffffff000003e4", @ANYRES32=0x0, @ANYBLOB="03000000c31006003800128008000100736974002c00028006000e000010000008000300ac1414bb08000200ac14142d08004b2882f34cac67661400010001003c86610e01ce26e850d7521d3c2128ac0f98f4062bdfe9934af4b4991f73bd67e0692aec0f22827a20dd6625b5927dda67c2fe1f4307502ed5bfa8b40972d0c5a9b383dcb347e3a820bc61851d184770b312fd4f7aba062f5a8ca48d4ad266fab690298b4ffbee076cd827bcae5e1fde7eb67f1df6eede181bad94708b8e3a00821542fa516bd84eef80a08224cf9180084115ccbcfee23997f28e972025d78f3ce7db2b85763d5c1ea151b0f974b5b186a5dd3c52d1e51e746b35198e1f6907c9f25b410876c574148d1d2357286ab8cf47c797b5d146b8437a31e3a309165589ac0829"], 0x58}, 0x1, 0x0, 0x0, 0x8000}, 0x4008040)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080006000000e8fe55a1180015000600142603600e120800110000000401a8001600050001", 0x37}, {&(0x7f0000000540)="0e5176a165b9dc815ca7d4c1a144dfd792335270df51c0356dbfadb633f46e07d078557969e7492dbee89248f923a23a3181c78a458079a26bd30f0734289b88506cfc7637761308225f0d51e508fb2cb0d51c9fc3f67ea10de974e1e10b31134a713cd18b63eb66bf9aee60f8903575ba4f30c1e983a2845a0955e052", 0x7d}], 0x2}, 0x200000e4)
r9 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="d800000010008104685fa3aa7143a0f8c81ded0b25000000e8fe09a11800150006001400000000120800030043000040a8002b", 0x33}], 0x1}, 0xc001)
write$cgroup_subtree(r9, &(0x7f0000000000)=ANY=[], 0xfe33)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000003c0)=0x11)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x2)
r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000340)=@o_path={&(0x7f0000000180)='./file0\x00', 0x0, 0x4008, r7}, 0x18)
sendmsg$netlink(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000100140001"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

150.432318ms ago: executing program 0 (id=3853):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x64)
setsockopt$CAN_RAW_JOIN_FILTERS(r0, 0x65, 0x6, &(0x7f0000000000)=0x1, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(0x0, r2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
syz_mount_image$msdos(&(0x7f0000000380), &(0x7f0000000040)='./file0\x00', 0x100c404, &(0x7f0000000800)=ANY=[@ANYBLOB='dots,fmask=00000000000000001000400,uid=', @ANYRESHEX=0x0, @ANYBLOB=',uid=', @ANYRESHEX=0xee00, @ANYRESDEC=r4], 0x1, 0x1f5, &(0x7f0000000600)="$eJzs3cFqE1EUANCbmCYTcdGdIAgjLnRV1C+oSAUxIFSy0J2gK7NqN6mb9jP8Bf/LD5CuspEncSadmKYxBDKj7Tmb3pn7Xt+7M2SSTW5SFL7f/RpZ1or2fuzHpBW70Y6ZswAArpNJSvEjFZreCwBQjzXe/3/WvCUAYMvevnv/+vlgcHCY51nE+dl4OB4Wf4v8y1eDgyf5b7vVrPPxeHjrIv80X/zsMM3vxO0y/6yYn1+kuxEx7Mbjh0V+mnvxZpD/Ob8XH7dcOwAAAAAAAAAAAAAAAAAAAAAANOV+5DNL+/vs7S3m+2W+OJrrD7TQv6cT9zrlYdUeKJ3WURQAAAAAAAAAAAAAAAAAAAD8Z45Pvnz+MBp9OqqCXkTMn+ksGXN10Cr/8VqDmw/asdn0flnmBou2yku03QL7y2/uOkF0/pW7s2mQ17BWf+XlTWkaLH8VzNpiXDm9GxGrV390uOnmJyml0bcHR8cnkVYOrp4RvVqfSAAAAAAAAAAAAAAAAAAAcHPNfev7kqyJDQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAA6rf/58Gl8+sDE4j4k78dfBsrZ3IGq0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA6+tXAAAA//85ziI4")
r5 = accept4$packet(0xffffffffffffffff, &(0x7f0000000180), &(0x7f0000000240)=0x14, 0x100000)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000300)={0x8, &(0x7f0000000280)=[{0x1, 0x83, 0x9, 0xfffffff3}, {0x4, 0x94, 0x2, 0x8}, {0x8000, 0x7, 0x8, 0x8}, {0x7, 0xf, 0x53, 0x2}, {0x1a, 0x14, 0x8, 0x10}, {0xb, 0xfb, 0x0, 0xd}, {0xa, 0x9, 0x1, 0xd0}, {0x2, 0x5, 0x1}]}, 0x10)
utime(&(0x7f0000000080)='./file0\x00', 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000580)={0x28, r3, 0xc4fc9e906872338b, 0x20, 0x2000000, {{0x15}, {@val={0x8}, @val={0xc, 0x99, {0xfffffffc}}}}}, 0x28}}, 0x0)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010029bd7000fcdbdf2a2700000008000300", @ANYRES32=0x0, @ANYBLOB="0e0034006185d0574cdd43fc782d00000600360008000000060036000200000004005f000a00060008021100000000000a0034000101010101010000"], 0x58}, 0x1, 0x0, 0x0, 0x4044085}, 0x40)
r6 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r7=>0x0}, &(0x7f0000cab000)=0xc)
mount$9p_fd(0x0, &(0x7f00000015c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000017c0)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid={'dfltgid', 0x3d, r7}}], [{@permit_directio}, {@smackfshat={'smackfshat', 0x3d, '@[]['}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'orlov'}}, {@smackfshat={'smackfshat', 0x3d, 'nomblk_io_submit'}}], 0x6b}})
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r8, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xb}}, 0x8}, 0x1c)
r9 = fcntl$dupfd(r8, 0x0, r8)
stat(&(0x7f0000000cc0)='./file0\x00', &(0x7f0000001c80)={0x0, 0x0, 0x0, 0x0, <r10=>0x0})
getegid()
newfstatat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, <r11=>0x0}, 0x100)
newfstatat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', &(0x7f0000001640)={0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}, 0x800)
setsockopt$EBT_SO_SET_ENTRIES(r9, 0x0, 0x80, &(0x7f0000000500)=@broute={'broute\x00', 0x20, 0x6, 0xa2c, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000002a80], 0x0, &(0x7f0000000180), &(0x7f0000002a80)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff02000000110000000100000068706e6963766630000000000000000000006272696467655f736c6176655f31000064766d7270310000000000000000000067656e65766530000000000000000000ffffffffffffffffffffff00aaaaaaaaaaaa00ffff00ff00e60100002e0200007602000068656c706572000000000000000000000000000000000000000000000000000028000000000000000100000073797a300000000000000000000000000000000000000000000000000000000000000000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004552524f520000000000000000000000000000000000000000000000000000002000000000000000ac7274d3678f2607929519de57d8737e4512bd253c81134356df67ef732300004552524f520000000000000000000000000000000000000000000000000000002000000000000000e5d658ca7403b6a57b79e55bf6e4321c4a481ed19319fee1f938f7549f5a0000110000001400000080f376657468315f766972745f776966690076657468305f766972745f776966690076657468315f766972745f776966690076657468315f746f5f62617461647600aaaaaaaa746c3280ffffffff0180c2000003ffff0000ff00ae0000002e0100005e0100006f776e65720000000000000000000000000000000000000000000000000000001800000000000000", @ANYRES32=r10, @ANYRES32=r11, @ANYRES32, @ANYRES32=r12, @ANYBLOB="06010000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3100000000000000000000000000000000000000000000000104000000ffffff7f00000000434c41535349465900000000000000000000000000000000000000000000000008000000000000005f0000000000000072656469726563740000000000000000000000000000000000000000000000000800000000000000fdffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000002000000fcffffff020000000500000002000000000376657468305f746f5f687372000000006970766c616e3000000000000000000064766d72703000000000000000000000766c616e310000000000000000000000aaaaaaaaaabb00000000000068f57b0d4a2effffffff00ff0601000006010000360100006970000000000000000000000000000000000000000000000000000000000000200000000000000000000000e0000002ffffff0000fffffe090600324e204e204e214e240000000069707673000000000000000000000000000000000000000000000000000000002800000000000000fc0100000000000000000000000000000000000000000000ff000000ff0000004e225e004e24041d415544495400000000000000000000000000000000000000000000000000000008000000000000000100000000000000090000004400000000056e696376663000000000000000000000626f6e64300000000000000000000000627269646765300000000000000000007465616d300000000000000000000000aaaaaaaaaabbffffff000000aaaaaaaaaa1500ffff00ff00ae000000fe000000760100006d61726b5f6d000000000000000000000000000000000000000000000000000018000000000000008b060000000000005a0000000000000000000000000000006c6f67000000000000000000000000000000000000000000000000000000000028000000000000000d6dce1e0aa0775b817cda288d64d094aa5b92caaba647923efa3fce1944ad0002000000000000006e666c6f670000000000000000000000000000000000000000000000000000005000000000000000060000000700000800000000b530b36aafea252d98d42eac7e1133e7b94cc889eae1980490a3568c29500b855f0e4a453c3589ae80d55d6a9c92790eb3bb443804df80f7123d2b4c69b4f7d50000000000000000000000000000000000000000000000000000000000000000000000000000000004000000fcffffff020000001100000065000000000676657468305f6d6163767461700000006e657464657673696d3000000000000076657468315f746f5f626f6e6400000076657468315f746f5f7465616d000000aaaaaaaaaabbffea00ff00ff00000000000000ffff00fffffe0000005e010000d60100006d61726b5f6d0000000000000000000000000000000000000000000000000000180000000000000009000000000000000500000000000000000000000000000068656c706572000000000000000000000000000000000000000000000000000028000000000000000100000073797a3100000000000000000000000000000000000000000000000000000000000000004155444954000000000000000000000000000000000000000000000000000000080000000000000000000000000000004e465155455545000000000000000000000000000000000000000000000000000800000000000000ff0f0000000000006e666c6f670000000000000000000000000000000000000000000000000000005000000000000000030000000002080000000000711ac34a79dddbde46375b12964ba0e444d9ed8af0e2cd7b6c25afc579067a614f20ef0706011d3415cbe0a291ecc2be05d04a5564588b4281df593560446104000000000500000043000000487e6970365f76746930000000000000000070696d367265673000000000000000006c6f0000000000000000000000000000766c616e310000000000000000000000ffffffffffffff00ffffffffaaaaaaaaaa3cffffff00ffffb6000000e60000001601000069700000000000000000000000000000000000000000000000000000000000002000000000000000ac14141c64010101000000ff000000ff07ff3d204e224e244e244e2000000000434c4153534946590000000000000000000000000000000000000000000000000800000000000000090000000000000072656469726563740000000000000000000000000000000000000000000000000800000000000000fdffffff00000000"]}, 0xaa4)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000400)=@nat={'nat\x00', 0x19, 0x4, 0xdd8, [0x200000000640, 0x0, 0x0, 0x2000000008b6, 0x2000000008e6], 0x0, &(0x7f0000000080), &(0x7f0000000640)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff010000001100000032000000900070696d3672656731000000000000000065727370616e3000000000000000000076657468315f746f5f626f6e6400000076657468315f746f5f626f6e64000000aaaaaaaaaaaa00ff00ffffffbbbbbbbbbbbbffffffffff00de0000001601000046020000766c616e0000000000000000000000000000000000000000000000000000000008000000000000000200040088e505026f776e65720000000000000000000000000000000000000000000000000000001800000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="06000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000ffffffffffff0000ffffffff000000005345434d41524b000000000000000000000000000000000000000000000000000801000000000000010000000900000073797374656d5f753a6f626a6563745f723a6c6f67726f746174655f7661725f6c69625f743a733000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff02000000050000000200000002006970365f7674693000000000000000007663616e300000000000000000000000627269646765300000000000000000006970766c616e31000000000000000000aaaaaaaaaa250000ff000000aaaaaaaaaaaa00ffff00ff0056080000be080000f60800007533320000000000000000000000000000000000000000000000000000000000c0070000000000000500000001000000050000000100000002000000000000000500000003000000d90700000000000009000000010000000b0000000100000009000000000000001ff80000030000000a000000020000005f19286300000000060000000500000001000080ff0000000500000000000000050000004aabffff0c00000000000080060000000400000001000000ff0300004000000004000000ff070000bb0400000800000000000000001000000080020004050000800000000300000001000000000000000700000001000000ffff000001000000d60600000100000000000100030000000100000003000000a90300000300000000800000030000000900000002000000060000000300000004000000050000000700000002000000050000000e00000009000000040000000900000009000000050000000900000005000000070000000300000000000000060000000200000005000000e8000000ffffffff0000000009020000470a0000010000000c00000002000000f20c0000030000000c0000000000000062000000000000007300000001000000090000000300000050000000010000000900000001000000040000000100000008000000ee36d109f77b0200000001000000000000000000e01903000000b30e00000000000708000000ffffff7f0001000002000000400000001b420000010000007f00000003000000040000000500000007000000000000007f00000082000000d200000003090000f7ffffff0300000007000000030000004200000003000000ffffff7f020000000300000000000000b2ad0000010000002b3d00000100000003000000000000000900000000000000820d000003000000001000000000000002000000edd0f27b0200000003000000ff010000090000000c00000009000000d0000000810000000400000000000000ffffff7fffffffff01000000ff01000023310000cd69000020001000020000000300000001000000070400000400000000000000ff0f000003000000050000000300000007000000010000000100000000000000020000000000000006000000010000000300000000000000a90000000000000002000000000000000200000000000000080000000600000001000000070000000080000004000000060000000300000050f600000000004000000000faffffff08000000040000000000000008000000080000000900000004000000030000000700000001000100000800000900000000000000306e0000030000000101000003000000d0d100000200000007000000020000000300000001000000050000000300000001080000030000000800000003000000826a0000000000000500000000000000010000000f0000000800000010000000ffff0000ffffff7fff0e0000fe0f0000060000000000000006000000080000000800000000f8ffff2e0000000b000000090000000500000005000000090000008f00000003000000070a000083b1747b0200000081000000000000000ff4ffff000000009cbf000001000000010000000100000000000100030000000200000002000000050000000200000005000000000000004000000000000000ff0f00000200000000020000ffffff7f0f00000073000000545300000300000081000000ff0f000001000080050000000900000005000000020000000700000004000000080000000200000000000000ff070000f1fffffff8ffffff03000000040000004000000001000000010000800000000006000000010000000000000002000000010000000100000002000000010000000200000003000000080000000200000081000000010000002ba40000020000000600000001000000040000000100000000040000bc0900000600000001000000d88f00000300000092e10000100000000300000008000000040000000900000000000000b4ffffffc1030000080000000c000000f9ffffff268700000700000001070000010000000000000002000000000000000a00000001000000ff01000000000000800000000100000009000000030000000200000003000000090000000000000009000000030000000e00000002000000760000000200000007000000060000000300000003000000050000001000000009000000ffffffff09000000040000000c0400000800000000002000f6ffffff02000000ff0100000100000009000000190a000002000000dcf000004d0000000705000048060000000000000700000003000000a1000000010000000100000001000000050000000100000008000000020000000200000002000000c2e8df6101000000ff030000020000000300000001000000e3b52e7d00000000fe00000002000000050000000900000003000000040000000e000000080000000200000002000000020000000700000000000000f124ff000800000005000000f7ffffff06000000060000000900000005000000030000000a040000ff07000002000000000000000300000007000000010000000000000003000000fdffffff0200000008000000010000001a0d0000020000000200000000000000ffffffff0100000006000000030000000100010002000000b68d77770400000001000000010000000000000007000000070000009d0400007db3000005000000080000007000000006000000040000000500000002000000f8ffffff01000000030000000c00000005000000400200000a0000000301000000000000000000000000000000000000000000000000000000000000000000000800000000000000fbffffff000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa0000fcffffff00000000736e61740000000000000000000000000000000000000000000000000000000010000000000000000180c20000000000100000000000000009000000000000000015626174616476300000000000000000006970766c616e300000000000000000006c6f000000000000000000000000000076657468305f766972745f7769666900aaaaaaaaaabbff00000000ff8d05ecdde724ffffff00ff00fe000000fe00000036010000697076730000000000000000000000000000000000000000000000000000000028000000000000006401010100000000000000000000000000000000ffffffffffffffffff0000004e2008024e2221026f776e65720000000000000000000000000000000000000000000000000000001800", @ANYRES32, @ANYRES32, @ANYRES32=r7, @ANYRES32=r12, @ANYBLOB="01040000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaabb0000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000003000000fcffffff010000000900000020000000001864766d727030000000000000000000007465616d5f736c6176655f300000000076657468305f746f5f7465616d0000007465616d5f736c6176655f3000000000aaaaaaaaaa1e0000ff0000ff000000000000ffffff00ff006e0000006e000000a6000000736e61740000000000000000000000000000000000000000000000000000000010000000000000"]}, 0xe3b)

127.68308ms ago: executing program 0 (id=3854):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x891)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
getsockopt$sock_buf(r3, 0x1, 0x1a, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r5, 0x6, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x3, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000200)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x32600)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x14eeaa19, &(0x7f00000000c0))
fsmount(r5, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
ioctl$SNAPSHOT_PLATFORM_SUPPORT(0xffffffffffffffff, 0x330f, 0x6)

0s ago: executing program 2 (id=3855):
r0 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0xffffffffffffffff, 0xdb, 0x18}, 0xc)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r0, &(0x7f00000018c0)="80a5b4b903b1cf64e3790cf6324cb1f4efb2db361293d8f3af7afe7289bc9a9cace319011fe07adf17b91bd8a369924b43b45f355ad35a2d72eacf37992a385f85cc988fe60446339d111f3045f01a2b0ba576720f43cb6ed88876a5669c07fc0db0740b78dc9e1b903e8de922bcbb00cd5a60bf1b1f44ac8a0ffdb421b51cf572f8e218b874a40c60d8bbba46d2c5f1070ef775b37722b035219a9e21450564d641aa25f7901ef108a7c77ed39f68abcc49b6d015ee5ac6d086d7db14f5f00053efe7d5b74326751b133552ef0ed5aaa565baba2d580b256354a5c1317715056241d1b19636c9aa2bf886c8293e2edb094f7cd8f39498ef35cb09b05afd61fbfb000018000000000000814c6a6f59c72dc6788c77dba6bc8a293c455de5ed81ae796408657744a931c42255433c431c485b30c5c1463da0d0b668d7d1753a3564945a110aad5e6fa26d591ca0a73a5c1cb44c9c5e4b8090c8ee1af13e4a276906a3a7b3d25f6f52", &(0x7f00000008c0)=""/4096, 0x4}, 0x1f)
r1 = socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0xff05, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x4a00, 0x0, 0x8001}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_ADDRESS={0xa}]}, 0x40}, 0x1, 0x0, 0x0, 0xd0}, 0x0)
r3 = syz_io_uring_complete(0x0)
r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x38, r4, 0x1, 0x70bd27, 0x25dfdbff, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x20004401}, 0x24000800)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r3)
sendmsg$NL80211_CMD_REQ_SET_REG(r3, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000300)={&(0x7f0000001a40)={0xf4, r5, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'b\x00'}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_REG_RULES={0xd4, 0x22, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xb}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x4}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0xb26}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xb5a}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x9}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x80}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0xffffffff}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x42ea}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xce740000}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x81}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x217a}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x4}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x5}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x80000000}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0xffffff48}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x8}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x1}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x800}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x5}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xa}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xffffff80}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7}]}, {0x4}]}]}, 0xf4}, 0x1, 0x0, 0x0, 0x40010}, 0x81)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
socket(0xa, 0x2, 0x0)
poll(0x0, 0x0, 0xffffffffffbffff8)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x84, &(0x7f0000000440)={0x0, @in={{0x2, 0x4e24, @multicast1}}, 0xfffc, 0x86}, &(0x7f0000000500)=0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = io_uring_setup(0x1fb8, &(0x7f0000000540)={0x0, 0x1ae0, 0x400, 0x0, 0xea})
io_uring_register$IORING_REGISTER_BUFFERS(r7, 0x0, &(0x7f0000000940)=[{&(0x7f0000000a00)=""/181, 0xb5}, {&(0x7f0000000200)=""/38, 0x26}, {0x0}, {&(0x7f0000000380)=""/88, 0x58}, {&(0x7f0000000ac0)=""/173, 0xad}], 0x5)
io_uring_register$IORING_REGISTER_FILES(r7, 0x1e, &(0x7f0000000000)=[r7], 0x1)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000040)={[{@errors_remount}, {@discard}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")

kernel console output (not intermixed with test programs):

[T14058] EXT4-fs (loop1): 1 truncate cleaned up
[  263.988976][T14058] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.128616][T14074] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14074 comm=syz.0.3388
[  264.132085][T14073] loop5: detected capacity change from 0 to 512
[  264.164617][T14073] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  264.179424][T14073] EXT4-fs (loop5): 1 truncate cleaned up
[  264.185732][T14073] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.709076][T13351] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.861364][T14083] loop2: detected capacity change from 0 to 512
[  264.891280][T14083] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  264.900479][T14083] EXT4-fs (loop2): orphan cleanup on readonly fs
[  264.908868][T14083] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.3392: corrupted inode contents
[  264.921272][T14083] EXT4-fs (loop2): Remounting filesystem read-only
[  264.927961][T14083] EXT4-fs (loop2): 1 truncate cleaned up
[  264.934231][   T58] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  264.944871][   T58] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  264.984023][   T58] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  264.995410][T14083] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  264.995561][T11549] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.008465][T14083] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.018961][ T4670] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.058089][T14091] loop5: detected capacity change from 0 to 256
[  265.065740][T14091] msdos: Bad value for 'uid'
[  265.070471][T14091] msdos: Bad value for 'uid'
[  265.079682][T14091] 9pnet_fd: Insufficient options for proto=fd
[  265.091885][T14091] loop5: detected capacity change from 0 to 512
[  265.099996][T14091] EXT4-fs: Ignoring removed orlov option
[  265.105713][T14091] EXT4-fs: Ignoring removed nomblk_io_submit option
[  265.112502][T14091] ext4: Unknown parameter 'fsname'
[  265.148066][T14097] loop1: detected capacity change from 0 to 1024
[  265.172589][T14097] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.195706][T14097] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  265.227610][T11549] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.306790][T14102] __nla_validate_parse: 2 callbacks suppressed
[  265.306799][T14102] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3398'.
[  265.323375][T14095] loop5: detected capacity change from 0 to 512
[  265.340991][T14095] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  265.349437][T14095] EXT4-fs (loop5): orphan cleanup on readonly fs
[  265.403257][T14095] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.3397: corrupted inode contents
[  265.426386][T14110] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3401'.
[  265.435954][T14095] EXT4-fs (loop5): Remounting filesystem read-only
[  265.444198][T14095] EXT4-fs (loop5): 1 truncate cleaned up
[  265.450488][   T31] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  265.461137][   T31] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  265.473072][   T31] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  265.486822][T14111] netlink: 'syz.6.3401': attribute type 1 has an invalid length.
[  265.495175][T14095] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  265.500018][T14111] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  265.510650][T14095] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.532122][T14111] can0: slcan on ttyS3.
[  265.553117][T14113] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3402'.
[  265.568943][T14111] can0 (unregistered): slcan off ttyS3.
[  265.578010][T14110] can0: slcan on ttyS3.
[  265.584528][T14110] netlink: 'syz.6.3401': attribute type 1 has an invalid length.
[  265.592437][T14110] netlink: 224 bytes leftover after parsing attributes in process `syz.6.3401'.
[  265.638838][T14109] can0 (unregistered): slcan off ttyS3.
[  265.649096][T14118] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14118 comm=syz.2.3403
[  265.696282][T14124] loop6: detected capacity change from 0 to 256
[  265.703382][T14124] msdos: Bad value for 'uid'
[  265.708050][T14124] msdos: Bad value for 'uid'
[  265.715436][T14124] 9pnet_fd: Insufficient options for proto=fd
[  265.737425][T14126] loop6: detected capacity change from 0 to 256
[  265.744276][T14126] msdos: Bad value for 'uid'
[  265.748913][T14126] msdos: Bad value for 'uid'
[  265.756562][T14126] 9pnet_fd: Insufficient options for proto=fd
[  265.766726][T14126] loop6: detected capacity change from 0 to 512
[  265.773368][T14126] EXT4-fs: Ignoring removed orlov option
[  265.779182][T14126] EXT4-fs: Ignoring removed nomblk_io_submit option
[  265.785772][T14126] ext4: Unknown parameter 'fsname'
[  265.806967][T14128] loop6: detected capacity change from 0 to 1024
[  265.820073][T14128] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.833332][T14128] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  265.858214][   T31] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  265.870564][   T31] EXT4-fs (loop6): This should not happen!! Data will be lost
[  265.870564][   T31] 
[  265.880228][   T31] EXT4-fs (loop6): Total free blocks count 0
[  265.886299][   T31] EXT4-fs (loop6): Free/Dirty block details
[  265.892317][   T31] EXT4-fs (loop6): free_blocks=20480
[  265.897736][   T31] EXT4-fs (loop6): dirty_blocks=64
[  265.902925][   T31] EXT4-fs (loop6): Block reservation details
[  265.908961][   T31] EXT4-fs (loop6): i_reserved_data_blocks=4
[  265.924670][ T5364] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.953498][T14134] loop6: detected capacity change from 0 to 1024
[  265.987969][T14134] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.019009][T14134] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  266.051536][ T5364] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.219732][T14144] loop1: detected capacity change from 0 to 512
[  266.229703][T14144] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  266.237763][T14144] EXT4-fs (loop1): orphan cleanup on readonly fs
[  266.246221][T14144] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.3413: corrupted inode contents
[  266.258445][T14144] EXT4-fs (loop1): Remounting filesystem read-only
[  266.265269][T14144] EXT4-fs (loop1): 1 truncate cleaned up
[  266.271766][ T3436] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  266.282354][ T3436] __quota_error: 559 callbacks suppressed
[  266.282365][ T3436] Quota error (device loop1): write_blk: dquota write failed
[  266.296378][ T3436] Quota error (device loop1): remove_free_dqentry: Can't write block (5) with free entries
[  266.306415][ T3436] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  266.317010][ T3436] Quota error (device loop1): write_blk: dquota write failed
[  266.324405][ T3436] Quota error (device loop1): free_dqentry: Can't move quota data block (5) to free list
[  266.334241][ T3436] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  266.344336][ T3436] Quota error (device loop1): v2_write_file_info: Can't write info structure
[  266.353136][ T3436] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  266.363438][T14144] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  266.376394][T14144] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.442811][T14150] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  266.451666][T14150] syzkaller0: entered promiscuous mode
[  266.457144][T14150] syzkaller0: entered allmulticast mode
[  266.536006][T14152] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3415'.
[  266.580325][T14152] netlink: 'syz.2.3415': attribute type 1 has an invalid length.
[  266.589053][T14152] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  266.606023][T14152] can0: slcan on ttyS3.
[  266.648790][T14152] can0 (unregistered): slcan off ttyS3.
[  266.656986][T14152] can0: slcan on ttyS3.
[  266.663549][T14152] netlink: 'syz.2.3415': attribute type 1 has an invalid length.
[  266.671312][T14152] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3415'.
[  266.738831][T14151] can0 (unregistered): slcan off ttyS3.
[  266.794191][   T29] audit: type=1326 audit(1756466631.623:12050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14156 comm="syz.2.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6d66ebe9 code=0x7ffc0000
[  266.795507][T14158] loop2: detected capacity change from 0 to 256
[  266.817880][   T29] audit: type=1326 audit(1756466631.623:12051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14156 comm="syz.2.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f2d6d66ebe9 code=0x7ffc0000
[  266.826452][T14158] msdos: Bad value for 'uid'
[  266.847799][   T29] audit: type=1326 audit(1756466631.623:12052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14156 comm="syz.2.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2d6d66ec23 code=0x7ffc0000
[  266.852543][T14158] msdos: Bad value for 'uid'
[  266.877900][   T29] audit: type=1326 audit(1756466631.623:12053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14156 comm="syz.2.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2d6d66d69f code=0x7ffc0000
[  266.917636][T14158] 9pnet_fd: Insufficient options for proto=fd
[  266.971340][T14166] loop1: detected capacity change from 0 to 1024
[  266.974526][T14164] syzkaller0: entered promiscuous mode
[  266.983240][T14164] syzkaller0: entered allmulticast mode
[  267.003812][T14166] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  267.026184][T14166] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  267.056941][T11549] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.099022][T14180] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3427'.
[  267.115409][T14162] loop5: detected capacity change from 0 to 512
[  267.129990][T14162] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  267.145476][T14182] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3428'.
[  267.154775][T14162] EXT4-fs (loop5): orphan cleanup on readonly fs
[  267.161670][T14185] netlink: 'syz.6.3427': attribute type 1 has an invalid length.
[  267.171447][T14185] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  267.192057][T14162] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.3422: corrupted inode contents
[  267.199999][T14180] can0: slcan on ttyS3.
[  267.209616][T14162] EXT4-fs (loop5): Remounting filesystem read-only
[  267.209651][T14187] netlink: 'syz.0.3428': attribute type 1 has an invalid length.
[  267.224092][T14162] EXT4-fs (loop5): 1 truncate cleaned up
[  267.227113][T14187] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  267.232860][ T1083] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  267.255776][ T1083] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  267.262335][T14188] netlink: 'syz.0.3428': attribute type 1 has an invalid length.
[  267.266720][ T1083] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  267.274075][T14188] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3428'.
[  267.294813][T14162] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  267.307361][T14180] can0 (unregistered): slcan off ttyS3.
[  267.308882][T14162] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.323681][T14185] can0: slcan on ttyS3.
[  267.327439][T14180] netlink: 'syz.6.3427': attribute type 1 has an invalid length.
[  267.335666][T14180] netlink: 224 bytes leftover after parsing attributes in process `syz.6.3427'.
[  267.352301][T14190] loop1: detected capacity change from 0 to 8192
[  267.399344][T14190]  loop1: p1 p2[DM] p4
[  267.403469][T14190] loop1: p1 size 196608 extends beyond EOD, truncated
[  267.411803][T14190] loop1: p2 start 4292936063 is beyond EOD, truncated
[  267.418750][T14190] loop1: p4 size 50331648 extends beyond EOD, truncated
[  267.428832][T14179] can0 (unregistered): slcan off ttyS3.
[  267.598602][T14201] loop6: detected capacity change from 0 to 512
[  267.609961][T14201] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  267.618185][T14201] EXT4-fs (loop6): orphan cleanup on readonly fs
[  267.626279][T14201] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.3434: corrupted inode contents
[  267.638510][T14201] EXT4-fs (loop6): Remounting filesystem read-only
[  267.645178][T14201] EXT4-fs (loop6): 1 truncate cleaned up
[  267.651101][   T41] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  267.661643][   T41] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  267.672187][   T41] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  267.682880][T14201] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  267.695630][T14201] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.807572][T14207] loop5: detected capacity change from 0 to 256
[  267.815142][T14207] msdos: Bad value for 'uid'
[  267.819801][T14207] msdos: Bad value for 'uid'
[  267.829816][T14207] 9pnet_fd: Insufficient options for proto=fd
[  267.832175][T14209] loop2: detected capacity change from 0 to 512
[  267.841833][T14207] loop5: detected capacity change from 0 to 512
[  267.848067][T14209] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  267.849280][T14207] EXT4-fs: Ignoring removed orlov option
[  267.859880][T14209] EXT4-fs (loop2): 1 truncate cleaned up
[  267.865278][T14207] EXT4-fs: Ignoring removed nomblk_io_submit option
[  267.870314][T14209] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  267.876639][T14207] ext4: Unknown parameter 'fsname'
[  268.290972][T14217] syzkaller0: entered promiscuous mode
[  268.296504][T14217] syzkaller0: entered allmulticast mode
[  268.413536][T14222] loop6: detected capacity change from 0 to 512
[  268.435250][T14222] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  268.547028][T14222] EXT4-fs (loop6): 1 truncate cleaned up
[  268.555343][T14222] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  268.626092][ T5364] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.663176][T14228] netlink: 'syz.0.3441': attribute type 1 has an invalid length.
[  268.675452][T14228] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  268.679095][T14233] loop6: detected capacity change from 0 to 256
[  268.694256][T14228] can0: slcan on ttyS3.
[  268.703614][T13351] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.704032][T14233] msdos: Bad value for 'uid'
[  268.717293][T14233] msdos: Bad value for 'uid'
[  268.730615][T14233] 9pnet_fd: Insufficient options for proto=fd
[  268.748921][T14228] can0 (unregistered): slcan off ttyS3.
[  268.755192][T14231] netlink: 'syz.0.3441': attribute type 1 has an invalid length.
[  268.759343][T14237] loop6: detected capacity change from 0 to 1024
[  268.783711][T14235] loop2: detected capacity change from 0 to 8192
[  268.810095][T14237] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  268.826138][T14237] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  268.857801][   T31] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  268.859225][T14235]  loop2: p1 p2[DM] p4
[  268.870196][   T31] EXT4-fs (loop6): This should not happen!! Data will be lost
[  268.870196][   T31] 
[  268.884314][   T31] EXT4-fs (loop6): Total free blocks count 0
[  268.884563][T14235] loop2: p1 size 196608 extends beyond EOD, 
[  268.890360][   T31] EXT4-fs (loop6): Free/Dirty block details
[  268.890365][T14235] truncated
[  268.890379][   T31] EXT4-fs (loop6): free_blocks=20480
[  268.905794][T14243] loop5: detected capacity change from 0 to 1024
[  268.910918][   T31] EXT4-fs (loop6): dirty_blocks=64
[  268.910944][   T31] EXT4-fs (loop6): Block reservation details
[  268.910957][   T31] EXT4-fs (loop6): i_reserved_data_blocks=4
[  268.912627][ T5364] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.918926][T14235] loop2: p2 start 4292936063 is beyond EOD, truncated
[  268.950281][T14235] loop2: p4 size 50331648 extends beyond EOD, truncated
[  268.973739][T14243] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  269.088550][T14243] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  269.118496][ T4670] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.149763][T14270] loop2: detected capacity change from 0 to 512
[  269.170623][T14270] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  269.178993][T14270] EXT4-fs (loop2): orphan cleanup on readonly fs
[  269.187021][T14270] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.3451: corrupted inode contents
[  269.200737][T14270] EXT4-fs (loop2): Remounting filesystem read-only
[  269.202078][T14275] netlink: 'syz.5.3456': attribute type 1 has an invalid length.
[  269.207483][T14270] EXT4-fs (loop2): 1 truncate cleaned up
[  269.218567][T14275] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  269.228078][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  269.242983][T14272] can0: slcan on ttyS3.
[  269.246546][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  269.261415][   T12] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  269.272215][T14270] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  269.284956][T14270] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.308784][T14272] can0 (unregistered): slcan off ttyS3.
[  269.316981][T14275] can0: slcan on ttyS3.
[  269.323830][T14272] netlink: 'syz.5.3456': attribute type 1 has an invalid length.
[  269.438719][T14271] can0 (unregistered): slcan off ttyS3.
[  269.688490][T14279] loop5: detected capacity change from 0 to 256
[  269.697068][T14279] msdos: Bad value for 'uid'
[  269.701827][T14279] msdos: Bad value for 'uid'
[  269.714317][T14279] 9pnet_fd: Insufficient options for proto=fd
[  269.731663][T14279] loop5: detected capacity change from 0 to 512
[  269.739346][T14279] EXT4-fs: Ignoring removed orlov option
[  269.745292][T14279] EXT4-fs: Ignoring removed nomblk_io_submit option
[  269.753520][T14279] ext4: Unknown parameter 'fsname'
[  269.886791][T14284] loop6: detected capacity change from 0 to 1024
[  269.912432][T14284] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  269.926720][T14284] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  269.992469][ T3436] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  270.004871][ T3436] EXT4-fs (loop6): This should not happen!! Data will be lost
[  270.004871][ T3436] 
[  270.014779][ T3436] EXT4-fs (loop6): Total free blocks count 0
[  270.020808][ T3436] EXT4-fs (loop6): Free/Dirty block details
[  270.026766][ T3436] EXT4-fs (loop6): free_blocks=20480
[  270.032144][ T3436] EXT4-fs (loop6): dirty_blocks=64
[  270.037441][ T3436] EXT4-fs (loop6): Block reservation details
[  270.043759][ T3436] EXT4-fs (loop6): i_reserved_data_blocks=4
[  270.051704][T14294] loop2: detected capacity change from 0 to 8192
[  270.060788][ T5364] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.079325][T14294]  loop2: p1 p2[DM] p4
[  270.084692][T14294] loop2: p1 size 196608 extends beyond EOD, truncated
[  270.096218][T14294] loop2: p2 start 4292936063 is beyond EOD, truncated
[  270.103222][T14294] loop2: p4 size 50331648 extends beyond EOD, truncated
[  270.177000][T14306] loop2: detected capacity change from 0 to 256
[  270.184636][T14306] msdos: Bad value for 'uid'
[  270.190079][T14306] msdos: Bad value for 'uid'
[  270.198125][T14306] 9pnet_fd: Insufficient options for proto=fd
[  270.324722][T14311] loop6: detected capacity change from 0 to 256
[  270.333077][T14311] msdos: Bad value for 'uid'
[  270.337710][T14311] msdos: Bad value for 'uid'
[  270.346347][T14311] 9pnet_fd: Insufficient options for proto=fd
[  270.356641][T14311] loop6: detected capacity change from 0 to 512
[  270.364048][T14311] EXT4-fs: Ignoring removed orlov option
[  270.370050][T14311] EXT4-fs: Ignoring removed nomblk_io_submit option
[  270.376747][T14311] ext4: Unknown parameter 'fsname'
[  270.504329][T14314] loop6: detected capacity change from 0 to 512
[  270.518033][T14318] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14318 comm=syz.1.3472
[  270.539696][T14314] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  270.547903][T14314] EXT4-fs (loop6): orphan cleanup on readonly fs
[  270.556155][T14314] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.3471: corrupted inode contents
[  270.569426][T14314] EXT4-fs (loop6): Remounting filesystem read-only
[  270.576105][T14314] EXT4-fs (loop6): 1 truncate cleaned up
[  270.581977][ T1083] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  270.592522][ T1083] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  270.603903][ T1083] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  270.615229][T14314] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  270.628286][T14314] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.311371][T14338] syzkaller0: entered promiscuous mode
[  271.316915][T14338] syzkaller0: entered allmulticast mode
[  271.328726][   T29] kauditd_printk_skb: 568 callbacks suppressed
[  271.328749][   T29] audit: type=1326 audit(1756466636.163:12598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14335 comm="syz.0.3479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f417ac3d69f code=0x7ffc0000
[  271.450529][   T29] audit: type=1326 audit(1756466636.253:12599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14335 comm="syz.0.3479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f417ac3ec77 code=0x7ffc0000
[  271.474152][   T29] audit: type=1326 audit(1756466636.253:12600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14335 comm="syz.0.3479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f417ac3d550 code=0x7ffc0000
[  271.497771][   T29] audit: type=1326 audit(1756466636.253:12601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14335 comm="syz.0.3479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f417ac3d84a code=0x7ffc0000
[  271.523021][T14343] loop6: detected capacity change from 0 to 1024
[  271.523695][   T29] audit: type=1326 audit(1756466636.283:12602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14335 comm="syz.0.3479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f417ac3ebe9 code=0x7ffc0000
[  271.553517][   T29] audit: type=1326 audit(1756466636.283:12603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14335 comm="syz.0.3479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f417ac3ebe9 code=0x7ffc0000
[  271.626095][T14350] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  271.646231][T14343] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  271.662457][T14345] __nla_validate_parse: 6 callbacks suppressed
[  271.662475][T14345] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3483'.
[  271.663322][T14350] tipc: Resetting bearer <eth:syzkaller0>
[  271.687458][T14345] netlink: 'syz.0.3483': attribute type 10 has an invalid length.
[  271.697072][T14349] tipc: Disabling bearer <eth:syzkaller0>
[  271.700191][T14343] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  271.720763][T14345] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3483'.
[  271.730121][T14345] tmpfs: Bad value for 'mpol'
[  271.742120][ T5364] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.761321][T14355] loop5: detected capacity change from 0 to 512
[  271.763096][   T29] audit: type=1326 audit(1756466636.593:12604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14359 comm="syz.6.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87c04ebe9 code=0x7ffc0000
[  271.793460][   T29] audit: type=1326 audit(1756466636.633:12605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14359 comm="syz.6.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7ff87c04ebe9 code=0x7ffc0000
[  271.793612][T14360] loop6: detected capacity change from 0 to 256
[  271.794173][T14360] msdos: Bad value for 'uid'
[  271.817385][   T29] audit: type=1326 audit(1756466636.633:12606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14359 comm="syz.6.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff87c04ec23 code=0x7ffc0000
[  271.823790][T14360] msdos: Bad value for 'uid'
[  271.828342][   T29] audit: type=1326 audit(1756466636.633:12607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14359 comm="syz.6.3487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff87c04d69f code=0x7ffc0000
[  271.892569][T14360] 9pnet_fd: Insufficient options for proto=fd
[  271.921528][T14369] loop6: detected capacity change from 0 to 1024
[  271.928293][T14369] EXT4-fs: Ignoring removed orlov option
[  271.934050][T14369] EXT4-fs: dax option not supported
[  271.987092][T14355] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  271.997181][T14355] EXT4-fs (loop5): orphan cleanup on readonly fs
[  272.005541][T14355] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.3486: corrupted inode contents
[  272.017733][T14377] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14377 comm=syz.6.3492
[  272.018877][T14355] EXT4-fs (loop5): Remounting filesystem read-only
[  272.037287][T14355] EXT4-fs (loop5): 1 truncate cleaned up
[  272.043540][ T3436] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  272.054391][ T3436] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  272.064972][ T3436] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  272.075880][T14355] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  272.089151][T14355] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.494523][T14382] syzkaller0: entered promiscuous mode
[  272.500292][T14382] syzkaller0: entered allmulticast mode
[  272.515274][T14380] loop1: detected capacity change from 0 to 8192
[  272.589312][T14380]  loop1: p1 p2[DM] p4
[  272.593524][T14380] loop1: p1 size 196608 extends beyond EOD, truncated
[  272.601578][T14380] loop1: p2 start 4292936063 is beyond EOD, truncated
[  272.608537][T14380] loop1: p4 size 50331648 extends beyond EOD, truncated
[  272.651552][T14386] loop1: detected capacity change from 0 to 1024
[  272.671307][T14386] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  272.693774][T14386] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  272.723833][T11549] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.791640][T14393] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3498'.
[  272.801984][T14393] netlink: 'syz.1.3498': attribute type 10 has an invalid length.
[  272.812099][T14393] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3498'.
[  272.846826][T14393] tmpfs: Bad value for 'mpol'
[  273.002541][T14401] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  273.022984][T14397] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3499'.
[  273.056061][T14401] syzkaller0: entered promiscuous mode
[  273.061814][T14401] syzkaller0: entered allmulticast mode
[  273.082129][T14405] loop6: detected capacity change from 0 to 256
[  273.101468][T14406] netlink: 'syz.0.3499': attribute type 1 has an invalid length.
[  273.112686][T14404] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3503'.
[  273.123579][T14405] msdos: Bad value for 'uid'
[  273.128213][T14405] msdos: Bad value for 'uid'
[  273.135920][T14406] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  273.156190][T14407] can0: slcan on ttyS3.
[  273.162058][T14405] 9pnet_fd: Insufficient options for proto=fd
[  273.169591][T14399] tipc: Resetting bearer <eth:syzkaller0>
[  273.177143][T14399] tipc: Disabling bearer <eth:syzkaller0>
[  273.209185][T14397] can0 (unregistered): slcan off ttyS3.
[  273.215971][T14397] netlink: 'syz.0.3499': attribute type 1 has an invalid length.
[  273.223806][T14397] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3499'.
[  273.285956][T14412] loop2: detected capacity change from 0 to 1024
[  273.300621][T14412] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  273.315794][T14412] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  273.344123][ T3436] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  273.356489][ T3436] EXT4-fs (loop2): This should not happen!! Data will be lost
[  273.356489][ T3436] 
[  273.366211][ T3436] EXT4-fs (loop2): Total free blocks count 0
[  273.372225][ T3436] EXT4-fs (loop2): Free/Dirty block details
[  273.378134][ T3436] EXT4-fs (loop2): free_blocks=20480
[  273.383424][ T3436] EXT4-fs (loop2): dirty_blocks=64
[  273.388522][ T3436] EXT4-fs (loop2): Block reservation details
[  273.394516][ T3436] EXT4-fs (loop2): i_reserved_data_blocks=4
[  273.401997][T13351] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.445892][T14420] loop2: detected capacity change from 0 to 8192
[  273.500081][T14420]  loop2: p1 p2[DM] p4
[  273.504396][T14420] loop2: p1 size 196608 extends beyond EOD, truncated
[  273.513673][T14420] loop2: p2 start 4292936063 is beyond EOD, truncated
[  273.520737][T14420] loop2: p4 size 50331648 extends beyond EOD, truncated
[  273.574962][T14424] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3509'.
[  273.626808][T14426] netlink: 'syz.2.3509': attribute type 1 has an invalid length.
[  273.638212][T14426] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  273.659085][T14424] can0: slcan on ttyS3.
[  273.699401][T14424] can0 (unregistered): slcan off ttyS3.
[  273.708992][T14424] can0: slcan on ttyS3.
[  273.713338][T14429] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3510'.
[  273.715762][T14424] netlink: 'syz.2.3509': attribute type 1 has an invalid length.
[  273.724817][T14429] netlink: 'syz.1.3510': attribute type 10 has an invalid length.
[  273.730489][T14424] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3509'.
[  273.742000][T14429] tmpfs: Bad value for 'mpol'
[  273.789406][T14423] can0 (unregistered): slcan off ttyS3.
[  274.041014][T14439] loop6: detected capacity change from 0 to 256
[  274.047787][T14439] msdos: Bad value for 'uid'
[  274.052408][T14439] msdos: Bad value for 'uid'
[  274.060490][T14439] 9pnet_fd: Insufficient options for proto=fd
[  274.070773][T14439] loop6: detected capacity change from 0 to 512
[  274.077389][T14439] EXT4-fs: Ignoring removed orlov option
[  274.083297][T14439] EXT4-fs: Ignoring removed nomblk_io_submit option
[  274.090193][T14439] ext4: Unknown parameter 'fsname'
[  274.112177][T14441] loop6: detected capacity change from 0 to 512
[  274.118948][T14441] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  274.130813][T14441] EXT4-fs (loop6): 1 truncate cleaned up
[  274.137149][T14441] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  274.224012][T14451] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  274.232120][T14451] syzkaller0: entered promiscuous mode
[  274.237626][T14451] syzkaller0: entered allmulticast mode
[  274.247770][T14450] tipc: Resetting bearer <eth:syzkaller0>
[  274.256685][T14450] tipc: Disabling bearer <eth:syzkaller0>
[  274.381179][T14454] loop5: detected capacity change from 0 to 1024
[  274.395315][T14454] EXT4-fs: Ignoring removed orlov option
[  274.401601][T14454] EXT4-fs: dax option not supported
[  274.520271][T14458] netlink: 'syz.0.3517': attribute type 1 has an invalid length.
[  274.536584][T14458] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  274.556086][T14455] can0: slcan on ttyS3.
[  274.777533][T14458] netlink: 'syz.0.3517': attribute type 1 has an invalid length.
[  274.840388][T14455] can0 (unregistered): slcan off ttyS3.
[  275.025013][T14464] loop1: detected capacity change from 0 to 512
[  275.131133][T14464] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  275.173316][ T5364] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  275.192697][T14464] EXT4-fs (loop1): orphan cleanup on readonly fs
[  275.202498][T14464] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.3520: corrupted inode contents
[  275.215763][T14464] EXT4-fs (loop1): Remounting filesystem read-only
[  275.226003][T14464] EXT4-fs (loop1): 1 truncate cleaned up
[  275.232206][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  275.242816][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  275.245812][T14471] loop6: detected capacity change from 0 to 256
[  275.253516][   T12] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  275.270574][T14464] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  275.286233][T14471] msdos: Bad value for 'uid'
[  275.290934][T14471] msdos: Bad value for 'uid'
[  275.298533][T14464] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  275.309786][T14471] 9pnet_fd: Insufficient options for proto=fd
[  275.373754][T14482] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  275.382271][T14482] syzkaller0: entered promiscuous mode
[  275.387763][T14482] syzkaller0: entered allmulticast mode
[  275.401488][T14480] tipc: Resetting bearer <eth:syzkaller0>
[  275.415461][T14480] tipc: Disabling bearer <eth:syzkaller0>
[  275.516569][T14475] loop6: detected capacity change from 0 to 512
[  275.570404][T14475] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  275.584144][T14475] EXT4-fs (loop6): orphan cleanup on readonly fs
[  275.617775][T14475] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.3525: corrupted inode contents
[  275.639979][T14475] EXT4-fs (loop6): Remounting filesystem read-only
[  275.646826][T14475] EXT4-fs (loop6): 1 truncate cleaned up
[  275.653050][   T41] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  275.663632][   T41] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  275.674606][   T41] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  275.694433][T14475] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  275.717578][T14497] netlink: 'syz.0.3530': attribute type 10 has an invalid length.
[  275.731325][T14497] tmpfs: Bad value for 'mpol'
[  276.327307][T14517] loop6: detected capacity change from 0 to 8192
[  276.392596][T14517]  loop6: p1 p2[DM] p4
[  276.396823][T14517] loop6: p1 size 196608 extends beyond EOD, truncated
[  276.422776][T14517] loop6: p2 start 4292936063 is beyond EOD, truncated
[  276.429661][T14517] loop6: p4 size 50331648 extends beyond EOD, truncated
[  276.453001][   T29] kauditd_printk_skb: 406 callbacks suppressed
[  276.453017][   T29] audit: type=1326 audit(1756466641.283:12996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14516 comm="syz.6.3537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7ff87c04d3fa code=0x7ffc0000
[  276.457675][T14531] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  276.459357][   T29] audit: type=1326 audit(1756466641.283:12997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14516 comm="syz.6.3537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7ff87c04e167 code=0x7ffc0000
[  276.484158][T14531] syzkaller0: entered promiscuous mode
[  276.489656][   T29] audit: type=1326 audit(1756466641.283:12998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14516 comm="syz.6.3537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7ff87c04d3fa code=0x7ffc0000
[  276.513246][T14531] syzkaller0: entered allmulticast mode
[  276.518736][   T29] audit: type=1326 audit(1756466641.283:12999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14516 comm="syz.6.3537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7ff87c04d3fa code=0x7ffc0000
[  276.571445][   T29] audit: type=1326 audit(1756466641.283:13000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14516 comm="syz.6.3537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7ff87c04d3fa code=0x7ffc0000
[  276.595097][   T29] audit: type=1326 audit(1756466641.283:13001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14516 comm="syz.6.3537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7ff87c04e167 code=0x7ffc0000
[  276.618711][   T29] audit: type=1326 audit(1756466641.283:13002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14516 comm="syz.6.3537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7ff87c04d3fa code=0x7ffc0000
[  276.642517][   T29] audit: type=1326 audit(1756466641.283:13003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14516 comm="syz.6.3537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7ff87c04d3fa code=0x7ffc0000
[  276.666343][   T29] audit: type=1326 audit(1756466641.283:13004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14516 comm="syz.6.3537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7ff87c04d3fa code=0x7ffc0000
[  276.689915][   T29] audit: type=1326 audit(1756466641.283:13005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14516 comm="syz.6.3537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff87c04d84a code=0x7ffc0000
[  276.763343][T14530] tipc: Resetting bearer <eth:syzkaller0>
[  276.771838][T14530] tipc: Disabling bearer <eth:syzkaller0>
[  276.778263][T14537] __nla_validate_parse: 6 callbacks suppressed
[  276.778278][T14537] netlink: 48 bytes leftover after parsing attributes in process `syz.6.3542'.
[  276.813092][T14539] loop1: detected capacity change from 0 to 1024
[  276.820711][T14539] EXT4-fs: Ignoring removed orlov option
[  276.826446][T14539] EXT4-fs: dax option not supported
[  276.828926][T14534] netlink: 'syz.6.3542': attribute type 10 has an invalid length.
[  276.843756][T14534] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3542'.
[  276.855304][T14534] tmpfs: Bad value for 'mpol'
[  276.901354][T14543] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3545'.
[  276.910813][T14545] loop2: detected capacity change from 0 to 256
[  276.917854][T14545] msdos: Bad value for 'uid'
[  276.922615][T14545] msdos: Bad value for 'uid'
[  276.946238][T14545] 9pnet_fd: Insufficient options for proto=fd
[  276.954221][T14547] netlink: 'syz.6.3545': attribute type 1 has an invalid length.
[  276.964433][T14547] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  276.986529][T14547] can0: slcan on ttyS3.
[  277.012259][T14555] loop2: detected capacity change from 0 to 256
[  277.019235][T14555] msdos: Bad value for 'uid'
[  277.023903][T14555] msdos: Bad value for 'uid'
[  277.031663][T14555] 9pnet_fd: Insufficient options for proto=fd
[  277.043293][T14555] loop2: detected capacity change from 0 to 512
[  277.044855][T14547] netlink: 'syz.6.3545': attribute type 1 has an invalid length.
[  277.050428][T14555] EXT4-fs: Ignoring removed orlov option
[  277.057591][T14547] netlink: 224 bytes leftover after parsing attributes in process `syz.6.3545'.
[  277.064410][T14555] EXT4-fs: Ignoring removed nomblk_io_submit option
[  277.078764][T14543] can0 (unregistered): slcan off ttyS3.
[  277.080260][T14555] ext4: Unknown parameter 'fsname'
[  277.134027][T14558] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3551'.
[  277.193437][T14560] loop6: detected capacity change from 0 to 8192
[  277.202369][T14563] netlink: 'syz.2.3551': attribute type 1 has an invalid length.
[  277.211102][T14563] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  277.229865][T14563] can0: slcan on ttyS3.
[  277.260042][T14560]  loop6: p1 p2[DM] p4
[  277.264239][T14560] loop6: p1 size 196608 extends beyond EOD, truncated
[  277.271456][T14560] loop6: p2 start 4292936063 is beyond EOD, truncated
[  277.278511][T14560] loop6: p4 size 50331648 extends beyond EOD, truncated
[  277.310976][T14566] syzkaller0: entered promiscuous mode
[  277.316464][T14566] syzkaller0: entered allmulticast mode
[  277.322300][T14563] can0 (unregistered): slcan off ttyS3.
[  277.331814][T14558] can0: slcan on ttyS3.
[  277.338810][T14558] netlink: 'syz.2.3551': attribute type 1 has an invalid length.
[  277.346539][T14558] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3551'.
[  277.401106][T14568] loop6: detected capacity change from 0 to 512
[  277.410412][T14568] ext4 filesystem being mounted at /562/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  277.420717][T14557] can0 (unregistered): slcan off ttyS3.
[  277.463784][T14573] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3556'.
[  277.473820][T14573] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3556'.
[  277.483644][T14573] tmpfs: Bad value for 'mpol'
[  277.507540][T14579] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  277.515733][T14579] syzkaller0: entered promiscuous mode
[  277.521376][T14579] syzkaller0: entered allmulticast mode
[  277.530488][T14579] tipc: Resetting bearer <eth:syzkaller0>
[  277.536901][T14577] tipc: Resetting bearer <eth:syzkaller0>
[  277.543993][T14577] tipc: Disabling bearer <eth:syzkaller0>
[  277.591676][T14583] loop2: detected capacity change from 0 to 256
[  277.598398][T14583] msdos: Bad value for 'uid'
[  277.603017][T14583] msdos: Bad value for 'uid'
[  277.610546][T14583] 9pnet_fd: Insufficient options for proto=fd
[  277.632349][T14585] loop2: detected capacity change from 0 to 512
[  277.639436][T14585] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  277.650195][T14585] EXT4-fs (loop2): 1 truncate cleaned up
[  277.850222][T14589] loop1: detected capacity change from 0 to 512
[  277.869623][T14589] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  277.877802][T14589] EXT4-fs (loop1): orphan cleanup on readonly fs
[  277.891439][T14589] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.3561: corrupted inode contents
[  277.922241][T14589] EXT4-fs (loop1): Remounting filesystem read-only
[  277.939236][T14589] EXT4-fs (loop1): 1 truncate cleaned up
[  277.945058][   T41] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  277.955702][   T41] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  277.967819][   T41] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  278.083042][T14595] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=886 sclass=netlink_route_socket pid=14595 comm=syz.0.3562
[  278.119030][T14598] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3563'.
[  278.175707][T14601] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  278.223201][T14598] can0: slcan on ttyS3.
[  278.282427][T14601] netlink: 224 bytes leftover after parsing attributes in process `syz.5.3563'.
[  278.291562][T14598] can0 (unregistered): slcan off ttyS3.
[  278.483821][T14610] syzkaller0: entered promiscuous mode
[  278.489520][T14610] syzkaller0: entered allmulticast mode
[  278.527207][T14608] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  278.560599][T14608] can0: slcan on ttyS3.
[  278.576821][T14613] loop2: detected capacity change from 0 to 512
[  278.622458][T14613] ext4 filesystem being mounted at /78/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  278.632892][T14608] can0 (unregistered): slcan off ttyS3.
[  278.648294][T14616] loop1: detected capacity change from 0 to 1024
[  278.657866][T14611] can0: slcan on ttyS3.
[  278.682360][T14616] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  278.707599][T14606] can0 (unregistered): slcan off ttyS3.
[  278.743521][   T12] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  278.755998][   T12] EXT4-fs (loop1): This should not happen!! Data will be lost
[  278.755998][   T12] 
[  278.765689][   T12] EXT4-fs (loop1): Total free blocks count 0
[  278.771689][   T12] EXT4-fs (loop1): Free/Dirty block details
[  278.777572][   T12] EXT4-fs (loop1): free_blocks=20480
[  278.782885][   T12] EXT4-fs (loop1): dirty_blocks=64
[  278.787996][   T12] EXT4-fs (loop1): Block reservation details
[  278.793994][   T12] EXT4-fs (loop1): i_reserved_data_blocks=4
[  278.825421][T14625] loop2: detected capacity change from 0 to 256
[  278.832310][T14625] msdos: Bad value for 'uid'
[  278.837015][T14625] msdos: Bad value for 'uid'
[  278.863970][T14625] 9pnet_fd: Insufficient options for proto=fd
[  278.876422][T14625] loop2: detected capacity change from 0 to 512
[  278.883412][T14625] EXT4-fs: Ignoring removed orlov option
[  278.890407][T14625] EXT4-fs: Ignoring removed nomblk_io_submit option
[  278.907331][T14625] ext4: Unknown parameter 'fsname'
[  278.982209][T14637] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  278.990362][T14637] syzkaller0: entered promiscuous mode
[  278.995863][T14637] syzkaller0: entered allmulticast mode
[  279.012807][T14637] tipc: Resetting bearer <eth:syzkaller0>
[  279.020184][T14638] validate_nla: 5 callbacks suppressed
[  279.020199][T14638] netlink: 'syz.2.3576': attribute type 1 has an invalid length.
[  279.038015][T14638] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  279.057143][T14636] tipc: Resetting bearer <eth:syzkaller0>
[  279.072617][T14636] tipc: Disabling bearer <eth:syzkaller0>
[  279.088355][T14633] can0: slcan on ttyS3.
[  279.146172][T14638] netlink: 'syz.2.3576': attribute type 1 has an invalid length.
[  279.168797][T14633] can0 (unregistered): slcan off ttyS3.
[  279.197605][T14643] loop6: detected capacity change from 0 to 512
[  279.204834][T14643] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  279.217010][T14643] EXT4-fs (loop6): 1 truncate cleaned up
[  279.253610][T14649] syzkaller0: entered promiscuous mode
[  279.259203][T14649] syzkaller0: entered allmulticast mode
[  279.282337][T14651] loop6: detected capacity change from 0 to 256
[  279.290760][T14651] msdos: Bad value for 'uid'
[  279.295537][T14651] msdos: Bad value for 'uid'
[  279.303723][T14651] 9pnet_fd: Insufficient options for proto=fd
[  279.329067][T14654] loop6: detected capacity change from 0 to 512
[  279.340845][T14654] ext4 filesystem being mounted at /567/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  279.351500][T14656] loop5: detected capacity change from 0 to 1024
[  279.364698][T14659] loop2: detected capacity change from 0 to 512
[  279.372007][T14656] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  279.393937][T14659] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  279.402818][   T31] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  279.415229][   T31] EXT4-fs (loop5): This should not happen!! Data will be lost
[  279.415229][   T31] 
[  279.415733][T14659] EXT4-fs (loop2): orphan cleanup on readonly fs
[  279.424990][   T31] EXT4-fs (loop5): Total free blocks count 0
[  279.425011][   T31] EXT4-fs (loop5): Free/Dirty block details
[  279.425021][   T31] EXT4-fs (loop5): free_blocks=20480
[  279.425072][   T31] EXT4-fs (loop5): dirty_blocks=64
[  279.425083][   T31] EXT4-fs (loop5): Block reservation details
[  279.434512][T14659] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.3580: corrupted inode contents
[  279.437392][   T31] EXT4-fs (loop5): i_reserved_data_blocks=4
[  279.478467][T14659] EXT4-fs (loop2): Remounting filesystem read-only
[  279.485385][T14659] EXT4-fs (loop2): 1 truncate cleaned up
[  279.491348][   T41] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  279.502017][   T41] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  279.512832][   T41] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  279.520527][T14669] loop6: detected capacity change from 0 to 256
[  279.530309][T14669] msdos: Bad value for 'uid'
[  279.534970][T14669] msdos: Bad value for 'uid'
[  279.542945][T14669] 9pnet_fd: Insufficient options for proto=fd
[  279.553869][T14669] loop6: detected capacity change from 0 to 512
[  279.561086][T14669] EXT4-fs: Ignoring removed orlov option
[  279.566781][T14669] EXT4-fs: Ignoring removed nomblk_io_submit option
[  279.573544][T14669] ext4: Unknown parameter 'fsname'
[  279.606461][T14675] loop6: detected capacity change from 0 to 1024
[  279.639920][T14675] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  279.753512][T14684] netlink: 'syz.6.3591': attribute type 1 has an invalid length.
[  279.762804][T14684] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  279.768554][T14686] loop5: detected capacity change from 0 to 256
[  279.782092][T14679] can0: slcan on ttyS3.
[  279.790727][T14686] msdos: Bad value for 'uid'
[  279.795362][T14686] msdos: Bad value for 'uid'
[  279.805184][T14686] 9pnet_fd: Insufficient options for proto=fd
[  279.807562][T14690] syzkaller0: entered promiscuous mode
[  279.816793][T14690] syzkaller0: entered allmulticast mode
[  279.841085][T14679] can0 (unregistered): slcan off ttyS3.
[  279.846939][T14684] netlink: 'syz.6.3591': attribute type 1 has an invalid length.
[  279.874440][T14692] loop5: detected capacity change from 0 to 8192
[  279.910236][T14694] netlink: 'syz.0.3597': attribute type 10 has an invalid length.
[  279.920623][T14694] tmpfs: Bad value for 'mpol'
[  279.929965][T14692]  loop5: p1 p2[DM] p4
[  279.934371][T14692] loop5: p1 size 196608 extends beyond EOD, truncated
[  279.943759][T14692] loop5: p2 start 4292936063 is beyond EOD, truncated
[  279.950647][T14692] loop5: p4 size 50331648 extends beyond EOD, truncated
[  280.121274][T14711] loop6: detected capacity change from 0 to 512
[  280.151248][T14711] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  280.159867][T14714] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=886 sclass=netlink_route_socket pid=14714 comm=syz.0.3602
[  280.166339][T14711] EXT4-fs (loop6): orphan cleanup on readonly fs
[  280.196762][T14711] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.3604: corrupted inode contents
[  280.218847][T14711] EXT4-fs (loop6): Remounting filesystem read-only
[  280.223801][T14721] loop2: detected capacity change from 0 to 256
[  280.225444][T14711] EXT4-fs (loop6): 1 truncate cleaned up
[  280.232261][T14721] msdos: Bad value for 'uid'
[  280.242078][T14721] msdos: Bad value for 'uid'
[  280.253626][ T9781] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  280.264252][ T9781] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  280.286730][T14721] 9pnet_fd: Insufficient options for proto=fd
[  280.302637][ T9781] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  280.465198][T14731] netlink: 'syz.0.3609': attribute type 1 has an invalid length.
[  280.474249][T14731] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  280.491969][T14731] can0: slcan on ttyS3.
[  280.528798][T14731] can0 (unregistered): slcan off ttyS3.
[  280.535814][T14731] netlink: 'syz.0.3609': attribute type 1 has an invalid length.
[  280.536592][T14741] can0: slcan on ttyS3.
[  280.602785][T14741] netlink: 'syz.2.3612': attribute type 1 has an invalid length.
[  280.611881][T14741] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  280.628260][T14745] loop1: detected capacity change from 0 to 8192
[  280.635349][T14747] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  280.642996][T14747] syzkaller0: entered promiscuous mode
[  280.648501][T14747] syzkaller0: entered allmulticast mode
[  280.657232][T14747] tipc: Resetting bearer <eth:syzkaller0>
[  280.663398][T14745]  loop1: p1 p2[DM] p4
[  280.667532][T14745] loop1: p1 size 196608 extends beyond EOD, 
[  280.667561][T14746] tipc: Resetting bearer <eth:syzkaller0>
[  280.668783][T14741] can0 (unregistered): slcan off ttyS3.
[  280.673575][T14745] truncated
[  280.677985][T14745] loop1: p2 start 4292936063 is beyond EOD, truncated
[  280.695093][T14745] loop1: p4 size 50331648 extends beyond EOD, truncated
[  280.702604][T14746] tipc: Disabling bearer <eth:syzkaller0>
[  280.712344][T14741] can0: slcan on ttyS3.
[  280.718802][T14741] netlink: 'syz.2.3612': attribute type 1 has an invalid length.
[  280.798741][T14740] can0 (unregistered): slcan off ttyS3.
[  280.864012][T14749] loop1: detected capacity change from 0 to 512
[  280.870169][T14760] loop2: detected capacity change from 0 to 512
[  280.889655][T14760] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  280.909089][T14762] syzkaller0: entered promiscuous mode
[  280.914615][T14762] syzkaller0: entered allmulticast mode
[  280.922587][T14760] EXT4-fs (loop2): 1 truncate cleaned up
[  280.929059][T14749] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  280.951650][T14749] EXT4-fs (loop1): orphan cleanup on readonly fs
[  280.966487][T14749] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.3616: corrupted inode contents
[  280.988519][T14749] EXT4-fs (loop1): Remounting filesystem read-only
[  281.005407][T14749] EXT4-fs (loop1): 1 truncate cleaned up
[  281.011944][ T1083] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  281.022656][ T1083] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  281.036285][ T1083] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  281.107995][T14774] netlink: 'syz.2.3624': attribute type 1 has an invalid length.
[  281.135624][T14774] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  281.162390][T14774] can0: slcan on ttyS3.
[  281.219815][T14774] can0 (unregistered): slcan off ttyS3.
[  281.345167][T14780] loop2: detected capacity change from 0 to 8192
[  281.389426][T14780]  loop2: p1 p2[DM] p4
[  281.394216][T14780] loop2: p1 size 196608 extends beyond EOD, truncated
[  281.408996][T14780] loop2: p2 start 4292936063 is beyond EOD, truncated
[  281.415814][T14780] loop2: p4 size 50331648 extends beyond EOD, truncated
[  281.461608][T14782] loop5: detected capacity change from 0 to 512
[  281.501586][T14782] ext4 filesystem being mounted at /537/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  281.526072][T14784] loop2: detected capacity change from 0 to 1024
[  281.569412][T14784] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  281.679826][T14795] loop1: detected capacity change from 0 to 512
[  281.688752][T14795] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  281.708154][T14795] EXT4-fs (loop1): 1 truncate cleaned up
[  281.708266][T14800] syzkaller0: entered promiscuous mode
[  281.719455][T14800] syzkaller0: entered allmulticast mode
[  281.748523][T14803] loop1: detected capacity change from 0 to 1024
[  281.756247][T14803] EXT4-fs: Ignoring removed orlov option
[  281.756992][T14797] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  281.761948][T14803] EXT4-fs: dax option not supported
[  281.790038][T14797] can0: slcan on ttyS3.
[  281.805176][   T29] kauditd_printk_skb: 825 callbacks suppressed
[  281.805191][   T29] audit: type=1326 audit(1756466646.633:13807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14805 comm="syz.1.3635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac358cebe9 code=0x7ffc0000
[  281.837393][T14806] loop1: detected capacity change from 0 to 256
[  281.846319][T14806] msdos: Bad value for 'uid'
[  281.846802][   T29] audit: type=1326 audit(1756466646.643:13808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14807 comm="syz.0.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f417ac3ebe9 code=0x7ffc0000
[  281.850950][T14806] msdos: Bad value for 'uid'
[  281.879275][   T29] audit: type=1326 audit(1756466646.643:13809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14807 comm="syz.0.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f417ac3ebe9 code=0x7ffc0000
[  281.902867][   T29] audit: type=1326 audit(1756466646.643:13810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14807 comm="syz.0.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f417ac3ec23 code=0x7ffc0000
[  281.903575][T14813] __nla_validate_parse: 15 callbacks suppressed
[  281.903589][T14813] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3631'.
[  281.926340][   T29] audit: type=1326 audit(1756466646.643:13811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14807 comm="syz.0.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f417ac3d69f code=0x7ffc0000
[  281.953471][T14814] 9pnet_fd: Insufficient options for proto=fd
[  281.965058][   T29] audit: type=1326 audit(1756466646.643:13812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14807 comm="syz.0.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f417ac3ec77 code=0x7ffc0000
[  281.994638][   T29] audit: type=1326 audit(1756466646.643:13813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14807 comm="syz.0.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f417ac3d550 code=0x7ffc0000
[  282.018364][   T29] audit: type=1326 audit(1756466646.643:13814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14807 comm="syz.0.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f417ac3d84a code=0x7ffc0000
[  282.042008][T14797] can0 (unregistered): slcan off ttyS3.
[  282.044204][T14804] can0: slcan on ttyS3.
[  282.047603][   T29] audit: type=1326 audit(1756466646.643:13815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14807 comm="syz.0.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f417ac3ebe9 code=0x7ffc0000
[  282.047634][   T29] audit: type=1326 audit(1756466646.643:13816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14807 comm="syz.0.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7f417ac3ebe9 code=0x7ffc0000
[  282.121095][T14816] loop6: detected capacity change from 0 to 1024
[  282.123461][T14818] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  282.129043][T14796] can0 (unregistered): slcan off ttyS3.
[  282.135532][T14818] syzkaller0: entered promiscuous mode
[  282.145128][T14818] syzkaller0: entered allmulticast mode
[  282.154380][T14816] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  282.156137][T14818] tipc: Resetting bearer <eth:syzkaller0>
[  282.179523][T14817] tipc: Resetting bearer <eth:syzkaller0>
[  282.186590][   T41] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  282.187030][T14817] tipc: Disabling bearer <eth:syzkaller0>
[  282.198923][   T41] EXT4-fs (loop6): This should not happen!! Data will be lost
[  282.198923][   T41] 
[  282.198942][   T41] EXT4-fs (loop6): Total free blocks count 0
[  282.198958][   T41] EXT4-fs (loop6): Free/Dirty block details
[  282.226477][   T41] EXT4-fs (loop6): free_blocks=20480
[  282.231753][   T41] EXT4-fs (loop6): dirty_blocks=64
[  282.236843][   T41] EXT4-fs (loop6): Block reservation details
[  282.242842][   T41] EXT4-fs (loop6): i_reserved_data_blocks=4
[  282.326666][T14826] loop2: detected capacity change from 0 to 1024
[  282.360279][T14826] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  282.403055][T14834] loop2: detected capacity change from 0 to 1024
[  282.410372][T14834] EXT4-fs: Ignoring removed orlov option
[  282.412978][T14837] syzkaller0: entered promiscuous mode
[  282.418945][T14834] EXT4-fs: dax option not supported
[  282.421822][T14837] syzkaller0: entered allmulticast mode
[  282.446554][T14835] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3644'.
[  282.460186][T14835] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3644'.
[  282.473168][T14841] loop2: detected capacity change from 0 to 256
[  282.480041][T14835] tmpfs: Bad value for 'mpol'
[  282.485377][T14841] msdos: Bad value for 'uid'
[  282.490066][T14841] msdos: Bad value for 'uid'
[  282.498528][T14841] 9pnet_fd: Insufficient options for proto=fd
[  282.510740][T14841] loop2: detected capacity change from 0 to 512
[  282.518339][T14841] EXT4-fs: Ignoring removed orlov option
[  282.525184][T14841] EXT4-fs: Ignoring removed nomblk_io_submit option
[  282.531952][T14841] ext4: Unknown parameter 'fsname'
[  282.544145][T14847] loop5: detected capacity change from 0 to 1024
[  282.572237][T14847] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  282.587136][T14849] loop1: detected capacity change from 0 to 8192
[  282.600717][T14853] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3652'.
[  282.610047][   T31] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  282.622432][   T31] EXT4-fs (loop5): This should not happen!! Data will be lost
[  282.622432][   T31] 
[  282.629608][T14849]  loop1: p1 p2[DM] p4
[  282.632179][   T31] EXT4-fs (loop5): Total free blocks count 0
[  282.636551][T14849] loop1: p1 size 196608 extends beyond EOD, truncated
[  282.642274][   T31] EXT4-fs (loop5): Free/Dirty block details
[  282.651579][T14849] loop1: p2 start 4292936063 is beyond EOD, 
[  282.654887][   T31] EXT4-fs (loop5): free_blocks=20480
[  282.654908][   T31] EXT4-fs (loop5): dirty_blocks=64
[  282.660915][T14849] truncated
[  282.666245][   T31] EXT4-fs (loop5): Block reservation details
[  282.671399][T14849] loop1: p4 size 50331648 extends beyond EOD, 
[  282.674488][   T31] EXT4-fs (loop5): i_reserved_data_blocks=4
[  282.680496][T14849] truncated
[  282.702351][T14855] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  282.720995][T14855] can0: slcan on ttyS3.
[  282.878861][T14853] can0 (unregistered): slcan off ttyS3.
[  282.887269][T14855] can0: slcan on ttyS3.
[  282.893975][T14853] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3652'.
[  282.904096][T14873] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3660'.
[  282.916633][T14862] loop1: detected capacity change from 0 to 512
[  282.920897][T14873] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3660'.
[  282.933024][T14873] tmpfs: Bad value for 'mpol'
[  282.950405][T14862] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  282.958446][T14862] EXT4-fs (loop1): orphan cleanup on readonly fs
[  282.965212][T14852] can0 (unregistered): slcan off ttyS3.
[  282.973377][T14862] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.3656: corrupted inode contents
[  282.988376][T14862] EXT4-fs (loop1): Remounting filesystem read-only
[  282.989146][T14882] syzkaller0: entered promiscuous mode
[  282.995165][T14862] EXT4-fs (loop1): 1 truncate cleaned up
[  283.000419][T14882] syzkaller0: entered allmulticast mode
[  283.010733][ T1083] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  283.022130][ T1083] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  283.032770][ T1083] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  283.062408][T14884] loop2: detected capacity change from 0 to 256
[  283.070147][T14884] msdos: Bad value for 'uid'
[  283.074774][T14884] msdos: Bad value for 'uid'
[  283.092040][T14884] 9pnet_fd: Insufficient options for proto=fd
[  283.103376][T14884] loop2: detected capacity change from 0 to 512
[  283.110522][T14884] EXT4-fs: Ignoring removed orlov option
[  283.116361][T14884] EXT4-fs: Ignoring removed nomblk_io_submit option
[  283.123116][T14884] ext4: Unknown parameter 'fsname'
[  283.145999][T14890] loop2: detected capacity change from 0 to 1024
[  283.161042][T14890] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  283.186120][ T3436] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  283.198447][ T3436] EXT4-fs (loop2): This should not happen!! Data will be lost
[  283.198447][ T3436] 
[  283.208126][ T3436] EXT4-fs (loop2): Total free blocks count 0
[  283.214198][ T3436] EXT4-fs (loop2): Free/Dirty block details
[  283.220087][ T3436] EXT4-fs (loop2): free_blocks=20480
[  283.225460][ T3436] EXT4-fs (loop2): dirty_blocks=64
[  283.230666][ T3436] EXT4-fs (loop2): Block reservation details
[  283.236616][ T3436] EXT4-fs (loop2): i_reserved_data_blocks=4
[  283.273679][T14894] loop2: detected capacity change from 0 to 8192
[  283.318980][T14894]  loop2: p1 p2[DM] p4
[  283.323096][T14894] loop2: p1 size 196608 extends beyond EOD, truncated
[  283.330407][T14894] loop2: p2 start 4292936063 is beyond EOD, truncated
[  283.337166][T14894] loop2: p4 size 50331648 extends beyond EOD, truncated
[  283.369011][T14896] loop6: detected capacity change from 0 to 512
[  283.376608][T14896] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  283.400294][T14896] EXT4-fs (loop6): 1 truncate cleaned up
[  283.586889][T14909] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3672'.
[  283.598516][T14909] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3672'.
[  283.607936][T14909] tmpfs: Bad value for 'mpol'
[  283.681040][T14915] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3674'.
[  283.733238][T14918] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  283.811862][T14918] can0: slcan on ttyS3.
[  283.898983][T14915] can0 (unregistered): slcan off ttyS3.
[  283.908152][T14925] can0: slcan on ttyS3.
[  283.932666][T14921] loop2: detected capacity change from 0 to 512
[  283.949694][T14925] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  284.021643][T14921] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  284.041315][T14921] EXT4-fs (loop2): orphan cleanup on readonly fs
[  284.152359][T14925] can0 (unregistered): slcan off ttyS3.
[  284.849163][T14921] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.3676: corrupted inode contents
[  284.887386][T14921] EXT4-fs (loop2): Remounting filesystem read-only
[  284.894298][T14921] EXT4-fs (loop2): 1 truncate cleaned up
[  284.900404][ T1083] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  284.911077][ T1083] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  284.924351][T14946] loop5: detected capacity change from 0 to 512
[  284.931948][ T1083] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  285.048100][T14946] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  285.071411][T14946] EXT4-fs (loop5): orphan cleanup on readonly fs
[  285.101656][T14946] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.3684: corrupted inode contents
[  285.141826][T14946] EXT4-fs (loop5): Remounting filesystem read-only
[  285.164146][T14946] EXT4-fs (loop5): 1 truncate cleaned up
[  285.170218][   T41] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  285.180804][   T41] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  285.234004][   T41] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  285.515801][T14971] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  285.524040][T14971] tipc: Resetting bearer <eth:syzkaller0>
[  285.531342][T14970] tipc: Disabling bearer <eth:syzkaller0>
[  285.549499][T14972] validate_nla: 12 callbacks suppressed
[  285.549515][T14972] netlink: 'syz.0.3691': attribute type 1 has an invalid length.
[  285.564009][T14972] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  285.582221][T14969] can0: slcan on ttyS3.
[  285.584896][T14974] loop1: detected capacity change from 0 to 256
[  285.605190][T14974] msdos: Bad value for 'uid'
[  285.609918][T14974] msdos: Bad value for 'uid'
[  285.622686][T14974] 9pnet_fd: Insufficient options for proto=fd
[  285.622836][T14977] loop5: detected capacity change from 0 to 1024
[  285.635814][T14969] can0 (unregistered): slcan off ttyS3.
[  285.645141][T14972] can0: slcan on ttyS3.
[  285.653040][T14969] netlink: 'syz.0.3691': attribute type 1 has an invalid length.
[  285.665902][T14977] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  285.686458][T14980] loop1: detected capacity change from 0 to 8192
[  285.698862][T14968] can0 (unregistered): slcan off ttyS3.
[  285.698957][   T41] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  285.698988][   T41] EXT4-fs (loop5): This should not happen!! Data will be lost
[  285.698988][   T41] 
[  285.699003][   T41] EXT4-fs (loop5): Total free blocks count 0
[  285.699018][   T41] EXT4-fs (loop5): Free/Dirty block details
[  285.738518][   T41] EXT4-fs (loop5): free_blocks=20480
[  285.743964][   T41] EXT4-fs (loop5): dirty_blocks=64
[  285.749225][   T41] EXT4-fs (loop5): Block reservation details
[  285.755397][   T41] EXT4-fs (loop5): i_reserved_data_blocks=4
[  285.779887][T14980]  loop1: p1 p2[DM] p4
[  285.784026][T14980] loop1: p1 size 196608 extends beyond EOD, truncated
[  285.786665][T14986] netlink: 'syz.5.3697': attribute type 10 has an invalid length.
[  285.802529][T14986] tmpfs: Bad value for 'mpol'
[  285.807898][T14980] loop1: p2 start 4292936063 is beyond EOD, truncated
[  285.814822][T14980] loop1: p4 size 50331648 extends beyond EOD, truncated
[  285.878427][T14996] loop1: detected capacity change from 0 to 512
[  285.885725][T14996] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  285.899724][T14998] netlink: 'syz.0.3698': attribute type 1 has an invalid length.
[  285.918727][T14998] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  285.947054][T14990] can0: slcan on ttyS3.
[  285.958292][T14996] EXT4-fs (loop1): 1 truncate cleaned up
[  286.003310][T14998] netlink: 'syz.0.3698': attribute type 1 has an invalid length.
[  286.029853][T14990] can0 (unregistered): slcan off ttyS3.
[  286.405778][T15017] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  286.412923][T15017] syzkaller0: entered promiscuous mode
[  286.418424][T15017] syzkaller0: entered allmulticast mode
[  286.427514][T15016] tipc: Resetting bearer <eth:syzkaller0>
[  286.435558][T15016] tipc: Disabling bearer <eth:syzkaller0>
[  286.446858][T15012] loop5: detected capacity change from 0 to 512
[  286.461081][T15012] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  286.478292][T15012] EXT4-fs (loop5): orphan cleanup on readonly fs
[  286.486369][T15012] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.3705: corrupted inode contents
[  286.501541][T15012] EXT4-fs (loop5): Remounting filesystem read-only
[  286.508216][T15012] EXT4-fs (loop5): 1 truncate cleaned up
[  286.514161][   T31] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  286.524824][   T31] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  286.544258][   T31] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  286.593270][T15021] netlink: 'syz.6.3708': attribute type 1 has an invalid length.
[  286.605148][T15021] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  286.621862][T15025] netlink: 'syz.0.3710': attribute type 10 has an invalid length.
[  286.623364][T15021] can0: slcan on ttyS3.
[  286.641973][T15025] tmpfs: Bad value for 'mpol'
[  286.688959][T15021] can0 (unregistered): slcan off ttyS3.
[  286.698568][T15021] can0: slcan on ttyS3.
[  286.720329][T15021] netlink: 'syz.6.3708': attribute type 1 has an invalid length.
[  286.747936][T15029] loop2: detected capacity change from 0 to 8192
[  286.778926][T15020] can0 (unregistered): slcan off ttyS3.
[  286.784859][T15029]  loop2: p1 p2[DM] p4
[  286.789187][T15029] loop2: p1 size 196608 extends beyond EOD, truncated
[  286.796555][T15029] loop2: p2 start 4292936063 is beyond EOD, truncated
[  286.803528][T15029] loop2: p4 size 50331648 extends beyond EOD, truncated
[  286.811415][   T29] kauditd_printk_skb: 503 callbacks suppressed
[  286.811432][   T29] audit: type=1326 audit(1756466651.653:14296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15028 comm="syz.2.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f2d6d66d3fa code=0x7ffc0000
[  286.844890][   T29] audit: type=1326 audit(1756466651.653:14297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15028 comm="syz.2.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7f2d6d66e167 code=0x7ffc0000
[  286.868597][   T29] audit: type=1326 audit(1756466651.653:14298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15028 comm="syz.2.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f2d6d66d3fa code=0x7ffc0000
[  286.892294][   T29] audit: type=1326 audit(1756466651.653:14299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15028 comm="syz.2.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f2d6d66d3fa code=0x7ffc0000
[  286.916096][   T29] audit: type=1326 audit(1756466651.653:14300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15028 comm="syz.2.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f2d6d66d3fa code=0x7ffc0000
[  286.940065][   T29] audit: type=1326 audit(1756466651.653:14301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15028 comm="syz.2.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7f2d6d66e167 code=0x7ffc0000
[  286.947856][T15041] __nla_validate_parse: 12 callbacks suppressed
[  286.947909][T15041] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3715'.
[  286.963846][   T29] audit: type=1326 audit(1756466651.653:14302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15028 comm="syz.2.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f2d6d66d3fa code=0x7ffc0000
[  287.003014][   T29] audit: type=1326 audit(1756466651.653:14303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15028 comm="syz.2.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f2d6d66d3fa code=0x7ffc0000
[  287.026633][   T29] audit: type=1326 audit(1756466651.653:14304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15028 comm="syz.2.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f2d6d66d3fa code=0x7ffc0000
[  287.037148][T15044] loop1: detected capacity change from 0 to 256
[  287.050406][   T29] audit: type=1326 audit(1756466651.653:14305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15028 comm="syz.2.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f2d6d66d84a code=0x7ffc0000
[  287.084394][T15044] msdos: Bad value for 'uid'
[  287.088428][T15047] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  287.089071][T15044] msdos: Bad value for 'uid'
[  287.092145][T15044] 9pnet_fd: Insufficient options for proto=fd
[  287.096580][T15047] syzkaller0: entered promiscuous mode
[  287.106189][T15044] loop1: detected capacity change from 0 to 512
[  287.106497][T15047] syzkaller0: entered allmulticast mode
[  287.112508][T15044] EXT4-fs: Ignoring removed orlov option
[  287.122860][T15048] netlink: 'syz.2.3715': attribute type 1 has an invalid length.
[  287.124173][T15044] EXT4-fs: Ignoring removed nomblk_io_submit option
[  287.130360][T15048] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  287.137213][T15044] ext4: Unknown parameter 'fsname'
[  287.155208][T15041] can0: slcan on ttyS3.
[  287.177975][T15046] tipc: Resetting bearer <eth:syzkaller0>
[  287.191792][T15046] tipc: Disabling bearer <eth:syzkaller0>
[  287.201496][T15053] loop5: detected capacity change from 0 to 1024
[  287.209238][T15041] can0 (unregistered): slcan off ttyS3.
[  287.217840][T15041] netlink: 'syz.2.3715': attribute type 1 has an invalid length.
[  287.219875][T15055] loop1: detected capacity change from 0 to 512
[  287.225643][T15041] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3715'.
[  287.243354][T15055] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  287.247185][T15053] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  287.256026][T15055] EXT4-fs (loop1): 1 truncate cleaned up
[  287.333850][T15061] loop2: detected capacity change from 0 to 512
[  287.361695][T15061] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  287.403311][T15063] loop5: detected capacity change from 0 to 8192
[  287.411090][T15061] EXT4-fs (loop2): 1 truncate cleaned up
[  287.459156][T15063]  loop5: p1 p2[DM] p4
[  287.463307][T15063] loop5: p1 size 196608 extends beyond EOD, truncated
[  287.473025][T15063] loop5: p2 start 4292936063 is beyond EOD, truncated
[  287.479870][T15063] loop5: p4 size 50331648 extends beyond EOD, truncated
[  287.496212][ T1083] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.585647][ T1083] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.634484][ T1083] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.684333][ T1083] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.721800][T15064] chnl_net:caif_netlink_parms(): no params data found
[  287.787834][T15064] bridge0: port 1(bridge_slave_0) entered blocking state
[  287.794974][T15064] bridge0: port 1(bridge_slave_0) entered disabled state
[  287.817629][T15093] loop5: detected capacity change from 0 to 256
[  287.824189][T15064] bridge_slave_0: entered allmulticast mode
[  287.830897][T15093] msdos: Bad value for 'uid'
[  287.835563][T15093] msdos: Bad value for 'uid'
[  287.841191][T15064] bridge_slave_0: entered promiscuous mode
[  287.851880][T15093] 9pnet_fd: Insufficient options for proto=fd
[  287.852139][T15064] bridge0: port 2(bridge_slave_1) entered blocking state
[  287.865071][T15064] bridge0: port 2(bridge_slave_1) entered disabled state
[  287.865240][T15093] loop5: detected capacity change from 0 to 512
[  287.872305][T15064] bridge_slave_1: entered allmulticast mode
[  287.886357][T15093] EXT4-fs: Ignoring removed orlov option
[  287.892200][T15093] EXT4-fs: Ignoring removed nomblk_io_submit option
[  287.900991][T15093] ext4: Unknown parameter 'fsname'
[  287.901462][T15064] bridge_slave_1: entered promiscuous mode
[  288.031836][ T1083] $Hÿ (unregistering): (slave bond_slave_0): Releasing backup interface
[  288.041118][ T1083] bond_slave_0: left promiscuous mode
[  288.057514][T15097] loop5: detected capacity change from 0 to 512
[  288.058165][ T1083] $Hÿ (unregistering): (slave bond_slave_1): Releasing backup interface
[  288.075165][ T1083] bond_slave_1: left promiscuous mode
[  288.082820][ T1083] $Hÿ (unregistering): Released all slaves
[  288.090099][T15097] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  288.098324][T15097] EXT4-fs (loop5): orphan cleanup on readonly fs
[  288.107570][ T1083] bond0 (unregistering): Released all slaves
[  288.115273][T15097] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.3732: corrupted inode contents
[  288.128136][T15097] EXT4-fs (loop5): Remounting filesystem read-only
[  288.131775][ T1083] bond1 (unregistering): Released all slaves
[  288.147364][T15097] EXT4-fs (loop5): 1 truncate cleaned up
[  288.153272][   T41] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  288.164041][   T41] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  288.185096][T15064] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  288.198015][T15101] loop1: detected capacity change from 0 to 256
[  288.205344][T15101] msdos: Bad value for 'uid'
[  288.210008][T15101] msdos: Bad value for 'uid'
[  288.210515][   T41] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  288.217954][T15101] 9pnet_fd: Insufficient options for proto=fd
[  288.233455][T15064] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  288.250360][ T1083] tipc: Left network mode
[  288.264628][T15064] team0: Port device team_slave_0 added
[  288.272033][ T1083] hsr_slave_0: left promiscuous mode
[  288.280576][ T1083] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  288.285605][T15103] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3734'.
[  288.288031][ T1083] batman_adv: batadv0: Removing interface: batadv_slave_0
[  288.304482][ T1083] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  288.311921][ T1083] batman_adv: batadv0: Removing interface: batadv_slave_1
[  288.322731][ T1083] veth1_macvtap: left promiscuous mode
[  288.328215][ T1083] veth0_macvtap: left promiscuous mode
[  288.333781][ T1083] veth1_vlan: left promiscuous mode
[  288.339038][ T1083] veth0_vlan: left promiscuous mode
[  288.383497][ T1083] team0 (unregistering): Port device team_slave_1 removed
[  288.393640][ T1083] team0 (unregistering): Port device C removed
[  288.436102][T15064] team0: Port device team_slave_1 added
[  288.481355][T15107] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  288.500255][T15109] can0: slcan on ttyS3.
[  288.506314][T15108] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  288.514599][T15107] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3734'.
[  288.527064][T15113] syzkaller0: entered promiscuous mode
[  288.532615][T15113] syzkaller0: entered allmulticast mode
[  288.540852][T15064] batman_adv: batadv0: Adding interface: batadv_slave_0
[  288.547920][T15064] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  288.573950][T15064] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  288.585436][T15112] can0 (unregistered): slcan off ttyS3.
[  288.593452][T15064] batman_adv: batadv0: Adding interface: batadv_slave_1
[  288.600519][T15064] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  288.626425][T15064] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  288.637232][T15104] tipc: Resetting bearer <eth:syzkaller0>
[  288.644751][T15104] tipc: Disabling bearer <eth:syzkaller0>
[  288.671859][T15064] hsr_slave_0: entered promiscuous mode
[  288.678257][T15064] hsr_slave_1: entered promiscuous mode
[  288.711149][T15118] loop2: detected capacity change from 0 to 8192
[  288.753724][T15118]  loop2: p1 p2[DM] p4
[  288.757970][T15118] loop2: p1 size 196608 extends beyond EOD, truncated
[  288.765697][T15118] loop2: p2 start 4292936063 is beyond EOD, truncated
[  288.772553][T15118] loop2: p4 size 50331648 extends beyond EOD, truncated
[  288.882562][T15128] loop5: detected capacity change from 0 to 256
[  288.890235][T15128] msdos: Bad value for 'uid'
[  288.894838][T15128] msdos: Bad value for 'uid'
[  288.902780][T15128] 9pnet_fd: Insufficient options for proto=fd
[  288.915443][T15128] loop5: detected capacity change from 0 to 512
[  288.925848][ T1083] IPVS: stop unused estimator thread 0...
[  288.933121][T15128] EXT4-fs: Ignoring removed orlov option
[  288.939111][T15128] EXT4-fs: Ignoring removed nomblk_io_submit option
[  288.949697][T15128] ext4: Unknown parameter 'fsname'
[  288.972783][T15130] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3742'.
[  288.982167][T15130] tmpfs: Bad value for 'mpol'
[  288.987094][T15134] loop5: detected capacity change from 0 to 512
[  288.994687][T15134] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  289.006343][T15134] EXT4-fs (loop5): 1 truncate cleaned up
[  289.015374][T15137] loop2: detected capacity change from 0 to 256
[  289.022603][T15137] msdos: Bad value for 'uid'
[  289.027260][T15137] msdos: Bad value for 'uid'
[  289.035610][T15137] 9pnet_fd: Insufficient options for proto=fd
[  289.065606][T15139] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  289.075135][T15139] syzkaller0: entered promiscuous mode
[  289.080788][T15139] syzkaller0: entered allmulticast mode
[  289.093749][T15139] tipc: Resetting bearer <eth:syzkaller0>
[  289.100308][T15138] tipc: Resetting bearer <eth:syzkaller0>
[  289.107784][T15138] tipc: Disabling bearer <eth:syzkaller0>
[  289.133559][T15064] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  289.142804][T15064] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  289.151901][T15064] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  289.161326][T15064] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  289.184010][T15147] loop2: detected capacity change from 0 to 1024
[  289.191459][T15147] EXT4-fs: Ignoring removed orlov option
[  289.197382][T15147] EXT4-fs: dax option not supported
[  289.209022][T15064] 8021q: adding VLAN 0 to HW filter on device bond0
[  289.238314][T15151] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3747'.
[  289.258174][T15064] 8021q: adding VLAN 0 to HW filter on device team0
[  289.301307][ T3436] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.308469][ T3436] bridge0: port 1(bridge_slave_0) entered forwarding state
[  289.317382][ T3436] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.324515][ T3436] bridge0: port 2(bridge_slave_1) entered forwarding state
[  289.335055][T15153] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  289.367534][T15155] can0: slcan on ttyS3.
[  289.377905][T15154] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  289.389689][T15154] syzkaller0: entered promiscuous mode
[  289.395224][T15154] syzkaller0: entered allmulticast mode
[  289.411276][T15154] tipc: Resetting bearer <eth:syzkaller0>
[  289.417992][T15152] tipc: Resetting bearer <eth:syzkaller0>
[  289.424110][T15151] can0 (unregistered): slcan off ttyS3.
[  289.431959][T15152] tipc: Disabling bearer <eth:syzkaller0>
[  289.432445][T15151] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3747'.
[  289.475090][T15064] 8021q: adding VLAN 0 to HW filter on device batadv0
[  289.631296][T15163] loop2: detected capacity change from 0 to 512
[  289.660205][T15163] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  289.668386][T15163] EXT4-fs (loop2): orphan cleanup on readonly fs
[  289.691436][T15163] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.3749: corrupted inode contents
[  289.720212][T15163] EXT4-fs (loop2): Remounting filesystem read-only
[  289.727021][T15163] EXT4-fs (loop2): 1 truncate cleaned up
[  289.732930][   T31] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  289.743603][   T31] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  289.754617][   T31] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  289.773353][T15064] veth0_vlan: entered promiscuous mode
[  289.787782][T15064] veth1_vlan: entered promiscuous mode
[  289.805168][T15064] veth0_macvtap: entered promiscuous mode
[  289.818278][T15064] veth1_macvtap: entered promiscuous mode
[  289.832986][T15064] batman_adv: batadv0: Interface activated: batadv_slave_0
[  289.845795][T15064] batman_adv: batadv0: Interface activated: batadv_slave_1
[  289.859445][ T3436] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  289.868327][ T3436] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  289.885765][ T3436] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  289.898064][ T3436] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  289.912352][T15191] loop1: detected capacity change from 0 to 1024
[  289.926083][T15194] loop5: detected capacity change from 0 to 256
[  289.930169][T15191] EXT4-fs: Ignoring removed orlov option
[  289.933461][T15194] msdos: Bad value for 'uid'
[  289.939030][T15191] EXT4-fs: dax option not supported
[  289.942668][T15194] msdos: Bad value for 'uid'
[  289.963149][T15194] 9pnet_fd: Insufficient options for proto=fd
[  289.973189][T15196] loop6: detected capacity change from 0 to 512
[  289.995599][T15200] loop5: detected capacity change from 0 to 1024
[  290.005193][T15196] ext4 filesystem being mounted at /0/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  290.032164][T15200] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  290.087829][T15207] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3759'.
[  290.130049][T15207] C: renamed from team_slave_0 (while UP)
[  290.137731][T15207] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  290.156269][T15207] can0: slcan on ttyS3.
[  290.208810][T15207] can0 (unregistered): slcan off ttyS3.
[  290.212598][T15211] netlink: 224 bytes leftover after parsing attributes in process `syz.6.3759'.
[  290.366815][T15217] loop2: detected capacity change from 0 to 512
[  290.378165][T15217] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  290.389958][T15217] EXT4-fs (loop2): 1 truncate cleaned up
[  290.922955][T15224] loop1: detected capacity change from 0 to 512
[  290.948791][T15226] loop5: detected capacity change from 0 to 256
[  290.953172][T15224] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  290.955803][T15226] msdos: Bad value for 'uid'
[  290.969814][T15226] msdos: Bad value for 'uid'
[  290.984015][T15226] 9pnet_fd: Insufficient options for proto=fd
[  290.995533][T15226] loop5: detected capacity change from 0 to 512
[  291.003865][T15226] EXT4-fs: Ignoring removed orlov option
[  291.009788][T15226] EXT4-fs: Ignoring removed nomblk_io_submit option
[  291.013421][T15224] EXT4-fs (loop1): 1 truncate cleaned up
[  291.016675][T15226] ext4: Unknown parameter 'fsname'
[  291.190263][T15233] loop6: detected capacity change from 0 to 1024
[  291.209177][T15233] EXT4-fs: Ignoring removed orlov option
[  291.219368][T15233] EXT4-fs: dax option not supported
[  291.268270][T13351] EXT4-fs unmount: 73 callbacks suppressed
[  291.268290][T13351] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.307602][T15239] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3772'.
[  291.316935][T15237] loop6: detected capacity change from 0 to 1024
[  291.335997][T15237] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  291.358204][T15237] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  291.374197][T15244] validate_nla: 7 callbacks suppressed
[  291.374213][T15244] netlink: 'syz.5.3772': attribute type 1 has an invalid length.
[  291.388441][T15244] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  291.409638][T15239] can0: slcan on ttyS3.
[  291.415739][T15064] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.448988][T15239] can0 (unregistered): slcan off ttyS3.
[  291.456210][T15239] netlink: 'syz.5.3772': attribute type 1 has an invalid length.
[  291.496226][T15241] loop2: detected capacity change from 0 to 512
[  291.566090][T15247] loop6: detected capacity change from 0 to 512
[  291.600492][T15241] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  291.609241][T15241] EXT4-fs (loop2): orphan cleanup on readonly fs
[  291.615675][T15247] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  291.617049][T15241] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.3771: corrupted inode contents
[  291.636011][T15247] EXT4-fs (loop6): orphan cleanup on readonly fs
[  291.638778][T15241] EXT4-fs (loop2): Remounting filesystem read-only
[  291.643701][T15247] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.3773: corrupted inode contents
[  291.661914][T15247] EXT4-fs (loop6): Remounting filesystem read-only
[  291.662211][T15241] EXT4-fs (loop2): 1 truncate cleaned up
[  291.668967][T15247] EXT4-fs (loop6): 1 truncate cleaned up
[  291.676210][ T9781] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  291.690439][ T9781] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  291.702459][ T9781] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  291.713041][ T9781] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  291.723636][ T9781] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  291.734279][ T9781] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  291.745130][T15241] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  291.758498][T15247] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  291.767919][T15241] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.773750][T15247] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.800849][T11549] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.864314][   T29] kauditd_printk_skb: 542 callbacks suppressed
[  291.864329][   T29] audit: type=1326 audit(1756466656.693:14824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15260 comm="syz.1.3776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac358cebe9 code=0x7ffc0000
[  291.870750][T15261] loop1: detected capacity change from 0 to 256
[  291.896019][   T29] audit: type=1326 audit(1756466656.693:14825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15260 comm="syz.1.3776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac358cebe9 code=0x7ffc0000
[  291.901927][T15261] msdos: Bad value for 'uid'
[  291.924338][   T29] audit: type=1326 audit(1756466656.703:14826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15260 comm="syz.1.3776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fac358cebe9 code=0x7ffc0000
[  291.928983][T15261] msdos: Bad value for 'uid'
[  291.953429][   T29] audit: type=1326 audit(1756466656.703:14827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15260 comm="syz.1.3776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fac358cec23 code=0x7ffc0000
[  291.970196][T15261] 9pnet_fd: Insufficient options for proto=fd
[  291.980834][   T29] audit: type=1326 audit(1756466656.703:14828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15260 comm="syz.1.3776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fac358cd69f code=0x7ffc0000
[  292.010660][   T29] audit: type=1326 audit(1756466656.703:14829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15260 comm="syz.1.3776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fac358cec77 code=0x7ffc0000
[  292.014118][T15263] loop1: detected capacity change from 0 to 256
[  292.034331][   T29] audit: type=1326 audit(1756466656.703:14830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15260 comm="syz.1.3776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fac358cd550 code=0x7ffc0000
[  292.034380][   T29] audit: type=1326 audit(1756466656.703:14831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15260 comm="syz.1.3776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fac358ce7eb code=0x7ffc0000
[  292.036832][   T29] audit: type=1326 audit(1756466656.743:14832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15260 comm="syz.1.3776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fac358cd84a code=0x7ffc0000
[  292.041500][T15263] msdos: Bad value for 'uid'
[  292.064568][   T29] audit: type=1326 audit(1756466656.743:14833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15260 comm="syz.1.3776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fac358cd84a code=0x7ffc0000
[  292.139751][T15263] msdos: Bad value for 'uid'
[  292.150616][T15263] 9pnet_fd: Insufficient options for proto=fd
[  292.161706][T15263] loop1: detected capacity change from 0 to 512
[  292.173996][T15263] EXT4-fs: Ignoring removed orlov option
[  292.179847][T15263] EXT4-fs: Ignoring removed nomblk_io_submit option
[  292.182309][T15265] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  292.186546][T15263] ext4: Unknown parameter 'fsname'
[  292.194858][T15265] syzkaller0: entered promiscuous mode
[  292.203970][T15265] syzkaller0: entered allmulticast mode
[  292.214633][T15265] tipc: Resetting bearer <eth:syzkaller0>
[  292.221535][T15264] tipc: Resetting bearer <eth:syzkaller0>
[  292.229020][T15264] tipc: Disabling bearer <eth:syzkaller0>
[  292.328589][T15272] loop2: detected capacity change from 0 to 1024
[  292.335895][T15272] EXT4-fs: Ignoring removed orlov option
[  292.342846][T15272] EXT4-fs: dax option not supported
[  292.373020][T15274] loop2: detected capacity change from 0 to 512
[  292.392312][T15274] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  292.408806][T15274] ext4 filesystem being mounted at /124/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  292.426456][T15280] loop5: detected capacity change from 0 to 1024
[  292.440835][T15280] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  292.462228][T15280] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  292.493896][ T4670] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.504103][T15285] tipc: Started in network mode
[  292.504740][T13351] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.509158][T15285] tipc: Node identity 9acf7421a32, cluster identity 4711
[  292.525227][T15285] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  292.538841][T15285] syzkaller0: entered promiscuous mode
[  292.544343][T15285] syzkaller0: entered allmulticast mode
[  292.549979][T15289] loop2: detected capacity change from 0 to 256
[  292.557225][T15289] msdos: Bad value for 'uid'
[  292.562046][T15287] loop5: detected capacity change from 0 to 512
[  292.565923][T15285] tipc: Resetting bearer <eth:syzkaller0>
[  292.568369][T15289] msdos: Bad value for 'uid'
[  292.575718][T15287] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  292.583789][T15289] 9pnet_fd: Insufficient options for proto=fd
[  292.592503][T15287] EXT4-fs (loop5): 1 truncate cleaned up
[  292.600800][T15287] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  292.601024][T15284] tipc: Resetting bearer <eth:syzkaller0>
[  292.621077][T15284] tipc: Disabling bearer <eth:syzkaller0>
[  292.654118][T15292] __nla_validate_parse: 1 callbacks suppressed
[  292.654134][T15292] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3788'.
[  292.684840][T15297] loop6: detected capacity change from 0 to 256
[  292.692060][T15297] msdos: Bad value for 'uid'
[  292.696687][T15297] msdos: Bad value for 'uid'
[  292.704763][T15297] 9pnet_fd: Insufficient options for proto=fd
[  292.705256][T15298] netlink: 'syz.2.3788': attribute type 1 has an invalid length.
[  292.716287][T15297] loop6: detected capacity change from 0 to 512
[  292.726493][T15297] EXT4-fs: Ignoring removed orlov option
[  292.732566][T15297] EXT4-fs: Ignoring removed nomblk_io_submit option
[  292.739335][T15297] ext4: Unknown parameter 'fsname'
[  292.749310][T15298] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  292.770495][T15292] can0: slcan on ttyS3.
[  292.883293][T15305] netlink: 'syz.2.3788': attribute type 1 has an invalid length.
[  292.891221][T15305] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3788'.
[  292.938906][T15292] can0 (unregistered): slcan off ttyS3.
[  293.288241][T15311] netlink: 'syz.1.3792': attribute type 10 has an invalid length.
[  293.342659][T15308] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3792'.
[  293.403433][T15311] tmpfs: Bad value for 'mpol'
[  293.655300][T15314] loop1: detected capacity change from 0 to 1024
[  293.673506][ T4670] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.691816][T15314] EXT4-fs: Ignoring removed orlov option
[  293.705304][T15321] loop2: detected capacity change from 0 to 512
[  293.711994][T15314] EXT4-fs: dax option not supported
[  293.743552][T15321] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.772555][T15327] loop6: detected capacity change from 0 to 256
[  293.789691][T15321] ext4 filesystem being mounted at /127/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  293.802622][T15327] msdos: Bad value for 'uid'
[  293.807265][T15327] msdos: Bad value for 'uid'
[  293.850090][T15327] 9pnet_fd: Insufficient options for proto=fd
[  293.954682][T13351] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.974335][T15337] netlink: 'syz.5.3804': attribute type 10 has an invalid length.
[  293.983580][T15337] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3804'.
[  293.993172][T15337] tmpfs: Bad value for 'mpol'
[  294.022650][T15346] loop5: detected capacity change from 0 to 512
[  294.023111][T15344] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  294.031127][T15346] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  294.052062][T15346] EXT4-fs (loop5): 1 truncate cleaned up
[  294.058553][T15344] syzkaller0: entered promiscuous mode
[  294.059348][T15346] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.064110][T15344] syzkaller0: entered allmulticast mode
[  294.087411][T15329] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=886 sclass=netlink_route_socket pid=15329 comm=syz.0.3800
[  294.110003][T15344] tipc: Resetting bearer <eth:syzkaller0>
[  294.117038][T15343] tipc: Resetting bearer <eth:syzkaller0>
[  294.125043][T15343] tipc: Disabling bearer <eth:syzkaller0>
[  294.146291][T15342] loop6: detected capacity change from 0 to 512
[  294.169767][T15342] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  294.197390][T15342] EXT4-fs (loop6): orphan cleanup on readonly fs
[  294.266065][T15342] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.3805: corrupted inode contents
[  294.296782][T15342] EXT4-fs (loop6): Remounting filesystem read-only
[  294.304716][T15342] EXT4-fs (loop6): 1 truncate cleaned up
[  294.340623][T15360] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3809'.
[  294.520172][ T9781] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  294.530925][ T9781] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  294.589304][T15363] netlink: 'syz.0.3809': attribute type 1 has an invalid length.
[  294.646215][T15363] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  294.671357][T15360] can0: slcan on ttyS3.
[  294.767304][ T9781] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  294.835147][T15362] can0 (unregistered): slcan off ttyS3.
[  294.844220][T15360] netlink: 'syz.0.3809': attribute type 1 has an invalid length.
[  294.852027][T15360] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3809'.
[  294.915090][T15342] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  295.070742][T15342] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.103094][ T4670] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.117794][T15369] loop1: detected capacity change from 0 to 1024
[  295.140903][T15369] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  295.163508][T15373] loop5: detected capacity change from 0 to 1024
[  295.171761][T15369] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  295.176191][T15373] EXT4-fs: Ignoring removed orlov option
[  295.192112][T15373] EXT4-fs: dax option not supported
[  295.222493][T11549] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.233619][T15382] loop6: detected capacity change from 0 to 256
[  295.254322][T15371] loop2: detected capacity change from 0 to 512
[  295.261534][T15382] msdos: Bad value for 'uid'
[  295.266222][T15382] msdos: Bad value for 'uid'
[  295.275778][T15382] 9pnet_fd: Insufficient options for proto=fd
[  295.287764][T15371] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  295.306194][T15371] EXT4-fs (loop2): orphan cleanup on readonly fs
[  295.317395][T15371] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.3813: corrupted inode contents
[  295.332789][T15371] EXT4-fs (loop2): Remounting filesystem read-only
[  295.340284][T15371] EXT4-fs (loop2): 1 truncate cleaned up
[  295.343799][T15387] netlink: 'syz.1.3816': attribute type 10 has an invalid length.
[  295.355672][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  295.366451][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  295.398240][T15387] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3816'.
[  295.414494][   T12] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  295.420476][T15387] tmpfs: Bad value for 'mpol'
[  295.425299][T15371] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  295.443369][T15371] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.640065][T15396] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=886 sclass=netlink_route_socket pid=15396 comm=syz.5.3818
[  296.233703][T15416] loop5: detected capacity change from 0 to 512
[  296.252351][T15416] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  296.267461][T15416] ext4 filesystem being mounted at /577/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  296.358611][ T4670] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.418898][T15424] loop5: detected capacity change from 0 to 256
[  296.425402][T15425] loop6: detected capacity change from 0 to 1024
[  296.432493][T15424] msdos: Bad value for 'uid'
[  296.437122][T15424] msdos: Bad value for 'uid'
[  296.438339][T15427] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  296.452215][T15424] 9pnet_fd: Insufficient options for proto=fd
[  296.463328][T15424] loop5: detected capacity change from 0 to 512
[  296.470682][T15424] EXT4-fs: Ignoring removed orlov option
[  296.476503][T15424] EXT4-fs: Ignoring removed nomblk_io_submit option
[  296.483358][T15424] ext4: Unknown parameter 'fsname'
[  296.493110][T15428] syzkaller0: entered promiscuous mode
[  296.498839][T15428] syzkaller0: entered allmulticast mode
[  296.499614][T15425] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.508818][T15427] tipc: Resetting bearer <eth:syzkaller0>
[  296.528767][T15425] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  296.546046][T15426] tipc: Resetting bearer <eth:syzkaller0>
[  296.560607][T15426] tipc: Disabling bearer <eth:syzkaller0>
[  296.575045][T15064] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.603552][T15438] loop6: detected capacity change from 0 to 1024
[  296.644164][T15438] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.658082][T15438] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  296.675019][T15444] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3835'.
[  296.694287][   T41] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  296.706749][   T41] EXT4-fs (loop6): This should not happen!! Data will be lost
[  296.706749][   T41] 
[  296.716514][   T41] EXT4-fs (loop6): Total free blocks count 0
[  296.722627][   T41] EXT4-fs (loop6): Free/Dirty block details
[  296.728536][   T41] EXT4-fs (loop6): free_blocks=20480
[  296.733826][   T41] EXT4-fs (loop6): dirty_blocks=64
[  296.738932][   T41] EXT4-fs (loop6): Block reservation details
[  296.744994][   T41] EXT4-fs (loop6): i_reserved_data_blocks=4
[  296.751288][T15449] netlink: 'syz.0.3835': attribute type 1 has an invalid length.
[  296.761603][T15449] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  296.781076][T15449] can0: slcan on ttyS3.
[  296.788856][T15064] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.805967][T15450] loop1: detected capacity change from 0 to 512
[  296.838179][T15450] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  296.846371][T15450] EXT4-fs (loop1): orphan cleanup on readonly fs
[  296.847510][T15444] netlink: 'syz.0.3835': attribute type 1 has an invalid length.
[  296.860566][T15444] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3835'.
[  296.871534][T15449] can0 (unregistered): slcan off ttyS3.
[  296.879464][T15450] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.3836: corrupted inode contents
[  297.049774][T15450] EXT4-fs (loop1): Remounting filesystem read-only
[  297.056689][T15450] EXT4-fs (loop1): 1 truncate cleaned up
[  297.123504][T15455] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=886 sclass=netlink_route_socket pid=15455 comm=syz.6.3837
[  297.138793][T15461] loop2: detected capacity change from 0 to 512
[  297.151312][T15461] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  297.166275][T15461] ext4 filesystem being mounted at /132/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  297.284985][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  297.295707][   T12] __quota_error: 483 callbacks suppressed
[  297.295724][   T12] Quota error (device loop1): write_blk: dquota write failed
[  297.309008][   T12] Quota error (device loop1): remove_free_dqentry: Can't write block (5) with free entries
[  297.319075][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  297.329748][   T12] Quota error (device loop1): write_blk: dquota write failed
[  297.337183][   T12] Quota error (device loop1): free_dqentry: Can't move quota data block (5) to free list
[  297.355417][   T12] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  297.365620][   T12] Quota error (device loop1): v2_write_file_info: Can't write info structure
[  297.374719][   T12] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  297.385548][T13351] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.395706][T15450] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  297.417670][T15450] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.430693][T15467] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  297.445109][T15467] syzkaller0: entered promiscuous mode
[  297.450709][T15467] syzkaller0: entered allmulticast mode
[  297.463637][T15467] tipc: Resetting bearer <eth:syzkaller0>
[  297.476151][T15466] tipc: Resetting bearer <eth:syzkaller0>
[  297.483989][T15466] tipc: Disabling bearer <eth:syzkaller0>
[  297.599957][   T29] audit: type=1326 audit(1756466662.433:15305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15473 comm="syz.5.3843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a4efeebe9 code=0x7ffc0000
[  297.626463][T15474] loop5: detected capacity change from 0 to 256
[  297.631809][T15476] loop1: detected capacity change from 0 to 1024
[  297.649124][T15474] msdos: Bad value for 'uid'
[  297.653878][T15474] msdos: Bad value for 'uid'
[  297.660526][T15476] EXT4-fs: Ignoring removed orlov option
[  297.662881][T15474] 9pnet_fd: Insufficient options for proto=fd
[  297.666347][T15476] EXT4-fs: dax option not supported
[  297.672591][   T29] audit: type=1326 audit(1756466662.453:15306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15473 comm="syz.5.3843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a4efeebe9 code=0x7ffc0000
[  297.701660][   T29] audit: type=1326 audit(1756466662.453:15307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15473 comm="syz.5.3843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f9a4efeebe9 code=0x7ffc0000
[  297.725629][   T29] audit: type=1326 audit(1756466662.453:15308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15473 comm="syz.5.3843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f9a4efeec23 code=0x7ffc0000
[  297.732537][T15480] netlink: 'syz.2.3845': attribute type 10 has an invalid length.
[  297.755054][T15474] loop5: detected capacity change from 0 to 512
[  297.764196][T15474] EXT4-fs: Ignoring removed orlov option
[  297.769903][T15474] EXT4-fs: Ignoring removed nomblk_io_submit option
[  297.790935][T15483] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3845'.
[  297.807749][T15474] ext4: Unknown parameter 'fsname'
[  297.813520][T15484] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  297.834514][T15478] tmpfs: Bad value for 'mpol'
[  297.841402][T15484] syzkaller0: entered promiscuous mode
[  297.846985][T15484] syzkaller0: entered allmulticast mode
[  297.861505][T15484] tipc: Resetting bearer <eth:syzkaller0>
[  297.868562][T15482] tipc: Resetting bearer <eth:syzkaller0>
[  297.878715][T15482] tipc: Disabling bearer <eth:syzkaller0>
[  297.921044][T15489] loop2: detected capacity change from 0 to 1024
[  297.960303][T15489] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  297.982466][T15489] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  298.004949][T15498] loop1: detected capacity change from 0 to 512
[  298.013635][T15498] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  298.035638][ T1083] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[  298.048093][ T1083] EXT4-fs (loop2): This should not happen!! Data will be lost
[  298.048093][ T1083] 
[  298.057798][ T1083] EXT4-fs (loop2): Total free blocks count 0
[  298.063853][ T1083] EXT4-fs (loop2): Free/Dirty block details
[  298.069795][ T1083] EXT4-fs (loop2): free_blocks=20480
[  298.075140][ T1083] EXT4-fs (loop2): dirty_blocks=64
[  298.080300][ T1083] EXT4-fs (loop2): Block reservation details
[  298.087127][ T1083] EXT4-fs (loop2): i_reserved_data_blocks=4
[  298.096880][T13351] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.107702][T15498] EXT4-fs (loop1): 1 truncate cleaned up
[  298.113988][T15498] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  298.147638][T15502] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3852'.
[  298.200384][T15503] netlink: 'syz.2.3852': attribute type 1 has an invalid length.
[  298.215114][T15503] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  298.248506][T15502] can0: slcan on ttyS3.
[  298.298872][T15502] can0 (unregistered): slcan off ttyS3.
[  298.307543][T15503] netlink: 'syz.2.3852': attribute type 1 has an invalid length.
[  298.315381][T15503] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3852'.
[  298.527991][T15511] loop2: detected capacity change from 0 to 512
[  298.540600][T15511] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  298.550197][T15511] EXT4-fs (loop2): orphan cleanup on readonly fs
[  298.559513][T15511] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.3855: corrupted inode contents
[  298.572494][T15511] EXT4-fs (loop2): Remounting filesystem read-only
[  298.579173][T15511] EXT4-fs (loop2): 1 truncate cleaned up
[  298.585238][ T1083] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  298.595835][ T1083] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  298.606776][ T1083] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  298.618563][T15511] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  298.631684][T15511] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.728043][T15498] ==================================================================
[  298.736154][T15498] BUG: KCSAN: data-race in filemap_splice_read / filemap_splice_read
[  298.744245][T15498] 
[  298.746588][T15498] write to 0xffff8881097313a8 of 8 bytes by task 15504 on cpu 0:
[  298.754322][T15498]  filemap_splice_read+0x4f4/0x740
[  298.759457][T15498]  ext4_file_splice_read+0x8f/0xb0
[  298.764595][T15498]  splice_direct_to_actor+0x26f/0x680
[  298.769986][T15498]  do_splice_direct+0xda/0x150
[  298.774766][T15498]  do_sendfile+0x380/0x650
[  298.779225][T15498]  __x64_sys_sendfile64+0x105/0x150
[  298.784450][T15498]  x64_sys_call+0x2bb0/0x2ff0
[  298.789157][T15498]  do_syscall_64+0xd2/0x200
[  298.793692][T15498]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.800039][T15498] 
[  298.802366][T15498] write to 0xffff8881097313a8 of 8 bytes by task 15498 on cpu 1:
[  298.810099][T15498]  filemap_splice_read+0x4f4/0x740
[  298.815236][T15498]  ext4_file_splice_read+0x8f/0xb0
[  298.820386][T15498]  splice_direct_to_actor+0x26f/0x680
[  298.825781][T15498]  do_splice_direct+0xda/0x150
[  298.830556][T15498]  do_sendfile+0x380/0x650
[  298.834996][T15498]  __x64_sys_sendfile64+0x105/0x150
[  298.840201][T15498]  x64_sys_call+0x2bb0/0x2ff0
[  298.844879][T15498]  do_syscall_64+0xd2/0x200
[  298.849390][T15498]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.855388][T15498] 
[  298.857729][T15498] value changed: 0x0000000000000c1d -> 0x0000000000000c24
[  298.864836][T15498] 
[  298.867195][T15498] Reported by Kernel Concurrency Sanitizer on:
[  298.873348][T15498] CPU: 1 UID: 0 PID: 15498 Comm: syz.1.3851 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  298.883163][T15498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  298.893215][T15498] ==================================================================
[  298.917295][T11549] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.